Fix policies not triggering properly

This commit is contained in:
Mark Veidemanis 2023-02-09 20:28:34 +00:00
parent 7b6da7b704
commit 9519c1ac9f
Signed by: m
GPG Key ID: 5ACFCEED46C0904F
4 changed files with 28 additions and 29 deletions

View File

@ -272,12 +272,10 @@ class ElasticsearchBackend(StorageBackend):
"""
if self.async_client is None:
await self.async_initialise()
print("MATCHES", matches)
for match in matches:
result = await self.async_client.index(
index=settings.INDEX_RULE_STORAGE, body=match
)
print("RESULT", result)
if not result["result"] == "created":
self.log.error(f"Indexing failed: {result}")
self.log.debug(f"Indexed {len(matches)} messages in ES")
@ -527,7 +525,6 @@ class ElasticsearchBackend(StorageBackend):
total_sources = (
len(settings.MAIN_SOURCES) - 1 + len(settings.SOURCES_RESTRICTED)
)
print("total_count", total_count, "total_sources", total_sources)
if total_count != total_sources:
add_top_tmp = {"bool": {"should": []}}
for source_iter in sources:
@ -607,7 +604,6 @@ class ElasticsearchBackend(StorageBackend):
search_query,
index=index,
)
print("query", search_query)
if "message" in response:
return response

View File

@ -118,7 +118,6 @@ def parse_source(user, query_params, raise_error=False):
if source:
sources = [source]
else:
print("NOT SOURCE")
sources = list(settings.MAIN_SOURCES)
if user.has_perm("core.restricted_sources"):
for source_iter in settings.SOURCES_RESTRICTED:

View File

@ -260,7 +260,15 @@ class NotificationRuleData(object):
hash_matches = self.object.match.get(index) == match
return hash_matches
return self.object.match.get(index)
returned_match = self.object.match.get(index, None)
if type(returned_match) == int:
# We are getting a hash from the database,
# but we have nothing to check it against.
# In this instance, we are checking if we got a match
# at all last time. We can confidently say that since
# we have a hash, we did.
returned_match = True
return returned_match
def format_aggs(self, aggs):
"""
@ -393,31 +401,26 @@ class NotificationRuleData(object):
"""
current_match = self.get_match(index)
log.debug(f"Rule not matched: {index} - current match: {current_match}")
log.debug(f"Rule not matched: {index} - current match: {current_match}: {message}")
last_run_had_matches = current_match is True
if self.policy in ["change", "default"]:
print("policy in change or default")
# Change or Default policy, notifying only on new results
if not last_run_had_matches:
print("last run did not have matches")
# Last run did not have matches, nor did this one
# We don't need to notify
return
initial = current_match is None
elif self.policy == "always":
print("policy is always")
# Only here for completeness, we notify below by default
pass
# Matched before, but not now
if self.policy in ["change", "always"]:
print("policy in change or always")
rule_notify(self.object, index, "no_match", None)
self.store_match(index, False)
await self.ingest_matches(
index=index, matches=[{"msg": None}], meta={"msg": message}, mode="schedule"
)
if self.policy != "always":
# We hit the return above if we don't need to notify
if self.policy in ["change", "default"]:
if not last_run_had_matches and not initial:
# We don't need to notify if the last run didn't have matches
return
if self.policy in ["always", "change"]:
# Never notify for empty matches on default policy
rule_notify(self.object, index, "no_match", None)
await self.ingest_matches(
index=index, matches=[{"msg": None}], meta={"msg": message}, mode="schedule"
)
async def run_schedule(self):
"""
@ -428,12 +431,13 @@ class NotificationRuleData(object):
response = await self.db.schedule_query_results(self)
if not response:
# No results in the result_map
print("No results in result_map")
await self.rule_no_match(message="No response from database")
return
for index, (meta, results) in response.items():
if not results:
# Falsy results, no matches
await self.rule_no_match(index, message="No results for index")
continue
# Add the match values of all aggregations to a list
aggs_for_index = []

View File

@ -73,7 +73,7 @@ class RuleClear(LoginRequiredMixin, PermissionRequiredMixin, APIView):
rule = NotificationRule.objects.get(pk=pk, user=request.user)
if isinstance(rule.match, dict):
for index in rule.match:
rule.match[index] = False
rule.match[index] = None
rule.save()
cleared_indices = ", ".join(rule.match)