feat: implement mapping priority (#908)

Co-authored-by: Shahar Glazner <[email protected]>
keephq · Mar 6, 2024 · f29165d · f29165d
1 parent e550431
commit f29165d
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 14 deletions.
diff --git a/keep-ui/app/mapping/rules-table.tsx b/keep-ui/app/mapping/rules-table.tsx
@@ -34,6 +34,11 @@ export default function RulesTable({ mappings }: { mappings: MappingRule[] }) {
       header: "#",
       cell: (context) => context.row.original.id,
     }),
+    columnHelper.display({
+      id: "priority",
+      header: "Priority",
+      cell: (context) => context.row.original.priority,
+    }),
     columnHelper.display({
       id: "name",
       header: "Name",
@@ -84,7 +89,7 @@ export default function RulesTable({ mappings }: { mappings: MappingRule[] }) {
 
   const table = useReactTable({
     columns,
-    data: mappings,
+    data: mappings.sort((a, b) => b.priority - a.priority),
     getCoreRowModel: getCoreRowModel(),
   });
 

diff --git a/keep/api/bl/enrichments.py b/keep/api/bl/enrichments.py
@@ -37,6 +37,7 @@ def run_mapping_rules(self, alert: AlertDto):
             self.db_session.query(MappingRule)
             .filter(MappingRule.tenant_id == self.tenant_id)
             .filter(MappingRule.disabled == False)
+            .order_by(MappingRule.priority.desc())
             .all()
         )
 
@@ -59,6 +60,7 @@ def run_mapping_rules(self, alert: AlertDto):
             for row in rule.rows:
                 if all(
                     get_nested_attribute(alert, attribute) == row.get(attribute)
+                    or row.get(attribute) == "*"  # Wildcard
                     for attribute in rule.matchers
                 ):
                     self.logger.info(
@@ -73,6 +75,12 @@ def run_mapping_rules(self, alert: AlertDto):
                         for key, value in row.items()
                         if key not in rule.matchers
                     }
+
+                    # Enrich the alert with the matched row
+                    for key, value in enrichments.items():
+                        setattr(alert, key, value)
+
+                    # Save the enrichments to the database
                     enrich_alert(
                         self.tenant_id, alert.fingerprint, enrichments, self.db_session
                     )

diff --git a/keep/cli/cli.py b/keep/cli/cli.py
@@ -264,19 +264,9 @@ def whoami(info: Info):
 
 @cli.command()
 @click.option("--multi-tenant", is_flag=True, help="Enable multi-tenant mode")
+@click.option("--port", "-p", type=int, default=8080, help="The port to run the API on")
 @click.option(
-    "--port",
-    "-p",
-    type=int,
-    default=8080,
-    help="The port to run the API on"
-)
-@click.option(
-    "--host",
-    "-h",
-    type=str,
-    default="0.0.0.0",
-    help="The host to run the API on"
+    "--host", "-h", type=str, default="0.0.0.0", help="The host to run the API on"
 )
 def api(multi_tenant: bool, port: int, host: str):
     """Start the API."""
@@ -745,8 +735,18 @@ def list_mappings(info: Info):
     help="The matchers of the mapping, as a comma-separated list of strings.",
     required=True,
 )
+@click.option(
+    "--priority",
+    "-p",
+    type=int,
+    help="The priority of the mapping, higher priority means this rule will execute first.",
+    required=False,
+    default=0,
+)
 @pass_info
-def create(info: Info, name: str, description: str, file: str, matchers: str):
+def create(
+    info: Info, name: str, description: str, file: str, matchers: str, priority: int
+):
     """Create a mapping rule."""
     if os.path.isfile(file) and file.endswith(".csv"):
         with open(file, "rb") as f:
@@ -775,6 +775,7 @@ def create(info: Info, name: str, description: str, file: str, matchers: str):
                     "file_name": file_name,
                     "matchers": matchers.split(","),
                     "rows": rows,
+                    "priority": priority,
                 },
             )