Skip to content

Commit

Permalink
parsing eventlogger requests
Browse files Browse the repository at this point in the history
  • Loading branch information
@matjaz99
matjaz99 committed Jun 20, 2024
1 parent be3d30f commit 73fca0b
Show file tree
Hide file tree
Showing 9 changed files with 107 additions and 51 deletions.
20 changes: 5 additions & 15 deletions docs/Todo.md
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,18 @@
# TODOs

- ~~add support for grafana alerts~~
- add support for wazooh alerts
- query elastic and alert
- query elastic or opensearch and alert
- server push (https://www.youtube.com/watch?v=5PQR9_Q0vaw)
- tags: filter by operators AND or OR
- redesigned journal (not table, but a list with show details)
- copy to clipboard button
- configure labels for CID (if needed also from external_labels)
- function time_of_max
- function time_of_max which returns a timestamp when metric reached it's maximum value in given interval
- downsample - from 1 min (ie 4 metrics) create 1 metric
- generate report, configure data in report, configure query for report
- configure different retention times of metrics, actually delete metrics before prometheus does (https://prometheus.io/docs/prometheus/latest/querying/api/#delete-series)
- configure data in report, configure query for report
- metric simulator
- tenants, different providers, data sources

- multiply severity and priority to get the highest important alerts

https://www.primefaces.org/showcase/ui/data/timeline/basic.xhtml

Expand All @@ -22,12 +21,3 @@ https://www.primefaces.org/showcase/ui/data/timeline/basic.xhtml
https://www.primefaces.org/showcase


Search
Daj v datatable

<f:facet name="header">
<p:outputPanel>
<h:outputText value="Search all fields: " />
<p:inputText id="globalFilter" onkeyup="PF('activeTable').filter()" style="width:150px" placeholder="Enter keyword"/>
</p:outputPanel>
</f:facet>
8 changes: 8 additions & 0 deletions src/main/java/si/matjazcerkvenik/alertmonitor/data/DAO.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,10 @@ public IDataManager getDataManager() {
return dataManager;
}

/**
* Stop existing Data manager and re-initialize new one.
* This is typically done when a property (such as MongoDB connection string) is changed.
*/
public void resetDataManager() {
TaskManager.getInstance().stopDbMaintenanceTask();
dataManager.close();
Expand Down Expand Up @@ -121,6 +125,10 @@ public AbstractDataProvider getDataProviderByUri(String uri) {
return null;
}

/**
* Return a list of all Data providers.
* @return list of data providers
*/
public List<AbstractDataProvider> getAllDataProviders() {
return new ArrayList<>(dataProviders.values());
}
Expand Down
3 changes: 3 additions & 0 deletions src/main/java/si/matjazcerkvenik/alertmonitor/data/DbMaintenanceTask.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@

import java.util.TimerTask;

/**
* This thread (TimerTask) periodically executes tasks on database, such as cleaning of old records.
*/
public class DbMaintenanceTask extends TimerTask {

@Override
Expand Down
10 changes: 6 additions & 4 deletions src/main/java/si/matjazcerkvenik/alertmonitor/model/alertmanager/AlertmanagerProcessor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,27 +20,29 @@
import si.matjazcerkvenik.alertmonitor.model.DEvent;
import si.matjazcerkvenik.alertmonitor.model.DSeverity;
import si.matjazcerkvenik.alertmonitor.model.config.ProviderConfig;
import si.matjazcerkvenik.alertmonitor.model.config.YamlConfig;
import si.matjazcerkvenik.alertmonitor.util.*;
import si.matjazcerkvenik.alertmonitor.util.Formatter;
import si.matjazcerkvenik.alertmonitor.web.WebhookMessage;

import java.util.*;

/**
* Thic class handles (processes) the alerts message sent from Alertmanager.
*/
public class AlertmanagerProcessor {

public static AmAlertMessage processWebhookMessage(WebhookMessage wm) throws Exception {
public static AmMessage processWebhookMessage(WebhookMessage wm) throws Exception {

