fix: fingerprint and conventions

Signed-off-by: 35C4n0r <[email protected]>
35C4n0r · Oct 27, 2024 · 130b865 · 130b865
1 parent 848decb
commit 130b865
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 73 deletions.
diff --git a/docs/providers/documentation/graylog-provider.mdx b/docs/providers/documentation/graylog-provider.mdx
@@ -17,7 +17,7 @@ The **Graylog Provider** facilitates receiving alerts from Graylog by setting up
 ## Scopes
 
 - **authenticated**: Mandatory for all operations, ensures the user is authenticated.
-- **authorized**: Mandatory for querying incidents and managing resources, ensures the user has admin privileges.
+- **authorized**: Mandatory for querying incidents and managing resources, ensures the user has `Admin` privileges.
 
 ## Connecting with the Provider
 

diff --git a/keep/providers/graylog_provider/alerts_mock.py b/keep/providers/graylog_provider/alerts_mock.py
@@ -1,60 +1,3 @@
-# ALERTS = {
-#     "event_definition_id": "671a28a03696bb3801a7a9f1",
-#     "event_definition_type": "aggregation-v1",
-#     "event_definition_title": [
-#         "EventDefinition - 1",
-#         "EventDefinition - 2",
-#         "EventDefinition - 3",
-#     ],
-#     "event_definition_description": [
-#         "Description - add",
-#         "Description - commit",
-#         "Description - push",
-#     ],
-#     "job_definition_id": "671a97cc3696bb3801a846a6",
-#     "job_trigger_id": "671b2a533696bb3801a889b4",
-#     "event": {
-#         "id": [
-#             "01JB11TNPRN9F643SPPEKJTX1A",
-#             "01JAZZJAKSNYB7J616GXCPJST2",
-#             "01JAZZJAKS82TDZAE82E0WAENT",
-#         ],
-#         "event_definition_type": "aggregation-v1",
-#         "event_definition_id": "671a28a03696bb3801a7a9f1",
-#         "origin_context": "urn:graylog:message:es:graylog_0:abdb8110-9290-11ef-9a79-0242ac170004",
-#         "timestamp": [
-#             "2024-10-25T05:19:12.717Z",
-#             "2024-9-25T05:19:12.717Z",
-#             "2024-8-25T05:19:12.717Z",
-#         ],
-#         "timestamp_processing": "2024-10-25T05:19:15.672Z",
-#         "timerange_start": None,
-#         "timerange_end": None,
-#         "streams": [],
-#         "source_streams": ["000000000000000000000001"],
-#         "message": "Event - 1",
-#         "source": "server",
-#         "key_tuple": [],
-#         "key": "",
-#         "priority": 3,
-#         "scores": {},
-#         "alert": True,
-#         "fields": {},
-#         "group_by_fields": {},
-#         "replay_info": {
-#             "timerange_start": "2024-10-24T05:19:14.706Z",
-#             "timerange_end": "2024-10-25T05:19:14.706Z",
-#             "query": [
-#                 "source:172.23.0.1",
-#             ],
-#             "streams": ["000000000000000000000001"],
-#             "filters": [],
-#         },
-#     },
-#     "backlog": [],
-# }
-
-
 ALERTS = {
     "event_definition_id": "671a28a03696bb3801a7a9f1",
     "event_definition_type": "aggregation-v1",

diff --git a/keep/providers/graylog_provider/graylog_provider.py b/keep/providers/graylog_provider/graylog_provider.py
@@ -29,22 +29,22 @@ class GraylogProviderAuthConfig:
     Graylog authentication configuration.
     """
 
