def handle_get(self, request, key):
entity = EmEntity.get(key)
if not entity:
raise EntityNotFoundException(
_('Entity with id %(key)s not found.'))
correlation_filter = entity.get_correlation_filter()
response = self.extract_entity_json_response(entity)
response.update({'correlation_filter': serialize(correlation_filter)})
return response
def _add_data_from_kvstore_to_alert(self, alert_data):
"""
Adds data from the kvstore to the alert
"""
managed_by_type = alert_data['managed_by_type']
managed_by_id = alert_data['managed_by_id']
entity_title = alert_data['entity_title']
if managed_by_type == ALERT_TYPE_ENTITY:
entity = EmEntity.get(managed_by_id)
managed_by_value = entity_title
dimensions = entity.dimensions
else:
group = EMGroup.get(managed_by_id)
managed_by_value = group.title
dimensions = group.filter.to_dict()
alert_data['managed_by_value'] = managed_by_value
alert_data['dimensions'] = dimensions
return alert_data
def make_incident_from_alert(self, result, session_key):
incident = {}
# name of alert triggered
alert_name = result['ss_id']
incident['Alert Name'] = alert_name
# metric being alerted on
metric_name = result['metric_name']
incident['Metric Name'] = metric_name
# State of metric at time of alert. If metric is info, warn, or critical. This is same as 'message_type'
alert_state_and_incident_level = SPLUNK_ALERT_CODE_TO_VICTOROPS_INCIDENT_LEVEL[result['current_state']]
incident['Metric State'] = alert_state_and_incident_level
# if metric improved or degraded
state_change = result['state_change']
incident['Metric State Change'] = state_change
# value of metric at time of alert
metric_value = str(round(float(result['current_value']), 1))
incident['Metric Value'] = metric_value
# Now setting entity and group specific information
# Fetching some variables which are necessary in multiple places later
managed_by_id = result['managed_by_id']
managed_by_type = result.get('managed_by_type', '')
entity_title = result.get('entity_title', '')
aggregation = result.get('aggregation_method', '').lower()
metric_filters_incl = result.get('metric_filters_incl', '')
metric_filters_excl = result.get('metric_filters_excl', '')
split_by = result.get('split_by', '')
split_by_value = result.get(split_by, '')
# Split-by identifier dimensions gives no split_by_value but adds entity_title
if (split_by and not split_by_value):
split_by_value = entity_title
if (metric_filters_incl):
incident['Metric Filters (Inclusive)'] = metric_filters_incl
if (metric_filters_excl):
incident['Metric Filters (Exclusive)'] = metric_filters_excl
# If alert is coming from GROUP...
if result['managed_by_type'] == ALERT_TYPE_GROUP:
group = EMGroup.get(managed_by_id)
filter_dimensions_dict = group.filter.to_dict()
title = group.title
filter_dimensions_formatted = EMSendVictorOpsAlertAction._format_filter_dimensions(filter_dimensions_dict)
workspace_link = self._make_workspace_url(ALERT_TYPE_GROUP, managed_by_id, alert_name)
incident['Group Triggering Alert'] = title
incident['Dimensions on Originating Group'] = filter_dimensions_formatted
incident['Link to Alert Workspace'] = workspace_link
else:
# If alert is coming from ENTITY...
entity = EmEntity.get(managed_by_id)
title = entity_title
filter_dimensions_formatted = EMSendVictorOpsAlertAction._format_filter_dimensions(entity.dimensions)
workspace_link = self._make_workspace_url(ALERT_TYPE_ENTITY, managed_by_id, alert_name)
incident['Host Triggering Alert'] = entity_title
incident['Dimensions on Originating Host'] = filter_dimensions_formatted
incident['Link to Alert Workspace'] = workspace_link
# Lastly, setting victorops-specific info
# message_type tells VO whether incident is info, warn, or critical
incident['message_type'] = alert_state_and_incident_level
# entity_id is incident's uuid. It lets you update the incident. It has nothing to do with SII entity concept.
incident['entity_id'] = '%s_%s' % (managed_by_id, metric_name)
# VO uses message to populate emails, service now tickets, slack etc
# Group (or entity) split-by alert
if (split_by != 'None'):
split_by_clause = (
' ({aggregation}) on {managed_by_type}: {title}, {split_by}: '
'{split_by_value}'
).format(
managed_by_type=managed_by_type,
title=title,
split_by=split_by,
split_by_value=split_by_value,
aggregation=aggregation
)
# Entity or group aggregation alert
else:
split_by_clause = (
' ({aggregation}) on {managed_by_type}: {title}'
).format(
managed_by_type=managed_by_type,
title=title,
aggregation=aggregation
)
message = '{metric_name} {state_change}s to {metric_value}{split_by_clause}'.format(
metric_name=metric_name,
state_change=state_change,
metric_value=metric_value,
split_by_clause=split_by_clause
)
incident['state_message'] = message
incident['entity_display_name'] = message
return incident