diff --git a/CHANGELOG.rst b/CHANGELOG.rst index cf83f40c89..b2cbb0f970 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -41,6 +41,9 @@ in development ``TRIGGER_*`` RBAC permission constants (improvement) * Implement RBAC for webhooks get all and get one API endpoint. (improvement) * Add webhook payload to the Jinja render context when rendering Jinja variable inside rule criteria section +* Switch file_watch_sensor in Linux pack to use trigger type with parameters. Now you can add a + rule with `file_path` and sensor will pick up the `file_path` from the rule. A sample rule + is provided in contrib/examples/rules/sample_rule_file_watch.yaml. (improvement) 2.2.1 - April 3, 2017 --------------------- diff --git a/contrib/examples/rules/sample_rule_file_watch.yaml b/contrib/examples/rules/sample_rule_file_watch.yaml new file mode 100644 index 0000000000..c1b6643a49 --- /dev/null +++ b/contrib/examples/rules/sample_rule_file_watch.yaml @@ -0,0 +1,17 @@ +--- +name: sample_rule_file_watch +pack: "examples" +description: Sample rule custom trigger type - add a file to be watched by file_watch_sensor in linux pack. +enabled: false + +trigger: + parameters: + file_path: /var/log/dmesg + type: linux.file_watch.file_path + +criteria: {} + +action: + parameters: + cmd: echo "{{trigger}}" + ref: core.local diff --git a/contrib/linux/config.yaml b/contrib/linux/config.yaml index 2f9aca8029..e69de29bb2 100644 --- a/contrib/linux/config.yaml +++ b/contrib/linux/config.yaml @@ -1,2 +0,0 @@ -file_watch_sensor: - file_paths: diff --git a/contrib/linux/sensors/file_watch_sensor.py b/contrib/linux/sensors/file_watch_sensor.py index d350c87c0f..49f624700a 100644 --- a/contrib/linux/sensors/file_watch_sensor.py +++ b/contrib/linux/sensors/file_watch_sensor.py @@ -9,17 +9,14 @@ class FileWatchSensor(Sensor): def __init__(self, sensor_service, config=None): super(FileWatchSensor, self).__init__(sensor_service=sensor_service, config=config) - self._config = self._config['file_watch_sensor'] - - self._file_paths = self._config.get('file_paths', []) self._trigger_ref = 'linux.file_watch.line' + self._logger = self._sensor_service.get_logger(__name__) + + self._file_paths = [] # stores a list of file paths we are monitoring self._tail = None def setup(self): - if not self._file_paths: - raise ValueError('No file_paths configured to monitor') - - self._tail = Tail(filenames=self._file_paths) + self._tail = Tail(filenames=[]) self._tail.handler = self._handle_line self._tail.should_run = True @@ -36,13 +33,29 @@ def cleanup(self): pass def add_trigger(self, trigger): - pass + file_path = trigger['parameters'].get('file_path', None) + + if not file_path: + self._logger.error('Received trigger type without "file_path" field.') + return + + self._tail.add_file(filename=file_path) + + self._logger.info('Added file "%s"' % (file_path)) def update_trigger(self, trigger): pass def remove_trigger(self, trigger): - pass + file_path = trigger['parameters'].get('file_path', None) + + if not file_path: + self._logger.error('Received trigger type without "file_path" field.') + return + + self._tail.remove_file(filename=file_path) + + self._logger.info('Removed file "%s"' % (file_path)) def _handle_line(self, file_path, line): trigger = self._trigger_ref diff --git a/contrib/linux/sensors/file_watch_sensor.yaml b/contrib/linux/sensors/file_watch_sensor.yaml index fd445e156d..fd095443e2 100644 --- a/contrib/linux/sensors/file_watch_sensor.yaml +++ b/contrib/linux/sensors/file_watch_sensor.yaml @@ -4,8 +4,21 @@ entry_point: "file_watch_sensor.py" description: "Sensor which monitors files for new lines" trigger_types: + - + name: "file_watch.file_path" + pack: "linux" + description: "Trigger which represents a file path to be monitored" + parameters_schema: + type: "object" + properties: + file_path: # User ``st2`` should have permissions to be able to read this file. + description: "Path to the file to monitor" + type: "string" + required: true + additionalProperties: false - name: "file_watch.line" + pack: "linux" description: "Trigger which indicates a new line has been detected" payload_schema: type: "object"