-    graylogUserName: str = dataclasses.field(
+    graylog_user_name: str = dataclasses.field(
         metadata={
             "required": True,
             "description": "Username",
             "hint": "Your Username associated with the Access Token",
         },
     )
-    graylogAccessToken: str = dataclasses.field(
+    graylog_access_token: str = dataclasses.field(
         metadata={
             "required": True,
             "description": "Graylog Access Token",
             "hint": "Graylog Access Token ",
             "sensitive": True,
         },
     )
-    deploymentUrl: str = dataclasses.field(
+    deployment_url: str = dataclasses.field(
         metadata={
             "required": True,
             "description": "Deployment Url",
@@ -103,32 +103,32 @@ def graylog_host(self):
             return self._host
 
         # Handle host determination logic with logging
-        if self.authentication_config.deploymentUrl.startswith(
+        if self.authentication_config.deployment_url.startswith(
             "http://"
-        ) or self.authentication_config.deploymentUrl.startswith("https://"):
+        ) or self.authentication_config.deployment_url.startswith("https://"):
             self.logger.info("Using supplied Graylog host with protocol")
-            self._host = self.authentication_config.deploymentUrl
+            self._host = self.authentication_config.deployment_url
             return self._host
 
         # Otherwise, attempt to use https
         try:
             self.logger.debug(
-                f"Trying HTTPS for {self.authentication_config.deploymentUrl}"
+                f"Trying HTTPS for {self.authentication_config.deployment_url}"
             )
             requests.get(
-                f"https://{self.authentication_config.deploymentUrl}",
+                f"https://{self.authentication_config.deployment_url}",
                 verify=False,
             )
             self.logger.info("HTTPS protocol confirmed")
-            self._host = f"https://{self.authentication_config.deploymentUrl}"
+            self._host = f"https://{self.authentication_config.deployment_url}"
         except requests.exceptions.SSLError:
             self.logger.warning("SSL error encountered, falling back to HTTP")
-            self._host = f"http://{self.authentication_config.deploymentUrl}"
+            self._host = f"http://{self.authentication_config.deployment_url}"
         except Exception as e:
             self.logger.error(
                 "Failed to determine Graylog host", extra={"exception": str(e)}
             )
-            self._host = self.authentication_config.deploymentUrl.rstrip("/")
+            self._host = self.authentication_config.deployment_url.rstrip("/")
 
         return self._host
 
@@ -141,7 +141,7 @@ def _headers(self):
 
     @property
     def _auth(self):
-        return self.authentication_config.graylogAccessToken, "token"
+        return self.authentication_config.graylog_access_token, "token"
 
     def __get_url(self, paths: List[str] = [], query_params: dict = None, **kwargs):
         """
@@ -168,7 +168,7 @@ def validate_scopes(self) -> dict[str, bool | str]:
         try:
             user_response = requests.get(
                 url=self.__get_url(
-                    paths=["users", self.authentication_config.graylogUserName]
+                    paths=["users", self.authentication_config.graylog_user_name]
                 ),
                 headers=self._headers,
                 auth=self._auth,
@@ -481,15 +481,15 @@ def __map_event_to_alert(event: dict) -> AlertDto:
                 int(event["event"]["priority"]) - 1
             ],
             description=event.get("event_definition_description", None),
-            fingerprint=event["event"]["id"],
+            fingerprint=event["event"]["event_definition_id"],
             status=AlertStatus.FIRING,
             lastReceived=datetime.fromisoformat(
                 event["event"]["timestamp"].replace("z", "")
             )
             .replace(tzinfo=timezone.utc)
             .isoformat(),
             message=event["event"]["message"],
-            source=["Graylog"],
+            source=["graylog"],
         )
 
     @staticmethod
@@ -531,6 +531,13 @@ def simulate_alert(cls) -> dict:
         # Generate a random ID of specified length
         random_id = "".join(random.choice(chars) for _ in range(25))
         simulated_alert["id"] = random_id
+
+        simulated_alert["event_definition_id"] = alert_data["event_definition_id"] = (
+            "".join(
+                random.choice(string.ascii_lowercase + string.digits) for _ in range(24)
+            )
+        )
+
         # Set the current timestamp
         simulated_alert["timestamp"] = datetime.now().isoformat()