def _get_report(self, entry):
"""
Format the report to be sent to JIRA
:type entry dict
:rtype: dict
"""
involved_object_name = entry.get('involvedObject', {}).get('name', '')
involved_object_name = re.sub(r'-\d+', '', involved_object_name)
description = self.REPORT_TEMPLATE.format(
message='"{}" has been reported for {}'.format(
self.EVENT_MESSAGE, involved_object_name),
details=json.dumps(entry, indent=True),
dashboard_link=self.get_dashboard_link(
query=involved_object_name)).strip()
report = Report(
summary='Job {} has reached the specified backoff limit'.format(
involved_object_name),
description=description,
label=self.REPORT_LABEL)
report.add_label(KubernetesSource.REPORT_LABEL)
return report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
message = entry.get('rawMessage').encode('utf8')
app_name = entry.get('appname')
description = self.REPORT_TEMPLATE.format(
app_name=app_name,
logger_name=entry.get('logger_name', 'n/a'),
thread_name=entry.get('thread_name', 'n/a'),
stack_trace=entry.get('stack_trace', 'n/a'),
full_message='{}: {}'.format(entry.get('rawLevel'), message),
url=self._get_url_from_entry(entry) or 'n/a'
).strip()
# eg. [discussion] Unable to get the user information for userId: 23912489, Returning the default.
summary = '[{}] {}'.format(entry.get('appname'), message)
report = Report(
summary=summary,
description=description,
label=self.REPORT_LABEL
)
# eg. service_discussion
report.add_label('service_{}'.format(app_name))
return report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
message = entry.get('rawMessage').encode('utf8')
app_name = entry.get('appname')
description = self.REPORT_TEMPLATE.format(
app_name=app_name,
logger_name=entry.get('logger_name', 'n/a'),
thread_name=entry.get('thread_name', 'n/a'),
stack_trace=entry.get('stack_trace', 'n/a'),
full_message='{}: {}'.format(entry.get('rawLevel'), message),
url=self._get_url_from_entry(entry) or 'n/a'
).strip()
# eg. [discussion] Unable to get the user information for userId: 23912489, Returning the default.
summary = '[{}] {}'.format(entry.get('appname'), message)
report = Report(
summary=summary,
description=description,
label=self.REPORT_LABEL
)
# eg. service_discussion
report.add_label('service_{}'.format(app_name))
return report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
context = entry.get('@context')
query = entry.get('@message').strip()
# format the report
full_message = self.FULL_MESSAGE_TEMPLATE.format(
query=query,
function=context.get('method'),
num_rows=context.get('num_rows'),
backtrace=self._get_backtrace_from_exception(
entry.get('@exception'))).strip()
description = self.REPORT_TEMPLATE.format(
env=self._get_env_from_entry(entry),
source_host=entry.get('@source_host', 'n/a'),
context_formatted=json.dumps(entry.get('@context', {}),
indent=True),
fields_formatted=json.dumps(entry.get('@fields', {}), indent=True),
full_message=full_message,
url=self._get_url_from_entry(entry) or 'n/a').strip()
return Report(
summary='[{method}] The database query returns {rows}k+ rows'.
format(method=context.get('method'),
rows=context.get('num_rows') / 1000),
description=description,
label=self.REPORT_LABEL)
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
exception = entry.get('@exception', {})
exception_class = exception.get('class')
message = entry.get('@normalized_message')
report = Report(summary='[{exception}] {message}'.format(
exception=exception_class or 'Error', message=message),
description=self._get_description(entry),
label=self.REPORT_LABEL)
# add a custom, per exception class label
if exception_class is not None:
report.add_label('PHP{}'.format(exception_class))
return report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
exception = entry.get('@exception', {})
# format the report
full_message = self.FULL_MESSAGE_TEMPLATE.format(
assertion=exception.get('message'),
message=entry.get('@message'),
backtrace=self._get_backtrace_from_exception(exception)
).strip()
description = self.REPORT_TEMPLATE.format(
env=self._get_env_from_entry(entry),
source_host=entry.get('@source_host', 'n/a'),
context_formatted=json.dumps(entry.get('@context', {}), indent=True),
fields_formatted=json.dumps(entry.get('@fields', {}), indent=True),
full_message=full_message,
url=self._get_url_from_entry(entry) or 'n/a'
).strip()
return Report(
summary='[Assertion failed] {assertion}'.format(assertion=exception.get('message')),
description=description,
label=self.REPORT_LABEL
)
def _get_report(self, entry):
url = self._get_url_from_entry(entry)
return Report(
summary='Timeout error: {}'.format(url),
description=self.REPORT_TEMPLATE.format(url=url),
label=self.REPORT_LABEL
)
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
exception = entry.get('@exception', {})
exception_class = exception.get('class')
message = entry.get('@normalized_message')
report = Report(
summary='[{exception}] {message}'.format(
exception=exception_class or 'Error',
message=message
),
description=self._get_description(entry),
label=self.REPORT_LABEL
)
# add a custom, per exception class label
if exception_class is not None:
