search

jertel / elastalert2

ElastAlert 2 is a continuation of the original yelp/elastalert project. Pull requests are appreciated!
https://elastalert2.readthedocs.org
Apache License 2.0
931 stars 287 forks source link

[Powerautomate] New Alert Channel with Microsoft Power Automate #1505

Closed marssilva closed 3 months ago

marssilva commented 3 months ago

Description

Microsoft will disable communication with Incoming Webhook, given the announcement https://devblogs.microsoft.com/microsoft365dev/retirement-of-office-365-connectors-within-microsoft-teams/

This PR creates a new alert channel using Power Automate

jertel commented 3 months ago

Thank you @marssilva. The linter detected whitespace issues in the unit test python file:

py312: commands[1] /home/elastalert/tests> flake8 --config ../setup.cfg .
./alerters/powerautomate_test.py:4:1: F401 'pytest' imported but unused
./alerters/powerautomate_test.py:10:1: E302 expected 2 blank lines, found 1
./alerters/powerautomate_test.py:53:25: E131 continuation line unaligned for hanging indent
./alerters/powerautomate_test.py:65:1: W293 blank line contains whitespace
./alerters/powerautomate_test.py:71:1: W293 blank line contains whitespace
./alerters/powerautomate_test.py:155:25: E131 continuation line unaligned for hanging indent
./alerters/powerautomate_test.py:170:1: E302 expected 2 blank lines, found 1
./alerters/powerautomate_test.py:213:25: E131 continuation line unaligned for hanging indent
./alerters/powerautomate_test.py:228:1: E302 expected 2 blank lines, found 1
./alerters/powerautomate_test.py:271:25: E131 continuation line unaligned for hanging indent
./alerters/powerautomate_test.py:273:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:274:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:275:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:276:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:294:1: E302 expected 2 blank lines, found 1
./alerters/powerautomate_test.py:299:50: E203 whitespace before ':'
./alerters/powerautomate_test.py:338:25: E131 continuation line unaligned for hanging indent
./alerters/powerautomate_test.py:340:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:341:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:342:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:343:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:361:1: E302 expected 2 blank lines, found 1
./alerters/powerautomate_test.py:366:50: E203 whitespace before ':'
./alerters/powerautomate_test.py:405:25: E131 continuation line unaligned for hanging indent
./alerters/powerautomate_test.py:407:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:408:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:409:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:410:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:428:1: E302 expected 2 blank lines, found 1
./alerters/powerautomate_test.py:433:50: E203 whitespace before ':'
./alerters/powerautomate_test.py:436:50: E203 whitespace before ':'
./alerters/powerautomate_test.py:473:25: E131 continuation line unaligned for hanging indent
./alerters/powerautomate_test.py:475:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:476:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:477:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:478:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:481:25: E131 continuation line unaligned for hanging indent
./alerters/powerautomate_test.py:499:1: E302 expected 2 blank lines, found 1
./alerters/powerautomate_test.py:544:25: E131 continuation line unaligned for hanging indent
./alerters/powerautomate_test.py:546:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:547:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:548:29: E122 continuation line missing indentation or outdented
./alerters/powerautomate_test.py:549:29: E122 continuation line missing indentation or outdented
marssilva commented 3 months ago

tests revised @jertel

image

nsano-rururu commented 2 months ago

@jertel

I think this was an oversight in the review. Perhaps teams.py has a similar implementation, which is why this happened.

elastalert/alerters/powerautomate.py

add

self.ms_power_automate_opensearch_discover_color = self.rule.get('ms_power_automate_opensearch_discover_color', 'default')

before

                "url": opensearch_discover_url,
                "style": self.ms_power_automate_kibana_discover_color
            })

after

                "url": opensearch_discover_url,
                "style": self.ms_power_automate_opensearch_discover_color
            })

elastalert/schema.yaml

add

ms_power_automate_opensearch_discover_color: {type: string}

jertel commented 2 months ago

Thanks for the thorough review @nsano-rururu. PR to correct this is here: https://github.com/jertel/elastalert2/pull/1519