def dbhealth_check():
"""Can be called by e.g. Kubernetes to verify that the API is up and is able to query DB
Returns:
str: the static string "Comet-API", could be anything
"""
try:
get_db().get_latest_event_with_fingerprint("xxx")
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on dbhealth_check")
return jsonify({"status": "error", "msg": "dbhealth_check failed"}), 500
return "Comet-API-v0"
def dbhealth_check():
"""Can be called by e.g. Kubernetes to verify that the API is up and is able to query DB
Returns:
str: the static string "Comet-API", could be anything
"""
try:
get_db().get_latest_event_with_fingerprint('xxx')
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on dbhealth_check')
return jsonify({'status': 'error', 'msg': 'dbhealth_check failed'}), 500
return 'Comet-API-v0'
def falsepositive():
"""Mark alerts with the given fingerprint as falsepositive (silence them).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
get_db().ignore_event_fingerprint(fingerprint,
IgnoreFingerprintRecord.FALSE_POSITIVE)
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on falsepositive')
return action_failed('Reporting as false positive failed.')
return action_succeeded('Thanks! We’ve marked this as a false positive')
def falsepositive():
"""Mark the given fingerprint as falsepositive
Returns:
str: the HTTP response string
"""
try:
fingerprint = request.get_json()['fingerprint']
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.FALSE_POSITIVE)
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on falsepositive')
return jsonify({'status': 'error', 'msg': 'falsepositive failed'}), 500
return ok()
def acceptrisk():
"""Accept risk for the given fingerprint
Returns:
str: the HTTP response string
"""
try:
fingerprint = request.get_json()['fingerprint']
get_db().ignore_event_fingerprint(fingerprint,
IgnoreFingerprintRecord.ACCEPT_RISK)
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on acceptrisk')
return jsonify({'status': 'error', 'msg': 'acceptrisk failed'}), 500
return ok()
def acknowledge():
"""Mark the given fingerprint as acknowledge
Returns:
str: the HTTP response string
"""
try:
fingerprint = request.get_json()['fingerprint']
get_db().ignore_event_fingerprint(fingerprint,
IgnoreFingerprintRecord.ACKNOWLEDGE)
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on acknowledge')
return jsonify({'status': 'error', 'msg': 'acknowledge failed'}), 500
return ok()
def acknowledge():
"""Mark the alert with the given fingerprint as acknowledged (applies to real-time alerts only).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
get_db().ignore_event_fingerprint(fingerprint,
IgnoreFingerprintRecord.ACKNOWLEDGE)
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on acknowledge')
return action_failed('acknowledgement failed for some reason')
return action_succeeded('Thanks for acknowledging!')
def acceptrisk():
"""Accept risk for alerts with the given fingerprint (silence them).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
get_db().ignore_event_fingerprint(fingerprint,
IgnoreFingerprintRecord.ACCEPT_RISK)
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on acceptrisk')
return action_failed('acceptrisk failed')
return action_succeeded('Alert successfully marked as accept risk.')
def get_issues():
"""Return a list of issues for the user that authenticated.
Returns:
str: json list, containing one json dictionary for each issue
"""
try:
raw_issues = get_db().get_open_issues(g.authorized_for)
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on get_issues.get_db().get_open_issues')
return jsonify({
'status': 'error',
'msg': 'get_open_issues failed'
}), 500
try:
hydrated_issues = hydrate_open_issues(raw_issues)
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on get_issues.hydrate_open_issues')
return jsonify({
'status': 'error',
'msg': 'hydrate_open_issues failed'
}), 500
return jsonify(hydrated_issues)
def escalate():
"""Mark the given fingerprint as manually escalated (applied to real-time alerts only).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
# indication that the user addressed the alert and escalate.
get_db().ignore_event_fingerprint(fingerprint,
IgnoreFingerprintRecord.ESCALATE_MANUALLY)
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on escalate real time alert')
return action_failed('Escalation failed for some reason')
return action_succeeded('Thanks! This alert has been escalated.')
