Skip to content
This repository has been archived by the owner on Feb 3, 2023. It is now read-only.

Commit

Permalink
Fix Issue #276
Browse files Browse the repository at this point in the history 
- Migration of Ack management
  • Loading branch information
@guilhemmarchand
guilhemmarchand committed Mar 10, 2021
1 parent cda6f54 commit 11e7a3a
Showing 1 changed file with 84 additions and 174 deletions.
258 changes: 84 additions & 174 deletions trackme/default/data/ui/html/TrackMe.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34908,12 +34908,10 @@ <h2 class="panel-title">Search for audit changes:</h2>
var tokens = mvc.Components.get("default");

// Retrieve input values

var input_object = tokens.get("input_object");
var input_object_category = tokens.get("input_object_category");
var input_ack_duration = tokens.get("input_ack_duration");


// Retrieve update comment if any
var tk_comment = document.getElementById("input_ack_comment").value;

Expand All @@ -34932,102 +34930,59 @@ <h2 class="panel-title">Search for audit changes:</h2>
document.getElementById("input_ack_comment").value = "update note";
}

// Define the query
var searchQuery = "| `trackme_ack_add(\"" + input_object + "\", \"" + input_object_category + "\", \"" + input_ack_duration + "\")`";


// Set the search parameters--specify a time range
var searchParams = {
earliest_time: "-60m",
latest_time: "now"
};

if (input_object && input_object.length && input_ack_duration && input_ack_duration.length) {

// Run a blocking search and get back a job
service.search(
searchQuery,
searchParams,
function(err, job) {
// Create the endpoint URL
var myendpoint_URl = "{{SPLUNKWEB_URL_PREFIX}}/splunkd/__raw/services/trackme/v1/ack/ack_enable";

function audit_failure() {
// Create a dictionary to store the field names and values
var record = {
"object_category": input_object_category,
"object": input_object,
"ack_period": input_ack_duration,
"update_comment": tk_comment
};

// Audit
action = "failure";
change_type = "ack enable";
object = input_object;
object_category = input_object_category;
object_attrs = "object:" + input_object + " has been acknowledged for a period of " + input_ack_duration + " seconds, no more alerts will be generated until the acknowledge is expired.";
result = "N/A";
comment = tk_comment;
auditRecord(action, change_type, object, object_category, object_attrs, result, comment);
$.ajax({
url: myendpoint_URl,
type: "POST",
async: true,
contentType: "application/json",
dataType: "text",
beforeSend: function(xhr){ xhr.overrideMimeType( "text/plain; charset=x-user-defined" );},
data: JSON.stringify(record),
success: function(returneddata) {

// Refresh the main search
if (input_object_category == "data_source") {
searchDataSourcesMain.startSearch();
} else if (input_object_category == "data_host") {
searchDataHostsMain.startSearch();
} else if (input_object_category == "metric_host") {
searchMetricHostsMain.startSearch();
}

// Shall the search fail before we can get properties
if (job == null) {
let errorStr = "Unknown Error!";
if (err && err.data && err.data.messages && err.data.messages[0]['text']) {
errorStr = err.data.messages[0]['text'];
} else if (err && err.data && err.data.messages) {
errorStr = JSON.stringify(err.data.messages);
}
audit_failure();
$("#modal_update_collection_failure_return").find('.modal-error-message p').text(errorStr);
$("#modal_update_collection_failure_return").modal()
} else {

// Poll the status of the search job
job.track({
period: 200
}, {
done: function(job) {

// Refresh the main search
if (input_object_category == "data_source") {
searchDataSourcesMain.startSearch();
} else if (input_object_category == "data_host") {
searchDataHostsMain.startSearch();
} else if (input_object_category == "metric_host") {
searchMetricHostsMain.startSearch();
}
// show deleted modal
$("#ack_achieved").modal()

// show deleted modal
$("#ack_achieved").modal()

// Audit
action = "success";
change_type = "ack enable";
object = input_object;
object_category = input_object_category;
object_attrs = "object:" + input_object + " has been acknowledged for a period of " + input_ack_duration + " seconds, no more alerts will be generated until the acknowledge is expired.";
result = "N/A";
comment = tk_comment;
auditRecord(action, change_type, object, object_category, object_attrs, result, comment);

},
failed: function(properties) {
let errorStr = "Unknown Error!";
if (properties && properties._properties && properties._properties.messages && properties._properties.messages[0]['text']) {
errorStr = properties._properties.messages[0]['text'];
} else if (properties && properties._properties && properties._properties.messages) {
errorStr = JSON.stringify(properties._properties.messages);
}
audit_failure();
$("#modal_update_collection_failure_return").find('.modal-error-message p').text(errorStr);
$("#modal_update_collection_failure_return").modal()
},
error: function(err) {
done(err);
audit_failure();
$("#modal_update_collection_failure_flush").modal()
}
});
},
error: function(xhr, textStatus, error) {
message = "server response: " + xhr.responseText + "\n - http response: " + error;

}
// Audit
action = "failure";
change_type = "ack enable";
object = input_object;
object_category = input_object_category;
object_attrs = "object:" + input_object + " has been acknowledged for a period of " + input_ack_duration + " seconds, no more alerts will be generated until the acknowledge is expired.";
result = message;
comment = tk_comment;
auditRecord(action, change_type, object, object_category, object_attrs, result, comment);

