diff --git a/src/main/java/org/opensearch/securityanalytics/logtype/LogTypeService.java b/src/main/java/org/opensearch/securityanalytics/logtype/LogTypeService.java index 4fa5246a4..85f2242ad 100644 --- a/src/main/java/org/opensearch/securityanalytics/logtype/LogTypeService.java +++ b/src/main/java/org/opensearch/securityanalytics/logtype/LogTypeService.java @@ -26,6 +26,8 @@ import org.opensearch.OpenSearchStatusException; import org.opensearch.ResourceAlreadyExistsException; import org.opensearch.cluster.routing.Preference; +import org.opensearch.common.xcontent.XContentHelper; +import org.opensearch.common.xcontent.json.JsonXContent; import org.opensearch.core.action.ActionListener; import org.opensearch.action.DocWriteRequest; import org.opensearch.action.admin.indices.create.CreateIndexRequest; @@ -78,8 +80,6 @@ public class LogTypeService { public static final String LOG_TYPE_MAPPING_VERSION_META_FIELD = "schema_version"; - public static final int LOG_TYPE_MAPPING_VERSION = 1; // must match version in log_type_config_mapping.json - public static final int MAX_LOG_TYPE_COUNT = 100; private static volatile boolean isConfigIndexInitialized; @@ -94,6 +94,8 @@ public class LogTypeService { private String defaultSchemaField; + public int logTypeMappingVersion; + @Inject public LogTypeService(Client client, ClusterService clusterService, NamedXContentRegistry xContentRegistry, BuiltinLogTypeLoader builtinLogTypeLoader) { this.client = client; @@ -106,6 +108,7 @@ public LogTypeService(Client client, ClusterService clusterService, NamedXConten DEFAULT_MAPPING_SCHEMA, newDefaultSchema -> this.defaultSchemaField = newDefaultSchema ); + setLogTypeMappingVersion(); } public void getAllLogTypes(ActionListener> listener) { @@ -484,7 +487,7 @@ public void onFailure(Exception e) { }); } else { IndexMetadata metadata = state.getMetadata().index(LOG_TYPE_INDEX); - if (getConfigIndexMappingVersion(metadata) < LOG_TYPE_MAPPING_VERSION) { + if (getConfigIndexMappingVersion(metadata) < logTypeMappingVersion) { // The index already exists but doesn't have our mapping client.admin() .indices() @@ -772,8 +775,13 @@ public Map getRuleFieldMappingsForBuiltinLogType(String builtinL } } - public String getDefaultSchemaField() { return defaultSchemaField; } + + public void setLogTypeMappingVersion() { + Map logTypeConfigAsMap = + XContentHelper.convertToMap(JsonXContent.jsonXContent, logTypeIndexMapping(), false); + this.logTypeMappingVersion = (int)((Map)logTypeConfigAsMap.get("_meta")).get("schema_version"); + } } \ No newline at end of file diff --git a/src/test/java/org/opensearch/securityanalytics/LogTypeServiceTests.java b/src/test/java/org/opensearch/securityanalytics/LogTypeServiceTests.java index 8eb717e60..f3bf26927 100644 --- a/src/test/java/org/opensearch/securityanalytics/LogTypeServiceTests.java +++ b/src/test/java/org/opensearch/securityanalytics/LogTypeServiceTests.java @@ -106,7 +106,11 @@ public void testIndexMappings() throws ExecutionException, InterruptedException } - + public void testSetLogTypeMappingSchema() { + int expectedVersion = 2; + int version = logTypeService.logTypeMappingVersion; + assertEquals(expectedVersion, version); + } private void indexFieldMappings(List fieldMappingDocs) { PlainActionFuture fut = new PlainActionFuture<>();