def test_acknowledged_incident(self): incident = add_incident({'eventid': self.event.id, 'element': 'host.cito.com', 'message': 'host is down'}, self.incident_time1) incident.status = 'Acknowledged' incident.save() incident2 = add_incident({'eventid': self.event.id, 'element': 'host.cito.com', 'message': 'host is down'}, self.incident_time1) self.assertEquals(incident.id, incident2.id, msg='Acknowledged incident was not appended, new incident created instead.')
def test_cleared_incident(self): incident = add_incident({'eventid': self.event.id, 'element': 'host.c.com', 'message': 'host is down'}, self.incident_time1) incident.status = 'Cleared' incident.save() incident2 = add_incident({'eventid': self.event.id, 'element': 'host.c.com', 'message': 'host is down'}, self.incident_time1) self.assertGreater(incident2.id, incident.id, msg='New incident was not created upon closing a previous one.')
def parse_message(self, sqs_message): e = [] # decode JSON try: parsed_json = simplejson.loads(sqs_message.get_body()) except Exception as exception: logger.error('Error parsing JSON %s' % exception) return False for k in self.message_format: if not k in parsed_json: logger.error('MessageTag %s not defined in sqs_message.id:%s, sqs_message_body:%s' % (k, sqs_message.id, parsed_json)) return False e = parsed_json['event'] for k in self.event_format: if not k in e: logger.error('EventTag %s not defined in sqs_message.id:%s, sqsMessageBody:%s' % (k, sqs_message.id, parsed_json)) return False # Add incident to Database incident = add_incident(e, parsed_json['timestamp']) # Check incident thresholds and fire events if incident and incident.status == 'Active': threads.deferToThread(ProcessIncident, incident, e['message']) logger.info('MsgOk: EventID:%s, Element:%s, Message%s on Timestamp:%s' % (e['eventid'], e['element'], e['message'], parsed_json['timestamp'])) return True
def test_incident_counts(self): incident = add_incident({'eventid': self.event.id, 'element': 'host.cito.com', 'message': 'host is down'}, self.incident_time1) # Check counts self.assertEqual(Incident.objects.all().count(), 1) self.assertEquals(incident.total_incidents, 2) self.assertEqual(IncidentLog.objects.all().count(), 2)
def test_cleared_incident(self): incident = add_incident( { 'eventid': self.event.id, 'element': 'host.c.com', 'message': 'host is down' }, self.incident_time1) incident.status = 'Cleared' incident.save() incident2 = add_incident( { 'eventid': self.event.id, 'element': 'host.c.com', 'message': 'host is down' }, self.incident_time1) self.assertGreater( incident2.id, incident.id, msg='New incident was not created upon closing a previous one.')
def setUp(self, *args, **kwargs): self.team = factories.TeamFactory(name='TheATeam',description='The awesome A-TestTeam') self.category = factories.CategoryFactory(categoryType='TestCategoryType') self.event = factories.EventFactory(summary='TestEventSummary', description='TestEventDescription', team=self.team, category=self.category) self.incident_time1 = time() self.incident_time2 = self.incident_time1 + 10 self.incident_time3 = self.incident_time2 + 10 self.incident = add_incident({'eventid': self.event.id, 'element': 'host.cito.com', 'message': 'host is down'}, self.incident_time1)
def test_incident_counts(self): incident = add_incident( { 'eventid': self.event.id, 'element': 'host.cito.com', 'message': 'host is down' }, self.incident_time1) # Check counts self.assertEqual(Incident.objects.all().count(), 1) self.assertEquals(incident.total_incidents, 2) self.assertEqual(IncidentLog.objects.all().count(), 2)
def parse_message(self, message): """ Parses a message body and returns True if message should be deleted from queeu :param message: :return boolena: True if message can be deleted from queue, else False """ e = [] # decode JSON try: parsed_json = simplejson.loads(message) except Exception as exception: logger.error('Error parsing JSON %s' % exception) return True for k in self.message_format: if not k in parsed_json: logger.error('MessageTag %s not defined in message:%s' % (k, parsed_json)) return True e = parsed_json['event'] for k in self.event_format: if not k in e: logger.error('EventTag %s not defined in message:%s' % (k, parsed_json)) return True # Make sure we received a valid timestamp try: timestamp = int(parsed_json['timestamp']) except Exception as exp: logger.error('Invalid timestamp in message:%s, reason:%s' % (message, exp)) return True # Add incident to Database # This try/except block will catch # django.db.utils.OperationalError: (2006, 'MySQL server has gone away') # for a very low traffic server try: incident = add_incident(e, timestamp) except Exception as exp: logger.error('Could not add incident:%s, reason:%s' % (e, exp)) return False # Check incident thresholds and fire events if incident and incident.status == 'Active': gevent.spawn(ProcessIncident, incident, e['message']) gevent.sleep(0) logger.info('MsgOk: EventID:%s, Element:%s, Message:%s on Timestamp:%s' % (e['eventid'], e['element'], e['message'], timestamp)) return True
