-
Notifications
You must be signed in to change notification settings - Fork 69
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rule field validation during IndexRule Action #80
Rule field validation during IndexRule Action #80
Conversation
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Codecov Report
@@ Coverage Diff @@
## main #80 +/- ##
============================================
- Coverage 43.20% 42.95% -0.25%
- Complexity 858 859 +1
============================================
Files 167 167
Lines 5826 5862 +36
Branches 734 736 +2
============================================
+ Hits 2517 2518 +1
- Misses 3076 3112 +36
+ Partials 233 232 -1
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Rule ruleDoc = new Rule(NO_ID, NO_VERSION, parsedRule, category, queries.stream().map(Object::toString).collect(Collectors.toList()), rule); | ||
indexRule(ruleDoc); | ||
//verify rule | ||
verifyRule(backend.getQueryFields().keySet(), DetectorMonitorConfig.getRuleIndex(category), new ActionListener<>() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if the custom rule is created using the fields not part of the rule alias mapping, but using some additional fields from the Source Index. That still is a valid use case.
Should we revisit the approach, where the fields in rule could also be present in the source index mapping?
Hi @petardz are we on it with the plan as we discussed ? |
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
…into customrule-field-validation
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com> (cherry picked from commit bfb2b23)
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com> (cherry picked from commit bfb2b23)
Signed-off-by: Petar Dzepina <petar.dzepina@gmail.com>
Description
Added new API ValidateRules which, for a given indexName and list of ruleIds, will return list of non-applicable ruleIds to given index
Issues Resolved
#90
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.