archive/alerta_alerta
0
0
Fork 0
mirror of https://github.com/alerta/alerta.git synced 2025-01-24 01:10:24 +00:00
Code Issues Projects Releases Wiki Activity
alerta_alerta/alerta/settings.py
Cody Stevens 1ad12aada8
Allow grafana webhook to set tags to tags or attributes (#1606) 
* Do not require scope for metrics view

* Allow grafana webhook to make tags tags

* Set views.py back so this can be a separate PR

---------

Co-authored-by: Cody Stevens <costevens@datto.com>
Co-authored-by: Nick Satterly <nfsatterly@gmail.com>
2023-12-23 20:47:04 +01:00

293 lines
11 KiB
Python
Raw Permalink Blame History

#
# ***** ALERTA SERVER DEFAULT SETTINGS -- DO NOT MODIFY THIS FILE *****
#
# To override these settings use /etc/alertad.conf or the contents of the
# configuration file set by the environment variable ALERTA_SVR_CONF_FILE.
#
# Further information on settings can be found at https://docs.alerta.io
from typing import Any, Dict, List, Tuple # noqa
DEBUG = False
BASE_URL = ''
USE_PROXYFIX = False
SECRET_KEY = 'changeme'
# Logging configuration
LOG_CONFIG_FILE = ''
LOG_HANDLERS = ['console'] # ['console', 'file', 'wsgi']
LOG_FILE = 'alertad.log' # NOTE: 'file' must be added to LOG_HANDLERS for logging to work
LOG_LEVEL = 'WARNING' # DEBUG, INFO, WARNING, ERROR, CRITICAL
LOG_MAX_BYTES = 10 * 1024 * 1024 # 10 MB
LOG_BACKUP_COUNT = 2
LOG_FORMAT = 'default' # 'default', 'simple', 'verbose', 'json', 'syslog' or any valid logging format
LOG_FACILITY = 'local7' # syslog logging facility (local0 .. local7)
LOG_METHODS = ['GET', 'HEAD', 'POST', 'PUT', 'DELETE', 'CONNECT', 'OPTIONS', 'TRACE', 'PATCH']
# API settings
ALARM_MODEL = 'ALERTA' # 'ALERTA' (default) or 'ISA_18_2'
QUERY_LIMIT = 50
DEFAULT_PAGE_SIZE = QUERY_LIMIT # maximum number of alerts returned by a single query
HISTORY_LIMIT = 100 # cap the number of alert history entries
HISTORY_ON_VALUE_CHANGE = True # history entry for duplicate alerts if value changes
# MongoDB (deprecated, use DATABASE_URL setting)
MONGO_URI = 'mongodb://localhost:27017/monitoring'
MONGO_DATABASE = None # can be used to override default database, above
MONGO_RAISE_ON_ERROR = True
# PostgreSQL (deprecated, use DATABASE_URL setting)
POSTGRES_URI = 'postgres://localhost:5432/monitoring' # not used (use DATABASE_URL)
POSTGRES_DB = None
# Database
DATABASE_URL = MONGO_URI # default: MongoDB
DATABASE_NAME = MONGO_DATABASE or POSTGRES_DB
DATABASE_RAISE_ON_ERROR = MONGO_RAISE_ON_ERROR # True - terminate, False - ignore and continue
DATABASE_SCHEMA = 'public' # default: None to use default schema
# Search
DEFAULT_FIELD = 'text' # default field if no search prefix specified (Postgres only)
# Bulk API
BULK_QUERY_LIMIT = 100000 # max number of alerts for bulk endpoints
CELERY_BROKER_URL = None
CELERY_RESULT_BACKEND = None
CELERY_ACCEPT_CONTENT = ['customjson']
CELERY_TASK_SERIALIZER = 'customjson'
CELERY_RESULT_SERIALIZER = 'customjson'
# Authentication settings
AUTH_REQUIRED = False
AUTH_PROVIDER = 'basic' # basic (default), ldap, github, openid, saml2, azure, cognito, gitlab, google, keycloak
ADMIN_USERS = [] # type: List[str]
DEFAULT_ADMIN_ROLE = 'admin'
ADMIN_ROLES = [DEFAULT_ADMIN_ROLE]
DEFAULT_USER_ROLE = 'user'
USER_ROLES = [DEFAULT_USER_ROLE]
USER_DEFAULT_SCOPES = ['read', 'write'] # Note: 'write' scope implicitly includes 'read'
DEFAULT_GUEST_ROLE = 'guest'
GUEST_ROLES = [DEFAULT_GUEST_ROLE]
GUEST_DEFAULT_SCOPES = ['read:alerts']
CUSTOM_SCOPES = [] # type: List[str]
# Set DELETE_SCOPES to "delete:alerts" to prevent users with "write:alerts" scope being able to delete alerts
DELETE_SCOPES = [] # type: List[str]
CUSTOMER_VIEWS = False
ALLOW_READONLY = False
READONLY_SCOPES = ['read']
BASIC_AUTH_REALM = 'Alerta'
SIGNUP_ENABLED = True
HMAC_AUTH_CREDENTIALS = [
# {
# 'key': '', # access key id => $ uuidgen | tr '[:upper:]' '[:lower:]'
# 'secret': '', # secret key => $ date | md5 | base64
# 'algorithm': 'sha256' # valid hmac algorithm eg. sha256, sha384, sha512
# }
] # type: List[Dict[str, Any]]
AUTH_PROXY = False
AUTH_PROXY_USER_HEADER = 'X-Proxy-User' # header field containing the authenticated username (X-Forwarded-User)
AUTH_PROXY_ROLES_HEADER = 'X-Proxy-Roles' # list of authenticated role names (X-Forwarded-Groups)
AUTH_PROXY_ROLES_SEPARATOR = ',' # default comma-separated list (,;|)
AUTH_PROXY_AUTO_SIGNUP = True
OAUTH2_CLIENT_ID = '' # OAuth2 client ID and secret
OAUTH2_CLIENT_SECRET = ''
ALLOWED_EMAIL_DOMAINS = ['*']
# Amazon Cognito
AWS_REGION = 'us-east-1' # US East - N. Virginia (default)
COGNITO_USER_POOL_ID = None
COGNITO_DOMAIN = None
# GitHub OAuth2
GITHUB_URL = 'https://github.com'
GITHUB_ROLE_CLAIM = 'teams' # used in role mapping
GITHUB_GROUP_CLAIM = 'organizations' # used in customer mapping
ALLOWED_GITHUB_ORGS = ['*']
# GitLab OAuth2
GITLAB_URL = 'https://gitlab.com'
ALLOWED_GITLAB_GROUPS = ['*']
# BasicAuth using LDAP
LDAP_URL = '' # eg. ldap://localhost:389
LDAP_TIMEOUT = -1 # seconds (-1=infinity)
LDAP_BASEDN = ''
LDAP_CACERT = '' # Path to CA certificate to verify LDAPS connection against
LDAP_ALLOW_SELF_SIGNED_CERT = False
LDAP_DOMAINS = {
# 'planetexpress.com': 'cn=%s,ou=people,dc=planetexpress,dc=com'
} # type: Dict[str, Any]
LDAP_BIND_USERNAME = '' # required if using LDAP_SEARCH_QUERY eg. uid=admin,ou=users,dc=domain,dc=com
LDAP_BIND_PASSWORD = '' # required if using LDAP_BIND_USERNAME
LDAP_USER_BASEDN = '' # BASEDN for user search (default: LDAP_BASEDN)
LDAP_USER_FILTER = '' # eg. (cn={username})
LDAP_USER_NAME_ATTR = 'cn' # eg. cn or displayName
LDAP_USER_EMAIL_ATTR = 'mail' # eg. mail or email
LDAP_GROUP_BASEDN = '' # BASEDN for group search (default: LDAP_BASEDN)
LDAP_GROUP_FILTER = '' # eg. (&(member={userdn})(objectClass=group))
LDAP_GROUP_NAME_ATTR = 'dn' # eg. dn, memberOf, or cn
LDAP_DEFAULT_DOMAIN = '' # if set allows users to login with bare username
LDAP_CONFIG = {} # type: Dict[str, Any]
ALLOWED_LDAP_GROUPS = ['*']
# Microsoft Identity Platform (v2.0)
AZURE_TENANT = 'common' # "common", "organizations", "consumers" or tenant ID
# Keycloak
KEYCLOAK_URL = None
KEYCLOAK_REALM = None
ALLOWED_KEYCLOAK_ROLES = ['*']
# OpenID Connect
OIDC_ISSUER_URL = None
OIDC_AUTH_URL = None
OIDC_TOKEN_AUTH_METHODS = ['client_secret_basic', 'client_secret_post', 'client_secret_jwt']
OIDC_LOGOUT_URL = None
OIDC_VERIFY_TOKEN = False
OIDC_ROLE_CLAIM = OIDC_CUSTOM_CLAIM = 'roles' # JWT claim name whose value is used in role mapping
OIDC_GROUP_CLAIM = 'groups' # JWT claim name whose value is used in customer mapping
ALLOWED_OIDC_ROLES = ALLOWED_GITLAB_GROUPS or ALLOWED_KEYCLOAK_ROLES or ['*']
OIDC_LINK_USER_EMAIL = True # if using federated IdP link user accounts by verified email addresses
# SAML 2.0
SAML2_ENTITY_ID = None
SAML2_METADATA_URL = None
SAML2_USER_NAME_FORMAT = '{givenName} {surname}'
SAML2_EMAIL_ATTRIBUTE = 'emailAddress'
SAML2_CONFIG = {} # type: Dict[str, Any]
ALLOWED_SAML2_GROUPS = ['*']
TOKEN_EXPIRE_DAYS = 14
API_KEY_EXPIRE_DAYS = 365 # 1 year
# Audit Log
AUDIT_TRAIL = ['admin'] # possible categories are 'admin', 'write', and 'auth'
AUDIT_LOG = None # set to True to log to application logger
AUDIT_LOG_REDACT = True # redact sensitive data before logging
AUDIT_LOG_JSON = False # log alert data as JSON object
AUDIT_URL = None # send audit log events via webhook URL
# CORS settings
CORS_ALLOW_HEADERS = ['Content-Type', 'Authorization', 'Access-Control-Allow-Origin', 'X-Request-ID']
CORS_ORIGINS = [
# 'https://try.alerta.io',
# 'https://explorer.alerta.io',
'http://localhost',
'http://localhost:8000',
r'https?://\w*\.?local\.alerta\.io:?\d*/?.*' # => http(s)://*.local.alerta.io:<port>
]
CORS_SUPPORTS_CREDENTIALS = AUTH_REQUIRED
# Serverity settings
SEVERITY_MAP = {} # type: Dict[str, Any]
DEFAULT_NORMAL_SEVERITY = None
DEFAULT_INFORM_SEVERITY = None
DEFAULT_PREVIOUS_SEVERITY = None
COLOR_MAP = {} # type: Dict[str, Any]
# Timeout settings
DEFAULT_TIMEOUT = 86400 # seconds
ALERT_TIMEOUT = DEFAULT_TIMEOUT
HEARTBEAT_TIMEOUT = DEFAULT_TIMEOUT
HEARTBEAT_MAX_LATENCY = 2000 # ms
ACK_TIMEOUT = 0 # auto-unack alerts after x seconds (0 seconds = do not auto-unack)
SHELVE_TIMEOUT = 7200 # auto-unshelve alerts after x seconds (0 seconds = do not auto-unshelve)
# Housekeeping settings
DELETE_EXPIRED_AFTER = 2 * 60 * 60 # seconds (0 = do not delete)
DELETE_INFO_AFTER = 12 * 60 * 60 # seconds (0 = do not delete)
# Send verification emails to new BasicAuth users
EMAIL_VERIFICATION = False
SMTP_HOST = 'smtp.gmail.com'
SMTP_PORT = 587
MAIL_LOCALHOST = 'localhost' # mail server to use in HELO/EHLO command
SMTP_STARTTLS = True
SMTP_USE_SSL = False
SSL_KEY_FILE = None
SSL_CERT_FILE = None
MAIL_FROM = '' # replace with valid sender address eg you@gmail.com
SMTP_USERNAME = '' # application-specific username if different to MAIL_FROM user
SMTP_PASSWORD = '' # password for MAIL_FROM (or SMTP_USERNAME if used)
# Web console settings
SITE_LOGO_URL = '' # URL to company logo
DATE_FORMAT_LONG_DATE = 'ddd D MMM, YYYY HH:mm:ss.SSS Z' # eg. Tue 9 Oct, 2018 09:24.036 +02:00
DATE_FORMAT_MEDIUM_DATE = 'ddd D MMM HH:mm' # eg. Tue 9 Oct 09:24
DATE_FORMAT_SHORT_TIME = 'HH:mm' # eg. 09:24
DEFAULT_AUDIO_FILE = None # must exist on client at relative path eg. '/audio/alert_high-intensity.ogg' or URL
COLUMNS = [
'severity', 'status', 'lastReceiveTime', 'timeoutLeft', 'duplicateCount',
'customer', 'environment', 'service', 'resource', 'event', 'value', 'text'
]
SORT_LIST_BY = ['severity', 'lastReceiveTime'] # eg. newest='lastReceiveTime' or oldest='-createTime' (Note: minus means reverse)
DEFAULT_FILTER = {'status': ['open', 'ack']}
CLIPBOARD_TEMPLATE = ''
# Alert Status Indicators
ASI_SEVERITY = [
'critical', 'major', 'minor', 'warning', 'indeterminate', 'informational'
]
ASI_QUERIES = [
{'text': 'Production', 'query': [['environment', 'Production']]},
{'text': 'Development', 'query': [['environment', 'Development']]},
{'text': 'Heartbeats', 'query': {'q': 'event:Heartbeat'}},
{'text': 'Misc.', 'query': 'group=Misc'},
]
# Alarm list default font settings
DEFAULT_FONT = {
'font-family': '"Sintony", Arial, sans-serif',
'font-size': '13px',
'font-weight': 500 # 400=normal, 700=bold
}
# List of custom actions
ACTIONS = [] # type: List[str]
SERVER_VERSION = 'full' # show/hide server version eg. full, major, off
GOOGLE_TRACKING_ID = None
AUTO_REFRESH_INTERVAL = 5000 # ms
# Routing
ROUTING_DIST = 'alerta-routing'
# Plugins
PLUGINS = ['remote_ip', 'reject', 'heartbeat', 'blackout', 'forwarder']
PLUGINS_RAISE_ON_ERROR = True # raise RuntimeError exception on first failure
# reject plugin settings
ORIGIN_BLACKLIST = [] # type: List[str]
# ORIGIN_BLACKLIST = ['foo/bar$', '.*/qux'] # reject all foo alerts from bar, and everything from qux
ALLOWED_ENVIRONMENTS = ['Production', 'Development'] # reject alerts without allowed environments
# blackout settings
BLACKOUT_DURATION = 3600 # default period = 1 hour
NOTIFICATION_BLACKOUT = False # True - set alert status=blackout, False - do not process alert (default)
BLACKOUT_ACCEPT = [] # type: List[str]
# BLACKOUT_ACCEPT = ['normal', 'ok', 'cleared'] # list of severities accepted during blackout period
# northbound interface
FWD_DESTINATIONS = [
# ('http://localhost:9000', {'username': 'user', 'password': 'pa55w0rd', 'timeout': 10}, ['alerts', 'actions']), # BasicAuth
# ('https://httpbin.org/anything', dict(username='foo', password='bar', ssl_verify=False), ['alerts', 'actions']),
# ('http://localhost:9000', {'key': 'access-key', 'secret': 'secret-key'}, ['alerts', 'actions']), # Hawk HMAC
# ('http://localhost:9000', {'key': 'my-api-key'}, ['alerts', 'actions']), # API key
# ('http://localhost:9000', {'token': 'bearer-token'}, ['alerts', 'actions']), # Bearer token
] # type: List[Tuple]
# valid actions=['*', 'alerts', 'actions', 'open', 'assign', 'ack', 'unack', 'shelve', 'unshelve', 'close', 'delete']
# Webhooks
DEFAULT_ENVIRONMENT = 'Production' # default environment used by webhooks, value must be in ALLOWED_ENVIRONMENTS
# Grafana webhook keep legacy behavior by default
GRAFANA_TAGS_AS_ATTRIBUTES = True
GRAFANA_TAGS_AS_TAGS = False
Reference in a new issue View git blame Copy permalink