def test_acknowledged_incident(self):
incident = add_incident({'eventid': self.event.id, 'element': 'host.cito.com',
'message': 'host is down'}, self.incident_time1)
incident.status = 'Acknowledged'
incident.save()
incident2 = add_incident({'eventid': self.event.id, 'element': 'host.cito.com',
'message': 'host is down'}, self.incident_time1)
self.assertEquals(incident.id, incident2.id,
msg='Acknowledged incident was not appended, new incident created instead.')
def test_cleared_incident(self):
incident = add_incident({'eventid': self.event.id, 'element': 'host.c.com',
'message': 'host is down'}, self.incident_time1)
incident.status = 'Cleared'
incident.save()
incident2 = add_incident({'eventid': self.event.id, 'element': 'host.c.com',
'message': 'host is down'}, self.incident_time1)
self.assertGreater(incident2.id, incident.id,
msg='New incident was not created upon closing a previous one.')
def parse_message(self, sqs_message):
e = []
# decode JSON
try:
parsed_json = simplejson.loads(sqs_message.get_body())
except Exception as exception:
logger.error('Error parsing JSON %s' % exception)
return False
for k in self.message_format:
if not k in parsed_json:
logger.error('MessageTag %s not defined in sqs_message.id:%s, sqs_message_body:%s' %
(k, sqs_message.id, parsed_json))
return False
e = parsed_json['event']
for k in self.event_format:
if not k in e:
logger.error('EventTag %s not defined in sqs_message.id:%s, sqsMessageBody:%s' %
(k, sqs_message.id, parsed_json))
return False
# Add incident to Database
incident = add_incident(e, parsed_json['timestamp'])
# Check incident thresholds and fire events
if incident and incident.status == 'Active':
threads.deferToThread(ProcessIncident, incident, e['message'])
logger.info('MsgOk: EventID:%s, Element:%s, Message%s on Timestamp:%s' % (e['eventid'],
e['element'],
e['message'],
parsed_json['timestamp']))
return True
def test_incident_counts(self):
incident = add_incident({'eventid': self.event.id, 'element': 'host.cito.com',
'message': 'host is down'}, self.incident_time1)
# Check counts
self.assertEqual(Incident.objects.all().count(), 1)
self.assertEquals(incident.total_incidents, 2)
self.assertEqual(IncidentLog.objects.all().count(), 2)
def test_cleared_incident(self):
incident = add_incident(
{
'eventid': self.event.id,
'element': 'host.c.com',
'message': 'host is down'
}, self.incident_time1)
incident.status = 'Cleared'
incident.save()
incident2 = add_incident(
{
'eventid': self.event.id,
'element': 'host.c.com',
'message': 'host is down'
}, self.incident_time1)
self.assertGreater(
incident2.id,
incident.id,
msg='New incident was not created upon closing a previous one.')
def setUp(self, *args, **kwargs):
self.team = factories.TeamFactory(name='TheATeam',description='The awesome A-TestTeam')
self.category = factories.CategoryFactory(categoryType='TestCategoryType')
self.event = factories.EventFactory(summary='TestEventSummary', description='TestEventDescription',
team=self.team, category=self.category)
self.incident_time1 = time()
self.incident_time2 = self.incident_time1 + 10
self.incident_time3 = self.incident_time2 + 10
self.incident = add_incident({'eventid': self.event.id, 'element': 'host.cito.com',
'message': 'host is down'}, self.incident_time1)
def test_incident_counts(self):
incident = add_incident(
{
'eventid': self.event.id,
'element': 'host.cito.com',
'message': 'host is down'
}, self.incident_time1)
# Check counts
self.assertEqual(Incident.objects.all().count(), 1)
self.assertEquals(incident.total_incidents, 2)
self.assertEqual(IncidentLog.objects.all().count(), 2)
def parse_message(self, message):
"""
Parses a message body and returns True if message should be deleted from queeu
:param message:
:return boolena: True if message can be deleted from queue, else False
"""
e = []
# decode JSON
try:
parsed_json = simplejson.loads(message)
except Exception as exception:
logger.error('Error parsing JSON %s' % exception)
return True
for k in self.message_format:
if not k in parsed_json:
logger.error('MessageTag %s not defined in message:%s' %
(k, parsed_json))
return True
e = parsed_json['event']
for k in self.event_format:
if not k in e:
logger.error('EventTag %s not defined in message:%s' %
(k, parsed_json))
return True
# Make sure we received a valid timestamp
try:
timestamp = int(parsed_json['timestamp'])
except Exception as exp:
logger.error('Invalid timestamp in message:%s, reason:%s' % (message, exp))
return True
# Add incident to Database
# This try/except block will catch
# django.db.utils.OperationalError: (2006, 'MySQL server has gone away')
# for a very low traffic server
try:
incident = add_incident(e, timestamp)
except Exception as exp:
logger.error('Could not add incident:%s, reason:%s' % (e, exp))
return False
# Check incident thresholds and fire events
if incident and incident.status == 'Active':
gevent.spawn(ProcessIncident, incident, e['message'])
gevent.sleep(0)
logger.info('MsgOk: EventID:%s, Element:%s, Message:%s on Timestamp:%s' % (e['eventid'],
e['element'],
e['message'],
timestamp))
return True
def test_acknowledged_incident(self):
incident = add_incident(
{
'eventid': self.event.id,
'element': 'host.cito.com',
'message': 'host is down'
}, self.incident_time1)
incident.status = 'Acknowledged'
incident.save()
incident2 = add_incident(
{
'eventid': self.event.id,
'element': 'host.cito.com',
'message': 'host is down'
}, self.incident_time1)
self.assertEquals(
incident.id,
incident2.id,
msg=
'Acknowledged incident was not appended, new incident created instead.'
