Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add new alerter for a more flexible HTTP Post #530

Merged

Conversation

lepouletsuisse
Copy link
Contributor

@lepouletsuisse lepouletsuisse commented Nov 1, 2021

Description

Add a new alerter HTTP Post 2 which is a more flexible version of the HTTP Post alerter.
This alerter remove the difference between http_post_payload and http_post_payload_static to privileged only one field http_post_payload which allow to use Jinja2 templating to inject fields in a HTTP Post body.
I kept the old behavior of http_post_payload in http_post_raw_fields in case you want to keep the type of a field (a number for example).
The Jinja templating works for the keys and also the values, providing total flexibility for the users to send HTTP request with any format using the fields of the matches.

This PR resolve (at least partially):

Checklist

  • I have reviewed the contributing guidelines.
  • I have included unit tests for my changes or additions.
  • I have successfully run make test-docker with my changes.
  • I have manually tested all relevant modes of the change in this PR.
  • I have updated the documentation.
  • I have updated the changelog.

Questions or Comments

  • I created a new alerter so it doesn't break the old alerter HTTP Post and doesn't require a major version change.

@lepouletsuisse lepouletsuisse changed the title Make http post alerter more flexible Add new alerter for a more flexible HTTP Post Nov 1, 2021
@nsano-rururu
Copy link
Collaborator

I don't seem to fix loaders.py

@nsano-rururu
Copy link
Collaborator

How to write changelog is different from other people. Please correct.

@nsano-rururu
Copy link
Collaborator

Does this really work?

@nsano-rururu
Copy link
Collaborator

It looks like HTTPPost2Alerter isn't called from anywhere. If you specify alert: post, it will be called HTTP Post Alerter as it is.

@nsano-rururu
Copy link
Collaborator

If you want to keep the HTTPPostAlerter, you may use the old one and the new one at the same time. If so, shouldn't the setting name be http_post2_ setting name at the beginning so that it doesn't collide?

@lepouletsuisse
Copy link
Contributor Author

I don't seem to fix loaders.py

As I said, it partially fixed the issue. My purpose is not to fix the loader, only to create a more flexible HTTP alerter.

It looks like HTTPPost2Alerter isn't called from anywhere. If you specify alert: post, it will be called HTTP Post Alerter as it is.

Yeah, my bad. I'm not really familiar with this code, so I forgot to add the post2 to the loaders.py. It's fixed now.

If you want to keep the HTTPPostAlerter, you may use the old one and the new one at the same time. If so, shouldn't the setting name be http_post2_ setting name at the beginning so that it doesn't collide?

Yes totally, thanks for pointing it out! I'm fixing this in a new commit

@lepouletsuisse lepouletsuisse force-pushed the make_http_post_alerter_more_flexible branch from ffeb1af to 59d71c6 Compare November 1, 2021 15:34
@nsano-rururu
Copy link
Collaborator

I think you should add the validation check setting to schema.yaml. There is a description of HTTP POST settings in 440 to 445. When you run the rule, jsonschema can check the settings in schema.yaml and check the data type if there is a key, and if they are different, you can raise an exception to prevent the rule from running.
https://github.com/jertel/elastalert2/blob/master/elastalert/schema.yaml#L440

@nsano-rururu
Copy link
Collaborator

@jertel

Is there anything else you care about?

CHANGELOG.md Outdated Show resolved Hide resolved
elastalert/alerters/httppost2.py Outdated Show resolved Hide resolved
@jertel jertel merged commit 93ee6ff into jertel:master Nov 2, 2021
@lepouletsuisse lepouletsuisse deleted the make_http_post_alerter_more_flexible branch November 2, 2021 13:06
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 20, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants