diff --git a/core/lib/rules.py b/core/lib/rules.py index b4bfa59..409295d 100644 --- a/core/lib/rules.py +++ b/core/lib/rules.py @@ -247,7 +247,10 @@ class NotificationRuleData(object): if index is None: # Check if we have any matches on all indices - return any(self.object.match.values()) + values = self.object.match.values() + if not values: + return None + return any(values) # Check if it's the same hash if match is not None: @@ -348,7 +351,7 @@ class NotificationRuleData(object): self.ingest_matches_sync(index, message, meta, mode) # No async helper for this one as we only need it for schedules - async def rule_no_match(self, index=None): + async def rule_no_match(self, index=None, message=None): """ A rule has not matched. If the previous run did match, send a notification if configured to notify @@ -364,7 +367,7 @@ class NotificationRuleData(object): rule_notify(self.object, index, "no_match", None) self.store_match(index, False) await self.ingest_matches( - index=index, message={}, meta={"msg": "No matches"}, mode="schedule" + index=index, message={}, meta={"msg": message}, mode="schedule" ) async def run_schedule(self): @@ -376,11 +379,12 @@ class NotificationRuleData(object): response = await self.db.schedule_query_results(self) if not response: # No results in the result_map - await self.rule_no_match() + print("No results in result_map") + await self.rule_no_match(message="No response from database") for index, (meta, results) in response.items(): if not results: # Falsy results, no matches - await self.rule_no_match(index) + await self.rule_no_match(index, message="No results for index") # Add the match values of all aggregations to a list aggs_for_index = [] @@ -398,7 +402,7 @@ class NotificationRuleData(object): ) continue # Default branch, since the happy path has a continue keyword - await self.rule_no_match(index) + await self.rule_no_match(index, message="Aggregation did not match") def test_schedule(self): """