Name
sn_sow_em.SOWAlertCommonUtilsSNC
Description
No description available
Script
var SOWAlertCommonUtilsSNC = Class.create();
SOWAlertCommonUtilsSNC.CORRELATION_GROUP = { //correlation group
NONE: '0',
PRIMARY: '1',
SECONDARY: '2',
BOTH: '3'
};
SOWAlertCommonUtilsSNC.GROUP = { //group reference
AUTOMATED: '1',
RULES_BASED: '2',
MANUAL: '3',
CMDB: '4',
CI_CLASS_BASED: '7',
TEXT: '8',
LOG_ANALYTICS: '9',
COMPONENT_BASED: '10',
TAG_CLUSTER: '11'
};
SOWAlertCommonUtilsSNC.CATEGORY = { //category (from extra_data)
LOG_ANALYTICS_GROUP: '1',
LOG_ANALYTICS_ALERT: '2',
READ_ONLY: '3'
};
SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY = {
STAND_ALONE_ALERT: 'STAND_ALONE_ALERT',
STAND_ALONE_LOG_ANALYTICS: 'STAND_ALONE_LOG_ANALYTICS',
GROUP_MEMBER_STAND_ALONE: 'GROUP_MEMBER_STAND_ALONE',
GROUP_MEMBER_LOG_ANALYTICS_STAND_ALONE: 'GROUP_MEMBER_LOG_ANALYTICS_STAND_ALONE',
GROUP_MEMBER_READ_ONLY: 'GROUP_MEMBER_READ_ONLY',
GROUP_MEMBER_COMPONENT_BASED: 'GROUP_MEMBER_COMPONENT_BASED',
GROUP_RULE_BASED: 'GROUP_RULE_BASED',
GROUP_MANUAL: 'GROUP_MANUAL',
GROUP_AUTOMATED: 'GROUP_AUTOMATED',
GROUP_CMDB: 'GROUP_CMDB',
GROUP_LOG_ANALYTICS: 'GROUP_LOG_ANALYTICS',
GROUP_COMPONENT_BASED: 'GROUP_COMPONENT_BASED',
GROUP_TEXT_BASED: 'GROUP_TEXT_BASED',
NONE: 'NONE',
GROUP_TAG_CLUSTER: 'GROUP_TAG_CLUSTER'
};
SOWAlertCommonUtilsSNC.ALERT_TYPE = (function(){
var obj = {};
// EM stand alone (not anomaly)
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.STAND_ALONE_ALERT] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.NONE,
group: [],
category: []
};
// Log analytics alert standalone
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.STAND_ALONE_LOG_ANALYTICS] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.NONE,
group: [],
category: [SOWAlertCommonUtilsSNC.CATEGORY.LOG_ANALYTICS_ALERT]
},
// EM standalone as a group member
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.GROUP_MEMBER_STAND_ALONE] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.SECONDARY,
group: [SOWAlertCommonUtilsSNC.GROUP.AUTOMATED, SOWAlertCommonUtilsSNC.GROUP.RULES_BASED, SOWAlertCommonUtilsSNC.GROUP.MANUAL, SOWAlertCommonUtilsSNC.GROUP.CMDB, SOWAlertCommonUtilsSNC.GROUP.TEXT, SOWAlertCommonUtilsSNC.GROUP.TAG_CLUSTER],
category: []
},
// Log analytics alert standalone as a group member member
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.GROUP_MEMBER_LOG_ANALYTICS_STAND_ALONE] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.SECONDARY,
group: [SOWAlertCommonUtilsSNC.GROUP.AUTOMATED, SOWAlertCommonUtilsSNC.GROUP.RULES_BASED, SOWAlertCommonUtilsSNC.GROUP.MANUAL, SOWAlertCommonUtilsSNC.GROUP.CMDB, SOWAlertCommonUtilsSNC.GROUP.TEXT, SOWAlertCommonUtilsSNC.GROUP.LOG_ANALYTICS, SOWAlertCommonUtilsSNC.GROUP.TAG_CLUSTER],
category: [SOWAlertCommonUtilsSNC.CATEGORY.LOG_ANALYTICS_ALERT]
};
// Read-only (member of component based)
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.GROUP_MEMBER_READ_ONLY] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.SECONDARY,
group: [SOWAlertCommonUtilsSNC.GROUP.COMPONENT_BASED],
category: [SOWAlertCommonUtilsSNC.CATEGORY.READ_ONLY]
};
// Component-based as a group member
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.GROUP_MEMBER_COMPONENT_BASED] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.BOTH,
group: [SOWAlertCommonUtilsSNC.GROUP.LOG_ANALYTICS],
category: [SOWAlertCommonUtilsSNC.CATEGORY.LOG_ANALYTICS_ALERT]
};
// Rule based/manual– primary
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.GROUP_RULE_BASED] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.PRIMARY,
group: [SOWAlertCommonUtilsSNC.GROUP.RULES_BASED],
category: []
};
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.GROUP_MANUAL] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.PRIMARY,
