def test_invalid(self):
with self.app.test_request_context('/'):
self.app.preprocess_request()
with self.assertRaises(Exception) as e:
process_alert(Alert(resource='foo', event='bar',
environment='Development', service=['Svc'], severity='baz'))
exc = e.exception
self.assertEqual(str(exc)[:70], 'Severity (baz) is not one of security, critical, major, minor, warning')
def test_invalid(self):
with self.app.test_request_context('/'):
self.app.preprocess_request()
with self.assertRaises(Exception) as e:
process_alert(Alert(resource='foo', event='bar',
environment='Development', service=['Svc'], severity='baz'))
exc = e.exception
self.assertEqual(str(exc)[:64], 'Severity is not one of security, critical, major, minor, warning')
def grafana():
alerts = []
data = request.json
if data and data['state'] == 'alerting':
for match in data.get('evalMatches', []):
try:
incomingAlert = parse_grafana(data, match, request.args)
except ValueError as e:
return jsonify(status='error', message=str(e)), 400
incomingAlert.customer = assign_customer(wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
return jsonify(status='error', message=str(e)), 403
except Exception as e:
return jsonify(status='error', message=str(e)), 500
alerts.append(alert)
elif data and data['state'] == 'ok' and data.get('ruleId', None):
try:
query = qb.from_dict({'attributes.ruleId': str(data['ruleId'])})
existingAlerts = Alert.find_all(query)
except Exception as e:
raise ApiError(str(e), 500)
for updateAlert in existingAlerts:
updateAlert.severity = 'normal'
updateAlert.status = 'closed'
try:
alert = process_alert(updateAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
alerts.append(alert)
else:
raise ApiError('no alerts in Grafana notification payload', 400)
for alert in alerts:
text = 'grafana alert received via webhook'
write_audit_trail.send(current_app._get_current_object(), event='webhook-received', message=text, user=g.user,
customers=g.customers, scopes=g.scopes, resource_id=alert.id, type='alert', request=request)
if len(alerts) == 1:
return jsonify(status='ok', id=alerts[0].id, alert=alerts[0].serialize), 201
else:
return jsonify(status='ok', ids=[alert.id for alert in alerts]), 201
def test_invalid(self):
with self.app.test_request_context('/'):
self.app.preprocess_request()
with self.assertRaises(Exception) as e:
process_alert(
Alert(resource='foo',
event='bar',
environment='Development',
service=['Svc'],
severity='baz'))
exc = e.exception
self.assertEqual(str(exc), '\'baz\' is not a valid severity')
def grafana():
alerts = []
data = request.json
if data and data['state'] == 'alerting':
for match in data.get('evalMatches', []):
try:
incomingAlert = parse_grafana(data, match)
except ValueError as e:
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
return jsonify(status="error", message=str(e)), 403
except Exception as e:
return jsonify(status="error", message=str(e)), 500
alerts.append(alert)
elif data and data['state'] == 'ok' and data.get('ruleId', None):
try:
query = qb.from_dict({'attributes.ruleId': str(data['ruleId'])})
existingAlerts = Alert.find_all(query)
except Exception as e:
raise ApiError(str(e), 500)
for updateAlert in existingAlerts:
updateAlert.severity = 'normal'
updateAlert.status = 'closed'
try:
alert = process_alert(updateAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
alerts.append(alert)
else:
raise ApiError("no alerts in Grafana notification payload", 400)
if len(alerts) == 1:
return jsonify(status="ok", id=alerts[0].id,
alert=alerts[0].serialize), 201
else:
return jsonify(status="ok", ids=[alert.id for alert in alerts]), 201
def grafana():
alerts = []
data = request.json
if data and data['state'] == 'alerting':
for match in data.get('evalMatches', []):
try:
incomingAlert = parse_grafana(data, match)
except ValueError as e:
return jsonify(status="error", message=str(e)), 400
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
return jsonify(status="error", message=str(e)), 403
except Exception as e:
return jsonify(status="error", message=str(e)), 500
