mirror/nttgin-BGPalerter
1
0
Fork 0
mirror of https://github.com/nttgin/BGPalerter.git synced 2024-05-19 06:50:08 +00:00
Code Issues Releases Wiki Activity

improved rpki alerts content

Browse Source
This commit is contained in:
Massimo Candela
2022-01-28 04:50:54 +01:00
parent edf317d7dc
commit eb6972f545
8 changed files with 53 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/context.md
View File

@ -18,9 +18,9 @@ Such tags are reported in the table below.
| peers | The number of peers that were able to see the issue |
| neworigin | The AS announcing the monitored prefix (e.g., in case of a hijack, `neworigin` will contain the hijacker, `asn` will contain the usual origin) |
| newprefix | The prefix announced (e.g., in case of a hijack, `newprefix` will contain the more specific prefix used for the hijack, `prefix` will contain the usual prefix) |
| bgplay | The link to BGPlay on RIPEstat |
| bgplay | A link to BGPlay |
|rpkiLink| A link to the rpki validator online|
Usage example: `The alert involves ${prefix} in ${earliest}` will be translated in something like `The alert involves 1.2.3.4/24 in 2020-04-14 04:02:13`.
> The same approach must be used to populate the templates available in config.yml. If you are writing a template for an API call, convert the JSON to string (e.g., '{"text": "${summary}"}').
> The same approach must be used to populate the templates available in config.yml. If you are writing a template for an API call, convert the JSON to string (e.g., '{"text": "${summary}"}').

16
src/reports/email_templates/emailTemplates.js
View File

@ -111,7 +111,6 @@ Last event: ${latest} UTC\n\
Top ${pathNumber} most used AS paths:\n\
${paths}';
const templateRPKI = '${summary}\n\
\n\
\n\
@ -119,8 +118,19 @@ DETAILS:\n\
------------------------------------------------------\n\
Event type: ${type}\n\
When event started: ${earliest} UTC\n\
Last event: ${latest} UTC\n\
See: ${rpkiLink}';
const templateRoas = '${summary}\n\
\n\
\n\
DETAILS:\n\
------------------------------------------------------\n\
Event type: ${type}\n\
When event started: ${earliest} UTC\n\
Last event: ${latest} UTC';
const defaultTemplate = '${summary}';
export default class emailTemplates {
@ -155,6 +165,10 @@ export default class emailTemplates {
{
channel: 'rpki',
content: templateRPKI
},
{
channel: 'roa',
content: templateRoas
}
];

7
src/reports/email_templates/roas.txt Normal file
View File

@ -0,0 +1,7 @@
${summary}
DETAILS:
------------------------------------------------------
Event type: ${type}
When event started: ${earliest} UTC
Last event: ${latest} UTC

3
src/reports/email_templates/rpki.txt
View File

@ -4,4 +4,5 @@ DETAILS:
------------------------------------------------------
Event type: ${type}
When event started: ${earliest} UTC
Last event: ${latest} UTC
Last event: ${latest} UTC
See more: ${rpkiLink}

23
src/reports/report.js
View File

@ -35,6 +35,7 @@ import moment from "moment";
import brembo from "brembo";
import axios from "axios";
import axiosEnrich from "../utils/axiosEnrich";
import RpkiValidator from "rpki-validator";
export default class Report {
constructor(channels, params, env) {
@ -73,6 +74,15 @@ export default class Report {
});
};
getRpkiLink = (prefix, asn) => {
return brembo.build("https://rpki.massimocandela.com/", {
path: ["#", prefix, asn],
params: {
"sources": RpkiValidator.providers.join(",")
}
});
};
getContext = (channel, content) => {
try {
let context = {
@ -156,6 +166,17 @@ export default class Report {
break;
case "rpki":
matched = content.data[0].matchedRule;
context.asn = (matched.asn || "").toString();
context.prefix = matched.prefix || content.data[0].matchedMessage.prefix;
context.description = matched.description || "";
context.bgplay = this.getBGPlayLink(matched.prefix, content.earliest, content.latest);
context.rpkiLink = this.getRpkiLink(context.prefix, context.asn);
context.slackUrl = `[<${context.rpkiLink}|See>]`;
context.markDownUrl = `[[see](${context.rpkiLink})]`;
break;
case "roa":
matched = content.data[0].matchedRule;
context.asn = (matched.asn || "").toString();
context.prefix = matched.prefix || content.data[0].matchedMessage.prefix;
@ -171,7 +192,7 @@ export default class Report {
return context;
} catch (error) { // This MUST never happen. But if it happens we need do send a basic alert anyway and don't crash
} catch (error) { // This MUST never happen. But if it happens we need to send a basic alert anyway and don't crash
this.logger.log({
level: 'error',
message: `It was not possible to generate a context: ${error}`

3
src/reports/reportSlack.js
View File

@ -44,7 +44,8 @@ export default class ReportSlack extends ReportHTTP {
{
color: color,
title: "${channel}",
text: "${summary}"
type: "mrkdwn",
text: "${summary}${slackUrl}"
}
]
});

4
src/reports/reportTelegram.js
View File

@ -74,8 +74,8 @@ export default class reportTelegram extends ReportHTTP {
getTemplate = (group, channel, content) => {
return JSON.stringify({
"chat_id": this.chatIds[group] || this.chatIds["default"],
"text": "${summary}",
"parse_mode": 'HTML',
"text": "${summary}${markDownUrl}",
"parse_mode": 'markdown',
"disable_web_page_preview": true
});
};

1
src/utils/axiosEnrich.js
View File

@ -25,7 +25,6 @@ export default function(axios, httpsAgent, userAgent) {
axios.defaults.httpsAgent = httpsAgent;
}
// Set User Agent
if (userAgent) {
axios.defaults.headers.common = {
"User-Agent": userAgent