Pathogen
/
neptune
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Implement deleting database matches

This commit is contained in:
Mark Veidemanis 2023-02-09 21:17:50 +00:00
parent 9a8bb9027f
commit c67d89c978
Signed by: m
GPG Key ID: 5ACFCEED46C0904F
2 changed files with 34 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
core/db/elastic.py
View File

@ -79,6 +79,21 @@ class ElasticsearchBackend(StorageBackend):
index=settings.INDEX_RULE_STORAGE, mappings=mapping["mappings"] index=settings.INDEX_RULE_STORAGE, mappings=mapping["mappings"]
) )
def delete_rule_entries(self, rule_id):
"""
Delete all entries for a given rule.
:param rule_id: The rule ID to delete.
"""
if self.client is None:
self.initialise()
search_query = self.construct_query(None, None, blank=True)
search_query["query"]["bool"]["must"].append(
{"match_phrase": {"rule_id": rule_id}}
)
return self.client.delete_by_query(
index=settings.INDEX_RULE_STORAGE, body=search_query
)
def construct_context_query( def construct_context_query(
self, index, net, channel, src, num, size, type=None, nicks=None self, index, net, channel, src, num, size, type=None, nicks=None
): ):

21
core/lib/rules.py
View File

@ -196,6 +196,13 @@ class NotificationRuleData(object):
if self.object is not None: if self.object is not None:
self.populate_matched() self.populate_matched()
def clear_database_matches(self):
"""
Delete all matches for this rule.
"""
rule_id = str(self.object.id)
self.db.delete_rule_entries(rule_id)
def populate_matched(self): def populate_matched(self):
""" """
On first creation, the match field is None. We need to populate it with On first creation, the match field is None. We need to populate it with
@ -401,7 +408,9 @@ class NotificationRuleData(object):
""" """
current_match = self.get_match(index) current_match = self.get_match(index)
log.debug(f"Rule not matched: {index} - current match: {current_match}: {message}") log.debug(
f"Rule not matched: {index} - current match: {current_match}: {message}"
)
last_run_had_matches = current_match is True last_run_had_matches = current_match is True
initial = current_match is None initial = current_match is None
@ -419,7 +428,10 @@ class NotificationRuleData(object):
# Never notify for empty matches on default policy # Never notify for empty matches on default policy
rule_notify(self.object, index, "no_match", None) rule_notify(self.object, index, "no_match", None)
await self.ingest_matches( await self.ingest_matches(
index=index, matches=[{"msg": None}], meta={"msg": message}, mode="schedule" index=index,
matches=[{"msg": None}],
meta={"msg": message},
mode="schedule",
) )
async def run_schedule(self): async def run_schedule(self):
@ -446,9 +458,14 @@ class NotificationRuleData(object):
if "match" in meta["aggs"][agg_name]: if "match" in meta["aggs"][agg_name]:
aggs_for_index.append(meta["aggs"][agg_name]["match"]) aggs_for_index.append(meta["aggs"][agg_name]["match"])
print("aggs_for_index", aggs_for_index)
print("self aggs", self.aggs.keys())
# All required aggs are present # All required aggs are present
if len(aggs_for_index) == len(self.aggs.keys()): if len(aggs_for_index) == len(self.aggs.keys()):
print("Key len match")
if all(aggs_for_index): if all(aggs_for_index):
print("all aggs for index true")
# All aggs have matched # All aggs have matched
await self.rule_matched( await self.rule_matched(
index, results[: self.object.amount], meta, mode="schedule" index, results[: self.object.amount], meta, mode="schedule"