diff --git a/.backportrc.json b/.backportrc.json index 87bc3a1be583b..8f458343c51af 100644 --- a/.backportrc.json +++ b/.backportrc.json @@ -25,6 +25,7 @@ ], "targetPRLabels": ["backport"], "branchLabelMapping": { + "^v8.0.0$": "master", "^v7.9.0$": "7.x", "^v(\\d+).(\\d+).\\d+$": "$1.$2" } diff --git a/.eslintignore b/.eslintignore index fbdd70703f3c4..9de2cc2872960 100644 --- a/.eslintignore +++ b/.eslintignore @@ -33,6 +33,7 @@ target /x-pack/plugins/canvas/shareable_runtime/build /x-pack/plugins/canvas/storybook /x-pack/plugins/monitoring/public/lib/jquery_flot +/x-pack/plugins/reporting/server/export_types/printable_pdf/server/lib/pdf/assets/** /x-pack/legacy/plugins/infra/common/graphql/types.ts /x-pack/legacy/plugins/infra/public/graphql/types.ts /x-pack/legacy/plugins/infra/server/graphql/types.ts diff --git a/docs/development/core/public/kibana-plugin-core-public.app.exactroute.md b/docs/development/core/public/kibana-plugin-core-public.app.exactroute.md new file mode 100644 index 0000000000000..d1e0be17a92b2 --- /dev/null +++ b/docs/development/core/public/kibana-plugin-core-public.app.exactroute.md @@ -0,0 +1,30 @@ + + +[Home](./index.md) > [kibana-plugin-core-public](./kibana-plugin-core-public.md) > [App](./kibana-plugin-core-public.app.md) > [exactRoute](./kibana-plugin-core-public.app.exactroute.md) + +## App.exactRoute property + +If set to true, the application's route will only be checked against an exact match. Defaults to `false`. + +Signature: + +```typescript +exactRoute?: boolean; +``` + +## Example + + +```ts +core.application.register({ + id: 'my_app', + title: 'My App' + exactRoute: true, + mount: () => { ... }, +}) + +// '[basePath]/app/my_app' will be matched +// '[basePath]/app/my_app/some/path' will not be matched + +``` + diff --git a/docs/development/core/public/kibana-plugin-core-public.app.md b/docs/development/core/public/kibana-plugin-core-public.app.md index 90737d241f548..8dd60972549f9 100644 --- a/docs/development/core/public/kibana-plugin-core-public.app.md +++ b/docs/development/core/public/kibana-plugin-core-public.app.md @@ -18,5 +18,6 @@ export interface App extends AppBase | --- | --- | --- | | [appRoute](./kibana-plugin-core-public.app.approute.md) | string | Override the application's routing path from /app/${id}. Must be unique across registered applications. Should not include the base path from HTTP. | | [chromeless](./kibana-plugin-core-public.app.chromeless.md) | boolean | Hide the UI chrome when the application is mounted. Defaults to false. Takes precedence over chrome service visibility settings. | +| [exactRoute](./kibana-plugin-core-public.app.exactroute.md) | boolean | If set to true, the application's route will only be checked against an exact match. Defaults to false. | | [mount](./kibana-plugin-core-public.app.mount.md) | AppMount<HistoryLocationState> | AppMountDeprecated<HistoryLocationState> | A mount function called when the user navigates to this app's route. May have signature of [AppMount](./kibana-plugin-core-public.appmount.md) or [AppMountDeprecated](./kibana-plugin-core-public.appmountdeprecated.md). | diff --git a/docs/development/core/public/kibana-plugin-core-public.chromestart.getcustomnavlink_.md b/docs/development/core/public/kibana-plugin-core-public.chromestart.getcustomnavlink_.md new file mode 100644 index 0000000000000..64805eefbfea1 --- /dev/null +++ b/docs/development/core/public/kibana-plugin-core-public.chromestart.getcustomnavlink_.md @@ -0,0 +1,17 @@ + + +[Home](./index.md) > [kibana-plugin-core-public](./kibana-plugin-core-public.md) > [ChromeStart](./kibana-plugin-core-public.chromestart.md) > [getCustomNavLink$](./kibana-plugin-core-public.chromestart.getcustomnavlink_.md) + +## ChromeStart.getCustomNavLink$() method + +Get an observable of the current custom nav link + +Signature: + +```typescript +getCustomNavLink$(): Observable | undefined>; +``` +Returns: + +`Observable | undefined>` + diff --git a/docs/development/core/public/kibana-plugin-core-public.chromestart.md b/docs/development/core/public/kibana-plugin-core-public.chromestart.md index b4eadc93fe78d..e983ad50d2afe 100644 --- a/docs/development/core/public/kibana-plugin-core-public.chromestart.md +++ b/docs/development/core/public/kibana-plugin-core-public.chromestart.md @@ -55,6 +55,7 @@ core.chrome.setHelpExtension(elem => { | [getBadge$()](./kibana-plugin-core-public.chromestart.getbadge_.md) | Get an observable of the current badge | | [getBrand$()](./kibana-plugin-core-public.chromestart.getbrand_.md) | Get an observable of the current brand information. | | [getBreadcrumbs$()](./kibana-plugin-core-public.chromestart.getbreadcrumbs_.md) | Get an observable of the current list of breadcrumbs | +| [getCustomNavLink$()](./kibana-plugin-core-public.chromestart.getcustomnavlink_.md) | Get an observable of the current custom nav link | | [getHelpExtension$()](./kibana-plugin-core-public.chromestart.gethelpextension_.md) | Get an observable of the current custom help conttent | | [getIsNavDrawerLocked$()](./kibana-plugin-core-public.chromestart.getisnavdrawerlocked_.md) | Get an observable of the current locked state of the nav drawer. | | [getIsVisible$()](./kibana-plugin-core-public.chromestart.getisvisible_.md) | Get an observable of the current visibility state of the chrome. | @@ -64,6 +65,7 @@ core.chrome.setHelpExtension(elem => { | [setBadge(badge)](./kibana-plugin-core-public.chromestart.setbadge.md) | Override the current badge | | [setBrand(brand)](./kibana-plugin-core-public.chromestart.setbrand.md) | Set the brand configuration. | | [setBreadcrumbs(newBreadcrumbs)](./kibana-plugin-core-public.chromestart.setbreadcrumbs.md) | Override the current set of breadcrumbs | +| [setCustomNavLink(newCustomNavLink)](./kibana-plugin-core-public.chromestart.setcustomnavlink.md) | Override the current set of custom nav link | | [setHelpExtension(helpExtension)](./kibana-plugin-core-public.chromestart.sethelpextension.md) | Override the current set of custom help content | | [setHelpSupportUrl(url)](./kibana-plugin-core-public.chromestart.sethelpsupporturl.md) | Override the default support URL shown in the help menu | | [setIsVisible(isVisible)](./kibana-plugin-core-public.chromestart.setisvisible.md) | Set the temporary visibility for the chrome. This does nothing if the chrome is hidden by default and should be used to hide the chrome for things like full-screen modes with an exit button. | diff --git a/docs/development/core/public/kibana-plugin-core-public.chromestart.setcustomnavlink.md b/docs/development/core/public/kibana-plugin-core-public.chromestart.setcustomnavlink.md new file mode 100644 index 0000000000000..adfb57f9c5ff2 --- /dev/null +++ b/docs/development/core/public/kibana-plugin-core-public.chromestart.setcustomnavlink.md @@ -0,0 +1,24 @@ + + +[Home](./index.md) > [kibana-plugin-core-public](./kibana-plugin-core-public.md) > [ChromeStart](./kibana-plugin-core-public.chromestart.md) > [setCustomNavLink](./kibana-plugin-core-public.chromestart.setcustomnavlink.md) + +## ChromeStart.setCustomNavLink() method + +Override the current set of custom nav link + +Signature: + +```typescript +setCustomNavLink(newCustomNavLink?: Partial): void; +``` + +## Parameters + +| Parameter | Type | Description | +| --- | --- | --- | +| newCustomNavLink | Partial<ChromeNavLink> | | + +Returns: + +`void` + diff --git a/docs/development/core/server/kibana-plugin-core-server.md b/docs/development/core/server/kibana-plugin-core-server.md index 1a03ac5ee3d1a..29c340bc390f2 100644 --- a/docs/development/core/server/kibana-plugin-core-server.md +++ b/docs/development/core/server/kibana-plugin-core-server.md @@ -150,7 +150,7 @@ The plugin integrates with the core system via lifecycle events: `setup` | [SavedObjectsBulkUpdateResponse](./kibana-plugin-core-server.savedobjectsbulkupdateresponse.md) | | | [SavedObjectsClientProviderOptions](./kibana-plugin-core-server.savedobjectsclientprovideroptions.md) | Options to control the creation of the Saved Objects Client. | | [SavedObjectsClientWrapperOptions](./kibana-plugin-core-server.savedobjectsclientwrapperoptions.md) | Options passed to each SavedObjectsClientWrapperFactory to aid in creating the wrapper instance. | -| [SavedObjectsComplexFieldMapping](./kibana-plugin-core-server.savedobjectscomplexfieldmapping.md) | See [SavedObjectsFieldMapping](./kibana-plugin-core-server.savedobjectsfieldmapping.md) for documentation. | +| [SavedObjectsComplexFieldMapping](./kibana-plugin-core-server.savedobjectscomplexfieldmapping.md) | See [SavedObjectsFieldMapping](./kibana-plugin-core-server.savedobjectsfieldmapping.md) for documentation.Note: this type intentially doesn't include a type definition for defining the dynamic mapping parameter. Saved Object fields should always inherit the dynamic: 'strict' paramater. If you are unsure of the shape of your data use type: 'object', enabled: false instead. | | [SavedObjectsCoreFieldMapping](./kibana-plugin-core-server.savedobjectscorefieldmapping.md) | See [SavedObjectsFieldMapping](./kibana-plugin-core-server.savedobjectsfieldmapping.md) for documentation. | | [SavedObjectsCreateOptions](./kibana-plugin-core-server.savedobjectscreateoptions.md) | | | [SavedObjectsDeleteByNamespaceOptions](./kibana-plugin-core-server.savedobjectsdeletebynamespaceoptions.md) | | diff --git a/docs/development/core/server/kibana-plugin-core-server.savedobjectscomplexfieldmapping.dynamic.md b/docs/development/core/server/kibana-plugin-core-server.savedobjectscomplexfieldmapping.dynamic.md deleted file mode 100644 index e63e543e68d51..0000000000000 --- a/docs/development/core/server/kibana-plugin-core-server.savedobjectscomplexfieldmapping.dynamic.md +++ /dev/null @@ -1,11 +0,0 @@ - - -[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [SavedObjectsComplexFieldMapping](./kibana-plugin-core-server.savedobjectscomplexfieldmapping.md) > [dynamic](./kibana-plugin-core-server.savedobjectscomplexfieldmapping.dynamic.md) - -## SavedObjectsComplexFieldMapping.dynamic property - -Signature: - -```typescript -dynamic?: string; -``` diff --git a/docs/development/core/server/kibana-plugin-core-server.savedobjectscomplexfieldmapping.md b/docs/development/core/server/kibana-plugin-core-server.savedobjectscomplexfieldmapping.md index 60e62212609d9..a7d13b0015e3f 100644 --- a/docs/development/core/server/kibana-plugin-core-server.savedobjectscomplexfieldmapping.md +++ b/docs/development/core/server/kibana-plugin-core-server.savedobjectscomplexfieldmapping.md @@ -6,6 +6,8 @@ See [SavedObjectsFieldMapping](./kibana-plugin-core-server.savedobjectsfieldmapping.md) for documentation. +Note: this type intentially doesn't include a type definition for defining the `dynamic` mapping parameter. Saved Object fields should always inherit the `dynamic: 'strict'` paramater. If you are unsure of the shape of your data use `type: 'object', enabled: false` instead. + Signature: ```typescript @@ -16,7 +18,6 @@ export interface SavedObjectsComplexFieldMapping | Property | Type | Description | | --- | --- | --- | -| [dynamic](./kibana-plugin-core-server.savedobjectscomplexfieldmapping.dynamic.md) | string | | | [properties](./kibana-plugin-core-server.savedobjectscomplexfieldmapping.properties.md) | SavedObjectsMappingProperties | | | [type](./kibana-plugin-core-server.savedobjectscomplexfieldmapping.type.md) | string | | diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.ifieldtype.