es: remove special handling for ip data type

This setting was detected, but not used.
jasonish · Mar 26, 2020 · 0991aeb · 0991aeb
1 parent d19dd08
commit 0991aeb
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 36 deletions.
diff --git a/elasticsearch/elasticsearch.go b/elasticsearch/elasticsearch.go
@@ -75,8 +75,6 @@ type ElasticSearch struct {
 	MajorVersion  int64
 	MinorVersion  int64
 
-	useIpDatatype bool
-
 	httpClient *httpclient.HttpClient
 }
 
@@ -168,10 +166,6 @@ func (es *ElasticSearch) GetTemplate(name string) (util.JsonMap, error) {
 	return template, nil
 }
 
-func (es *ElasticSearch) GetUseIpDatatype() bool {
-	return es.useIpDatatype
-}
-
 func (es *ElasticSearch) ConfigureIndex() error {
 	index := es.EventIndexPrefix
 
@@ -201,18 +195,6 @@ func (es *ElasticSearch) ConfigureIndex() error {
 	version := template.GetMap(index).Get("version")
 	log.Debug("Found template version %v", version)
 
-	// Check if we should use the IP datatype on src_ip and dest_ip.
-	properties := template.GetMap(index).
-		GetMap("mappings").GetMap("_default_").GetMap("properties")
-	if properties != nil {
-		destIpType := properties.GetMap("dest_ip").GetString("type")
-		sourceIpType := properties.GetMap("src_ip").GetString("type")
-		if destIpType == "ip" && sourceIpType == "ip" {
-			log.Info("Elastic Search EVE records are using IP datatype.")
-			es.useIpDatatype = true
-		}
-	}
-
 	// Determine keyword.
 	if !es.config.NoKeywordSuffix {
 		keywordFound := false

diff --git a/server/api/confighandler.go b/server/api/confighandler.go
@@ -51,7 +51,6 @@ func (c *ApiContext) ConfigHandler(w *ResponseWriter, r *http.Request) error {
 
 	if c.appContext.ElasticSearch != nil {
 		esKeyword = c.appContext.ElasticSearch.GetKeyword()
-		response.Extra["elasticSearchUseIpDatatype"] = c.appContext.ElasticSearch.GetUseIpDatatype()
 	}
 
 	// Make sure features is at least an empty list.

diff --git a/webapp/src/app/elasticsearch.service.ts b/webapp/src/app/elasticsearch.service.ts
@@ -57,8 +57,6 @@ export class ElasticSearchService {
     public jobCount$: BehaviorSubject<number> =
             new BehaviorSubject<number>(0);
 
-    public useIpDatatype: boolean = false;
-
     constructor(private api: ApiService,
                 private topNavService: TopNavService,
                 private appService: AppService,
@@ -67,14 +65,12 @@ export class ElasticSearchService {
 
         try {
             this.keywordSuffix = config.getConfig()["extra"]["elasticSearchKeywordSuffix"];
-            this.useIpDatatype = config.getConfig()["extra"]["elasticSearchUseIpDatatype"];
         }
         catch (err) {
             console.log(err);
         }
 
         console.log("Use Elastic Search keyword suffix: " + this.keywordSuffix);
-        console.log("Using Elastic Search IP datatype: " + this.useIpDatatype);
     }
 
     /**

diff --git a/webapp/src/app/reports/ip-report/ip-report.component.ts b/webapp/src/app/reports/ip-report/ip-report.component.ts
@@ -23,13 +23,13 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
-import {Component, OnInit, OnDestroy} from '@angular/core';
+import {Component, OnDestroy, OnInit} from '@angular/core';
 import {ActivatedRoute} from '@angular/router';
 import {EveboxSubscriptionService} from '../../subscription.service';
 import {ElasticSearchService} from '../../elasticsearch.service';
 import {TopNavService} from '../../topnav.service';
 import {ReportsService} from '../reports.service';
-import {AppService, AppEvent, AppEventCode} from '../../app.service';
+import {AppEvent, AppEventCode, AppService} from '../../app.service';
 import {loadingAnimation} from '../../animations';
 import * as moment from 'moment';
 import {humanizeFileSize} from '../../humanize.service';
@@ -103,8 +103,6 @@ export class IpReportComponent implements OnInit, OnDestroy {
 
     queryString = '';
 
-    private useIpDatatype:boolean = false;
-
     constructor(private route: ActivatedRoute,
                 private elasticsearch: ElasticSearchService,
                 private appService: AppService,
@@ -115,8 +113,6 @@ export class IpReportComponent implements OnInit, OnDestroy {
     }
 
     ngOnInit() {
-        this.useIpDatatype = this.elasticsearch.useIpDatatype;
-
         this.ss.subscribe(this, this.route.params, (params: any) => {
             this.ip = params.ip;
             this.queryString = params.q;
@@ -129,8 +125,6 @@ export class IpReportComponent implements OnInit, OnDestroy {
                 this.refresh();
             }
         });
-
-        console.log("ipDataType: " + this.elasticsearch.useIpDatatype);
     }
 
     relatedAddresses: any[] = [];
@@ -158,8 +152,7 @@ export class IpReportComponent implements OnInit, OnDestroy {
                     name: parts.join(sep) + sep,
                 });
             }
-        }
-        else {
+        } else {
             // The above generic loop could be used for IPv4 as well, but
             // this gives better use about with CIDR notation.
             if (parts.length > 3) {
@@ -665,11 +658,11 @@ export class IpReportComponent implements OnInit, OnDestroy {
         });
     }
 
-    ipQuery(field: string, value:string):any {
+    ipQuery(field: string, value: string): any {
         let type = "term";
 
-        if (value[value.length -1] == ".") {
-           type = "prefix";
+        if (value[value.length - 1] == ".") {
+            type = "prefix";
         }
 
         field = this.asKeyword(field);