The repository contains files for use within different scenarios. This list provides a summary of the files which are most important in all scenarios:
Dockerfile.nodejs.(dev|test) ... docker spec files
cloudmon/alerts ... source code for alert processing.
./alertApi.js ... source code for alert API
./alertTypes.js ... source code for basic alert types
./config.js ... source code for processing alert configuration: read, write and validate (stored in Elastic)
./const.js ... shared constants
./ctxlib.js ... filters out processable events and creates alert contexts for them
./factory.js ... more complex data structures are formed here (test context, event context, alert structure)
./fmt.js ... source code for RESTful formatting string
./info.js ... source code for collecting event processing statistics
./keys.js ... source code for identification and obtaining values of keys
./learn.js ... source code for memory association alert-type
./ingestion ... source code for ingestion modules
./mod ... source code for alert-type modules
./bloom.js ...bloom filters for a probabilistic implementation of memory-association alert-types
./voip.js ... VoIP-specific alert types such as AoR
./hwpc.js ... VoIP-specific alert types for tracking parallel calls using hopping window
./profiles.js ... code for reading and modifying profiles. REDIS is used as a back-end, and structured data is stored in a "flattened" way.
./quarters.js ... rate/ratio algorithms based upon hopping window
./rest ... source code for RESTful modules
./v2alerts.js ... the "main" alert processing JS code
cloudmon/jsLib/nodejs ... shared source code: utility functions (e.g. event matching expressions, logging functions, redis layer, ...)
./apiLib.js ... API layer (parameter processing, access control, ...)
./dredis.js ... redis layer (primarily used for profile persistence and atomic modifications)
./limits.js ... system limits
./matchparser.js ... source code for parsing filtering expression
./mylog.js ... source code for custom logging and evaluating filter expression (packaged together to support selective logging)
./restful.js ... web listening code (receives API requests and ingests traffic)
./router.js ... web path to JS code matching
cloudmon/bwapi ... source code for a low-level data-access API. To be phased out over time and replaced by a more high-level alerts API.
cloudmon/doc ... alert documentation (MS Word)
cloudmon/timer.py ... timer process code to run in background
test/alerts .... alert auto-testing. Our custom-build bash-based testing scripts ingest events into alert processing and check several types of data to evaluate correct processing: HTTP answer reveals internal context, Elastic Seach can be queried, and profiles can be evaluated. The test-cases can be scripted to simulate a specific time-sequence, in order to test time-sensitive alert-types such as rate and ratio.
./v2at.sh ... auto-testing tool. Start as "./v2at.sh -O". Other options are "-t <testgroupdirectory>", "-s" to trace step-wise, "-v" or "-vv" (very) verbose. logs can be found using "docker logs cloudmon".
./testsuite.sh ... a list of all test-cases to be executed if the "-t" options is not used
./<testgroup> ... test cases are grouped in separate directories. The directory always contains "script.sh" which specifies the test-case, "config.json" which specifies alert configuration and several JSON files that represent events to be ingested.