search

TheHive-Project / TheHive

TheHive: a Scalable, Open Source and Free Security Incident Response Platform
https://thehive-project.org
GNU Affero General Public License v3.0
3.39k stars 618 forks source link

[Bug] Wrong Alert Handling duration when merging case #2348

Open azgaviperr opened 2 years ago

azgaviperr commented 2 years ago

Request Type

Bug

Work Environment

Question Answer
TheHive version / git hash 4.18.1

Problem Description

image

Steps to Reproduce

  1. generate separated in time alerts
  2. create one case per alert and check the handling duration of them
  3. Merge in a single case and check the change of the handling duration

Possible Solutions

Create a ImportedDate field for alerts so the calculation is base on the first import of the alert and not on the CreatedAt of the last case the alert land in (merge).