alerts.append(alert)
elif data and data['state'] == 'ok' and data.get('ruleId', None):
try:
query = qb.from_dict({'attributes.ruleId': str(data['ruleId'])})
existingAlerts = Alert.find_all(query)
except Exception as e:
raise ApiError(str(e), 500)
for updateAlert in existingAlerts:
updateAlert.severity = 'normal'
updateAlert.status = 'closed'
try:
alert = process_alert(updateAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
alerts.append(alert)
else:
raise ApiError("no alerts in Grafana notification payload", 400)
if len(alerts) == 1:
return jsonify(status="ok", id=alerts[0].id, alert=alerts[0].serialize), 201
else:
return jsonify(status="ok", ids=[alert.id for alert in alerts]), 201
def incoming(self, path, query_string, payload):
if payload and payload['state'] == 'alerting':
return [parse_grafana(query_string, payload, match) for match in payload.get('evalMatches', [])]
elif payload and payload['state'] == 'ok' and payload.get('ruleId'):
try:
query = qb.alerts.from_params(MultiDict([('attributes.ruleId', str(payload['ruleId']))]))
existingAlerts = Alert.find_all(query)
except Exception as e:
raise ApiError(str(e), 500)
alerts = []
for updateAlert in existingAlerts:
updateAlert.severity = alarm_model.DEFAULT_NORMAL_SEVERITY
updateAlert.status = 'closed'
try:
alert = process_alert(updateAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
alerts.append(alert)
return alerts
else:
raise ApiError('no alerts in Grafana notification payload', 400)
def receive():
try:
incomingAlert = Alert.parse(request.json)
except ValueError as e:
raise ApiError(str(e), 400)
incomingAlert.customer = assign_customer(wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except RateLimit as e:
return jsonify(status='error', message=str(e),
id=incomingAlert.id), 429
except BlackoutPeriod as e:
return jsonify(status='ok', message=str(e), id=incomingAlert.id), 202
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status='ok', id=alert.id, alert=alert.serialize), 201
else:
raise ApiError('insert or update of received alert failed', 500)
def custom(webhook):
try:
incomingAlert = custom_webhooks.webhooks[webhook].incoming(
query_string=request.args,
payload=request.get_json() or request.get_data(as_text=True)
or request.form)
except KeyError as e:
raise ApiError(
"Webhook '%s' not found. Did you mean to use POST instead of GET?"
% webhook, 404)
except ValueError as e:
raise ApiError(str(e), 400)
incomingAlert.customer = assign_customer(wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status='ok', id=alert.id, alert=alert.serialize), 201
else:
raise ApiError('insert or update via %s webhook failed' % webhook, 500)
def custom(webhook):
try:
incomingAlert = custom_webhooks.webhooks[webhook].incoming(
query_string=request.args,
payload=request.get_json() or request.get_data(as_text=True)
)
except ValueError as e:
raise ApiError(str(e), 400)
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status="ok", id=alert.id, alert=alert.serialize), 201
else:
raise ApiError("insert or update via %s webhook failed" % webhook, 500)
def prometheus():
alerts = []
if request.json and 'alerts' in request.json:
external_url = request.json.get('externalURL', None)
for alert in request.json['alerts']:
try:
incomingAlert = parse_prometheus(alert, external_url)
except ValueError as e:
raise ApiError(str(e), 400)
incomingAlert.customer = assign_customer(
wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
alerts.append(alert)
else:
raise ApiError('no alerts in Prometheus notification payload', 400)
if len(alerts) == 1:
return jsonify(status='ok', id=alerts[0].id,
alert=alerts[0].serialize), 201
else:
return jsonify(status='ok', ids=[alert.id for alert in alerts]), 201
def receive():
try:
incomingAlert = Alert.parse(request.json)
except ValueError as e:
raise ApiError(str(e), 400)
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except RateLimit as e:
return jsonify(status="error", message=str(e), id=incomingAlert.id), 429
except BlackoutPeriod as e:
