def falsepositive():
"""Mark alerts with the given fingerprint as falsepositive (silence them).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
record_metadata = hydrate_with_request_headers(request)
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.FALSE_POSITIVE, record_metadata=record_metadata
)
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on falsepositive")
return action_failed("Reporting as false positive failed.")
return action_succeeded("Thanks! We’ve marked this as a false positive")
def resolve():
"""Mark the alert with the given fingerprint as resolved (applies to real-time alerts only).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
record_metadata = hydrate_with_request_headers(request)
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.RESOLVED, record_metadata=record_metadata
)
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on resolved")
return action_failed("Resolution failed for some reason")
return action_succeeded("Thanks for resolving the issue!")
def acknowledge():
"""Mark the alert with the given fingerprint as acknowledged (applies to real-time alerts only).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
record_metadata = hydrate_with_request_headers(request)
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.ACKNOWLEDGE, record_metadata=record_metadata
)
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on acknowledge")
return action_failed("acknowledgement failed for some reason")
return action_succeeded("Thanks for acknowledging!")
def acceptrisk():
"""Accept risk for alerts with the given fingerprint (silence them).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
record_metadata = hydrate_with_request_headers(request)
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.ACCEPT_RISK, record_metadata=record_metadata
)
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on acceptrisk")
return action_failed("acceptrisk failed")
return action_succeeded("Alert successfully marked as accept risk.")
def escalate():
"""Mark the given fingerprint as manually escalated (applied to real-time alerts only).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
record_metadata = hydrate_with_request_headers(request)
# indication that the user addressed the alert and escalate.
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.ESCALATE_MANUALLY, record_metadata=record_metadata
)
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on escalate real time alert")
return action_failed("Escalation failed for some reason")
return action_succeeded("Thanks! This alert has been escalated.")
def snooze():
"""Snooze alerts with the given fingerprint for 30 days (silence them for 30 days).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
expires_at = datetime.utcnow() + timedelta(days=30)
record_metadata = hydrate_with_request_headers(request)
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.SNOOZE, expires_at=expires_at, record_metadata=record_metadata
)
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on snooze")
return action_failed("snooze failed")
return action_succeeded("Alert successfully snoozed.")
def test_request_hydrator(app_context_with_request_hydrator):
request_mock = mock.Mock()
with app_context_with_request_hydrator:
assert hydrate_with_request_headers(request_mock) == request_mock
def test_no_request_hydrator():
api = CometApi()
request_mock = mock.Mock()
with api.create_app().app_context():
assert not hydrate_with_request_headers(request_mock)
