def __init__(self, name, inQueues, outQueue, config_dict=None, number=0):
'''The constructor.'''
get_logger().debug('metadata = %s', config_dict['events_metadata'])
# TODO: Should really parse by comma into list
#self.event_meta = EventsMetadata([config_dict['events_metadata']])
# Dummy Analysis info
self.ai1 = AnalysisInfo('location_test')
self.ai1.add_event_info('Example0', 1, 2, 3)
self.ai1.add_event_info('Example1', 3, 3, 5)
self.ai1.add_event_info('Example2', 3, None, None)
self.ai1.add_event_info('Example3', 3, None, None)
self.ai1.add_event_info('Example4', 3, None, None)
self.ai1.add_event_info('Example5', 3, None, None)
# TODO: Handle alert metadata
if 'mode' in config_dict:
self.mode = config_dict['mode']
else:
self.mode = POOL_MODE_OCCURRED
if 'initial_pool_duration' in config_dict:
self.duration = int(config_dict['initial_pool_duration'])
get_logger().debug('Duration override %s', str(self.duration))
else:
self.duration = 20
self.pool = IncidentPool.new_pool(self.mode, self.duration, None, self.close_callback)
# TODO: creation of alerts
self.count = 0 # start with 1
get_logger().debug('Creating SimpleEventAnalyzerAllAlert')
EventAnalyzer.__init__(self, name, inQueues, outQueue, config_dict=config_dict, number=number)
return
def close_callback(self, reason):
'''Process pool being closed '''
get_logger().debug('close_callback called')
move_forward, make_alerts = self.pool.get_active_incidents()
for event in make_alerts:
self.count += 1
alert = SampleAlert(self.count, 'Alert 02', datetime.now())
alert.raw_data = 'From ' + str(event.rec_id) + ':' + event.event_id
self.send_alert(alert)
new_pool = IncidentPool.new_pool(self.duration, self.mode, self.close_callback)
for event in move_forward:
new_pool.add_incident(event)
self.pool = new_pool
return
def close_event_pool_callback(self, reason, last_rec_id):
'''
Close callback
'''
self.trace_info(str(self.number), 'Pool closed. Reason = {0} Last event = {1}'.format(POOL_CLOSE_REASON_AS_STRING[reason], str(last_rec_id)))
get_logger().debug('Close_callback called')
get_logger().debug(' Pool closing: {0}'.format(str(self.event_pool)))
new_alerts = self.close_pool(self.event_pool)
for alert in new_alerts:
get_logger().debug(' ALERT: creating {0}'.format(str(alert)))
alert_mgr = get_service(SERVICE_ALERT_MGR)
alert_mgr.add_suppressions(alert, self.event_pool.get_suppressed(alert))
self.prioritize_and_send_alerts(new_alerts)
if self.checkpoint is not None:
self.checkpoint.set_checkpoint_from_pool()
if reason != POOL_CLOSE_REASON_SHUTDOWN:
new_pool = IncidentPool.next_pool(self.event_pool)
for event in new_pool.moved_forward:
self.prime_event(event, new_pool)
self.event_pool = new_pool
return
def __init__(self, xml_ruleset_file, config_dict=None, event_input=False, alert_input=False, number=0, name='unnamed', trace=None, send_alert=None, use_checkpoint=True):
'''
Load the list of specified xml ruleset file
'''
dict.__init__(self)
if use_checkpoint == True:
self.checkpoint = RulesetEventCheckpoint(name, self)
else:
self.checkpoint = None
GearEngine.__init__(self, name, number, trace, self.checkpoint)
self.version_id = None
self.trace_id = (0, str(self.number)) #line 0, trace level 1
self.conf_dict = config_dict
self.send_alert = send_alert
self.alert_input = alert_input
self.event_input = event_input
# See if debug environment variable
temp_debug = upper(os.environ.get(TEAL_TEST_GEAR_RULE_DEBUG, 'NO'))
if temp_debug == 'YES' or temp_debug == 'NORMAL':
self.gear_rule_debug = 'N'
