def status_from_severity(previous_severity, current_severity, current_status=OPEN):
if current_severity in [severity_code.NORMAL, severity_code.CLEARED, severity_code.OK]:
return CLOSED
if current_status in [CLOSED, EXPIRED]:
return OPEN
if severity.trend(previous_severity, current_severity) == severity_code.MORE_SEVERE:
return OPEN
return current_status
def status_from_severity(previous_severity, current_severity, previous_status=OPEN, current_status=UNKNOWN):
if current_severity in [severity_code.NORMAL, severity_code.CLEARED, severity_code.OK]:
return CLOSED
if current_status in [BLACKOUT, SHELVED]:
return current_status
if previous_status in [BLACKOUT, CLOSED, EXPIRED]:
return OPEN
if severity.trend(previous_severity, current_severity) == severity_code.MORE_SEVERE:
return OPEN
return previous_status
def status_from_severity(previous_severity,
current_severity,
current_status=OPEN):
if current_severity in [
severity_code.NORMAL, severity_code.CLEARED, severity_code.OK
]:
return CLOSED
if current_status in [CLOSED, EXPIRED]:
return OPEN
if severity.trend(previous_severity,
current_severity) == severity_code.MORE_SEVERE:
return OPEN
return current_status
def update(self):
now = datetime.utcnow()
self.previous_severity = db.get_severity(self)
previous_status = db.get_status(self)
self.trend_indication = severity.trend(self.previous_severity, self.severity)
self.status = status_code.status_from_severity(
previous_severity=self.previous_severity,
current_severity=self.severity,
previous_status=previous_status,
current_status=self.status
)
self.duplicate_count = 0
self.repeat = False
self.receive_time = now
self.last_receive_id = self.id
self.last_receive_time = now
history = [History(
id=self.id,
event=self.event,
severity=self.severity,
value=self.value,
text=self.text,
change_type="severity",
update_time=self.create_time
)]
if self.status != previous_status:
history.append(History(
id=self.id,
event=self.event,
status=self.status,
text="correlated alert status change",
change_type="status",
update_time=self.create_time
))
return Alert.from_db(db.correlate_alert(self, history))
def create(self):
if self.status == status_code.UNKNOWN:
status = status_code.status_from_severity(
current_app.config['DEFAULT_PREVIOUS_SEVERITY'], self.severity)
else:
status = self.status
trend_indication = severity.trend(
current_app.config['DEFAULT_PREVIOUS_SEVERITY'], self.severity)
self.status = status
self.duplicate_count = 0
self.repeat = False
self.previous_severity = current_app.config[
'DEFAULT_PREVIOUS_SEVERITY']
self.trend_indication = trend_indication
self.receive_time = datetime.utcnow()
self.last_receive_id = self.id
self.last_receive_time = self.receive_time
self.history = [
History(id=self.id,
event=self.event,
severity=self.severity,
value=self.value,
text=self.text,
change_type='severity',
update_time=self.create_time)
]
if status != self.status:
self.history.append(
History(id=self.id,
event=self.event,
status=status,
text="new alert status change",
change_type='status',
update_time=self.last_receive_time))
return Alert.from_db(db.create_alert(self))
def create(self):
if self.status == status_code.UNKNOWN:
status = status_code.status_from_severity(current_app.config['DEFAULT_PREVIOUS_SEVERITY'], self.severity)
else:
status = self.status
trend_indication = severity.trend(current_app.config['DEFAULT_PREVIOUS_SEVERITY'], self.severity)
self.status = status
self.duplicate_count = 0
self.repeat = False
self.previous_severity = current_app.config['DEFAULT_PREVIOUS_SEVERITY']
self.trend_indication = trend_indication
self.receive_time = datetime.utcnow()
self.last_receive_id = self.id
self.last_receive_time = self.receive_time
self.history = [History(
id=self.id,
event=self.event,
severity=self.severity,
value=self.value,
text=self.text,
change_type='severity',
update_time=self.create_time
)]
if status != self.status:
self.history.append(History(
id=self.id,
event=self.event,
status=status,
text="new alert status change",
change_type='status',
update_time=self.last_receive_time
))
return Alert.from_db(db.create_alert(self))
def update(self):
now = datetime.utcnow()
self.previous_severity = db.get_severity(self)
previous_status = db.get_status(self)
self.trend_indication = severity.trend(self.previous_severity, self.severity)
if self.status == status_code.UNKNOWN:
self.status = status_code.status_from_severity(self.previous_severity, self.severity, previous_status)
self.duplicate_count = 0
self.repeat = False
self.receive_time = now
self.last_receive_id = self.id
self.last_receive_time = now
history = [History(
id=self.id,
event=self.event,
severity=self.severity,
value=self.value,
text=self.text,
change_type="severity",
update_time=now
)]
if self.status != previous_status:
history.append(History(
id=self.id,
event=self.event,
status=self.status,
text="correlated alert status change",
change_type="status",
update_time=now
))
return Alert.from_db(db.correlate_alert(self, history))