[jira] [Commented] (METRON-675) Make Threat Triage rules able to be assigned names and comments

Thu, 26 Jan 2017 08:34:42 -0800 

    [ 
https://issues.apache.org/jira/browse/METRON-675?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15839979#comment-15839979
 ] 

ASF GitHub Bot commented on METRON-675:
---------------------------------------

GitHub user cestella opened a pull request:

    https://github.com/apache/incubator-metron/pull/426

    METRON-675: Make Threat Triage rules able to be assigned names and comments

    There may be many, many threat triage rules. To help organize these, we 
should make them slightly more complex than a simple key/value as we have it 
now. We should add optional name and optional comment fields.
    
    This essentially makes the risk level rules slightly more complex.  The 
format goes from:
    ```
    "riskLevelRules" : {
      "stellar expression" : numeric score
    }
    ```
    to:
    ```
    "riskLevelRules" : [
      {
         "name" : "optional name",
         "comment" : "optional comment",
         "rule" : "stellar expression",
         "score" : numeric score
      }
    ]
    ```
    This is NOT backwards compatible, but I think it's more explicit and a bit 
more clear.
    
    Testing plan to come in a follow-on comment.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/cestella/incubator-metron METRON-675

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-metron/pull/426.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #426
    
----
commit 2d9c129e2be95d635d5c014415087b7a13a678db
Author: cstella <ceste...@gmail.com>
Date:   2017-01-26T16:15:01Z

    METRON-675: Add name and description to threat triage rules.

commit 8639d9967afb2add2035aa57fa60d4cc17cbb117
Author: cstella <ceste...@gmail.com>
Date:   2017-01-26T16:21:34Z

    forgot license

----


> Make Threat Triage rules able to be assigned names and comments
> ---------------------------------------------------------------
>
>                 Key: METRON-675
>                 URL: https://issues.apache.org/jira/browse/METRON-675
>             Project: Metron
>          Issue Type: Improvement
>            Reporter: Casey Stella
>            Assignee: Casey Stella
>
> There may be many, many threat triage rules.  To help organize these, we 
> should make them slightly more complex than a simple key/value as we have it 
> now.  We should add optional name and optional comment fields.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to