User Tools

Site Tools


devel:alertengine

AlertEngine

This subsystem is charged with the task of retrieving new alerts from the alert queue that event engine generates and sending them to users if they match their alert profile. NAV 3.5 should be getting a new version of this system which is a Python rewrite of the original Perl system.

Mathcing profiles

The alert profile system was originally designed with maximum flexibility in mind and is thus a fairly complex system. Each account in NAV can have one or more alert profiles which designate when daily and weekly queues should be emptied, only one of these can be active for any user. Each profile has a set of time periods which in turn have alert subscriptions. An alert subscription basically says if an alert matches a filtergroup send it to this address.

Understanding how we check a filtergroup against an alert is where most of the complexity of the system comes into light. Each filtergroup has filtergroupcontents which designate how the set of filters the contents specify should be combined. The filtergroupcontents is where 'inclusion', 'exclusion', 'and' and 'add inverse' (simply a negated add) opperations are set up.

To actually see if an alert matches we simply compile all the expressions in a filter into a Django-ORM lookup and do a 'SELECT COUNT(*) FROM …' which will tell us if our filter matches. The mapping we generate is combined with standard ORM lookups except for a few special cases like IP's. The following mapping shows how the current (as of 2008-06-19) mapping is setup from database table+column to the ORM (MatchField.CHOICES contains the sameinformation):

