Closes #3526

Adds a SolarWinds monitoring provider for Keep with:

• Pull (API): Queries SolarWinds SWIS REST API via SWQL for active alerts, joining AlertActive + AlertObjects + AlertConfigurations
• Push (Webhook): Receives alerts via SolarWinds HTTP POST alert actions with variable substitution (trigger + reset actions)
• Correct inverted severity mapping: 0=Critical, 1=Serious/High, 2=Warning, 3=Informational/Info, 4=Notice/Low
• SWQL queries via POST (not GET)
• Acknowledged status detection from string/bool/int variants
• 6 mock alert payloads covering critical/warning/serious/recovery/acknowledged
• Full documentation with alert action setup and variable templates
• 42 tests covering format_alert, severity mapping, alerts_mock, and metadata

/claim #3526

📑 Description

Complete SolarWinds provider implementation with both pull (API polling) and push (webhook) support.

Pull mode queries the SWIS REST API using SWQL (SELECT ... FROM Orion.AlertActive) to fetch active alerts with severity, status, and node metadata. Authentication via username/password with configurable server URL.

Push mode receives webhook POST payloads from SolarWinds alert actions. Supports variable substitution templates (${N=SwisEntity;M=AlertActive.TriggeredMessage}) for trigger and reset actions.

Key implementation details:

• SolarWinds uses inverted severity (0=Critical/most severe, 4=Notice/least severe) — mapped correctly to Keep’s AlertSeverity
• SWIS REST API uses POST for queries (not GET) — the query is sent in the request body as JSON
• Acknowledged status detected from multiple formats: string “true”/“yes”/“1”, boolean true, or notification_type “ACKNOWLEDGEMENT”
• Alert ID derived from alert_active_id (preferred) or alert_id + object_name composite fallback

✅ Checks

• My pull request adheres to the code style of this project
• My code requires changes to the documentation
• I have updated the documentation as required
• All the tests have passed

ℹ Additional Information

Test coverage (42 tests):

• TestSolarwindsFormatAlert (22 tests): webhook formatting, severity mapping through format_alert, status determination, acknowledged detection, ID generation, timestamp passthrough, empty event handling
• TestSolarwindsSeverityMapping (10 tests): all 5 numeric levels (int + string keys) and all 5 named string keys verified against SEVERITY_MAP directly
• TestSolarwindsAlertsMock (4 tests): alerts_mock format compatibility, PROBLEM/RECOVERY coverage, severity range
• TestSolarwindsProviderMetadata (6 tests): display name, tags, category, fingerprint fields, scopes, SWIS base path

Files:

• keep/providers/solarwinds_provider/solarwinds_provider.py — Provider implementation
• keep/providers/solarwinds_provider/alerts_mock.py — 6 mock payloads for simulate_alert
• keep/providers/solarwinds_provider/__init__.py
• keep-ui/public/icons/solarwinds-icon.png — SolarWinds flame icon
• docs/providers/documentation/solarwinds-provider.mdx — Setup documentation
• docs/snippets/providers/solarwinds-snippet-autogenerated.mdx — Auto-generated snippet
• tests/test_solarwinds_provider.py — 42 tests