From 5f5bb6fc987c5b6a3d82a502c78e97e59584a567 Mon Sep 17 00:00:00 2001 From: talboren Date: Mon, 18 Mar 2024 18:09:54 +0200 Subject: [PATCH] feat(provider): keep provider get distinct alerts with filter (#979) --- keep/api/core/db.py | 2 ++ keep/providers/keep_provider/keep_provider.py | 7 ++++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/keep/api/core/db.py b/keep/api/core/db.py index b1ba90fc0..ad70afbea 100644 --- a/keep/api/core/db.py +++ b/keep/api/core/db.py @@ -777,6 +777,8 @@ def get_alerts_with_filters(tenant_id, provider_id=None, filters=None) -> list[A if provider_id: query = query.filter(Alert.provider_id == provider_id) + query = query.order_by(Alert.timestamp.desc()) + # Execute the query alerts = query.all() diff --git a/keep/providers/keep_provider/keep_provider.py b/keep/providers/keep_provider/keep_provider.py index b9f6ee384..e13fbf6cd 100644 --- a/keep/providers/keep_provider/keep_provider.py +++ b/keep/providers/keep_provider/keep_provider.py @@ -1,6 +1,7 @@ """ Keep Provider is a class that allows to ingest/digest data from Keep. """ + import logging from typing import Optional @@ -27,7 +28,7 @@ def dispose(self): """ pass - def _query(self, filters, **kwargs): + def _query(self, filters, distinct=True, **kwargs): """ Query Keep for alerts. """ @@ -35,13 +36,17 @@ def _query(self, filters, **kwargs): self.context_manager.tenant_id, filters=filters ) + fingerprints = {} alerts = [] if db_alerts: for alert in db_alerts: + if fingerprints.get(alert.fingerprint) and distinct is True: + continue alert_event = alert.event if alert.alert_enrichment: alert_event["enrichments"] = alert.alert_enrichment.enrichments alerts.append(alert_event) + fingerprints[alert.fingerprint] = True return alerts def validate_config(self):