Merge branch 'fix/1933-providers-display-names' of github.com:keephq/…

…keep into fix/1933-providers-display-names
keephq · Sep 16, 2024 · 2d03d93 · 2d03d93
2 parents 8b20fae + 9336627
commit 2d03d93
Show file tree

Hide file tree

Showing 10 changed files with 555 additions and 39 deletions.
diff --git a/README.md b/README.md
@@ -117,6 +117,8 @@ Workflow triggers can either be executed manually when an alert is activated or
     &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
     <img width=32 height=32 src="https://github.com/keephq/keep/blob/main/keep-ui/public/icons/prometheus-icon.png?raw=true"/>
     &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+    <img width=32 height=32 src="https://github.com/keephq/keep/blob/main/keep-ui/public/icons/sumologic-icon.png?raw=true"/>
+    &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
     <img width=32 height=32 src="https://github.com/keephq/keep/blob/main/keep-ui/public/icons/victoriametrics-icon.png?raw=true"/>
     &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
     <img width=32 height=32 src="https://github.com/keephq/keep/blob/main/keep-ui/public/icons/zabbix-icon.png?raw=true"/>

diff --git a/docs/mint.json b/docs/mint.json
@@ -167,6 +167,7 @@
             "providers/documentation/squadcast-provider",
             "providers/documentation/ssh-provider",
             "providers/documentation/statuscake-provider",
+            "providers/documentation/sumologic-provider",
             "providers/documentation/teams-provider",
             "providers/documentation/telegram-provider",
             "providers/documentation/template",

diff --git a/docs/providers/documentation/sumologic-provider.mdx b/docs/providers/documentation/sumologic-provider.mdx
@@ -0,0 +1,36 @@
+---
+title: "SumoLogic Provider"
+sidebarTitle: "SumoLogic Provider"
+description: "The SumoLogic provider enables webhook installations for receiving alerts in keep"
+---
+
+## Overview
+
+The SumoLogic provider facilitates receiving alerts from Monitors in SumoLogic using a Webhook Connection.
+
+## Authentication Parameters
+
+- `sumoLogicAccessId`: API key for authenticating with SumoLogic's API.
+- `sumoLogicAccessKey`: API key for authenticating with SumoLogic's API.
+- `deployment`: API key for authenticating with SumoLogic's API.
+
+## Scopes
+
+- `authenticated`: Mandatory for all operations, ensures the user is authenticated.
+- `authorized`: Mandatory for querying incidents, ensures the user has read access.
+
+## Connecting with the Provider
+
+1. Follow the instructions [here](https://help.sumologic.com/docs/manage/security/access-keys/) to get your Access Key & Access ID
+2. Make sure the user has roles with the following capabilities:
+    - `manageScheduledViews`
+    - `manageConnections`
+    - `manageUsersAndRoles`
+3. Find your `deployment` from [here](https://api.sumologic.com/docs/#section/Getting-Started/API-Endpoints), keep will automatically figure out your endpoint.
+
+## Useful Links
+
+- [SumoLogic API Documentation](https://api.sumologic.com/docs/#section/Getting-Started)
+- [SumoLogic Access_Keys](https://help.sumologic.com/docs/manage/security/access-keys/)
+- [SumoLogic Roles Management](https://help.sumologic.com/docs/manage/users-roles/roles/create-manage-roles/)
+- [SumoLogic Deployments](https://api.sumologic.com/docs/#section/Getting-Started/API-Endpoints)
diff --git a/docs/providers/overview.mdx b/docs/providers/overview.mdx
@@ -354,6 +354,12 @@ By leveraging Keep Providers, users are able to deeply integrate Keep with the t
   icon={ <img src="https://img.logo.dev/statuscake.com?token=pk_dfXfZBoKQMGDTIgqu7LvYg" /> }
 ></Card>
 
+<Card
+  title="SumoLogic"
+  href="/providers/documentation/sumologic-provider"
+  icon={ <img src="https://img.logo.dev/sumologic.com?token=pk_dfXfZBoKQMGDTIgqu7LvYg" /> }
+></Card>
+
 <Card
   title="Teams"
   href="/providers/documentation/teams-provider"

diff --git a/keep-ui/public/icons/sumologic-icon.png b/keep-ui/public/icons/sumologic-icon.png
diff --git a/keep/api/routes/preset.py b/keep/api/routes/preset.py
@@ -92,47 +92,59 @@ def pull_data_from_providers(
             provider_config=provider.details,
         )
 