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.ifieldtype.md index be6af335f20cd..6f42fb32fdb7b 100644 --- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.ifieldtype.md +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.ifieldtype.md @@ -28,6 +28,7 @@ export interface IFieldType | [searchable](./kibana-plugin-plugins-data-public.ifieldtype.searchable.md) | boolean | | | [sortable](./kibana-plugin-plugins-data-public.ifieldtype.sortable.md) | boolean | | | [subType](./kibana-plugin-plugins-data-public.ifieldtype.subtype.md) | IFieldSubType | | +| [toSpec](./kibana-plugin-plugins-data-public.ifieldtype.tospec.md) | () => FieldSpec | | | [type](./kibana-plugin-plugins-data-public.ifieldtype.type.md) | string | | | [visualizable](./kibana-plugin-plugins-data-public.ifieldtype.visualizable.md) | boolean | | diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.ifieldtype.tospec.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.ifieldtype.tospec.md new file mode 100644 index 0000000000000..1fb4084c25d34 --- /dev/null +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.ifieldtype.tospec.md @@ -0,0 +1,11 @@ + + +[Home](./index.md) > [kibana-plugin-plugins-data-public](./kibana-plugin-plugins-data-public.md) > [IFieldType](./kibana-plugin-plugins-data-public.ifieldtype.md) > [toSpec](./kibana-plugin-plugins-data-public.ifieldtype.tospec.md) + +## IFieldType.toSpec property + +Signature: + +```typescript +toSpec?: () => FieldSpec; +``` diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.fields.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.fields.md index 9a93148e4a466..d4dca48c7cd7b 100644 --- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.fields.md +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.fields.md @@ -7,5 +7,7 @@ Signature: ```typescript -fields: IIndexPatternFieldList; +fields: IIndexPatternFieldList & { + toSpec: () => FieldSpec[]; + }; ``` diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.initfromspec.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.initfromspec.md new file mode 100644 index 0000000000000..764dd11638221 --- /dev/null +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.initfromspec.md @@ -0,0 +1,22 @@ + + +[Home](./index.md) > [kibana-plugin-plugins-data-public](./kibana-plugin-plugins-data-public.md) > [IndexPattern](./kibana-plugin-plugins-data-public.indexpattern.md) > [initFromSpec](./kibana-plugin-plugins-data-public.indexpattern.initfromspec.md) + +## IndexPattern.initFromSpec() method + +Signature: + +```typescript +initFromSpec(spec: IndexPatternSpec): this; +``` + +## Parameters + +| Parameter | Type | Description | +| --- | --- | --- | +| spec | IndexPatternSpec | | + +Returns: + +`this` + diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.md index 8ffa7b6b36f56..d39b384c538f1 100644 --- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.md +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.md @@ -21,7 +21,7 @@ export declare class IndexPattern implements IIndexPattern | Property | Modifiers | Type | Description | | --- | --- | --- | --- | | [fieldFormatMap](./kibana-plugin-plugins-data-public.indexpattern.fieldformatmap.md) | | any | | -| [fields](./kibana-plugin-plugins-data-public.indexpattern.fields.md) | | IIndexPatternFieldList | | +| [fields](./kibana-plugin-plugins-data-public.indexpattern.fields.md) | | IIndexPatternFieldList & {
toSpec: () => FieldSpec[];
} | | | [fieldsFetcher](./kibana-plugin-plugins-data-public.indexpattern.fieldsfetcher.md) | | any | | | [flattenHit](./kibana-plugin-plugins-data-public.indexpattern.flattenhit.md) | | any | | | [formatField](./kibana-plugin-plugins-data-public.indexpattern.formatfield.md) | | any | | @@ -30,7 +30,6 @@ export declare class IndexPattern implements IIndexPattern | [metaFields](./kibana-plugin-plugins-data-public.indexpattern.metafields.md) | | string[] | | | [timeFieldName](./kibana-plugin-plugins-data-public.indexpattern.timefieldname.md) | | string | undefined | | | [title](./kibana-plugin-plugins-data-public.indexpattern.title.md) | | string | | -| [type](./kibana-plugin-plugins-data-public.indexpattern.type.md) | | string | | | [typeMeta](./kibana-plugin-plugins-data-public.indexpattern.typemeta.md) | | TypeMeta | | ## Methods @@ -49,6 +48,7 @@ export declare class IndexPattern implements IIndexPattern | [getSourceFiltering()](./kibana-plugin-plugins-data-public.indexpattern.getsourcefiltering.md) | | | | [getTimeField()](./kibana-plugin-plugins-data-public.indexpattern.gettimefield.md) | | | | [init(forceFieldRefresh)](./kibana-plugin-plugins-data-public.indexpattern.init.md) | | | +| [initFromSpec(spec)](./kibana-plugin-plugins-data-public.indexpattern.initfromspec.md) | | | | [isTimeBased()](./kibana-plugin-plugins-data-public.indexpattern.istimebased.md) | | | | [isTimeBasedWildcard()](./kibana-plugin-plugins-data-public.indexpattern.istimebasedwildcard.md) | | | | [isTimeNanosBased()](./kibana-plugin-plugins-data-public.indexpattern.istimenanosbased.md) | | | @@ -59,5 +59,6 @@ export declare class IndexPattern implements IIndexPattern | [removeScriptedField(field)](./kibana-plugin-plugins-data-public.indexpattern.removescriptedfield.md) | | | | [save(saveAttempts)](./kibana-plugin-plugins-data-public.indexpattern.save.md) | | | | [toJSON()](./kibana-plugin-plugins-data-public.indexpattern.tojson.md) | | | +| [toSpec()](./kibana-plugin-plugins-data-public.indexpattern.tospec.md) | | | | [toString()](./kibana-plugin-plugins-data-public.indexpattern.tostring.md) | | | diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.type.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.tospec.md similarity index 53% rename from docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.type.md rename to docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.tospec.md index 58047d9e27ac6..d1a78eea660ce 100644 --- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.type.md +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpattern.tospec.md @@ -1,11 +1,15 @@ -[Home](./index.md) > [kibana-plugin-plugins-data-public](./kibana-plugin-plugins-data-public.md) > [IndexPattern](./kibana-plugin-plugins-data-public.indexpattern.md) > [type](./kibana-plugin-plugins-data-public.indexpattern.type.md) +[Home](./index.md) > [kibana-plugin-plugins-data-public](./kibana-plugin-plugins-data-public.md) > [IndexPattern](./kibana-plugin-plugins-data-public.indexpattern.md) > [toSpec](./kibana-plugin-plugins-data-public.indexpattern.tospec.md) -## IndexPattern.type property +## IndexPattern.toSpec() method Signature: ```typescript -type?: string; +toSpec(): IndexPatternSpec; ``` +Returns: + +`IndexPatternSpec` + diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield._constructor_.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield._constructor_.md index e1e0d58ce38c1..7a195702b6f13 100644 --- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield._constructor_.md +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield._constructor_.md @@ -9,7 +9,7 @@ Constructs a new instance of the `Field` class Signature: ```typescript -constructor(indexPattern: IIndexPattern, spec: FieldSpec | Field, shortDotsEnable: boolean, { fieldFormats, onNotification }: FieldDependencies); +constructor(indexPattern: IIndexPattern, spec: FieldSpecExportFmt | FieldSpec | Field, shortDotsEnable: boolean, { fieldFormats, onNotification }: FieldDependencies); ``` ## Parameters @@ -17,7 +17,7 @@ constructor(indexPattern: IIndexPattern, spec: FieldSpec | Field, shortDotsEnabl | Parameter | Type | Description | | --- | --- | --- | | indexPattern | IIndexPattern | | -| spec | FieldSpec | Field | | +| spec | FieldSpecExportFmt | FieldSpec | Field | | | shortDotsEnable | boolean | | | { fieldFormats, onNotification } | FieldDependencies | | diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield.conflictdescriptions.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield.conflictdescriptions.md index ca2552aeb1b42..ec19a4854bf0e 100644 --- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield.conflictdescriptions.md +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield.conflictdescriptions.md @@ -7,5 +7,5 @@ Signature: ```typescript -conflictDescriptions?: Record; +conflictDescriptions?: FieldSpecConflictDescriptions; ``` diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield.md index 8fa1ee0d72e54..d82999e7a96af 100644 --- a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield.md +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield.md @@ -22,7 +22,7 @@ export declare class Field implements IFieldType | --- | --- | --- | --- | | [$$spec](./kibana-plugin-plugins-data-public.indexpatternfield.__spec.md) | | FieldSpec | | | [aggregatable](./kibana-plugin-plugins-data-public.indexpatternfield.aggregatable.md) | | boolean | | -| [conflictDescriptions](./kibana-plugin-plugins-data-public.indexpatternfield.conflictdescriptions.md) | | Record<string, string[]> | | +| [conflictDescriptions](./kibana-plugin-plugins-data-public.indexpatternfield.conflictdescriptions.md) | | FieldSpecConflictDescriptions | | | [count](./kibana-plugin-plugins-data-public.indexpatternfield.count.md) | | number | | | [displayName](./kibana-plugin-plugins-data-public.indexpatternfield.displayname.md) | | string | | | [esTypes](./kibana-plugin-plugins-data-public.indexpatternfield.estypes.md) | | string[] | | @@ -37,6 +37,7 @@ export declare class Field implements IFieldType | [searchable](./kibana-plugin-plugins-data-public.indexpatternfield.searchable.md) | | boolean | | | [sortable](./kibana-plugin-plugins-data-public.indexpatternfield.sortable.md) | | boolean | | | [subType](./kibana-plugin-plugins-data-public.indexpatternfield.subtype.md) | | IFieldSubType | | +| [toSpec](./kibana-plugin-plugins-data-public.indexpatternfield.tospec.md) | | () => FieldSpecExportFmt | | | [type](./kibana-plugin-plugins-data-public.indexpatternfield.type.md) | | string | | | [visualizable](./kibana-plugin-plugins-data-public.indexpatternfield.visualizable.md) | | boolean | | diff --git a/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield.tospec.md b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield.tospec.md new file mode 100644 index 0000000000000..35714faa03bc9 --- /dev/null +++ b/docs/development/plugins/data/public/kibana-plugin-plugins-data-public.indexpatternfield.tospec.md @@ -0,0 +1,11 @@ + + +[Home](./index.md) > [kibana-plugin-plugins-data-public](./kibana-plugin-plugins-data-public.md) > [IndexPatternField](./kibana-plugin-plugins-data-public.indexpatternfield.md) > [toSpec](./kibana-plugin-plugins-data-public.indexpatternfield.tospec.md) + +## IndexPatternField.toSpec property + +Signature: + +```typescript +toSpec: () => FieldSpecExportFmt; +``` diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.ifieldtype.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.ifieldtype.md index 5375cf2a2ef43..77a2954428f8d 100644 --- a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.ifieldtype.md +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.ifieldtype.md @@ -28,6 +28,7 @@ export interface IFieldType | [searchable](./kibana-plugin-plugins-data-server.ifieldtype.searchable.md) | boolean | | | [sortable](./kibana-plugin-plugins-data-server.ifieldtype.sortable.md) | boolean | | | [subType](./kibana-plugin-plugins-data-server.ifieldtype.subtype.md) | IFieldSubType | | +| [toSpec](./kibana-plugin-plugins-data-server.ifieldtype.tospec.md) | () => FieldSpec | | | [type](./kibana-plugin-plugins-data-server.ifieldtype.type.md) | string | | | [visualizable](./kibana-plugin-plugins-data-server.ifieldtype.visualizable.md) | boolean | | diff --git a/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.ifieldtype.tospec.md b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.ifieldtype.tospec.md new file mode 100644 index 0000000000000..d1863bebce4f0 --- /dev/null +++ b/docs/development/plugins/data/server/kibana-plugin-plugins-data-server.ifieldtype.tospec.md @@ -0,0 +1,11 @@ + + +[Home](./index.md) > [kibana-plugin-plugins-data-server](./kibana-plugin-plugins-data-server.md) > [IFieldType](./kibana-plugin-plugins-data-server.ifieldtype.md) > [toSpec](./kibana-plugin-plugins-data-server.ifieldtype.tospec.md) + +## IFieldType.toSpec property + +Signature: + +```typescript +toSpec?: () => FieldSpec; +``` diff --git a/docs/images/data-viz-homepage.jpg b/docs/images/data-viz-homepage.jpg new file mode 100644 index 0000000000000..f7a952b65d41f Binary files /dev/null and b/docs/images/data-viz-homepage.jpg differ diff --git a/docs/setup/connect-to-elasticsearch.asciidoc b/docs/setup/connect-to-elasticsearch.asciidoc index 8c04167de1236..bffb3f97cd1b9 100644 --- a/docs/setup/connect-to-elasticsearch.asciidoc +++ b/docs/setup/connect-to-elasticsearch.asciidoc @@ -18,10 +18,16 @@ to see all that you can do in {kib}. [[upload-data-kibana]] === Upload a CSV, JSON, or log file -To visualize data in a CSV, JSON, or log file, you can -upload it using the File Data Visualizer. On the home page, -click *Import a CSV, NDSON, or log file*, and then drag your file into the -File Data Visualizer. +experimental[] + +To visualize data in a CSV, JSON, or log file, you can upload it using the File +Data Visualizer. On the home page, click *Import a CSV, NDSON, or log file*, and +then drag your file into the File Data Visualizer. Alternatively, you can open +it by navigating to *Machine Learning* from the side navigation and selecting +*Data Visualizer*. + +[role="screenshot"] +image::images/data-viz-homepage.jpg[File Data Visualizer on the home page] You can upload a file up to 100 MB. This value is configurable up to 1 GB in <>. diff --git a/package.json b/package.json index 3eaa1fb05e906..10eaef8ed5dc7 100644 --- a/package.json +++ b/package.json @@ -406,7 +406,7 @@ "babel-eslint": "^10.0.3", "babel-jest": "^25.5.1", "babel-plugin-istanbul": "^6.0.0", - "backport": "5.4.1", + "backport": "5.4.6", "chai": "3.5.0", "chance": "1.0.18", "cheerio": "0.22.0", diff --git a/scripts/backport.js b/scripts/backport.js index 64cd5721834ea..2094534e2c4b3 100644 --- a/scripts/backport.js +++ b/scripts/backport.js @@ -18,4 +18,5 @@ */ require('../src/setup_node_env/node_version_validator'); -require('backport'); +var backport = require('backport'); +backport.run(); diff --git a/src/core/public/application/application_service.tsx b/src/core/public/application/application_service.tsx index 95361d8287c71..d7f15decb255d 100644 --- a/src/core/public/application/application_service.tsx +++ b/src/core/public/application/application_service.tsx @@ -201,6 +201,7 @@ export class ApplicationService { this.mounters.set(app.id, { appRoute: app.appRoute!, appBasePath: basePath.prepend(app.appRoute!), + exactRoute: app.exactRoute ?? false, mount: wrapMount(plugin, app), unmountBeforeMounting: false, legacy: false, @@ -236,6 +237,7 @@ export class ApplicationService { this.mounters.set(app.id, { appRoute, appBasePath, + exactRoute: false, mount, unmountBeforeMounting: true, legacy: true, diff --git a/src/core/public/application/integration_tests/router.test.tsx b/src/core/public/application/integration_tests/router.test.tsx index 2827b93f6d17e..f992e121437a9 100644 --- a/src/core/public/application/integration_tests/router.test.tsx +++ b/src/core/public/application/integration_tests/router.test.tsx @@ -30,7 +30,6 @@ import { ScopedHistory } from '../scoped_history'; describe('AppRouter', () => { let mounters: MockedMounterMap; let globalHistory: History; - let appStatuses$: BehaviorSubject>; let update: ReturnType; let scopedAppHistory: History; @@ -53,6 +52,17 @@ describe('AppRouter', () => { ); }; + const createMountersRenderer = () => + createRenderer( + + ); + beforeEach(() => { mounters = new Map([ createAppMounter({ appId: 'app1', html: 'App 1' }), @@ -90,16 +100,7 @@ describe('AppRouter', () => { }), ] as Array>); globalHistory = createMemoryHistory(); - appStatuses$ = mountersToAppStatus$(); - update = createRenderer( - - ); + update = createMountersRenderer(); }); it('calls mount handler and returned unmount function when navigating between apps', async () => { @@ -220,15 +221,7 @@ describe('AppRouter', () => { }) ); globalHistory = createMemoryHistory(); - update = createRenderer( - - ); + update = createMountersRenderer(); await navigate('/fake-login'); @@ -252,15 +245,7 @@ describe('AppRouter', () => { }) ); globalHistory = createMemoryHistory(); - update = createRenderer( - - ); + update = createMountersRenderer(); await navigate('/spaces/fake-login'); @@ -268,6 +253,53 @@ describe('AppRouter', () => { expect(mounters.get('login')!.mounter.mount).not.toHaveBeenCalled(); }); + it('should mount an exact route app only when the path is an exact match', async () => { + mounters.set( + ...createAppMounter({ + appId: 'exactApp', + html: '
exact app
', + exactRoute: true, + appRoute: '/app/exact-app', + }) + ); + + globalHistory = createMemoryHistory(); + update = createMountersRenderer(); + + await navigate('/app/exact-app/some-path'); + + expect(mounters.get('exactApp')!.mounter.mount).not.toHaveBeenCalled(); + + await navigate('/app/exact-app'); + + expect(mounters.get('exactApp')!.mounter.mount).toHaveBeenCalledTimes(1); + }); + + it('should mount an an app with a route nested in an exact route app', async () => { + mounters.set( + ...createAppMounter({ + appId: 'exactApp', + html: '
exact app
', + exactRoute: true, + appRoute: '/app/exact-app', + }) + ); + mounters.set( + ...createAppMounter({ + appId: 'nestedApp', + html: '
nested app
', + appRoute: '/app/exact-app/another-app', + }) + ); + globalHistory = createMemoryHistory(); + update = createMountersRenderer(); + + await navigate('/app/exact-app/another-app'); + + expect(mounters.get('exactApp')!.mounter.mount).not.toHaveBeenCalled(); + expect(mounters.get('nestedApp')!.mounter.mount).toHaveBeenCalledTimes(1); + }); + it('should not remount when changing pages within app', async () => { const { mounter, unmount } = mounters.get('app1')!; await navigate('/app/app1/page1'); @@ -304,15 +336,7 @@ describe('AppRouter', () => { it('should not remount when when changing pages within app using hash history', async () => { globalHistory = createHashHistory(); - update = createRenderer( - - ); + update = createMountersRenderer(); const { mounter, unmount } = mounters.get('app1')!; await navigate('/app/app1/page1'); diff --git a/src/core/public/application/integration_tests/utils.tsx b/src/core/public/application/integration_tests/utils.tsx index 8590fb3c820ef..80a7fc2c2cad6 100644 --- a/src/core/public/application/integration_tests/utils.tsx +++ b/src/core/public/application/integration_tests/utils.tsx @@ -47,11 +47,13 @@ export const createAppMounter = ({ appId, html = `
App ${appId}
`, appRoute = `/app/${appId}`, + exactRoute = false, extraMountHook, }: { appId: string; html?: string; appRoute?: string; + exactRoute?: boolean; extraMountHook?: (params: AppMountParameters) => void; }): MockedMounterTuple => { const unmount = jest.fn(); @@ -62,6 +64,7 @@ export const createAppMounter = ({ appRoute, appBasePath: appRoute, legacy: false, + exactRoute, mount: jest.fn(async (params: AppMountParameters) => { const { appBasePath: basename, element } = params; Object.assign(element, { @@ -90,6 +93,7 @@ export const createLegacyAppMounter = ( appBasePath: `/app/${appId.split(':')[0]}`, unmountBeforeMounting: true, legacy: true, + exactRoute: false, mount: legacyMount, }, unmount: jest.fn(), diff --git a/src/core/public/application/types.ts b/src/core/public/application/types.ts index 44b095bd9e6d8..6926b6acf2411 100644 --- a/src/core/public/application/types.ts +++ b/src/core/public/application/types.ts @@ -234,6 +234,24 @@ export interface App extends AppBase { * base path from HTTP. */ appRoute?: string; + + /** + * If set to true, the application's route will only be checked against an exact match. Defaults to `false`. + * + * @example + * ```ts + * core.application.register({ + * id: 'my_app', + * title: 'My App' + * exactRoute: true, + * mount: () => { ... }, + * }) + * + * // '[basePath]/app/my_app' will be matched + * // '[basePath]/app/my_app/some/path' will not be matched + * ``` + */ + exactRoute?: boolean; } /** @public */ @@ -569,6 +587,7 @@ export type Mounter = SelectivePartial< appBasePath: string; mount: T extends LegacyApp ? LegacyAppMounter : AppMounter; legacy: boolean; + exactRoute: boolean; unmountBeforeMounting: T extends LegacyApp ? true : boolean; }, T extends LegacyApp ? never : 'unmountBeforeMounting' diff --git a/src/core/public/application/ui/app_container.test.tsx b/src/core/public/application/ui/app_container.test.tsx index 229354a014103..a94313dd53abb 100644 --- a/src/core/public/application/ui/app_container.test.tsx +++ b/src/core/public/application/ui/app_container.test.tsx @@ -55,6 +55,7 @@ describe('AppContainer', () => { appRoute: '/some-route', unmountBeforeMounting: false, legacy: false, + exactRoute: false, mount: async ({ element }: AppMountParameters) => { await promise; const container = document.createElement('div'); @@ -143,6 +144,7 @@ describe('AppContainer', () => { appRoute: '/some-route', unmountBeforeMounting: false, legacy: false, + exactRoute: false, mount: async ({ element }: AppMountParameters) => { await waitPromise; throw new Error(`Mounting failed!`); diff --git a/src/core/public/application/ui/app_router.tsx b/src/core/public/application/ui/app_router.tsx index 5d02f96134b27..f2d2d1e6587ac 100644 --- a/src/core/public/application/ui/app_router.tsx +++ b/src/core/public/application/ui/app_router.tsx @@ -63,6 +63,7 @@ export const AppRouter: FunctionComponent = ({ ( ) { const allCategories = {} as Record; @@ -184,17 +184,13 @@ export function CollapsibleNav({ label: 'Home', iconType: 'home', href: homeHref, - onClick: (event: React.MouseEvent) => { - closeNav(); - if ( - event.isDefaultPrevented() || - event.altKey || - event.metaKey || - event.ctrlKey - ) { + onClick: (event) => { + if (isModifiedOrPrevented(event)) { return; } + event.preventDefault(); + closeNav(); navigateToApp('home'); }, }, @@ -230,7 +226,13 @@ export function CollapsibleNav({ return { ...hydratedLink, 'data-test-subj': 'collapsibleNavAppLink--recent', - onClick: closeNav, + onClick: (event) => { + if (isModifiedOrPrevented(event)) { + return; + } + + closeNav(); + }, }; })} maxWidth="none" diff --git a/src/core/public/chrome/ui/header/nav_link.tsx b/src/core/public/chrome/ui/header/nav_link.tsx index 6b5cecd138376..c70a40f49643e 100644 --- a/src/core/public/chrome/ui/header/nav_link.tsx +++ b/src/core/public/chrome/ui/header/nav_link.tsx @@ -17,20 +17,15 @@ * under the License. */ -import { EuiImage } from '@elastic/eui'; +import { EuiIcon } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import React from 'react'; import { ChromeNavLink, ChromeRecentlyAccessedHistoryItem, CoreStart } from '../../..'; import { HttpStart } from '../../../http'; import { relativeToAbsolute } from '../../nav_links/to_nav_link'; -function isModifiedEvent(event: React.MouseEvent) { - return !!(event.metaKey || event.altKey || event.ctrlKey || event.shiftKey); -} - -function LinkIcon({ url }: { url: string }) { - return ; -} +export const isModifiedOrPrevented = (event: React.MouseEvent) => + event.metaKey || event.altKey || event.ctrlKey || event.shiftKey || event.defaultPrevented; interface Props { link: ChromeNavLink; @@ -69,14 +64,16 @@ export function createEuiListItem({ href, /* Use href and onClick to support "open in new tab" and SPA navigation in the same link */ onClick(event: React.MouseEvent) { - onClick(); + if (!isModifiedOrPrevented(event)) { + onClick(); + } + if ( !externalLink && // ignore external links !legacyMode && // ignore when in legacy mode !legacy && // ignore links to legacy apps - !event.defaultPrevented && // onClick prevented default event.button === 0 && // ignore everything but left clicks - !isModifiedEvent(event) // ignore clicks with modifier keys + !isModifiedOrPrevented(event) ) { event.preventDefault(); navigateToApp(id); @@ -88,7 +85,8 @@ export function createEuiListItem({ 'data-test-subj': dataTestSubj, ...(basePath && { iconType: euiIconType, - icon: !euiIconType && icon ? : undefined, + icon: + !euiIconType && icon ? : undefined, }), }; } diff --git a/src/core/public/public.api.md b/src/core/public/public.api.md index bc11ab57b3ea1..d10e351f4d13e 100644 --- a/src/core/public/public.api.md +++ b/src/core/public/public.api.md @@ -154,6 +154,7 @@ export function __kbnBootstrap__(): void; export interface App extends AppBase { appRoute?: string; chromeless?: boolean; + exactRoute?: boolean; mount: AppMount | AppMountDeprecated; } diff --git a/src/core/server/mocks.ts b/src/core/server/mocks.ts index 0770e8843e2f6..2ac5bd98f7ed4 100644 --- a/src/core/server/mocks.ts +++ b/src/core/server/mocks.ts @@ -46,6 +46,7 @@ export { httpServiceMock } from './http/http_service.mock'; export { loggingSystemMock } from './logging/logging_system.mock'; export { savedObjectsRepositoryMock } from './saved_objects/service/lib/repository.mock'; export { savedObjectsServiceMock } from './saved_objects/saved_objects_service.mock'; +export { migrationMocks } from './saved_objects/migrations/mocks'; export { typeRegistryMock as savedObjectsTypeRegistryMock } from './saved_objects/saved_objects_type_registry.mock'; export { uiSettingsServiceMock } from './ui_settings/ui_settings_service.mock'; export { metricsServiceMock } from './metrics/metrics_service.mock'; diff --git a/src/core/server/saved_objects/mappings/types.ts b/src/core/server/saved_objects/mappings/types.ts index 8362d1f16bd2a..c037ed733549e 100644 --- a/src/core/server/saved_objects/mappings/types.ts +++ b/src/core/server/saved_objects/mappings/types.ts @@ -145,10 +145,14 @@ export interface SavedObjectsCoreFieldMapping { /** * See {@link SavedObjectsFieldMapping} for documentation. * + * Note: this type intentially doesn't include a type definition for defining + * the `dynamic` mapping parameter. Saved Object fields should always inherit + * the `dynamic: 'strict'` paramater. If you are unsure of the shape of your + * data use `type: 'object', enabled: false` instead. + * * @public */ export interface SavedObjectsComplexFieldMapping { - dynamic?: string; type?: string; properties: SavedObjectsMappingProperties; } diff --git a/src/core/server/saved_objects/migrations/core/build_active_mappings.ts b/src/core/server/saved_objects/migrations/core/build_active_mappings.ts index c2a7b11e057cd..4561f4d30e104 100644 --- a/src/core/server/saved_objects/migrations/core/build_active_mappings.ts +++ b/src/core/server/saved_objects/migrations/core/build_active_mappings.ts @@ -130,6 +130,8 @@ function defaultMapping(): IndexMapping { dynamic: 'strict', properties: { migrationVersion: { + // Saved Objects can't redefine dynamic, but we cheat here to support migrations + // @ts-expect-error dynamic: 'true', type: 'object', }, diff --git a/src/core/server/saved_objects/migrations/core/index_migrator.ts b/src/core/server/saved_objects/migrations/core/index_migrator.ts index b2ffe2ad04a88..e588eb7877322 100644 --- a/src/core/server/saved_objects/migrations/core/index_migrator.ts +++ b/src/core/server/saved_objects/migrations/core/index_migrator.ts @@ -195,7 +195,7 @@ async function migrateSourceToDest(context: Context) { await Index.write( callCluster, dest.indexName, - migrateRawDocs(serializer, documentMigrator.migrate, docs, log) + await migrateRawDocs(serializer, documentMigrator.migrate, docs, log) ); } } diff --git a/src/core/server/saved_objects/migrations/core/migrate_raw_docs.test.ts b/src/core/server/saved_objects/migrations/core/migrate_raw_docs.test.ts index e55b72be2436d..6e4dd9615d423 100644 --- a/src/core/server/saved_objects/migrations/core/migrate_raw_docs.test.ts +++ b/src/core/server/saved_objects/migrations/core/migrate_raw_docs.test.ts @@ -26,7 +26,7 @@ import { createSavedObjectsMigrationLoggerMock } from '../../migrations/mocks'; describe('migrateRawDocs', () => { test('converts raw docs to saved objects', async () => { const transform = jest.fn((doc: any) => _.set(doc, 'attributes.name', 'HOI!')); - const result = migrateRawDocs( + const result = await migrateRawDocs( new SavedObjectsSerializer(new SavedObjectTypeRegistry()), transform, [ @@ -55,7 +55,7 @@ describe('migrateRawDocs', () => { const transform = jest.fn((doc: any) => _.set(_.cloneDeep(doc), 'attributes.name', 'TADA') ); - const result = migrateRawDocs( + const result = await migrateRawDocs( new SavedObjectsSerializer(new SavedObjectTypeRegistry()), transform, [ diff --git a/src/core/server/saved_objects/migrations/core/migrate_raw_docs.ts b/src/core/server/saved_objects/migrations/core/migrate_raw_docs.ts index a2b72ea76c1a2..2bdf59d25dc74 100644 --- a/src/core/server/saved_objects/migrations/core/migrate_raw_docs.ts +++ b/src/core/server/saved_objects/migrations/core/migrate_raw_docs.ts @@ -21,7 +21,11 @@ * This file provides logic for migrating raw documents. */ -import { SavedObjectsRawDoc, SavedObjectsSerializer } from '../../serialization'; +import { + SavedObjectsRawDoc, + SavedObjectsSerializer, + SavedObjectUnsanitizedDoc, +} from '../../serialization'; import { TransformFn } from './document_migrator'; import { SavedObjectsMigrationLogger } from '.'; @@ -33,26 +37,51 @@ import { SavedObjectsMigrationLogger } from '.'; * @param {SavedObjectsRawDoc[]} rawDocs * @returns {SavedObjectsRawDoc[]} */ -export function migrateRawDocs( +export async function migrateRawDocs( serializer: SavedObjectsSerializer, migrateDoc: TransformFn, rawDocs: SavedObjectsRawDoc[], log: SavedObjectsMigrationLogger -): SavedObjectsRawDoc[] { - return rawDocs.map((raw) => { +): Promise { + const migrateDocWithoutBlocking = transformNonBlocking(migrateDoc); + const processedDocs = []; + for (const raw of rawDocs) { if (serializer.isRawSavedObject(raw)) { const savedObject = serializer.rawToSavedObject(raw); savedObject.migrationVersion = savedObject.migrationVersion || {}; - return serializer.savedObjectToRaw({ - references: [], - ...migrateDoc(savedObject), - }); + processedDocs.push( + serializer.savedObjectToRaw({ + references: [], + ...(await migrateDocWithoutBlocking(savedObject)), + }) + ); + } else { + log.error( + `Error: Unable to migrate the corrupt Saved Object document ${raw._id}. To prevent Kibana from performing a migration on every restart, please delete or fix this document by ensuring that the namespace and type in the document's id matches the values in the namespace and type fields.`, + { rawDocument: raw } + ); + processedDocs.push(raw); } + } + return processedDocs; +} - log.error( - `Error: Unable to migrate the corrupt Saved Object document ${raw._id}. To prevent Kibana from performing a migration on every restart, please delete or fix this document by ensuring that the namespace and type in the document's id matches the values in the namespace and type fields.`, - { rawDocument: raw } - ); - return raw; - }); +/** + * Migration transform functions are potentially CPU heavy e.g. doing decryption/encryption + * or (de)/serializing large JSON payloads. + * Executing all transforms for a batch in a synchronous loop can block the event-loop for a long time. + * To prevent this we use setImmediate to ensure that the event-loop can process other parallel + * work in between each transform. + */ +function transformNonBlocking( + transform: TransformFn +): (doc: SavedObjectUnsanitizedDoc) => Promise { + // promises aren't enough to unblock the event loop + return (doc: SavedObjectUnsanitizedDoc) => + new Promise((resolve) => { + // set immediate is though + setImmediate(() => { + resolve(transform(doc)); + }); + }); } diff --git a/src/core/server/server.api.md b/src/core/server/server.api.md index 4d6316fceb568..00ec217bc8586 100644 --- a/src/core/server/server.api.md +++ b/src/core/server/server.api.md @@ -1970,8 +1970,6 @@ export interface SavedObjectsClientWrapperOptions { // @public export interface SavedObjectsComplexFieldMapping { - // (undocumented) - dynamic?: string; // (undocumented) properties: SavedObjectsMappingProperties; // (undocumented) diff --git a/src/dev/build/tasks/copy_source_task.js b/src/dev/build/tasks/copy_source_task.js index ddc6d000bca19..32eb7bf8712e3 100644 --- a/src/dev/build/tasks/copy_source_task.js +++ b/src/dev/build/tasks/copy_source_task.js @@ -34,9 +34,7 @@ export const CopySourceTask = { '!src/test_utils/**', '!src/fixtures/**', '!src/legacy/core_plugins/tests_bundle/**', - '!src/legacy/core_plugins/testbed/**', '!src/legacy/core_plugins/console/public/tests/**', - '!src/plugins/testbed/**', '!src/cli/cluster/**', '!src/cli/repl/**', '!src/es_archiver/**', diff --git a/src/dev/typescript/projects.ts b/src/dev/typescript/projects.ts index 1e0b631308d9e..065321e355256 100644 --- a/src/dev/typescript/projects.ts +++ b/src/dev/typescript/projects.ts @@ -34,6 +34,10 @@ export const PROJECTS = [ name: 'apm/cypress', disableTypeCheck: true, }), + new Project(resolve(REPO_ROOT, 'x-pack/plugins/apm/scripts/tsconfig.json'), { + name: 'apm/scripts', + disableTypeCheck: true, + }), // NOTE: using glob.sync rather than glob-all or globby // because it takes less than 10 ms, while the other modules diff --git a/src/fixtures/stubbed_saved_object_index_pattern.js b/src/fixtures/stubbed_saved_object_index_pattern.js index 15e47b40eb203..8e0e230ef33dd 100644 --- a/src/fixtures/stubbed_saved_object_index_pattern.js +++ b/src/fixtures/stubbed_saved_object_index_pattern.js @@ -27,6 +27,7 @@ export function stubbedSavedObjectIndexPattern(id) { id, type: 'index-pattern', attributes: { + timeFieldName: 'timestamp', customFormats: '{}', fields: mockLogstashFields, }, diff --git a/src/legacy/core_plugins/testbed/README.md b/src/legacy/core_plugins/testbed/README.md deleted file mode 100644 index ac50ffbb804b5..0000000000000 --- a/src/legacy/core_plugins/testbed/README.md +++ /dev/null @@ -1,8 +0,0 @@ -## Kibana Testbed - -Sometimes when developing for Kibana, it is useful to have an isolated routable space to demonstrate new functionality. This Testbed provides such a space. - -To make use of the testbed, edit the testbed.js, testbed.html, and testbed.less files as necessary. When you are done demonstrating -your new functionality, remember to cleanup your changes and restore the testbed to its pristine state for the next person. - -To access the testbed, visit `http://localhost:5601/app/kibana#/testbed` diff --git a/src/legacy/core_plugins/testbed/index.js b/src/legacy/core_plugins/testbed/index.js deleted file mode 100644 index f0b61ea0c3de7..0000000000000 --- a/src/legacy/core_plugins/testbed/index.js +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import { resolve } from 'path'; - -export default function (kibana) { - return new kibana.Plugin({ - id: 'testbed', - publicDir: resolve(__dirname, 'public'), - uiExports: { - hacks: ['plugins/testbed'], - }, - }); -} diff --git a/src/legacy/core_plugins/testbed/package.json b/src/legacy/core_plugins/testbed/package.json deleted file mode 100644 index 98fcaf7eda95d..0000000000000 --- a/src/legacy/core_plugins/testbed/package.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "name": "testbed", - "version": "kibana" -} \ No newline at end of file diff --git a/src/legacy/core_plugins/testbed/public/index.js b/src/legacy/core_plugins/testbed/public/index.js deleted file mode 100644 index c6687de249cf2..0000000000000 --- a/src/legacy/core_plugins/testbed/public/index.js +++ /dev/null @@ -1,20 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import './testbed'; diff --git a/src/legacy/core_plugins/testbed/public/testbed.html b/src/legacy/core_plugins/testbed/public/testbed.html deleted file mode 100644 index 52455beb02360..0000000000000 --- a/src/legacy/core_plugins/testbed/public/testbed.html +++ /dev/null @@ -1,12 +0,0 @@ -
-
- - 
{{ testbed.data }}
- - - - - - -
-
diff --git a/src/plugins/data/common/index_patterns/fields/__snapshots__/field.test.ts.snap b/src/plugins/data/common/index_patterns/fields/__snapshots__/field.test.ts.snap index 4593349a408a7..e61593f6bfb27 100644 --- a/src/plugins/data/common/index_patterns/fields/__snapshots__/field.test.ts.snap +++ b/src/plugins/data/common/index_patterns/fields/__snapshots__/field.test.ts.snap @@ -33,3 +33,43 @@ Object { "type": "type", } `; + +exports[`Field spec snapshot 1`] = ` +Object { + "aggregatable": true, + "conflictDescriptions": Object { + "a": Array [ + "b", + "c", + ], + "d": Array [ + "e", + ], + }, + "count": 1, + "esTypes": Array [ + "type", + ], + "format": Object { + "id": "number", + "params": Object { + "pattern": "$0,0.[00]", + }, + }, + "lang": "lang", + "name": "name", + "readFromDocValues": false, + "script": "script", + "scripted": true, + "searchable": true, + "subType": Object { + "multi": Object { + "parent": "parent", + }, + "nested": Object { + "path": "path", + }, + }, + "type": "type", +} +`; diff --git a/src/plugins/data/common/index_patterns/fields/field.test.ts b/src/plugins/data/common/index_patterns/fields/field.test.ts index 711c176fed9cc..910f22088f43a 100644 --- a/src/plugins/data/common/index_patterns/fields/field.test.ts +++ b/src/plugins/data/common/index_patterns/fields/field.test.ts @@ -20,7 +20,7 @@ import { Field } from './field'; import { IndexPattern } from '../index_patterns'; import { FieldFormatsStartCommon } from '../..'; -import { KBN_FIELD_TYPES } from '../../../common'; +import { KBN_FIELD_TYPES, FieldSpec, FieldSpecExportFmt } from '../../../common'; describe('Field', function () { function flatten(obj: Record) { @@ -59,8 +59,9 @@ describe('Field', function () { fieldFormatMap: { name: {}, _source: {}, _score: {}, _id: {} }, } as unknown) as IndexPattern, format: { name: 'formatName' }, - $$spec: {}, + $$spec: ({} as unknown) as FieldSpec, conflictDescriptions: { a: ['b', 'c'], d: ['e'] }, + toSpec: () => (({} as unknown) as FieldSpecExportFmt), } as Field; it('the correct properties are writable', () => { @@ -145,7 +146,7 @@ describe('Field', function () { }).toThrow(); expect(() => { - field.$$spec = { a: 'b' }; + field.$$spec = ({ a: 'b' } as unknown) as FieldSpec; }).toThrow(); }); @@ -219,4 +220,21 @@ describe('Field', function () { }); expect(flatten(field)).toMatchSnapshot(); }); + + it('spec snapshot', () => { + const field = new Field( + { + fieldFormatMap: { + name: { toJSON: () => ({ id: 'number', params: { pattern: '$0,0.[00]' } }) }, + }, + } as IndexPattern, + fieldValues, + false, + { + fieldFormats: {} as FieldFormatsStartCommon, + onNotification: () => {}, + } + ); + expect(field.toSpec()).toMatchSnapshot(); + }); }); diff --git a/src/plugins/data/common/index_patterns/fields/field.ts b/src/plugins/data/common/index_patterns/fields/field.ts index c53e3f2b1f621..81c7aff8a0faa 100644 --- a/src/plugins/data/common/index_patterns/fields/field.ts +++ b/src/plugins/data/common/index_patterns/fields/field.ts @@ -28,11 +28,14 @@ import { FieldFormat, shortenDottedString, } from '../../../common'; -import { OnNotification } from '../types'; +import { + OnNotification, + FieldSpec, + FieldSpecConflictDescriptions, + FieldSpecExportFmt, +} from '../types'; import { FieldFormatsStartCommon } from '../../field_formats'; -export type FieldSpec = Record; - interface FieldDependencies { fieldFormats: FieldFormatsStartCommon; onNotification: OnNotification; @@ -59,11 +62,11 @@ export class Field implements IFieldType { readFromDocValues?: boolean; format: any; $$spec: FieldSpec; - conflictDescriptions?: Record; + conflictDescriptions?: FieldSpecConflictDescriptions; constructor( indexPattern: IIndexPattern, - spec: FieldSpec | Field, + spec: FieldSpecExportFmt | FieldSpec | Field, shortDotsEnable: boolean, { fieldFormats, onNotification }: FieldDependencies ) { @@ -95,7 +98,7 @@ export class Field implements IFieldType { if (!type) type = getKbnFieldType('unknown'); - let format = spec.format; + let format: any = spec.format; if (!FieldFormat.isInstanceOfFieldFormat(format)) { format = @@ -148,6 +151,26 @@ export class Field implements IFieldType { // multi info obj.fact('subType'); - return obj.create(); + const newObj = obj.create(); + newObj.toSpec = function () { + return { + count: this.count, + script: this.script, + lang: this.lang, + conflictDescriptions: this.conflictDescriptions, + name: this.name, + type: this.type, + esTypes: this.esTypes, + scripted: this.scripted, + searchable: this.searchable, + aggregatable: this.aggregatable, + readFromDocValues: this.readFromDocValues, + subType: this.subType, + format: this.indexPattern?.fieldFormatMap[this.name]?.toJSON() || undefined, + }; + }; + return newObj; } + // only providing type info as constructor returns new object instead of `this` + toSpec = () => (({} as unknown) as FieldSpecExportFmt); } diff --git a/src/plugins/data/common/index_patterns/fields/field_list.ts b/src/plugins/data/common/index_patterns/fields/field_list.ts index 173a629863a71..c1ca5341328ce 100644 --- a/src/plugins/data/common/index_patterns/fields/field_list.ts +++ b/src/plugins/data/common/index_patterns/fields/field_list.ts @@ -20,8 +20,8 @@ import { findIndex } from 'lodash'; import { IIndexPattern } from '../../types'; import { IFieldType } from '../../../common'; -import { Field, FieldSpec } from './field'; -import { OnNotification } from '../types'; +import { Field } from './field'; +import { OnNotification, FieldSpec } from '../types'; import { FieldFormatsStartCommon } from '../../field_formats'; type FieldMap = Map; @@ -102,6 +102,10 @@ export const getIndexPatternFieldListCreator = ({ this.removeByGroup(newField); this.setByGroup(newField); }; + + toSpec = () => { + return [...this.map((field) => field.toSpec())]; + }; } return new FieldList(...fieldListParams); diff --git a/src/plugins/data/common/index_patterns/fields/types.ts b/src/plugins/data/common/index_patterns/fields/types.ts index c336472a1e7d6..558b5b57dce40 100644 --- a/src/plugins/data/common/index_patterns/fields/types.ts +++ b/src/plugins/data/common/index_patterns/fields/types.ts @@ -17,10 +17,7 @@ * under the License. */ -export interface IFieldSubType { - multi?: { parent: string }; - nested?: { path: string }; -} +import { FieldSpec, IFieldSubType } from '../types'; export interface IFieldType { name: string; @@ -41,4 +38,5 @@ export interface IFieldType { subType?: IFieldSubType; displayName?: string; format?: any; + toSpec?: () => FieldSpec; } diff --git a/src/plugins/data/common/index_patterns/index_patterns/__snapshots__/index_pattern.test.ts.snap b/src/plugins/data/common/index_patterns/index_patterns/__snapshots__/index_pattern.test.ts.snap new file mode 100644 index 0000000000000..047ac836a87d1 --- /dev/null +++ b/src/plugins/data/common/index_patterns/index_patterns/__snapshots__/index_pattern.test.ts.snap @@ -0,0 +1,503 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`IndexPattern toSpec should match snapshot 1`] = ` +Object { + "fields": Array [ + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 10, + "esTypes": Array [ + "long", + ], + "format": Object { + "id": "number", + "params": Object { + "pattern": "$0,0.[00]", + }, + }, + "lang": undefined, + "name": "bytes", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "number", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 20, + "esTypes": Array [ + "boolean", + ], + "format": undefined, + "lang": undefined, + "name": "ssl", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "boolean", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 30, + "esTypes": Array [ + "date", + ], + "format": undefined, + "lang": undefined, + "name": "@timestamp", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "date", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 30, + "esTypes": Array [ + "date", + ], + "format": undefined, + "lang": undefined, + "name": "time", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "date", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "keyword", + ], + "format": undefined, + "lang": undefined, + "name": "@tags", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "string", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "date", + ], + "format": undefined, + "lang": undefined, + "name": "utc_time", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "date", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "integer", + ], + "format": undefined, + "lang": undefined, + "name": "phpmemory", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "number", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "ip", + ], + "format": undefined, + "lang": undefined, + "name": "ip", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "ip", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "attachment", + ], + "format": undefined, + "lang": undefined, + "name": "request_body", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "attachment", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "geo_point", + ], + "format": undefined, + "lang": undefined, + "name": "point", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "geo_point", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "geo_shape", + ], + "format": undefined, + "lang": undefined, + "name": "area", + "readFromDocValues": false, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "geo_shape", + }, + Object { + "aggregatable": false, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "murmur3", + ], + "format": undefined, + "lang": undefined, + "name": "hashed", + "readFromDocValues": false, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "murmur3", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "geo_point", + ], + "format": undefined, + "lang": undefined, + "name": "geo.coordinates", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "geo_point", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "text", + ], + "format": undefined, + "lang": undefined, + "name": "extension", + "readFromDocValues": false, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "string", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "keyword", + ], + "format": undefined, + "lang": undefined, + "name": "extension.keyword", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": Object { + "multi": Object { + "parent": "extension", + }, + }, + "type": "string", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "text", + ], + "format": undefined, + "lang": undefined, + "name": "machine.os", + "readFromDocValues": false, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "string", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "keyword", + ], + "format": undefined, + "lang": undefined, + "name": "machine.os.raw", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": Object { + "multi": Object { + "parent": "machine.os", + }, + }, + "type": "string", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "keyword", + ], + "format": undefined, + "lang": undefined, + "name": "geo.src", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "string", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "_id", + ], + "format": undefined, + "lang": undefined, + "name": "_id", + "readFromDocValues": false, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "string", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "_type", + ], + "format": undefined, + "lang": undefined, + "name": "_type", + "readFromDocValues": false, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "string", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "_source", + ], + "format": undefined, + "lang": undefined, + "name": "_source", + "readFromDocValues": false, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "_source", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "text", + ], + "format": undefined, + "lang": undefined, + "name": "non-filterable", + "readFromDocValues": false, + "script": undefined, + "scripted": false, + "searchable": false, + "subType": undefined, + "type": "string", + }, + Object { + "aggregatable": false, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "text", + ], + "format": undefined, + "lang": undefined, + "name": "non-sortable", + "readFromDocValues": false, + "script": undefined, + "scripted": false, + "searchable": false, + "subType": undefined, + "type": "string", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "conflict", + ], + "format": undefined, + "lang": undefined, + "name": "custom_user_field", + "readFromDocValues": true, + "script": undefined, + "scripted": false, + "searchable": true, + "subType": undefined, + "type": "conflict", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "text", + ], + "format": undefined, + "lang": "expression", + "name": "script string", + "readFromDocValues": false, + "script": "'i am a string'", + "scripted": true, + "searchable": true, + "subType": undefined, + "type": "string", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "long", + ], + "format": undefined, + "lang": "expression", + "name": "script number", + "readFromDocValues": false, + "script": "1234", + "scripted": true, + "searchable": true, + "subType": undefined, + "type": "number", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "date", + ], + "format": undefined, + "lang": "painless", + "name": "script date", + "readFromDocValues": false, + "script": "1234", + "scripted": true, + "searchable": true, + "subType": undefined, + "type": "date", + }, + Object { + "aggregatable": true, + "conflictDescriptions": undefined, + "count": 0, + "esTypes": Array [ + "murmur3", + ], + "format": undefined, + "lang": "expression", + "name": "script murmur3", + "readFromDocValues": false, + "script": "1234", + "scripted": true, + "searchable": true, + "subType": undefined, + "type": "murmur3", + }, + ], + "id": "test-pattern", + "sourceFilters": undefined, + "timeFieldName": "timestamp", + "title": "test-pattern", + "typeMeta": undefined, + "version": 2, +} +`; diff --git a/src/plugins/data/common/index_patterns/index_patterns/index.ts b/src/plugins/data/common/index_patterns/index_patterns/index.ts index 5fae08f3bb775..77527857ed0ca 100644 --- a/src/plugins/data/common/index_patterns/index_patterns/index.ts +++ b/src/plugins/data/common/index_patterns/index_patterns/index.ts @@ -18,7 +18,6 @@ */ export * from './index_patterns_api_client'; -export * from './types'; export * from './_pattern_cache'; export * from './flatten_hit'; export * from './format_hit'; diff --git a/src/plugins/data/common/index_patterns/index_patterns/index_pattern.test.ts b/src/plugins/data/common/index_patterns/index_patterns/index_pattern.test.ts index cea476781ad3b..ba8e4f6fb3695 100644 --- a/src/plugins/data/common/index_patterns/index_patterns/index_pattern.test.ts +++ b/src/plugins/data/common/index_patterns/index_patterns/index_pattern.test.ts @@ -30,6 +30,10 @@ import { Field } from '../fields'; import { fieldFormatsMock } from '../../field_formats/mocks'; +class MockFieldFormatter {} + +fieldFormatsMock.getType = jest.fn().mockImplementation(() => MockFieldFormatter); + jest.mock('../../field_mapping', () => { const originalModule = jest.requireActual('../../field_mapping'); @@ -303,6 +307,29 @@ describe('IndexPattern', () => { }); }); + describe('toSpec', () => { + test('should match snapshot', () => { + indexPattern.fieldFormatMap.bytes = { + toJSON: () => ({ id: 'number', params: { pattern: '$0,0.[00]' } }), + }; + expect(indexPattern.toSpec()).toMatchSnapshot(); + }); + + test('can restore from spec', async () => { + indexPattern.fieldFormatMap.bytes = { + toJSON: () => ({ id: 'number', params: { pattern: '$0,0.[00]' } }), + }; + const spec = indexPattern.toSpec(); + const restoredPattern = await create(spec.id as string); + restoredPattern.initFromSpec(spec); + expect(restoredPattern.id).toEqual(indexPattern.id); + expect(restoredPattern.title).toEqual(indexPattern.title); + expect(restoredPattern.timeFieldName).toEqual(indexPattern.timeFieldName); + expect(restoredPattern.fields.length).toEqual(indexPattern.fields.length); + expect(restoredPattern.fieldFormatMap.bytes instanceof MockFieldFormatter).toEqual(true); + }); + }); + describe('popularizeField', () => { test('should increment the popularity count by default', () => { // const saveSpy = sinon.stub(indexPattern, 'save'); diff --git a/src/plugins/data/common/index_patterns/index_patterns/index_pattern.ts b/src/plugins/data/common/index_patterns/index_patterns/index_pattern.ts index cd39a965ae6fc..e9ac5a09b9db3 100644 --- a/src/plugins/data/common/index_patterns/index_patterns/index_pattern.ts +++ b/src/plugins/data/common/index_patterns/index_patterns/index_pattern.ts @@ -20,6 +20,7 @@ import _, { each, reject } from 'lodash'; import { i18n } from '@kbn/i18n'; import { SavedObjectsClientContract } from 'src/core/public'; +import { SavedObjectAttributes } from 'src/core/public'; import { DuplicateField, SavedObjectNotFound } from '../../../../kibana_utils/common'; import { @@ -36,11 +37,12 @@ import { createFieldsFetcher } from './_fields_fetcher'; import { formatHitProvider } from './format_hit'; import { flattenHitWrapper } from './flatten_hit'; import { IIndexPatternsApiClient } from '.'; -import { TypeMeta } from '.'; import { OnNotification, OnError } from '../types'; import { FieldFormatsStartCommon } from '../../field_formats'; import { PatternCache } from './_pattern_cache'; import { expandShorthand, FieldMappingSpec, MappingObject } from '../../field_mapping'; +import { IndexPatternSpec, TypeMeta, FieldSpec, SourceFilter } from '../types'; +import { SerializedFieldFormat } from '../../../../expressions/common'; const MAX_ATTEMPTS_TO_RESOLVE_CONFLICTS = 3; const type = 'index-pattern'; @@ -60,10 +62,9 @@ export class IndexPattern implements IIndexPattern { public id?: string; public title: string = ''; - public type?: string; public fieldFormatMap: any; public typeMeta?: TypeMeta; - public fields: IIndexPatternFieldList; + public fields: IIndexPatternFieldList & { toSpec: () => FieldSpec[] }; public timeFieldName: string | undefined; public formatHit: any; public formatField: any; @@ -74,7 +75,7 @@ export class IndexPattern implements IIndexPattern { private savedObjectsClient: SavedObjectsClientContract; private patternCache: PatternCache; private getConfig: any; - private sourceFilters?: []; + private sourceFilters?: SourceFilter[]; private originalBody: { [key: string]: any } = {}; public fieldsFetcher: any; // probably want to factor out any direct usage and change to private private shortDotsEnable: boolean = false; @@ -196,6 +197,35 @@ export class IndexPattern implements IIndexPattern { this.initFields(); } + public initFromSpec(spec: IndexPatternSpec) { + // create fieldFormatMap from field list + const fieldFormatMap: Record = {}; + if (_.isArray(spec.fields)) { + spec.fields.forEach((field: FieldSpec) => { + if (field.format) { + fieldFormatMap[field.name as string] = { ...field.format }; + } + }); + } + + this.version = spec.version; + + this.title = spec.title || ''; + this.timeFieldName = spec.timeFieldName; + this.sourceFilters = spec.sourceFilters; + + // ignoring this because the same thing happens elsewhere but via _.assign + // @ts-ignore + this.fields = spec.fields || []; + this.typeMeta = spec.typeMeta; + this.fieldFormatMap = _.mapValues(fieldFormatMap, (mapping) => { + return this.deserializeFieldFormatMap(mapping); + }); + + this.initFields(); + return this; + } + private updateFromElasticSearch(response: any, forceFieldRefresh: boolean = false) { if (!response.found) { throw new SavedObjectNotFound(type, this.id, 'management/kibana/indexPatterns'); @@ -206,15 +236,16 @@ export class IndexPattern implements IIndexPattern { return; } - response._source[name] = fieldMapping._deserialize(response._source[name]); + response[name] = fieldMapping._deserialize(response[name]); }); - // give index pattern all of the values in _source - _.assign(this, response._source); + // give index pattern all of the values + _.assign(this, response); if (!this.title && this.id) { this.title = this.id; } + this.version = response.version; return this.indexFields(forceFieldRefresh); } @@ -266,13 +297,11 @@ export class IndexPattern implements IIndexPattern { } const savedObject = await this.savedObjectsClient.get(type, this.id); - this.version = savedObject._version; const response = { - _id: savedObject.id, - _type: savedObject.type, - _source: _.cloneDeep(savedObject.attributes), + version: savedObject._version, found: savedObject._version ? true : false, + ...