Merge pull request #316 from randolph-esnet/master

Add impact and urgency as optional params for the servicenow alerter
jertel · Jun 30, 2021 · 7e470d8 · 7e470d8
2 parents c4487a4 + bc7064a
commit 7e470d8
Show file tree

Hide file tree

Showing 5 changed files with 49 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -17,6 +17,8 @@
 - Add support for generating Kibana Discover URLs to Rocket.Chat alerter - [#260](https://github.com/jertel/elastalert2/pull/260) - @nsanorururu
 - Provide rule key/values as possible Jinja data inputs - [#281](https://github.com/jertel/elastalert2/pull/281) - @mrfroggg
 - Add securityContext and podSecurityContext to Helm chart - [#289](https://github.com/jertel/elastalert2/pull/289) - @lepouletsuisse
+- Favor match keys over colliding rule keys when resolving Jinja vars; also add alert_text_jinja unit test - [#311](https://github.com/jertel/elastalert2/pull/311) - @mrfroggg
+- Add support for `servicenow_impact` and `servicenow_urgency` parameters for ServiceNow alerter - [#316](https://github.com/jertel/elastalert2/pull/316) - @randolph-esnet
 
 ## Other changes
 - Continue fix for prometheus wrapper writeback function signature - [#256](https://github.com/jertel/elastalert2/pull/256) - @greut
@@ -35,7 +37,6 @@
 - Improve structure and placement of test-related files in project tree - [#287](https://github.com/jertel/elastalert2/pull/287) - @ferozsalam
 - Only attempt to adjust timezone if timezone is set to a non-empty string - [#288](https://github.com/jertel/elastalert2/pull/288) - @ferozsalam
 - Deprecated `podSecurityPolicy` feature in Helm Chart as [it's deprecated in Kubernetes 1.21](https://kubernetes.io/blog/2021/04/06/podsecuritypolicy-deprecation-past-present-and-future/) - [#289](https://github.com/jertel/elastalert2/pull/289) - @lepouletsuisse
-- Add alert_text_jinja test - [#311](https://github.com/jertel/elastalert2/pull/311) - @mrfroggg
 
 # 2.1.1
 

diff --git a/docs/source/ruletypes.rst b/docs/source/ruletypes.rst
@@ -2566,6 +2566,10 @@ Optional:
 
 ``servicenow_proxy``: By default ElastAlert will not use a network proxy to send notifications to ServiceNow. Set this option using ``hostname:port`` if you need to use a proxy. only supports https.
 
+``servicenow_impact``: An integer 1, 2, or 3 representing high, medium, and low respectively. This measures the effect of an incident on business processes.
+
+``servicenow_urgency``: An integer 1, 2, or 3 representing high, medium, and low respecitvely. This measures how long this incident can be delayed until there is a significant business impact.
+
 Example usage::
 
     alert:
@@ -2580,6 +2584,8 @@ Example usage::
     subcategory: "xxxxxx"
     cmdb_ci: "xxxxxx"
     caller_id: "xxxxxx"
+    servicenow_impact: 1
+    servicenow_urgenc: 3
 
 Slack
 ~~~~~

diff --git a/elastalert/alerters/servicenow.py b/elastalert/alerters/servicenow.py
@@ -26,6 +26,8 @@ def __init__(self, rule):
         super(ServiceNowAlerter, self).__init__(rule)
         self.servicenow_rest_url = self.rule.get('servicenow_rest_url', None)
         self.servicenow_proxy = self.rule.get('servicenow_proxy', None)
+        self.impact = self.rule.get('servicenow_impact', None)
+        self.urgency = self.rule.get('servicenow_urgency', None)
 
     def alert(self, matches):
         for match in matches:
@@ -48,6 +50,10 @@ def alert(self, matches):
             "cmdb_ci": self.rule['cmdb_ci'],
             "caller_id": self.rule["caller_id"]
         }
+        if self.impact != None:
+            payload["impact"] = self.impact
+        if self.urgency != None:
+            payload["urgency"] = self.urgency
         try:
             response = requests.post(
                 self.servicenow_rest_url,

diff --git a/elastalert/schema.yaml b/elastalert/schema.yaml
@@ -506,6 +506,8 @@ properties:
   cmdb_ci: {type: string}
   caller_id: {type: string}
   servicenow_proxy: {type: string}
+  servicenow_impact: {type: integer, minimum: 1, maximum: 3}
+  servicenow_urgency: {type: integer, minimum: 1, maximum: 3}
 
   ### Slack
   slack_webhook_url: *arrayOfString

diff --git a/tests/alerters/servicenow_test.py b/tests/alerters/servicenow_test.py
@@ -117,6 +117,39 @@ def test_service_now_proxy():
     assert expected_data == actual_data
 
 
+def test_service_now_impact_and_urgency():
+    rule = {
+        'name': 'Test ServiceNow Rule',
+        'type': 'any',
+        'username': 'ServiceNow username',
+        'password': 'ServiceNow password',
+        'servicenow_rest_url': 'https://xxxxxxxxxx',
+        'short_description': 'ServiceNow short_description',
+        'comments': 'ServiceNow comments',
+        'assignment_group': 'ServiceNow assignment_group',
+        'category': 'ServiceNow category',
+        'subcategory': 'ServiceNow subcategory',
+        'cmdb_ci': 'ServiceNow cmdb_ci',
+        'caller_id': 'ServiceNow caller_id',
+        'servicenow_impact': 3,
+        'servicenow_urgency': 1,
+        'alert': []
+    }
+    rules_loader = FileRulesLoader({})
+    rules_loader.load_modules(rule)
+    alert = ServiceNowAlerter(rule)
+    match = {
+        '@timestamp': '2021-01-01T00:00:00',
+        'somefield': 'foobarbaz'
+    }
+    with mock.patch('requests.post') as mock_post_request:
+        alert.alert([match])
+
+    data = json.loads(mock_post_request.call_args_list[0][1]['data'])
+    assert data['impact'] == rule['servicenow_impact']
+    assert data['urgency'] == rule['servicenow_urgency']
+
+
 def test_service_now_ea_exception():
     with pytest.raises(EAException) as ea:
         rule = {