Skip to content

Commit

Permalink
[CTI] Adds indicator match rule improvements (#97310) (#106152)
Browse files Browse the repository at this point in the history
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>

Co-authored-by: Ece Özalp <ozale272@newschool.edu>
  • Loading branch information
kibanamachine and ecezalp authored Jul 19, 2021
1 parent c4c6844 commit 6fff2ea
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 7 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ describe('get_threat_signals', () => {
index: ['index-123'],
listItemIndex: 'list-index-123',
});
expect(sortOrder).toEqual([{ '@timestamp': 'asc' }]);
expect(sortOrder).toEqual([{ '@timestamp': 'desc' }]);
});

test('it should return sort field of just tie_breaker_id if given no sort order for a list item index', () => {
Expand All @@ -29,14 +29,14 @@ describe('get_threat_signals', () => {
expect(sortOrder).toEqual([{ tie_breaker_id: 'asc' }]);
});

test('it should return sort field of timestamp with asc even if sortOrder is changed as it is hard wired in', () => {
test('it should return sort field of timestamp with desc even if sortOrder is changed as it is hard wired in', () => {
const sortOrder = getSortWithTieBreaker({
sortField: undefined,
sortOrder: 'desc',
index: ['index-123'],
listItemIndex: 'list-index-123',
});
expect(sortOrder).toEqual([{ '@timestamp': 'asc' }]);
expect(sortOrder).toEqual([{ '@timestamp': 'desc' }]);
});

test('it should return sort field of tie_breaker_id with asc even if sortOrder is changed as it is hard wired in for a list item index', () => {
Expand All @@ -56,7 +56,7 @@ describe('get_threat_signals', () => {
index: ['index-123'],
listItemIndex: 'list-index-123',
});
expect(sortOrder).toEqual([{ 'some-field': 'asc', '@timestamp': 'asc' }]);
expect(sortOrder).toEqual([{ 'some-field': 'asc', '@timestamp': 'desc' }]);
});

test('it should return sort field of an extra field if given one for a list item index', () => {
Expand All @@ -76,7 +76,7 @@ describe('get_threat_signals', () => {
index: ['index-123'],
listItemIndex: 'list-index-123',
});
expect(sortOrder).toEqual([{ 'some-field': 'desc', '@timestamp': 'asc' }]);
expect(sortOrder).toEqual([{ 'some-field': 'desc', '@timestamp': 'desc' }]);
});

test('it should return sort field of desc if given one for a list item index', () => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,7 @@ export const getThreatList = async ({
listItemIndex: listClient.getListItemIndex(),
}),
},
track_total_hits: false,
ignore_unavailable: true,
index,
size: calculatedPerPage,
Expand Down Expand Up @@ -101,9 +102,9 @@ export const getSortWithTieBreaker = ({
}
} else {
if (sortField != null) {
return [{ [sortField]: ascOrDesc, '@timestamp': 'asc' }];
return [{ [sortField]: ascOrDesc, '@timestamp': 'desc' }];
} else {
return [{ '@timestamp': 'asc' }];
return [{ '@timestamp': 'desc' }];
}
}
};
Expand Down

0 comments on commit 6fff2ea

Please sign in to comment.