Merge pull request #687 from mozilla/write_audit_custom

Updating search window time to be 15 mins

alerts/write_audit.py

@@ -14,7 +14,7 @@ from query_models import SearchQuery, TermMatch, QueryStringMatch, PhraseMatch
 class WriteAudit(AlertTask):
     def main(self):
         self.parse_config('write_audit.conf', ['skipprocess'])
-        search_query = SearchQuery(minutes=5)
+        search_query = SearchQuery(minutes=15)
 
         search_query.add_must([
             TermMatch('category', 'write'),

tests/alerts/test_write_audit.py

@@ -115,8 +115,8 @@ class TestWriteAudit(AlertTestSuite):
 
     events = AlertTestSuite.create_events(default_event, 5)
     for event in events:
-        event['_source']['utctimestamp'] = AlertTestSuite.subtract_from_timestamp_lambda({'minutes': 15})
-        event['_source']['receivedtimestamp'] = AlertTestSuite.subtract_from_timestamp_lambda({'minutes': 15})
+        event['_source']['utctimestamp'] = AlertTestSuite.subtract_from_timestamp_lambda({'minutes': 20})
+        event['_source']['receivedtimestamp'] = AlertTestSuite.subtract_from_timestamp_lambda({'minutes': 20})
     test_cases.append(
         NegativeAlertTestCase(
             description="Negative test case with old timestamp",