-
Notifications
You must be signed in to change notification settings - Fork 326
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: ai rule gen #2158
feat: ai rule gen #2158
Conversation
…ly the right number of alerts so that we don't overflow the prompt limitations
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome work, Haim! Left a suggestion to separate data managing and UI, and few minor comments.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry to ask 😅, but may I ask to craft some unit-tests?
from keep.api.core.db import get_last_alerts | ||
from keep.api.core.dependencies import get_pusher_client | ||
|
||
# Add this import at the top of the file |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some leftover?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
|
||
|
||
|
||
def select_right_num_alerts(existing_rules, alerts, max_tokens): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Strict typing will make it look more like the rest of the codebase :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good point, done
logger.info(f"Error generating rules: {e}") | ||
result = {'error': "Error generating rules"} | ||
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why those empty lines? 0_o
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it just creates more clarity i feel
|
||
result['results'] = [rule for rule in result['results'] if check_cel_rule(rule['CELRule'])] | ||
|
||
except Exception as e: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know we have a few except Exception
in the codebase, but why exactly do we catch it here? If that's a way to avoid retries burning OpenAI quota, it's possible to limit amount of retries in Arq
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Arq?, this wont create a retry, it just catchs all sorts of exceptions cuz there's a lof different things going on in the try, catch, i don't really want to deal with them in a case by case basis
background_tasks: BackgroundTasks, | ||
request: Request, | ||
authenticated_entity: AuthenticatedEntity = Depends( | ||
IdentityManagerFactory.get_auth_verifier(["read:rules", "read:alerts"]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess also read:incidents
? :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we're not reading incidents right now i think
env = celpy.Environment() | ||
ast = env.compile(rule_str) | ||
env.program(ast) | ||
return True |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you re-use
keep/keep/rulesengine/rulesengine.py
Line 39 in 8a2d747
class RulesEngine: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i don't think this is a good idea, would you reuse opening a file and reading all the bytes? meh
return selected_alerts | ||
|
||
|
||
def check_cel_rule(rule_str): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like is_statement
notation for methods returning bool, but it's a matter of taste I know
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
return {"task_id": task_id} | ||
|
||
|
||
def ruleGen(task_id, authenticated_entity): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CamelCase, but the rest is snake_case ;)
@mirrormystic I see your comments "done" but I con't see commits, is there a chance that you didn't push smth? 🤔 |
ac21042
to
64fc3d5
Compare
close #1987
demo: https://www.loom.com/share/2b3eacfd7b844688bddaae6f2df7d8b6?sid=c07e0832-13e1-4249-98db-aa3c696c7b32