metron-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mmiklav...@apache.org
Subject [47/50] [abbrv] metron git commit: METRON-1601: Rename metaalert alert nested field to metron_alert to avoid collision closes apache/incubator-metron#1049
Date Mon, 11 Jun 2018 15:45:53 GMT
METRON-1601: Rename metaalert alert nested field to metron_alert to avoid collision closes
apache/incubator-metron#1049


Project: http://git-wip-us.apache.org/repos/asf/metron/repo
Commit: http://git-wip-us.apache.org/repos/asf/metron/commit/edec7b18
Tree: http://git-wip-us.apache.org/repos/asf/metron/tree/edec7b18
Diff: http://git-wip-us.apache.org/repos/asf/metron/diff/edec7b18

Branch: refs/heads/feature/METRON-1554-pcap-query-panel
Commit: edec7b18bc40e40f35916489ba2fde2ca4916dc5
Parents: 40796c0
Author: cstella <cestella@gmail.com>
Authored: Fri Jun 8 09:49:54 2018 -0400
Committer: cstella <cestella@gmail.com>
Committed: Fri Jun 8 09:49:54 2018 -0400

----------------------------------------------------------------------
 .../METRON/CURRENT/package/files/bro_index.template       |  2 +-
 .../METRON/CURRENT/package/files/error_index.template     |  2 +-
 .../METRON/CURRENT/package/files/metaalert_index.template |  2 +-
 .../METRON/CURRENT/package/files/snort_index.template     |  2 +-
 .../METRON/CURRENT/package/files/yaf_index.template       |  2 +-
 .../e2e/mock-data/alerts_ui_e2e_index.template            |  2 +-
 .../app/alerts/alert-details/alert-details.component.ts   |  2 +-
 .../src/app/alerts/alerts-list/alerts-list.component.ts   |  2 +-
 .../alerts-list/table-view/table-view.component.html      | 10 +++++-----
 .../alerts/alerts-list/table-view/table-view.component.ts |  2 +-
 .../metron-alerts/src/app/model/alert-source.ts           |  2 +-
 .../controller/MetaAlertControllerIntegrationTest.java    |  4 ++--
 metron-platform/metron-elasticsearch/README.md            |  8 ++++----
 .../ElasticsearchMetaAlertIntegrationTest.java            | 10 +++++-----
 .../java/org/apache/metron/indexing/dao/MetaAlertDao.java |  2 +-
 .../apache/metron/indexing/dao/InMemoryMetaAlertDao.java  |  2 +-
 16 files changed, 28 insertions(+), 28 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/bro_index.template
----------------------------------------------------------------------
diff --git a/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/bro_index.template
b/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/bro_index.template
index 30f2591..17ad4d2 100644
--- a/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/bro_index.template
+++ b/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/bro_index.template
@@ -143,7 +143,7 @@
         "uid": {
           "type": "keyword"
         },
-        "alert": {
+        "metron_alert": {
           "type": "nested"
         },
         "ip_src_addr": {

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/error_index.template
----------------------------------------------------------------------
diff --git a/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/error_index.template
b/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/error_index.template
index 00aaf87..d119509 100644
--- a/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/error_index.template
+++ b/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/error_index.template
@@ -38,7 +38,7 @@
         "error_type": {
           "type": "keyword"
         },
-        "alert": {
+        "metron_alert": {
           "type": "nested"
         }
       }

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/metaalert_index.template
----------------------------------------------------------------------
diff --git a/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/metaalert_index.template
b/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/metaalert_index.template
index 24e8357..05d5e32 100644
--- a/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/metaalert_index.template
+++ b/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/metaalert_index.template
@@ -36,7 +36,7 @@
           "type": "date",
           "format": "epoch_millis"
         },
-        "alert": {
+        "metron_alert": {
           "type": "nested"
         },
         "source:type": {

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/snort_index.template
----------------------------------------------------------------------
diff --git a/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/snort_index.template
b/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/snort_index.template
index 43b3ca4..f7c6e59 100644
--- a/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/snort_index.template
+++ b/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/snort_index.template
@@ -198,7 +198,7 @@
         "guid": {
           "type": "keyword"
         },
-        "alert": {
+        "metron_alert": {
           "type": "nested"
         }
       }

