Skip to content

Commit

Permalink
#312 Add observable count computed metric in alert
Browse files Browse the repository at this point in the history
  • Loading branch information
@To-om
To-om committed Nov 10, 2017
1 parent 024b58e commit 2686eb1
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 2 deletions.
2 changes: 2 additions & 0 deletions thehive-backend/app/models/Alert.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,8 @@ class AlertModel @Inject() (dblists: DBLists)
private[AlertModel] lazy val logger = Logger(getClass)
override val defaultSortBy: Seq[String] = Seq("-date")
override val removeAttribute: JsObject = Json.obj("status" AlertStatus.Ignored)
override val computedMetrics: Map[String, String] = Map(
"observableCount" "_source['artifacts']?.size()")

override def creationHook(parent: Option[BaseEntity], attrs: JsObject): Future[JsObject] = {
// check if data attribute is present on all artifacts
Expand Down
3 changes: 2 additions & 1 deletion thehive-backend/app/models/Case.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,7 +177,8 @@ class CaseModel @Inject() (
}

override val computedMetrics = Map(
"handlingDuration" "doc['endDate'].value - doc['startDate'].value")
"handlingDurationInSeconds" "(doc['endDate'].value - doc['startDate'].value) / 1000",
"handlingDurationInDays" "(doc['endDate'].value - doc['startDate'].value) / 3600000")
}

class Case(model: CaseModel, attributes: JsObject) extends EntityDef[CaseModel, Case](model, attributes) with CaseAttributes
2 changes: 1 addition & 1 deletion ui/app/scripts/services/QueryBuilderSrv.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@
this._buildQueryFromFilter = function(fieldDef, filter) {
if (filter.type === 'date') {
return this._buildQueryFromDateFilter(fieldDef, filter);
} else if(filter.type === 'user' || filter.field === 'tags' || filter.type === 'enumeration' || fieldDef.values.length > 0) {
} else if(filter.value.list || filter.type === 'user' || filter.field === 'tags' || filter.type === 'enumeration' || fieldDef.values.length > 0) {
return this._buildQueryFromListFilter(fieldDef, filter);
} else if(filter.type === 'boolean' || filter.type === 'number') {
return this._buildQueryFromDefaultFilter(fieldDef, filter);
Expand Down

0 comments on commit 2686eb1

Please sign in to comment.