|
2 | 2 | Coralogix is a modern observability platform delivers comprehensive visibility into all your logs, metrics, traces and security events with end-to-end monitoring. |
3 | 3 | """ |
4 | 4 |
|
| 5 | +import json |
| 6 | + |
5 | 7 | from keep.api.models.alert import AlertDto, AlertSeverity, AlertStatus |
6 | 8 | from keep.contextmanager.contextmanager import ContextManager |
7 | 9 | from keep.providers.base.base_provider import BaseProvider |
@@ -59,67 +61,43 @@ def validate_config(self): |
59 | 61 | # no config |
60 | 62 | pass |
61 | 63 |
|
62 | | - def get_value_by_key(fields: dict, key: str): |
63 | | - for item in fields: |
64 | | - if item["key"] == key: |
65 | | - return item["value"] |
66 | | - return None |
67 | | - |
68 | 64 | @staticmethod |
69 | 65 | def _format_alert( |
70 | 66 | event: dict, provider_instance: "BaseProvider" = None |
71 | 67 | ) -> AlertDto: |
| 68 | + fields_list = event["fields"] if "fields" in event else [] |
| 69 | + fields = {item["key"]: item["value"] for item in fields_list} |
| 70 | + |
| 71 | + labels = fields.get("text", fields.get("labels")) |
| 72 | + if isinstance(labels, str): |
| 73 | + try: |
| 74 | + labels = json.loads(labels) |
| 75 | + except Exception: |
| 76 | + # Do nothing, keep labels as str |
| 77 | + pass |
| 78 | + |
72 | 79 | alert = AlertDto( |
73 | | - id=( |
74 | | - CoralogixProvider.get_value_by_key( |
75 | | - event["fields"], "alertUniqueIdentifier" |
76 | | - ) |
77 | | - if "fields" in event |
78 | | - else None |
79 | | - ), |
| 80 | + id=fields.get("alertUniqueIdentifier"), |
80 | 81 | alert_id=event["alert_id"] if "alert_id" in event else None, |
81 | 82 | name=event["name"] if "name" in event else None, |
82 | 83 | description=event["description"] if "description" in event else None, |
83 | 84 | status=CoralogixProvider.STATUS_MAP.get(event["alert_action"]), |
84 | 85 | severity=CoralogixProvider.SEVERITIES_MAP.get( |
85 | | - CoralogixProvider.get_value_by_key(event["fields"], "severityLowercase") |
86 | | - ), |
87 | | - lastReceived=( |
88 | | - CoralogixProvider.get_value_by_key(event["fields"], "timestampISO") |
89 | | - if "fields" in event |
90 | | - else None |
91 | | - ), |
92 | | - alertUniqueIdentifier=( |
93 | | - CoralogixProvider.get_value_by_key( |
94 | | - event["fields"], "alertUniqueIdentifier" |
95 | | - ) |
96 | | - if "fields" in event |
97 | | - else None |
| 86 | + fields.get("severityLowercase", "info") |
98 | 87 | ), |
| 88 | + lastReceived=fields.get("timestampISO"), |
| 89 | + alertUniqueIdentifier=fields.get("alertUniqueIdentifier"), |
99 | 90 | uuid=event["uuid"] if "uuid" in event else None, |
100 | 91 | threshold=event["threshold"] if "threshold" in event else None, |
101 | 92 | timewindow=event["timewindow"] if "timewindow" in event else None, |
102 | | - group_by_labels=( |
103 | | - event["group_by_labels"] if "group_by_labels" in event else None |
104 | | - ), |
| 93 | + group_by_labels=fields.get("group_by_labels"), |
105 | 94 | alert_url=event["alert_url"] if "alert_url" in event else None, |
106 | 95 | log_url=event["log_url"] if "log_url" in event else None, |
107 | | - team=( |
108 | | - CoralogixProvider.get_value_by_key(event["fields"], "team") |
109 | | - if "fields" in event |
110 | | - else None |
111 | | - ), |
112 | | - priority=( |
113 | | - CoralogixProvider.get_value_by_key(event["fields"], "priority") |
114 | | - if "fields" in event |
115 | | - else None |
116 | | - ), |
117 | | - computer=( |
118 | | - CoralogixProvider.get_value_by_key(event["fields"], "computer") |
119 | | - if "fields" in event |
120 | | - else None |
121 | | - ), |
122 | | - fields=event["fields"] if "fields" in event else None, |
| 96 | + team=fields.get("team"), |
| 97 | + priority=fields.get("priority"), |
| 98 | + computer=fields.get("computer"), |
| 99 | + fields=fields, |
| 100 | + labels=labels, |
123 | 101 | source=["coralogix"], |
124 | 102 | ) |
125 | 103 |
|
|
0 commit comments