working on events funcs

all new code will go to the modular version. use run-modular.sh/bat

Author: robertvandervoort

api/appd_client.py

@@ -4,16 +4,18 @@
 import requests
 import pandas as pd
 from io import StringIO
-from typing import Dict, Any, Optional, Tuple
+from typing import Dict, Any, Optional, Tuple, List
 from urllib.parse import quote
 from auth import AppDAuthenticator
+from utils import Logger
 
 
 class AppDAPIClient:
     """Client for AppDynamics REST API calls."""
 
-    def __init__(self, authenticator: AppDAuthenticator):
+    def __init__(self, authenticator: AppDAuthenticator, logger: Optional[Logger] = None):
         self.authenticator = authenticator
+        self.logger = logger
 
     def _make_request(self, method: str, url: str, **kwargs) -> Tuple[Optional[requests.Response], str]:
         """
@@ -23,15 +25,21 @@ def _make_request(self, method: str, url: str, **kwargs) -> Tuple[Optional[reque
             Tuple of (response, status) where status is 'valid', 'error', or 'empty'
         """
         if not self.authenticator.ensure_authenticated():
+            if self.logger:
+                self.logger.error("Authentication not valid; cannot make request")
             return None, "error"
 
         session = self.authenticator.get_session()
         if not session:
             return None, "error"
 
         try:
+            if self.logger:
+                self.logger.debug(f"HTTP {method} {url}")
             response = session.request(method, url, verify=self.authenticator.verify_ssl, **kwargs)
             response.raise_for_status()
+            if self.logger:
+                self.logger.debug(f"HTTP {response.status_code} OK for {url}")
             return response, "valid"
         except requests.exceptions.HTTPError as err:
             error_map = {
@@ -42,16 +50,28 @@ def _make_request(self, method: str, url: str, **kwargs) -> Tuple[Optional[reque
                 500: "Internal Server Error - Something went wrong on the server.",
             }
             error_explanation = error_map.get(err.response.status_code, "Unknown HTTP Error")
-            print(f"HTTP Error: {err.response.status_code} - {error_explanation}")
+            if self.logger:
+                self.logger.error(f"HTTP Error {err.response.status_code}: {error_explanation}")
+            else:
+                print(f"HTTP Error: {err.response.status_code} - {error_explanation}")
             return None, "error"
         except requests.exceptions.RequestException as err:
             if isinstance(err, requests.exceptions.ConnectionError):
-                print("Connection Error: Failed to establish a new connection.")
+                if self.logger:
+                    self.logger.error("Connection Error: Failed to establish a new connection.")
+                else:
+                    print("Connection Error: Failed to establish a new connection.")
             else:
-                print(f"Request Exception: {err}")
+                if self.logger:
+                    self.logger.error(f"Request Exception: {err}")
+                else:
+                    print(f"Request Exception: {err}")
             return None, "error"
         except Exception as err:
-            print(f"Unexpected Error: {type(err).__name__}: {err}")
+            if self.logger:
+                self.logger.error(f"Unexpected Error: {type(err).__name__}: {err}")
+            else:
+                print(f"Unexpected Error: {type(err).__name__}: {err}")
             return None, "error"
 
     def _urlencode_string(self, text: str) -> str:
@@ -161,6 +181,156 @@ def get_apm_availability(self, object_type: str, app_name: str, tier_name: str,
 
         return self._make_request("GET", url)
 
