Skip to content

Commit

Permalink
Redminebugfix (#19198): Separate priority maps
Browse files Browse the repository at this point in the history
  • Loading branch information
@ptorresred
ptorresred committed Nov 4, 2024
1 parent 5d4518f commit f85df43
Showing 1 changed file with 28 additions and 17 deletions.
45 changes: 28 additions & 17 deletions lib/logstash/filters/incident_enrichment.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,26 +142,37 @@ def get_key_prefix(event)
end

def is_required_priority_or_above?(priority)
priority_map = {
'unknown': 1,
'none': 2,
'debug': 3,
'info': 4,
'notice': 5,
'warning': 6,
'error': 7,
'low': 8,
'medium': 9,
'high': 10,
'critical': 11,
'alert': 12,
'emergency': 13,

vault_priority_map = {
'debug': 1,
'info': 2,
'notice': 3,
'warning': 4,
'error': 5,
'critical': 6,
'alert': 7,
'emergency': 8,

}
intrusion_priority_map = {
'info': 1,
'unknown': 2,
'none': 3,
'low': 4,
'medium': 5,
'high': 6,
'critical': 7
}

if @incidents_priority_filter
if priority_map.key?(priority.to_sym) && priority_map.key?(@incidents_priority_filter.to_sym)
return priority_map[priority.to_sym] >= priority_map[@incidents_priority_filter.to_sym]
end
if @source == 'redBorder Intrusion'
if intrusion_priority_map.key?(priority.to_sym) && intrusion_priority_map.key?(@incidents_priority_filter.to_sym)
return intrusion_priority_map[priority.to_sym] >= intrusion_priority_map[@incidents_priority_filter.to_sym]
end
else @source == 'redBorder Vault'
if vault_priority_map.key?(priority.to_sym) && vault_priority_map.key?(@incidents_priority_filter.to_sym)
return vault_priority_map[priority.to_sym] >= vault_priority_map[@incidents_priority_filter.to_sym]
end
end
false
end
Expand Down

0 comments on commit f85df43

Please sign in to comment.