METRON-1548 Remove hardcoded source:type from Alerts UI (justinleet) closes apache/metron#1010
Project: http://git-wip-us.apache.org/repos/asf/metron/repo Commit: http://git-wip-us.apache.org/repos/asf/metron/commit/71a015fa Tree: http://git-wip-us.apache.org/repos/asf/metron/tree/71a015fa Diff: http://git-wip-us.apache.org/repos/asf/metron/diff/71a015fa Branch: refs/heads/feature/METRON-1416-upgrade-solr Commit: 71a015fabc47b23ea0c5400fa239fee9f5c0d194 Parents: a99cadb Author: justinjleet <justinjl...@gmail.com> Authored: Wed May 16 17:39:07 2018 -0400 Committer: justinjleet <justinjl...@gmail.com> Committed: Fri May 18 13:32:29 2018 -0400 ---------------------------------------------------------------------- .../rest/service/impl/SearchServiceImpl.java | 42 ++++++++++---- .../src/main/resources/application.yml | 2 +- .../SearchControllerIntegrationTest.java | 9 ++- .../service/impl/SearchServiceImplTest.java | 60 +++++++++++++++++--- 4 files changed, 92 insertions(+), 21 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/metron/blob/71a015fa/metron-interface/metron-rest/src/main/java/org/apache/metron/rest/service/impl/SearchServiceImpl.java ---------------------------------------------------------------------- diff --git a/metron-interface/metron-rest/src/main/java/org/apache/metron/rest/service/impl/SearchServiceImpl.java b/metron-interface/metron-rest/src/main/java/org/apache/metron/rest/service/impl/SearchServiceImpl.java index e5bab08..21d158f 100644 --- a/metron-interface/metron-rest/src/main/java/org/apache/metron/rest/service/impl/SearchServiceImpl.java +++ b/metron-interface/metron-rest/src/main/java/org/apache/metron/rest/service/impl/SearchServiceImpl.java @@ -23,19 +23,26 @@ import static org.apache.metron.rest.MetronRestConstants.INDEX_WRITER_NAME; import static org.apache.metron.rest.MetronRestConstants.SEARCH_FACET_FIELDS_SPRING_PROPERTY; import com.google.common.collect.Lists; +import java.io.IOException; import java.lang.invoke.MethodHandles; +import java.util.ArrayList; import java.util.Arrays; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import org.apache.metron.common.Constants; import org.apache.metron.indexing.dao.IndexDao; +import org.apache.metron.indexing.dao.search.FieldType; import org.apache.metron.indexing.dao.search.GetRequest; import org.apache.metron.indexing.dao.search.GroupRequest; import org.apache.metron.indexing.dao.search.GroupResponse; import org.apache.metron.indexing.dao.search.InvalidSearchException; import org.apache.metron.indexing.dao.search.SearchRequest; import org.apache.metron.indexing.dao.search.SearchResponse; -import org.apache.metron.indexing.dao.search.FieldType; import org.apache.metron.rest.RestException; import org.apache.metron.rest.model.AlertsUIUserSettings; import org.apache.metron.rest.service.AlertsUIService; +import org.apache.metron.rest.service.GlobalConfigService; import org.apache.metron.rest.service.SearchService; import org.apache.metron.rest.service.SensorIndexingConfigService; import org.slf4j.Logger; @@ -44,11 +51,6 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.core.env.Environment; import org.springframework.stereotype.Service; -import java.io.IOException; -import java.util.Map; -import java.util.Optional; -import java.util.List; - @Service public class SearchServiceImpl implements SearchService { @@ -57,14 +59,19 @@ public class SearchServiceImpl implements SearchService { private IndexDao dao; private Environment environment; private SensorIndexingConfigService sensorIndexingConfigService; + private GlobalConfigService globalConfigService; private AlertsUIService alertsUIService; @Autowired - public SearchServiceImpl(IndexDao dao, Environment environment, - SensorIndexingConfigService sensorIndexingConfigService, AlertsUIService alertsUIService) { + public SearchServiceImpl(IndexDao dao, + Environment environment, + SensorIndexingConfigService sensorIndexingConfigService, + GlobalConfigService globalConfigService, + AlertsUIService alertsUIService) { this.dao = dao; this.environment = environment; this.sensorIndexingConfigService = sensorIndexingConfigService; + this.globalConfigService = globalConfigService; this.alertsUIService = alertsUIService; } @@ -133,11 +140,24 @@ public class SearchServiceImpl implements SearchService { return indices; } - private List<String> getDefaultFacetFields() throws RestException { + @SuppressWarnings("unchecked") + public List<String> getDefaultFacetFields() throws RestException { Optional<AlertsUIUserSettings> alertUserSettings = alertsUIService.getAlertsUIUserSettings(); if (!alertUserSettings.isPresent() || alertUserSettings.get().getFacetFields() == null) { - String facetFieldsProperty = environment.getProperty(SEARCH_FACET_FIELDS_SPRING_PROPERTY, String.class, ""); - return