)
def test_invalid_strings_to_add_incident(self):
"""Sending invalid values for event json
"""
data = dict(eventid=1, element='foo', message='baz')
timestamp = 13439471
# Bad eventid
data['eventid'] = 'a'
response = add_incident(data, timestamp)
self.assertIsNone(response)
# empty eventid
data['eventid'] = ''
response = add_incident(data, timestamp)
self.assertIsNone(response)
# Empty element
data['eventid'] = 1
data['element'] = ''
response = add_incident(data, timestamp)
self.assertIsNone(response)
# Empty message
data['element'] = 'foo'
data['message'] = ''
response = add_incident(data, timestamp)
self.assertIsNone(response)
# No timestamp
response = add_incident(data, '')
self.assertIsNone(response)
# Invalid timestamp
response = add_incident(data, 'foo')
self.assertIsNone(response)
def parse_message(self, message):
"""
Parses a message body and returns True if message should be deleted from queeu
:param message:
:return boolena: True if message can be deleted from queue, else False
"""
e = []
# decode JSON
try:
parsed_json = simplejson.loads(message)
except Exception as exception:
logger.error("Error parsing JSON %s" % exception)
return True
for k in self.message_format:
if not k in parsed_json:
logger.error("MessageTag %s not defined in message:%s" % (k, parsed_json))
return True
e = parsed_json["event"]
for k in self.event_format:
if not k in e:
logger.error("EventTag %s not defined in message:%s" % (k, parsed_json))
return True
# Make sure we received a valid timestamp
try:
timestamp = int(parsed_json["timestamp"])
except Exception as exp:
logger.error("Invalid timestamp in message:%s, reason:%s" % (message, exp))
return True
# Add incident to Database
# This try/except block will catch
# django.db.utils.OperationalError: (2006, 'MySQL server has gone away')
# for a very low traffic server
try:
incident = add_incident(e, timestamp)
except Exception as exp:
logger.error("Could not add incident:%s, reason:%s" % (e, exp))
return False
# Check incident thresholds and fire events
if incident and incident.status == "Active":
gevent.spawn(ProcessIncident, incident, e["message"])
gevent.sleep(0)
logger.info(
"MsgOk: EventID:%s, Element:%s, Message:%s on Timestamp:%s"
% (e["eventid"], e["element"], e["message"], timestamp)
)
return True
def test_incident_timestamps(self):
# check timestamp
t1 = datetime.fromtimestamp(float(self.incident_time1), tz=utc)
t2 = datetime.fromtimestamp(float(self.incident_time2), tz=utc)
incident = add_incident({'eventid': self.event.id, 'element': 'host.cito.com',
'message': 'host is down'}, self.incident_time2)
self.assertEquals((self.incident.firstEventTime-t1).seconds, 0)
self.assertEquals((incident.lastEventTime - incident.firstEventTime).seconds, 10,
msg='LastEventTime:%s-FirsEventTime%s is not 10' %
(self.incident.lastEventTime, self.incident.firstEventTime))
self.assertEquals((incident.lastEventTime-t1).seconds,10)
def setUp(self, *args, **kwargs):
self.team = factories.TeamFactory.create(
name='TheATeam', description='The awesome A-TestTeam')
self.category = factories.CategoryFactory(
categoryType='TestCategoryType')
self.event = factories.EventFactory(summary='TestEventSummary',
description='TestEventDescription',
team=self.team,
category=self.category)
self.incident_time1 = time()
self.incident_time2 = self.incident_time1 + 10
self.incident_time3 = self.incident_time2 + 10
self.incident = add_incident(
{
'eventid': self.event.id,
'element': 'host.cito.com',
'message': 'host is down'
}, self.incident_time1)
def test_incident_timestamps(self):
# check timestamp
t1 = datetime.fromtimestamp(float(self.incident_time1), tz=utc)
t2 = datetime.fromtimestamp(float(self.incident_time2), tz=utc)
incident = add_incident(
{
'eventid': self.event.id,
'element': 'host.cito.com',
'message': 'host is down'
}, self.incident_time2)
self.assertEquals((self.incident.firstEventTime - t1).seconds, 0)
self.assertEquals(
(incident.lastEventTime - incident.firstEventTime).seconds,
10,
msg='LastEventTime:%s-FirsEventTime%s is not 10' %
(self.incident.lastEventTime, self.incident.firstEventTime))
self.assertEquals((incident.lastEventTime - t1).seconds, 10)
def test_invalid_strings_to_add_incident(self):
"""Sending invalid values for event json
"""
data = dict(eventid=1,
element='foo',
message='baz')
timestamp = 13439471
# Bad eventid
data['eventid'] = 'a'
response = add_incident(data, timestamp)
self.assertIsNone(response)
# empty eventid
data['eventid'] = ''
response = add_incident(data, timestamp)
self.assertIsNone(response)
# Empty element
data['eventid'] = 1
data['element'] = ''
response = add_incident(data, timestamp)
self.assertIsNone(response)
# Empty message
data['element'] = 'foo'
data['message'] = ''
response = add_incident(data, timestamp)
self.assertIsNone(response)
# No timestamp
response = add_incident(data, '')
self.assertIsNone(response)
# Invalid timestamp
response = add_incident(data, 'foo')
self.assertIsNone(response)