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/yaf_index.template
----------------------------------------------------------------------
diff --git a/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/yaf_index.template
b/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/yaf_index.template
index b6965f9..f4093ba 100644
--- a/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/yaf_index.template
+++ b/metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/yaf_index.template
@@ -208,7 +208,7 @@
           "type": "text",
           "fielddata": "true"
         },
-        "alert": {
+        "metron_alert": {
           "type": "nested"
         },
         "guid": {

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-interface/metron-alerts/e2e/mock-data/alerts_ui_e2e_index.template
----------------------------------------------------------------------
diff --git a/metron-interface/metron-alerts/e2e/mock-data/alerts_ui_e2e_index.template b/metron-interface/metron-alerts/e2e/mock-data/alerts_ui_e2e_index.template
index caf593c..0d6b420 100644
--- a/metron-interface/metron-alerts/e2e/mock-data/alerts_ui_e2e_index.template
+++ b/metron-interface/metron-alerts/e2e/mock-data/alerts_ui_e2e_index.template
@@ -143,7 +143,7 @@
         "uid": {
           "type": "keyword"
         },
-        "alert": {
+        "metron_alert": {
           "type": "nested"
         },
         "ip_src_addr": {

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-interface/metron-alerts/src/app/alerts/alert-details/alert-details.component.ts
----------------------------------------------------------------------
diff --git a/metron-interface/metron-alerts/src/app/alerts/alert-details/alert-details.component.ts
b/metron-interface/metron-alerts/src/app/alerts/alert-details/alert-details.component.ts
index e1c1685..c8d0d7a 100644
--- a/metron-interface/metron-alerts/src/app/alerts/alert-details/alert-details.component.ts
+++ b/metron-interface/metron-alerts/src/app/alerts/alert-details/alert-details.component.ts
@@ -92,7 +92,7 @@ export class AlertDetailsComponent implements OnInit {
     this.searchService.getAlert(this.alertSourceType, this.alertId).subscribe(alertSource
=> {
       this.alertSource = alertSource;
       this.selectedAlertState = this.getAlertState(alertSource['alert_status']);
-      this.alertSources = (alertSource.alert && alertSource.alert.length > 0)
? alertSource.alert : [alertSource];
+      this.alertSources = (alertSource.metron_alert && alertSource.metron_alert.length
> 0) ? alertSource.metron_alert : [alertSource];
       this.setComments(alertSource);
 
       if (fireToggleEditor) {

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-interface/metron-alerts/src/app/alerts/alerts-list/alerts-list.component.ts
----------------------------------------------------------------------
diff --git a/metron-interface/metron-alerts/src/app/alerts/alerts-list/alerts-list.component.ts
b/metron-interface/metron-alerts/src/app/alerts/alerts-list/alerts-list.component.ts
index 776a083..a70f2b4 100644
--- a/metron-interface/metron-alerts/src/app/alerts/alerts-list/alerts-list.component.ts
+++ b/metron-interface/metron-alerts/src/app/alerts/alerts-list/alerts-list.component.ts
@@ -219,7 +219,7 @@ export class AlertsListComponent implements OnInit, OnDestroy {
 
   onSelectedAlertsChange(selectedAlerts) {
     this.selectedAlerts = selectedAlerts;
-    this.isMetaAlertPresentInSelectedAlerts = this.selectedAlerts.some(alert => (alert.source.alert
&& alert.source.alert.length > 0));
+    this.isMetaAlertPresentInSelectedAlerts = this.selectedAlerts.some(alert => (alert.source.metron_alert
&& alert.source.metron_alert.length > 0));
 
     if (selectedAlerts.length > 0) {
       this.pause();

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-interface/metron-alerts/src/app/alerts/alerts-list/table-view/table-view.component.html
----------------------------------------------------------------------
diff --git a/metron-interface/metron-alerts/src/app/alerts/alerts-list/table-view/table-view.component.html
b/metron-interface/metron-alerts/src/app/alerts/alerts-list/table-view/table-view.component.html
index d2b1108..78410af 100644
--- a/metron-interface/metron-alerts/src/app/alerts/alerts-list/table-view/table-view.component.html
+++ b/metron-interface/metron-alerts/src/app/alerts/alerts-list/table-view/table-view.component.html
@@ -26,7 +26,7 @@
     <tbody>
     <ng-container *ngFor="let alert of alerts; let alertIndex = index;">
 
