[
https://issues.apache.org/jira/browse/METRON-1622?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16516357#comment-16516357
]
ASF GitHub Bot commented on METRON-1622:
----------------------------------------
GitHub user nickwallen opened a pull request:
https://github.com/apache/metron/pull/1066
METRON-1622 Allow user to define global property
'threat.triage.score.field' in Ambari
Based on #1055 and #1062 , the user can specify the name of the field
containing the threat triage score in the global configuration. This is used by
the Alerts UI. Currently a user can only change this value using the CLI. This
property should be exposed to the user via Ambari. The user should be able to
define this property directly in Ambari.
## Testing
1. Launch the development environment. Ensure alerts are visible in the
Alerts UI and that the Service Check passes.
1. Open the REPL and validate the current value of the global property
'threat.triage.score.field'. The value here, the default value should be
`threat:triage:score`.
```
[root@node1 ~]# source /etc/default/metron
[root@node1 ~]# $METRON_HOME/bin/stellar -z $ZOOKEEPER
Stellar, Go!
...
[Stellar]>>> globals := CONFIG_GET("GLOBAL")
{
...
"threat.triage.score.field" : "threat:triage:score",
...
}
```
1. Change the value in Ambari by going to Metron > Configs > REST > Source
Type Field Name.
1. After saving the change, Ambari should prompt for the following services
to be restarted.
> 1 Metron Alerts UI, 1 Metron Management UI, 1 Metron REST
1. Restart all affected services.
1. After the services have been restarted, open the REPL and validate that
the value of the global property 'threat.triage.score.field' changed in the
global config.
```
[Stellar]>>> globals := CONFIG_GET("GLOBAL")
{
...
"threat.triage.score.field" : "different:threat:triage:score:field",
...
}
```
## Pull Request Checklist
- [x] Is there a JIRA ticket associated with this PR? If not one needs to
be created at [Metron
Jira](https://issues.apache.org/jira/browse/METRON/?selectedTab=com.atlassian.jira.jira-projects-plugin:summary-panel).
- [x] Does your PR title start with METRON-XXXX where XXXX is the JIRA
number you are trying to resolve? Pay particular attention to the hyphen "-"
character.
- [x] Has your PR been rebased against the latest commit within the target
branch (typically master)?
- [x] Have you included steps to reproduce the behavior or problem that is
being changed or addressed?
- [x] Have you included steps or a guide to how the change may be verified
and tested manually?
- [x] Have you ensured that the full suite of tests and checks have been
executed in the root metron folder via:
- [x] Have you written or updated unit tests and or integration tests to
verify your changes?
- [x] If adding new dependencies to the code, are these dependencies
licensed in a way that is compatible for inclusion under [ASF
2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [x] Have you verified the basic functionality of the build by building
and running locally with Vagrant full-dev environment or the equivalent?
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/nickwallen/metron METRON-1622
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/metron/pull/1066.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1066
----
commit 20df52f4b1a7cbd44bd647552d1737b4ec8d40c6
Author: Nick Allen <nick@...>
Date: 2018-06-04T18:07:36Z
METRON-1599 Allow user to define global property 'source.type.field' in
Ambari
commit e7b27ee16f6e68251467a5b5b17581298f9fa1dc
Author: Nick Allen <nick@...>
Date: 2018-06-07T18:49:09Z
Merge remote-tracking branch 'apache/master' into METRON-1599
commit 2a44613eff6f3f4bee1960cad42d21e889b2d96e
Author: Nick Allen <nick@...>
Date: 2018-06-18T15:27:17Z
Merge remote-tracking branch 'apache/master' into METRON-1599
commit 5fe2a26d77e05658286b718b8a9fb51924e76c29
Author: Nick Allen <nick@...>
Date: 2018-06-18T16:17:51Z
Changed default to 'source:type'. Provided better description
commit c2d102340c84fe3b5a83cdec2ebc2692b0149c97
Author: Nick Allen <nick@...>
Date: 2018-06-18T16:29:14Z
Moved source type field to live under Metron REST settings
commit 3d9e88b0df88a46a6e29f93170ea054d263349c6
Author: Nick Allen <nick@...>
Date: 2018-06-18T18:44:39Z
No need for call to refresh configs
commit b006aab6da3d4ba2d26f5b1e324425970170e0ad
Author: Nick Allen <nick@...>
Date: 2018-06-18T19:19:54Z
METRON-1622 Allow user to define global property
'threat.triage.score.field' in Ambari
----
> Allow user to define global property 'threat.triage.score.field' in Ambari
> ---------------------------------------------------------------------------
>
> Key: METRON-1622
> URL: https://issues.apache.org/jira/browse/METRON-1622
> Project: Metron
> Issue Type: Improvement
> Reporter: Nick Allen
> Assignee: Nick Allen
> Priority: Major
>
> Based on METRON-1608 and METRON-1617, the user can specify the name of the
> field containing the threat triage score in the global configuration. This is
> used by the Alerts UI.
> Currently a user can only change this value using the CLI. This property
> should be exposed to the user via Ambari. The user should be able to define
> this property directly in Ambari.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