             alertq.alertqid: id
          alertq.alerttypeid: alert_type_id
             alertq.deviceid: device_id
          alertq.eventtypeid: event_type_id
             alertq.netboxid: netbox_id
             alertq.severity: severity
               alertq.source: source_id
                alertq.state: state
                alertq.subid: subid
                 alertq.time: time
                alertq.value: value
         alerttype.alerttype: alert_type__name
     alerttype.alerttypedesc: alert_type__description
       alerttype.alerttypeid: alert_type__id
       alerttype.eventtypeid: alert_type__event_type_id
                   arp.arpid: netbox__arp__id
                arp.end_time: netbox__arp__end_time
                      arp.ip: netbox__arp__ip
                     arp.mac: netbox__arp__mac
                arp.netboxid: netbox__arp__netbox_id
                arp.prefixid: netbox__arp__prefix_id
              arp.start_time: netbox__arp__start_time
                 arp.sysname: netbox__arp__sysname
                   cam.camid: netbox__cam__id
                cam.end_time: netbox__cam__end_time
                 cam.ifindex: netbox__cam__ifindex
                     cam.mac: netbox__cam__mac
                 cam.misscnt: netbox__cam__miss_count
                  cam.module: netbox__cam__module
                cam.netboxid: netbox__cam__netbox_id
                    cam.port: netbox__cam__port
              cam.start_time: netbox__cam__start_time
                 cam.sysname: netbox__cam__sysname
                   cat.catid: netbox__category__id
                   cat.descr: netbox__category__description
                cat.req_snmp: netbox__category__req_snmp
               device.active: netbox__device__active
                 device.auto: netbox__device__auto
             device.deviceid: netbox__device__id
        device.deviceorderid: netbox__device__device_order_id
           device.discovered: netbox__device__discovered
               device.fw_ver: netbox__device__firmware_version
               device.hw_ver: netbox__device__hardware_version
            device.productid: netbox__device__product_id
               device.serial: netbox__device__serial
               device.sw_ver: netbox__device__software_version
     eventtype.eventtypedesc: event_type__description
       eventtype.eventtypeid: event_type__id
          eventtype.stateful: event_type__stateful
             gwport.gwportid: netbox__connected_to_gwport__id
              gwport.ifindex: netbox__connected_to_gwport__ifindex
            gwport.interface: netbox__connected_to_gwport__interface
                 gwport.link: netbox__connected_to_gwport__link
          gwport.masterindex: netbox__connected_to_gwport__master_index
               gwport.metric: netbox__connected_to_gwport__metric
             gwport.moduleid: netbox__connected_to_gwport__module_id
             gwport.portname: netbox__connected_to_gwport__port_name
                gwport.speed: netbox__connected_to_gwport__speed
          gwport.to_netboxid: netbox__connected_to_gwport__to_netbox_id
          gwport.to_swportid: netbox__connected_to_gwport__to_swport_id
              location.descr: netbox__room__location__description
         location.locationid: netbox__room__location__id
                  mem.device: netbox__memory__device
                   mem.memid: netbox__memory__id
                 mem.memtype: netbox__memory__type
                mem.netboxid: netbox__memory__netbox_id
                    mem.size: netbox__memory__size
                    mem.used: netbox__memory__used
                netbox.catid: netbox__category_id
             netbox.deviceid: netbox__device_id
           netbox.discovered: netbox__discovered
              netboxinfo.key: netbox__info__key
         netboxinfo.netboxid: netbox__info__netbox_id
     netboxinfo.netboxinfoid: netbox__info__id
              netboxinfo.val: netbox__info__value
              netboxinfo.var: netbox__info__variable
                   netbox.ip: netbox__ip
             netbox.netboxid: netbox__id
                netbox.orgid: netbox__organization_id
             netbox.prefixid: netbox__prefix_id
                   netbox.ro: netbox__read_only
               netbox.roomid: netbox__room_id
                   netbox.rw: netbox__read_write
           netbox.snmp_agent: netbox__snmp_agent
         netbox.snmp_version: netbox__snmp_version
              netbox.sysname: netbox__sysname
               netbox.typeid: netbox__type_id
                   netbox.up: netbox__up
              netbox.upsince: netbox__up_since
             netbox.uptodate: netbox__up_to_date
                   org.descr: netbox__organization__description
                    org.opt1: netbox__organization__optional_1
                    org.opt2: netbox__organization__optional_2
                    org.opt3: netbox__organization__optional_3
                   org.orgid: netbox__organization__id
                  org.parent: netbox__organization__parent_id
              prefix.netaddr: netbox__prefix__net_address
             prefix.prefixid: netbox__prefix__id
               prefix.vlanid: netbox__prefix__vlan_id
               product.descr: netbox__device__product__description
           product.productid: netbox__device__product__id
           product.productno: netbox__device__product__product_number
            product.vendorid: netbox__device__product__vendor_id
                  room.descr: netbox__room__description
             room.locationid: netbox__room__location_id
                   room.opt1: netbox__room__optional_1
                   room.opt2: netbox__room__optional_2
                   room.opt3: netbox__room__optional_3
                   room.opt4: netbox__room__optional_4
                 room.roomid: netbox__room__id
                subcat.catid: netbox__category__subcategory__category_id
                subcat.descr: netbox__category__subcategory__description
             subcat.subcatid: netbox__category__subcategory__id
               swport.duplex: netbox__connected_to_swport__duplex
              swport.ifindex: netbox__connected_to_swport__ifindex
            swport.interface: netbox__connected_to_swport__interface
                 swport.link: netbox__connected_to_swport__link
                swport.media: netbox__connected_to_swport__media
             swport.moduleid: netbox__connected_to_swport__module_id
             swport.portname: netbox__connected_to_swport__port_name
                 swport.port: netbox__connected_to_swport__port
                swport.speed: netbox__connected_to_swport__speed
             swport.swportid: netbox__connected_to_swport__id
          swport.to_netboxid: netbox__connected_to_swport__to_netbox_id
          swport.to_swportid: netbox__connected_to_swport__to_swport_id
                swport.trunk: netbox__connected_to_swport__trunk
                 swport.vlan: netbox__connected_to_swport__vlan
                    type.cdp: netbox__type__cdp
                type.chassis: netbox__type__chassis
             type.cs_at_vlan: netbox__type__cs_at_vlan
                  type.descr: netbox__type__description
              type.frequency: netbox__type__frequency
            type.sysobjectid: netbox__type__sysobject
                   type.tftp: netbox__type__tftp
                 type.typeid: netbox__type__id
               type.typename: netbox__type__name
               type.vendorid: netbox__type__vendor_id
                 usage.descr: netbox__organization__vlan__usage__description
               usage.usageid: netbox__organization__vlan__usage__id
         vendor.enterpriseid: netbox__device__product__vendor__enterprise_id
             vendor.vendorid: netbox__device__product__vendor__id
            vlan.description: netbox__organization__vlan__description
               vlan.netident: netbox__organization__vlan__net_ident
                vlan.nettype: netbox__organization__vlan__net_type_id
                  vlan.orgid: netbox__organization__vlan__organization_id
                vlan.usageid: netbox__organization__vlan__usage_id
                 vlan.vlanid: netbox__organization__vlan__id
                   vlan.vlan: netbox__organization__vlan__vlan
devel/alertengine.txt · Last modified: 2008/06/19 08:38 by thomaska