diff --git a/alerting/src/main/kotlin/org/opensearch/alerting/resthandler/RestGetFindingsAction.kt b/alerting/src/main/kotlin/org/opensearch/alerting/resthandler/RestGetFindingsAction.kt index 1270e3cab..75607a701 100644 --- a/alerting/src/main/kotlin/org/opensearch/alerting/resthandler/RestGetFindingsAction.kt +++ b/alerting/src/main/kotlin/org/opensearch/alerting/resthandler/RestGetFindingsAction.kt @@ -45,8 +45,6 @@ class RestGetFindingsAction : BaseRestHandler() { val size = request.paramAsInt("size", 20) val startIndex = request.paramAsInt("startIndex", 0) val searchString = request.param("searchString", "") - val severity: String? = request.param("severity", "ALL") - val detectionType: String? = request.param("detectionType", "rules") val table = Table( sortOrder, @@ -59,9 +57,7 @@ class RestGetFindingsAction : BaseRestHandler() { val getFindingsSearchRequest = GetFindingsRequest( findingID, - table, - severity, - detectionType + table ) return RestChannelConsumer { channel -> diff --git a/alerting/src/main/kotlin/org/opensearch/alerting/transport/TransportGetFindingsAction.kt b/alerting/src/main/kotlin/org/opensearch/alerting/transport/TransportGetFindingsAction.kt index 99fd26316..584ef050f 100644 --- a/alerting/src/main/kotlin/org/opensearch/alerting/transport/TransportGetFindingsAction.kt +++ b/alerting/src/main/kotlin/org/opensearch/alerting/transport/TransportGetFindingsAction.kt @@ -40,6 +40,7 @@ import org.opensearch.commons.alerting.model.FindingWithDocs import org.opensearch.commons.utils.recreateObject import org.opensearch.core.action.ActionListener import org.opensearch.core.common.Strings +import org.opensearch.core.common.io.stream.NamedWriteableRegistry import org.opensearch.core.xcontent.NamedXContentRegistry import org.opensearch.core.xcontent.XContentParser import org.opensearch.core.xcontent.XContentParserUtils @@ -62,7 +63,8 @@ class TransportGetFindingsSearchAction @Inject constructor( clusterService: ClusterService, actionFilters: ActionFilters, val settings: Settings, - val xContentRegistry: NamedXContentRegistry + val xContentRegistry: NamedXContentRegistry, + val namedWriteableRegistry: NamedWriteableRegistry ) : HandledTransportAction ( AlertingActions.GET_FINDINGS_ACTION_NAME, transportService, @@ -83,11 +85,8 @@ class TransportGetFindingsSearchAction @Inject constructor( actionListener: ActionListener ) { val getFindingsRequest = request as? GetFindingsRequest - ?: recreateObject(request) { GetFindingsRequest(it) } + ?: recreateObject(request, namedWriteableRegistry) { GetFindingsRequest(it) } val tableProp = getFindingsRequest.table - val severity = getFindingsRequest.severity - val detectionType = getFindingsRequest.detectionType - val searchString = tableProp.searchString val sortBuilder = SortBuilders .fieldSort(tableProp.sortString) @@ -104,80 +103,17 @@ class TransportGetFindingsSearchAction @Inject constructor( .seqNoAndPrimaryTerm(true) .version(true) - val queryBuilder = QueryBuilders.boolQuery() + val queryBuilder = getFindingsRequest.boolQueryBuilder ?: QueryBuilders.boolQuery() if (!getFindingsRequest.findingId.isNullOrBlank()) { queryBuilder.filter(QueryBuilders.termQuery("_id", getFindingsRequest.findingId)) } - - if (!getFindingsRequest.findingIds.isNullOrEmpty()) { - queryBuilder.filter(QueryBuilders.termsQuery("id", getFindingsRequest.findingIds)) - } - if (getFindingsRequest.monitorId != null) { queryBuilder.filter(QueryBuilders.termQuery("monitor_id", getFindingsRequest.monitorId)) } else if (getFindingsRequest.monitorIds.isNullOrEmpty() == false) { queryBuilder.filter(QueryBuilders.termsQuery("monitor_id", getFindingsRequest.monitorIds)) } - if (getFindingsRequest.startTime != null && getFindingsRequest.endTime != null) { - val startTime = getFindingsRequest.startTime!!.toEpochMilli() - val endTime = getFindingsRequest.endTime!!.toEpochMilli() - val timeRangeQuery = QueryBuilders.rangeQuery("timestamp") - .from(startTime) // Greater than or equal to start time - .to(endTime) // Less than or equal to end time - queryBuilder.filter(timeRangeQuery) - } - - if (!detectionType.isNullOrBlank()) { - val nestedQueryBuilder = QueryBuilders.nestedQuery( - "queries", - when { - detectionType.equals("threat", ignoreCase = true) -> { - QueryBuilders.boolQuery().filter( - QueryBuilders.prefixQuery("queries.id", "threat_intel_") - ) - } - else -> { - QueryBuilders.boolQuery().mustNot( - QueryBuilders.prefixQuery("queries.id", "threat_intel_") - ) - } - }, - ScoreMode.None - ) - - // Add the nestedQueryBuilder to the main queryBuilder - queryBuilder.must(nestedQueryBuilder) - } - - if (!searchString.isNullOrBlank()) { - queryBuilder - .should(QueryBuilders.matchQuery("index", searchString)) - .should( - QueryBuilders.nestedQuery( - "queries", - QueryBuilders.matchQuery("queries.tags", searchString), - ScoreMode.None - ) - ) - .should(QueryBuilders.regexpQuery("monitor_name", searchString + ".*")) - .minimumShouldMatch(1) - } - - if (!severity.isNullOrBlank()) { - queryBuilder - .must( - QueryBuilders.nestedQuery( - "queries", - QueryBuilders.boolQuery().should( - QueryBuilders.matchQuery("queries.tags", severity) - ), - ScoreMode.None - ) - ) - } - if (!tableProp.searchString.isNullOrBlank()) { queryBuilder .should(