Skip to content
This repository was archived by the owner on Aug 20, 2025. It is now read-only.

METRON-1869 Unable to Sort an Escalated Meta Alert#1280

Closed
nickwallen wants to merge 8 commits intoapache:masterfrom
nickwallen:METRON-1869
Closed

METRON-1869 Unable to Sort an Escalated Meta Alert#1280
nickwallen wants to merge 8 commits intoapache:masterfrom
nickwallen:METRON-1869

Conversation

@nickwallen
Copy link
Contributor

@nickwallen nickwallen commented Nov 26, 2018
edited
Loading

This fixes a bug that causes meta-alerts to not be visible in the Alerts UI when the UI is sorted by 'alert_status' and a meta-alert has been escalated. This is only a problem when indexing into Elasticsearch.

The root cause is that the 'alert_status' field needs to be defined as a keyword in the metaalert index template. This field only exists in the meta-alert index after a meta-alert has changed status, like when an alert is escalated.

Changes

  • Fixed the Elasticsearch meta-alerts template that is deployed with the MPack.
  • Added an integration test for this bug.

Testing

Follow the "steps to reproduce" outlined in the JIRA to ensure that the bug has been squashed.

  1. Create a meta-alert.
  2. Escalate the meta-alert.
  3. Submit another search that filters the results to only show meta-alerts.
  4. Sort the results by “alert_status” field.
  5. The meta-alert should still be visible.

Pull Request Checklist

  • Is there a JIRA ticket associated with this PR? If not one needs to be created at Metron Jira.
  • Does your PR title start with METRON-XXXX where XXXX is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character.
  • Has your PR been rebased against the latest commit within the target branch (typically master)?
  • Have you included steps to reproduce the behavior or problem that is being changed or addressed?
  • Have you included steps or a guide to how the change may be verified and tested manually?
  • Have you ensured that the full suite of tests and checks have been executed in the root metron folder via:
  • Have you written or updated unit tests and or integration tests to verify your changes?
  • If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?
  • Have you verified the basic functionality of the build by building and running locally with Vagrant full-dev environment or the equivalent?

@nickwallen nickwallen closed this Nov 27, 2018
@nickwallen nickwallen reopened this Nov 27, 2018
@nickwallen
Copy link
Contributor Author

nickwallen commented Dec 3, 2018 

Tests in error: 
  ProfilerIntegrationTest.testEventTime:281 » Timeout

Unrelated test failure, which is tracked as METRON-1810 (and I am trying to fix on the side.) Kicking Travis.

@nickwallen nickwallen closed this Dec 3, 2018
@nickwallen nickwallen reopened this Dec 3, 2018
@justinleet
Copy link
Contributor

justinleet commented Dec 4, 2018

+1, thanks for sorting this out.

@asfgit asfgit closed this in 877b510 Dec 4, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nickwallen @justinleet