-      <ng-container *ngIf="!alert.source.alert || alert.source.alert.length === 0">
+      <ng-container *ngIf="!alert.source.metron_alert || alert.source.metron_alert.length
=== 0">
         <tr (click)="showDetails($event, alert)" [ngClass]="{'selected' : selectedAlerts.indexOf(alert)
!= -1}">
           <td width="15" class="icon-cell"></td>
           <td (click)="addFilter(threatScoreFieldName, alert.source[threatScoreFieldName])">
@@ -50,7 +50,7 @@
         </tr>
       </ng-container>
 
-      <ng-container *ngIf="alert.source.alert && alert.source.alert.length >
0">
+      <ng-container *ngIf="alert.source.metron_alert && alert.source.metron_alert.length
> 0">
         <tr (click)="showDetails($event, alert)" [ngClass]="{'selected' : selectedAlerts.indexOf(alert)
!= -1}">
           <td width="15" class="icon-cell dropdown-cell" (click)="toggleExpandCollapse($event,
alert)">
             <i class="fa" aria-hidden="true"
@@ -62,7 +62,7 @@
           </td>
           <td [attr.colspan]="alertsColumnsToDisplay.length - 1">
             <a (click)="addFilter('guid', alert.id)" [attr.title]="alert.id" style="color:#689AA9">
{{ alert.source['name'] ? alert.source['name'] : alert.id | centerEllipses:20:cell }}</a>
-              <span> ({{ alert.source.alert.length }})</span>
+              <span> ({{ alert.source.metron_alert.length }})</span>
           </td>
           <td>
             <a *ngIf="isStatusFieldPresent" (click)="addFilter('alert_status', alert.source['alert_status'])"
style="color:#689AA9">
@@ -80,7 +80,7 @@
             <label attr.for="{{ alert.id }}"></label>
           </td>
         </tr>
-        <tr *ngFor="let metaAlerts of alert.source.alert; let metaAlertIndex = index;"
(click)="showMetaAlertDetails($event, metaAlerts)"
+        <tr *ngFor="let metaAlerts of alert.source.metron_alert; let metaAlertIndex =
index;" (click)="showMetaAlertDetails($event, metaAlerts)"
             [ngClass]="{'selected' : selectedAlerts.indexOf(metaAlerts) != -1 , 'd-none':
metaAlertsDisplayState[alert.id] === metronAlertDisplayState.COLLAPSE}">
           <td width="15" class="icon-cell" class="dropdown-cell"></td>
           <td (click)="addFilter(threatScoreFieldName, alert.source[threatScoreFieldName])"
style="padding-left: 15px">
@@ -114,4 +114,4 @@
   <div class="col-md-3 push-md-5">
     <metron-table-pagination [(pagination)]="pagination" (pageChange)="onPageChange()">
</metron-table-pagination>
   </div>
-</div>
\ No newline at end of file
+</div>

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-interface/metron-alerts/src/app/alerts/alerts-list/table-view/table-view.component.ts
----------------------------------------------------------------------
diff --git a/metron-interface/metron-alerts/src/app/alerts/alerts-list/table-view/table-view.component.ts
b/metron-interface/metron-alerts/src/app/alerts/alerts-list/table-view/table-view.component.ts
index 0176ff0..411baab 100644
--- a/metron-interface/metron-alerts/src/app/alerts/alerts-list/table-view/table-view.component.ts
+++ b/metron-interface/metron-alerts/src/app/alerts/alerts-list/table-view/table-view.component.ts
@@ -122,7 +122,7 @@ export class TableViewComponent implements OnInit, OnChanges, OnDestroy
{
 
   updateExpandedStateForChangedData(expandedMetaAlerts: string[]) {
     this.alerts.forEach(alert => {
-      if (alert.source.alert && alert.source.alert.length > 0) {
+      if (alert.source.metron_alert && alert.source.metron_alert.length > 0) {
         this.metaAlertsDisplayState[alert.id] = expandedMetaAlerts.indexOf(alert.id) ===
-1 ?
                                                   MetronAlertDisplayState.COLLAPSE : MetronAlertDisplayState.EXPAND;
       }

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-interface/metron-alerts/src/app/model/alert-source.ts
----------------------------------------------------------------------
diff --git a/metron-interface/metron-alerts/src/app/model/alert-source.ts b/metron-interface/metron-alerts/src/app/model/alert-source.ts
index d5477dc..3330960 100644
--- a/metron-interface/metron-alerts/src/app/model/alert-source.ts
+++ b/metron-interface/metron-alerts/src/app/model/alert-source.ts
@@ -44,7 +44,7 @@ export class AlertSource {
   guid: string;
   sig_id: number;
   sig_generator: number;
-  alert: AlertSource[] = [];
+  metron_alert: AlertSource[] = [];
   comments: AlertComment[] = [];
   'threat:triage:score': number;
   'threatinteljoinbolt:joiner:ts': number;

