[jira] [Commented] (METRON-1301) Alerts UI - Sorting on Triage Score Unexpectedly Filters Some Records

Tue, 07 Nov 2017 08:30:19 -0800 

    [ 
https://issues.apache.org/jira/browse/METRON-1301?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16242315#comment-16242315
 ] 

ASF GitHub Bot commented on METRON-1301:
----------------------------------------

Github user nickwallen commented on a diff in the pull request:

    https://github.com/apache/metron/pull/832#discussion_r149426981
  
    --- Diff: 
metron-platform/metron-elasticsearch/src/main/java/org/apache/metron/elasticsearch/dao/ElasticsearchDao.java
 ---
    @@ -234,26 +366,43 @@ public synchronized void init(AccessConfig config) {
         if(this.client == null) {
           this.client = 
ElasticsearchUtils.getClient(config.getGlobalConfigSupplier().get(), 
config.getOptionalSettings());
           this.accessConfig = config;
    +      this.columnMetadataDao = new 
ElasticsearchColumnMetadataDao(this.client.admin(), 
Collections.singletonList(".kibana"));
    --- End diff --
    
    Yes, I agree with your feedback.  I was just trying to refactor the column 
metadata logic and minimize other changes.  So in this case `.kibana` was 
already hard-coded in ElasticsearchDao.
    
    I would be totally open to making this improvement though.  I was just 
trying to walk the line of how much should I change when refactoring?  
Considering that, what do you think?
    



> Alerts UI - Sorting on Triage Score Unexpectedly Filters Some Records
> ---------------------------------------------------------------------
>
>                 Key: METRON-1301
>                 URL: https://issues.apache.org/jira/browse/METRON-1301
>             Project: Metron
>          Issue Type: Bug
>    Affects Versions: 0.4.1
>            Reporter: Nick Allen
>            Assignee: Nick Allen
>             Fix For: Next + 1
>
>         Attachments: 01-Alerts-UI-default-view.png, 02-Sort-on-Score-field.png
>
>
> Sorting on a field like threat triage score in the Alerts UI removes any 
> records that do not have a threat triage score defined from the search 
> results.
> For example, I have 7 records when sorted by timestamp.  All 7 records have a 
> timestamp field.
> After sorting by score (threat triage score) there are only 5 records.  The 2 
> records missing a threat triage score are no longer included.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to