Use ctx.States() for alert cards in HTML report
Build alert cards from rule states when available; fall back to raw-data analysis (resolve failures, CNAME violations, unreachable targets) when states are absent.
This commit is contained in:
parent
a1e33e90f7
commit
0a41c706aa
1 changed files with 72 additions and 45 deletions
|
|
@ -256,52 +256,79 @@ func (p *srvProvider) GetHTMLReport(ctx sdk.ReportContext) (string, error) {
|
|||
rd.Records = append(rd.Records, rec)
|
||||
}
|
||||
|
||||
if len(resolveFails) > 0 {
|
||||
rd.Alerts = append(rd.Alerts, reportAlert{
|
||||
Severity: "crit",
|
||||
Title: fmt.Sprintf("DNS resolution failed for %d SRV target(s)", len(resolveFails)),
|
||||
Body: template.HTML(fmt.Sprintf(
|
||||
"%s<br>Clients will not be able to reach the service. Fix: either publish A/AAAA records for the target(s), or remove the broken SRV record.",
|
||||
strings.Join(resolveFails, "<br>"))),
|
||||
})
|
||||
}
|
||||
if len(cnames) > 0 {
|
||||
rd.Alerts = append(rd.Alerts, reportAlert{
|
||||
Severity: "warn",
|
||||
Title: "SRV target is a CNAME (RFC 2782 violation)",
|
||||
Body: template.HTML(fmt.Sprintf(
|
||||
"Target(s): %s<br>RFC 2782 requires SRV targets to resolve directly to A/AAAA. "+
|
||||
"Some clients will refuse to follow the CNAME. Fix: point the SRV record to a hostname with A/AAAA records, "+
|
||||
"or replace the CNAME with an ALIAS/ANAME at the DNS provider.",
|
||||
"<code>"+strings.Join(cnames, "</code>, <code>")+"</code>")),
|
||||
})
|
||||
}
|
||||
if len(tcpDown) > 0 {
|
||||
var items []string
|
||||
for _, f := range tcpDown {
|
||||
items = append(items, fmt.Sprintf("<code>%s</code> (%s): %s",
|
||||
template.HTMLEscapeString(f.address),
|
||||
template.HTMLEscapeString(f.owner),
|
||||
template.HTMLEscapeString(f.err)))
|
||||
// Build alerts from rule states when available; fall back to raw-data
|
||||
// analysis when the host hasn't threaded rule output through yet.
|
||||
states := ctx.States()
|
||||
if len(states) > 0 {
|
||||
for _, st := range states {
|
||||
sev := ""
|
||||
switch st.Status {
|
||||
case sdk.StatusCrit, sdk.StatusError:
|
||||
sev = "crit"
|
||||
case sdk.StatusWarn:
|
||||
sev = "warn"
|
||||
case sdk.StatusInfo:
|
||||
sev = "info"
|
||||
default:
|
||||
continue
|
||||
}
|
||||
alert := reportAlert{
|
||||
Severity: sev,
|
||||
Title: st.Message,
|
||||
}
|
||||
if fix, ok := st.Meta["fix"].(string); ok && fix != "" {
|
||||
alert.Body = template.HTML(template.HTMLEscapeString(fix))
|
||||
}
|
||||
rd.Alerts = append(rd.Alerts, alert)
|
||||
}
|
||||
} else {
|
||||
if len(resolveFails) > 0 {
|
||||
rd.Alerts = append(rd.Alerts, reportAlert{
|
||||
Severity: "crit",
|
||||
Title: fmt.Sprintf("DNS resolution failed for %d SRV target(s)", len(resolveFails)),
|
||||
Body: template.HTML(fmt.Sprintf(
|
||||
"%s<br>Clients will not be able to reach the service. Fix: either publish A/AAAA records for the target(s), or remove the broken SRV record.",
|
||||
strings.Join(resolveFails, "<br>"))),
|
||||
})
|
||||
}
|
||||
if len(cnames) > 0 {
|
||||
rd.Alerts = append(rd.Alerts, reportAlert{
|
||||
Severity: "warn",
|
||||
Title: "SRV target is a CNAME (RFC 2782 violation)",
|
||||
Body: template.HTML(fmt.Sprintf(
|
||||
"Target(s): %s<br>RFC 2782 requires SRV targets to resolve directly to A/AAAA. "+
|
||||
"Some clients will refuse to follow the CNAME. Fix: point the SRV record to a hostname with A/AAAA records, "+
|
||||
"or replace the CNAME with an ALIAS/ANAME at the DNS provider.",
|
||||
"<code>"+strings.Join(cnames, "</code>, <code>")+"</code>")),
|
||||
})
|
||||
}
|
||||
if len(tcpDown) > 0 {
|
||||
var items []string
|
||||
for _, f := range tcpDown {
|
||||
items = append(items, fmt.Sprintf("<code>%s</code> (%s): %s",
|
||||
template.HTMLEscapeString(f.address),
|
||||
template.HTMLEscapeString(f.owner),
|
||||
template.HTMLEscapeString(f.err)))
|
||||
}
|
||||
rd.Alerts = append(rd.Alerts, reportAlert{
|
||||
Severity: "crit",
|
||||
Title: fmt.Sprintf("%d target(s) unreachable on their advertised TCP port", len(tcpDown)),
|
||||
Body: template.HTML(strings.Join(items, "<br>") +
|
||||
"<br>Check: (1) the server is running and bound to the right port; " +
|
||||
"(2) firewall/security-group allows inbound TCP to that port; " +
|
||||
"(3) the SRV record is not pointing at an old IP."),
|
||||
})
|
||||
}
|
||||
if len(nulls) > 0 && len(nulls) == len(d.Records) {
|
||||
rd.Alerts = append(rd.Alerts, reportAlert{
|
||||
Severity: "warn",
|
||||
Title: "All SRV records use the null target (\".\"): service is explicitly disabled",
|
||||
Body: template.HTML(
|
||||
"RFC 2782 defines a single SRV record with target <code>\".\"</code> to signal that the service is " +
|
||||
"intentionally not available. If this is what you want, the configuration is correct. " +
|
||||
"If you expected clients to reach this service, replace the null target with a real hostname."),
|
||||
})
|
||||
}
|
||||
rd.Alerts = append(rd.Alerts, reportAlert{
|
||||
Severity: "crit",
|
||||
Title: fmt.Sprintf("%d target(s) unreachable on their advertised TCP port", len(tcpDown)),
|
||||
Body: template.HTML(strings.Join(items, "<br>") +
|
||||
"<br>Check: (1) the server is running and bound to the right port; " +
|
||||
"(2) firewall/security-group allows inbound TCP to that port; " +
|
||||
"(3) the SRV record is not pointing at an old IP."),
|
||||
})
|
||||
}
|
||||
if len(nulls) > 0 && len(nulls) == len(d.Records) {
|
||||
rd.Alerts = append(rd.Alerts, reportAlert{
|
||||
Severity: "warn",
|
||||
Title: "All SRV records use the null target (\".\"): service is explicitly disabled",
|
||||
Body: template.HTML(
|
||||
"RFC 2782 defines a single SRV record with target <code>\".\"</code> to signal that the service is " +
|
||||
"intentionally not available. If this is what you want, the configuration is correct. " +
|
||||
"If you expected clients to reach this service, replace the null target with a real hostname."),
|
||||
})
|
||||
}
|
||||
|
||||
var buf strings.Builder
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue