/** * Builds the updates to be run based on a given metaalert and a set of new alerts for the it. * @param metaAlert The base metaalert we're building updates for * @param alerts The alerts being added * @return The set of resulting updates. */ protected Map<Document, Optional<String>> buildAddAlertToMetaAlertUpdates(Document metaAlert, Iterable<Document> alerts) { Map<Document, Optional<String>> updates = new HashMap<>(); boolean metaAlertUpdated = addAlertsToMetaAlert(metaAlert, alerts); if (metaAlertUpdated) { MetaScores .calculateMetaScores(metaAlert, config.getThreatTriageField(), config.getThreatSort()); updates.put(metaAlert, Optional.of(config.getMetaAlertIndex())); for (Document alert : alerts) { if (addMetaAlertToAlert(metaAlert.getGuid(), alert)) { updates.put(alert, Optional.empty()); } } } return updates; }
.calculateMetaScores(metaAlert, config.getThreatTriageField(), config.getThreatSort()); updates.put(metaAlert, Optional.of(config.getMetaAlertIndex())); for (Document alert : alerts) {
MetaScores.calculateMetaScores(metaAlert, getConfig().getThreatTriageField(), getConfig().getThreatSort());
MetaAlertConstants.ALERT_FIELD); MetaScores .calculateMetaScores(metaAlert, getConfig().getThreatTriageField(), getConfig().getThreatSort());