GsonBuilder builder = new GsonBuilder();
Gson gson = builder.create();
AmAlertMessage am = gson.fromJson(wm.getBody(), AmAlertMessage.class);
AmMessage am = gson.fromJson(wm.getBody(), AmMessage.class);
LogFactory.getLogger().debug(am.toString());
LogFactory.getLogger().info("AlertmanagerProcessor: alerts received: " + am.getAlerts().size());
return am;

}

public static List<DEvent> convertToDevent(WebhookMessage m, AmAlertMessage am) {
public static List<DEvent> convertToDevent(WebhookMessage m, AmMessage am) {

List<DEvent> eventList = new ArrayList<DEvent>();

Expand Down
3 changes: 3 additions & 0 deletions src/main/java/si/matjazcerkvenik/alertmonitor/model/alertmanager/AmAlert.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@

import java.util.Map;

/**
* This class represents individual alert from Alertmanager.
*/
public class AmAlert {

private String status;
Expand Down
7 changes: 5 additions & 2 deletions ...or/model/alertmanager/AmAlertMessage.java → ...monitor/model/alertmanager/AmMessage.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,10 @@
import java.util.List;
import java.util.Map;

public class AmAlertMessage {
/**
* This class represents whole message sent from Alertmanager.
*/
public class AmMessage {

private String receiver;
private String status;
Expand Down Expand Up @@ -104,7 +107,7 @@ public void setAlerts(List<AmAlert> alerts) {

@Override
public String toString() {
return "AmAlertMessage [receiver=" + receiver + ", status=" + status + ", alerts=" + alerts + ", groupLabels="
return "AmMessage [receiver=" + receiver + ", status=" + status + ", alerts=" + alerts + ", groupLabels="
+ groupLabels + ", commonLabels=" + commonLabels + ", commonAnnotations=" + commonAnnotations
+ ", externalURL=" + externalURL + ", version=" + version + ", groupKey=" + groupKey + "]";
}
Expand Down
41 changes: 41 additions & 0 deletions src/main/java/si/matjazcerkvenik/alertmonitor/model/eventlogger/ElMessage.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
/*
Copyright 2021 Matjaž Cerkvenik
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package si.matjazcerkvenik.alertmonitor.model.eventlogger;

import java.util.List;
import java.util.Map;

/**
* This class represents whole message sent from Alertmanager.
*/
public class ElMessage {
private List<ElEvent> events;

public List<ElEvent> getEvents() {
return events;
}

public void setEvents(List<ElEvent> events) {
this.events = events;
}

@Override
public String toString() {
return "ElMessage{" +
"events=" + events +
'}';
}
}
60 changes: 33 additions & 27 deletions src/main/java/si/matjazcerkvenik/alertmonitor/providers/EventloggerDataProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
import si.matjazcerkvenik.alertmonitor.model.DTarget;
import si.matjazcerkvenik.alertmonitor.model.DWarning;
import si.matjazcerkvenik.alertmonitor.model.eventlogger.ElEvent;
import si.matjazcerkvenik.alertmonitor.model.eventlogger.ElMessage;
import si.matjazcerkvenik.alertmonitor.util.AmMetrics;
import si.matjazcerkvenik.alertmonitor.util.Formatter;
import si.matjazcerkvenik.alertmonitor.util.LogFactory;
Expand All @@ -47,37 +48,42 @@ public void processIncomingEvent(WebhookMessage m) {
try {
GsonBuilder builder = new GsonBuilder();
Gson gson = builder.create();
ElEvent am = gson.fromJson(m.getBody(), ElEvent.class);