return jsonify(status="ok", message=str(e), id=incomingAlert.id), 202
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status="ok", id=alert.id, alert=alert.serialize), 201
else:
raise ApiError("insert or update of received alert failed", 500)
def graylog():
try:
incomingAlert = parse_graylog(request.json)
except ValueError as e:
raise ApiError(str(e), 400)
if request.args.get('event', None):
incomingAlert.event = request.args.get('event')
if request.args.get('event_type', None):
incomingAlert.event_type = request.args.get('event_type')
if request.args.get('environment', None):
incomingAlert.environment = request.args.get('environment')
if request.args.get('service', None):
incomingAlert.service = request.args.get('service').split(",")
if request.args.get('severity', None):
incomingAlert.severity = request.args.get('severity')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status="ok", id=alert.id, alert=alert.serialize), 201
else:
raise ApiError("insert or update of graylog check failed", 500)
def prometheus():
alerts = []
if request.json and 'alerts' in request.json:
external_url = request.json.get('externalURL', None)
for alert in request.json['alerts']:
try:
incomingAlert = parse_prometheus(alert, external_url)
except ValueError as e:
raise ApiError(str(e), 400)
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
alerts.append(alert)
else:
raise ApiError("no alerts in Prometheus notification payload", 400)
if len(alerts) == 1:
return jsonify(status="ok", id=alerts[0].id, alert=alerts[0].serialize), 201
else:
return jsonify(status="ok", ids=[alert.id for alert in alerts]), 201
def test_get_body(self):
from flask import g
with self.app.test_request_context('/'):
g.login = '******'
alert_in = Alert(resource='test1',
event='event1',
environment='Development',
service=['svc1', 'svc2'])
self.assertTrue(isinstance(alert_in.create_time, datetime))
self.assertEqual(alert_in.last_receive_time, None)
self.assertTrue(isinstance(alert_in.receive_time, datetime))
self.assertEqual(alert_in.update_time, None)
body = alert_in.get_body()
self.assertEqual(type(body['createTime']), str)
self.assertEqual(body['lastReceiveTime'], None)
self.assertEqual(type(body['receiveTime']), str)
self.assertEqual(body['updateTime'], None)
alert_out = process_alert(alert_in)
self.assertTrue(isinstance(alert_out.create_time, datetime))
self.assertTrue(isinstance(alert_out.last_receive_time, datetime))
self.assertTrue(isinstance(alert_out.receive_time, datetime))
self.assertTrue(isinstance(alert_out.update_time, datetime))
body = alert_out.get_body()
self.assertEqual(type(body['createTime']), str)
self.assertEqual(type(body['lastReceiveTime']), str)
self.assertEqual(type(body['receiveTime']), str)
self.assertEqual(type(body['updateTime']), str)
def graylog():
try:
incomingAlert = parse_graylog(request.json)
except ValueError as e:
raise ApiError(str(e), 400)
if request.args.get('event', None):
incomingAlert.event = request.args.get('event')
if request.args.get('event_type', None):
incomingAlert.event_type = request.args.get('event_type')
if request.args.get('environment', None):
incomingAlert.environment = request.args.get('environment')
if request.args.get('service', None):
incomingAlert.service = request.args.get('service').split(",")
if request.args.get('severity', None):
incomingAlert.severity = request.args.get('severity')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status="ok", id=alert.id, alert=alert.serialize), 201
else:
raise ApiError("insert or update of graylog check failed", 500)
def receive():
try:
incomingAlert = Alert.parse(request.json)
except ValueError as e:
raise ApiError(str(e), 400)
incomingAlert.customer = assign_customer(wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except RateLimit as e:
return jsonify(status='error', message=str(e), id=incomingAlert.id), 429
except BlackoutPeriod as e:
return jsonify(status='ok', message=str(e), id=incomingAlert.id), 202
except Exception as e:
raise ApiError(str(e), 500)
