Update clear
import json
import copy
import logging
import time
import hashlib
logger = logging.getLogger(__name__)
def main(alert_payload, resolver_config, s_alert):
alerts = list()
alert_json = json.loads(alert_payload)
all_keys = list()
for alert in alert_json.get('evalMatches'):
p_alert = copy.deepcopy(s_alert)
p_alert.sourcePayload = json.dumps(alert_json)
if alert_json.get("state") == "alerting":
p_alert.raisedAt = time.time() * 1000.0
p_alert.alertType = alert.get("tags").get("category")
p_alert.assetType = alert.get("tags").get("__name__")
tags = alert.get("tags", {})
tag_list = []
for tag in tags:
p_alert.addAttribute(tag, tags[tag])
tag_list.append(tags[tag])
exported_instance = alert.get("tags").get("exported_instance")
instance = alert.get("tags").get("instance")
final_instance = exported_instance if exported_instance else instance
value = alert.get("value", "")
metric = alert.get("metric", "")
if alert.get("message"):
p_alert.message = alert_json.get("message").split("$")[0] + " " + final_instance + "; metric: " + metric + "; value: " + str(value)
else:
p_alert.message = alert_json.get("ruleName") + " " + final_instance + "; metric: " + metric + "; value: " + str(value)
p_alert.assetName = final_instance
p_alert.assetIpAddress = final_instance.split(":")[0]
p_alert.assetId = final_instance
p_alert.severity = "CRITICAL"
p_alert.key = "#".join(str(tag) for tag in tag_list)
all_keys.append(p_alert.key)
elif alert_json.get("state") == "ok":
p_alert.clearedAt = time.time() * 1000.0
p_alert.key = alert_json.get("ruleUrl")
p_alert.sourceId = alert_json.get("ruleUrl")
p_alert.sourceMechanism = "Grafana"
p_alert.payloadDictionary = alert_json
alerts.append(p_alert)
# Creating an aggregate alert with list of all keys for all alerts in the payload
if alert_json.get("state") == 'alerting':
aggr_alert = copy.deepcopy(s_alert)
aggr_alert.sourcePayload = json.dumps(alert_json)
aggr_alert.alertType = "AGGREGATE"
aggr_alert.key = alert_json.get("ruleUrl")
aggr_alert.sourceId = alert_json.get("ruleUrl")
aggr_alert.raisedAt = time.time() * 1000.0
aggr_alert.severity = "CRITICAL"
aggr_alert.message = alert_json.get("ruleUrl")
aggr_alert.impactedServices = list()
for key in all_keys:
# Alert keys need to be hashed before adding to impactedServices
aggr_alert.impactedServices.append(hashlib.md5(key.encode("utf-8")).hexdigest())
aggr_alert.impactedServices = ",".join(impact for impact in aggr_alert.impactedServices)
alerts.append(aggr_alert)
elif alert_json.get("state") == 'ok':
aggr_alert = copy.deepcopy(s_alert)
aggr_alert.sourcePayload = json.dumps(alert_json)
aggr_alert.alertType = "AGGREGATE"
aggr_alert.key = alert_json.get("ruleUrl")
aggr_alert.sourceId = alert_json.get("ruleUrl")
aggr_alert.clearedAt = time.time() * 1000.0
aggr_alert.impactedServices = None
alerts.append(aggr_alert)
return alerts
''' # SAMPLE
{
"dashboardId": 18,
"evalMatches": [
{
"value": 764.1657985453642,
"metric": "10.95.124.111:9100 - CPU App Anomaly",
"tags": {
"__name__": "cfxEdgeAI:upperAnomaly:node_cpu_seconds_total",
"exported_instance": "10.95.124.111:9100",
"exported_job": "Petclinic-App-Host",
"instance": "10.95.124.111:9777",
"job": "cfxEdgeAI",
"mode": "user"
}
}
],
"message": "CPU Usage Anomaly Detected on ${exported_instance}",
"orgId": 1,
"panelId": 36,
"ruleId": 3,
"ruleName": "CPU - Application Usage Summary (AI) alert",
"ruleUrl": "http://127.0.0.1:3000/metrics/d/Q6kcyAaGz/petclinic-application-dashboard?tab=alert&viewPanel=36&orgId=1",
"state": "alerting",
"tags": {
"Alert Source": "$exported_instance",
"Alert Type": "High CPU"
},
"title": "[Alerting] CPU - Application Usage Summary (AI) alert"
}
'''