With this pull request we added in a filter to the import command that removes connections if certain conditions are met. These conditions are only calculated based on new data that is being imported and ignores any data that already exists in the database (such as from a previous import or another data source like IPfix).
The import should be changed to first pull IPs and connection counts from the database in order to take existing data into account.
lisaSW
commented
5 years ago
With this pull request we added in a filter to the import command that removes connections if certain conditions are met. These conditions are only calculated based on new data that is being imported and ignores any data that already exists in the database (such as from a previous import or another data source like IPfix).
The import should be changed to first pull IPs and connection counts from the database in order to take existing data into account.
https://github.com/activecm/rita/issues/313 must be implemented first so that the uconn collection exists and has the data needed.