def _buildFilter(self, uid, params, specificEventUuids=None):
"""
Construct a dictionary that can be converted into an EventFilter protobuf.
@type params: dictionary
@param params: (optional) Key-value pair of filters for this search.
(default: None)
@type uid: string
@param uid: (optional) Context for the query (default: None)
"""
if params:
log.debug('logging params for building filter: %s', params)
if isinstance(params, basestring):
params = loads(params)
# params comes from the grid's filtering column -
# some of these properties are normal properties on an event
# while others are considered event details. Separate the
# two here.
params, details = self.zep.parseParameterDetails(params)
filterEventUuids = []
# No specific event uuids passed in-
# check for event ids from the grid parameters
if specificEventUuids is None:
log.debug('No specific event uuids were passed in.')
# The evid's from params only ever mean anything for filtering - if
# specific uuids are passed in, this filter will ignore the grid
# parameters and just act on or filter using these specific event uuids.
evid = params.get('evid')
if evid:
if not isinstance(evid, (list, tuple)):
evid = [evid]
filterEventUuids.extend(evid)
# Specific event uuids were passed in, use those for this filter.
else:
log.debug('Specific event uuids passed in: %s', specificEventUuids)
if not isinstance(specificEventUuids, (list, tuple)):
filterEventUuids = [specificEventUuids]
else:
filterEventUuids = specificEventUuids
log.debug('FilterEventUuids is: %s', filterEventUuids)
# 'tags' comes from managed object guids.
# see Zuul/security/security.py
param_tags = params.get('tags')
if params.get('excludeNonActionables') and not Zuul.checkPermission(ZEN_MANAGE_EVENTS, self.context):
if not param_tags:
us = self.context.dmd.ZenUsers.getUserSettings()
param_tags = [IGlobalIdentifier(ar.managedObject()).getGUID() for ar in us.getAllAdminRoles()]
if param_tags:
param_tags = [tag for tag in param_tags if Zuul.checkPermission(ZEN_MANAGE_EVENTS, self.manager.getObject(tag))]
if not param_tags:
param_tags = ['dne'] # Filter everything (except "does not exist'). An empty tag list would be ignored.
filter_params = {
'severity': params.get('severity'),
'status': [i for i in params.get('eventState', [])],
'event_class': filter(None, [params.get('eventClass')]),
'first_seen': params.get('firstTime') and self._timeRange(params.get('firstTime')),
'last_seen': params.get('lastTime') and self._timeRange(params.get('lastTime')),
'status_change': params.get('stateChange') and self._timeRange(params.get('stateChange')),
'uuid': filterEventUuids,
'count_range': params.get('count'),
'element_title': params.get('device'),
'element_sub_title': params.get('component'),
'event_summary': params.get('summary'),
'current_user_name': params.get('ownerid'),
'agent': params.get('agent'),
'monitor': params.get('monitor'),
'fingerprint': params.get('dedupid'),
'tags': param_tags,
'details': details,
'event_key': params.get('eventKey'),
'event_class_key': params.get('eventClassKey'),
'event_group': params.get('eventGroup'),
'message': params.get('message'),
}
parsed_params = self._filterParser.parseParams(params)
filter_params.update(parsed_params)
parsed_details = self._filterParser.parseDetails(details)
if len(parsed_details) > 0:
filter_params['details'].update(parsed_details)
event_filter = self.zep.createEventFilter(**filter_params)
log.debug('Found params for building filter, ended up building the following:')
log.debug(event_filter)
elif specificEventUuids:
# if they passed in specific uuids but not other params
event_filter = self.zep.createEventFilter(
uuid=specificEventUuids
)
else:
log.debug('Did not get parameters, using empty filter.')
event_filter = {}
if uid is None:
uid = self.context
context = resolve_context(uid)
if context and context.id not in ('Events', 'dmd'):
try:
# make a specific instance of tag_filter just for the context tag.
context_tag_filter = {
'tag_uuids': [IGlobalIdentifier(context).getGUID()]
}
# if it exists, filter['tag_filter'] will be a list. just append the special
# context tag filter to whatever that list is.
tag_filter = event_filter.setdefault('tag_filter', [])
tag_filter.append(context_tag_filter)
except TypeError:
if isinstance(context, EventClass):
event_filter['event_class'] = [context.getDmdKey()]
else:
raise Exception('Unknown context %s' % context)
log.debug('Final filter will be:')
log.debug(event_filter)
return event_filter
def _buildFilter(self, uids, params, specificEventUuids=None):
"""
Construct a dictionary that can be converted into an EventFilter protobuf.
