[ADD] Unknown resolution in alerts

dfir-iris · Oct 29, 2023 · 6bc963d · 6bc963d
1 parent 2b12809
commit 6bc963d
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 1 deletion.
diff --git a/source/app/blueprints/alerts/templates/alerts.html b/source/app/blueprints/alerts/templates/alerts.html
@@ -260,7 +260,10 @@ <h5 class="modal-title" id="closeAlertModalLabel"></h5>
                   <input type="radio" name="resolutionStatus" value="true_positive_with_impact" class="selectgroup-input">
                   <span class="selectgroup-button">True positive with impact</span>
                 </label>
-
+                <label class="selectgroup-item">
+                  <input type="radio" name="resolutionStatus" value="unknown" class="selectgroup-input">
+                  <span class="selectgroup-button">Unknown</span>
+                </label>
               </div>
           </div>
           <div class="form-group">

diff --git a/source/app/datamgmt/manage/manage_cases_db.py b/source/app/datamgmt/manage/manage_cases_db.py
@@ -192,6 +192,9 @@ def map_alert_resolution_to_case_status(case_status_id):
     elif case_status_id == CaseStatus.true_positive_without_impact.value:
         ares = search_alert_resolution_by_name('True Positive Without Impact', exact_match=True)
 
+    elif case_status_id == CaseStatus.unknown.value:
+        ares = search_alert_resolution_by_name('Unknown', exact_match=True)
+
     else:
         ares = search_alert_resolution_by_name('Not Applicable', exact_match=True)
 

diff --git a/source/app/post_init.py b/source/app/post_init.py
@@ -731,6 +731,8 @@ def create_safe_alert_resolution_status():
                 resolution_status_description="The alert was a true positive but had no impact")
     create_safe(db.session, AlertResolutionStatus, resolution_status_name='Not Applicable',
                 resolution_status_description="The alert is not applicable")
+    create_safe(db.session, AlertResolutionStatus, resolution_status_name='Unknown',
+                resolution_status_description="Unknown resolution status")
 
 
 def create_safe_case_states():

diff --git a/source/app/static/assets/js/iris/alerts.js b/source/app/static/assets/js/iris/alerts.js
@@ -812,6 +812,8 @@ function alertResolutionToARC(resolution) {
             return `<span class="badge alert-bade-status badge-pill badge-warning mr-2">True Positive without impact</span>`
         case 'False Positive':
             return `<span class="badge alert-bade-status badge-pill badge-success mr-2">False Positive</span>`
+        case 'Unknown':
+            return `<span class="badge alert-bade-status badge-pill badge-light mr-2">Unknown resolution</span>`
     }
 }