def event_get_handle_results(api_result, context=None):
logging.debug("event_get_handle_results")
events = None
# Only process if we get HTTP result of 200
if api_result.status_code == requests.codes.ok:
print(api_result.text)
results = json.loads(api_result.text)
events = []
# Regression in API changed 'results' to 'items'
# check to handle both
if 'items' in results:
results_key = 'items'
else:
results_key = 'results'
for event in results[results_key]:
if 'sender' in event:
source = Source.dict_to_source(event['source'])
else:
source = None
if 'sender' in event:
sender = Source.dict_to_source(event['sender'])
else:
sender = None
if 'event_class' in event:
event_class = event['event_class']
else:
event_class = None
status = None
if 'status' in event:
status = event['status']
properties = None
if 'properties' in event:
properties = event['properties']
severity = None
if 'severity' in event:
severity = event['severity']
events.append(
Event(event_class=event_class,
fingerprint_fields=event['fingerprintFields'],
first_seen_at=event['firstSeenAt'],
id=event['id'],
last_seen_at=event['lastSeenAt'],
properties=properties,
sender=sender,
severity=severity,
source=source,
status=status,
tenant_id=['tenantId'],
times_seen=event['timesSeen'],
title=event['title']))
return events
def event_get_handle_results(api_result, context=None):
logging.debug("event_get_handle_results")
events = None
# Only process if we get HTTP result of 200
if api_result.status_code == requests.codes.ok:
print(api_result.text)
results = json.loads(api_result.text)
events = []
# Regression in API changed 'results' to 'items'
# check to handle both
if 'items' in results:
results_key = 'items'
else:
results_key = 'results'
for event in results[results_key]:
if 'sender' in event:
source = Source.dict_to_source(event['source'])
else:
source = None
if 'sender' in event:
sender = Source.dict_to_source(event['sender'])
else:
sender = None
if 'event_class' in event:
event_class = event['event_class']
else:
event_class = None
status = None
if 'status' in event:
status = event['status']
properties = None
if 'properties' in event:
properties = event['properties']
severity = None
if 'severity' in event:
severity = event['severity']
events.append(Event(event_class=event_class,
fingerprint_fields=event['fingerprintFields'],
first_seen_at=event['firstSeenAt'],
id=event['id'],
last_seen_at=event['lastSeenAt'],
properties=properties,
sender=sender,
severity=severity,
source=source,
status=status,
tenant_id=['tenantId'],
times_seen=event['timesSeen'],
title=event['title']))
return events
def test_create_bad_sender(self):
try:
source = Source(ref='localhost', _type='host', name='bubba')
ref = 'Hello World'
self.api.event_create(title='Hello World', fingerprint_fields=['@title'], source=source, sender=ref)
self.assertTrue(False)
except ValueError:
pass
def test_constructor_args(self):
ref = 'foo'
_type = 'host'
name = 'bar'
properties = {'red': 1, 'blue': 'foo', 'green': 1.0}
source = Source(ref=ref, _type=_type, name=name, properties=properties)
self.assertEqual(source.ref, ref)
self.assertEqual(source.type, _type)
self.assertEqual(source.name, name)
self.assertEqual(source.properties, properties)
def test_to_json(self):
ref = 'device'
_type = 'blah'
name = 'hello'
properties = {'red': 1, 'blue': 'foo', 'green': 1.0}
source = Source(ref=ref, _type=_type, name=name, properties=properties)
event = RawEvent(title='Hello World', fingerprint_fields=['@title'], source=source)
output = json.dumps(event, sort_keys=True, default=tspapi.event.serialize_instance)
expected = '{"source": {"name": "hello", "properties": {"blue": "foo", "green": 1.0, "red": 1}, ' + \
'"ref": "device", "type": "blah"}, "title": "Hello World"}'
self.assertEqual(expected, output)
def test_repr_(self):
created_at = int(datetime.now().strftime('%s'))
event_id = random.randrange(1, 1000000000)
fingerprint_fields = '@title'
id = random.randrange(1, 1000000000)
event_class = 'CHANGE'
message = TestUtils.random_string(32)