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/controller/MetaAlertControllerIntegrationTest.java
----------------------------------------------------------------------
diff --git a/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/controller/MetaAlertControllerIntegrationTest.java
b/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/controller/MetaAlertControllerIntegrationTest.java
index 3e69e37..f86f227 100644
--- a/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/controller/MetaAlertControllerIntegrationTest.java
+++ b/metron-interface/metron-rest/src/test/java/org/apache/metron/rest/controller/MetaAlertControllerIntegrationTest.java
@@ -98,8 +98,8 @@ public class MetaAlertControllerIntegrationTest extends DaoControllerTest
{
 
   /**
    * [
-   *{"guid":"meta_1","alert":[{"guid":"bro_1"}],"average":"5.0","min":"5.0","median":"5.0","max":"5.0","count":"1.0","sum":"5.0"},
-   *{"guid":"meta_2","alert":[{"guid":"bro_1"},{"guid":"bro_2"},{"guid":"snort_1"}],"average":"5.0","min":"0.0","median":"5.0","max":"10.0","count":"3.0","sum":"15.0"}
+   *{"guid":"meta_1","metron_alert":[{"guid":"bro_1"}],"average":"5.0","min":"5.0","median":"5.0","max":"5.0","count":"1.0","sum":"5.0"},
+   *{"guid":"meta_2","metron_alert":[{"guid":"bro_1"},{"guid":"bro_2"},{"guid":"snort_1"}],"average":"5.0","min":"0.0","median":"5.0","max":"10.0","count":"3.0","sum":"15.0"}
    * ]
    */
   @Multiline

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-platform/metron-elasticsearch/README.md
----------------------------------------------------------------------
diff --git a/metron-platform/metron-elasticsearch/README.md b/metron-platform/metron-elasticsearch/README.md
index 1e15018..d889e27 100644
--- a/metron-platform/metron-elasticsearch/README.md
+++ b/metron-platform/metron-elasticsearch/README.md
@@ -271,13 +271,13 @@ Notes on other settings for types in ES
 
 ## Using Metron with Elasticsearch 5.6.2
 
-There is a requirement that all sensors templates have a nested alert field defined.  This
field is a dummy field.  See [Ignoring Unmapped Fields](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-request-sort.html#_ignoring_unmapped_fields)
for more information
+There is a requirement that all sensors templates have a nested `metron_alert` field defined.
 This field is a dummy field.  See [Ignoring Unmapped Fields](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-request-sort.html#_ignoring_unmapped_fields)
for more information
 
 Without this field, an error will be thrown during ALL searches (including from UIs, resulting
in no alerts being found for any sensor). This error will be found in the REST service's logs.
 
 Exception seen:
 ```
-QueryParsingException[[nested] failed to find nested object under path [alert]];
+QueryParsingException[[nested] failed to find nested object under path [metron_alert]];
 ```
 
