Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Adds Alert Publisher framework (#900) * Squashed commit of AlertPublishers (Provisional) i aefoiajwoef initial draft to publisher crap awefla aewlfkjhawiehgsv Add some alerts aweklrgjhsakf fadsuhiawef Adds some basic publisher framework pylint Compoiste publisher Assemble_alert_publisher_for_output more code fix tests Replace with publishers WORKING COMMIT This commit is proven to work on Stage. TODOs: - publishers are hard to code, and the class system seems redundant? - merging needs to be tested - required outputs will get published if blanket publication is enabled Fixes a bug where publishers are assigned to required outputs Tidies up docblocks Flesh out publisher documentation * Extends SlackOutput to support custom messages and attachments * Refactor publishers into new directory Functional commit * Continues to fumble with classes and namespaces and stuff * cyclial python module dependency * Missing mock_s3 * workign commit fumbling with more namespaces and directories * pylint * Publishers working? * w * Fixups * Fix comment * fix * Consolidate some functions, rename some Classes to be more compact * more touchiups * i * Update documentation * Refactor to move DefaultPublisher into the core * Add test coverage * Address unused-argument * Remove some extraneous import module things * Move core.py publisher code into shared * fix comment * Catch, log, and reraise keyerror in composite publisher * Fix buggy docuemntationt * Fix docvumentation * @rule -> @rule * fix documentation string * Reverses the order specific and unspecific output publishers are executed to be more intuitive * Move import_folders to new module * Remove deepcopy, delegating it to CompositePublisher * Clean up docblocks * Remove extraneous return * Write a test for chained inheritance * Move test files * Move incorrectly placed comment * Raise exception when failing to register publisher * Raise exception on invalid arg output * Touch up tests * Gets rid of ugly python \ * Fix some bad list code plus DRY out DefaultPublisher * Renames publish_alert to compose_alert to be less imperative * enforce ssl access only on all S3 buckets (#905) * enforcing ssl only access on all streamalert s3 buckets * updating unit tests for s3 bucket resource creation * fixing duplicate policy bug with cloudtrail bucket (#907) * [Alert Publishers] Add some community Slack Publishers (#904) * Adds some base Slack publishers for the community Remove stuff Fix up fix merge Touchups Remove deepcopy from slack publishers Fix bug and missing test inclusion due to missing init file fix licenses Capitalize fields and remove redundant fix tests Fix a... test? * Convert map() to array syntax. Fix timezone problem * [Alert Publishers] Standardizes magic fields with @-sign prefix (#917) * Prefixes all magic publisher fields with @ * Fix documentation * [Fixup] Alert Publisher PR Feedback (#918) * PR Fixups * I did not end up figuring out how to uncouple this cyclic dependency. optimzied instead * ? * wtf why is consider-using-ternary a mandatory pylint condition? * [Alert Publishers] Rebuilds PagerDuty integration + Adds some community pagerduty publishers (#911) * WIP: PagerDuty publishers fixup wip but maybe working commit of refactoring all this pagerduty crap Fixing unit tests unit tests Draft ya wrfg fixed wip Fix ssl verification Working commit; need add more test coverage Fix documentation Add publishers Test for enumerate_fields + fix bug Add publisher that strips out "streamalert:normalization" from the publication Ef * Upgrades integration paths * successfully deployed and tested v1 on staging * Finishes draft * fixup * Yeah... yeah.. * Expand docblocks * WIP * Fixups documents * Fix bug in pd publisher * fix * Fix bug and some documentation * remove * Fix some bugs * Fix some error messages * Fixes a bug causing alerts not to merge correctly * Fix tests * alphabetize enumerate_fields * Add new remove_fields publisher * Add more test for work * y * Pr feedback and add test * Fix some bugs introduced due to "default behavior" in pagerduty integration (#920) * Fix a bug regarding defaults in the pagerduty integration refactor * PR fixup * fix silly bug (#921) * Adds a new publisher, improves to description parser (#922) * Adds a publisher to bubble deep dict fields to top of publication * Improves the rule parser to accommodate for some weird cases * pylint * Fix comment * bubble_fields -> populate_fields * More PR feedback * Adds new publisher for converting array to string. * naisu * Moves some directories to be more consistent * pr feedback * [Publishers] Adds publisher error detection to rule_test.sh (#923) * tmp wip commit * First attempt at adding publishers to rule_tst * Improved format * fixps * Consolidates test logic a little * Improves format * PR Fixup: compose_alert now requires output * PR feedback * Improvements to Slack Publishers (#924) * Adds new publisher to slack * Improves description parser * Add tests * [Publishers] Adds support for images on Pagerduty v2 (#925) * Support images on pagerduty v2 API * Tests, and adds a new pagerduty publisher to attach an image * bumping version to 2.2.0
- Loading branch information