Arrays.asList(facetFieldsProperty.split(",")); + String facetFieldsProperty = environment + .getProperty(SEARCH_FACET_FIELDS_SPRING_PROPERTY, String.class, ""); + + Map<String, Object> globalConfig = globalConfigService.get(); + String sourceTypeField = Constants.SENSOR_TYPE.replace('.', ':'); + List<String> facetFields = new ArrayList<>(); + if (globalConfig != null) { + sourceTypeField = (String) globalConfig.getOrDefault("source.type.field", sourceTypeField); + } + facetFields.add(sourceTypeField); + if (facetFieldsProperty != null) { + facetFields.addAll(Arrays.asList(facetFieldsProperty.split(","))); + } + return facetFields; } else { return alertUserSettings.get().getFacetFields(); } http://git-wip-us.apache.org/repos/asf/metron/blob/71a015fa/metron-interface/metron-rest/src/main/resources/application.yml ---------------------------------------------------------------------- diff --git a/metron-interface/metron-rest/src/main/resources/application.yml b/metron-interface/metron-rest/src/main/resources/application.yml index 3e75881..923f036 100644 --- a/metron-interface/metron-rest/src/main/resources/application.yml +++ b/metron-interface/metron-rest/src/main/resources/application.yml @@ -51,7 +51,7 @@ search: results: 1000 groups: 1000 facet: - fields: source:type,ip_src_addr,ip_dst_addr,enrichments:geo:ip_dst_addr:country + fields: ip_src_addr,ip_dst_addr,enrichments:geo:ip_dst_addr:country index: dao: http://git-wip-us.apache.org/repos/asf/metron/blob/71a015fa/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/controller/SearchControllerIntegrationTest.java ---------------------------------------------------------------------- diff --git a/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/controller/SearchControllerIntegrationTest.java b/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/controller/SearchControllerIntegrationTest.java index a55132c..aa7b6cd 100644 --- a/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/controller/SearchControllerIntegrationTest.java +++ b/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/controller/SearchControllerIntegrationTest.java @@ -37,6 +37,7 @@ import org.apache.metron.indexing.dao.InMemoryDao; import org.apache.metron.indexing.dao.SearchIntegrationTest; import org.apache.metron.indexing.dao.search.FieldType; import org.apache.metron.rest.service.AlertsUIService; +import org.apache.metron.rest.service.GlobalConfigService; import org.apache.metron.rest.service.SensorIndexingConfigService; import org.json.simple.parser.ParseException; import org.junit.After; @@ -141,7 +142,9 @@ public class SearchControllerIntegrationTest extends DaoControllerTest { .andExpect(jsonPath("$.results[3].source.timestamp").value(2)) .andExpect(jsonPath("$.results[4].source.source:type").value("bro")) .andExpect(jsonPath("$.results[4].source.timestamp").value(1)) - .andExpect(jsonPath("$.facetCounts.*", hasSize(1))) + .andExpect(jsonPath("$.facetCounts.*", hasSize(2))) + .andExpect(jsonPath("$.facetCounts.source:type.*", hasSize(1))) + .andExpect(jsonPath("$.facetCounts.source:type['bro']").value(5)) .andExpect(jsonPath("$.facetCounts.ip_src_addr.*", hasSize(2))) .andExpect(jsonPath("$.facetCounts.ip_src_addr['192.168.1.1']").value(3)) .andExpect(jsonPath("$.facetCounts.ip_src_addr['192.168.1.2']").value(1)) @@ -366,8 +369,12 @@ public class SearchControllerIntegrationTest extends DaoControllerTest { Map<String, Long> ipSrcPortCounts = new HashMap<>(); ipSrcPortCounts.put("8010", 1L); ipSrcPortCounts.put("8009", 2L); + Map<String, Long> sourceTypeCounts = new HashMap<>(); + sourceTypeCounts.put("bro", 5L); facetCounts.put("ip_src_addr", ipSrcAddrCounts); facetCounts.put("ip_src_port", ipSrcPortCounts); + facetCounts.put("source:type", sourceTypeCounts); + InMemoryDao.setFacetCounts(facetCounts); } http://git-wip-us.apache.org/repos/asf/metron/blob/71a015fa/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/service/impl/SearchServiceImplTest.java ---------------------------------------------------------------------- diff --git a/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/service/impl/SearchServiceImplTest.java b/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/service/impl/SearchServiceImplTest.java index 82ca0e9..4c63c6d 100644 --- a/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/service/impl/SearchServiceImplTest.java +++ b/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/service/impl/SearchServiceImplTest.java @@ -19,6 +19,7 @@ package org.apache.metron.rest.service.impl; import static org.apache.metron.rest.MetronRestConstants.INDEX_WRITER_NAME; import static org.apache.metron.rest.MetronRestConstants.SEARCH_FACET_FIELDS_SPRING_PROPERTY; +import static org.junit.Assert.assertEquals; import static org.mockito.Matchers.any; import static org.mockito.Matchers.eq; import