def begin(self):
"""
If incident is suppressed, do nothing.
Else execute EventActions
"""
# Log if incident is already suppressed
if self.incident.is_suppressed:
incidentauditlog(incident=self.incident,
message='IncidentID:%s is suppressed' %
self.incident.id)
# Check suppression pipeline
elif SuppressorPipeLine().is_suppressed(incident=self.incident):
self.incident.suppressed()
incidentauditlog(
incident=self.incident,
message=
'IncidentID:%s found in suppression pipline, it is now suppressed.'
% self.incident.id)
# Process incident normally
else:
for event_action in EventAction.objects.filter(
event=self.incident.event, isEnabled=True):
if self.check_incident_threshold(event_action):
self.execute_plugin(event_action)
def is_suppressed(self, incident):
if incident is None:
raise ValueError('SuppressorPipeLine called with an empty incident')
self._incident = incident
if self.is_event_suppressed or self.is_element_suppressed or self.is_element_and_event_suppressed:
incidentauditlog(message=self.msg, incident=self._incident, level='DEBUG')
return True
else:
return False
def is_suppressed(self, incident):
if incident is None:
raise ValueError(
'SuppressorPipeLine called with an empty incident')
self._incident = incident
if self.is_event_suppressed or self.is_element_suppressed or self.is_element_and_event_suppressed:
incidentauditlog(message=self.msg,
incident=self._incident,
level='DEBUG')
return True
else:
return False
def begin(self):
"""
If incident is suppressed, do nothing.
Else execute EventActions
"""
# Log if incident is already suppressed
if self.incident.is_suppressed:
incidentauditlog(incident=self.incident, message='IncidentID:%s is suppressed' % self.incident.id)
# Check suppression pipeline
elif SuppressorPipeLine().is_suppressed(incident=self.incident):
self.incident.suppressed()
incidentauditlog(incident=self.incident, message='IncidentID:%s found in suppression pipline, it is now suppressed.' % self.incident.id)
# Process incident normally
else:
for event_action in EventAction.objects.filter(event=self.incident.event, isEnabled=True):
if self.check_incident_threshold(event_action):
self.execute_plugin(event_action)
def is_suppressed(self, incident):
if incident is None:
raise ValueError('SuppressorPipeLine called with an empty incident')
self._incident = incident
if self.is_event_suppressed:
incidentauditlog(message='Incident matches event suppression rule', incident=self._incident)
return True
elif self.is_element_suppressed:
incidentauditlog(message='Incident matches element suppression rule', incident=self._incident)
return True
elif self.is_element_and_event_suppressed:
incidentauditlog(message='Incident matches event and element suppression rule', incident=self._incident)
return True
else:
return False
def is_suppressed(self, incident):
if incident is None:
raise ValueError(
'SuppressorPipeLine called with an empty incident')
self._incident = incident
if self.is_event_suppressed:
incidentauditlog(message='Incident matches event suppression rule',
incident=self._incident)
return True
elif self.is_element_suppressed:
incidentauditlog(
message='Incident matches element suppression rule',
incident=self._incident)
return True
elif self.is_element_and_event_suppressed:
incidentauditlog(
message='Incident matches event and element suppression rule',
incident=self._incident)
return True
else:
return False
