Examples with AlertCondition org.graylog2.plugin.alarms.AlertCondition used on opensource projects

Search in sources :

Example 1 with AlertCondition

use of org.graylog2.plugin.alarms.AlertCondition in project graylog2-server by Graylog2.

the class StreamResource method cloneStream.

@POST
@Path("/{streamId}/clone")
@Timed
@ApiOperation(value = "Clone a stream")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream not found."), @ApiResponse(code = 400, message = "Invalid or missing Stream id.") })
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.STREAM_CREATE)
public Response cloneStream(@ApiParam(name = "streamId", required = true) @PathParam("streamId") String streamId, @ApiParam(name = "JSON body", required = true) @Valid @NotNull CloneStreamRequest cr) throws ValidationException, NotFoundException {
    checkPermission(RestPermissions.STREAMS_CREATE);
    checkPermission(RestPermissions.STREAMS_READ, streamId);
    checkNotDefaultStream(streamId, "The default stream cannot be cloned.");
    final Stream sourceStream = streamService.load(streamId);
    final String creatorUser = getCurrentUser().getName();
    // Create stream.
    final Map<String, Object> streamData = Maps.newHashMap();
    streamData.put(StreamImpl.FIELD_TITLE, cr.title());
    streamData.put(StreamImpl.FIELD_DESCRIPTION, cr.description());
    streamData.put(StreamImpl.FIELD_CREATOR_USER_ID, creatorUser);
    streamData.put(StreamImpl.FIELD_CREATED_AT, Tools.nowUTC());
    streamData.put(StreamImpl.FIELD_MATCHING_TYPE, sourceStream.getMatchingType().toString());
    streamData.put(StreamImpl.FIELD_REMOVE_MATCHES_FROM_DEFAULT_STREAM, cr.removeMatchesFromDefaultStream());
    streamData.put(StreamImpl.FIELD_INDEX_SET_ID, cr.indexSetId());
    final Stream stream = streamService.create(streamData);
    streamService.pause(stream);
    final String id = streamService.save(stream);
    final List<StreamRule> sourceStreamRules = streamRuleService.loadForStream(sourceStream);
    for (StreamRule streamRule : sourceStreamRules) {
        final Map<String, Object> streamRuleData = Maps.newHashMapWithExpectedSize(6);
        streamRuleData.put(StreamRuleImpl.FIELD_TYPE, streamRule.getType().toInteger());
        streamRuleData.put(StreamRuleImpl.FIELD_FIELD, streamRule.getField());
        streamRuleData.put(StreamRuleImpl.FIELD_VALUE, streamRule.getValue());
        streamRuleData.put(StreamRuleImpl.FIELD_INVERTED, streamRule.getInverted());
        streamRuleData.put(StreamRuleImpl.FIELD_STREAM_ID, new ObjectId(id));
        streamRuleData.put(StreamRuleImpl.FIELD_DESCRIPTION, streamRule.getDescription());
        final StreamRule newStreamRule = streamRuleService.create(streamRuleData);
        streamRuleService.save(newStreamRule);
    }
    for (AlertCondition alertCondition : streamService.getAlertConditions(sourceStream)) {
        try {
            final AlertCondition clonedAlertCondition = alertService.fromRequest(CreateConditionRequest.create(alertCondition.getType(), alertCondition.getTitle(), alertCondition.getParameters()), stream, creatorUser);
            streamService.addAlertCondition(stream, clonedAlertCondition);
        } catch (ConfigurationException e) {
            LOG.warn("Unable to clone alert condition <" + alertCondition + "> - skipping: ", e);
        }
    }
    for (AlarmCallbackConfiguration alarmCallbackConfiguration : alarmCallbackConfigurationService.getForStream(sourceStream)) {
        final CreateAlarmCallbackRequest request = CreateAlarmCallbackRequest.create(alarmCallbackConfiguration);
        final AlarmCallbackConfiguration alarmCallback = alarmCallbackConfigurationService.create(stream.getId(), request, getCurrentUser().getName());
        alarmCallbackConfigurationService.save(alarmCallback);
    }
    for (Output output : sourceStream.getOutputs()) {
        streamService.addOutput(stream, output);
    }
    clusterEventBus.post(StreamsChangedEvent.create(stream.getId()));
    final Map<String, String> result = ImmutableMap.of("stream_id", id);
    final URI streamUri = getUriBuilderToSelf().path(StreamResource.class).path("{streamId}").build(id);
    return Response.created(streamUri).entity(result).build();
}
Also used : ObjectId(org.bson.types.ObjectId) StreamRule(org.graylog2.plugin.streams.StreamRule) URI(java.net.URI) CreateAlarmCallbackRequest(org.graylog2.rest.models.alarmcallbacks.requests.CreateAlarmCallbackRequest) ConfigurationException(org.graylog2.plugin.configuration.ConfigurationException) Output(org.graylog2.plugin.streams.Output) AlertCondition(org.graylog2.plugin.alarms.AlertCondition) Stream(org.graylog2.plugin.streams.Stream) AlarmCallbackConfiguration(org.graylog2.alarmcallbacks.AlarmCallbackConfiguration) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Example 2 with AlertCondition

use of org.graylog2.plugin.alarms.AlertCondition in project graylog2-server by Graylog2.

the class AlertScannerThread method doRun.

@Override
public void doRun() {
    LOG.debug("Running alert checks.");
    final List<Stream> alertedStreams = streamService.loadAllWithConfiguredAlertConditions();
    LOG.debug("There are {} streams with configured alert conditions.", alertedStreams.size());
    // Load all streams that have configured alert conditions.
    for (Stream stream : alertedStreams) {
        LOG.debug("Stream [{}] has [{}] configured alert conditions.", stream, streamService.getAlertConditions(stream).size());
        if (stream.isPaused()) {
            LOG.debug("Stream [{}] has been paused. Skipping alert check.", stream);
            continue;
        }
        // Check if a threshold is reached.
        streamService.getAlertConditions(stream).forEach(alertCondition -> alertScanner.checkAlertCondition(stream, alertCondition));
    }
}
Also used : Stream(org.graylog2.plugin.streams.Stream)

Example 3 with AlertCondition

use of org.graylog2.plugin.alarms.AlertCondition in project graylog2-server by Graylog2.

the class StreamAlertConditionResource method update.

@PUT
@Timed
@Path("{conditionId}")
@ApiOperation(value = "Modify an alert condition")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream not found."), @ApiResponse(code = 400, message = "Invalid ObjectId.") })
@AuditEvent(type = AuditEventTypes.ALERT_CONDITION_UPDATE)
public void update(@ApiParam(name = "streamId", value = "The stream id the alert condition belongs to.", required = true) @PathParam("streamId") String streamid, @ApiParam(name = "conditionId", value = "The alert condition id.", required = true) @PathParam("conditionId") String conditionid, @ApiParam(name = "JSON body", required = true) @Valid @NotNull CreateConditionRequest ccr) throws NotFoundException, ValidationException {
    checkPermission(RestPermissions.STREAMS_EDIT, streamid);
    final Stream stream = streamService.load(streamid);
    AlertCondition alertCondition = streamService.getAlertCondition(stream, conditionid);
    try {
        final AlertCondition updatedCondition = alertService.updateFromRequest(alertCondition, convertConfigurationInRequest(ccr));
        streamService.updateAlertCondition(stream, updatedCondition);
    } catch (ConfigurationException e) {
        throw new BadRequestException("Invalid alert condition parameters", e);
    }
}
Also used : ConfigurationException(org.graylog2.plugin.configuration.ConfigurationException) AlertCondition(org.graylog2.plugin.alarms.AlertCondition) BadRequestException(javax.ws.rs.BadRequestException) Stream(org.graylog2.plugin.streams.Stream) Path(javax.ws.rs.Path) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) PUT(javax.ws.rs.PUT) ApiResponses(io.swagger.annotations.ApiResponses)

Example 4 with AlertCondition

use of org.graylog2.plugin.alarms.AlertCondition in project graylog2-server by Graylog2.

the class StreamAlertConditionResource method get.