write_audit_trail.send(current_app._get_current_object(), event='alert-received', message=alert.text, user=g.user,
customers=g.customers, scopes=g.scopes, resource_id=alert.id, type='alert', request=request)
if alert:
return jsonify(status='ok', id=alert.id, alert=alert.serialize), 201
else:
raise ApiError('insert or update of received alert failed', 500)
def incoming(self, query_string, payload):
if payload and payload['state'] == 'alerting':
return [parse_grafana(payload, match, query_string) for match in payload.get('evalMatches', [])]
elif payload and payload['state'] == 'ok' and payload.get('ruleId'):
try:
query = qb.from_dict({'attributes.ruleId': str(payload['ruleId'])})
existingAlerts = Alert.find_all(query)
except Exception as e:
raise ApiError(str(e), 500)
alerts = []
for updateAlert in existingAlerts:
updateAlert.severity = 'normal'
updateAlert.status = 'closed'
try:
alert = process_alert(updateAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
alerts.append(alert)
return alerts
else:
raise ApiError('no alerts in Grafana notification payload', 400)
def test_get_body(self):
from flask import g
with self.app.test_request_context('/'):
g.login = '******'
alert_in = Alert(
resource='test1',
event='event1',
environment='Development',
service=['svc1', 'svc2']
)
self.assertTrue(isinstance(alert_in.create_time, datetime))
self.assertEqual(alert_in.last_receive_time, None)
self.assertTrue(isinstance(alert_in.receive_time, datetime))
self.assertEqual(alert_in.update_time, None)
body = alert_in.get_body()
self.assertEqual(type(body['createTime']), str)
self.assertEqual(body['lastReceiveTime'], None)
self.assertEqual(type(body['receiveTime']), str)
self.assertEqual(body['updateTime'], None)
alert_out = process_alert(alert_in)
self.assertTrue(isinstance(alert_out.create_time, datetime))
self.assertTrue(isinstance(alert_out.last_receive_time, datetime))
self.assertTrue(isinstance(alert_out.receive_time, datetime))
self.assertTrue(isinstance(alert_out.update_time, datetime))
body = alert_out.get_body()
self.assertEqual(type(body['createTime']), str)
self.assertEqual(type(body['lastReceiveTime']), str)
self.assertEqual(type(body['receiveTime']), str)
self.assertEqual(type(body['updateTime']), str)
def newrelic():
try:
incomingAlert = parse_newrelic(request.json)
except ValueError as e:
raise ApiError(str(e), 400)
incomingAlert.customer = assign_customer(wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
text = 'newrelic alert received via webhook'
write_audit_trail.send(current_app._get_current_object(),
event='webhook-received',
message=text,
user=g.user,
customers=g.customers,
scopes=g.scopes,
resource_id=alert.id,
type='alert',
request=request)
if alert:
return jsonify(status='ok', id=alert.id, alert=alert.serialize), 201
else:
raise ApiError('insert or update of New Relic alert failed', 500)
def custom(webhook):
if webhook not in custom_webhooks.webhooks:
raise ApiError("Custom webhook '%s' not found." % webhook, 404)
try:
rv = custom_webhooks.webhooks[webhook].incoming(
query_string=request.args,
payload=request.get_json() or request.get_data(as_text=True)
or request.form)
except Exception as e:
raise ApiError(str(e), 400)
if isinstance(rv, Alert):
rv = [rv]
if isinstance(rv, list):
alerts = []
for alert in rv:
alert.customer = assign_customer(wanted=alert.customer)
add_remote_ip(request, alert)
try:
alert = process_alert(alert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
text = 'alert received via {} webhook'.format(webhook)
write_audit_trail.send(current_app._get_current_object(),
event='webhook-received',
message=text,
user=g.login,
customers=g.customers,
scopes=g.scopes,
resource_id=alert.id,
type='alert',
request=request)
alerts.append(alert)
if len(alerts) == 1:
return jsonify(status='ok',
id=alerts[0].id,
alert=alerts[0].serialize), 201
else:
return jsonify(status='ok',
ids=[alert.id for alert in alerts]), 201
else:
text = 'request received via {} webhook'.format(webhook)
write_audit_trail.send(current_app._get_current_object(),
