engine

package
v0.0.0-...-27b3d77 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 25, 2024 License: MIT Imports: 23 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions 

func KustoDeepLink(q string) (string, error)

KustoDeepLink returns an encoded string that can be used to create a deep link to a Kusto query. 

func KustoQueryLinks(preText, query, endpoint, database string) (string, error)

KustoQueryLinks returns a string containing HTML links to the Kusto query in both the web and desktop UI.

Types

type AlertCli 

type AlertCli interface {
	Create(ctx context.Context, endpoint string, alert alert.Alert) error
}

type Client 

type Client interface {
	Endpoint(db string) string
	Query(ctx context.Context, qc *QueryContext, fn func(ctx context.Context, endpoint string, qc *QueryContext, row *table.Row) error) (error, int)
}

func NewFakeKustoClient 

func NewFakeKustoClient() Client

type Executor 

type Executor struct {
	// contains filtered or unexported fields
}

func NewExecutor 

func NewExecutor(opts ExecutorOpts) *Executor

TODO make AlertAddr string part of alertcli

func (*Executor) Close 

func (e *Executor) Close() error

func (*Executor) HandlerFn 

func (e *Executor) HandlerFn(ctx context.Context, endpoint string, qc *QueryContext, row *table.Row) error

HandlerFn converts rows of a query to Alerts.

func (*Executor) Open 

func (e *Executor) Open(ctx context.Context) error

func (*Executor) RunOnce 

func (e *Executor) RunOnce(ctx context.Context)

type ExecutorOpts 

type ExecutorOpts struct {
	AlertCli    AlertCli
	AlertAddr   string
	KustoClient Client
	RuleStore   ruleStore
	Region      string
	Tags        map[string]string
}

type Notification 

type Notification struct {
	// Title maps to the Title Notification field.
	Title string `kusto:"Title"`

	// Summary maps to the Description Notification field.
	Summary string `kusto:"Summary"`

	// Description maps to the Description Notification field.
	Description string `kusto:"Description"`

	// Severity maps to the Severity Notification field.
	Severity int64 `kusto:"Severity"`

	// CorrelationID maps to the CorrelationId Notification field.  If a correlation ID is specified, the hit count for
	// the original Notification will be incremented on each firing of the Notification.
	CorrelationID string `kusto:"CorrelationId"`

	// Recipient is the destination of the Notification.  Typically, a queue or email address.
	Recipient string `kusto:"Recipient"`

	// CustomFields are any additional fields that are not part of the Notification struct.
	CustomFields map[string]string
}

func (Notification) Validate 

func (i Notification) Validate() error

type NotificationValidationError 

type NotificationValidationError struct {
	Msg string
}

func (*NotificationValidationError) Error 

func (e *NotificationValidationError) Error() string

type QueryContext 

type QueryContext struct {
	Rule      *rules.Rule
	Query     string
	Stmt      kusto.Stmt
	Params    kusto.Parameters
	Region    string
	StartTime time.Time
	EndTime   time.Time
}

func NewQueryContext 

func NewQueryContext(rule *rules.Rule, endTime time.Time, region string) (*QueryContext, error)

type UnknownDBError 

type UnknownDBError struct {
	DB string
}

func (*UnknownDBError) Error 

func (e *UnknownDBError) Error() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.