onSave()

in metron-interface/metron-config/src/app/sensors/sensor-field-schema/sensor-field-schema.component.ts [358:434]

• 68 lines of code
• 19 McCabe index (conditional complexity)

  onSave() {
    let removeTransformations: string[] = [];

    // Remove all STELLAR functions and retain only the REMOVE objects
    this.sensorParserConfig.fieldTransformations = this.sensorParserConfig.fieldTransformations.filter(fieldTransformer => {
      if (this.isConditionalRemoveTransform(fieldTransformer)) {
        return true;
      }
      return false;
    });

    let transformConfigObject = new FieldTransformer();
    transformConfigObject.output = [];
    transformConfigObject.config = {};
    transformConfigObject.transformation = 'STELLAR';

    let enrichmentConfigObject = new EnrichmentConfig();
    enrichmentConfigObject.config = {};
    let threatIntelConfigObject = new ThreatIntelConfig();
    threatIntelConfigObject.triageConfig = this.sensorEnrichmentConfig.threatIntel.triageConfig;


    for (let fieldSchemaRow of this.savedFieldSchemaRows) {
      if (fieldSchemaRow.transformConfigured.length > 0) {
        transformConfigObject.output.push(fieldSchemaRow.outputFieldName);
        transformConfigObject.config[fieldSchemaRow.outputFieldName] = this.createTransformFunction(fieldSchemaRow);
      }
      if (fieldSchemaRow.isRemoved && !fieldSchemaRow.conditionalRemove) {
        removeTransformations.push(fieldSchemaRow.inputFieldName);
      }
      if (fieldSchemaRow.enrichmentConfigured.length > 0) {
        for (let option of fieldSchemaRow.enrichmentConfigured) {
          if (option.name === 'geo' || option.name === 'host') {
            if (!enrichmentConfigObject.fieldMap[option.name]) {
              enrichmentConfigObject.fieldMap[option.name] = [];
            }
            enrichmentConfigObject.fieldMap[option.name].push(fieldSchemaRow.inputFieldName);
          } else {
            if (!enrichmentConfigObject.fieldMap['hbaseEnrichment']) {
              enrichmentConfigObject.fieldMap['hbaseEnrichment'] = [];
            }
            enrichmentConfigObject.fieldMap['hbaseEnrichment'].push(fieldSchemaRow.inputFieldName);
            if (!enrichmentConfigObject.fieldToTypeMap[fieldSchemaRow.inputFieldName]) {
              enrichmentConfigObject.fieldToTypeMap[fieldSchemaRow.inputFieldName] = [];
            }
            enrichmentConfigObject.fieldToTypeMap[fieldSchemaRow.inputFieldName].push(option.name);
          }
        }
      }
      if (fieldSchemaRow.threatIntelConfigured.length > 0) {
        for (let option of fieldSchemaRow.threatIntelConfigured) {
          if (!threatIntelConfigObject.fieldMap['hbaseThreatIntel']) {
            threatIntelConfigObject.fieldMap['hbaseThreatIntel'] = [];
          }
          threatIntelConfigObject.fieldMap['hbaseThreatIntel'].push(fieldSchemaRow.inputFieldName);
          if (!threatIntelConfigObject.fieldToTypeMap[fieldSchemaRow.inputFieldName]) {
            threatIntelConfigObject.fieldToTypeMap[fieldSchemaRow.inputFieldName] = [];
          }
          threatIntelConfigObject.fieldToTypeMap[fieldSchemaRow.inputFieldName].push(option.name);
        }
      }
    }

    if (Object.keys(transformConfigObject.config).length > 0) {
      this.sensorParserConfig.fieldTransformations.push(transformConfigObject);
    }

    if (removeTransformations.length > 0) {
      let removeConfigObject = new FieldTransformer();
      removeConfigObject.transformation = 'REMOVE';
      removeConfigObject.input = removeTransformations;
      this.sensorParserConfig.fieldTransformations.push(removeConfigObject);
    }

    this.sensorEnrichmentConfig.enrichment = enrichmentConfigObject;
    this.sensorEnrichmentConfig.threatIntel = threatIntelConfigObject;
  }