event='webhook-received',
message=text,
user=g.login,
customers=g.customers,
scopes=g.scopes,
resource_id=None,
type='user-defined',
request=request)
return rv
def custom(webhook):
if webhook not in custom_webhooks.webhooks:
raise ApiError("Custom webhook '%s' not found." % webhook, 404)
try:
rv = custom_webhooks.webhooks[webhook].incoming(
query_string=request.args,
payload=request.get_json() or request.get_data(as_text=True) or request.form
)
except Exception as e:
raise ApiError(str(e), 400)
if isinstance(rv, Alert):
rv = [rv]
if isinstance(rv, list):
alerts = []
for alert in rv:
alert.customer = assign_customer(wanted=alert.customer)
def audit_trail_alert(event: str):
write_audit_trail.send(current_app._get_current_object(), event=event, message=alert.text, user=g.login,
customers=g.customers, scopes=g.scopes, resource_id=alert.id, type='alert',
request=request)
try:
alert = process_alert(alert)
except RejectException as e:
audit_trail_alert(event='alert-rejected')
raise ApiError(str(e), 403)
except RateLimit as e:
audit_trail_alert(event='alert-rate-limited')
return jsonify(status='error', message=str(e), id=alert.id), 429
except HeartbeatReceived as e:
audit_trail_alert(event='alert-heartbeat')
return jsonify(status='ok', message=str(e), id=alert.id), 202
except BlackoutPeriod as e:
audit_trail_alert(event='alert-blackout')
return jsonify(status='ok', message=str(e), id=alert.id), 202
except Exception as e:
raise ApiError(str(e), 500)
text = 'alert received via {} webhook'.format(webhook)
write_audit_trail.send(current_app._get_current_object(), event='webhook-received', message=text,
user=g.login, customers=g.customers, scopes=g.scopes, resource_id=alert.id,
type='alert', request=request)
alerts.append(alert)
if len(alerts) == 1:
return jsonify(status='ok', id=alerts[0].id, alert=alerts[0].serialize), 201
else:
return jsonify(status='ok', ids=[alert.id for alert in alerts]), 201
else:
text = 'request received via {} webhook'.format(webhook)
write_audit_trail.send(current_app._get_current_object(), event='webhook-received', message=text,
user=g.login, customers=g.customers, scopes=g.scopes, resource_id=None,
type='user-defined', request=request)
return rv
def receive():
try:
alert = Alert.parse(request.json)
except ValueError as e:
raise ApiError(str(e), 400)
alert.customer = assign_customer(wanted=alert.customer)
def audit_trail_alert(event: str):
write_audit_trail.send(current_app._get_current_object(),
event=event,
message=alert.text,
user=g.login,
customers=g.customers,
scopes=g.scopes,
resource_id=alert.id,
type='alert',
request=request)
try:
alert = process_alert(alert)
except RejectException as e:
audit_trail_alert(event='alert-rejected')
raise ApiError(str(e), 403)
except RateLimit as e:
audit_trail_alert(event='alert-rate-limited')
return jsonify(status='error', message=str(e), id=alert.id), 429
except HeartbeatReceived as heartbeat:
audit_trail_alert(event='alert-heartbeat')
return jsonify(status='ok', message=str(heartbeat),
id=heartbeat.id), 202
except BlackoutPeriod as e:
audit_trail_alert(event='alert-blackout')
return jsonify(status='ok', message=str(e), id=alert.id), 202
except ForwardingLoop as e:
return jsonify(status='ok', message=str(e)), 202
except AlertaException as e:
raise ApiError(e.message, code=e.code, errors=e.errors)
except Exception as e:
raise ApiError(str(e), 500)
write_audit_trail.send(current_app._get_current_object(),
event='alert-received',
message=alert.text,
user=g.login,
customers=g.customers,
scopes=g.scopes,
resource_id=alert.id,
type='alert',
request=request)
if alert:
return jsonify(status='ok', id=alert.id, alert=alert.serialize), 201
else:
raise ApiError('insert or update of received alert failed', 500)
def custom(webhook):
try:
response = custom_webhooks.webhooks[webhook].incoming(
query_string=request.args,
payload=request.get_json() or request.get_data(as_text=True)
or request.form)
except KeyError as e:
raise ApiError(
"Webhook '%s' not found. Did you mean to use POST instead of GET?"
