Skip to content

Commit

Permalink
Adjusting elastalert/ruletypes.py so that the functions 'append' and …
Browse files Browse the repository at this point in the history 
…'append_middle' take into account the scenario whereby an event is None
  • Loading branch information
@gminog-opap @synhershko
gminog-opap authored and synhershko committed Jun 2, 2021
1 parent 7a072d7 commit 8c61369
Showing 1 changed file with 8 additions and 4 deletions.
12 changes: 8 additions & 4 deletions elastalert/ruletypes.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -318,12 +318,14 @@ def append(self, event):
This will also pop the oldest events and call onRemoved on them until the
window size is less than timeframe. """
self.data.add(event)
self.running_count += event[1]
if event and event[1]:
self.running_count += event[1]

while self.duration() >= self.timeframe:
oldest = self.data[0]
self.data.remove(oldest)
self.running_count -= oldest[1]
if oldest and oldest[1]:
self.running_count -= oldest[1]
self.onRemoved and self.onRemoved(oldest)

def duration(self):
Expand Down Expand Up @@ -363,7 +365,8 @@ def append_middle(self, event):
# Append left if ts is earlier than first event
if self.get_ts(self.data[0]) > ts:
self.data.appendleft(event)
self.running_count += event[1]
if event and event[1]:
self.running_count += event[1]
return

# Rotate window until we can insert event
Expand All @@ -374,7 +377,8 @@ def append_middle(self, event):
# This should never happen
return
self.data.append(event)
self.running_count += event[1]
if event and event[1]:
self.running_count += event[1]
self.data.rotate(-rotation)


Expand Down

0 comments on commit 8c61369

Please sign in to comment.