fix threat intel feed parser

Signed-off-by: Surya Sashank Nistala <[email protected]>

Dockerfile

@@ -0,0 +1,4 @@
+FROM opensearchstaging/opensearch:2.11.0
+ADD build/distributions/opensearch-security-analytics-2.11.0.0-SNAPSHOT.zip /tmp/
+RUN if [ -d /usr/share/opensearch/plugins/opensearch-security-analytics ]; then /usr/share/opensearch/bin/opensearch-plugin remove opensearch-security-analytics; fi
+RUN /usr/share/opensearch/bin/opensearch-plugin install --batch file:/tmp/opensearch-security-analytics-2.11.0.0-SNAPSHOT.zip

src/main/java/org/opensearch/securityanalytics/model/ThreatIntelFeedData.java

@@ -60,7 +60,6 @@ public static ThreatIntelFeedData parse(XContentParser xcp, String id, Long vers
         String iocValue = null;
         String feedId = null;
         Instant timestamp = null;
-        xcp.nextToken();
         XContentParserUtils.ensureExpectedToken(XContentParser.Token.START_OBJECT, xcp.currentToken(), xcp);
         while (xcp.nextToken() != XContentParser.Token.END_OBJECT) {
             String fieldName = xcp.currentName();

src/main/java/org/opensearch/securityanalytics/threatIntel/ThreatIntelFeedDataUtils.java

@@ -31,6 +31,7 @@ public static List<ThreatIntelFeedData> getTifdList(SearchResponse searchRespons
                             xContentRegistry,
                             LoggingDeprecationHandler.INSTANCE, hit.getSourceAsString()
                     );
+                    xcp.nextToken();
                     list.add(ThreatIntelFeedData.parse(xcp, hit.getId(), hit.getVersion()));
                 } catch (Exception e) {
                     log.error(() -> new ParameterizedMessage(

src/test/java/org/opensearch/securityanalytics/model/WriteableTests.java

@@ -19,7 +19,7 @@
 
 public class WriteableTests extends OpenSearchTestCase {
 
-    public void testDetectorAsStream() throws IOException {
+    public void testDetectorAsStrea() throws IOException {
         Detector detector = randomDetector(List.of());
         detector.setInputs(List.of(new DetectorInput("", List.of(), List.of(), List.of())));
         BytesStreamOutput out = new BytesStreamOutput();