@Override public Document createMetaAlert(MetaAlertCreateRequest request) throws InvalidCreateException, IOException { List<GetRequest> alertRequests = request.getAlerts(); if (request.getAlerts().isEmpty()) { throw new InvalidCreateException("MetaAlertCreateRequest must contain alerts"); if (request.getGroups().isEmpty()) { throw new InvalidCreateException("MetaAlertCreateRequest must contain UI groups"); Document metaAlert = buildCreateDocument(alerts, request.getGroups(), MetaAlertConstants.ALERT_FIELD); MetaScores.calculateMetaScores(metaAlert, getConfig().getThreatTriageField(),
@Test(expected = InvalidCreateException.class) public void testCreateMetaAlertEmptyGroups() throws InvalidCreateException, IOException { ElasticsearchDao esDao = new ElasticsearchDao(); MultiIndexDao miDao = new MultiIndexDao(esDao); ElasticsearchMetaAlertDao emaDao = new ElasticsearchMetaAlertDao(); emaDao.init(miDao); MetaAlertCreateRequest createRequest = new MetaAlertCreateRequest(); createRequest.setAlerts(Collections.singletonList(new GetRequest("don't", "care"))); emaDao.createMetaAlert(createRequest); }
@Test(expected = InvalidCreateException.class) public void testCreateMetaAlertEmptyGuids() throws InvalidCreateException, IOException { ElasticsearchDao esDao = new ElasticsearchDao(); ElasticsearchMetaAlertDao emaDao = new ElasticsearchMetaAlertDao(); emaDao.init(esDao); MetaAlertCreateRequest createRequest = new MetaAlertCreateRequest(); emaDao.createMetaAlert(createRequest); }
public Document createMetaAlert(MetaAlertCreateRequest request) throws InvalidCreateException, IOException { List<GetRequest> alertRequests = request.getAlerts(); if (request.getAlerts().isEmpty()) { throw new InvalidCreateException("MetaAlertCreateRequest must contain alerts"); if (request.getGroups().isEmpty()) { throw new InvalidCreateException("MetaAlertCreateRequest must contain UI groups"); Document metaAlert = buildCreateDocument(alerts, request.getGroups(), MetaAlertConstants.ALERT_FIELD); MetaScores
@SuppressWarnings("unchecked") @Override public Document createMetaAlert(MetaAlertCreateRequest request) throws InvalidCreateException, IOException { List<GetRequest> alertRequests = request.getAlerts(); if (alertRequests.isEmpty()) { return null; } // Retrieve the documents going into the meta alert and build it Iterable<Document> alerts = indexDao.getAllLatest(alertRequests); Document metaAlert = buildCreateDocument(alerts, request.getGroups(), MetaAlertConstants.ALERT_FIELD); metaAlert.getDocument() .put(getConfig().getSourceTypeField(), MetaAlertConstants.METAALERT_TYPE); return metaAlert; }