fixes based on review

jertel · Oct 24, 2023 · 237967f · 237967f
1 parent 6d70659
commit 237967f
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 12 deletions.
diff --git a/docs/source/ruletypes.rst b/docs/source/ruletypes.rst
@@ -2609,11 +2609,30 @@ Optional:
 
 ``iris_alert_tags``: List of tags.
 
-``iris_alert_status_id``: Alert status. Can be: ``1 - Unspecified``, ``2 - New``, ``3 - Assigned``, ``4 - In progress``, ``5 - Pending``, ``6 - Closed``, ``7 - Merged``. The default value is: `2`.
+``iris_alert_status_id``: The alert status of the alert, default value is ``2``. This parameter requires an integer input.
 
-``iris_alert_source_link``: Link, if needed.
+    Possible values:
 
-``iris_alert_severity_id``: Alert severity. Can be: ``1 - Unspecified``, ``2 - Informational``, ``3 - Low``, ``4 - Medium``, ``5 - High``, ``6 - Critical``. The default value is: `1`.
+    - ``1`` - Unspecified
+    - ``2`` - New
+    - ``3`` - Assigned
+    - ``4`` - In progress
+    - ``5`` - Pending
+    - ``6`` - Closed
+    - ``7`` - Merged.
+
+``iris_alert_source_link``: Your custom link, if needed.
+
+``iris_alert_severity_id``: The severity level of the alert, default value is ``1``. This parameter requires an integer input.
+
+    Possible values:
+
+    - ``1`` - Unspecified
+    - ``2`` - Informational
+    - ``3`` - Low
+    - ``4`` - Medium
+    - ``5`` - High
+    - ``6`` - Critical.
 
 ``iris_alert_context``:
 

diff --git a/elastalert/alerters/iris.py b/elastalert/alerters/iris.py
@@ -7,6 +7,7 @@
 from elastalert.alerts import Alerter
 from elastalert.util import EAException, elastalert_logger, lookup_es_key
 
+
 class IrisAlerter(Alerter):
     required_options = set(['iris_host', 'iris_api_token', 'iris_customer_id'])
 
@@ -17,23 +18,22 @@ def __init__(self, rule):
         self.customer_id = self.rule.get('iris_customer_id')
         self.ca_cert = self.rule.get('iris_ca_cert', False)
         self.ignore_ssl_errors = self.rule.get('iris_ignore_ssl_errors', False)
-        self.description = self.rule.get('iris_description', '')
+        self.description = self.rule.get('iris_description', None)
         self.overwrite_timestamp = self.rule.get('iris_overwrite_timestamp', False)
         self.type = self.rule.get('iris_type', 'alert')
-        self.case_template_id = self.rule.get('iris_case_template_id', '')
+        self.case_template_id = self.rule.get('iris_case_template_id', None)
         self.headers = {
             'Content-Type': 'application/json',
             'Authorization': f'Bearer {self.rule.get("iris_api_token")}'
         }
-        self.alert_note = self.rule.get('iris_alert_note', '')
-        self.alert_tags = self.rule.get('iris_alert_tags', '')
+        self.alert_note = self.rule.get('iris_alert_note', None)
+        self.alert_tags = self.rule.get('iris_alert_tags', None)
         self.alert_status_id = self.rule.get('iris_alert_status_id', 2)
-        self.alert_source_link = self.rule.get('iris_alert_source_link', '')
+        self.alert_source_link = self.rule.get('iris_alert_source_link', None)
         self.alert_severity_id = self.rule.get('iris_alert_severity_id', 1)
-        self.alert_context = self.rule.get('iris_alert_context', '')
+        self.alert_context = self.rule.get('iris_alert_context', None)
         self.iocs = self.rule.get('iris_iocs', None)
 
-
     def make_alert_context_records(self, matches):
         alert_context = {}
 

diff --git a/elastalert/loaders.py b/elastalert/loaders.py
@@ -26,7 +26,7 @@
 import elastalert.alerters.httppost
 import elastalert.alerters.httppost2
 import elastalert.alerters.iris
-# import elastalert.alerters.lark
+import elastalert.alerters.lark
 import elastalert.alerters.line
 import elastalert.alerters.pagertree
 import elastalert.alerters.rocketchat
@@ -128,7 +128,7 @@ class RulesLoader(object):
         'zabbix': ZabbixAlerter,
         'discord': elastalert.alerters.discord.DiscordAlerter,
         'dingtalk': elastalert.alerters.dingtalk.DingTalkAlerter,
-        # 'lark': elastalert.alerters.lark.LarkAlerter,
+        'lark': elastalert.alerters.lark.LarkAlerter,
         'chatwork': elastalert.alerters.chatwork.ChatworkAlerter,
         'datadog': elastalert.alerters.datadog.DatadogAlerter,
         'ses': elastalert.alerters.ses.SesAlerter,

diff --git a/tests/alerters/iris_test.py b/tests/alerters/iris_test.py
@@ -41,6 +41,7 @@ def test_iris_make_alert_context_records(caplog):
 
     assert expected_data == actual_data
 
+
 def test_iris_make_iocs_records(caplog):
     caplog.set_level(logging.INFO)
     rule = {
@@ -98,6 +99,7 @@ def test_iris_make_iocs_records(caplog):
     actual_data = alert.make_iocs_records([match])
     assert expected_data == actual_data
 
+
 def test_iris_make_alert_minimal(caplog):
     caplog.set_level(logging.INFO)
     rule = {
@@ -133,6 +135,7 @@ def test_iris_make_alert_minimal(caplog):
     actual_data = alert.make_alert([match])
     assert expected_data == actual_data
 
+
 def test_iris_make_alert_maximal(caplog):
     caplog.set_level(logging.INFO)
     rule = {
@@ -212,6 +215,7 @@ def test_iris_make_alert_maximal(caplog):
     actual_data = alert.make_alert([match])
     assert expected_data == actual_data
 
+
 def test_iris_make_case_minimal(caplog):
     caplog.set_level(logging.INFO)
     rule = {
@@ -245,6 +249,7 @@ def test_iris_make_case_minimal(caplog):
 
     assert expected_data == actual_data
 
+
 def test_iris_make_case_maximal(caplog):
     caplog.set_level(logging.INFO)
     rule = {
@@ -314,6 +319,7 @@ def test_iris_make_case_maximal(caplog):
     assert expected_data == actual_data
     assert expected_data_iocs == actual_data_iocs
 
+
 def test_iris_alert_alert(caplog):
     caplog.set_level(logging.INFO)
     rule = {
@@ -407,6 +413,7 @@ def test_iris_alert_alert(caplog):
     assert expected_data == mock_post_request.call_args_list[0][1]['json']
     assert ('elastalert', logging.INFO, 'Alert sent to Iris') == caplog.record_tuples[0]
 
+
 def test_iris_get_info(caplog):
     caplog.set_level(logging.INFO)
     rule = {