static org.mockito.Mockito.mock; @@ -28,15 +29,17 @@ import static org.mockito.Mockito.when; import java.util.ArrayList; import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; import java.util.Optional; - import org.apache.metron.indexing.dao.IndexDao; import org.apache.metron.indexing.dao.search.InvalidSearchException; import org.apache.metron.indexing.dao.search.SearchRequest; import org.apache.metron.rest.RestException; import org.apache.metron.rest.model.AlertsUIUserSettings; import org.apache.metron.rest.service.AlertsUIService; -import org.apache.metron.rest.service.SearchService; +import org.apache.metron.rest.service.GlobalConfigService; import org.apache.metron.rest.service.SensorIndexingConfigService; import org.junit.Before; import org.junit.Rule; @@ -52,16 +55,24 @@ public class SearchServiceImplTest { IndexDao dao; Environment environment; SensorIndexingConfigService sensorIndexingConfigService; + GlobalConfigService globalConfigService; AlertsUIService alertsUIService; - SearchService searchService; + SearchServiceImpl searchService; @Before public void setUp() throws Exception { dao = mock(IndexDao.class); environment = mock(Environment.class); sensorIndexingConfigService = mock(SensorIndexingConfigService.class); + globalConfigService = mock(GlobalConfigService.class); alertsUIService = mock(AlertsUIService.class); - searchService = new SearchServiceImpl(dao, environment, sensorIndexingConfigService, alertsUIService); + searchService = new SearchServiceImpl( + dao, + environment, + sensorIndexingConfigService, + globalConfigService, + alertsUIService + ); } @@ -97,7 +108,7 @@ public class SearchServiceImplTest { @Test public void searchShouldProperlySearchDefaultFacetFields() throws Exception { when(environment.getProperty(SEARCH_FACET_FIELDS_SPRING_PROPERTY, String.class, "")) - .thenReturn("source:type,ip_src_addr"); + .thenReturn("ip_src_addr,ip_dst_addr"); when(alertsUIService.getAlertsUIUserSettings()).thenReturn(Optional.empty()); SearchRequest searchRequest = new SearchRequest(); @@ -107,14 +118,14 @@ public class SearchServiceImplTest { SearchRequest expectedSearchRequest = new SearchRequest(); expectedSearchRequest.setIndices(Arrays.asList("bro", "snort", "metaalert")); - expectedSearchRequest.setFacetFields(Arrays.asList("source:type", "ip_src_addr")); + expectedSearchRequest.setFacetFields(Arrays.asList("source:type", "ip_src_addr", "ip_dst_addr")); verify(dao).search(eq(expectedSearchRequest)); } @Test public void searchShouldProperlySearchWithUserSettingsFacetFields() throws Exception { AlertsUIUserSettings alertsUIUserSettings = new AlertsUIUserSettings(); - alertsUIUserSettings.setFacetFields(Arrays.asList("source:type", "ip_dst_addr")); + alertsUIUserSettings.setFacetFields(Arrays.asList("ip_src_addr", "ip_dst_addr")); when(alertsUIService.getAlertsUIUserSettings()).thenReturn(Optional.of(alertsUIUserSettings)); SearchRequest searchRequest = new SearchRequest(); @@ -124,7 +135,7 @@ public class SearchServiceImplTest { SearchRequest expectedSearchRequest = new SearchRequest(); expectedSearchRequest.setIndices(Arrays.asList("bro", "snort", "metaalert")); - expectedSearchRequest.setFacetFields(Arrays.asList("source:type", "ip_dst_addr")); + expectedSearchRequest.setFacetFields(Arrays.asList("ip_src_addr", "ip_dst_addr")); verify(dao).search(eq(expectedSearchRequest)); } @@ -166,4 +177,37 @@ public class SearchServiceImplTest { verifyNoMoreInteractions(dao); } + + @Test + public void testGetDefaultFacetFieldsGlobalConfig() throws RestException { + when(environment.getProperty(SEARCH_FACET_FIELDS_SPRING_PROPERTY, String.class, "")) + .thenReturn("ip_src_addr"); + Map<String, Object> globalConfig = new HashMap<>(); + globalConfig.put("source.type.field", "source.type"); + when(globalConfigService.get()).thenReturn(globalConfig); + when(alertsUIService.getAlertsUIUserSettings()).thenReturn(Optional.empty()); + List<String> defaultFields = searchService.getDefaultFacetFields(); + + List<String> expectedFields = new ArrayList<>(); + expectedFields.add("source.type"); + expectedFields.add("ip_src_addr"); + + assertEquals(expectedFields, defaultFields); + } + + @Test + public void testGetDefaultFacetFieldsEmptyGlobalConfig() throws RestException { + when(environment.getProperty(SEARCH_FACET_FIELDS_SPRING_PROPERTY, String.class, "")) + .thenReturn("ip_src_addr"); + Map<String, Object> globalConfig = new HashMap<>(); + when(globalConfigService.get()).thenReturn(globalConfig); + when(alertsUIService.getAlertsUIUserSettings()).thenReturn(Optional.empty()); + List<String> defaultFields = searchService.getDefaultFacetFields(); + + List<String> expectedFields = new ArrayList<>(); + expectedFields.add("source:type"); + expectedFields.add("ip_src_addr"); + + assertEquals(expectedFields, defaultFields); + } }