group: [SOWAlertCommonUtilsSNC.GROUP.MANUAL],
category: []
};
// Automated - Group
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.GROUP_AUTOMATED] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.PRIMARY,
group: [SOWAlertCommonUtilsSNC.GROUP.AUTOMATED,SOWAlertCommonUtilsSNC.GROUP.CI_CLASS_BASED],
category: []
};
// Tag Cluster - Group
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.GROUP_TAG_CLUSTER] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.PRIMARY,
group: [SOWAlertCommonUtilsSNC.GROUP.TAG_CLUSTER],
category: []
};
// CMDB - Group
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.GROUP_CMDB] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.PRIMARY,
group: [SOWAlertCommonUtilsSNC.GROUP.CMDB],
category: []
};
// Log analytics group
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.GROUP_LOG_ANALYTICS] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.PRIMARY,
group: [SOWAlertCommonUtilsSNC.GROUP.LOG_ANALYTICS],
category: [SOWAlertCommonUtilsSNC.CATEGORY.LOG_ANALYTICS_GROUP]
},
// Component-based
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.GROUP_COMPONENT_BASED] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.PRIMARY,
group: [SOWAlertCommonUtilsSNC.GROUP.COMPONENT_BASED],
category: [SOWAlertCommonUtilsSNC.CATEGORY.LOG_ANALYTICS_ALERT]
};
// Text based group
obj[SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.GROUP_TEXT_BASED] = {
correlation_group: SOWAlertCommonUtilsSNC.CORRELATION_GROUP.PRIMARY,
group: [SOWAlertCommonUtilsSNC.GROUP.TEXT],
category: []
};
return obj;
})();
SOWAlertCommonUtilsSNC.prototype = {
initialize: function() {
},
getAlertType: function(alertGr) {
if (!alertGr.isValidRecord())
return null;
var alertCorrelationGroup, alertGroupSource, alertParentGroupSource, relevantGroup, alertExtraDataCategory;
alertCorrelationGroup = alertGr.correlation_group+'';
alertGroupSource = alertGr.group_source+'';
alertParentGroupSource = alertGr.parent.getRefRecord().group_source+'';
relevantGroup = [SOWAlertCommonUtilsSNC.CORRELATION_GROUP.SECONDARY, SOWAlertCommonUtilsSNC.CORRELATION_GROUP.BOTH].indexOf(alertCorrelationGroup) > -1 ? alertParentGroupSource : alertGroupSource;
alertExtraDataCategory = alertGr.sn_extra_data.getRefRecord().category+'';
var alertTypes = SOWAlertCommonUtilsSNC.ALERT_TYPE;
var key, val;
var match = false, groupMatch = false, categoryMatch = false;
var matchedFieldCount = 0, matchedTypes = [], matchedTypeObj = {};
for (key in alertTypes) {
// Set initial values
match = false;
groupMatch = false;
categoryMatch = false;
matchedFieldCount = 0;
matchedTypeObj = {};
val = alertTypes[key];
if (val.correlation_group === alertCorrelationGroup) {
match = true;
matchedFieldCount++;
}
if (val.group.length > 0) {
groupMatch = val.group.indexOf(relevantGroup) > -1;
if (groupMatch) {
matchedFieldCount++;
}
match = match && groupMatch;
}
if (val.category.length > 0) {
categoryMatch = val.category.indexOf(alertExtraDataCategory) > -1;
if (categoryMatch) {
matchedFieldCount++;
}
match = match && categoryMatch;
}
if (match) {
matchedTypeObj.key = key;
matchedTypeObj.matchCount = matchedFieldCount;
matchedTypes.push(matchedTypeObj);
}
}
if (matchedTypes.length === 0) {
return SOWAlertCommonUtilsSNC.ALERT_TYPE_KEY.NONE;
} else if (matchedTypes.length === 1) {
return matchedTypes[0].key;
} else {
// Get best match based on max number of fields matched
// Example - SA_EM Alert Vs SA_Log analytics alert
// Sort the array in decreasing order of matchCount
matchedTypes = matchedTypes.sort(function(type1, type2) {
if (type1.matchCount > type2.matchCount)
return -1;
if (type1.matchCount < type2.matchCount)
return 1;
return 0;
});
return matchedTypes[0].key;
}
},
type: 'SOWAlertCommonUtilsSNC'
};Sys ID
b97e71b10b1201105f02818393673a21