From 143de3be5c1ae90c16a7270d5b0e4e0c1ac2887b Mon Sep 17 00:00:00 2001
From: Tal Borenstein <tal@keephq.dev>
Date: Wed, 6 Mar 2024 17:51:21 +0200
Subject: [PATCH 1/3] feat: support mapping priorty from CLI

---
 keep/api/bl/enrichments.py |  8 ++++++++
 keep/cli/cli.py            | 27 ++++++++++++++-------------
 2 files changed, 22 insertions(+), 13 deletions(-)

diff --git a/keep/api/bl/enrichments.py b/keep/api/bl/enrichments.py
index 38690ac2a..3d9e68e69 100644
--- a/keep/api/bl/enrichments.py
+++ b/keep/api/bl/enrichments.py
@@ -37,6 +37,7 @@ def run_mapping_rules(self, alert: AlertDto):
             self.db_session.query(MappingRule)
             .filter(MappingRule.tenant_id == self.tenant_id)
             .filter(MappingRule.disabled == False)
+            .order_by(MappingRule.priority.desc())
             .all()
         )
 
@@ -59,6 +60,7 @@ def run_mapping_rules(self, alert: AlertDto):
             for row in rule.rows:
                 if all(
                     get_nested_attribute(alert, attribute) == row.get(attribute)
+                    or row.get(attribute) == "*"  # Wildcard
                     for attribute in rule.matchers
                 ):
                     self.logger.info(
@@ -73,6 +75,12 @@ def run_mapping_rules(self, alert: AlertDto):
                         for key, value in row.items()
                         if key not in rule.matchers
                     }
+
+                    # Enrich the alert with the matched row
+                    for key, value in enrichments.items():
+                        setattr(alert, key, value)
+
+                    # Save the enrichments to the database
                     enrich_alert(
                         self.tenant_id, alert.fingerprint, enrichments, self.db_session
                     )
diff --git a/keep/cli/cli.py b/keep/cli/cli.py
index 856da8d36..5a9d81fb4 100644
--- a/keep/cli/cli.py
+++ b/keep/cli/cli.py
@@ -264,19 +264,9 @@ def whoami(info: Info):
 
 @cli.command()
 @click.option("--multi-tenant", is_flag=True, help="Enable multi-tenant mode")
+@click.option("--port", "-p", type=int, default=8080, help="The port to run the API on")
 @click.option(
-    "--port",
-    "-p",
-    type=int,
-    default=8080,
-    help="The port to run the API on"
-)
-@click.option(
-    "--host",
-    "-h",
-    type=str,
-    default="0.0.0.0",
-    help="The host to run the API on"
+    "--host", "-h", type=str, default="0.0.0.0", help="The host to run the API on"
 )
 def api(multi_tenant: bool, port: int, host: str):
     """Start the API."""
@@ -745,8 +735,18 @@ def list_mappings(info: Info):
     help="The matchers of the mapping, as a comma-separated list of strings.",
     required=True,
 )
+@click.option(
+    "--priority",
+    "-p",
+    type=int,
+    help="The priority of the mapping, higher priority means this rule will execute first.",
+    required=False,
+    default=0,
+)
 @pass_info
-def create(info: Info, name: str, description: str, file: str, matchers: str):
+def create(
+    info: Info, name: str, description: str, file: str, matchers: str, priority: int
+):
     """Create a mapping rule."""
     if os.path.isfile(file) and file.endswith(".csv"):
         with open(file, "rb") as f:
@@ -775,6 +775,7 @@ def create(info: Info, name: str, description: str, file: str, matchers: str):
                     "file_name": file_name,
                     "matchers": matchers.split(","),
                     "rows": rows,
+                    "priority": priority,
                 },
             )
 

From 48579271fc7387ee2559cae5b819962ac318396d Mon Sep 17 00:00:00 2001
From: Tal Borenstein <tal@keephq.dev>
Date: Wed, 6 Mar 2024 17:52:44 +0200
Subject: [PATCH 2/3] feat(ui): show mapping priority

---
 keep-ui/app/mapping/rules-table.tsx | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/keep-ui/app/mapping/rules-table.tsx b/keep-ui/app/mapping/rules-table.tsx
index c0a2ea1d8..c26f93a89 100644
--- a/keep-ui/app/mapping/rules-table.tsx
+++ b/keep-ui/app/mapping/rules-table.tsx
@@ -34,6 +34,11 @@ export default function RulesTable({ mappings }: { mappings: MappingRule[] }) {
       header: "#",
       cell: (context) => context.row.original.id,
     }),
+    columnHelper.display({
+      id: "priority",
+      header: "Priority",
+      cell: (context) => context.row.original.priority,
+    }),
     columnHelper.display({
       id: "name",
       header: "Name",

From 6c833988fcf426cada3a0de893252685602add86 Mon Sep 17 00:00:00 2001
From: Tal Borenstein <tal@keephq.dev>
Date: Wed, 6 Mar 2024 17:54:22 +0200
Subject: [PATCH 3/3] feat(ui): show mapping rules in desc order

---
 keep-ui/app/mapping/rules-table.tsx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/keep-ui/app/mapping/rules-table.tsx b/keep-ui/app/mapping/rules-table.tsx
index c26f93a89..6eeafa14c 100644
--- a/keep-ui/app/mapping/rules-table.tsx
+++ b/keep-ui/app/mapping/rules-table.tsx
@@ -89,7 +89,7 @@ export default function RulesTable({ mappings }: { mappings: MappingRule[] }) {
 
   const table = useReactTable({
     columns,
-    data: mappings,
+    data: mappings.sort((a, b) => b.priority - a.priority),
     getCoreRowModel: getCoreRowModel(),
   });