Skip to content

Comments

feat: add SolarWinds Orion provider#5646

Open
janisag07 wants to merge 2 commits intokeephq:mainfrom
janisag07:feat/solarwinds-provider
Open

feat: add SolarWinds Orion provider#5646
janisag07 wants to merge 2 commits intokeephq:mainfrom
janisag07:feat/solarwinds-provider

Conversation

@janisag07
Copy link

Summary

Adds a SolarWinds Orion provider for Keep, enabling alert ingestion from the SolarWinds monitoring platform via the SWIS (SolarWinds Information Service) REST API.

Features

Authentication

  • Username/password authentication against SolarWinds Orion server
  • Configurable SSL certificate verification for self-signed certificates

Alert Fetching (Pull)

  • Queries Orion.AlertActive joined with Orion.AlertObjects and Orion.AlertConfigurations via SWQL
  • Maps SolarWinds severity levels (Informational, Warning, Critical, Notice) to Keep severity model
  • Maps acknowledgement state to Keep alert status model

Webhook Support (Push)

  • _format_alert handles incoming webhook payloads from SolarWinds HTTP POST alert actions
  • Supports both SolarWinds-native field names (AlertActiveID, AlertName, Severity) and generic Keep field names
  • Handles severity as both integer and string values
  • Handles acknowledged flag as both boolean and string

Scope Validation

  • Verifies connectivity and read access via SWIS API queries

Files Added

  • keep/providers/solarwinds_provider/solarwinds_provider.py — Main provider implementation
  • keep/providers/solarwinds_provider/alerts_mock.py — Mock alert data for UI simulation
  • keep/providers/solarwinds_provider/__init__.py — Package init
  • keep-ui/public/icons/solarwinds-icon.png — Provider icon
  • tests/test_solarwinds_provider.py — Unit tests for format_alert and datetime parsing

Test Plan

  • Unit tests for _format_alert with various webhook payloads (critical, warning, resolved, acknowledged)
  • Unit tests for severity mapping (integer, string, numeric string)
  • Unit tests for datetime parsing (ISO, Z-suffix, invalid, None)
  • Unit tests for fallback field names and minimal payloads
  • Integration test with a SolarWinds Orion instance

Fixes #3526

/claim #3526

Implements a SolarWinds provider for Keep that supports both pull-based
alert fetching via the SWIS REST API and webhook-based alert ingestion.

- Authentication via username/password against SolarWinds Orion server
- SWQL queries against Orion.AlertActive, AlertObjects, AlertConfigurations
- Severity mapping (Informational, Warning, Critical, Notice)
- Status mapping with acknowledgement support
- Webhook format_alert for incoming SolarWinds HTTP POST actions
- SSL verification toggle for self-signed certificates
- Alert mock data for UI simulation
- Unit tests for format_alert and datetime parsing

Fixes keephq#3526
@vercel
Copy link

vercel bot commented Feb 17, 2026

@janisag07 is attempting to deploy a commit to the KeepHQ Team on Vercel.

A member of the Team first needs to authorize it.

@dosubot dosubot bot added the size:XL This PR changes 500-999 lines, ignoring generated files. label Feb 17, 2026
@greptile-apps
Copy link
Contributor

greptile-apps bot commented Feb 17, 2026

Target branch is not in the allowed branches list.

@dosubot dosubot bot added API API related issues Feature A new feature labels Feb 17, 2026
… pull-path tests

1. Webhook markdown template: doubled all closing braces so Python
   .format() no longer crashes on the template string.
2. Severity 3 ('Serious') now maps to AlertSeverity.HIGH instead of LOW.
3. Added tests for _get_alerts and _parse_swis_alert (pull path)
   with mocked SWIS query responses.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

API API related issues 🙋 Bounty claim Feature A new feature size:XL This PR changes 500-999 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[🔌 Provider]: Solarwinds

1 participant