Changed more wording from threat to indicator

elastic · Nov 4, 2020 · 013d5bf · 013d5bf
1 parent 733d9c6
commit 013d5bf
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 5 deletions.
diff --git a/...urity_solution/server/lib/detection_engine/signals/threat_mapping/create_threat_signal.ts b/...urity_solution/server/lib/detection_engine/signals/threat_mapping/create_threat_signal.ts
@@ -56,7 +56,7 @@ export const createThreatSignal = async ({
  // a hit so opt to return the existing result.
  logger.debug(
  buildRuleMessage(
- 'Threat list is empty after filtering for missing data, returning without attempting a match'
+ 'Indicator items are empty after filtering for missing data, returning without attempting a match'
  )
  );
  return currentResult;
@@ -72,7 +72,11 @@ export const createThreatSignal = async ({
  lists: exceptionItems,
  });
 
- logger.debug(buildRuleMessage('Threat list is attempting a match and signal creation'));
+ logger.debug(
+ buildRuleMessage(
+ `${threatFilter.query.bool.should.length} indicator items are being checked for existence of matches`
+ )
+ );
  const newResult = await searchAfterAndBulkCreate({
  gap,
  previousStartedAt,
@@ -103,7 +107,9 @@ export const createThreatSignal = async ({
  const results = combineResults(currentResult, newResult);
  logger.debug(
  buildRuleMessage(
- `Threat list completed matching a round against indexes and the time to search was ${
+ `${
+ threatFilter.query.bool.should.length
+ } items have completed match checks and the total time to search was ${
  newResult.searchAfterTimes.length !== 0 ? newResult.searchAfterTimes : '(unknown) '
  }ms`
  )

diff --git a/...s/security_solution/server/lib/detection_engine/signals/threat_mapping/get_threat_list.ts b/...s/security_solution/server/lib/detection_engine/signals/threat_mapping/get_threat_list.ts
@@ -48,7 +48,7 @@ export const getThreatList = async ({
 
  logger.debug(
  buildRuleMessage(
- `Querying the threat list from the index: "${index}" with searchAfter: "${searchAfter}" for up to ${calculatedPerPage} threat items`
+ `Querying the indicator items from the index: "${index}" with searchAfter: "${searchAfter}" for up to ${calculatedPerPage} indicator items`
  )
  );
  const response: SearchResponse<ThreatListItem> = await callCluster('search', {
@@ -67,7 +67,7 @@ export const getThreatList = async ({
  size: calculatedPerPage,
  });
 
- logger.debug(buildRuleMessage(`Retrieved threat list of size: ${response.hits.hits.length}`));
+ logger.debug(buildRuleMessage(`Retrieved indicator items of size: ${response.hits.hits.length}`));
  return response;
 };