@type params: dictionary
@param params: (optional) Key-value pair of filters for this search.
(default: None)
@type uid: string
@param uid: (optional) Context for the query (default: None)
"""
if params:
log.debug('logging params for building filter: %s', params)
if isinstance(params, basestring):
params = loads(params)
# params comes from the grid's filtering column -
# some of these properties are normal properties on an event
# while others are considered event details. Separate the
# two here.
params, details = self.zep.parseParameterDetails(params)
filterEventUuids = []
# No specific event uuids passed in-
# check for event ids from the grid parameters
if specificEventUuids is None:
log.debug('No specific event uuids were passed in.')
# The evid's from params only ever mean anything for filtering - if
# specific uuids are passed in, this filter will ignore the grid
# parameters and just act on or filter using these specific event uuids.
evid = params.get('evid')
if evid:
if not isinstance(evid,(list, tuple)):
evid = [evid]
filterEventUuids.extend(evid)
# Specific event uuids were passed in, use those for this filter.
else:
log.debug('Specific event uuids passed in: %s', specificEventUuids)
if not isinstance(specificEventUuids,(list, tuple)):
filterEventUuids = [specificEventUuids]
else:
filterEventUuids = specificEventUuids
log.debug('FilterEventUuids is: %s', filterEventUuids)
event_filter = self.zep.createEventFilter(
severity = params.get('severity'),
status = [i for i in params.get('eventState', [])],
event_class = filter(None, [params.get('eventClass')]),
first_seen = params.get('firstTime') and self._timeRange(params.get('firstTime')),
last_seen = params.get('lastTime') and self._timeRange(params.get('lastTime')),
status_change = params.get('stateChange') and self._timeRange(params.get('stateChange')),
uuid = filterEventUuids,
count_range = params.get('count'),
element_title = params.get('device'),
element_sub_title = params.get('component'),
event_summary = params.get('summary'),
current_user_name = params.get('ownerid'),
agent = params.get('agent'),
monitor = params.get('monitor'),
fingerprint = params.get('dedupid'),
# 'tags' comes from managed object guids.
# see Zuul/security/security.py
tags = params.get('tags'),
details = details,
event_key = params.get('eventKey'),
event_class_key = params.get('eventClassKey'),
event_group = params.get('eventGroup'),
message = params.get('message'),
)
log.debug('Found params for building filter, ended up building the following:')
log.debug(event_filter)
elif specificEventUuids:
# if they passed in specific uuids but not other params
event_filter = self.zep.createEventFilter(
uuid = specificEventUuids
)
else:
log.debug('Did not get parameters, using empty filter.')
event_filter = {}
if not uids and isinstance(self.context, EventClass):
uids = [self.context]
contexts = (resolve_context(uid) for uid in uids)
context_uuids = []
for context in contexts:
if context and context.id not in ('Events', 'dmd'):
try:
# make a specific instance of tag_filter just for the context tag.
if not context_uuids:
context_tag_filter = {
'tag_uuids': context_uuids
}
# if it exists, filter['tag_filter'] will be a list. just append the special
# context tag filter to whatever that list is.
tag_filter = event_filter.setdefault('tag_filter', [])
tag_filter.append(context_tag_filter)
context_uuids.append(IGlobalIdentifier(context).getGUID())
except TypeError:
if isinstance(context, EventClass):
event_filter['event_class'] = [context.getDmdKey()]
else:
raise Exception('Unknown context %s' % context)
log.debug('Final filter will be:')
log.debug(event_filter)
return event_filter
def _buildFilter(self,
uids,
params,
specificEventUuids=None,
includeContextInUid=True):
"""
Construct a dictionary that can be converted into an EventFilter protobuf.
@type params: dictionary
@param params: (optional) Key-value pair of filters for this search.
