@simbimbo/brainstem 0.0.4 → 0.0.5

package/brainstem/source_drivers.py

@@ -6,6 +6,9 @@ from typing import Any, Callable, Iterable, List, Protocol, runtime_checkable
 from .adapters import get_raw_input_adapter
 from .models import RawInputEnvelope
 
+# Register LogicMonitor adapter definitions for structured ingest support.
+from .connectors import logicmonitor  # noqa: F401
+
 ErrorHandler = Callable[[Exception, str], None]
 
 
@@ -146,5 +149,31 @@ class SyslogSourceDriver:
         return raw_envelopes
 
 
+@dataclass(frozen=True)
+class LogicMonitorSourceDriver:
+    """Driver for narrow LogicMonitor-shaped payloads."""
+
+    source_type: str = "logicmonitor"
+
+    def parse_payload(
+        self,
+        payload: Any,
+        *,
+        tenant_id: str,
+        source_path: str = "",
+        on_parse_error: ErrorHandler | None = None,
+    ) -> List[RawInputEnvelope]:
+        adapter = get_raw_input_adapter(self.source_type)
+        payload_text = "" if payload is None else str(payload)
+        try:
+            return [adapter.parse_raw_input(payload, tenant_id=tenant_id, source_path=source_path)]
+        except Exception as exc:
+            if on_parse_error is None:
+                raise
+            on_parse_error(exc, payload_text)
+            return []
+
+
 register_source_driver(FileSourceDriver())
 register_source_driver(SyslogSourceDriver())
+register_source_driver(LogicMonitorSourceDriver())

package/brainstem/storage.py

@@ -2,6 +2,7 @@ from __future__ import annotations
 
 import json
 import sqlite3
+from datetime import datetime, timezone
 from pathlib import Path
 from typing import Any, Iterable, List
 
@@ -13,8 +14,43 @@ def default_db_path() -> Path:
     return Path(resolve_default_db_path())
 
 
+def _snapshot_timestamp() -> tuple[str, str]:
+    now = datetime.now(timezone.utc)
+    created_at = now.isoformat(timespec="seconds").replace("+00:00", "Z")
+    compact_timestamp = now.strftime("%Y%m%dT%H%M%S%fZ")
+    return created_at, compact_timestamp
+
+
+def create_sqlite_snapshot(db_path: str | None = None) -> dict[str, str | int]:
+    source_path = Path(db_path) if db_path else default_db_path()
+    if not source_path.exists():
+        raise FileNotFoundError(f"source database does not exist: {source_path}")
+    if not source_path.is_file():
+        raise ValueError(f"source path is not a file: {source_path}")
+
+    created_at, compact_timestamp = _snapshot_timestamp()
+    snapshot_name = f"{source_path.stem}.snapshot.{compact_timestamp}{source_path.suffix}"
+    snapshot_path = source_path.with_name(snapshot_name)
+
+    source_connection = sqlite3.connect(str(source_path))
+    snapshot_connection = sqlite3.connect(str(snapshot_path))
+    try:
+        source_connection.backup(snapshot_connection)
+    finally:
+        snapshot_connection.close()
+        source_connection.close()
+
+    return {
+        "source_path": str(source_path),
+        "snapshot_path": str(snapshot_path),
+        "size": snapshot_path.stat().st_size,
+        "created_at": created_at,
+    }
+
+
 RAW_ENVELOPE_STATUSES = ("received", "canonicalized", "parse_failed", "unsupported")
 RAW_ENVELOPE_FAILURE_STATUSES = ("parse_failed", "unsupported")
+MAINTENANCE_TABLES = ("events", "raw_envelopes", "signatures", "candidates")
 
 
 def _coerce_raw_envelope_id(value: Any) -> int | None:
@@ -54,6 +90,25 @@ def extract_source_raw_envelope_ids(metadata_json: str | None) -> List[int]:
     return _coerce_raw_envelope_id_list(metadata.get("source_raw_envelope_ids"))
 