report.add_label('PHP{}'.format(exception_class))
return report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
# format the report
description = self.REPORT_TEMPLATE.format(
message=entry.get('@message'),
context=json.dumps(entry, indent=True)).strip()
return Report(
summary='[Helios] {message}'.format(message=entry.get('@message')),
description=description,
label=self.REPORT_LABEL)
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
message = entry.get('msg').encode('utf8')
namespace = entry.get('namespace', 'main')
description = self.REPORT_TEMPLATE.format(
full_message=message,
error=entry.get('error', 'n/a'),
details=json.dumps(entry, indent=True)).strip()
# eg. [infobox-builder] Translation not found
summary = '[{}] {}'.format(namespace, message)
report = Report(summary=summary,
description=description,
label=self.REPORT_LABEL)
# eg. mercury-infobox-builder
report.add_label('mercury-{}'.format(namespace))
return report
def _get_report(self, entry):
stats = {k: v for k, v in entry.iteritems() if '_avg' in k or '_sum' in k or '_median' in k}
url = '{}/index.php?action=show_query&datasource=localhost&checksum={}'.format(self.ANEMOMETER_URL, entry.get('checksum'))
report = Report(
summary='[Anemometer] {} can be optimized'.format(entry.get('snippet')),
description=self.FULL_MESSAGE_TEMPLATE.format(
query=entry.get('Fingerprint'),
server=entry.get('hostname_max'),
database=entry.get('db_max'),
median=float(entry.get('Query_time_median')),
rows=int(entry.get('rows_sent_avg')),
examined=float(entry.get('Rows_examined_median')),
example=entry.get('sample').encode('utf8'),
url=url,
stats=json.dumps(stats, indent=True),
),
label=self.REPORT_LABEL
)
report.add_label('database')
report.add_label('performance')
return report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
context = entry.get('@context')
query = entry.get('@message').strip()
# format the report
full_message = self.FULL_MESSAGE_TEMPLATE.format(
query=query,
function=context.get('method'),
server=context.get('server'),
backtrace=self._get_backtrace_from_exception(
entry.get('@exception'))).strip()
report = Report(
summary=
'[{method}] The database query should be moved to slave or an offline task'
.format(method=context.get('method')),
description=full_message,
label=self.REPORT_LABEL)
report.add_label('active-active')
report.add_label('database')
return report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
exception = entry.get('exception')
queue = entry.get('kubernetes').get('container_name')
task_id = entry.get('task_id')
description = self.REPORT_TEMPLATE.format(
queue=queue,
error=entry.get('exception'),
details=json.dumps(entry, indent=True),
flower_link='http://celery-flower.{dc}.k8s.wikia.net/task/{task_id}'
.format(dc=entry.get('datacenter').lower(),
task_id=task_id)).strip()
report = Report(summary='Celery worker {} reported: {}'.format(
queue, exception),
description=description,
label=self.REPORT_LABEL)
report.add_label(queue)
return report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
description = self.REPORT_TEMPLATE.format(
env=self._get_env_from_entry(entry),
source_host=entry.get('@source_host', 'n/a'),
context_formatted=json.dumps(entry.get('@context', {}),
indent=True),
fields_formatted=json.dumps(entry.get('@fields', {}), indent=True),
full_message=entry.get('@message'),
url=self._get_url_from_entry(entry) or 'n/a').strip()
return Report(summary=entry.get('@message_normalized'),
description=description,
label=self.REPORT_LABEL)
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
# format the report
description = self.REPORT_TEMPLATE.format(
message=entry.get('@message'),
logger_name=entry.get('logger_name'),
thread_name=entry.get('thread_name'),
stack_trace=entry.get('stack_trace', 'n/a').strip()).strip()
return Report(summary='[Phalanx] {logger_name}: {message}'.format(
logger_name=entry.get('logger_name'),
message=entry.get('@message')),
description=description,
label=self.REPORT_LABEL)
def _get_report(self, entry):
message = entry.get('@message')
app_name = entry.get('appname')
description = self.REPORT_TEMPLATE.format(
full_message='{}: {}'.format(entry.get('level'), message),
app_name=app_name,
source_host=entry.get('@source_host'),
thumb_map=entry.get('thumb-map'),
estimated=entry.get('estimated'),
actual=entry.get('actual')).strip()
return Report(summary='[{}] {}'.format(app_name, message),
description=description,
label=app_name)
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
message = entry.get('msg').encode('utf8')
namespace = entry.get('namespace', 'main')
description = self.REPORT_TEMPLATE.format(
full_message=message,
error=entry.get('error', 'n/a'),
details=json.dumps(entry, indent=True)
).strip()
# eg. [infobox-builder] Translation not found
summary = '[{}] {}'.format(namespace, message)
report = Report(
summary=summary,
description=description,
label=self.REPORT_LABEL
)
# eg. mercury-infobox-builder
report.add_label('mercury-{}'.format(namespace))
return report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