+    def get_health_rule_violations(
+        self,
+        application_id: str,
+        time_range_type: str = "BEFORE_NOW",
+        duration_mins: Optional[int] = None,
+        start_time: Optional[int] = None,
+        end_time: Optional[int] = None,
+        output: str = "XML",
+    ) -> Tuple[Optional[requests.Response], str]:
+        """Get health rule violations for a specific application.
+
+        Docs: https://docs.appdynamics.com/appd/24.x/latest/en/extend-splunk-appdynamics/splunk-appdynamics-apis/alert-and-respond-api/events-api
+        Endpoint: /controller/rest/applications/{application_id}/problems/healthrule-violations
+        """
+        base = f"{self.authenticator.credentials.base_url}/controller/rest/applications/{application_id}/problems/healthrule-violations"
+
+        params = {"time-range-type": time_range_type}
+        if duration_mins is not None:
+            params["duration-in-mins"] = str(duration_mins)
+        if start_time is not None:
+            params["start-time"] = str(start_time)
+        if end_time is not None:
+            params["end-time"] = str(end_time)
+        if output:
+            params["output"] = output
+
+        # Build URL with query params
+        query = "&".join([f"{k}={v}" for k, v in params.items()])
+        url = f"{base}?{query}"
+        return self._make_request("GET", url)
+
+    def get_events(
+        self,
+        application_id: str,
+        event_types: List[str],
+        severities: List[str],
+        time_range_type: str = "BEFORE_NOW",
+        duration_mins: Optional[int] = None,
+        start_time: Optional[int] = None,
+        end_time: Optional[int] = None,
+        tier: Optional[str] = None,
+        output: str = "XML",
+    ) -> Tuple[Optional[requests.Response], str]:
+        """Get events for a specific application.
+
+        Endpoint: /controller/rest/applications/{application_id}/events
+        Notes: Returns at most 600 events per request.
+        """
+        base = f"{self.authenticator.credentials.base_url}/controller/rest/applications/{application_id}/events"
+
+        params: Dict[str, Any] = {
+            "time-range-type": time_range_type,
+            "event-types": ",".join(event_types) if event_types else "",
+            "severities": ",".join(severities) if severities else "",
+        }
+        if duration_mins is not None:
+            params["duration-in-mins"] = str(duration_mins)
+        if start_time is not None:
+            params["start-time"] = str(start_time)
+        if end_time is not None:
+            params["end-time"] = str(end_time)
+        if tier:
+            params["tier"] = self._urlencode_string(tier)
+        if output:
+            params["output"] = output
+
+        query = "&".join([f"{k}={v}" for k, v in params.items() if v is not None and v != ""])
+        url = f"{base}?{query}"
+        return self._make_request("GET", url)
+
+    def get_events_paginated(
+        self,
+        application_id: str,
+        event_types: List[str],
+        severities: List[str],
+        duration_mins: int,
+        tier: Optional[str] = None,
+    ) -> List[Dict[str, Any]]:
+        """Retrieve all matching events using sliding windows to respect the 600-per-request cap.
+
+        Strategy:
+        - Use BEFORE_NOW with duration windows; if a window returns 600 rows, bisect the window to reduce size
+        - Continue until windows produce < 600, then slide backward until total duration is covered
+        - Parse XML to DataFrame via pandas.read_xml at the call-site; here we just fetch text
+        """
+        import time as _time
+        import math as _math
+        from io import StringIO as _StringIO
+        import pandas as _pd
+
+        all_events_df = _pd.DataFrame()
+
+        # Start with the full duration; adaptively split if needed
+        remaining = duration_mins
+        while remaining > 0:
+            window = min(remaining, 240)  # start with 4h windows to balance calls/results
+            response, status = self.get_events(
+                application_id=application_id,
+                event_types=event_types,
+                severities=severities,
+                time_range_type="BEFORE_NOW",
+                duration_mins=window,
+                tier=tier,
+                output="XML",
+            )
+            if status != "valid" or not response:
+                break
+
+            # Parse quickly to count rows
+            try:
+                xml_content = _StringIO(response.content.decode())
+                df = _pd.read_xml(xml_content, xpath=".//event")
+            except Exception:
+                df = _pd.DataFrame()
+
+            if df is None or df.empty:
+                remaining -= window
+                continue
+
+            if len(df) >= 600 and window > 5:
+                # Too many results; reduce window size and retry without consuming remaining time
+                new_window = max(5, window // 2)
+                if new_window == window:
+                    new_window = 5
+                # small delay to avoid rate-limits
+                _time.sleep(0.2)
+                # retry with smaller window
+                response, status = self.get_events(
+                    application_id=application_id,
+                    event_types=event_types,
+                    severities=severities,
+                    time_range_type="BEFORE_NOW",
+                    duration_mins=new_window,
+                    tier=tier,
+                    output="XML",
+                )
+                try:
+                    xml_content = _StringIO(response.content.decode())
+                    df = _pd.read_xml(xml_content, xpath=".//event")
+                except Exception:
+                    df = _pd.DataFrame()
+                window = new_window
+
+            all_events_df = _pd.concat([all_events_df, df])
+            remaining -= window
+            _time.sleep(0.2)
+
+        # Return as list of dicts for caller flexibility
+        return all_events_df.to_dict(orient="records")
+
 
