def test_alert_subject_size_limit_no_args():
rule = {
'name': 'test_rule',
'type': mock_rule(),
'owner': 'the_owner',
'priority': 2,
'alert_subject': 'A very long subject',
'alert_subject_max_len': 5
}
alert = Alerter(rule)
alertSubject = alert.create_custom_title([{'test_term': 'test_value', '@timestamp': '2014-10-31T00:00:00'}])
assert 5 == len(alertSubject)
def test_alert_subject_size_limit_with_args(ea):
rule = {
'name': 'test_rule',
'type': mock_rule(),
'owner': 'the_owner',
'priority': 2,
'alert_subject': 'Test alert for {0} {1}',
'alert_subject_args': ['test_term', 'test.term'],
'alert_subject_max_len': 6
}
alert = Alerter(rule)
alertSubject = alert.create_custom_title([{'test_term': 'test_value', '@timestamp': '2014-10-31T00:00:00'}])
assert 6 == len(alertSubject)
def test_alert_subject_with_jinja():
rule = {
'name': 'test_rule',
'type': mock_rule(),
'owner': 'the_owner',
'priority': 2,
'alert_subject': 'Test alert for {{owner}}; field {{field}}; Abc: {{_data["abc"]}}',
'alert_text_type': "alert_text_jinja",
'jinja_root_name': "_data"
}
match = {
'@timestamp': '2016-01-01',
'field': 'field_value',
'abc': 'abc from match',
}
alert = Alerter(rule)
alertsubject = alert.create_custom_title([match])
assert "Test alert for the_owner;" in alertsubject
assert "field field_value;" in alertsubject
assert "Abc: abc from match" in alertsubject
