@Override public Document addAlertsToMetaAlert(MetaAlertAddRemoveRequest metaAlertAddRemoveRequest) throws RestException { try { return dao.addAlertsToMetaAlert(metaAlertAddRemoveRequest.getMetaAlertGuid(), metaAlertAddRemoveRequest.getAlerts()); } catch (IOException | IllegalStateException e) { throw new RestException(e.getMessage(), e); } }
/** * Initializes a Meta Alert DAO with default "sum" meta alert threat sorting. * @param indexDao The DAO to wrap for our queries. */ default void init(IndexDao indexDao) { init(indexDao, Optional.empty()); }
@Override public Document removeAlertsFromMetaAlert(MetaAlertAddRemoveRequest metaAlertAddRemoveRequest) throws RestException { try { return dao.removeAlertsFromMetaAlert(metaAlertAddRemoveRequest.getMetaAlertGuid(), metaAlertAddRemoveRequest.getAlerts()); } catch (IOException | IllegalStateException e) { throw new RestException(e.getMessage(), e); } }
protected Map<String, Object> buildMetaAlert(String guid, MetaAlertStatus status, Optional<List<Map<String, Object>>> alerts) { Map<String, Object> metaAlert = new HashMap<>(); metaAlert.put(Constants.GUID, guid); metaAlert.put(getSourceTypeField(), METAALERT_TYPE); metaAlert.put(STATUS_FIELD, status.getStatusString()); metaAlert.put(getThreatTriageField(), 100.0d); if (alerts.isPresent()) { List<Map<String, Object>> alertsList = alerts.get(); metaAlert.put(ALERT_FIELD, alertsList); } return metaAlert; }
protected List<Map<String, Object>> buildMetaAlerts(int count, MetaAlertStatus status, Optional<List<Map<String, Object>>> alerts) { List<Map<String, Object>> inputData = new ArrayList<>(); for (int i = 0; i < count; ++i) { final String guid = "meta_" + status.getStatusString() + "_" + i; inputData.add(buildMetaAlert(guid, status, alerts)); } return inputData; }
@Test(expected = IllegalStateException.class) public void testRemoveAlertsFromMetaAlertInactive() throws IOException { dao.removeAlertsFromMetaAlert(INACTIVE.getStatusString(), null); }
protected void findUpdatedDoc(Map<String, Object> message0, String guid, String sensorType) throws InterruptedException, IOException, OriginalNotFoundException { commit(); for (int t = 0; t < MAX_RETRIES; ++t, Thread.sleep(SLEEP_MS)) { Document doc = metaDao.getLatest(guid, sensorType); // Change the underlying document alerts lists to sets to avoid ordering issues. convertAlertsFieldToSet(doc.getDocument()); convertAlertsFieldToSet(message0); if (doc.getDocument() != null && message0.equals(doc.getDocument())) { convertAlertsFieldToList(doc.getDocument()); convertAlertsFieldToList(message0); return; } } throw new OriginalNotFoundException( "Count not find " + guid + " after " + MAX_RETRIES + " tries"); }
private SearchResponse searchForSortedMetaAlerts(SortField sortBy) throws InvalidSearchException { SearchRequest searchRequest = new SearchRequest(); searchRequest.setFrom(0); searchRequest.setSize(10); searchRequest.setIndices(Arrays.asList(getTestIndexName(), METAALERT_TYPE)); searchRequest.setQuery("*:*"); searchRequest.setSort(Collections.singletonList(sortBy)); return metaDao.search(searchRequest); }
@Override public SearchResponse getAllMetaAlertsForAlert(String guid) throws RestException { try { return dao.getAllMetaAlertsForAlert(guid); } catch (IOException|InvalidSearchException ise) { throw new RestException(ise.getMessage(), ise); } }
@Override public Document updateMetaAlertStatus(String metaAlertGuid, MetaAlertStatus status) throws RestException { try { return dao.updateMetaAlertStatus(metaAlertGuid, status); } catch (IOException ioe) { throw new RestException(ioe.getMessage(), ioe); } } }
@Override public Document create(MetaAlertCreateRequest createRequest) throws RestException { try { return dao.createMetaAlert(createRequest); } catch (InvalidCreateException | IOException e) { throw new RestException(e.getMessage(), e); } }
@SuppressWarnings("unchecked") @Override public Document createMetaAlert(MetaAlertCreateRequest request) throws InvalidCreateException, IOException { return metaAlertUpdateDao.createMetaAlert(request); }
@SuppressWarnings("unchecked") @Override public Document updateMetaAlertStatus(String metaAlertGuid, MetaAlertStatus status) throws IOException { return metaAlertUpdateDao.updateMetaAlertStatus(metaAlertGuid, status); }
@Override public Document addAlertsToMetaAlert(String metaAlertGuid, List<GetRequest> alertRequests) throws IOException { return metaAlertUpdateDao.addAlertsToMetaAlert(metaAlertGuid, alertRequests); }
@Override public Document removeAlertsFromMetaAlert(String metaAlertGuid, List<GetRequest> alertRequests) throws IOException { return metaAlertUpdateDao.removeAlertsFromMetaAlert(metaAlertGuid, alertRequests); }
protected String getTestIndexFullName() { return getTestIndexName(); }
public String getThreatTriageField() { Optional<Map<String, Object>> globalConfig = Optional.ofNullable(globalConfigSupplier.get()); if(!globalConfig.isPresent()) { return getDefaultThreatTriageField(); } return ConfigurationsUtils.getFieldName(globalConfig.get(), Constants.THREAT_SCORE_FIELD_PROPERTY, getDefaultThreatTriageField()); }
protected boolean findCreatedDoc(String guid, String sensorType) throws InterruptedException, IOException, OriginalNotFoundException { for (int t = 0; t < MAX_RETRIES; ++t, Thread.sleep(SLEEP_MS)) { Document doc = metaDao.getLatest(guid, sensorType); if (doc != null) { return true; } } throw new OriginalNotFoundException( "Count not find " + guid + " after " + MAX_RETRIES + "tries"); }
@Test(expected = InvalidCreateException.class) public void testCreateMetaAlertEmptyGuids() throws InvalidCreateException, IOException { ElasticsearchDao esDao = new ElasticsearchDao(); ElasticsearchMetaAlertDao emaDao = new ElasticsearchMetaAlertDao(); emaDao.init(esDao); MetaAlertCreateRequest createRequest = new MetaAlertCreateRequest(); emaDao.createMetaAlert(createRequest); }
@Test public void getAllMetaAlertsForAlertShouldThrowExceptionForEmptyGuid() throws Exception { try { metaDao.getAllMetaAlertsForAlert(""); Assert.fail("An exception should be thrown for empty guid"); } catch (InvalidSearchException ise) { Assert.assertEquals("Guid cannot be empty", ise.getMessage()); } }