Documentation
¶
Index ¶
Constants ¶
View Source
const ( AlertTablePartitionKey = "id" AlertTableLogTypesAttribute = "logTypes" AlertTableEventCountAttribute = "eventCount" AlertTableUpdateTimeAttribute = "updateTime" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Alert ¶
type Alert struct {
ID string `dynamodbav:"id,string"`
TimePartition string `dynamodbav:"timePartition,string"`
Severity *string `dynamodbav:"severity,string"`
RuleDisplayName *string `dynamodbav:"ruleDisplayName,string"`
FirstEventMatchTime time.Time `dynamodbav:"firstEventMatchTime,string"`
LogTypes []string `dynamodbav:"logTypes,stringset"`
// Alert Title - will be the Python-generated title or a default one if no Python-generated title is available.
Title string `dynamodbav:"title,string"`
AlertDedupEvent
AlertPolicy
}
Alert contains all the fields associated to the alert stored in DDB
type AlertDedupEvent ¶
type AlertDedupEvent struct {
RuleID string `dynamodbav:"ruleId"`
RuleVersion string `dynamodbav:"ruleVersion"`
DeduplicationString string `dynamodbav:"dedup"`
CreationTime time.Time `dynamodbav:"creationTime"`
UpdateTime time.Time `dynamodbav:"updateTime"`
EventCount int64 `dynamodbav:"eventCount"`
LogTypes []string `dynamodbav:"logTypes,stringset"`
AlertContext *string `dynamodbav:"context,string"`
Type string `dynamodbav:"type"`
// Generated Fields
GeneratedTitle *string `dynamodbav:"title,string"`
GeneratedDescription *string `dynamodbav:"description,string"`
GeneratedReference *string `dynamodbav:"reference"`
GeneratedSeverity *string `dynamodbav:"severity"`
GeneratedRunbook *string `dynamodbav:"runbook"`
GeneratedDestinations []string `dynamodbav:"destinations,stringset"`
AlertCount int64 `dynamodbav:"-"` // There is no need to store this item in DDB
}
AlertDedupEvent represents the event stored in the alert dedup DDB table by the rules engine
func FromDynamodDBAttribute ¶
func FromDynamodDBAttribute(input map[string]events.DynamoDBAttributeValue) (event *AlertDedupEvent, err error)
type AlertPolicy ¶
type AlertPolicy struct {
PolicyID string `dynamodbav:"policyId,string"`
PolicyDisplayName string `dynamodbav:"policyDisplayName,string"`
PolicyVersion string `dynamodbav:"policyVersion,string"`
PolicySourceID string `dynamodbav:"policySourceId,string"`
ResourceTypes []string `dynamodbav:"resourceTypes,stringset"`
ResourceID string `dynamodbav:"resourceId,string"` // This is the failing resource
}
AlertPolicy represents the policy-specific fields for alerts genereated by policies
Source Files
Click to show internal directories.
Click to hide internal directories.