properties = {"foo": "bar", "color": "red"}
received_at = int(datetime.now().strftime('%s'))
sender = TestUtils.random_string(10)
severity = 'INFO'
source = Source(ref=TestUtils.random_string(10), _type='host', name='foobar')
status = 'OPEN'
tags = {"foo": "bar", "color": "red"}
tenant_id = random.randrange(1, 10000000)
title = TestUtils.random_string(16)
raw_event = RawEvent(
created_at=created_at,
event_id=event_id,
event_class=event_class,
fingerprint_fields=fingerprint_fields,
id=id,
message=message,
properties=properties,
received_at=received_at,
sender=sender,
severity=severity,
source=source,
status=status,
tags=tags,
tenant_id=tenant_id,
title=title
)
expected = []
expected.append("RawEvent(created_at={0}".format(created_at, event_id))
expected.append(", event_id='{0}'".format(event_id))
expected.append(", event_class='{0}'".format(event_class))
expected.append(", fingerprint_fields='{0}'".format(fingerprint_fields))
expected.append(", id='{0}'".format(id))
expected.append(", message='{0}'".format(message))
expected.append(", properties={0}".format(properties))
expected.append(", source='{0}'".format(source))
expected.append(", sender='{0}'".format(sender))
expected.append(", severity='{0}'".format(severity))
expected.append(", status='{0}'".format(status))
expected.append(", tags='{0}'".format(tags))
expected.append(", tenant_id={0}".format(tenant_id))
expected.append(", title='{0}')".format(title))
expected = "".join(expected)
self.assertEqual(expected, raw_event.__repr__())
def test_to_json(self):
ref = 'device'
_type = 'blah'
name = 'hello'
properties = {'red': 1, 'blue': 'foo', 'green': 1.0}
source = Source(ref=ref, _type=_type, name=name, properties=properties)
output = json.dumps(source,
sort_keys=True,
default=tspapi.source.serialize_instance)
expected = '{"name": "hello", "properties": {"blue": "foo", "green": 1.0, "red": 1}, ' + \
'"ref": "device", "type": "blah"}'
self.assertEqual(expected, output)
def test_create_event_with_date(self):
source = Source(ref='localhost', _type='host', name='bubba')
dt = datetime.now()
self.api.event_create(created_at=dt, title='Hello World', fingerprint_fields=['@title'], source=source)
def test_properties(self):
properties = {'red': 1, 'blue': 'foo', 'green': 1.0}
source = Source(properties=properties)
self.assertEqual(1, properties['red'])
self.assertEqual('foo', properties['blue'])
self.assertEqual(1.0, properties['green'])
def test_name(self):
name = 'hello'
source = Source(name=name)
self.assertEqual(source.name, name)
def test_type(self):
_type = 'blah'
source = Source(_type=_type)
self.assertEqual(source.type, _type)
def test_ref(self):
ref = 'bar'
source = Source(ref=ref)
self.assertEqual(source.ref, ref)
def test_default_contructor(self):
source = Source()
self.assertIsNone(source.ref)
self.assertIsNone(source.type)
self.assertIsNone(source.name)
self.assertIsNone(source.properties)
def test_create_event_with_finger_print_fields(self):
fingerprint_fields = ['@message']
source = Source(ref='localhost', _type='host', name='bubba')
message = 'hello' + TestUtils.random_string(6)
dt = datetime.now()
self.api.event_create(message=message, created_at=dt, title='Hello World', fingerprint_fields=fingerprint_fields, source=source)
def test_create_event_with_sender(self):
source = Source(ref='localhost', _type='host', name='bubba')
sender = Sender(ref='localhost', _type='host', name='bubba')
self.api.event_create(title='Hello World', fingerprint_fields=['@title'], source=source, sender=sender)
def test_create_event_with_class(self):
source = Source(ref='localhost', _type='host', name='bubba')
title = 'Event class'
event_class = 'MyClass'
self.api.event_create(title=title, fingerprint_fields=['@title'], source=source, event_class=event_class)
def test_create_event_with_properties(self):
source = Source(ref='localhost', _type='host', name='bubba')
title = 'sending tags'
properties = {"foo": "bar"}
self.api.event_create(title=title, fingerprint_fields=['@title'], source=source, properties=properties)