Skip to content

Commit

Permalink
feat(provider): keep provider get distinct alerts with filter (#979)
Browse files Browse the repository at this point in the history
  • Loading branch information
@talboren
talboren authored Mar 18, 2024
1 parent 75cb502 commit 5f5bb6f
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 1 deletion.
2 changes: 2 additions & 0 deletions keep/api/core/db.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -777,6 +777,8 @@ def get_alerts_with_filters(tenant_id, provider_id=None, filters=None) -> list[A
if provider_id:
query = query.filter(Alert.provider_id == provider_id)

query = query.order_by(Alert.timestamp.desc())

# Execute the query
alerts = query.all()

Expand Down
7 changes: 6 additions & 1 deletion keep/providers/keep_provider/keep_provider.py
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
"""
Keep Provider is a class that allows to ingest/digest data from Keep.
"""

import logging
from typing import Optional

Expand All @@ -27,21 +28,25 @@ def dispose(self):
"""
pass

def _query(self, filters, **kwargs):
def _query(self, filters, distinct=True, **kwargs):
"""
Query Keep for alerts.
"""
db_alerts = get_alerts_with_filters(
self.context_manager.tenant_id, filters=filters
)

fingerprints = {}
alerts = []
if db_alerts:
for alert in db_alerts:
if fingerprints.get(alert.fingerprint) and distinct is True:
continue
alert_event = alert.event
if alert.alert_enrichment:
alert_event["enrichments"] = alert.alert_enrichment.enrichments
alerts.append(alert_event)
fingerprints[alert.fingerprint] = True
return alerts

def validate_config(self):
Expand Down

0 comments on commit 5f5bb6f

Please sign in to comment.