(default: None)
@type uids: iterable(string)
@param uids: (optional) Contexts for the query (default: None)
"""
if not uids:
uids = []
elif isinstance(uids, basestring):
uids = [uids]
if params:
log.debug('logging params for building filter: %s', params)
if isinstance(params, basestring):
params = loads(params)
# params comes from the grid's filtering column -
# some of these properties are normal properties on an event
# while others are considered event details. Separate the
# two here.
params, details = self.zep.parseParameterDetails(params)
filterEventUuids = []
# No specific event uuids passed in-
# check for event ids from the grid parameters
if specificEventUuids is None:
log.debug('No specific event uuids were passed in.')
# The evid's from params only ever mean anything for filtering - if
# specific uuids are passed in, this filter will ignore the grid
# parameters and just act on or filter using these specific event uuids.
evid = params.get('evid')
if evid:
if not isinstance(evid, (list, tuple)):
evid = [evid]
filterEventUuids.extend(evid)
# Specific event uuids were passed in, use those for this filter.
else:
log.debug('Specific event uuids passed in: %s',
specificEventUuids)
if not isinstance(specificEventUuids, (list, tuple)):
filterEventUuids = [specificEventUuids]
else:
filterEventUuids = specificEventUuids
log.debug('FilterEventUuids is: %s', filterEventUuids)
# 'tags' comes from managed object guids.
# see Zuul/security/security.py
param_tags = params.get('tags')
if params.get(
'excludeNonActionables') and not Zuul.checkPermission(
ZEN_MANAGE_EVENTS, self.context):
if not param_tags:
us = self.context.dmd.ZenUsers.getUserSettings()
param_tags = [
IGlobalIdentifier(ar.managedObject()).getGUID()
for ar in us.getAllAdminRoles()
]
if param_tags:
param_tags = [
tag for tag in param_tags if Zuul.checkPermission(
ZEN_MANAGE_EVENTS, self.manager.getObject(tag))
]
if not param_tags:
param_tags = [
'dne'
] # Filter everything (except "does not exist'). An empty tag list would be ignored.
filter_params = {
'severity':
params.get('severity'),
'status': [i for i in params.get('eventState', [])],
'event_class':
filter(None, [params.get('eventClass')]),
'first_seen':
params.get('firstTime')
and self._timeRange(params.get('firstTime')),
'last_seen':
params.get('lastTime')
and self._timeRange(params.get('lastTime')),
'status_change':
params.get('stateChange')
and self._timeRange(params.get('stateChange')),
'uuid':
filterEventUuids,
'count_range':
params.get('count'),
'element_title':
params.get('device'),
'element_sub_title':
params.get('component'),
'event_summary':
params.get('summary'),
'current_user_name':
params.get('ownerid'),
'agent':
params.get('agent'),
'monitor':
params.get('monitor'),
'fingerprint':
params.get('dedupid'),
'tags':
param_tags,
'details':
details,
'event_key':
params.get('eventKey'),
'event_class_key':
params.get('eventClassKey'),
'event_group':
params.get('eventGroup'),
'message':
params.get('message'),
}
parsed_params = self._filterParser.parseParams(params)
filter_params.update(parsed_params)
parsed_details = self._filterParser.parseDetails(details)
if len(parsed_details) > 0:
filter_params['details'].update(parsed_details)
event_filter = self.zep.createEventFilter(**filter_params)
log.debug(
'Found params for building filter, ended up building the following:'
)
log.debug(event_filter)
elif specificEventUuids:
# if they passed in specific uuids but not other params
event_filter = self.zep.createEventFilter(uuid=specificEventUuids)
else:
log.debug('Did not get parameters, using empty filter.')
event_filter = {}
if not uids and includeContextInUid:
uids = [self.context]
contexts = (resolve_context(uid) for uid in uids)
context_uuids = []
for context in contexts:
if context and context.id not in ('Events', 'dmd'):
try:
# make a specific instance of tag_filter just for the context tag.
if not context_uuids:
context_tag_filter = {'tag_uuids': context_uuids}
# if it exists, filter['tag_filter'] will be a list. just append the special
# context tag filter to whatever that list is.
tag_filter = event_filter.setdefault('tag_filter', [])
tag_filter.append(context_tag_filter)
context_uuids.append(IGlobalIdentifier(context).getGUID())
except TypeError:
if isinstance(context, EventClass):
event_filter['event_class'] = [context.getDmdKey()]
else:
raise Exception('Unknown context %s' % context)
log.debug('Final filter will be:')
log.debug(event_filter)
return event_filter
def _buildFilter(self, uids, params, specificEventUuids=None):
"""
Construct a dictionary that can be converted into an EventFilter protobuf.
