[
https://issues.apache.org/jira/browse/METRON-1272?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16217826#comment-16217826
]
ASF GitHub Bot commented on METRON-1272:
----------------------------------------
Github user nickwallen commented on the issue:
https://github.com/apache/metron/pull/811
Thanks @justinleet . This is working well with @iraghumitra UI work in
#803.
The metalerts show-up in the left-side "Filters" panel, which provides a
decent short-cut to retrieve the metaalerts. For example, here I created 4
metaalerts. If I click on "metaalerts" on that left panel, it filters
everything down to metaalerts.
Filtering does nicely retrieve both alerts and metaalerts.
> Hide child alerts from searches and grouping if they belong to meta alerts
> --------------------------------------------------------------------------
>
> Key: METRON-1272
> URL: https://issues.apache.org/jira/browse/METRON-1272
> Project: Metron
> Issue Type: Improvement
> Reporter: Justin Leet
> Assignee: Justin Leet
>
> If an alert is already grouped into a meta alert, it's nice to route
> everything through the same query structure and allow sorting alongside them,
> etc. However, showing alerts that are already contained in a meta alert is
> potential clutter for a user and gives the impression an event has occurred
> twice if it's in a standalone alert and a metaalert.
> This should hide alerts contained in a meta alert from searches (which will
> always match the enclosing meta alert anyway, so nothing will be lost from
> the search).
> They should also be hidden from grouping calls, because the user has already
> manually grouped them during prior slicing and dicing.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