 There are two steps to resolve this issue.  First is to update the Elasticsearch template
for each sensor, so any new indices have the field. This requires retrieving the template,
removing an extraneous JSON field so we can put it back later, and adding our new field.
@@ -290,7 +290,7 @@ export SENSOR="bro"
 curl -XGET "http://${ELASTICSEARCH}:9200/_template/${SENSOR}_index*?pretty=true" -o "${SENSOR}.template"
 sed -i '' '2d;$d' ./${SENSOR}.template
 sed -i '' '/"properties" : {/ a\
-"alert": { "type": "nested"},' ${SENSOR}.template
+"metron_alert": { "type": "nested"},' ${SENSOR}.template
 ```
 
 To manually verify this, you can optionally pretty print it again with:
@@ -309,7 +309,7 @@ To update existing indexes, update Elasticsearch mappings with the new
field for
 curl -XPUT "http://${ELASTICSEARCH}:9200/${SENSOR}_index*/_mapping/${SENSOR}_doc" -d '
 {
   "properties" : {
-    "alert" : {
+    "metron_alert" : {
       "type" : "nested"
     }
   }

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java
----------------------------------------------------------------------
diff --git a/metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java
b/metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java
index 5222a38..b001050 100644
--- a/metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java
+++ b/metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java
@@ -92,7 +92,7 @@ public class ElasticsearchMetaAlertIntegrationTest {
   /**
    {
      "properties": {
-       "alert": {
+       "metron_alert": {
          "type": "nested"
        }
      }
@@ -175,7 +175,7 @@ public class ElasticsearchMetaAlertIntegrationTest {
            "score" : {
              "type" : "integer"
            },
-           "alert" : {
+           "metron_alert" : {
              "type" : "nested"
            }
          }
@@ -761,7 +761,7 @@ public class ElasticsearchMetaAlertIntegrationTest {
     SearchResponse searchResponse = metaDao.search(new SearchRequest() {
       {
         setQuery(
-            "(ip_src_addr:192.168.1.1 AND ip_src_port:8009) OR (alert.ip_src_addr:192.168.1.1
AND alert.ip_src_port:8009)");
+            "(ip_src_addr:192.168.1.1 AND ip_src_port:8009) OR (metron_alert.ip_src_addr:192.168.1.1
AND metron_alert.ip_src_port:8009)");
         setIndices(Collections.singletonList(MetaAlertDao.METAALERT_TYPE));
         setFrom(0);
         setSize(5);
@@ -781,7 +781,7 @@ public class ElasticsearchMetaAlertIntegrationTest {
       {
         setQuery(
             "(ip_src_addr:192.168.1.1 AND ip_src_port:8010)"
-                + " OR (alert.ip_src_addr:192.168.1.1 AND alert.ip_src_port:8010)");
+                + " OR (metron_alert.ip_src_addr:192.168.1.1 AND metron_alert.ip_src_port:8010)");
         setIndices(Collections.singletonList("*"));
         setFrom(0);
         setSize(5);
@@ -804,7 +804,7 @@ public class ElasticsearchMetaAlertIntegrationTest {
       {
         setQuery(
             "(ip_src_addr:192.168.1.3 AND ip_src_port:8008)"
-                + " OR (alert.ip_src_addr:192.168.1.3 AND alert.ip_src_port:8008)");
+                + " OR (metron_alert.ip_src_addr:192.168.1.3 AND metron_alert.ip_src_port:8008)");
         setIndices(Collections.singletonList("*"));
         setFrom(0);
         setSize(1);

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-platform/metron-indexing/src/main/java/org/apache/metron/indexing/dao/MetaAlertDao.java
----------------------------------------------------------------------
diff --git a/metron-platform/metron-indexing/src/main/java/org/apache/metron/indexing/dao/MetaAlertDao.java
b/metron-platform/metron-indexing/src/main/java/org/apache/metron/indexing/dao/MetaAlertDao.java
index 4530d2a..8807849 100644
--- a/metron-platform/metron-indexing/src/main/java/org/apache/metron/indexing/dao/MetaAlertDao.java
+++ b/metron-platform/metron-indexing/src/main/java/org/apache/metron/indexing/dao/MetaAlertDao.java
@@ -70,7 +70,7 @@ public interface MetaAlertDao extends IndexDao {
   String METAALERT_DOC = METAALERT_TYPE + "_doc";
   String THREAT_FIELD_DEFAULT = "threat:triage:score";
   String THREAT_SORT_DEFAULT = "sum";
-  String ALERT_FIELD = "alert";
+  String ALERT_FIELD = "metron_alert";
   String STATUS_FIELD = "status";
   String GROUPS_FIELD = "groups";
 

http://git-wip-us.apache.org/repos/asf/metron/blob/edec7b18/metron-platform/metron-indexing/src/test/java/org/apache/metron/indexing/dao/InMemoryMetaAlertDao.java
----------------------------------------------------------------------
diff --git a/metron-platform/metron-indexing/src/test/java/org/apache/metron/indexing/dao/InMemoryMetaAlertDao.java
b/metron-platform/metron-indexing/src/test/java/org/apache/metron/indexing/dao/InMemoryMetaAlertDao.java
index baa5416..5ab5c48 100644
--- a/metron-platform/metron-indexing/src/test/java/org/apache/metron/indexing/dao/InMemoryMetaAlertDao.java
+++ b/metron-platform/metron-indexing/src/test/java/org/apache/metron/indexing/dao/InMemoryMetaAlertDao.java
@@ -61,7 +61,7 @@ public class InMemoryMetaAlertDao implements MetaAlertDao {
   /**
    * {
    * "indices": ["metaalert"],
-   * "query": "alert|guid:${GUID}",
+   * "query": "metron_alert|guid:${GUID}",
    * "from": 0,
    * "size": 10,
    * "sort": [


Mime
View raw message