 
 

config/__init__.py

@@ -2,9 +2,10 @@
 Configuration package for AppDynamics Data Extractor.
 """
 from .settings import AppConfig, APICredentials, get_config
+from .event_types import EVENT_TYPES, SEVERITY_LEVELS, ALL_EVENT_TYPES
 from .secrets_manager import SecretsManager
 
-__all__ = ['AppConfig', 'APICredentials', 'get_config', 'SecretsManager']
+__all__ = ['AppConfig', 'APICredentials', 'get_config', 'SecretsManager', 'EVENT_TYPES', 'SEVERITY_LEVELS', 'ALL_EVENT_TYPES']
 
 
 

config/event_types.py

@@ -0,0 +1,62 @@
+"""
+Canonical event type constants for the AppDynamics Events API.
+
+Note: AppDynamics' public documentation lists many event types but is not
+guaranteed to be exhaustive for every controller/version, especially for
+CUSTOM events. This list is intentionally broad and grouped by category to
+aid discoverability in the UI. Users can still filter by any subset.
+"""
+
+from typing import Dict, List
+
+
+# Severity levels supported by the Events API retrieval endpoint
+SEVERITY_LEVELS: List[str] = [
+    "INFO",
+    "WARN",
+    "ERROR",
+]
+
+
+# Grouped event types for easier selection in the UI
+# These are commonly observed/documented event types; the controller may emit
+# a subset/superset depending on features and version.
+EVENT_TYPES: Dict[str, List[str]] = {
+    "Application": [
+        "APPLICATION_ERROR",
+        "APPLICATION_DEPLOYMENT",
+        "APPLICATION_CONFIG_CHANGE",
+        "CUSTOM",
+    ],
+    "Diagnostics": [
+        "DIAGNOSTIC_SESSION",
+        "ERROR_DIAGNOSTIC_SESSION",
+        "SLOW_DIAGNOSTIC_SESSION",
+        "DEADLOCK",
+        "MEMORY_LEAK_DIAGNOSTICS",
+    ],
+    "Discovery": [
+        "BACKEND_DISCOVERED",
+        "SERVICE_ENDPOINT_DISCOVERED",
+    ],
+    "Agent": [
+        "AGENT_EVENT",
+        "AGENT_STATUS",
+        "AGENT_CONFIGURATION",
+    ],
+    # Health rule/policy lifecycle often appears via the dedicated
+    # healthrule-violations endpoint, but some controllers also surface
+    # these as events.
+    "Policy": [
+        "POLICY_OPEN_WARNING",
+        "POLICY_OPEN_CRITICAL",
+        "POLICY_CLOSE_WARNING",
+        "POLICY_CLOSE_CRITICAL",
+    ],
+}
+
+
+# Convenience: a flat, de-duplicated list of all known event types
+ALL_EVENT_TYPES: List[str] = sorted({t for group in EVENT_TYPES.values() for t in group})
+
+

config/settings.py

@@ -2,8 +2,8 @@
 Configuration settings for AppDynamics Data Extractor.
 """
 import os
-from dataclasses import dataclass
-from typing import Optional
+from dataclasses import dataclass, field
+from typing import Optional, List
 
 
 @dataclass
@@ -35,6 +35,14 @@ class AppConfig:
     # Output settings
     keep_status_open: bool = False
 
+    # Event settings
+    default_event_duration: int = 60
+    enable_health_rule_violations: bool = False
+    enable_general_events: bool = False
+    enable_custom_events: bool = False
+    selected_event_types: List[str] = field(default_factory=list)
+    selected_severities: List[str] = field(default_factory=lambda: ["INFO", "WARN", "ERROR"])
+
 
 @dataclass
 class APICredentials: