diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.test.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.test.ts index 250cbc6e312ed..9fb12b77e7252 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.test.ts +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.test.ts @@ -72,7 +72,7 @@ describe('endpoint list saga', () => { expect(fakeHttpServices.post).not.toHaveBeenCalled(); dispatch({ type: 'userNavigatedToPage', payload: 'managementPage' }); await sleep(); - expect(fakeHttpServices.post).toHaveBeenCalledWith('/api/endpoint/endpoints', { + expect(fakeHttpServices.post).toHaveBeenCalledWith('/api/endpoint/metadata', { body: JSON.stringify({ paging_properties: [{ page_index: 0 }, { page_size: 10 }], }), diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.ts index ae756caf5aa35..754a855c171ad 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.ts +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.ts @@ -18,7 +18,7 @@ export const managementMiddlewareFactory: MiddlewareFactory ) { const managementPageIndex = pageIndex(getState()); const managementPageSize = pageSize(getState()); - const response = await coreStart.http.post('/api/endpoint/endpoints', { + const response = await coreStart.http.post('/api/endpoint/metadata', { body: JSON.stringify({ paging_properties: [ { page_index: managementPageIndex }, diff --git a/x-pack/plugins/endpoint/server/plugin.ts b/x-pack/plugins/endpoint/server/plugin.ts index afed5199b7d72..aef85f39e0382 100644 --- a/x-pack/plugins/endpoint/server/plugin.ts +++ b/x-pack/plugins/endpoint/server/plugin.ts @@ -10,7 +10,7 @@ import { createConfig$, EndpointConfigType } from './config'; import { EndpointAppContext } from './types'; import { addRoutes } from './routes'; -import { registerEndpointRoutes } from './routes/endpoints'; +import { registerEndpointRoutes } from './routes/metadata'; import { registerAlertRoutes } from './routes/alerts'; import { registerResolverRoutes } from './routes/resolver'; diff --git a/x-pack/plugins/endpoint/server/routes/endpoints.test.ts b/x-pack/plugins/endpoint/server/routes/metadata.test.ts similarity index 95% rename from x-pack/plugins/endpoint/server/routes/endpoints.test.ts rename to x-pack/plugins/endpoint/server/routes/metadata.test.ts index 25c4225495a41..ee374bc1b57d6 100644 --- a/x-pack/plugins/endpoint/server/routes/endpoints.test.ts +++ b/x-pack/plugins/endpoint/server/routes/metadata.test.ts @@ -20,9 +20,9 @@ import { } from '../../../../../src/core/server/mocks'; import { EndpointMetadata, EndpointResultList } from '../../common/types'; import { SearchResponse } from 'elasticsearch'; -import { registerEndpointRoutes } from './endpoints'; +import { registerEndpointRoutes } from './metadata'; import { EndpointConfigSchema } from '../config'; -import * as data from '../test_data/all_endpoints_data.json'; +import * as data from '../test_data/all_metadata_data.json'; describe('test endpoint route', () => { let routerMock: jest.Mocked; @@ -54,7 +54,7 @@ describe('test endpoint route', () => { >; mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => - path.startsWith('/api/endpoint/endpoints') + path.startsWith('/api/endpoint/metadata') )!; await routeHandler( @@ -96,7 +96,7 @@ describe('test endpoint route', () => { Promise.resolve((data as unknown) as SearchResponse) ); [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => - path.startsWith('/api/endpoint/endpoints') + path.startsWith('/api/endpoint/metadata') )!; await routeHandler( @@ -143,7 +143,7 @@ describe('test endpoint route', () => { Promise.resolve((data as unknown) as SearchResponse) ); [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => - path.startsWith('/api/endpoint/endpoints') + path.startsWith('/api/endpoint/metadata') )!; await routeHandler( @@ -208,7 +208,7 @@ describe('test endpoint route', () => { }) ); [routeConfig, routeHandler] = routerMock.get.mock.calls.find(([{ path }]) => - path.startsWith('/api/endpoint/endpoints') + path.startsWith('/api/endpoint/metadata') )!; await routeHandler( @@ -239,7 +239,7 @@ describe('test endpoint route', () => { >; mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); [routeConfig, routeHandler] = routerMock.get.mock.calls.find(([{ path }]) => - path.startsWith('/api/endpoint/endpoints') + path.startsWith('/api/endpoint/metadata') )!; await routeHandler( diff --git a/x-pack/plugins/endpoint/server/routes/endpoints.ts b/x-pack/plugins/endpoint/server/routes/metadata.ts similarity index 90% rename from x-pack/plugins/endpoint/server/routes/endpoints.ts rename to x-pack/plugins/endpoint/server/routes/metadata.ts index 054172a7f258a..278cfac020a3b 100644 --- a/x-pack/plugins/endpoint/server/routes/endpoints.ts +++ b/x-pack/plugins/endpoint/server/routes/metadata.ts @@ -9,9 +9,9 @@ import { SearchResponse } from 'elasticsearch'; import { schema } from '@kbn/config-schema'; import { - kibanaRequestToEndpointListQuery, - kibanaRequestToEndpointFetchQuery, -} from '../services/endpoint/endpoint_query_builders'; + kibanaRequestToMetadataListESQuery, + kibanaRequestToMetadataGetESQuery, +} from '../services/endpoint/metadata_query_builders'; import { EndpointMetadata, EndpointResultList } from '../../common/types'; import { EndpointAppContext } from '../types'; @@ -22,7 +22,7 @@ interface HitSource { export function registerEndpointRoutes(router: IRouter, endpointAppContext: EndpointAppContext) { router.post( { - path: '/api/endpoint/endpoints', + path: '/api/endpoint/metadata', validate: { body: schema.nullable( schema.object({ @@ -53,7 +53,7 @@ export function registerEndpointRoutes(router: IRouter, endpointAppContext: Endp }, async (context, req, res) => { try { - const queryParams = await kibanaRequestToEndpointListQuery(req, endpointAppContext); + const queryParams = await kibanaRequestToMetadataListESQuery(req, endpointAppContext); const response = (await context.core.elasticsearch.dataClient.callAsCurrentUser( 'search', queryParams @@ -67,7 +67,7 @@ export function registerEndpointRoutes(router: IRouter, endpointAppContext: Endp router.get( { - path: '/api/endpoint/endpoints/{id}', + path: '/api/endpoint/metadata/{id}', validate: { params: schema.object({ id: schema.string() }), }, @@ -75,7 +75,7 @@ export function registerEndpointRoutes(router: IRouter, endpointAppContext: Endp }, async (context, req, res) => { try { - const query = kibanaRequestToEndpointFetchQuery(req, endpointAppContext); + const query = kibanaRequestToMetadataGetESQuery(req, endpointAppContext); const response = (await context.core.elasticsearch.dataClient.callAsCurrentUser( 'search', query diff --git a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.test.ts b/x-pack/plugins/endpoint/server/services/endpoint/metadata_query_builders.test.ts similarity index 79% rename from x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.test.ts rename to x-pack/plugins/endpoint/server/services/endpoint/metadata_query_builders.test.ts index bd9986ecf1f97..a3090361d4965 100644 --- a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.test.ts +++ b/x-pack/plugins/endpoint/server/services/endpoint/metadata_query_builders.test.ts @@ -6,17 +6,18 @@ import { httpServerMock, loggingServiceMock } from '../../../../../../src/core/server/mocks'; import { EndpointConfigSchema } from '../../config'; import { - kibanaRequestToEndpointListQuery, - kibanaRequestToEndpointFetchQuery, -} from './endpoint_query_builders'; + kibanaRequestToMetadataListESQuery, + kibanaRequestToMetadataGetESQuery, +} from './metadata_query_builders'; +import { EndpointAppConstants } from '../../../common/types'; describe('query builder', () => { - describe('EndpointListQuery', () => { - it('test default query params for all endpoints when no params or body is provided', async () => { + describe('MetadataListESQuery', () => { + it('test default query params for all endpoints metadata when no params or body is provided', async () => { const mockRequest = httpServerMock.createKibanaRequest({ body: {}, }); - const query = await kibanaRequestToEndpointListQuery(mockRequest, { + const query = await kibanaRequestToMetadataListESQuery(mockRequest, { logFactory: loggingServiceMock.create(), config: () => Promise.resolve(EndpointConfigSchema.validate({})), }); @@ -50,19 +51,19 @@ describe('query builder', () => { }, from: 0, size: 10, - index: 'endpoint-agent*', + index: EndpointAppConstants.ENDPOINT_INDEX_NAME, } as Record); }); }); describe('test query builder with kql filter', () => { - it('test default query params for all endpoints when no params or body is provided', async () => { + it('test default query params for all endpoints metadata when body filter is provided', async () => { const mockRequest = httpServerMock.createKibanaRequest({ body: { filter: 'not host.ip:10.140.73.246', }, }); - const query = await kibanaRequestToEndpointListQuery(mockRequest, { + const query = await kibanaRequestToMetadataListESQuery(mockRequest, { logFactory: loggingServiceMock.create(), config: () => Promise.resolve(EndpointConfigSchema.validate({})), }); @@ -109,12 +110,12 @@ describe('query builder', () => { }, from: 0, size: 10, - index: 'endpoint-agent*', + index: EndpointAppConstants.ENDPOINT_INDEX_NAME, } as Record); }); }); - describe('EndpointFetchQuery', () => { + describe('MetadataGetQuery', () => { it('searches for the correct ID', () => { const mockID = 'AABBCCDD-0011-2233-AA44-DEADBEEF8899'; const mockRequest = httpServerMock.createKibanaRequest({ @@ -122,7 +123,7 @@ describe('query builder', () => { id: mockID, }, }); - const query = kibanaRequestToEndpointFetchQuery(mockRequest, { + const query = kibanaRequestToMetadataGetESQuery(mockRequest, { logFactory: loggingServiceMock.create(), config: () => Promise.resolve(EndpointConfigSchema.validate({})), }); @@ -132,7 +133,7 @@ describe('query builder', () => { sort: [{ 'event.created': { order: 'desc' } }], size: 1, }, - index: 'endpoint-agent*', + index: EndpointAppConstants.ENDPOINT_INDEX_NAME, }); }); }); diff --git a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.ts b/x-pack/plugins/endpoint/server/services/endpoint/metadata_query_builders.ts similarity index 96% rename from x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.ts rename to x-pack/plugins/endpoint/server/services/endpoint/metadata_query_builders.ts index c143b09ec453c..300e837c4af1e 100644 --- a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.ts +++ b/x-pack/plugins/endpoint/server/services/endpoint/metadata_query_builders.ts @@ -8,7 +8,7 @@ import { EndpointAppConstants } from '../../../common/types'; import { EndpointAppContext } from '../../types'; import { esKuery } from '../../../../../../src/plugins/data/server'; -export const kibanaRequestToEndpointListQuery = async ( +export const kibanaRequestToMetadataListESQuery = async ( request: KibanaRequest, endpointAppContext: EndpointAppContext ): Promise> => { @@ -74,7 +74,7 @@ function buildQueryBody(request: KibanaRequest): Record, endpointAppContext: EndpointAppContext ) => { diff --git a/x-pack/plugins/endpoint/server/test_data/all_endpoints_data.json b/x-pack/plugins/endpoint/server/test_data/all_metadata_data.json similarity index 100% rename from x-pack/plugins/endpoint/server/test_data/all_endpoints_data.json rename to x-pack/plugins/endpoint/server/test_data/all_metadata_data.json diff --git a/x-pack/test/api_integration/apis/endpoint/index.ts b/x-pack/test/api_integration/apis/endpoint/index.ts index 238c63640386a..4ffd0c3b6044b 100644 --- a/x-pack/test/api_integration/apis/endpoint/index.ts +++ b/x-pack/test/api_integration/apis/endpoint/index.ts @@ -10,7 +10,7 @@ export default function endpointAPIIntegrationTests({ loadTestFile }: FtrProvide describe('Endpoint plugin', function() { this.tags(['endpoint']); loadTestFile(require.resolve('./resolver')); - loadTestFile(require.resolve('./endpoints')); + loadTestFile(require.resolve('./metadata')); loadTestFile(require.resolve('./alerts')); }); } diff --git a/x-pack/test/api_integration/apis/endpoint/endpoints.ts b/x-pack/test/api_integration/apis/endpoint/metadata.ts similarity index 61% rename from x-pack/test/api_integration/apis/endpoint/endpoints.ts rename to x-pack/test/api_integration/apis/endpoint/metadata.ts index febe5f523cb6f..4b0cc8d93a395 100644 --- a/x-pack/test/api_integration/apis/endpoint/endpoints.ts +++ b/x-pack/test/api_integration/apis/endpoint/metadata.ts @@ -9,12 +9,12 @@ import { FtrProviderContext } from '../../ftr_provider_context'; export default function({ getService }: FtrProviderContext) { const esArchiver = getService('esArchiver'); const supertest = getService('supertest'); - describe('test endpoints api', () => { - describe('POST /api/endpoint/endpoints when index is empty', () => { - it('endpoints api should return empty result when index is empty', async () => { - await esArchiver.unload('endpoint/endpoints/api_feature'); + describe('test metadata api', () => { + describe('POST /api/endpoint/metadata when index is empty', () => { + it('metadata api should return empty result when index is empty', async () => { + await esArchiver.unload('endpoint/metadata/api_feature'); const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send() .expect(200); @@ -25,12 +25,12 @@ export default function({ getService }: FtrProviderContext) { }); }); - describe('POST /api/endpoint/endpoints when index is not empty', () => { - before(() => esArchiver.load('endpoint/endpoints/api_feature')); - after(() => esArchiver.unload('endpoint/endpoints/api_feature')); - it('endpoints api should return one entry for each endpoint with default paging', async () => { + describe('POST /api/endpoint/metadata when index is not empty', () => { + before(() => esArchiver.load('endpoint/metadata/api_feature')); + after(() => esArchiver.unload('endpoint/metadata/api_feature')); + it('metadata api should return one entry for each endpoint with default paging', async () => { const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send() .expect(200); @@ -40,9 +40,9 @@ export default function({ getService }: FtrProviderContext) { expect(body.request_page_index).to.eql(0); }); - it('endpoints api should return page based on paging properties passed.', async () => { + it('metadata api should return page based on paging properties passed.', async () => { const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send({ paging_properties: [ @@ -61,12 +61,12 @@ export default function({ getService }: FtrProviderContext) { expect(body.request_page_index).to.eql(1); }); - /* test that when paging properties produces no result, the total should reflect the actual number of endpoints + /* test that when paging properties produces no result, the total should reflect the actual number of metadata in the index. */ - it('endpoints api should return accurate total endpoints if page index produces no result', async () => { + it('metadata api should return accurate total metadata if page index produces no result', async () => { const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send({ paging_properties: [ @@ -85,9 +85,9 @@ export default function({ getService }: FtrProviderContext) { expect(body.request_page_index).to.eql(30); }); - it('endpoints api should return 400 when pagingProperties is below boundaries.', async () => { + it('metadata api should return 400 when pagingProperties is below boundaries.', async () => { const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send({ paging_properties: [ @@ -103,9 +103,9 @@ export default function({ getService }: FtrProviderContext) { expect(body.message).to.contain('Value is [0] but it must be equal to or greater than [1]'); }); - it('endpoints api should return page based on filters passed.', async () => { + it('metadata api should return page based on filters passed.', async () => { const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send({ filter: 'not host.ip:10.101.149.26' }) .expect(200); @@ -115,10 +115,10 @@ export default function({ getService }: FtrProviderContext) { expect(body.request_page_index).to.eql(0); }); - it('endpoints api should return page based on filters and paging passed.', async () => { + it('metadata api should return page based on filters and paging passed.', async () => { const notIncludedIp = '10.101.149.26'; const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send({ paging_properties: [ @@ -143,10 +143,10 @@ export default function({ getService }: FtrProviderContext) { expect(body.request_page_index).to.eql(0); }); - it('endpoints api should return page based on host.os.variant filter.', async () => { + it('metadata api should return page based on host.os.variant filter.', async () => { const variantValue = 'Windows Pro'; const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send({ filter: `host.os.variant.keyword:${variantValue}`, @@ -161,6 +161,40 @@ export default function({ getService }: FtrProviderContext) { expect(body.request_page_size).to.eql(10); expect(body.request_page_index).to.eql(0); }); + + it('metadata api should return the latest event for all the events for an endpoint', async () => { + const targetEndpointIp = '10.192.213.130'; + const { body } = await supertest + .post('/api/endpoint/metadata') + .set('kbn-xsrf', 'xxx') + .send({ + filter: `host.ip:${targetEndpointIp}`, + }) + .expect(200); + expect(body.total).to.eql(1); + const resultIp: string = body.endpoints[0].host.ip.filter( + (ip: string) => ip === targetEndpointIp + ); + expect(resultIp).to.eql([targetEndpointIp]); + expect(body.endpoints[0].event.created).to.eql('2020-01-24T16:06:09.541Z'); + expect(body.endpoints.length).to.eql(1); + expect(body.request_page_size).to.eql(10); + expect(body.request_page_index).to.eql(0); + }); + + it('metadata api should return all endpoints when filter is empty string', async () => { + const { body } = await supertest + .post('/api/endpoint/metadata') + .set('kbn-xsrf', 'xxx') + .send({ + filter: '', + }) + .expect(200); + expect(body.total).to.eql(3); + expect(body.endpoints.length).to.eql(3); + expect(body.request_page_size).to.eql(10); + expect(body.request_page_index).to.eql(0); + }); }); }); } diff --git a/x-pack/test/functional/apps/endpoint/management.ts b/x-pack/test/functional/apps/endpoint/management.ts index ac97fc92342eb..56e06740fc336 100644 --- a/x-pack/test/functional/apps/endpoint/management.ts +++ b/x-pack/test/functional/apps/endpoint/management.ts @@ -15,7 +15,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { describe('Endpoint Management List', function() { this.tags('ciGroup7'); before(async () => { - await esArchiver.load('endpoint/endpoints/api_feature'); + await esArchiver.load('endpoint/metadata/api_feature'); await pageObjects.common.navigateToUrlWithBrowserHistory('endpoint', '/management'); }); @@ -83,7 +83,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { }); after(async () => { - await esArchiver.unload('endpoint/endpoints/api_feature'); + await esArchiver.unload('endpoint/metadata/api_feature'); }); }); }; diff --git a/x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/data.json b/x-pack/test/functional/es_archives/endpoint/metadata/api_feature/data.json similarity index 100% rename from x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/data.json rename to x-pack/test/functional/es_archives/endpoint/metadata/api_feature/data.json diff --git a/x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/mappings.json b/x-pack/test/functional/es_archives/endpoint/metadata/api_feature/mappings.json similarity index 100% rename from x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/mappings.json rename to x-pack/test/functional/es_archives/endpoint/metadata/api_feature/mappings.json