@Override public Object serialize(AlertStreamEvent event) { return event.toString(); }
@Override public void nextEvent(PublishPartition partition, AlertStreamEvent event) { if (LOG.isDebugEnabled()) { LOG.debug(event.toString()); } notifyAlert(partition, event); }
@Override public void emit(Object o) { AlertStreamEvent e = (AlertStreamEvent) o; Object[] data = e.getData(); Assert.assertEquals("host2", data[1]); LOG.info(e.toString()); } }
@Override public void emit(Object o) { AlertStreamEvent e = (AlertStreamEvent) o; Object[] data = e.getData(); Assert.assertEquals("host2", data[1]); LOG.info(e.toString()); } }
return outputEvents; } else if (LOG.isInfoEnabled()) { LOG.info("Alert event is skipped because it's duplicated: {}", event.toString());
public AlertEntity convertAlertEvent(AlertStreamEvent event) { Preconditions.checkNotNull(event.getAlertId(), "alertId is not initialized before being published: " + event.toString()); AlertEntity alertEvent = new AlertEntity(); Map<String, String> tags = new HashMap<>(); tags.put(POLICY_ID_KEY, event.getPolicyId()); tags.put(ALERT_ID_KEY, event.getAlertId()); tags.put(ALERT_CATEGORY, event.getCategory()); tags.put(ALERT_SEVERITY, event.getSeverity().toString()); String host = event.getDataMap().getOrDefault("host", "null").toString(); String hostname = event.getDataMap().getOrDefault("hostname", "null").toString(); if (host != "null") { tags.put(ALERT_HOST, host); } else { tags.put(ALERT_HOST, hostname); } if (event.getContext() != null && !event.getContext().isEmpty()) { tags.put(SITE_ID_KEY, event.getContext().get(SITE_ID_KEY).toString()); alertEvent.setPolicyValue(event.getContext().get(POLICY_VALUE_KEY).toString()); alertEvent.setAppIds((List<String>) event.getContext().get(APP_IDS_KEY)); } alertEvent.setTimestamp(event.getCreatedTime()); alertEvent.setAlertData(event.getDataMap()); alertEvent.setAlertSubject(event.getSubject()); alertEvent.setAlertBody(event.getBody()); alertEvent.setTags(tags); return alertEvent; }
public static AlertPublishEvent createAlertPublishEvent(AlertStreamEvent event) { Preconditions.checkNotNull(event.getAlertId(), "alertId is not initialized before being published: " + event.toString()); AlertPublishEvent alertEvent = new AlertPublishEvent(); alertEvent.setAlertId(event.getAlertId()); alertEvent.setPolicyId(event.getPolicyId()); alertEvent.setAlertTimestamp(event.getCreatedTime()); alertEvent.setStreamId(event.getStreamId()); alertEvent.setCreatedBy(event.getCreatedBy()); alertEvent.setCreatedTime(event.getCreatedTime()); alertEvent.setAlertSubject(event.getSubject()); alertEvent.setAlertBody(event.getBody()); if (event.getContext() != null && !event.getContext().isEmpty()) { if (event.getContext().containsKey(SITE_ID_KEY)) { alertEvent.setSiteId(event.getContext().get(SITE_ID_KEY).toString()); } if (event.getContext().containsKey(POLICY_VALUE_KEY)) { alertEvent.setPolicyValue(event.getContext().get(POLICY_VALUE_KEY).toString()); } if (event.getContext().containsKey(APP_IDS_KEY)) { alertEvent.setAppIds((List<String>) event.getContext().get(APP_IDS_KEY)); } } alertEvent.setAlertData(event.getDataMap()); return alertEvent; }