Stashcontext sa (#1297)

* adding stash context for system indices Signed-off-by: Riya Saxena <[email protected]> * adding stash context for system indices Signed-off-by: Riya Saxena <[email protected]> --------- Signed-off-by: Riya Saxena <[email protected]> (cherry picked from commit e6884d6) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
opensearch-project · Sep 11, 2024 · 0f7a089 · 0f7a089
1 parent a41b0af
commit 0f7a089
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 1 deletion.
diff --git a/src/main/java/org/opensearch/securityanalytics/SecurityAnalyticsPlugin.java b/src/main/java/org/opensearch/securityanalytics/SecurityAnalyticsPlugin.java
@@ -226,6 +226,7 @@
 import static org.opensearch.securityanalytics.threatIntel.iocscan.service.ThreatIntelMonitorRunner.THREAT_INTEL_MONITOR_TYPE;
 import static org.opensearch.securityanalytics.threatIntel.model.SATIFSourceConfig.SOURCE_CONFIG_FIELD;
 import static org.opensearch.securityanalytics.threatIntel.model.TIFJobParameter.THREAT_INTEL_DATA_INDEX_NAME_PREFIX;
+import static org.opensearch.securityanalytics.util.CorrelationIndices.CORRELATION_ALERT_INDEX;
 
 public class SecurityAnalyticsPlugin extends Plugin implements ActionPlugin, MapperPlugin, SearchPlugin, EnginePlugin, ClusterPlugin, SystemIndexPlugin, JobSchedulerExtension, RemoteMonitorRunnerExtension {
 
@@ -284,7 +285,11 @@ public class SecurityAnalyticsPlugin extends Plugin implements ActionPlugin, Map
 
     @Override
     public Collection<SystemIndexDescriptor> getSystemIndexDescriptors(Settings settings) {
-        return Collections.singletonList(new SystemIndexDescriptor(THREAT_INTEL_DATA_INDEX_NAME_PREFIX, "System index used for threat intel data"));
+        List<SystemIndexDescriptor> descriptors = List.of(
+                new SystemIndexDescriptor(THREAT_INTEL_DATA_INDEX_NAME_PREFIX, "System index used for threat intel data"),
+                new SystemIndexDescriptor(CORRELATION_ALERT_INDEX, "System index used for Correlation Alerts")
+        );
+        return descriptors;
     }
 
 

diff --git a/.../java/org/opensearch/securityanalytics/transport/TransportAckCorrelationAlertsAction.java b/.../java/org/opensearch/securityanalytics/transport/TransportAckCorrelationAlertsAction.java
@@ -67,6 +67,8 @@ protected void doExecute(Task task, AckCorrelationAlertsRequest request, ActionL
             return;
         }
 
+        this.threadPool.getThreadContext().stashContext();
+
         if (!request.getCorrelationAlertIds().isEmpty()) {
             correlationAlertService.acknowledgeAlerts(
                     request.getCorrelationAlertIds(),

diff --git a/.../java/org/opensearch/securityanalytics/transport/TransportGetCorrelationAlertsAction.java b/.../java/org/opensearch/securityanalytics/transport/TransportGetCorrelationAlertsAction.java
@@ -64,6 +64,8 @@ protected void doExecute(Task task, GetCorrelationAlertsRequest request, ActionL
             return;
         }
 
+        this.threadPool.getThreadContext().stashContext();
+
         if (request.getCorrelationRuleId() != null) {
             correlationAlertService.getCorrelationAlerts(
                     request.getCorrelationRuleId(),