Skip to content

Add search term normalization, remove v4, update dependencies, fix tests #27

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
sarus merged 9 commits into from
Jan 13, 2026
Merged

Add search term normalization, remove v4, update dependencies, fix tests #27

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
9ba748c
Add search term normalization, remove v4, fix tests
sarus Jan 13, 2026
d6c8049
Add unit tests
sarus Jan 13, 2026
601fc30
Add new option, fix example searches
sarus Jan 13, 2026
2bb5a0e
Update option description
sarus Jan 13, 2026
2696b2c
Set logging to info
sarus Jan 13, 2026
cd6b9e3
Make option admin only
sarus Jan 13, 2026
ef22620
Rename file to match existing naming convention
sarus Jan 13, 2026
27b7a97
Update tests to log at same level as integration
sarus Jan 13, 2026
7284962
Merge pull request #26 from polarityio/INT-1671
sarus Jan 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 13 additions & 11 deletions .github/workflows/run-int-dev-checklist.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,14 +10,16 @@ jobs:
container: 'rockylinux:8'

steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v1
- name: Test NPM Install
id: test-npm-install
run: |
npm ci
- name: Polarity Integration Development Checklist
id: int-dev-checklist
uses: polarityio/polarity-integration-development-checklist@main
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@v6
- uses: actions/setup-node@v4
with:
node-version: '18'
- name: Test NPM Install
id: test-npm-install
run: |
npm ci
- name: Polarity Integration Development Checklist
id: int-dev-checklist
uses: polarityio/polarity-integration-development-checklist@main
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
17 changes: 14 additions & 3 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,19 +58,19 @@ You should not specify `size` and `from` parameters as these parameters are cont
As an example, with the search query defined as:

```
{"query": { "simple_query_string": { "query": "\"{{entity}}\"" } }, "sort": [ {"timestamp": "desc" } ] } }
{"query": { "simple_query_string": { "query": "\"{{entity}}\"" } }, "sort": [ {"timestamp": "desc" } ] }
```

If the user has the IP 8.8.8.8 on their screen the integration will execute the following query:

```
{"query": { "simple_query_string": { "query": "\"8.8.8.8\"" } }, "sort": [ {"timestamp": "desc" } ] } }
{"query": { "simple_query_string": { "query": "\"8.8.8.8\"" } }, "sort": [ {"timestamp": "desc" } ] }
```

If you'd like to search certain fields you can use the `fields` property along with the `simple_query_string`. For example, to only search the `ip` field you could use the following search:

```
{"query": { "simple_query_string": { "query": "\"{{entity}}\"", "fields": ["ip"]}}, "sort": [ {"timestamp": "desc" } ] } }
{"query": { "simple_query_string": { "query": "\"{{entity}}\"", "fields": ["ip"]}}, "sort": [ {"timestamp": "desc" } ] }
```

If you'd like to search a specific time range you can do that using normal Elasticsearch JSON search syntax. For example, do search data from the last 365 days you can use the following query assuming your timestamp field is called `timestamp`.
Expand Down Expand Up @@ -143,6 +143,17 @@ Maximum number of concurrent search requests (defaults to 10). Integration must

Minimum amount of time in milliseconds between each entity search (defaults to 50). Integration must be restarted after changing this option.

### Search Term Normalization

Normalize the search term by applying a normalization function to the entity. If set, all entities will be normalized. Defaults to "None".

Valid options are:

* Lowercase the search term
* Uppercase the search term
* Search term matches input
* None - Use Polarity default casing

## Installation Instructions

Installation instructions for integrations are provided on the [PolarityIO GitHub Page](https://polarityio.github.io/).
Expand Down
213 changes: 0 additions & 213 deletions config/config.js
View file
Open in desktop

This file was deleted.

31 changes: 31 additions & 0 deletions config/config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -210,6 +210,37 @@
"type": "boolean",
"userCanEdit": false,
"adminOnly": true
},
{
"key": "searchTermNormalization",
"name": "Search Term Normalization",
"description": "Modify the casing of the search term (i.e., {{ENTITY}}), by applying a normalization function to the entity. If set, all entities will be normalized. Defaults to \"None\".",
"default": {
"value": "none",
"display": "None - use Polarity default casing"
},
"type": "select",
"options": [
{
"value": "none",
"display": "None - use Polarity default casing"
},
{
"value": "lower",
"display": "Lowercase the search term"
},
{
"value": "upper",
"display": "Uppercase the search term"
},
{
"value": "exact",
"display": "Search term matches input"
}
],
"multiple": false,
"userCanEdit": false,
"adminOnly": true
}
]
}
Loading