Notification's Aggregation Time Range is always set to 0 when creating a new rule

airbus-cyber / graylog-plugin-alert-wizard

Alert Wizard plugin for Graylog to manage the alert rules

Other

45 stars 7 forks source link

Notification's Aggregation Time Range is always set to 0 when creating a new rule #47

Closed frantz45 closed 2 years ago

frantz45 commented 3 years ago

Configure a default Aggregation Time Range in the LoggingAlert Configuration (for example 1440 minutes)
Create a rule in the Wizard
Go the Notification linked to the newly created rule, you'll see the Aggregation Time Range set to 0

frantz45 commented 2 years ago

The fix is wrong. Now the value is taken from the Wizard configuration ("Intervalle de temps"). The value must be taken from the LoggingAlert Configuration (System --> Configuration).

And the fix has a bad a side effect: the value "Intervalle de temps" is not taken anymore when you create a rule.

c8y3 commented 2 years ago

After investigation, it seems to me "Intervalle de temps" is taken into account, when "Unité de temps" is set in the configuration too. So the root of this problem (which may not be a regression) is the fact that field "Unité de temps" is not mandatory. If it is ok with you, I suggest we create another issue for this evolution.

frantz45 commented 2 years ago

I confirm the issue is fixed with the last v4.0.0.

You are right so I've opened a new issue : https://github.com/airbus-cyber/graylog-plugin-alert-wizard/issues/62