feat(alert): add countAllAlertsByStatus method for improved alert counting

mjabascal10 · mjabascal10 · commit 1fe88680db17 · 2025-10-15T11:06:22.000-05:00
diff --git a/backend/src/main/java/com/park/utmstack/service/UtmAlertTagRuleService.java b/backend/src/main/java/com/park/utmstack/service/UtmAlertTagRuleService.java
@@ -145,7 +145,7 @@ public void automaticReview() {
         final String ctx = CLASSNAME + ".automaticReview";
         try {
             // If no new alerts have been received, stop execution
-            if (alertUtil.countAlertsByStatus(AlertStatus.AUTOMATIC_REVIEW.getCode()) == 0)
+            if (alertUtil.countAllAlertsByStatus(AlertStatus.AUTOMATIC_REVIEW.getCode()) == 0)
                 return;
 
             // Getting all registered rules
diff --git a/backend/src/main/java/com/park/utmstack/util/AlertUtil.java b/backend/src/main/java/com/park/utmstack/util/AlertUtil.java
@@ -48,4 +48,28 @@ public Long countAlertsByStatus(int status) {
             throw new RuntimeException(ctx + ": " + e.getMessage());
         }
     }
+
+    public Long countAllAlertsByStatus(int status) {
+        final String ctx = CLASSNAME + ".countAlertsByStatus";
+        final String AGG_NAME = "count_open_alerts";
+        try {
+            if (!elasticsearchService.indexExist(Constants.SYS_INDEX_PATTERN.get(SystemIndexPattern.ALERTS)))
+                return 0L;
+
+            List<FilterType> filters = new ArrayList<>();
+            filters.add(new FilterType(Constants.alertStatus, OperatorType.IS, status));
+            filters.add(new FilterType(Constants.alertTags, OperatorType.DOES_NOT_CONTAIN, Constants.FALSE_POSITIVE_TAG));
+
+            SearchRequest.Builder srb = new SearchRequest.Builder();
+            srb.query(SearchUtil.toQuery(filters))
+                    .index(Constants.SYS_INDEX_PATTERN.get(SystemIndexPattern.ALERTS))
+                    .aggregations(AGG_NAME, a -> a.valueCount(c -> c.field(Constants.alertStatus)))
+                    .size(0);
+
+            SearchResponse<Object> response = elasticsearchService.search(srb.build(), Object.class);
+            return (long) response.aggregations().get(AGG_NAME).valueCount().value();
+        } catch (Exception e) {
+            throw new RuntimeException(ctx + ": " + e.getMessage());
+        }
+    }
 }
