Skip to content

Commit

Permalink
Merge pull request #1331 from malinkinsa/discussion-1317
Browse files Browse the repository at this point in the history
Update IRIS and GELF alerter and tests
  • Loading branch information
jertel authored Dec 3, 2023
2 parents adf1570 + 85907fc commit 38ac8e0
Show file tree
Hide file tree
Showing 7 changed files with 12 additions and 11 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
- [Docs] Extend FAQ / troubleshooting section with information on Elasticsearch RBAC - [#1324](https://github.com/jertel/elastalert2/pull/1324) - @chr-b
- Upgrade to Python 3.12 - [#1327](https://github.com/jertel/elastalert2/pull/1327) - @jertel
- Support hourly index patterns - [#1328](https://github.com/jertel/elastalert2/pull/1328) - @jmacdone
- Correction in IRIS and GELF alerter [#1331](https://github.com/jertel/elastalert2/pull/1331) - @malinkinsa

# 2.15.0

Expand Down
6 changes: 3 additions & 3 deletions docs/source/ruletypes.rst
Original file line number Diff line number Diff line change
Expand Up @@ -2576,9 +2576,9 @@ Optional:

``gelf_http_headers``: Additional headers. (Only used if gelf_type=http)

``gelf_ca_cert``: Path to custom CA certificate.
``gelf_ca_cert``: Set this option to True or a path to a CA cert bundle or directory (eg: /etc/ssl/certs/ca-certificates.crt) to validate the SSL certificate.The default value is: False.

``gelf_http_ignore_ssl_errors``: Ignore ssl error. (Only used if gelf_type=http)
``gelf_http_ignore_ssl_errors``: Ignore ssl error. (Only used if gelf_type=http).The default value is: False.

``gelf_timeout``: Custom timeout.

Expand Down Expand Up @@ -2727,7 +2727,7 @@ The alerter requires the following option:

Optional:

``iris_ca_cert``: Path to custom CA certificate.
``iris_ca_cert``: Set this option to True or a path to a CA cert bundle or directory (eg: /etc/ssl/certs/ca-certificates.crt) to validate the SSL certificate.The default value is: False.

``iris_ignore_ssl_errors``: Ignore ssl error. The default value is: ``False``.

Expand Down
4 changes: 2 additions & 2 deletions elastalert/alerters/gelf.py
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ def __init__(self, rule):
self.gelf_version = self.rule.get('gelf_version', '1.1')
self.gelf_log_level = self.rule.get('gelf_log_level', 5)
self.additional_headers = self.rule.get('gelf_http_headers')
self.ca_cert = self.rule.get('gelf_ca_cert', False)
self.ca_cert = self.rule.get('gelf_ca_cert')
self.http_ignore_ssl_errors = self.rule.get('gelf_http_ignore_ssl_errors', False)
self.timeout = self.rule.get('gelf_timeout', 30)

Expand All @@ -43,7 +43,7 @@ def send_http(self, gelf_msg):
if self.ca_cert:
verify = self.ca_cert
else:
verify = False
verify = not self.http_ignore_ssl_errors

if self.http_ignore_ssl_errors:
requests.packages.urllib3.disable_warnings()
Expand Down
4 changes: 2 additions & 2 deletions elastalert/alerters/iris.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ def __init__(self, rule):
self.url = f"https://{self.rule.get('iris_host')}"
self.api_token = self.rule.get('iris_api_token')
self.customer_id = self.rule.get('iris_customer_id')
self.ca_cert = self.rule.get('iris_ca_cert', False)
self.ca_cert = self.rule.get('iris_ca_cert')
self.ignore_ssl_errors = self.rule.get('iris_ignore_ssl_errors', False)
self.description = self.rule.get('iris_description', None)
self.overwrite_timestamp = self.rule.get('iris_overwrite_timestamp', False)
Expand Down Expand Up @@ -113,7 +113,7 @@ def alert(self, matches):
if self.ca_cert:
verify = self.ca_cert
else:
verify = False
verify = not self.ignore_ssl_errors

if self.ignore_ssl_errors:
requests.packages.urllib3.disable_warnings()
Expand Down
4 changes: 2 additions & 2 deletions elastalert/schema.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -511,7 +511,7 @@ properties:
required: [ field ]
properties:
field: { type: string, minLength: 1 }
gelf_ca_cert: {type: string}
gelf_ca_cert: {type: [boolean, string]}
gelf_http_ignore_ssl_errors: {type: boolean}
gelf_timeout: {type: integer}

Expand Down Expand Up @@ -544,7 +544,7 @@ properties:
iris_type: {type: string, enum: ['alert', 'case']}
iris_customer_id: {type: integer}
iris_ignore_ssl_errors: {type: boolean}
iris_ca_cert: {type: string}
iris_ca_cert: {type: [boolean, string]}
iris_overwrite_timestamp: {type: boolean}
iris_case_template_id: {type: integer}
iris_description: {type: string}
Expand Down
2 changes: 1 addition & 1 deletion tests/alerters/gelf_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ def test_gelf_sent_http(caplog):
url=rule['gelf_endpoint'],
headers={'Content-Type': 'application/json'},
json=mock.ANY,
verify=False,
verify=True,
timeout=30,
)

Expand Down
2 changes: 1 addition & 1 deletion tests/alerters/iris_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -406,7 +406,7 @@ def test_iris_alert_alert(caplog):
'Authorization': f'Bearer {rule["iris_api_token"]}'
},
json=mock.ANY,
verify=False,
verify=True,
)

assert expected_data == mock_post_request.call_args_list[0][1]['json']
Expand Down

0 comments on commit 38ac8e0

Please sign in to comment.