meta = entry.get('meta')
report = entry.get('report')
description = self.REPORT_TEMPLATE.format(
message=report.get('message'),
type=report.get('type'),
table=report.get('table'),
database_name=meta.get('database_name'),
database_version=meta.get('database_version'),
database_host=meta.get('database_host'),
schema=report.get('context', {}).get('schema', '-- n/a'),
version=meta.get('version'),
context=json.dumps(report.get('context'), indent=True)).strip()
_report = Report(summary='{} | {}'.format(report.get('table'),
report.get('message')),
description=description,
label=self.REPORT_LABEL)
_report.add_label('index-digest-{}'.format(report.get('type')))
return _report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
context = entry.get('@context')
# format the report
description = self.FULL_MESSAGE_TEMPLATE.format(
url=self._get_url_from_entry(entry) or 'n/a',
controller=context.get('controller'),
method=context.get('method')
).strip()
return Report(
summary='Consider caching {controller}::{method} wikia.php API responses'.format(
controller=context.get('controller'), method=context.get('method')),
description=description,
label=self.REPORT_LABEL
)
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
message = entry.get('@message').encode('utf8')
description = self.REPORT_TEMPLATE.format(
full_message=message,
error=entry.get('error', 'n/a'),
details=json.dumps(entry, indent=True)
).strip()
report = Report(
summary=message,
description=description,
label=self.REPORT_LABEL
)
return report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
method = get_method_from_query(entry.get('query'))
# format the report
description = self.FULL_MESSAGE_TEMPLATE.format(
db=entry.get('db', 'n/a'),
host=entry.get('@source_host'),
client=entry.get('client', 'n/a'),
query_time=entry.get('query_time', 'n/a'),
method=method,
query=entry.get('query'),
entry=json.dumps(entry, indent=True),
).strip()
return Report(
summary='[{method}] Long running query was killed by pt-kill'.
format(method=method),
description=description,
label=self.REPORT_LABEL)
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
script = entry.get('@fields').get('script_name', '')
message = entry.get('@message').encode('utf8')
error = entry.get('@context').get('error', 'n/a').encode('utf8')
# extract SQL from the error
(error, sql) = self.extract_error_and_sql(error)
description = self.REPORT_TEMPLATE.format(
full_message=message,
error=error,
sql=sql,
details=json.dumps(entry, indent=True)).strip()
report = Report(summary='{} - {}'.format(script, message),
description=description,
label=self.REPORT_LABEL)
return report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
exception = entry.get('@exception', {})
message = exception.get('message')
# remove the caller from a summary
# , called in /foo/bar/class.php on line 140
short_message = re.sub(r', called in (.*)$', '', message)
description = self.REPORT_TEMPLATE.format(
env=self._get_env_from_entry(entry),
source_host=entry.get('@source_host', 'n/a'),
context_formatted=json.dumps(entry.get('@context', {}),
indent=True),
fields_formatted=json.dumps(entry.get('@fields', {}), indent=True),
full_message=message,
url=self._get_url_from_entry(entry) or 'n/a').strip()
return Report(summary=short_message,
description=description,
label=self.REPORT_LABEL)
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
context = entry.get('@context')
query = context.get('query')
normalized = generalize_sql(query)
# remove server IP from error message
error_no_ip = context.get('error').\
replace('({})'.format(context.get('server')), '').\
strip()
# format the report
full_message = self.FULL_MESSAGE_TEMPLATE.format(
message=entry.get('@message', '').strip(),
query=query,
error=error_no_ip,
function=context.get('function'),
server=context.get('server'),
backtrace=self._get_backtrace_from_exception(
entry.get('@exception'))).strip()
description = self.REPORT_TEMPLATE.format(
env=self._get_env_from_entry(entry),
source_host=entry.get('@source_host', 'n/a'),
context_formatted=json.dumps(entry.get('@context', {}),
indent=True),
fields_formatted=json.dumps(entry.get('@fields', {}), indent=True),
full_message=full_message,
url=self._get_url_from_entry(entry) or 'n/a').strip()
return Report(summary='[DB error {err}] {function} - {query}'.format(
err=error_no_ip,
function=context.get('function'),
query=normalized),
description=description,
label=self.REPORT_LABEL)
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
context = entry.get('@context', {})
exception = entry.get('@exception', {})
issue_type = entry.get('issue_type')
message = entry.get('@message')
details = ''
# labels to add a report
labels = ['security']
assert message is not None, '@message should not be empty'
if issue_type == 'CSRF':
assert context.get('hookName') is not None, '@context.hookName should be defined'
# @see https://cwe.mitre.org/data/definitions/352.html
labels.append('CWE-352')
details = """
*A [Cross-site request forgery|https://cwe.mitre.org/data/definitions/352.html] attack is possible here*!
