[
https://issues.apache.org/jira/browse/METRON-1158?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16161493#comment-16161493
]
ASF GitHub Bot commented on METRON-1158:
----------------------------------------
Github user merrimanr commented on the issue:
https://github.com/apache/metron/pull/734
Tested this again in full dev and now the default sort is working as
expected (due to timestamp being added). +1 from me. Nice job.
> Build backend for grouping alerts into meta alerts
> --------------------------------------------------
>
> Key: METRON-1158
> URL: https://issues.apache.org/jira/browse/METRON-1158
> Project: Metron
> Issue Type: New Feature
> Reporter: Justin Leet
> Assignee: Justin Leet
>
> We should be able to handle meta alerts (manually grouped alerts,
> particularly from the UI) in the system. This should be integrated with the
> DAO composition put into place with IndexDao.
> While similar to faceting (and likely resulting from slicing and dicing from
> faceting), these need to be interacted with and queryable alongside regular
> alerts.
> This needs to handle:
> * ES (as a starting point. This shouldn't preclude Solr)
> * Creation of meta alerts
> * Maintain update semantics for alerts
> * Handling scores when a child alert is added, updated or deleted.
> * Continue to allow regular alerts to flow through cleanly to the original
> sensor indices.
> * Allow for querying (plus sorting and so on) alongside the original sensor
> indices.
> * Maintain UI grouping order as the minimum of metadata.
> * This should be configured via the same indexDao definition (or at least
> similar) as the other indexDaos.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