-        logger.info(
-            f"Pulling alerts from provider {provider.type} ({provider.id})",
-            extra=extra,
-        )
-        sorted_provider_alerts_by_fingerprint = (
-            provider_class.get_alerts_by_fingerprint(tenant_id=tenant_id)
-        )
-
         try:
-            if isinstance(provider_class, BaseTopologyProvider):
-                logger.info("Getting topology data", extra=extra)
-                topology_data = provider_class.pull_topology()
-                logger.info("Got topology data, processing", extra=extra)
-                process_topology(tenant_id, topology_data, provider.id, provider.type)
-                logger.info("Processed topology data", extra=extra)
-        except NotImplementedError:
-            logger.warning(
-                f"Provider {provider.type} ({provider.id}) does not support topology data",
+            logger.info(
+                f"Pulling alerts from provider {provider.type} ({provider.id})",
                 extra=extra,
             )
-        except Exception as e:
-            logger.error(
-                f"Unknown error pulling topology from provider {provider.type} ({provider.id})",
-                extra={**extra, "error": str(e)},
+            sorted_provider_alerts_by_fingerprint = (
+                provider_class.get_alerts_by_fingerprint(tenant_id=tenant_id)
+            )
+            logger.info(
+                f"Pulling alerts from provider {provider.type} ({provider.id}) completed",
+                extra=extra,
             )
 
-        # Even if we failed at processing some event, lets save the last pull time to not iterate this process over and over again.
-        update_provider_last_pull_time(tenant_id=tenant_id, provider_id=provider.id)
-
-        for fingerprint, alert in sorted_provider_alerts_by_fingerprint.items():
-            process_event(
-                {},
-                tenant_id,
-                provider.type,
-                provider.id,
-                fingerprint,
-                None,
-                trace_id,
-                alert,
-                notify_client=False,
+            try:
+                if isinstance(provider_class, BaseTopologyProvider):
+                    logger.info("Getting topology data", extra=extra)
+                    topology_data = provider_class.pull_topology()
+                    logger.info("Got topology data, processing", extra=extra)
+                    process_topology(
+                        tenant_id, topology_data, provider.id, provider.type
+                    )
+                    logger.info("Processed topology data", extra=extra)
+            except NotImplementedError:
+                logger.warning(
+                    f"Provider {provider.type} ({provider.id}) does not support topology data",
+                    extra=extra,
+                )
+            except Exception as e:
+                logger.error(
+                    f"Unknown error pulling topology from provider {provider.type} ({provider.id})",
+                    extra={**extra, "error": str(e)},
+                )
+
+            for fingerprint, alert in sorted_provider_alerts_by_fingerprint.items():
+                process_event(
+                    {},
+                    tenant_id,
+                    provider.type,
+                    provider.id,
+                    fingerprint,
+                    None,
+                    trace_id,
+                    alert,
+                    notify_client=False,
+                )
+        except Exception:
+            logger.exception(
+                f"Unknown error pulling from provider {provider.type} ({provider.id})",
+                extra=extra,
             )
+        finally:
+            # Even if we failed at processing some event, lets save the last pull time to not iterate this process over and over again.
+            update_provider_last_pull_time(tenant_id=tenant_id, provider_id=provider.id)
 
 
 @router.get(

diff --git a/keep/providers/sumologic_provider/__init__.py b/keep/providers/sumologic_provider/__init__.py
diff --git a/keep/providers/sumologic_provider/connection_template.json b/keep/providers/sumologic_provider/connection_template.json
@@ -0,0 +1,20 @@
+{
+  "name": "{{Name}}",
+  "description": "{{Description}}",
+  "monitorType": "{{MonitorType}}",
+  "query": "{{Query}}",
+  "queryURL": "{{QueryURL}}",
+  "resultsJson": "{{ResultsJson}}",
+  "numQueryResults": "{{NumQueryResults}}",
+  "id": "{{Id}}",
+  "detectionMethod": "{{DetectionMethod}}",
+  "triggerType": "{{TriggerType}}",
+  "triggerTimeRange": "{{TriggerTimeRange}}",
+  "triggerTime": "{{TriggerTime}}",
+  "triggerCondition": "{{TriggerCondition}}",
+  "triggerValue": "{{TriggerValue}}",
+  "triggerTimeStart": "{{TriggerTimeStart}}",
+  "triggerTimeEnd": "{{TriggerTimeEnd}}",
+  "sourceURL": "{{SourceURL}}",
+  "alertResponseUrl": "{{AlertResponseUrl}}"
+}