% webhook, 404)
except ValueError as e:
raise ApiError(str(e), 400)
if isinstance(response, Alert):
response.customer = assign_customer(wanted=response.customer)
add_remote_ip(request, response)
try:
alert = process_alert(response)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
text = '{} alert received via custom webhook'.format(webhook)
write_audit_trail.send(current_app._get_current_object(),
event='webhook-received',
message=text,
user=g.user,
customers=g.customers,
scopes=g.scopes,
resource_id=alert.id,
type='alert',
request=request)
if alert:
return jsonify(status='ok', id=alert.id,
alert=alert.serialize), 201
else:
raise ApiError('insert or update via %s webhook failed' % webhook,
500)
else:
text = '{} request received via custom webhook'.format(webhook)
write_audit_trail.send(current_app._get_current_object(),
event='webhook-received',
message=text,
user=g.user,
customers=g.customers,
scopes=g.scopes,
resource_id=None,
type='user-defined',
request=request)
return jsonify(**response)
def graylog():
try:
incomingAlert = parse_graylog(request.json)
except ValueError as e:
raise ApiError(str(e), 400)
if request.args.get('event', None):
incomingAlert.event = request.args.get('event')
if request.args.get('event_type', None):
incomingAlert.event_type = request.args.get('event_type')
if request.args.get('environment', None):
incomingAlert.environment = request.args.get('environment')
if request.args.get('service', None):
incomingAlert.service = request.args.get('service').split(',')
if request.args.get('severity', None):
incomingAlert.severity = request.args.get('severity')
incomingAlert.customer = assign_customer(wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
text = 'graylog alert received via webhook'
write_audit_trail.send(current_app._get_current_object(),
event='webhook-received',
message=text,
user=g.user,
customers=g.customers,
scopes=g.scopes,
resource_id=alert.id,
type='alert',
request=request)
if alert:
return jsonify(status='ok', id=alert.id, alert=alert.serialize), 201
else:
raise ApiError('insert or update of graylog check failed', 500)
def prometheus():
alerts = []
if request.json and 'alerts' in request.json:
external_url = request.json.get('externalURL', None)
for alert in request.json['alerts']:
try:
incomingAlert = parse_prometheus(alert, external_url)
except ValueError as e:
raise ApiError(str(e), 400)
incomingAlert.customer = assign_customer(
wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
alerts.append(alert)
else:
raise ApiError('no alerts in Prometheus notification payload', 400)
for alert in alerts:
text = 'prometheus alert received via webhook'
write_audit_trail.send(current_app._get_current_object(),
event='webhook-received',
message=text,
user=g.user,
customers=g.customers,
scopes=g.scopes,
resource_id=alert.id,
type='alert',
request=request)
if len(alerts) == 1:
return jsonify(status='ok', id=alerts[0].id,
alert=alerts[0].serialize), 201
else:
return jsonify(status='ok', ids=[alert.id for alert in alerts]), 201
def serverdensity():
try:
incomingAlert = parse_serverdensity(request.json)
except ValueError as e:
raise ApiError(str(e), 400)
incomingAlert.customer = assign_customer(wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status="ok", id=alert.id, alert=alert.serialize), 201
else:
raise ApiError("insert or update of ServerDensity alert failed", 500)
def pingdom():
try:
incomingAlert = parse_pingdom(request.json)
except ValueError as e:
raise ApiError(str(e), 400)
incomingAlert.customer = assign_customer(wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status='ok', id=alert.id, alert=alert.serialize), 201
else:
raise ApiError('insert or update of pingdom check failed', 500)
def cloudwatch():
try:
incomingAlert = parse_notification(request.get_json(force=True))
except ValueError as e:
raise ApiError(str(e), 400)
incomingAlert.customer = assign_customer(wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status='ok', id=alert.id, alert=alert.serialize), 201
else:
raise ApiError('insert or update of cloudwatch alarm failed', 500)
def custom(webhook):
try:
incomingAlert = custom_webhooks.webhooks[webhook].incoming(