def test_acknowledged_incident(self): incident = add_incident( { 'eventid': self.event.id, 'element': 'host.cito.com', 'message': 'host is down' }, self.incident_time1) incident.status = 'Acknowledged' incident.save() incident2 = add_incident( { 'eventid': self.event.id, 'element': 'host.cito.com', 'message': 'host is down' }, self.incident_time1) self.assertEquals( incident.id, incident2.id, msg= 'Acknowledged incident was not appended, new incident created instead.' )
def test_invalid_strings_to_add_incident(self): """Sending invalid values for event json """ data = dict(eventid=1, element='foo', message='baz') timestamp = 13439471 # Bad eventid data['eventid'] = 'a' response = add_incident(data, timestamp) self.assertIsNone(response) # empty eventid data['eventid'] = '' response = add_incident(data, timestamp) self.assertIsNone(response) # Empty element data['eventid'] = 1 data['element'] = '' response = add_incident(data, timestamp) self.assertIsNone(response) # Empty message data['element'] = 'foo' data['message'] = '' response = add_incident(data, timestamp) self.assertIsNone(response) # No timestamp response = add_incident(data, '') self.assertIsNone(response) # Invalid timestamp response = add_incident(data, 'foo') self.assertIsNone(response)
def parse_message(self, message): """ Parses a message body and returns True if message should be deleted from queeu :param message: :return boolena: True if message can be deleted from queue, else False """ e = [] # decode JSON try: parsed_json = simplejson.loads(message) except Exception as exception: logger.error("Error parsing JSON %s" % exception) return True for k in self.message_format: if not k in parsed_json: logger.error("MessageTag %s not defined in message:%s" % (k, parsed_json)) return True e = parsed_json["event"] for k in self.event_format: if not k in e: logger.error("EventTag %s not defined in message:%s" % (k, parsed_json)) return True # Make sure we received a valid timestamp try: timestamp = int(parsed_json["timestamp"]) except Exception as exp: logger.error("Invalid timestamp in message:%s, reason:%s" % (message, exp)) return True # Add incident to Database # This try/except block will catch # django.db.utils.OperationalError: (2006, 'MySQL server has gone away') # for a very low traffic server try: incident = add_incident(e, timestamp) except Exception as exp: logger.error("Could not add incident:%s, reason:%s" % (e, exp)) return False # Check incident thresholds and fire events if incident and incident.status == "Active": gevent.spawn(ProcessIncident, incident, e["message"]) gevent.sleep(0) logger.info( "MsgOk: EventID:%s, Element:%s, Message:%s on Timestamp:%s" % (e["eventid"], e["element"], e["message"], timestamp) ) return True
def test_incident_timestamps(self): # check timestamp t1 = datetime.fromtimestamp(float(self.incident_time1), tz=utc) t2 = datetime.fromtimestamp(float(self.incident_time2), tz=utc) incident = add_incident({'eventid': self.event.id, 'element': 'host.cito.com', 'message': 'host is down'}, self.incident_time2) self.assertEquals((self.incident.firstEventTime-t1).seconds, 0) self.assertEquals((incident.lastEventTime - incident.firstEventTime).seconds, 10, msg='LastEventTime:%s-FirsEventTime%s is not 10' % (self.incident.lastEventTime, self.incident.firstEventTime)) self.assertEquals((incident.lastEventTime-t1).seconds,10)
def setUp(self, *args, **kwargs): self.team = factories.TeamFactory.create( name='TheATeam', description='The awesome A-TestTeam') self.category = factories.CategoryFactory( categoryType='TestCategoryType') self.event = factories.EventFactory(summary='TestEventSummary', description='TestEventDescription', team=self.team, category=self.category) self.incident_time1 = time() self.incident_time2 = self.incident_time1 + 10 self.incident_time3 = self.incident_time2 + 10 self.incident = add_incident( { 'eventid': self.event.id, 'element': 'host.cito.com', 'message': 'host is down' }, self.incident_time1)
def test_incident_timestamps(self): # check timestamp t1 = datetime.fromtimestamp(float(self.incident_time1), tz=utc) t2 = datetime.fromtimestamp(float(self.incident_time2), tz=utc) incident = add_incident( { 'eventid': self.event.id, 'element': 'host.cito.com', 'message': 'host is down' }, self.incident_time2) self.assertEquals((self.incident.firstEventTime - t1).seconds, 0) self.assertEquals( (incident.lastEventTime - incident.firstEventTime).seconds, 10, msg='LastEventTime:%s-FirsEventTime%s is not 10' % (self.incident.lastEventTime, self.incident.firstEventTime)) self.assertEquals((incident.lastEventTime - t1).seconds, 10)