Sorting alerts by severity fails

[fl0wc0ntr0l]

Request Type

Bug

Work Environment

Question	Answer
OS version (server)	Ubuntu 16.04
OS version (client)	Win 10
TheHive version / git hash	2.11.2
Package Type	Docker
Browser type & version	N/A

Problem Description

When attempting to sort Alerts by severity, the sort fails and if you leave the alerts window and return to it, no alerts are listed.

Steps to Reproduce

1. Sort alerts by severity
2. Leave alerts section of theHive
3. Return to alerts section (no alerts listed)

Possible Solutions

Logs indicate the error is probably due to there being no mapping in ES for the threatLevel field to sort on:

[info] application - POST /api/alert/_search?range=0-15&sort=-threatLevel returned 500
org.elasticsearch.transport.RemoteTransportException: [Sara Grey][172.18.0.3:9300][indices:data/read/search]
Caused by: org.elasticsearch.action.search.SearchPhaseExecutionException: all shards failed
        at org.elasticsearch.action.search.AbstractSearchAsyncAction.onFirstPhaseResult(AbstractSearchAsyncAction.java:206)
        at org.elasticsearch.action.search.AbstractSearchAsyncAction$1.onFailure(AbstractSearchAsyncAction.java:152)
        at org.elasticsearch.action.ActionListenerResponseHandler.handleException(ActionListenerResponseHandler.java:46)
        at org.elasticsearch.transport.TransportService$DirectResponseChannel.processException(TransportService.java:874)
        at org.elasticsearch.transport.TransportService$DirectResponseChannel.sendResponse(TransportService.java:852)
        at org.elasticsearch.transport.TransportService$4.onFailure(TransportService.java:389)
        at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:39)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
        at java.lang.Thread.run(Thread.java:748)
Caused by: org.elasticsearch.search.SearchParseException: No mapping found for [threatLevel] in order to sort on
        at org.elasticsearch.search.sort.SortParseElement.addSortField(SortParseElement.java:213)
        at org.elasticsearch.search.sort.SortParseElement.addCompoundSortField(SortParseElement.java:187)
        at org.elasticsearch.search.sort.SortParseElement.parse(SortParseElement.java:85)
        at org.elasticsearch.search.SearchService.parseSource(SearchService.java:856)
        at org.elasticsearch.search.SearchService.createContext(SearchService.java:667)
        at org.elasticsearch.search.SearchService.createAndPutContext(SearchService.java:633)
        at org.elasticsearch.search.SearchService.executeQueryPhase(SearchService.java:377)
        at org.elasticsearch.search.action.SearchServiceTransportAction$SearchQueryTransportHandler.messageReceived(SearchServiceTransportAction.java:368)
        at org.elasticsearch.search.action.SearchServiceTransportAction$SearchQueryTransportHandler.messageReceived(SearchServiceTransportAction.java:365)
        at org.elasticsearch.transport.TransportRequestHandler.messageReceived(TransportRequestHandler.java:33)

[nadouani]

This is in fact a regression introduced during the refactoring of the alerts pane.