query_string=request.args,
payload=request.get_json() or request.get_data(as_text=True))
except ValueError as e:
raise ApiError(str(e), 400)
incomingAlert.customer = assign_customer(wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status="ok", id=alert.id, alert=alert.serialize), 201
else:
raise ApiError("insert or update via %s webhook failed" % webhook, 500)
def stackdriver():
try:
incomingAlert = parse_stackdriver(request.get_json(force=True))
except ValueError as e:
raise ApiError(str(e), 400)
incomingAlert.customer = assign_customer(wanted=incomingAlert.customer)
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status="ok", id=alert.id, alert=alert.serialize), 201
else:
raise ApiError("insert or update of StackDriver notification failed",
500)
def serverdensity():
try:
incomingAlert = parse_serverdensity(request.json)
except ValueError as e:
raise ApiError(str(e), 400)
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status="ok", id=alert.id, alert=alert.serialize), 201
else:
raise ApiError("insert or update of ServerDensity alert failed", 500)
def cloudwatch():
try:
incomingAlert = parse_notification(request.data)
except ValueError as e:
raise ApiError(str(e), 400)
if g.get('customer', None):
incomingAlert.customer = g.get('customer')
add_remote_ip(request, incomingAlert)
try:
alert = process_alert(incomingAlert)
except RejectException as e:
raise ApiError(str(e), 403)
except Exception as e:
raise ApiError(str(e), 500)
if alert:
return jsonify(status="ok", id=alert.id, alert=alert.serialize), 201
else:
raise ApiError("insert or update of cloudwatch alarm failed", 500)
def custom(webhook, path):
if webhook not in custom_webhooks.webhooks:
raise ApiError(f"Custom webhook '{webhook}' not found.", 404)
try:
rv = custom_webhooks.webhooks[webhook].incoming(
path=path or request.path,
query_string=request.args,
payload=request.get_json() or request.form
or request.get_data(as_text=True))
except TypeError:
rv = custom_webhooks.webhooks[webhook].incoming(
query_string=request.args,
payload=request.get_json() or request.form
or request.get_data(as_text=True))
except AlertaException as e:
raise ApiError(e.message, code=e.code, errors=e.errors)
except Exception as e:
raise ApiError(str(e), 400)
if isinstance(rv, Alert):
rv = [rv]
if isinstance(rv, list):
alerts = []
for alert in rv:
alert.customer = assign_customer(wanted=alert.customer)
def audit_trail_alert(event: str):
write_audit_trail.send(current_app._get_current_object(),
event=event,
message=alert.text,
user=g.login,
customers=g.customers,
scopes=g.scopes,
resource_id=alert.id,
type='alert',
request=request)
try:
alert = process_alert(alert)
except RejectException as e:
audit_trail_alert(event='alert-rejected')
raise ApiError(str(e), 403)
except RateLimit as e:
audit_trail_alert(event='alert-rate-limited')
return jsonify(status='error', message=str(e),
id=alert.id), 429
except HeartbeatReceived as heartbeat:
audit_trail_alert(event='alert-heartbeat')
return jsonify(status='ok',
message=str(heartbeat),
id=heartbeat.id), 202
except BlackoutPeriod as e:
audit_trail_alert(event='alert-blackout')
return jsonify(status='ok', message=str(e), id=alert.id), 202
except ForwardingLoop as e:
return jsonify(status='ok', message=str(e)), 202
except AlertaException as e:
raise ApiError(e.message, code=e.code, errors=e.errors)
except Exception as e:
raise ApiError(str(e), 500)
text = f'alert received via {webhook} webhook'
write_audit_trail.send(current_app._get_current_object(),
event='webhook-received',
message=text,
user=g.login,
customers=g.customers,
scopes=g.scopes,
resource_id=alert.id,
type='alert',
request=request)
alerts.append(alert)
if len(alerts) == 1:
return jsonify(status='ok',
id=alerts[0].id,
alert=alerts[0].serialize), 201
else:
return jsonify(status='ok',
ids=[alert.id for alert in alerts]), 201
else:
text = f'request received via {webhook} webhook'
write_audit_trail.send(current_app._get_current_object(),
event='webhook-received',
message=text,
user=g.login,
customers=g.customers,
scopes=g.scopes,
resource_id=None,
type='user-defined',
request=request)
return rv