An attacker can make a request on behalf of a current Wikia user.
Please refer to [documentation on Wikia One|https://one.wikia-inc.com/wiki/User_blog:Daniel_Grunwell/Cross-Site_Request_Forgery_and_Nirvana_controllers] on how to protect your code.
*Transaction*: {{{{{transaction}}}}}
*Action performed*: {{{{{action_performed}}}}}
*Token checked*: {token_checked}
*HTTP method checked*: {method_checked}
""".format(
transaction=context.get('transaction'), # e.g. api/nirvana/CreateNewWiki
action_performed=context.get('hookName'), # e.g. WikiFactoryChanged
token_checked='checked' if context.get('editTokenChecked') is True else '*not checked*',
method_checked='checked' if context.get('httpMethodChecked') is True else '*not checked*',
)
# format the report
full_message = self.FULL_MESSAGE_TEMPLATE.format(
message=message,
details=details.strip(),
backtrace=self._get_backtrace_from_exception(exception, offset=5) # skip backtrace to CSRFDetector
).strip()
description = self.REPORT_TEMPLATE.format(
env=self._get_env_from_entry(entry),
source_host=entry.get('@source_host', 'n/a'),
context_formatted=json.dumps(entry.get('@context', {}), indent=True),
fields_formatted=json.dumps(entry.get('@fields', {}), indent=True),
full_message=full_message,
url=self._get_url_from_entry(entry) or 'n/a'
).strip()
report = Report(
summary=message,
description=description,
label=self.REPORT_LABEL
)
# add security issue specific labels
[report.add_label(label) for label in labels]
return report
def _get_report(self, entry):
""" Format the report to be sent to JIRA """
context = entry.get('@context', {})
exception = entry.get('@exception', {})
issue_type = entry.get('issue_type')
message = entry.get('@message')
details = ''
# labels to add a report
labels = ['security']
assert message is not None, '@message should not be empty'
if issue_type == 'CSRF':
assert context.get(
'hookName') is not None, '@context.hookName should be defined'
# @see https://cwe.mitre.org/data/definitions/352.html
labels.append('CWE-352')
details = """
*A [Cross-site request forgery|https://cwe.mitre.org/data/definitions/352.html] attack is possible here*!
An attacker can make a request on behalf of a current Wikia user.
Please refer to [documentation on Confluence|https://wikia-inc.atlassian.net/wiki/display/SEC/Cross-Site+Request+Forgery] on how to protect your code.
*Transaction*: {{{{{transaction}}}}}
*Action performed*: {{{{{action_performed}}}}}
*Token checked*: {token_checked}
*HTTP method checked*: {method_checked}
""".format(
transaction=context.get(
'transaction'), # e.g. api/nirvana/CreateNewWiki
action_performed=context.get(
'hookName'), # e.g. WikiFactoryChanged
token_checked='checked' if
context.get('editTokenChecked') is True else '*not checked*',
method_checked='checked' if
context.get('httpMethodChecked') is True else '*not checked*',
)
# format the report
full_message = self.FULL_MESSAGE_TEMPLATE.format(
message=message,
details=details.strip(),
backtrace=self._get_backtrace_from_exception(
exception, offset=5) # skip backtrace to CSRFDetector
).strip()
description = self.REPORT_TEMPLATE.format(
env=self._get_env_from_entry(entry),
source_host=entry.get('@source_host', 'n/a'),
context_formatted=json.dumps(entry.get('@context', {}),
indent=True),
fields_formatted=json.dumps(entry.get('@fields', {}), indent=True),
full_message=full_message,
url=self._get_url_from_entry(entry) or 'n/a').strip()
report = Report(summary=message,
description=description,
label=self.REPORT_LABEL)
# add security issue specific labels
[report.add_label(label) for label in labels]
return report