diff --git a/x-pack/plugins/osquery/cypress/fixtures/saved_objects/example_pack.ndjson b/x-pack/plugins/osquery/cypress/fixtures/saved_objects/example_pack.ndjson new file mode 100644 index 0000000000000..4f169e1690084 --- /dev/null +++ b/x-pack/plugins/osquery/cypress/fixtures/saved_objects/example_pack.ndjson @@ -0,0 +1,39 @@ +{ + "attributes": { + "created_at": "2022-08-01T08:01:50.452Z", + "created_by": "elastic", + "description": "", + "enabled": true, + "name": "Example", + "queries": [ + { + "ecs_mapping": [], + "id": "system_memory_linux_elastic", + "interval": 3600, + "platform": "linux", + "query": "SELECT * FROM memory_info;" + }, + { + "ecs_mapping": [], + "id": "system_info_elastic", + "interval": 3600, + "platform": "linux,windows,darwin", + "query": "SELECT * FROM system_info;" + }, + { + "ecs_mapping": [], + "id": "failingQuery", + "interval": 10, + "query": "select opera_extensions.* from users join opera_extensions using (uid);" + } + ], + "updated_at": "2022-08-01T08:07:54.950Z", + "updated_by": "elastic" + }, + "coreMigrationVersion": "8.5.0", + "id": "32cae340-1170-11ed-9ac3-9feb91078661", + "references": [], + "type": "osquery-pack", + "updated_at": "2022-08-01T08:07:54.956Z", + "version": "WzQ4NTksMV0=" +} diff --git a/x-pack/plugins/osquery/cypress/fixtures/saved_objects/pack.ndjson b/x-pack/plugins/osquery/cypress/fixtures/saved_objects/pack.ndjson index d36a9ccb8cabd..af1ccb22cb068 100644 --- a/x-pack/plugins/osquery/cypress/fixtures/saved_objects/pack.ndjson +++ b/x-pack/plugins/osquery/cypress/fixtures/saved_objects/pack.ndjson @@ -25,4 +25,4 @@ "type": "osquery-pack", "updated_at": "2022-01-28T09:01:46.152Z", "version": "WzgzOTksMV0=" -} \ No newline at end of file +} diff --git a/x-pack/plugins/osquery/cypress/integration/all/add_integration.spec.ts b/x-pack/plugins/osquery/cypress/integration/all/add_integration.spec.ts index a6850e7fdbc03..38e6d6f30a661 100644 --- a/x-pack/plugins/osquery/cypress/integration/all/add_integration.spec.ts +++ b/x-pack/plugins/osquery/cypress/integration/all/add_integration.spec.ts @@ -62,6 +62,7 @@ describe('ALL - Add Integration', () => { cy.get('.euiTableCellContent').get('.euiPopover__anchor').get(`[aria-label="Open"]`).click(); cy.contains(/^Delete integration$/).click(); closeModalIfVisible(); + cy.contains(/^Deleted integration 'osquery_manager-1'$/); cy.contains(/^Settings$/).click(); cy.contains(/^Uninstall Osquery Manager$/).click(); closeModalIfVisible(); @@ -77,10 +78,9 @@ describe('ALL - Add Integration', () => { cy.contains('osquery_manager-'); }); - it.skip('should have integration and packs copied when upgrading integration', () => { + it('should have integration and packs copied when upgrading integration', () => { const packageName = 'osquery_manager'; const oldVersion = '1.2.0'; - const newVersion = '1.3.1'; cy.visit(`app/integrations/detail/${packageName}-${oldVersion}/overview`); cy.contains('Add Osquery Manager').click(); @@ -100,7 +100,10 @@ describe('ALL - Add Integration', () => { navigateTo('app/osquery/packs'); findAndClickButton('Add pack'); findFormFieldByRowsLabelAndType('Name', 'Integration'); - findFormFieldByRowsLabelAndType('Scheduled agent policies (optional)', '{downArrow} {enter}'); + findFormFieldByRowsLabelAndType( + 'Scheduled agent policies (optional)', + 'Agent policy 1 {downArrow} {enter}' + ); findAndClickButton('Add query'); cy.react('EuiComboBox', { props: { placeholder: 'Search for