def acceptrisk():
"""Accept risk for alerts with the given fingerprint (silence them).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
record_metadata = hydrate_with_request_headers(request)
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.ACCEPT_RISK, record_metadata=record_metadata
)
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on acceptrisk")
return action_failed("acceptrisk failed")
return action_succeeded("Alert successfully marked as accept risk.")
def snooze():
"""snooze the given fingerprint
Returns:
str: the HTTP response string
"""
try:
fingerprint = request.get_json()['fingerprint']
expires_at = datetime.utcnow() + timedelta(days=30)
get_db().ignore_event_fingerprint(fingerprint,
IgnoreFingerprintRecord.SNOOZE,
expires_at=expires_at)
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on snooze')
return jsonify({'status': 'error', 'msg': 'snooze failed'}), 500
return ok()
def acknowledge():
"""Mark the alert with the given fingerprint as acknowledged (applies to real-time alerts only).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
record_metadata = hydrate_with_request_headers(request)
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.ACKNOWLEDGE, record_metadata=record_metadata
)
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on acknowledge")
return action_failed("acknowledgement failed for some reason")
return action_succeeded("Thanks for acknowledging!")
def snooze():
"""Snooze alerts with the given fingerprint for 30 days (silence them for 30 days).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
expires_at = datetime.utcnow() + timedelta(days=30)
get_db().ignore_event_fingerprint(fingerprint,
IgnoreFingerprintRecord.SNOOZE,
expires_at=expires_at)
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on snooze')
return action_failed('snooze failed')
return action_succeeded('Alert successfully snoozed.')
def resolve():
"""Mark the alert with the given fingerprint as resolved (applies to real-time alerts only).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
record_metadata = hydrate_with_request_headers(request)
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.RESOLVED, record_metadata=record_metadata
)
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on resolved")
return action_failed("Resolution failed for some reason")
return action_succeeded("Thanks for resolving the issue!")
def falsepositive():
"""Mark alerts with the given fingerprint as falsepositive (silence them).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
record_metadata = hydrate_with_request_headers(request)
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.FALSE_POSITIVE, record_metadata=record_metadata
)
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on falsepositive")
return action_failed("Reporting as false positive failed.")
return action_succeeded("Thanks! We’ve marked this as a false positive")
def escalate():
"""Mark the given fingerprint as escalate manually
Returns:
str: the HTTP response string
"""
try:
fingerprint = request.get_json()['fingerprint']
# indication that the user addressed the alert and escalate.
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.ESCALATE_MANUALLY)
except Exception as _: # pylint: disable=broad-except
LOG.exception('Got exception on escalate real time alert')
return jsonify({
'status': 'error',
'msg': 'escalation real time alerts failed'
}), 500
return ok()
def snooze():
"""Snooze alerts with the given fingerprint for 30 days (silence them for 30 days).
Returns:
str: the HTTP response string
"""
try:
fingerprint = get_and_check_fingerprint()
expires_at = datetime.utcnow() + timedelta(days=30)
record_metadata = hydrate_with_request_headers(request)
get_db().ignore_event_fingerprint(
fingerprint, IgnoreFingerprintRecord.SNOOZE, expires_at=expires_at, record_metadata=record_metadata
)
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on snooze")
return action_failed("snooze failed")
return action_succeeded("Alert successfully snoozed.")
def get_interactions():
"""Return a list of all the interactions for an associated fingerprint
Returns:
str: json list containing one dictionary for each event
"""
try:
fingerprint = get_and_check_fingerprint(validate_token=False)
interactions = get_db().get_interactions_fingerprint(fingerprint)
except Exception as _: # pylint: disable=broad-except
LOG.exception("Got exception on get_db().get_interactions_for_fingerprint")
return jsonify({"status": "error", "msg": "get_interactions failed"}), 500
return jsonify(interactions)
def test_get_db(app_context):
with app_context:
assert get_db()
