-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Endpoint Telemetry: Agents Metrics + Policy Config / Response (#102171)…
… (#103851) * [PH] Initial setup for endpoint task telemetry. * Refactor / Add daily task for collecting fleet detail / policy resp / EP metrics * [PH CD] Code walkthrough. Start fetching fleet policy configs. * [PH] pass in fleet agent service rather than homebrew kuerys. * [PH] prepare to move away from legacy es client. Get fleet ep agents. * Fetch agent policy configs. * Stub ep policy responses. * Fix CI + Types. Fix dep injection. Reimagine SO client creation. * Create SO client properly * Fetch EP Policy responses. * Fetch EP Policy responses. * Remove unused import * Fetch failed policy responses from EP data stream. * Remove unused imports. * Combine failed policy responses with policy configs. * Attach fleet agent + ep agent ids * Add dedicated channel sender. Temp disable with feature flag. * Remove ublock from the failed policy response. * Fetch endpoint metrics. * Fix bad merge commit. * Get EP telemetry. * Record last execution time of endpoint task * Remove send on demand feature flag. * Simplify cache conditional. * Refactor into Promise.allSettled * Fix type error. * Bail if there is no endpoint metrics * Bump interval to 24h. Co-authored-by: Kibana Machine <[email protected]> Co-authored-by: Pete Hampton <[email protected]>
- Loading branch information
1 parent
fe30b1b
commit 3365f1b
Showing
10 changed files
with
649 additions
and
83 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
51 changes: 51 additions & 0 deletions
51
x-pack/plugins/security_solution/server/lib/telemetry/endpoint_task.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import { loggingSystemMock } from 'src/core/server/mocks'; | ||
import { taskManagerMock } from '../../../../task_manager/server/mocks'; | ||
import { TelemetryEndpointTask } from './endpoint_task'; | ||
import { createMockTelemetryEventsSender } from './mocks'; | ||
|
||
describe('test', () => { | ||
let logger: ReturnType<typeof loggingSystemMock.createLogger>; | ||
|
||
beforeEach(() => { | ||
logger = loggingSystemMock.createLogger(); | ||
}); | ||
|
||
describe('endpoint alert telemetry checks', () => { | ||
test('the task can register', () => { | ||
const telemetryEndpointTask = new TelemetryEndpointTask( | ||
logger, | ||
taskManagerMock.createSetup(), | ||
createMockTelemetryEventsSender(true) | ||
); | ||
|
||
expect(telemetryEndpointTask).toBeInstanceOf(TelemetryEndpointTask); | ||
}); | ||
}); | ||
|
||
test('the endpoint task should be registered', () => { | ||
const mockTaskManager = taskManagerMock.createSetup(); | ||
new TelemetryEndpointTask(logger, mockTaskManager, createMockTelemetryEventsSender(true)); | ||
|
||
expect(mockTaskManager.registerTaskDefinitions).toHaveBeenCalled(); | ||
}); | ||
|
||
test('the endpoint task should be scheduled', async () => { | ||
const mockTaskManagerSetup = taskManagerMock.createSetup(); | ||
const telemetryEndpointTask = new TelemetryEndpointTask( | ||
logger, | ||
mockTaskManagerSetup, | ||
createMockTelemetryEventsSender(true) | ||
); | ||
|
||
const mockTaskManagerStart = taskManagerMock.createStart(); | ||
await telemetryEndpointTask.start(mockTaskManagerStart); | ||
expect(mockTaskManagerStart.ensureScheduled).toHaveBeenCalled(); | ||
}); | ||
}); |
Oops, something went wrong.