 
+def resolve_maintenance_tables(table_names: Iterable[str] | None = None) -> list[str]:
+    if table_names is None:
+        return list(MAINTENANCE_TABLES)
+
+    requested: list[str] = []
+    for table_name in table_names:
+        table_name = str(table_name).strip().lower()
+        if not table_name:
+            continue
+        if table_name == "all":
+            return list(MAINTENANCE_TABLES)
+        if table_name not in MAINTENANCE_TABLES:
+            raise ValueError(f"unsupported table for maintenance clear: {table_name}")
+        if table_name not in requested:
+            requested.append(table_name)
+
+    return requested or list(MAINTENANCE_TABLES)
+
+
 def _validate_canonicalization_status(status: str) -> None:
     if status not in RAW_ENVELOPE_STATUSES:
         raise ValueError(f"unsupported canonicalization_status: {status}")
@@ -139,6 +194,35 @@ def init_db(db_path: str | None = None) -> None:
         conn.close()
 
 
+def get_storage_counts(db_path: str | None = None) -> dict[str, int]:
+    init_db(db_path)
+    conn = connect(db_path)
+    try:
+        return {
+            table: _query_count(conn, f"SELECT COUNT(*) FROM {table}")
+            for table in MAINTENANCE_TABLES
+        }
+    finally:
+        conn.close()
+
+
+def clear_storage_tables(db_path: str | None = None, *, tables: Iterable[str] | None = None) -> dict[str, int]:
+    resolved_tables = resolve_maintenance_tables(tables)
+    init_db(db_path)
+    conn = connect(db_path)
+    try:
+        counts: dict[str, int] = {}
+        for table in resolved_tables:
+            count = _query_count(conn, f"SELECT COUNT(*) FROM {table}")
+            conn.execute(f"DELETE FROM {table}")
+            conn.execute("DELETE FROM sqlite_sequence WHERE name = ?", (table,))
+            counts[table] = count
+        conn.commit()
+        return counts
+    finally:
+        conn.close()
+
+
 def store_raw_envelopes(raw_envelopes: Iterable[RawInputEnvelope], db_path: str | None = None) -> List[int]:
     conn = connect(db_path)
     raw_ids: List[int] = []

package/docs/README.md

@@ -1,6 +1,6 @@
 # Runtime Examples
 
-Use this compact surface for the implemented runtime API, listener, and file-ingest paths.
+Use this compact surface for the implemented runtime API, listener, file-ingest, and LogicMonitor-shaped webhook path.
 
 ## 0) Shared runtime settings
 
@@ -51,7 +51,16 @@ curl -s -X POST http://127.0.0.1:8000/ingest/batch \
   -d '{"threshold":2,"db_path":"/tmp/brainstem.sqlite3","events":[{"tenant_id":"demo-tenant","source_type":"file","source_path":"/tmp/manual.log","message_raw":"vpn tunnel dropped and recovered"}]}'
 ```
 
-## 5) Runtime inspection endpoints (same db path)
+## 5) LogicMonitor-shaped ingest (connector payloads)
+
+```bash
+curl -s -X POST http://127.0.0.1:8000/ingest/logicmonitor \
+  -H "Content-Type: application/json" \
+  -H "X-API-Token: $BRAINSTEM_API_TOKEN" \
+  -d '{"tenant_id":"demo-tenant","threshold":2,"source_path":"/logicmonitor/ingest","db_path":"/tmp/brainstem.sqlite3","events":[{"resource_id":123,"resource_name":"edge-fw-01","message_raw":"VPN tunnel dropped and recovered","severity":"warning","metadata":{"datasource":"IPSec Tunnel"}}]}'
+```
+
+## 6) Runtime inspection endpoints (same db path)
 
 ```bash
 curl -s "http://127.0.0.1:8000/ingest/recent?db_path=/tmp/brainstem.sqlite3&limit=5" \
@@ -72,7 +81,7 @@ curl -s "http://127.0.0.1:8000/sources/status?db_path=/tmp/brainstem.sqlite3&lim
   -H "X-API-Token: $BRAINSTEM_API_TOKEN"
 ```
 
-## 6) Direct file ingest helper path
+## 7) Direct file ingest helper path
 
 ```bash
 python - <<'PY'