@GET
@Timed
@Path("{conditionId}")
@ApiOperation(value = "Get an alert condition")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream not found."), @ApiResponse(code = 400, message = "Invalid ObjectId.") })
@AuditEvent(type = AuditEventTypes.ALERT_CONDITION_DELETE)
public AlertConditionSummary get(@ApiParam(name = "streamId", value = "The stream id this alert condition belongs to.", required = true) @PathParam("streamId") String streamId, @ApiParam(name = "conditionId", value = "The alert condition id to be fetched", required = true) @PathParam("conditionId") String conditionId) throws NotFoundException {
    checkPermission(RestPermissions.STREAMS_READ, streamId);
    final Stream stream = streamService.load(streamId);
    final AlertCondition condition = streamService.getAlertCondition(stream, conditionId);
    return AlertConditionSummary.create(condition.getId(), condition.getType(), condition.getCreatorUserId(), condition.getCreatedAt().toDate(), condition.getParameters(), alertService.inGracePeriod(condition), condition.getTitle());
}
Also used : AlertCondition(org.graylog2.plugin.alarms.AlertCondition) Stream(org.graylog2.plugin.streams.Stream) Path(javax.ws.rs.Path) Timed(com.codahale.metrics.annotation.Timed) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Example 5 with AlertCondition

use of org.graylog2.plugin.alarms.AlertCondition in project graylog2-server by Graylog2.

the class LegacyAlarmCallbackSender method send.

public void send(LegacyAlarmCallbackEventNotificationConfig config, EventDefinition eventDefinition, EventDto event, List<MessageSummary> backlog) throws Exception {
    final String callbackType = config.callbackType();
    final Stream stream = findStream(eventDefinition.config());
    final AbstractAlertCondition alertCondition = new LegacyAlertCondition(stream, eventDefinition, event);
    final AbstractAlertCondition.CheckResult checkResult = new AbstractAlertCondition.CheckResult(true, alertCondition, event.message(), event.processingTimestamp(), backlog);
    try {
        final AlarmCallback callback = alarmCallbackFactory.create(callbackType, config.configuration());
        callback.checkConfiguration();
        callback.call(stream, checkResult);
    } catch (ClassNotFoundException e) {
        LOG.error("Couldn't find implementation class for type <{}>", callbackType);
        throw e;
    } catch (AlarmCallbackConfigurationException e) {
        LOG.error("Invalid legacy alarm callback configuration", e);
        throw e;
    } catch (ConfigurationException e) {
        LOG.error("Invalid configuration for legacy alarm callback <{}>", callbackType, e);
        throw e;
    } catch (AlarmCallbackException e) {
        LOG.error("Couldn't execute legacy alarm callback <{}>", callbackType, e);
        throw e;
    }
}
Also used : AlarmCallbackConfigurationException(org.graylog2.plugin.alarms.callbacks.AlarmCallbackConfigurationException) ConfigurationException(org.graylog2.plugin.configuration.ConfigurationException) Stream(org.graylog2.plugin.streams.Stream) AlarmCallback(org.graylog2.plugin.alarms.callbacks.AlarmCallback) AbstractAlertCondition(org.graylog2.alerts.AbstractAlertCondition) AlarmCallbackException(org.graylog2.plugin.alarms.callbacks.AlarmCallbackException) AlarmCallbackConfigurationException(org.graylog2.plugin.alarms.callbacks.AlarmCallbackConfigurationException)

Aggregations

AlertCondition (org.graylog2.plugin.alarms.AlertCondition)45 Stream (org.graylog2.plugin.streams.Stream)35 Test (org.junit.Test)32 ConfigurationException (org.graylog2.plugin.configuration.ConfigurationException)10 DateTime (org.joda.time.DateTime)10 Timed (com.codahale.metrics.annotation.Timed)9 ApiOperation (io.swagger.annotations.ApiOperation)9 AlarmCallbackConfiguration (org.graylog2.alarmcallbacks.AlarmCallbackConfiguration)9 Path (javax.ws.rs.Path)8 NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)8 MongoDBServiceTest (org.graylog2.database.MongoDBServiceTest)8 ApiResponses (io.swagger.annotations.ApiResponses)7 AbstractAlertCondition (org.graylog2.alerts.AbstractAlertCondition)7 Date (java.util.Date)6 AuditEvent (org.graylog2.audit.jersey.AuditEvent)6 List (java.util.List)5 POST (javax.ws.rs.POST)5 DummyAlertCondition (org.graylog2.alerts.types.DummyAlertCondition)5 EmailConfiguration (org.graylog2.configuration.EmailConfiguration)5 CreateAlarmCallbackRequest (org.graylog2.rest.models.alarmcallbacks.requests.CreateAlarmCallbackRequest)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial