Merges errors to errors_parsed

Khanh Nguyen · Khanh Nguyen · commit 4d6843f71e2d · 2017-11-01T10:53:37.000+01:00
diff --git a/elastalert_modules/bitsensor_enhancement.py b/elastalert_modules/bitsensor_enhancement.py
@@ -1,13 +1,15 @@
 from elastalert.enhancements import BaseEnhancement
 from util import convert_array_to_object
-from util import parse_detections
+from util import parse_array
 
-# For easier access to nested values in an array , this merges all items in  array
+# For easier access to nested values in an array , this merges all items in array
 # within  
 class AlertTextEnhancement(BaseEnhancement):
     # The enhancement is run against every match
     # The match is passed to the process function where it can be modified in any way
     # ElastAlert will do this for each enhancement linked to a rule
     def process(self, match):
-        parsed_match = parse_detections(match)
+        parsed_match = parse_array(match, 'detections')
+        match.update(parsed_match)
+        parsed_match = parse_array(match, 'errors')
         match.update(parsed_match)
diff --git a/elastalert_modules/util.py b/elastalert_modules/util.py
@@ -6,24 +6,24 @@ def convert_array_to_object(array):
         json[str(idx)] = array[idx]
     return json
 
-def parse_detections(match):
-    key = 'detections'
+def parse_array(match, key) :
+    o = match[key] if key in match else {}
     parsed = {key+'_parsed': {}}
 
-    if not isinstance(match[key], list):
+    if not isinstance(o, list):
         return parsed
-    if len(match[key]) == 0:
+    if len(o) == 0:
         return parsed
  
     # Converts array terms into objects 
-    # parsed[key + '_parsed'] = convert_array_to_object(match[key]) 
+    # parsed[key + '_parsed'] = convert_array_to_object(o) 
 
-    for sk, value in match[key][0].iteritems(): 
+    for sk, value in o[0].iteritems(): 
         value_array = [] 
         if isinstance(value, list):
-            value_array = list(chain.from_iterable(sv for sv in (v[sk] for v in match[key]) if sv))
+            value_array = list(chain.from_iterable(sv for sv in (v[sk] for v in o) if sv))
         else:
-            value_array = [v[sk] for v in match[key]] 
+            value_array = [v[sk] for v in o] 
         unique_values = set(value_array)
         parsed[key + '_parsed'][sk] = ", ".join(str(va) for va in unique_values)
  
