(self, rule, alert_field)
| 439 | rule['alert'] = self.load_alerts(rule, alert_field=rule['alert']) |
| 440 | |
| 441 | def load_alerts(self, rule, alert_field): |
| 442 | def normalize_config(alert): |
| 443 | """Alert config entries are either "alertType" or {"alertType": {"key": "data"}}. |
| 444 | This function normalizes them both to the latter format. """ |
| 445 | if isinstance(alert, str): |
| 446 | return alert, rule |
| 447 | elif isinstance(alert, dict): |
| 448 | name, config = next(iter(list(alert.items()))) |
| 449 | config_copy = copy.copy(rule) |
| 450 | config_copy.update(config) # warning, this (intentionally) mutates the rule dict |
| 451 | return name, config_copy |
| 452 | else: |
| 453 | raise EAException() |
| 454 | |
| 455 | def create_alert(alert, alert_config): |
| 456 | alert_class = self.alerts_mapping.get(alert) or get_module(alert) |
| 457 | if not issubclass(alert_class, alerts.Alerter): |
| 458 | raise EAException('Alert module %s is not a subclass of Alerter' % alert) |
| 459 | missing_options = (rule['type'].required_options | alert_class.required_options) - frozenset( |
| 460 | alert_config or []) |
| 461 | if missing_options: |
| 462 | raise EAException('Missing required option(s): %s' % (', '.join(missing_options))) |
| 463 | return alert_class(alert_config) |
| 464 | |
| 465 | try: |
| 466 | if type(alert_field) != list: |
| 467 | alert_field = [alert_field] |
| 468 | |
| 469 | alert_field = [normalize_config(x) for x in alert_field] |
| 470 | alert_field = sorted(alert_field, key=lambda a_b: self.alerts_order.get(a_b[0], 1)) |
| 471 | # Convert all alerts into Alerter objects |
| 472 | alert_field = [create_alert(a, b) for a, b in alert_field] |
| 473 | |
| 474 | except (KeyError, EAException) as e: |
| 475 | raise EAException('Error initiating alert %s: %s' % (rule['alert'], e)).with_traceback(sys.exc_info()[2]) |
| 476 | |
| 477 | return alert_field |
| 478 | |
| 479 | @staticmethod |
| 480 | def adjust_deprecated_values(rule): |
no test coverage detected