feat(alerts): close Phase 13 gaps — hourly job + webhook + in-app notifications

- Add dispatch_webhook_targeted() to webhook_service for rule-specific delivery - evaluate_all_rules() now dispatches in-app notifications (admins/leads) and webhooks after each alert fires (targeted + global alert.fired broadcast) - APScheduler: _run_alert_evaluation() job registered hourly alongside existing jobs Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-21 15:57:41 +02:00
parent cfbf6a6ede
commit 97349a1d13
3 changed files with 141 additions and 12 deletions
--- a/backend/app/jobs/mitre_sync_job.py
+++ b/backend/app/jobs/mitre_sync_job.py
@@ -223,6 +223,25 @@ def _run_queue_generation() -> None:
        db.close()


+def _run_alert_evaluation() -> None:
+    """Evaluate all enabled operational alert rules (hourly)."""
+    logger.info("Scheduled alert evaluation job starting...")
+    db = SessionLocal()
+    try:
+        from app.services.operational_alert_service import evaluate_all_rules
+        result = evaluate_all_rules(db)
+        logger.info(
+            "Alert evaluation finished — %d rules, %d alerts fired in %.3fs",
+            result["rules_evaluated"],
+            result["alerts_fired"],
+            result["duration_seconds"],
+        )
+    except Exception:
+        logger.exception("Alert evaluation job failed")
+    finally:
+        db.close()
+
+
 # ---------------------------------------------------------------------------
 # Scheduler bootstrap
 # ---------------------------------------------------------------------------
@@ -338,11 +357,20 @@ def start_scheduler() -> None:
        name="Revalidation queue generation (daily 02:30)",
        replace_existing=True,
    )
+    scheduler.add_job(
+        _run_alert_evaluation,
+        trigger="interval",
+        hours=1,
+        id="alert_evaluation",
+        name="Operational alert evaluation (hourly)",
+        replace_existing=True,
+    )
    scheduler.start()
    logger.info(
        "Background scheduler started — mitre_sync (24h), intel_scan (7d), "
        "notification_cleanup (24h), weekly_snapshot (Sundays 00:00), "
        "recurring_campaigns (daily), jira_sync (1h), "
        "osint_enrichment (weekly), stale_detection (daily), "
-        "retention_policies (daily), data_sources_sync (6h)"
+        "retention_policies (daily), data_sources_sync (6h), "
+        "alert_evaluation (1h)"
    )