Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid searches lead to read error messages #584

Closed
crackytsi opened this issue May 17, 2018 · 1 comment
Closed

Invalid searches lead to read error messages #584

crackytsi opened this issue May 17, 2018 · 1 comment
Assignees
@nadouani
Labels
bug
Milestone
3.0.10

Comments

@crackytsi
Copy link

crackytsi commented May 17, 2018
edited
Loading

Request Type

Bug

Work Environment

Question Answer
OS version (server) Debian
OS version (client) Seven using Chrome Browser
TheHive version / git hash 3.0.9
Package Type DEB

Problem Description

Search for the following string: "caseId: #1"
(remove quotations).

This leads to not understandable error message:
SearchSrv: failed to create query: { "bool" : { "must" : [ { "bool" : { "must" : [ { "query_string" : { "query" : "caseId: #1", "fields" : [ ], "use_dis_max" : true, "tie_breaker" : 0.0, "default_operator" : "or", "auto_generate_phrase_queries" : false, "max_determinized_states" : 10000, "enable_position_increments" : true, "fuzziness" : "AUTO", "fuzzy_prefix_length" : 0, "fuzzy_max_expansions" : 50, "phrase_slop" : 0, "escape" : false, "split_on_whitespace" : true, "boost" : 1.0 } }, { "query_string" : { "query" : "!_type:audit AND !_type:data AND !_type:user AND !_type:analyzer AND !_type:case_artifact_job_log AND !status:Deleted", "fields" : [ ], "use_dis_max" : true, "tie_breaker" : 0.0, "default_operator" : "or", "auto_generate_phrase_queries" : false, "max_determinized_states" : 10000, "enable_position_increments" : true, "fuzziness" : "AUTO", "fuzzy_prefix_length" : 0, "fuzzy_max_expansions" : 50, "phrase_slop" : 0, "escape" : false, "split_on_whitespace" : true, "boost" : 1.0 } } ], "disable_coord" : false, "adjust_pure_negative" : true, "boost" : 1.0 } }, { "bool" : { "must_not" : [ { "term" : { "status" : { "value" : "Deleted", "boost" : 1.0 } } } ], "disable_coord" : false, "adjust_pure_negative" : true, "boost" : 1.0 } }, { "bool" : { "must_not" : [ { "bool" : { "should" : [ { "term" : { "_type" : { "value" : "audit", "boost" : 1.0 } } }, { "term" : { "_type" : { "value" : "data", "boost" : 1.0 } } }, { "term" : { "_type" : { "value" : "user", "boost" : 1.0 } } }, { "term" : { "_type" : { "value" : "analyzer", "boost" : 1.0 } } }, { "term" : { "_type" : { "value" : "misp", "boost" : 1.0 } } } ], "disable_coord" : false, "adjust_pure_negative" : true, "boost" : 1.0 } } ], "disable_coord" : false, "adjust_pure_negative" : true, "boost" : 1.0 } } ], "disable_coord" : false, "adjust_pure_negative" : true, "boost" : 1.0 } }
@saadkadhi saadkadhi added this to the 3.1.0 (Cerana 1) milestone May 17, 2018
@nadouani
Copy link
Contributor

There is nothing to do here except catch the error message and display a human readable message.

The search section will be revamped in a future release to allow a more structured search capabilities like the way we define filters in dashboards.

@nadouani nadouani assigned nadouani and unassigned To-om May 22, 2018
@nadouani nadouani modified the milestones: 3.1.0 (Cerana 1), 3.0.10 May 22, 2018
nadouani added a commit that referenced this issue May 22, 2018
@nadouani
#584 Fix error message in search page when query is invalid
6f965f5
@nadouani nadouani mentioned this issue May 22, 2018
Closed
To-om pushed a commit that referenced this issue May 29, 2018
@nadouani @To-om
#584 Fix error message in search page when query is invalid
29fcebe
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nadouani nadouani

Labels
bug
Projects
None yet
Milestone
3.0.10
Development

No branches or pull requests
4 participants
@nadouani @saadkadhi @crackytsi @To-om