elif temp_debug == 'VERBOSE':
self.gear_rule_debug = 'V'
else:
self.gear_rule_debug = None
if self.alert_input:
get_logger().warning('Only event analyzers are supported by GEAR at this time')
raise ValueError
if not event_input: # and not alert_input
get_logger().warning('GEAR analyzer must be an event analyzer')
raise ValueError
self.trace_debug(self.trace_id[1], 'Initializing ruleset id={0} name={1} file={2}'.format(self.number, self.name, xml_ruleset_file))
## Determine mode
if get_service(SERVICE_TIME_MODE) is not None and get_service(SERVICE_TIME_MODE) == 'time_logged':
self.mode = POOL_MODE_LOGGED
else:
self.mode = POOL_MODE_OCCURRED
# See if overridden in config dict
if config_dict is not None and SERVICE_TIME_MODE in config_dict:
conf_rm = config_dict[SERVICE_TIME_MODE]
if conf_rm == 'time_logged':
if self.mode != POOL_MODE_LOGGED:
self.trace_info(self.trace_id[1], 'Time mode forced to time_logged')
self.mode = POOL_MODE_LOGGED
elif conf_rm == 'time_occurred':
if self.mode != POOL_MODE_OCCURRED:
self.trace_info(self.trace_id[1], 'Time mode forced to time_occurred')
self.mode = POOL_MODE_OCCURRED
else:
self.config_error('Invalid configuration specification for {0}: {1}'.format(SERVICE_TIME_MODE, config_dict[SERVICE_TIME_MODE]))
self[GRSE_GEAR_CTL] = GearControl(self)
self[GRSE_EVENTS] = AnalysisInfo(self)
self[GRSE_CONSTANTS] = GearConstants(self)
self[GRSE_POOL_CTL] = GearPoolControl(config_dict, self)
self[GRSE_ANALYZE] = GearAnalyzeRules(self)
self[GRSE_TEMPLATES] = GearTemplates(self)
self.xml_ruleset_file = xml_ruleset_file
self.description = 'Loaded from file {0}'.format(str(xml_ruleset_file))
self._parse_file(xml_ruleset_file)
# Check how to determine how to decided if will analyze
if self[GRSE_GEAR_CTL].use_event_regx:
self.will_analyze_event = self.will_analyze_event_regx
self.will_analyze_event_validation = self.will_analyze_event_validation_regx
# Templates don't resolve and validate
self[GRSE_CONSTANTS].resolve_and_validate()
self[GRSE_ANALYZE].resolve_and_validate()
#self[GRSE_POOL_CLOSURE].resolve_and_validate()
self[GRSE_POOL_CTL].resolve_and_validate()
if self.event_input:
if (not self[GRSE_GEAR_CTL].use_event_regx) and \
len(self[GRSE_EVENTS].event_info) == 0:
self.parse_error(self.trace_id[0], 'events to analyze must be specified either using the \'events\' element or the \'will_analyze\' element')
# Setup the initial pool
# Only use timers if in realtime mode
if get_service(SERVICE_RUN_MODE) is not None and get_service(SERVICE_RUN_MODE) == RUN_MODE_REALTIME:
t_use_timer = True
if os.environ.get(TEAL_TEST_POOL_TIMERS_OFF, 'NO') == 'YES':
get_logger().warning('Timers were turned off by environment variable: {0}'.format(TEAL_TEST_POOL_TIMERS_OFF))
t_use_timer = False
else:
t_use_timer = False
# create the pool
self.event_pool = IncidentPool.new_pool(self.mode, self._get_init_duration(),
self._get_max_duration(),
self.close_event_pool_callback,
msg_target=MsgTargetLogger(self.get_tracer(), prefix='GTP[{0}.P]'.format(self.number)),
use_timer=t_use_timer,
arrival_check_ctl=self[GRSE_POOL_CTL][GPCL_ARRIVAL_RATE_EXTENSION])
# Check environment variable to see if alert prioritization should be done
if upper(os.environ.get(TEAL_ALERT_PRIORITIZATION, 'YES')) == 'YES':
self.prioritize_and_send_alerts = self._prioritize_and_send_alerts_ACTIVE
else:
get_logger().info('Alert prioritization has been turned off')
self.prioritize_and_send_alerts = self._prioritize_and_send_alerts_NO_PRIORITY
return
