====== AlertEngine ====== This subsystem is charged with the task of retrieving new alerts from the alert queue that event engine generates and sending them to users if they match their alert profile. NAV 3.5 should be getting a new version of this system which is a Python rewrite of the original Perl system. ===== Mathcing profiles ===== The alert profile system was originally designed with maximum flexibility in mind and is thus a fairly complex system. Each account in NAV can have one or more alert profiles which designate when daily and weekly queues should be emptied, only one of these can be active for any user. Each profile has a set of time periods which in turn have alert subscriptions. An alert subscription basically says if an alert matches a filtergroup send it to this address. Understanding how we check a filtergroup against an alert is where most of the complexity of the system comes into light. Each filtergroup has filtergroupcontents which designate how the set of filters the contents specify should be combined. The filtergroupcontents is where 'inclusion', 'exclusion', 'and' and 'add inverse' (simply a negated add) opperations are set up. To actually see if an alert matches we simply compile all the expressions in a filter into a Django-ORM lookup and do a 'SELECT COUNT(*) FROM ...' which will tell us if our filter matches. The mapping we generate is combined with standard ORM lookups except for a few special cases like IP's. The following mapping shows how the current (as of 2008-06-19) mapping is setup from database table+column to the ORM (MatchField.CHOICES contains the sameinformation): alertq.alertqid: id alertq.alerttypeid: alert_type_id alertq.deviceid: device_id alertq.eventtypeid: event_type_id alertq.netboxid: netbox_id alertq.severity: severity alertq.source: source_id alertq.state: state alertq.subid: subid alertq.time: time alertq.value: value alerttype.alerttype: alert_type__name alerttype.alerttypedesc: alert_type__description alerttype.alerttypeid: alert_type__id alerttype.eventtypeid: alert_type__event_type_id arp.arpid: netbox__arp__id arp.end_time: netbox__arp__end_time arp.ip: netbox__arp__ip arp.mac: netbox__arp__mac arp.netboxid: netbox__arp__netbox_id arp.prefixid: netbox__arp__prefix_id arp.start_time: netbox__arp__start_time arp.sysname: netbox__arp__sysname cam.camid: netbox__cam__id cam.end_time: netbox__cam__end_time cam.ifindex: netbox__cam__ifindex cam.mac: netbox__cam__mac cam.misscnt: netbox__cam__miss_count cam.module: netbox__cam__module cam.netboxid: netbox__cam__netbox_id cam.port: netbox__cam__port cam.start_time: netbox__cam__start_time cam.sysname: netbox__cam__sysname cat.catid: netbox__category__id cat.descr: netbox__category__description cat.req_snmp: netbox__category__req_snmp device.active: netbox__device__active device.auto: netbox__device__auto device.deviceid: netbox__device__id device.deviceorderid: netbox__device__device_order_id device.discovered: netbox__device__discovered device.fw_ver: netbox__device__firmware_version device.hw_ver: netbox__device__hardware_version device.productid: netbox__device__product_id device.serial: netbox__device__serial device.sw_ver: netbox__device__software_version eventtype.eventtypedesc: event_type__description eventtype.eventtypeid: event_type__id eventtype.stateful: event_type__stateful gwport.gwportid: netbox__connected_to_gwport__id gwport.ifindex: netbox__connected_to_gwport__ifindex gwport.interface: netbox__connected_to_gwport__interface gwport.link: netbox__connected_to_gwport__link gwport.masterindex: netbox__connected_to_gwport__master_index gwport.metric: netbox__connected_to_gwport__metric gwport.moduleid: netbox__connected_to_gwport__module_id gwport.portname: netbox__connected_to_gwport__port_name gwport.speed: netbox__connected_to_gwport__speed gwport.to_netboxid: netbox__connected_to_gwport__to_netbox_id gwport.to_swportid: netbox__connected_to_gwport__to_swport_id location.descr: netbox__room__location__description location.locationid: netbox__room__location__id mem.device: netbox__memory__device mem.memid: netbox__memory__id mem.memtype: netbox__memory__type mem.netboxid: netbox__memory__netbox_id mem.size: netbox__memory__size mem.used: netbox__memory__used netbox.catid: netbox__category_id netbox.deviceid: netbox__device_id netbox.discovered: netbox__discovered netboxinfo.key: netbox__info__key netboxinfo.netboxid: netbox__info__netbox_id netboxinfo.netboxinfoid: netbox__info__id netboxinfo.val: netbox__info__value netboxinfo.var: netbox__info__variable netbox.ip: netbox__ip netbox.netboxid: netbox__id netbox.orgid: netbox__organization_id netbox.prefixid: netbox__prefix_id netbox.ro: netbox__read_only netbox.roomid: netbox__room_id netbox.rw: netbox__read_write netbox.snmp_agent: netbox__snmp_agent netbox.snmp_version: netbox__snmp_version netbox.sysname: netbox__sysname netbox.typeid: netbox__type_id netbox.up: netbox__up netbox.upsince: netbox__up_since netbox.uptodate: netbox__up_to_date org.descr: netbox__organization__description org.opt1: netbox__organization__optional_1 org.opt2: netbox__organization__optional_2 org.opt3: netbox__organization__optional_3 org.orgid: netbox__organization__id org.parent: netbox__organization__parent_id prefix.netaddr: netbox__prefix__net_address prefix.prefixid: netbox__prefix__id prefix.vlanid: netbox__prefix__vlan_id product.descr: netbox__device__product__description product.productid: netbox__device__product__id product.productno: netbox__device__product__product_number product.vendorid: netbox__device__product__vendor_id room.descr: netbox__room__description room.locationid: netbox__room__location_id room.opt1: netbox__room__optional_1 room.opt2: netbox__room__optional_2 room.opt3: netbox__room__optional_3 room.opt4: netbox__room__optional_4 room.roomid: netbox__room__id subcat.catid: netbox__category__subcategory__category_id subcat.descr: netbox__category__subcategory__description subcat.subcatid: netbox__category__subcategory__id swport.duplex: netbox__connected_to_swport__duplex swport.ifindex: netbox__connected_to_swport__ifindex swport.interface: netbox__connected_to_swport__interface swport.link: netbox__connected_to_swport__link swport.media: netbox__connected_to_swport__media swport.moduleid: netbox__connected_to_swport__module_id swport.portname: netbox__connected_to_swport__port_name swport.port: netbox__connected_to_swport__port swport.speed: netbox__connected_to_swport__speed swport.swportid: netbox__connected_to_swport__id swport.to_netboxid: netbox__connected_to_swport__to_netbox_id swport.to_swportid: netbox__connected_to_swport__to_swport_id swport.trunk: netbox__connected_to_swport__trunk swport.vlan: netbox__connected_to_swport__vlan type.cdp: netbox__type__cdp type.chassis: netbox__type__chassis type.cs_at_vlan: netbox__type__cs_at_vlan type.descr: netbox__type__description type.frequency: netbox__type__frequency type.sysobjectid: netbox__type__sysobject type.tftp: netbox__type__tftp type.typeid: netbox__type__id type.typename: netbox__type__name type.vendorid: netbox__type__vendor_id usage.descr: netbox__organization__vlan__usage__description usage.usageid: netbox__organization__vlan__usage__id vendor.enterpriseid: netbox__device__product__vendor__enterprise_id vendor.vendorid: netbox__device__product__vendor__id vlan.description: netbox__organization__vlan__description vlan.netident: netbox__organization__vlan__net_ident vlan.nettype: netbox__organization__vlan__net_type_id vlan.orgid: netbox__organization__vlan__organization_id vlan.usageid: netbox__organization__vlan__usage_id vlan.vlanid: netbox__organization__vlan__id vlan.vlan: netbox__organization__vlan__vlan