From 2f9a513c7134cab9d1423f799c87f669ed231b1b Mon Sep 17 00:00:00 2001 From: "opensearch-trigger-bot[bot]" <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Date: Wed, 9 Nov 2022 11:00:55 -0800 Subject: [PATCH] enabled findings in bucket level monitor creation (#131) (#132) Signed-off-by: Surya Sashank Nistala (cherry picked from commit 1b36aa13a1076b38d4e81553ec481567b655f9f5) Co-authored-by: Surya Sashank Nistala --- .../transport/TransportIndexDetectorAction.java | 2 +- .../securityanalytics/resthandler/DetectorRestApiIT.java | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/opensearch/securityanalytics/transport/TransportIndexDetectorAction.java b/src/main/java/org/opensearch/securityanalytics/transport/TransportIndexDetectorAction.java index 949415db7..34ae205f4 100644 --- a/src/main/java/org/opensearch/securityanalytics/transport/TransportIndexDetectorAction.java +++ b/src/main/java/org/opensearch/securityanalytics/transport/TransportIndexDetectorAction.java @@ -474,7 +474,7 @@ private IndexMonitorRequest createBucketLevelMonitorRequest( detector.getAlertsHistoryIndex(), detector.getAlertsHistoryIndexPattern(), DetectorMonitorConfig.getRuleIndexMappingsByType(detector.getDetectorType()), - false), PLUGIN_OWNER_FIELD); + true), PLUGIN_OWNER_FIELD); return new IndexMonitorRequest(monitorId, SequenceNumbers.UNASSIGNED_SEQ_NO, SequenceNumbers.UNASSIGNED_PRIMARY_TERM, refreshPolicy, restMethod, monitor, null); } diff --git a/src/test/java/org/opensearch/securityanalytics/resthandler/DetectorRestApiIT.java b/src/test/java/org/opensearch/securityanalytics/resthandler/DetectorRestApiIT.java index 444a765bb..f43b32b35 100644 --- a/src/test/java/org/opensearch/securityanalytics/resthandler/DetectorRestApiIT.java +++ b/src/test/java/org/opensearch/securityanalytics/resthandler/DetectorRestApiIT.java @@ -318,7 +318,13 @@ public void testCreatingADetectorWithAggregationRules() throws IOException { Response executeResponse = executeAlertingMonitor(bucketLevelMonitorId, Collections.emptyMap()); Map executeResults = entityAsMap(executeResponse); - // TODO - check findings + // verify bucket level monitor findings + Map params = new HashMap<>(); + params.put("detector_id", createdRuleId); + Response getFindingsResponse = makeRequest(client(), "GET", SecurityAnalyticsPlugin.FINDINGS_BASE_URI + "/_search", params, null); + Map getFindingsBody = entityAsMap(getFindingsResponse); + assertNotNull(getFindingsBody); + Assert.assertEquals(1, getFindingsBody.get("total_findings")); } public void testUpdateADetector() throws IOException { String index = createTestIndex(randomIndex(), windowsIndexMapping());