-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make EmailAlert docs and code consistent #98
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- The commit message misses one backtick in the line
"Add defaults for subject
, host, and
port`."
-
baseconfig.py
file params for emailalert need to be updated.
This may be ignored. I missed Remove EmailAlert configuration from base config #99. -
Should the buffer be checked for an upper limit like 25 Mb by default for size?
cloudmarker/alerts/emailalert.py
Outdated
:class:`smtplib.SMTP_SSL` documentation for more details on | ||
this. | ||
|
||
When ``use_ssl`` is ``False` and if ``host`` or ``port`` are not |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing backtick
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cloudmarker/alerts/emailalert.py
Outdated
username=None, password=None): | ||
"""Create an instance of :class:`EmailAlert` plugin. | ||
|
||
When ``use_ssl` is ``True`` and ``host`` is not specified or |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing backtick
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
smtp.sendmail(self._sender, self._to, message.as_string()) | ||
smtp.sendmail(self._from_addr, | ||
self._to_addrs, | ||
message.as_string()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Most of the other plugins have a success message logged which I personally find very convenient to verify if the method actually succeeded. The other alert, however, does not have it as well. You may choose to add it if you feel it is required.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree. I was trying to keep this change minimal, i.e., just focus on the documentation and necessary code updates. This plugin requires quite a bit of rework to move the SMTP code out to util
module and make it consistent with the other plugins. I will do some of it as part of #53. I will address this suggestion of yours while resolving #53.
|
||
Returns: | ||
smtplib.SMTP or smtplib.SMTP_SSL: An SMTP connection | ||
with its session ready to send messages. | ||
|
||
""" | ||
if self._use_ssl: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
At line 98, with the following config, I ran into an ssl.SSLError
.
Config:
alerts:
emailalert:
params:
use_ssl: True
host: smtp.gmail.com
port: 587
from_addr: CloudMarker Alert <no-reply@gmail.com>
to_addrs:
- <recipient@example.com>
subject: Anomaly notification
username: <alice>
password: <alice@123>
Exception stack trace:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/multiprocessing/process.py", line 297, in _bootstrap
self.run()
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/multiprocessing/process.py", line 99, in run
self._target(*self._args, **self._kwargs)
File "/Users/git/cloudmarker/cloudmarker/workers.py", line 68, in store_worker
store_plugin.done()
File "/Users/git/cloudmarker/cloudmarker/alerts/emailalert.py", line 79, in done
smtp = self._prepare_smtp_session()
File "/Users/git/cloudmarker/cloudmarker/alerts/emailalert.py", line 98, in _prepare_smtp_session
smtp = smtplib.SMTP_SSL(host=self._host, port=self._port)
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/smtplib.py", line 1031, in __init__
source_address)
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/smtplib.py", line 251, in __init__
(code, msg) = self.connect(host, port)
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/smtplib.py", line 336, in connect
self.sock = self._get_socket(host, port, self.timeout)
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/smtplib.py", line 1039, in _get_socket
server_hostname=self._host)
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py", line 412, in wrap_socket
session=session
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py", line 853, in _create
self.do_handshake()
File "/usr/local/Cellar/python/3.7.3/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py", line 1117, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:1056)
If the use_ssl
key is set to False
, the mail is successfully sent. This could probably be handled in another PR. There is a solution mentioned here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
At line 98, with the following config, I ran into an
ssl.SSLError
.Config:
alerts: emailalert: params: use_ssl: True host: smtp.gmail.com port: 587
For use_ssl
set to True
, set port
to either 465
or 0
(to choose default port which is 465
).
Also, see the docstring in line 26 for more details on this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The docstring does not say that use_ssl
can only be used for port 465. I'm not sure if someone running into this error would be able to figure out that both the port
and use_ssl
work together. This is not a breaking change so I'm fine if we don't do error handling here.
I think I ended up testing this the wrong way because of the existing config in base config. Since that config is not meant to exist, this comment may be ignored 😅 .
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tried to address this by adding more details in the util.send_email()
docstring in PR #108. See the following two URLs on the Read the Docs:
Please let me know if this helps of if we need to rework on these docstrings.
if self._stringbuffer: | ||
self._body = ''.join(self._stringbuffer) | ||
message.attach(MIMEText(self._body)) | ||
body = ''.join(self._stringbuffer) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it okay to send raw json data in the email body?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is not okay to send raw JSON in the email body. I would like record['com']['description']
and record['com']['recommendation']
to be picked out from the event record (record
) and formatted neatly in the email alerts. This will be done in a separate pull request.
Hi Nirali, We can do something like this. I would prefer to do this in a separate pull request. By the way, did you come up with the 25 MB limit as an arbitrary limit or did you use some reference to come up with this limit? |
I used this, https://www.outlook-apps.com/maximum-email-size/. |
7eeb81d
to
b019735
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changes looks good to me.
The EmailAlert docstrings have been updated to make it look good from a user's perspective. In some places, the docstrings have been fixed to describe the functionality in the code correctly. In some other cases, the code has been updated to be consistent with the updated docstrings. The following changes have been made to the plugin parameters: - Rename `sender` to `from_addr`. - Rename `to` to `to_addrs`. - Remove `body`. - Add defaults for `subject`, `host`, and `port`. The names `from_addr` and `to_addrs` have been picked from the Python `smtplib` documentation. They have done the work of choosing good names, so we just reuse it. The `to_addrs` name has an additional advantage that it hints at the value being a list of addresses. The `body` parameter has been removed because this is not a generic emailer class. This is an alert plugin which will decide its own email content based on the events it receives in its `write()` method. There is never a situation where the email content can be specified via configuration. The defaults for `host` and `port` have also been picked from the Python `smtplib` documentation. They implement sensible default behaviour for these defaults, so we reuse that behaviour by choosing the same defaults.
Make EmailAlert docs and code consistent
The EmailAlert docstrings have been updated to make it look good from a
user's perspective. In some places, the docstrings have been fixed to
describe the functionality in the code correctly. In some other cases,
the code has been updated to be consistent with the updated docstrings.
The following changes have been made to the plugin parameters:
sender
tofrom_addr
.to
toto_addrs
.body
.subject
,host
, andport
.The names
from_addr
andto_addrs
have been picked from the Pythonsmtplib
documentation. They have done the work of choosing good names,so we just reuse it. The
to_addrs
name has an additional advantagethat it hints at the value being a list of addresses.
The
body
parameter has been removed because this is not a genericemailer class. This is an alert plugin which will decide its own email
content based on the events it receives in its
write()
method.There is never a situation where the email content can be specified via
configuration.
The defaults for
host
andport
have also been picked from the Pythonsmtplib
documentation. They implement sensible default behaviour forthese defaults, so we reuse that behaviour by choosing the same
defaults.