admingit
/
Deploiement_Server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ee55facdc3'
${ noResults }
Deploiement_Server/deployment-apps/DA-ITSI-CP-unix-dashboards/appserver/controllers/unixalertevents.py

68 lines
2.1 KiB
Raw Blame History

import json
import os
import sys
import cherrypy
import splunk
from splunk.models.fired_alert import FiredAlert
import splunk.appserver.mrsparkle.controllers as controllers
import splunk.appserver.mrsparkle.lib.util as util
from splunk.appserver.mrsparkle.lib.decorators import expose_page
from splunk.appserver.mrsparkle.lib.routes import route
dir = os.path.join(util.get_apps_dir(), __file__.split('.')[-2], 'bin')
if not dir in sys.path:
sys.path.append(dir)
from sc_rest import setup_logging
logger = setup_logging('unixalertevents')
class unixAlertEvents(controllers.BaseController):
'''unixAlertEvents Controller'''
@route('/:app/:action=id/:sid')
@expose_page(must_login=True, methods=['GET'])
def sid(self, app, action, sid, **kwargs):
''' return details for a specific alertevent'''
alertevent = None
output = None
user = cherrypy.session['user']['name']
host_app = cherrypy.request.path_info.split('/')[3]
try:
job = splunk.search.getJob(sid)
# for r in job.results:
# logger.debug("results %s" % r)
fired = FiredAlert.all()
fired = fired.search('sid=%s' % sid)[0]
hosts = sorted(list({str(x.get('host'))
for x in job.results if x.get('hosts')}))
alertevent = {'alert_name': job.label,
'time': fired.trigger_time,
'description': fired.savedsearch_name,
'severity': fired.severity,
'hosts': hosts,
'sid': sid,
'et': job.earliestTime,
'lt': job.latestTime}
logger.debug(alertevent)
except Exception as ex:
logger.exception(ex)
logger.warn('problem retreiving alertevent %s' % id)
return self.render_json({"error": str(ex)})
return self.render_json({"alertevent": json.dumps(
alertevent, default=str), "host_app": host_app, "app": app})
Reference in new issue View Git Blame Copy Permalink