Ryan Merriman created METRON-1608:
-------------------------------------
Summary: Add configuration for threat.triage.field name
Key: METRON-1608
URL: https://issues.apache.org/jira/browse/METRON-1608
Project: Metron
Issue Type: Bug
Reporter: Ryan Merriman
Currently there is an option for replacing '.'s with ':'s in Elasticsearch
field names. This is the default behavior. However our current version of
Elasticsearch (5.6.2) now allows '.'s so it's possible for users to use '.'s
instead. In the DAO implementation (metaalerts specifically), the
threat.triage.field is hardcoded with ':'s and will not work properly if a user
switches to using '.'s.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
