# Copyright 2020 Adarsh yadav
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#   http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: ConfigMap
metadata:
  name: elastalert-rule
data:
  rule-node4-vswitch.yaml: |
    name: vswitch-3-sec
    type: any
    index: node4*
    filter:
    - range:
        time_vswitchd:
          gt: 3    #Greater than

    realert:
      minutes: 0

    alert: post
    http_post_url: "http://10.10.120.211:31000/alerts"
    http_post_static_payload:
      type: threshold
      label: vswitchd start time > 3 sec
    http_post_payload:
       index: _index
       log: msg
       log_path: log_path
       time_vswitchd: time_vswitchd
       num_hits: num_hits
       num_matches: num_matches

  rule-node1-vswitch.yaml: |
    name: vswitch-3-sec
    type: any
    index: node1*
    filter:
    - range:
        time_vswitchd:
          gt: 3    #Greater than

    realert:
      minutes: 0

    alert: post
    http_post_url: "http://10.10.120.211:31000/alerts"
    http_post_static_payload:
      type: threshold
      label: vswitchd start time > 3 sec
    http_post_payload:
       index: _index
       log: msg
       log_path: log_path
       time_vswitchd: time_vswitchd
       num_hits: num_hits
       num_matches: num_matches

  rule-node4-blacklist.yaml: |
      name: error-finder-node4
      type: blacklist
      compare_key: alert
      index: node4*
      blacklist:
        - "Failed to run test"
        - "Failed to execute in '30' seconds"
        - "('Result', 'Failed')"
        - "could not open socket: connection refused"
        - "Input/output error"
        - "dpdk|ERR|EAL: Error - exiting with code: 1"
        - "Failed to execute in '30' seconds"
        - "dpdk|ERR|EAL: Driver cannot attach the device"
        - "dpdk|EMER|Cannot create lock on"
        - "device not found"

      realert:
        minutes: 0

      alert: post
      http_post_url: "http://10.10.120.211:31000/alerts"
      http_post_static_payload:
        type: pattern-match
        label: failed
      http_post_payload:
         index: _index
         log: msg
         log_path: log_path
         reason: alert
         num_hits: num_hits
         num_matches: num_matches
  rule-node1-blacklist.yaml: |
      name: error-finder-node1
      type: blacklist
      compare_key: alert
      index: node1*
      blacklist:
        - "Failed to run test"
        - "Failed to execute in '30' seconds"
        - "('Result', 'Failed')"
        - "could not open socket: connection refused"
        - "Input/output error"
        - "dpdk|ERR|EAL: Error - exiting with code: 1"
        - "Failed to execute in '30' seconds"
        - "dpdk|ERR|EAL: Driver cannot attach the device"
        - "dpdk|EMER|Cannot create lock on"
        - "device not found"

      realert:
        minutes: 0

      alert: post
      http_post_url: "http://10.10.120.211:31000/alerts"
      http_post_static_payload:
        type: pattern-match
        label: failed
      http_post_payload:
         index: _index
         log: msg
         log_path: log_path
         reason: alert
         num_hits: num_hits
         num_matches: num_matches