@type params: dictionary
@param params: (optional) Key-value pair of filters for this search.
(default: None)
@type uids: iterable(string)
@param uids: (optional) Contexts for the query (default: None)
"""
if not uids:
uids=[]
elif isinstance(uids, basestring):
uids = [uids]
if params:
log.debug('logging params for building filter: %s', params)
if isinstance(params, basestring):
params = loads(params)
# params comes from the grid's filtering column -
# some of these properties are normal properties on an event
# while others are considered event details. Separate the
# two here.
params, details = self.zep.parseParameterDetails(params)
filterEventUuids = []
# No specific event uuids passed in-
# check for event ids from the grid parameters
if specificEventUuids is None:
log.debug('No specific event uuids were passed in.')
# The evid's from params only ever mean anything for filtering - if
# specific uuids are passed in, this filter will ignore the grid
# parameters and just act on or filter using these specific event uuids.
evid = params.get('evid')
if evid:
if not isinstance(evid,(list, tuple)):
evid = [evid]
filterEventUuids.extend(evid)
# Specific event uuids were passed in, use those for this filter.
else:
log.debug('Specific event uuids passed in: %s', specificEventUuids)
if not isinstance(specificEventUuids,(list, tuple)):
filterEventUuids = [specificEventUuids]
else:
filterEventUuids = specificEventUuids
log.debug('FilterEventUuids is: %s', filterEventUuids)
event_filter = self.zep.createEventFilter(
severity = params.get('severity'),
status = [i for i in params.get('eventState', [])],
event_class = filter(None, [params.get('eventClass')]),
first_seen = params.get('firstTime') and self._timeRange(params.get('firstTime')),
last_seen = params.get('lastTime') and self._timeRange(params.get('lastTime')),
status_change = params.get('stateChange') and self._timeRange(params.get('stateChange')),
uuid = filterEventUuids,
count_range = params.get('count'),
element_title = params.get('device'),
element_sub_title = params.get('component'),
event_summary = params.get('summary'),
current_user_name = params.get('ownerid'),
agent = params.get('agent'),
monitor = params.get('monitor'),
fingerprint = params.get('dedupid'),
# 'tags' comes from managed object guids.
# see Zuul/security/security.py
tags = params.get('tags'),
details = details,
event_key = params.get('eventKey'),
event_class_key = params.get('eventClassKey'),
event_group = params.get('eventGroup'),
message = params.get('message'),
)
log.debug('Found params for building filter, ended up building the following:')
log.debug(event_filter)
elif specificEventUuids:
# if they passed in specific uuids but not other params
event_filter = self.zep.createEventFilter(
uuid = specificEventUuids
)
else:
log.debug('Did not get parameters, using empty filter.')
event_filter = {}
if not uids and isinstance(self.context, EventClass):
uids = [self.context]
contexts = (resolve_context(uid) for uid in uids)
context_uuids = []
for context in contexts:
if context and context.id not in ('Events', 'dmd'):
try:
# make a specific instance of tag_filter just for the context tag.
if not context_uuids:
context_tag_filter = {
'tag_uuids': context_uuids
}
# if it exists, filter['tag_filter'] will be a list. just append the special
# context tag filter to whatever that list is.
tag_filter = event_filter.setdefault('tag_filter', [])
tag_filter.append(context_tag_filter)
context_uuids.append(IGlobalIdentifier(context).getGUID())
except TypeError:
if isinstance(context, EventClass):
event_filter['event_class'] = [context.getDmdKey()]
else:
raise Exception('Unknown context %s' % context)
log.debug('Final filter will be:')
log.debug(event_filter)
return event_filter
