Search in sources :

Example 6 with MetaAlertConfig

use of org.apache.metron.indexing.dao.metaalert.MetaAlertConfig in project metron by apache.

the class SolrMetaAlertDao method init.

/**
 * Initializes this implementation by setting the supplied IndexDao and also setting a separate SolrDao.
 * This is needed for some specific Solr functions (looking up an index from a GUID for example).
 * @param indexDao The DAO to wrap for our queries
 * @param threatSort The summary aggregation of the child threat triage scores used
 *                   as the overall threat triage score for the metaalert. This
 *                   can be either max, min, average, count, median, or sum.
 */
@Override
public void init(IndexDao indexDao, Optional<String> threatSort) {
    if (indexDao instanceof MultiIndexDao) {
        this.indexDao = indexDao;
        MultiIndexDao multiIndexDao = (MultiIndexDao) indexDao;
        for (IndexDao childDao : multiIndexDao.getIndices()) {
            if (childDao instanceof SolrDao) {
                this.solrDao = (SolrDao) childDao;
            }
        }
    } else if (indexDao instanceof SolrDao) {
        this.indexDao = indexDao;
        this.solrDao = (SolrDao) indexDao;
    } else {
        throw new IllegalArgumentException("Need a SolrDao when using SolrMetaAlertDao");
    }
    Supplier<Map<String, Object>> globalConfigSupplier = () -> new HashMap<>();
    if (metaAlertSearchDao != null && metaAlertSearchDao.solrSearchDao != null && metaAlertSearchDao.solrSearchDao.getAccessConfig() != null) {
        globalConfigSupplier = metaAlertSearchDao.solrSearchDao.getAccessConfig().getGlobalConfigSupplier();
    }
    MetaAlertConfig config = new MetaAlertConfig(metaAlertsCollection, this.threatSort, globalConfigSupplier) {

        @Override
        protected String getDefaultThreatTriageField() {
            return MetaAlertConstants.THREAT_FIELD_DEFAULT.replace(':', '.');
        }

        @Override
        protected String getDefaultSourceTypeField() {
            return Constants.SENSOR_TYPE;
        }
    };
    SolrClient solrClient = SolrClientFactory.create(globalConfigSupplier.get());
    this.metaAlertSearchDao = new SolrMetaAlertSearchDao(solrClient, solrDao.getSolrSearchDao(), config);
    this.metaAlertRetrieveLatestDao = new SolrMetaAlertRetrieveLatestDao(solrClient, solrDao);
    this.metaAlertUpdateDao = new SolrMetaAlertUpdateDao(solrClient, solrDao, metaAlertSearchDao, metaAlertRetrieveLatestDao, config);
    if (threatSort.isPresent()) {
        this.threatSort = threatSort.get();
    }
}
Also used : MetaAlertConfig(org.apache.metron.indexing.dao.metaalert.MetaAlertConfig) MultiIndexDao(org.apache.metron.indexing.dao.MultiIndexDao) HashMap(java.util.HashMap) SolrClient(org.apache.solr.client.solrj.SolrClient) HashMap(java.util.HashMap) Map(java.util.Map) MultiIndexDao(org.apache.metron.indexing.dao.MultiIndexDao) IndexDao(org.apache.metron.indexing.dao.IndexDao)

Aggregations

MetaAlertConfig (org.apache.metron.indexing.dao.metaalert.MetaAlertConfig)6 HashMap (java.util.HashMap)3 Map (java.util.Map)3 IndexDao (org.apache.metron.indexing.dao.IndexDao)2 MultiIndexDao (org.apache.metron.indexing.dao.MultiIndexDao)2 Document (org.apache.metron.indexing.dao.update.Document)2 SolrClient (org.apache.solr.client.solrj.SolrClient)2 IndexNotFoundException (org.elasticsearch.index.IndexNotFoundException)2 Test (org.junit.jupiter.api.Test)2 InMemoryMetaAlertRetrieveLatestDao (org.apache.metron.indexing.InMemoryMetaAlertRetrieveLatestDao)1 AccessConfig (org.apache.metron.indexing.dao.AccessConfig)1