a query to run, or write a new query below' }, @@ -109,6 +112,7 @@ describe('ALL - Add Integration', () => { .type('{downArrow} {enter}'); cy.contains(/^Save$/).click(); cy.contains(/^Save pack$/).click(); + cy.contains(/^Successfully created "Integration" pack$/).click(); cy.visit('app/fleet/policies'); cy.contains('Agent policy 1').click(); cy.contains('Upgrade').click(); @@ -119,14 +123,15 @@ describe('ALL - Add Integration', () => { cy.contains(/^Advanced$/).click(); cy.contains('"Integration":'); cy.contains('Cancel').click(); + closeModalIfVisible(); cy.get('tr') .should('contain', 'osquery_manager-2') .and('contain', 'Osquery Manager') - .and('contain', `v${newVersion}`); + .and('contain', 'v') + .and('not.contain', `v${oldVersion}`); cy.contains('Actions').click(); cy.contains('View policy').click(); cy.contains('name: osquery_manager-2'); - cy.contains(`version: ${newVersion}`); // test list of prebuilt queries navigateTo('/app/osquery/saved_queries'); diff --git a/x-pack/plugins/osquery/cypress/integration/all/alerts.spec.ts b/x-pack/plugins/osquery/cypress/integration/all/alerts.spec.ts index 80516f480e803..ee4992b04b1d2 100644 --- a/x-pack/plugins/osquery/cypress/integration/all/alerts.spec.ts +++ b/x-pack/plugins/osquery/cypress/integration/all/alerts.spec.ts @@ -49,7 +49,7 @@ describe('Alert Event Details', () => { closeModalIfVisible(); cy.contains(PACK_NAME); cy.visit('/app/security/rules'); - cy.contains(RULE_NAME).click(); + cy.contains(RULE_NAME); cy.wait(2000); cy.getBySel('ruleSwitch').should('have.attr', 'aria-checked', 'true'); cy.getBySel('ruleSwitch').click(); @@ -58,13 +58,23 @@ describe('Alert Event Details', () => { cy.getBySel('ruleSwitch').should('have.attr', 'aria-checked', 'true'); }); - it.skip('should be able to run live query and add to timeline (-depending on the previous test)', () => { + it('should be able to run live query and add to timeline (-depending on the previous test)', () => { const TIMELINE_NAME = 'Untitled timeline'; cy.visit('/app/security/alerts'); cy.getBySel('header-page-title').contains('Alerts').should('exist'); - cy.getBySel('timeline-context-menu-button').first().click(); - cy.getBySel('osquery-action-item').should('exist').contains('Run Osquery'); - cy.getBySel('expand-event').first().click(); + cy.getBySel('expand-event') + .first() + .within(() => { + cy.get(`[data-is-loading="true"]`).should('exist'); + }); + cy.getBySel('expand-event') + .first() + .within(() => { + cy.get(`[data-is-loading="true"]`).should('not.exist'); + }); + cy.getBySel('timeline-context-menu-button').first().click({ force: true }); + cy.contains('Run Osquery'); + cy.getBySel('expand-event').first().click({ force: true }); cy.getBySel('take-action-dropdown-btn').click(); cy.getBySel('osquery-action-item').click(); cy.contains('1 agent selected.'); diff --git a/x-pack/plugins/osquery/cypress/integration/all/live_query.spec.ts b/x-pack/plugins/osquery/cypress/integration/all/live_query.spec.ts index 731802a021ae4..0678f3170f234 100644 --- a/x-pack/plugins/osquery/cypress/integration/all/live_query.spec.ts +++ b/x-pack/plugins/osquery/cypress/integration/all/live_query.spec.ts @@ -28,6 +28,7 @@ import { ROLES } from '../../test'; describe('ALL - Live Query', () => { before(() => { runKbnArchiverScript(ArchiverMethod.LOAD, 'ecs_mapping_1'); + runKbnArchiverScript(ArchiverMethod.LOAD, 'example_pack'); }); beforeEach(() => { @@ -37,6 +38,7 @@ describe('ALL - Live Query', () => { after(() => { runKbnArchiverScript(ArchiverMethod.UNLOAD, 'ecs_mapping_1'); + runKbnArchiverScript(ArchiverMethod.UNLOAD, 'example_pack'); }); it('should run query and enable ecs mapping', () => { @@ -94,22 +96,27 @@ describe('ALL - Live Query', () => { cy.react('ReactAce', { props: { value: 'select * from users' } }).should('exist'); }); - it.skip('should run live pack', () => { + it('should run live pack', () => { cy.contains('New live query').click(); cy.contains('Run a set of queries in a pack.').click(); cy.get(LIVE_QUERY_EDITOR).should('not.exist'); cy.getBySel('select-live-pack').click(); - cy.contains('Integration').click(); - cy.contains('This table contains 1 rows.'); - cy.contains('Integration ('); + cy.contains('Example').click(); + cy.contains('This table contains 3 rows.'); cy.contains('system_memory_linux_elastic'); + cy.contains('system_info_elastic'); + cy.contains('failingQuery'); selectAllAgents(); submitQuery(); cy.getBySel('live-query-loading').should('exist'); cy.getBySel('live-query-loading', { timeout: 10000 }).should('not.exist'); - cy.getBySel('toggleIcon-events').click(); + cy.getBySel('toggleIcon-system_memory_linux_elastic').click(); checkResults(); + cy.getBySel('toggleIcon-system_memory_linux_elastic').click(); + cy.getBySel('toggleIcon-failingQuery').click(); + cy.contains('Status').click(); + cy.contains('query failed, code: 1, message: no such table: opera_extensions'); navigateTo('/app/osquery'); - cy.contains('Integration'); + cy.contains('Example'); }); }); diff --git a/x-pack/plugins/osquery/cypress/integration/all/packs.spec.ts b/x-pack/plugins/osquery/cypress/integration/all/packs.spec.ts index 71a3cf11097c4..72fae5479a85e 100644 --- a/x-pack/plugins/osquery/cypress/integration/all/packs.spec.ts +++ b/x-pack/plugins/osquery/cypress/integration/all/packs.spec.ts @@ -59,7 +59,7 @@ describe('ALL - Packs', () => { cy.react('EuiFormRow', { props: { label: 'Interval (s)' } }) .click() .clear() - .type('10'); + .type('5'); cy.react('EuiFlyoutFooter').react('EuiButton').contains('Save').click(); cy.react('EuiTableRow').contains(SAVED_QUERY_ID); findAndClickButton('Save pack'); @@ -85,6 +85,7 @@ describe('ALL - Packs', () => { findAndClickButton('Update pack'); cy.contains('Save and deploy changes'); findAndClickButton('Save and deploy changes'); + cy.contains(`Successfully updated "${PACK_NAME}" pack`); }); it('should trigger validation when saved query is being chosen', () => { @@ -97,6 +98,7 @@ describe('ALL - Packs', () => { cy.contains('ID must be unique').should('exist'); cy.react('EuiFlyoutFooter').react('EuiButtonEmpty').contains('Cancel').click(); }); + it.skip('should open lens in new tab', () => { let lensUrl = ''; cy.window().then((win) => { @@ -161,6 +163,28 @@ describe('ALL - Packs', () => { cy.contains(`Successfully activated "${PACK_NAME}" pack`).should('exist'); }); + it.skip('should verify that packs are triggered', () => { + cy.waitForReact(); + preparePack(PACK_NAME); + cy.contains(`${PACK_NAME} details`).should('exist'); + + cy.getBySel('docsLoading').should('exist'); + cy.getBySel('docsLoading').should('not.exist'); + cy.react('ScheduledQueryLastResults') + .should('exist') + .within(() => { + cy.react('FormattedRelative'); + }); + + cy.react('DocsColumnResults').within(() => { + cy.react('EuiNotificationBadge').contains('1'); + }); + cy.react('AgentsColumnResults').within(() => { + cy.react('EuiNotificationBadge').contains('1'); + }); + cy.getBySel('packResultsErrorsEmpty').should('have.length', 2); + }); + it('delete all queries in the pack', () => { preparePack(PACK_NAME); cy.contains(/^Edit$/).click(); @@ -260,6 +284,7 @@ describe('ALL - Packs', () => { .click(); cy.contains(/^Delete integration$/).click(); closeModalIfVisible(); + cy.contains(/^Deleted integration 'osquery_manager-3'$/); navigateTo('app/osquery/packs'); cy.contains(REMOVING_PACK).click(); cy.contains(`${REMOVING_PACK} details`).should('exist'); diff --git a/x-pack/plugins/osquery/cypress/integration/roles/alert_test.spec.ts b/x-pack/plugins/osquery/cypress/integration/roles/alert_test.spec.ts index b68cd0d17e466..5d25b6599b13c 100644 --- a/x-pack/plugins/osquery/cypress/integration/roles/alert_test.spec.ts +++ b/x-pack/plugins/osquery/cypress/integration/roles/alert_test.spec.ts @@ -13,7 +13,7 @@ import { preparePack } from '../../tasks/packs'; import { closeModalIfVisible } from '../../tasks/integrations'; import { navigateTo } from '../../tasks/navigation'; -describe.skip('Alert_Test', () => { +describe('Alert_Test', () => { before(() => { runKbnArchiverScript(ArchiverMethod.LOAD, 'pack'); runKbnArchiverScript(ArchiverMethod.LOAD, 'rule'); diff --git a/x-pack/plugins/osquery/cypress/integration/roles/t1_analyst.spec.ts b/x-pack/plugins/osquery/cypress/integration/roles/t1_analyst.spec.ts index 57995296cfb17..c151cce2c2e60 100644 --- a/x-pack/plugins/osquery/cypress/integration/roles/t1_analyst.spec.ts +++ b/x-pack/plugins/osquery/cypress/integration/roles/t1_analyst.spec.ts @@ -12,7 +12,7 @@ import { checkResults, selectAllAgents, submitQuery } from '../../tasks/live_que import { ArchiverMethod, runKbnArchiverScript } from '../../tasks/archiver'; import { getSavedQueriesDropdown, LIVE_QUERY_EDITOR } from '../../screens/live_query'; -describe.skip('T1 Analyst - READ + runSavedQueries ', () => { +describe('T1 Analyst - READ + runSavedQueries ', () => { const SAVED_QUERY_ID = 'Saved-Query-Id'; beforeEach(() => { diff --git a/x-pack/plugins/osquery/cypress/integration/roles/t2_analyst.spec.ts b/x-pack/plugins/osquery/cypress/integration/roles/t2_analyst.spec.ts index cf91a49e9dad6..901b18f1461c7 100644 --- a/x-pack/plugins/osquery/cypress/integration/roles/t2_analyst.spec.ts +++ b/x-pack/plugins/osquery/cypress/integration/roles/t2_analyst.spec.ts @@ -19,7 +19,7 @@ import { import { ArchiverMethod, runKbnArchiverScript } from '../../tasks/archiver'; import { getSavedQueriesComplexTest } from '../../tasks/saved_queries'; -describe.skip('T2 Analyst - READ + Write Live/Saved + runSavedQueries ', () => { +describe('T2 Analyst - READ + Write Live/Saved + runSavedQueries ', () => { const SAVED_QUERY_ID = 'Saved-Query-Id'; const NEW_SAVED_QUERY_ID = 'Saved-Query-Id-T2'; const NEW_SAVED_QUERY_DESCRIPTION = 'Test saved query description T2'; diff --git a/x-pack/plugins/osquery/public/packs/pack_queries_status_table.tsx b/x-pack/plugins/osquery/public/packs/pack_queries_status_table.tsx index c698db405add4..a0a1873836721 100644 --- a/x-pack/plugins/osquery/public/packs/pack_queries_status_table.tsx +++ b/x-pack/plugins/osquery/public/packs/pack_queries_status_table.tsx @@ -492,7 +492,7 @@ const AgentsColumnResults: React.FC = ({ actionI interval, }); if (isLoading) { - return ; + return ; } if (!lastResultsData) { @@ -531,7 +531,7 @@ const ErrorsColumnResults: React.FC = ({ } if (!errorsData?.total) { - return <>{'-'}; + return {'-'}; } return (