$("#modal_update_collection_failure_return").find('.modal-error-message p').text(message);
$("#modal_update_collection_failure_return").modal()
}
);
});

// house cleaning
myendpoint_URl = undefined;
Expand Down Expand Up @@ -35056,17 +35011,12 @@ <h2 class="panel-title">Search for audit changes:</h2>
var tokens = mvc.Components.get("default");

// Retrieve input values

var keyid = tokens.get("keyid");
var input_object = tokens.get("input_object");
var input_object_category = tokens.get("input_object_category");
var ack_expiration = tokens.get("ack_expiration");
var ack_state = tokens.get("ack_state");

// Define the query
var searchQuery = "| `trackme_ack_disable(\"" + keyid + "\")`";


// Retrieve update comment if any
var tk_comment = document.getElementById("input_ack_comment").value;

Expand All @@ -35085,104 +35035,64 @@ <h2 class="panel-title">Search for audit changes:</h2>
document.getElementById("input_ack_comment").value = "update note";
}

// Set the search parameters--specify a time range
var searchParams = {
earliest_time: "-60m",
latest_time: "now"
};

if (ack_state === "inactive") {
// show modal
$("#ack_disable_already").modal()
}

else if (input_object && input_object.length) {

// Run a blocking search and get back a job
service.search(
searchQuery,
searchParams,
function(err, job) {
// Create the endpoint URL
var myendpoint_URl = "{{SPLUNKWEB_URL_PREFIX}}/splunkd/__raw/services/trackme/v1/ack/ack_disable";

function audit_failure() {
// Create a dictionary to store the field names and values
var record = {
"object_category": input_object_category,
"object": input_object,
"update_comment": tk_comment
};

// Audit
action = "failure";
change_type = "ack disable";
object = input_object;
object_category = input_object_category;
object_attrs = "object:" + input_object + " acknowledge has been disabled (ack_expiration was: " + ack_expiration + "), alerts will be generated depending on state and rules. ";
result = "N/A";
comment = tk_comment;
auditRecord(action, change_type, object, object_category, object_attrs, result, comment);
$.ajax({
url: myendpoint_URl,
type: "POST",
async: true,
contentType: "application/json",
dataType: "text",
beforeSend: function(xhr){ xhr.overrideMimeType( "text/plain; charset=x-user-defined" );},
data: JSON.stringify(record),
success: function(returneddata) {

// Refresh the main search
if (input_object_category == "data_source") {
searchDataSourcesMain.startSearch();
} else if (input_object_category == "data_host") {
searchDataHostsMain.startSearch();
} else if (input_object_category == "metric_host") {
searchMetricHostsMain.startSearch();
}

// Shall the search fail before we can get properties
if (job == null) {
let errorStr = "Unknown Error!";
if (err && err.data && err.data.messages && err.data.messages[0]['text']) {
errorStr = err.data.messages[0]['text'];
} else if (err && err.data && err.data.messages) {
errorStr = JSON.stringify(err.data.messages);
}
audit_failure();
$("#modal_update_collection_failure_return").find('.modal-error-message p').text(errorStr);
$("#modal_update_collection_failure_return").modal()
} else {

// Poll the status of the search job
job.track({
period: 200
}, {
done: function(job) {
// show deleted modal
$("#ack_achieved").modal()

// Refresh the main search
if (input_object_category == "data_source") {
searchDataSourcesMain.startSearch();
} else if (input_object_category == "data_host") {
searchDataHostsMain.startSearch();
} else if (input_object_category == "metric_host") {
searchMetricHostsMain.startSearch();
}

// show disabled modal
$("#ack_disable_achieved").modal()

// Audit
action = "success";
change_type = "ack disable";
object = input_object;
object_category = input_object_category;
object_attrs = "object:" + input_object + " acknowledge has been disabled (ack_expiration was: " + ack_expiration + "), alerts will be generated depending on state and rules. ";
result = "N/A";
comment = tk_comment;
auditRecord(action, change_type, object, object_category, object_attrs, result, comment);

},
failed: function(properties) {
let errorStr = "Unknown Error!";
if (properties && properties._properties && properties._properties.messages && properties._properties.messages[0]['text']) {
errorStr = properties._properties.messages[0]['text'];
} else if (properties && properties._properties && properties._properties.messages) {
errorStr = JSON.stringify(properties._properties.messages);
}
audit_failure();
$("#modal_update_collection_failure_return").find('.modal-error-message p').text(errorStr);
$("#modal_update_collection_failure_return").modal()
},
error: function(err) {
done(err);
audit_failure();
$("#modal_update_collection_failure_flush").modal()
}
});
},
error: function(xhr, textStatus, error) {
message = "server response: " + xhr.responseText + "\n - http response: " + error;

}
// Audit
action = "failure";
change_type = "ack disable";
object = input_object;
object_category = input_object_category;
object_attrs = "object:" + input_object + " acknowledge has been disabled (ack_expiration was: " + ack_expiration + "), alerts will be generated depending on state and rules. ";
result = message;
comment = tk_comment;
auditRecord(action, change_type, object, object_category, object_attrs, result, comment);

$("#modal_update_collection_failure_return").find('.modal-error-message p').text(message);
$("#modal_update_collection_failure_return").modal()
}
);

});
// house cleaning
myendpoint_URl = undefined;
delete(myendpoint_URl);
Expand Down

0 comments on commit 11e7a3a

Please sign in to comment.