Skip to content

Commit b007fed

Browse files
osmonteroosmontero
committed
refactor(alerts): streamline AlertFields struct and initialization
- Removed unused fields from the `AlertFields` struct. - Simplified initialization logic by directly setting required fields.
1 parent 1ef7e24 commit b007fed

File tree

1 file changed

+32
-43
lines changed

1 file changed

+32
-43
lines changed

plugins/alerts/main.go

Lines changed: 32 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -24,35 +24,22 @@ type IncidentDetail struct {
2424
}
2525

2626
type AlertFields struct {
27-
Timestamp string `json:"@timestamp"`
28-
ID string `json:"id"`
29-
ParentID *string `json:"parentId,omitempty"`
30-
Status int `json:"status"`
31-
StatusLabel string `json:"statusLabel"`
32-
StatusObservation string `json:"statusObservation"`
33-
IsIncident bool `json:"isIncident"`
34-
IncidentDetail IncidentDetail `json:"incidentDetail"`
35-
Name string `json:"name"`
36-
Category string `json:"category"`
37-
Severity int `json:"severity"`
38-
SeverityLabel string `json:"severityLabel"`
39-
Description string `json:"description"`
40-
Solution string `json:"solution"`
41-
Technique string `json:"technique"`
42-
Reference []string `json:"reference"`
43-
DataType string `json:"dataType"`
44-
Impact *plugins.Impact `json:"impact"`
45-
ImpactScore uint32 `json:"impactScore"`
46-
DataSource string `json:"dataSource"`
47-
Adversary *plugins.Side `json:"adversary"`
48-
Target *plugins.Side `json:"target"`
49-
Events []*plugins.Event `json:"events"`
50-
LastEvent *plugins.Event `json:"lastEvent"`
51-
Tags []string `json:"tags"`
52-
Notes string `json:"notes"`
53-
TagRulesApplied []int `json:"tagRulesApplied"`
54-
DeduplicatedBy []string `json:"deduplicatedBy"`
55-
GroupedBy []string `json:"groupedBy"`
27+
Status int `json:"status"`
28+
StatusLabel string `json:"statusLabel"`
29+
StatusObservation string `json:"statusObservation"`
30+
IsIncident bool `json:"isIncident"`
31+
IncidentDetail IncidentDetail `json:"incidentDetail"`
32+
Severity int `json:"severity"`
33+
SeverityLabel string `json:"severityLabel"`
34+
Solution string `json:"solution"`
35+
Reference []string `json:"reference"`
36+
LastEvent *plugins.Event `json:"lastEvent"`
37+
Tags []string `json:"tags"`
38+
Notes string `json:"notes"`
39+
TagRulesApplied []int `json:"tagRulesApplied"`
40+
DeduplicatedBy []string `json:"deduplicatedBy"`
41+
GroupedBy []string `json:"groupedBy"`
42+
plugins.Alert
5643
}
5744

5845
func main() {
@@ -329,36 +316,38 @@ func newAlert(alert *plugins.Alert, parentId *string) error {
329316
}
330317

331318
a := AlertFields{
332-
Timestamp: alert.Timestamp,
333-
ID: alert.Id,
334-
ParentID: parentId,
335319
Status: 1,
336320
StatusLabel: "Automatic review",
337-
Name: alert.Name,
338-
Category: alert.Category,
339321
Severity: severityN,
340322
SeverityLabel: severityLabel,
341-
Description: alert.Description,
342-
Technique: alert.Technique,
343323
Reference: alert.References,
344-
DataType: alert.DataType,
345-
DataSource: alert.DataSource,
346-
Adversary: alert.Adversary,
347-
Target: alert.Target,
348324
LastEvent: func() *plugins.Event {
349325
l := len(alert.Events)
350326
if l == 0 {
351327
return nil
352328
}
353329
return alert.Events[l-1]
354330
}(),
355-
Events: alert.Events,
356-
Impact: alert.Impact,
357-
ImpactScore: alert.ImpactScore,
358331
DeduplicatedBy: alert.DeduplicateBy,
359332
GroupedBy: alert.GroupBy,
360333
}
361334

335+
a.Timestamp = alert.Timestamp
336+
a.Id = alert.Id
337+
a.ParentId = alert.ParentId
338+
a.Name = alert.Name
339+
a.Category = alert.Category
340+
a.Description = alert.Description
341+
a.Technique = alert.Technique
342+
a.DataSource = alert.DataSource
343+
a.DataType = alert.DataType
344+
a.Adversary = alert.Adversary
345+
a.Target = alert.Target
346+
a.Events = alert.Events
347+
a.Impact = alert.Impact
348+
a.ImpactScore = alert.ImpactScore
349+
a.Errors = alert.Errors
350+
362351
// Retry logic for indexing operation
363352
maxRetries := 3
364353
retryDelay := 2 * time.Second

0 commit comments

Comments
 (0)