DEvent e = new DEvent();
e.setTimestamp(System.currentTimeMillis());
e.setFirstTimestamp(e.getTimestamp());
e.setSource(m.getRemoteHost());
e.setAlertname(am.getAlarmName());
e.setUserAgent(m.getHeaderMap().getOrDefault("user-agent", "-"));
e.setInfo(am.getSourceInfo());
e.setInstance(am.getAlarmSource());
e.setHostname(Formatter.stripInstance(e.getInstance()));
e.setNodename(am.getAlarmSource());
e.setJob("eventlogger");
e.setTags("eventlogger, log");
e.setSeverity(am.getSeverityString().toLowerCase());
e.setPriority("low");
e.setGroup("unknown");
e.setEventType("5");
e.setProbableCause("1024");
e.setCurrentValue("-");
e.setUrl("");
e.setDescription(am.getAdditionalInfo());
e.generateUID();
e.generateCID();

System.out.println("GOT EVENT: " + e.toString());
// ElEvent am = gson.fromJson(m.getBody(), ElEvent.class);
ElMessage em = gson.fromJson(m.getBody(), ElMessage.class);

List<DEvent> list = new ArrayList<>();
list.add(e);

for (ElEvent el : em.getEvents()) {
DEvent e = new DEvent();
e.setTimestamp(System.currentTimeMillis());
e.setFirstTimestamp(e.getTimestamp());
e.setSource(m.getRemoteHost());
e.setAlertname(el.getAlarmName());
e.setUserAgent(m.getHeaderMap().getOrDefault("user-agent", "-"));
e.setInfo(el.getSourceInfo());
e.setInstance(el.getAlarmSource());
e.setHostname(Formatter.stripInstance(e.getInstance()));
e.setNodename(el.getAlarmSource());
e.setJob("eventlogger");
e.setTags("eventlogger, log");
e.setSeverity(el.getSeverityString().toLowerCase());
e.setPriority("low");
e.setGroup("unknown");
e.setEventType("5");
e.setProbableCause("1024");
e.setCurrentValue("-");
e.setUrl("");
e.setDescription(el.getAdditionalInfo());
e.generateUID();
e.generateCID();

System.out.println("GOT EVENT: " + e.toString());
list.add(e);
}

synchronizeAlerts(list, false);
lastEventTimestamp = System.currentTimeMillis();

} catch (Exception e) {
LogFactory.getLogger().error("EventloggerDataProvider: processIncomingEvent(): unable to process incoming message: \n" + m.toString());
LogFactory.getLogger().error("EventloggerDataProvider: processIncomingEvent(): error: " + e.getMessage());
Expand Down
6 changes: 3 additions & 3 deletions src/main/java/si/matjazcerkvenik/alertmonitor/providers/PrometheusDataProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
import si.matjazcerkvenik.alertmonitor.model.DTarget;
import si.matjazcerkvenik.alertmonitor.model.DWarning;
import si.matjazcerkvenik.alertmonitor.model.alertmanager.AlertmanagerProcessor;
import si.matjazcerkvenik.alertmonitor.model.alertmanager.AmAlertMessage;
import si.matjazcerkvenik.alertmonitor.model.alertmanager.AmMessage;
import si.matjazcerkvenik.alertmonitor.model.prometheus.*;
import si.matjazcerkvenik.alertmonitor.util.*;
import si.matjazcerkvenik.alertmonitor.util.Formatter;
Expand Down Expand Up @@ -49,8 +49,8 @@ public void processIncomingEvent(WebhookMessage m) {
AmMetrics.alertmonitor_webhook_requests_received_total.labels(providerConfig.getName(), m.getRemoteHost(), m.getMethod().toUpperCase()).inc();

try {
AmAlertMessage amAlertMessage = AlertmanagerProcessor.processWebhookMessage(m);
List<DEvent> eventList = AlertmanagerProcessor.convertToDevent(m, amAlertMessage);
AmMessage amMessage = AlertmanagerProcessor.processWebhookMessage(m);
List<DEvent> eventList = AlertmanagerProcessor.convertToDevent(m, amMessage);
synchronizeAlerts(eventList, false);
lastEventTimestamp = System.currentTimeMillis();
} catch (Exception e) {
Expand Down

0 comments on commit 73fca0b

Please sign in to comment.