[
https://issues.apache.org/jira/browse/METRON-1147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16150332#comment-16150332
]
Otto Fowler commented on METRON-1147:
-------------------------------------
The feature should explicitly state that alerts will be sent as is, and as
annotated, such that any transformation or addition of fields required by such
system must be handled by some other agent ( like nifi ).
> Add ability to escalate alerts in the alerts UI
> -----------------------------------------------
>
> Key: METRON-1147
> URL: https://issues.apache.org/jira/browse/METRON-1147
> Project: Metron
> Issue Type: New Feature
> Reporter: Ryan Merriman
>
> An SOC operator or alerts UI user should be able to click a button in the
> alerts UI which sends an alert or list of alerts to an external ticketing
> system. This should cause an alert to be written to Kafka in a REST service
> which could then be consumed by any ticketing system outside of Metron. The
> alert or list of alerts should be annotated with the user who escalated the
> alert(s) and time the alert(s) was escalated.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
