Implement getting alerts in overview
This commit is contained in:
@@ -1,5 +1,8 @@
|
||||
import urllib.parse
|
||||
|
||||
from django.conf import settings
|
||||
|
||||
from core.lib.opensearch import client, run_main_query
|
||||
from core.lib.threshold import threshold_request
|
||||
|
||||
|
||||
@@ -139,3 +142,56 @@ def del_network(net):
|
||||
payload = {}
|
||||
deleted = threshold_request(url, payload, method="DELETE")
|
||||
return deleted
|
||||
|
||||
|
||||
def construct_alert_query():
|
||||
# Get the initial query
|
||||
query = {
|
||||
"size": 25,
|
||||
"query": {
|
||||
"bool": {
|
||||
"must": [
|
||||
{"match": {"src": "irc"}},
|
||||
]
|
||||
}
|
||||
},
|
||||
"sort": [
|
||||
{
|
||||
"ts": {
|
||||
"order": "desc",
|
||||
}
|
||||
}
|
||||
],
|
||||
}
|
||||
return query
|
||||
|
||||
|
||||
def get_irc_alerts(user):
|
||||
query = construct_alert_query()
|
||||
print("QUERY1", query)
|
||||
results = run_main_query(
|
||||
client,
|
||||
user, # passed through run_main_query to filter_blacklisted
|
||||
query,
|
||||
custom_query=True,
|
||||
index=settings.OPENSEARCH_INDEX_INT,
|
||||
)
|
||||
print("ALERTS", results)
|
||||
if not results:
|
||||
return []
|
||||
results_parsed = []
|
||||
if "hits" in results.keys():
|
||||
if "hits" in results["hits"]:
|
||||
for item in results["hits"]["hits"]:
|
||||
element = item["_source"]
|
||||
element["id"] = item["_id"]
|
||||
|
||||
# Split the timestamp into date and time
|
||||
ts = element["ts"]
|
||||
ts_spl = ts.split("T")
|
||||
date = ts_spl[0]
|
||||
time = ts_spl[1]
|
||||
element["date"] = date
|
||||
element["time"] = time
|
||||
results_parsed.append(element)
|
||||
return results_parsed
|
||||
|
||||
Reference in New Issue
Block a user