add owner field in monitor (opensearch-project#110)

eirsep · web-flow · commit 269be0737ce4 · 2022-11-03T20:11:23.000-07:00
Signed-off-by: Surya Sashank Nistala &lt;snistala@amazon.com&gt;
diff --git a/src/main/java/org/opensearch/securityanalytics/transport/TransportIndexDetectorAction.java b/src/main/java/org/opensearch/securityanalytics/transport/TransportIndexDetectorAction.java
@@ -87,6 +87,7 @@
 
 public class TransportIndexDetectorAction extends HandledTransportAction<IndexDetectorRequest, IndexDetectorResponse> {
 
+    public static final String PLUGIN_OWNER_FIELD = "security_analytics";
     private static final Logger log = LogManager.getLogger(TransportIndexDetectorAction.class);
 
     private final Client client;
@@ -190,7 +191,7 @@ private void createAlertingMonitorFromQueries(Pair<String, List<Pair<String, Rul
                         detector.getAlertsHistoryIndex(),
                         detector.getAlertsHistoryIndexPattern(),
                         DetectorMonitorConfig.getRuleIndexMappingsByType(detector.getDetectorType()),
-                        true));
+                        true), PLUGIN_OWNER_FIELD);
 
         IndexMonitorRequest indexMonitorRequest = new IndexMonitorRequest(Monitor.NO_ID, SequenceNumbers.UNASSIGNED_SEQ_NO, SequenceNumbers.UNASSIGNED_PRIMARY_TERM, refreshPolicy, RestRequest.Method.POST, monitor, null);
         AlertingPluginInterface.INSTANCE.indexMonitor((NodeClient) client, indexMonitorRequest, namedWriteableRegistry, listener);
@@ -242,7 +243,7 @@ private void updateAlertingMonitorFromQueries(Pair<String, List<Pair<String, Rul
                         detector.getAlertsHistoryIndex(),
                         detector.getAlertsHistoryIndexPattern(),
                         DetectorMonitorConfig.getRuleIndexMappingsByType(detector.getDetectorType()),
-                        true));
+                        true), PLUGIN_OWNER_FIELD);
 
         IndexMonitorRequest indexMonitorRequest = new IndexMonitorRequest(detector.getMonitorIds().get(0), SequenceNumbers.UNASSIGNED_SEQ_NO, SequenceNumbers.UNASSIGNED_PRIMARY_TERM, refreshPolicy, RestRequest.Method.PUT, monitor, null);
         AlertingPluginInterface.INSTANCE.indexMonitor((NodeClient) client, indexMonitorRequest, namedWriteableRegistry, listener);
diff --git a/src/test/java/org/opensearch/securityanalytics/alerts/AlertingServiceTests.java b/src/test/java/org/opensearch/securityanalytics/alerts/AlertingServiceTests.java
@@ -26,6 +26,7 @@
 import org.opensearch.securityanalytics.action.GetDetectorResponse;
 import org.opensearch.securityanalytics.config.monitors.DetectorMonitorConfig;
 import org.opensearch.securityanalytics.model.Detector;
+import org.opensearch.securityanalytics.transport.TransportIndexDetectorAction;
 import org.opensearch.test.OpenSearchTestCase;
 
 
@@ -89,7 +90,8 @@ public void testGetAlerts_success() {
                         List.of(),
                         List.of(),
                         Map.of(),
-                        new DataSources()
+                        new DataSources(),
+                        TransportIndexDetectorAction.PLUGIN_OWNER_FIELD
                 ),
                 new DocumentLevelTrigger("trigger_id_1", "my_trigger", "severity_low", List.of(), new Script("")),
                 List.of("finding_id_1"),
@@ -119,7 +121,8 @@ public void testGetAlerts_success() {
                         List.of(),
                         List.of(),
                         Map.of(),
-                        new DataSources()
+                        new DataSources(),
+                        TransportIndexDetectorAction.PLUGIN_OWNER_FIELD
                 ),
                 new DocumentLevelTrigger("trigger_id_1", "my_trigger", "severity_low", List.of(), new Script("")),
                 List.of("finding_id_1"),
