def on_message(self, body, message): LOG.debug("Received: %s", body) try: pdAlert = AlertDocument.parse_alert(body) except ValueError: return if pdAlert: if not any(tag.startswith('pagerduty') for tag in pdAlert.tags): return # do not trigger new incidents from updates if pdAlert.origin == 'pagerduty/webhook': # set by alerta /pagerduty API endpoint return for tag in pdAlert.tags: if tag.startswith('pagerduty'): _, service = tag.split('=', 1) LOG.info('PagerDuty Incident on %s %s -> %s', service, pdAlert.get_id(), pdAlert.status) incident_key = pdAlert.get_id() if pdAlert.status == status_code.OPEN: self.pd.trigger_event(pdAlert, service, incident_key=incident_key) elif pdAlert.status == status_code.ACK: self.pd.acknowledge_event(pdAlert, service, incident_key=incident_key) elif pdAlert.status == status_code.CLOSED: self.pd.resolve_event(pdAlert, service, incident_key=incident_key)
def on_message(self, body, message): LOG.debug("Received: %s", body) try: mailAlert = AlertDocument.parse_alert(body) except ValueError: return alertid = mailAlert.get_id() severity = mailAlert.severity previous_severity = mailAlert.previous_severity if severity in [severity_code.CRITICAL, severity_code.MAJOR]: LOG.info('%s : Queue email because alert severity is important', alertid) elif previous_severity in [severity_code.CRITICAL, severity_code.MAJOR]: LOG.info('%s : Queue email because alert severity was important', alertid) else: LOG.info('%s : Do not queue email, not important enough', alertid) return hold_time = time.time() + _EMAIL_HOLD_TIME if alertid in self.onhold: if severity == severity_code.NORMAL: LOG.info('%s : De-queue alert because it has been cleared', alertid) del self.onhold[alertid] else: LOG.info('%s : Extend queue on-hold time to %s', alertid, datetime.datetime.fromtimestamp(hold_time).strftime("%c")) self.onhold[alertid] = (mailAlert, hold_time) else: LOG.info('%s : Queued alert on hold until %s', alertid, datetime.datetime.fromtimestamp(hold_time).strftime("%c")) self.onhold[alertid] = (mailAlert, hold_time)
def on_message(self, body, message): LOG.debug("Received: %s", body) try: ircAlert = AlertDocument.parse_alert(body) except ValueError: return if ircAlert: LOG.debug('%s : Send IRC message to %s', ircAlert.get_id(), CONF.irc_channel) msg = '%s [%s] %s - %s %s is %s on %s %s' % ( ircAlert.get_id(short=True), ircAlert.status, ircAlert.environment, ircAlert.severity.capitalize(), ircAlert.event, ircAlert.value, ','.join(ircAlert.service), ircAlert.resource) self.irc.connection.privmsg(CONF.irc_channel, msg)
def on_message(self, body, message): LOG.debug("Received: %s", body) try: mailAlert = AlertDocument.parse_alert(body) except ValueError: return alertid = mailAlert.get_id() severity = mailAlert.severity previous_severity = mailAlert.previous_severity status = mailAlert.status if status not in [status_code.OPEN, status_code.CLOSED]: LOG.info('%s : Do not email alerts with "%s" status', alertid, status) return if severity in [severity_code.CRITICAL, severity_code.MAJOR]: LOG.info('%s : Queue email because alert severity is important', alertid) elif previous_severity in [ severity_code.CRITICAL, severity_code.MAJOR ]: LOG.info('%s : Queue email because alert severity was important', alertid) else: LOG.info('%s : Do not queue email, not important enough', alertid) return hold_time = time.time() + _EMAIL_HOLD_TIME if alertid in self.onhold: if severity == severity_code.NORMAL: LOG.info('%s : De-queue alert because it has been cleared', alertid) del self.onhold[alertid] else: LOG.info( '%s : Extend queue on-hold time to %s', alertid, datetime.datetime.fromtimestamp(hold_time).strftime("%c")) self.onhold[alertid] = (mailAlert, hold_time) else: LOG.info('%s : Queued alert on hold until %s', alertid, datetime.datetime.fromtimestamp(hold_time).strftime("%c")) self.onhold[alertid] = (mailAlert, hold_time)
def on_message(self, body, message): LOG.debug("Received: %s", body) try: logAlert = AlertDocument.parse_alert(body) except ValueError: return if logAlert: LOG.info('%s : [%s] %s', logAlert.last_receive_id, logAlert.status, logAlert.text) source_host, _, source_path = logAlert.resource.partition(':') document = { '@message': logAlert.text, '@source': logAlert.resource, '@source_host': source_host, '@source_path': source_path, '@tags': logAlert.tags, '@timestamp': logAlert.last_receive_time, '@type': logAlert.event_type, '@fields': logAlert.get_body() } LOG.debug('Index payload %s', document) index_url = "http://%s:%s/%s/%s" % (CONF.es_host, CONF.es_port, logAlert.last_receive_time.strftime(CONF.es_index), logAlert.event_type) LOG.debug('Index URL: %s', index_url) try: response = urllib2.urlopen(index_url, json.dumps(document, cls=DateEncoder)).read() except Exception, e: LOG.error('%s : Alert indexing to %s failed - %s', logAlert.last_receive_id, index_url, e) return try: es_id = json.loads(response)['_id'] LOG.info('%s : Alert indexed at %s/%s', logAlert.last_receive_id, index_url, es_id) except Exception, e: LOG.error('%s : Could not parse elasticsearch reponse: %s', e)
def test_date_formats(self): alert = AlertDocument(id=self.ALERTID, resource=self.RESOURCE, event=self.EVENT, environment=self.ENVIRONMENT, severity=self.SEVERITY, correlate=self.CORRELATE, status=self.STATUS, service=self.SERVICE, group=self.GROUP, value=self.VALUE, text=self.TEXT, tags=self.TAGS, attributes={'thresholdInfo': self.THRESHOLD_INFO, 'moreInfo': self.MORE_INFO, 'graphUrls': self.GRAPH_URLS}, origin=self.ORIGIN, event_type=self.EVENT_TYPE, create_time=self.CREATE_TIME, timeout=self.TIMEOUT, raw_data=self.RAW_DATA, duplicate_count=self.DUPLICATE_COUNT, repeat=self.REPEAT, previous_severity=self.PREVIOUS_SEVERITY, trend_indication=self.TREND_INDICATION, receive_time=self.RECEIVE_TIME, last_receive_id=self.ALERTID, last_receive_time=self.RECEIVE_TIME, history=self.HISTORY) print alert.get_date('create_time', 'local') print alert.get_date('create_time', 'iso') print alert.get_date('create_time', 'iso8601') print alert.get_date('create_time', 'rfc') print alert.get_date('create_time', 'rfc2822') print alert.get_date('create_time', 'short') print alert.get_date('create_time', 'epoch') print alert.get_date('create_time', 'raw') print alert.get_date('create_time') print alert.get_date('create_time', 'invalid')