You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
152 lines
6.6 KiB
152 lines
6.6 KiB
# Copyright (C) 2005-2024 Splunk Inc. All Rights Reserved.
|
|
|
|
import json
|
|
import traceback
|
|
import http.client
|
|
|
|
from itsi_py3 import _ # noqa
|
|
import itsi_py3 # noqa
|
|
|
|
import splunk.rest as rest
|
|
from ITOA.setup_logging import getLogger
|
|
from ITOA.saved_search_utility import SavedSearch
|
|
from ITOA.storage.itoa_storage import ITOAStorage
|
|
from itsi.itsi_utils import SplunkMessageHandler
|
|
|
|
|
|
class ItsiEventGrouping(object):
|
|
|
|
def __init__(self, session_key, features):
|
|
self.logger = getLogger(logger_name='itsi.feature_flagging.UIViewAccessEnforcer')
|
|
self.session_key = session_key
|
|
self.features = features
|
|
self.RULE_ENGINE_MESSAGE_ID = 'RULE_ENGINE_MESSAGE_ID'
|
|
self.rules_engine_saved_search = SavedSearch.get_search(
|
|
self.session_key, 'itsi_event_grouping')
|
|
self.EVENT_GROUPING_URL = '/saved/searches/itsi_event_grouping?output_mode=json'
|
|
self.EVENTGROUP_COLLECTION = "/servicesNS/nobody/SA-ITOA/storage/collections/data/itsi_event_grouping_status/"
|
|
self.EVENT_GROUPING_OBJECT_URL = self.EVENTGROUP_COLLECTION + "itsi_event_grouping"
|
|
|
|
def manage_disable_or_enable(self):
|
|
if (self.features.get('itsi_event_grouping')):
|
|
if self._check_kv_store_value():
|
|
self._enable_rule_engine()
|
|
self._set_itsi_event_grouping_flag_status(False)
|
|
self._delete_message_for_rule_engine_state()
|
|
else:
|
|
try:
|
|
response, contents = rest.simpleRequest(
|
|
path=self.EVENT_GROUPING_URL,
|
|
sessionKey=self.session_key)
|
|
data = json.loads(contents)
|
|
disabled = data['entry'][0]["content"]['disabled']
|
|
if not disabled:
|
|
self._generate_message_for_rule_engine_state()
|
|
self._disable_rule_engine()
|
|
if not self._check_kv_store_value():
|
|
self._set_itsi_event_grouping_flag_status(True)
|
|
except Exception:
|
|
self.logger.error("Failed to accesss EVENT_GROUPING_URL {}".format(traceback.format_exc()))
|
|
raise
|
|
|
|
def _disable_rule_engine(self):
|
|
try:
|
|
self.rules_engine_saved_search['disabled'] = 1
|
|
SavedSearch.save_entity(self.session_key,
|
|
self.rules_engine_saved_search)
|
|
self.logger.info("Rule engine disabled")
|
|
except Exception:
|
|
self.logger.error("Failed to disable rule engine: {}".format(traceback.format_exc()))
|
|
raise
|
|
|
|
def _enable_rule_engine(self):
|
|
try:
|
|
self.rules_engine_saved_search['disabled'] = 0
|
|
SavedSearch.save_entity(self.session_key,
|
|
self.rules_engine_saved_search)
|
|
self.logger.info("Rule engine enabled")
|
|
except Exception:
|
|
self.logger.error("Failed to enable rule engine: {}".format(traceback.format_exc()))
|
|
raise
|
|
|
|
def _check_itsi_event_grouping_flag_status(self):
|
|
try:
|
|
response, contents = rest.simpleRequest(
|
|
path=self.EVENT_GROUPING_OBJECT_URL,
|
|
sessionKey=self.session_key)
|
|
contents = json.loads(contents)
|
|
return contents["itsi_event_grouping_flag_value"]
|
|
except Exception:
|
|
self.logger.error("Unable to check itsi_event_grouping_flag_value flag \
|
|
status from api : {}".format(traceback.format_exc()))
|
|
raise
|
|
|
|
def _check_kv_store_value(self):
|
|
try:
|
|
if ITOAStorage().wait_for_storage_init(self.session_key):
|
|
response, contents = rest.simpleRequest(
|
|
path=self.EVENTGROUP_COLLECTION,
|
|
sessionKey=self.session_key)
|
|
contents = json.loads(contents)
|
|
if not contents:
|
|
response_obj, contents_obj = rest.simpleRequest(
|
|
path=self.EVENTGROUP_COLLECTION,
|
|
method="POST",
|
|
jsonargs=json.dumps({
|
|
"itsi_event_grouping_flag_value": True,
|
|
"_key": "itsi_event_grouping"
|
|
}),
|
|
sessionKey=self.session_key)
|
|
self.logger.info("itsi_event_grouping collection found empty posted \
|
|
object with itsi_event_grouping_flag_value:{}".format(True))
|
|
return self._check_itsi_event_grouping_flag_status()
|
|
except Exception:
|
|
self.logger.error("Unable to add object to collection \
|
|
itsi_event_grouping_status : {}".format(traceback.format_exc()))
|
|
raise
|
|
|
|
def _set_itsi_event_grouping_flag_status(self, status):
|
|
"""
|
|
This method maintains the state of itsi_event_grouping functionality. This method sets
|
|
itsi_event_grouping_flag_value to True or False on the basis of suite_state.
|
|
When user is in standard suite the flag itsi_event_grouping_flag_value will set to True.
|
|
When user is in Plus suite the itsi_event_grouping_flag_value value will set to False.
|
|
"""
|
|
response, contents = rest.simpleRequest(
|
|
path=self.EVENT_GROUPING_OBJECT_URL,
|
|
method="POST",
|
|
jsonargs=json.dumps({"itsi_event_grouping_flag_value": status}),
|
|
sessionKey=self.session_key)
|
|
|
|
if response.status == http.client.OK:
|
|
self.logger.info(
|
|
"Itsi_event_grouping flag status set to: " + str(status))
|
|
return
|
|
|
|
e = Exception(
|
|
"Failed to set itsi_event_grouping status to {}. Response={}".
|
|
format(status, response))
|
|
self.logger.exception(e)
|
|
raise e
|
|
|
|
def _generate_message_for_rule_engine_state(self):
|
|
messages = SplunkMessageHandler(self.session_key)
|
|
try:
|
|
message_text = _(
|
|
"The 'itsi_event_grouping' search is disabled for IT Essentials Work. \
|
|
Enabling the search might cause an error.")
|
|
self.logger.info(message_text)
|
|
messages.post_or_update_message(self.RULE_ENGINE_MESSAGE_ID,
|
|
SplunkMessageHandler.INFO,
|
|
message_text)
|
|
except Exception:
|
|
self.logger.error("unable to generate message about itsi_event_grouping status")
|
|
|
|
def _delete_message_for_rule_engine_state(self):
|
|
messages = SplunkMessageHandler(self.session_key)
|
|
try:
|
|
messages.delete_message(self.RULE_ENGINE_MESSAGE_ID)
|
|
except Exception:
|
|
# the message might be already deleted by user
|
|
pass
|