(_.cloneDeep(savedObject.attributes) as SavedObjectAttributes), }; // Do this before we attempt to update from ES since that call can potentially perform a save this.originalBody = this.prepBody(); @@ -283,6 +312,19 @@ export class IndexPattern implements IIndexPattern { return this; } + public toSpec(): IndexPatternSpec { + return { + id: this.id, + version: this.version, + + title: this.title, + timeFieldName: this.timeFieldName, + sourceFilters: this.sourceFilters, + fields: this.fields.toSpec(), + typeMeta: this.typeMeta, + }; + } + // Get the source filtering configuration for that index. getSourceFiltering() { return { diff --git a/src/plugins/data/common/index_patterns/index_patterns/index_patterns.ts b/src/plugins/data/common/index_patterns/index_patterns/index_patterns.ts index 22d1765d79348..5e51897d13372 100644 --- a/src/plugins/data/common/index_patterns/index_patterns/index_patterns.ts +++ b/src/plugins/data/common/index_patterns/index_patterns/index_patterns.ts @@ -32,12 +32,8 @@ import { createEnsureDefaultIndexPattern, EnsureDefaultIndexPattern, } from './ensure_default_index_pattern'; -import { - getIndexPatternFieldListCreator, - CreateIndexPatternFieldList, - Field, - FieldSpec, -} from '../fields'; +import { getIndexPatternFieldListCreator, CreateIndexPatternFieldList, Field } from '../fields'; +import { IndexPatternSpec, FieldSpec } from '../types'; import { OnNotification, OnError } from '../types'; import { FieldFormatsStartCommon } from '../../field_formats'; @@ -195,6 +191,21 @@ export class IndexPatternsService { return indexPatternCache.set(id, indexPattern); }; + specToIndexPattern(spec: IndexPatternSpec) { + const indexPattern = new IndexPattern(spec.id, { + getConfig: (cfg: any) => this.config.get(cfg), + savedObjectsClient: this.savedObjectsClient, + apiClient: this.apiClient, + patternCache: indexPatternCache, + fieldFormats: this.fieldFormats, + onNotification: this.onNotification, + onError: this.onError, + }); + + indexPattern.initFromSpec(spec); + return indexPattern; + } + make = (id?: string): Promise => { const indexPattern = new IndexPattern(id, { getConfig: (cfg: any) => this.config.get(cfg), diff --git a/src/plugins/data/common/index_patterns/types.ts b/src/plugins/data/common/index_patterns/types.ts index 7399bbbc10a7e..94121a274d686 100644 --- a/src/plugins/data/common/index_patterns/types.ts +++ b/src/plugins/data/common/index_patterns/types.ts @@ -19,6 +19,8 @@ import { ToastInputFields, ErrorToastOptions } from 'src/core/public/notifications'; import { IFieldType } from './fields'; +import { SerializedFieldFormat } from '../../../expressions/common'; +import { KBN_FIELD_TYPES } from '..'; export interface IIndexPattern { [key: string]: any; @@ -51,3 +53,65 @@ export interface IndexPatternAttributes { export type OnNotification = (toastInputFields: ToastInputFields) => void; export type OnError = (error: Error, toastInputFields: ErrorToastOptions) => void; + +export type AggregationRestrictions = Record< + string, + { + agg?: string; + interval?: number; + fixed_interval?: string; + calendar_interval?: string; + delay?: string; + time_zone?: string; + } +>; + +export interface IFieldSubType { + multi?: { parent: string }; + nested?: { path: string }; +} + +export interface TypeMeta { + aggs?: Record; + [key: string]: any; +} + +export type FieldSpecConflictDescriptions = Record; + +// This should become FieldSpec once types are cleaned up +export interface FieldSpecExportFmt { + count?: number; + script?: string; + lang?: string; + conflictDescriptions?: FieldSpecConflictDescriptions; + name: string; + type: KBN_FIELD_TYPES; + esTypes?: string[]; + scripted: boolean; + searchable: boolean; + aggregatable: boolean; + readFromDocValues?: boolean; + subType?: IFieldSubType; + format?: SerializedFieldFormat; + indexed?: boolean; +} + +export interface FieldSpec { + [key: string]: any; + format?: SerializedFieldFormat; +} + +export interface IndexPatternSpec { + id?: string; + version?: string; + + title: string; + timeFieldName?: string; + sourceFilters?: SourceFilter[]; + fields?: FieldSpec[]; + typeMeta?: TypeMeta; +} + +export interface SourceFilter { + value: string; +} diff --git a/src/plugins/data/public/index.ts b/src/plugins/data/public/index.ts index 984ce18aa4d83..3665d9dc2b46e 100644 --- a/src/plugins/data/public/index.ts +++ b/src/plugins/data/public/index.ts @@ -249,8 +249,6 @@ export { IndexPattern, IIndexPatternFieldList, Field as IndexPatternField, - TypeMeta as IndexPatternTypeMeta, - AggregationRestrictions as IndexPatternAggRestrictions, // TODO: exported only in stub_index_pattern test. Move into data plugin and remove export. getIndexPatternFieldListCreator, } from './index_patterns'; @@ -263,6 +261,8 @@ export { KBN_FIELD_TYPES, IndexPatternAttributes, UI_SETTINGS, + TypeMeta as IndexPatternTypeMeta, + AggregationRestrictions as IndexPatternAggRestrictions, } from '../common'; /* diff --git a/src/plugins/data/public/index_patterns/index.ts b/src/plugins/data/public/index_patterns/index.ts index 0a8397467807c..2c540527f468d 100644 --- a/src/plugins/data/public/index_patterns/index.ts +++ b/src/plugins/data/public/index_patterns/index.ts @@ -34,11 +34,4 @@ export { IIndexPatternFieldList, } from '../../common/index_patterns'; -// TODO: figure out how to replace IndexPatterns in get_inner_angular. -export { - IndexPatternsService, - IndexPatternsContract, - IndexPattern, - TypeMeta, - AggregationRestrictions, -} from './index_patterns'; +export { IndexPatternsService, IndexPatternsContract, IndexPattern } from './index_patterns'; diff --git a/src/plugins/data/public/public.api.md b/src/plugins/data/public/public.api.md index 31dc5b51a06f5..25c9b0718050a 100644 --- a/src/plugins/data/public/public.api.md +++ b/src/plugins/data/public/public.api.md @@ -902,6 +902,10 @@ export interface IFieldType { sortable?: boolean; // (undocumented) subType?: IFieldSubType; + // Warning: (ae-forgotten-export) The symbol "FieldSpec" needs to be exported by the entry point index.d.ts + // + // (undocumented) + toSpec?: () => FieldSpec; // (undocumented) type: string; // (undocumented) @@ -937,8 +941,6 @@ export interface IIndexPattern { // // @public (undocumented) export interface IIndexPatternFieldList extends Array { - // Warning: (ae-forgotten-export) The symbol "FieldSpec" needs to be exported by the entry point index.d.ts - // // (undocumented) add(field: FieldSpec): void; // (undocumented) @@ -993,7 +995,9 @@ export class IndexPattern implements IIndexPattern { // (undocumented) fieldFormatMap: any; // (undocumented) - fields: IIndexPatternFieldList; + fields: IIndexPatternFieldList & { + toSpec: () => FieldSpec[]; + }; // (undocumented) fieldsFetcher: any; // (undocumented) @@ -1036,6 +1040,10 @@ export class IndexPattern implements IIndexPattern { id?: string; // (undocumented) init(forceFieldRefresh?: boolean): Promise; + // Warning: (ae-forgotten-export) The symbol "IndexPatternSpec" needs to be exported by the entry point index.d.ts + // + // (undocumented) + initFromSpec(spec: IndexPatternSpec): this; // (undocumented) isTimeBased(): boolean; // (undocumented) @@ -1065,9 +1073,9 @@ export class IndexPattern implements IIndexPattern { // (undocumented) toJSON(): string | undefined; // (undocumented) - toString(): string; + toSpec(): IndexPatternSpec; // (undocumented) - type?: string; + toString(): string; // (undocumented) typeMeta?: IndexPatternTypeMeta; } @@ -1106,12 +1114,15 @@ export interface IndexPatternAttributes { export class IndexPatternField implements IFieldType { // (undocumented) $$spec: FieldSpec; + // Warning: (ae-forgotten-export) The symbol "FieldSpecExportFmt" needs to be exported by the entry point index.d.ts // Warning: (ae-forgotten-export) The symbol "FieldDependencies" needs to be exported by the entry point index.d.ts - constructor(indexPattern: IIndexPattern, spec: FieldSpec | IndexPatternField, shortDotsEnable: boolean, { fieldFormats, onNotification }: FieldDependencies); + constructor(indexPattern: IIndexPattern, spec: FieldSpecExportFmt | FieldSpec | IndexPatternField, shortDotsEnable: boolean, { fieldFormats, onNotification }: FieldDependencies); // (undocumented) aggregatable?: boolean; + // Warning: (ae-forgotten-export) The symbol "FieldSpecConflictDescriptions" needs to be exported by the entry point index.d.ts + // // (undocumented) - conflictDescriptions?: Record; + conflictDescriptions?: FieldSpecConflictDescriptions; // (undocumented) count?: number; // (undocumented) @@ -1141,6 +1152,8 @@ export class IndexPatternField implements IFieldType { // (undocumented) subType?: IFieldSubType; // (undocumented) + toSpec: () => FieldSpecExportFmt; + // (undocumented) type: string; // (undocumented) visualizable?: boolean; diff --git a/src/plugins/data/server/server.api.md b/src/plugins/data/server/server.api.md index 2ab0644f7237b..136d960b52c34 100644 --- a/src/plugins/data/server/server.api.md +++ b/src/plugins/data/server/server.api.md @@ -392,6 +392,10 @@ export interface IFieldType { sortable?: boolean; // (undocumented) subType?: IFieldSubType; + // Warning: (ae-forgotten-export) The symbol "FieldSpec" needs to be exported by the entry point index.d.ts + // + // (undocumented) + toSpec?: () => FieldSpec; // (undocumented) type: string; // (undocumented) diff --git a/src/plugins/discover/public/application/angular/directives/histogram.tsx b/src/plugins/discover/public/application/angular/directives/histogram.tsx index 8b646106fe52f..9afe5e48bc5b8 100644 --- a/src/plugins/discover/public/application/angular/directives/histogram.tsx +++ b/src/plugins/discover/public/application/angular/directives/histogram.tsx @@ -323,6 +323,7 @@ export class DiscoverHistogram extends Component ({ getServices: () => ({ @@ -74,6 +75,7 @@ function getComponent(selected = false, showDetails = false, useShortDots = fals format: null, routes: {}, $$spec: {}, + toSpec: () => (({} as unknown) as FieldSpecExportFmt), } as IndexPatternField; const props = { diff --git a/src/plugins/discover/public/application/helpers/validate_time_range.test.ts b/src/plugins/discover/public/application/helpers/validate_time_range.test.ts new file mode 100644 index 0000000000000..a61a729caa22b --- /dev/null +++ b/src/plugins/discover/public/application/helpers/validate_time_range.test.ts @@ -0,0 +1,47 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { validateTimeRange } from './validate_time_range'; +import { notificationServiceMock } from '../../../../../core/public/mocks'; + +describe('Discover validateTimeRange', () => { + test('validates given time ranges correctly', async () => { + const { toasts } = notificationServiceMock.createStartContract(); + [ + { from: '', to: '', result: false }, + { from: 'now', to: 'now+1h', result: true }, + { from: 'now', to: 'lala+1h', result: false }, + { from: '', to: 'now', result: false }, + { from: 'now', to: '', result: false }, + { from: ' 2020-06-02T13:36:13.689Z', to: 'now', result: true }, + { from: ' 2020-06-02T13:36:13.689Z', to: '2020-06-02T13:36:13.690Z', result: true }, + ].map((test) => { + expect(validateTimeRange({ from: test.from, to: test.to }, toasts)).toEqual(test.result); + }); + }); + + test('displays a toast when invalid data is entered', async () => { + const { toasts } = notificationServiceMock.createStartContract(); + expect(validateTimeRange({ from: 'now', to: 'null' }, toasts)).toEqual(false); + expect(toasts.addDanger).toHaveBeenCalledWith({ + title: 'Invalid time range', + text: "The provided time range is invalid. (from: 'now', to: 'null')", + }); + }); +}); diff --git a/src/plugins/discover/public/application/helpers/validate_time_range.ts b/src/plugins/discover/public/application/helpers/validate_time_range.ts new file mode 100644 index 0000000000000..411147f827333 --- /dev/null +++ b/src/plugins/discover/public/application/helpers/validate_time_range.ts @@ -0,0 +1,49 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +import dateMath from '@elastic/datemath'; +import { i18n } from '@kbn/i18n'; +import { ToastsStart } from 'kibana/public'; + +/** + * Validates a given time filter range, provided by URL or UI + * Unless valid, it returns false and displays a notification + */ +export function validateTimeRange( + { from, to }: { from: string; to: string }, + toastNotifications: ToastsStart +): boolean { + const fromMoment = dateMath.parse(from); + const toMoment = dateMath.parse(to); + if (!fromMoment || !toMoment || !fromMoment.isValid() || !toMoment.isValid()) { + toastNotifications.addDanger({ + title: i18n.translate('discover.notifications.invalidTimeRangeTitle', { + defaultMessage: `Invalid time range`, + }), + text: i18n.translate('discover.notifications.invalidTimeRangeText', { + defaultMessage: `The provided time range is invalid. (from: '{from}', to: '{to}')`, + values: { + from, + to, + }, + }), + }); + return false; + } + return true; +} diff --git a/src/plugins/share/server/saved_objects/url.ts b/src/plugins/share/server/saved_objects/url.ts index c76c21993a13f..3ea64ad4719f7 100644 --- a/src/plugins/share/server/saved_objects/url.ts +++ b/src/plugins/share/server/saved_objects/url.ts @@ -46,6 +46,7 @@ export const url: SavedObjectsType = { fields: { keyword: { type: 'keyword', + ignore_above: 2048, }, }, }, diff --git a/src/plugins/testbed/kibana.json b/src/plugins/testbed/kibana.json deleted file mode 100644 index 9afe357b7a010..0000000000000 --- a/src/plugins/testbed/kibana.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "id": "testbed", - "version": "0.0.1", - "kibanaVersion": "kibana", - "configPath": ["core", "testbed"], - "server": true, - "ui": true -} diff --git a/src/plugins/testbed/public/index.ts b/src/plugins/testbed/public/index.ts deleted file mode 100644 index 601db10f6f8bb..0000000000000 --- a/src/plugins/testbed/public/index.ts +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import { PluginInitializer, PluginInitializerContext } from 'kibana/public'; -import { TestbedPlugin, TestbedPluginSetup, TestbedPluginStart } from './plugin'; - -export const plugin: PluginInitializer = ( - initializerContext: PluginInitializerContext -) => new TestbedPlugin(initializerContext); diff --git a/src/plugins/testbed/public/plugin.ts b/src/plugins/testbed/public/plugin.ts deleted file mode 100644 index 8c70485d9ee8b..0000000000000 --- a/src/plugins/testbed/public/plugin.ts +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import { Plugin, CoreSetup, PluginInitializerContext } from 'kibana/public'; - -interface ConfigType { - uiProp: string; -} - -export class TestbedPlugin implements Plugin { - constructor(private readonly initializerContext: PluginInitializerContext) {} - - public async setup(core: CoreSetup, deps: {}) { - const config = this.initializerContext.config.get(); - - // eslint-disable-next-line no-console - console.log(`Testbed plugin set up. uiProp: '${config.uiProp}'`); - return { - foo: 'bar', - }; - } - - public start() { - // eslint-disable-next-line no-console - console.log(`Testbed plugin started`); - } - - public stop() {} -} - -export type TestbedPluginSetup = ReturnType; -export type TestbedPluginStart = ReturnType; diff --git a/src/plugins/testbed/server/index.ts b/src/plugins/testbed/server/index.ts deleted file mode 100644 index 21f97259c97f4..0000000000000 --- a/src/plugins/testbed/server/index.ts +++ /dev/null @@ -1,114 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import { map } from 'rxjs/operators'; -import { schema, TypeOf } from '@kbn/config-schema'; - -import { - CoreSetup, - CoreStart, - Logger, - PluginInitializerContext, - PluginConfigDescriptor, - PluginName, -} from 'kibana/server'; - -const configSchema = schema.object({ - secret: schema.string({ defaultValue: 'Not really a secret :/' }), - uiProp: schema.string({ defaultValue: 'Accessible from client' }), -}); - -type ConfigType = TypeOf; - -export const config: PluginConfigDescriptor = { - exposeToBrowser: { - uiProp: true, - }, - schema: configSchema, - deprecations: ({ rename, unused, renameFromRoot }) => [ - rename('securityKey', 'secret'), - renameFromRoot('oldtestbed.uiProp', 'testbed.uiProp'), - unused('deprecatedProperty'), - ], -}; - -class Plugin { - private readonly log: Logger; - - constructor(private readonly initializerContext: PluginInitializerContext) { - this.log = this.initializerContext.logger.get(); - } - - public setup(core: CoreSetup, deps: Record) { - this.log.debug( - `Setting up TestBed with core contract [${Object.keys(core)}] and deps [${Object.keys(deps)}]` - ); - - const router = core.http.createRouter(); - router.get( - { path: '/requestcontext/elasticsearch', validate: false }, - async (context, req, res) => { - const response = await context.core.elasticsearch.legacy.client.callAsInternalUser('ping'); - return res.ok({ body: `Elasticsearch: ${response}` }); - } - ); - - router.get( - { path: '/requestcontext/savedobjectsclient', validate: false }, - async (context, req, res) => { - const response = await context.core.savedObjects.client.find({ type: 'TYPE' }); - return res.ok({ body: `SavedObjects client: ${JSON.stringify(response)}` }); - } - ); - - return { - data$: this.initializerContext.config.create().pipe( - map((configValue) => { - this.log.debug(`I've got value from my config: ${configValue.secret}`); - return `Some exposed data derived from config: ${configValue.secret}`; - }) - ), - pingElasticsearch: async () => { - const [coreStart] = await core.getStartServices(); - return coreStart.elasticsearch.legacy.client.callAsInternalUser('ping'); - }, - }; - } - - public start(core: CoreStart, deps: Record) { - this.log.debug( - `Starting up TestBed testbed with core contract [${Object.keys( - core - )}] and deps [${Object.keys(deps)}]` - ); - - return { - getStartContext() { - return core; - }, - }; - } - - public stop() { - this.log.debug(`Stopping TestBed`); - } -} - -export const plugin = (initializerContext: PluginInitializerContext) => - new Plugin(initializerContext); diff --git a/src/plugins/usage_collection/public/plugin.ts b/src/plugins/usage_collection/public/plugin.ts index cf2f6af1507c0..40f27f8269928 100644 --- a/src/plugins/usage_collection/public/plugin.ts +++ b/src/plugins/usage_collection/public/plugin.ts @@ -52,12 +52,17 @@ export interface UsageCollectionSetup { }; } +export interface UsageCollectionStart { + reportUiStats: Reporter['reportUiStats']; + METRIC_TYPE: typeof METRIC_TYPE; +} + export function isUnauthenticated(http: HttpSetup) { const { anonymousPaths } = http; return anonymousPaths.isAnonymous(window.location.pathname); } -export class UsageCollectionPlugin implements Plugin { +export class UsageCollectionPlugin implements Plugin { private readonly legacyAppId$ = new Subject(); private trackUserAgent: boolean = true; private reporter?: Reporter; @@ -90,7 +95,7 @@ export class UsageCollectionPlugin implements Plugin { public start({ http, application }: CoreStart) { if (!this.reporter) { - return; + throw new Error('Usage collection reporter not set up correctly'); } if (this.config.uiMetric.enabled && !isUnauthenticated(http)) { @@ -100,7 +105,13 @@ export class UsageCollectionPlugin implements Plugin { if (this.trackUserAgent) { this.reporter.reportUserAgent('kibana'); } + reportApplicationUsage(merge(application.currentAppId$, this.legacyAppId$), this.reporter); + + return { + reportUiStats: this.reporter.reportUiStats, + METRIC_TYPE, + }; } public stop() {} diff --git a/src/legacy/core_plugins/testbed/public/testbed.js b/src/plugins/vis_type_timeseries/common/types.ts similarity index 74% rename from src/legacy/core_plugins/testbed/public/testbed.js rename to src/plugins/vis_type_timeseries/common/types.ts index 13005a6106ca4..4520069244527 100644 --- a/src/legacy/core_plugins/testbed/public/testbed.js +++ b/src/plugins/vis_type_timeseries/common/types.ts @@ -17,13 +17,9 @@ * under the License. */ -import uiRoutes from 'ui/routes'; -import template from './testbed.html'; +import { TypeOf } from '@kbn/config-schema'; +import { metricsItems, panel, seriesItems } from './vis_schema'; -uiRoutes.when('/testbed', { - template: template, - controllerAs: 'testbed', - controller: class TestbedController { - constructor() {} - }, -}); +export type SeriesItemsSchema = TypeOf; +export type MetricsItemsSchema = TypeOf; +export type PanelSchema = TypeOf; diff --git a/src/plugins/vis_type_timeseries/common/ui_restrictions.js b/src/plugins/vis_type_timeseries/common/ui_restrictions.ts similarity index 73% rename from src/plugins/vis_type_timeseries/common/ui_restrictions.js rename to src/plugins/vis_type_timeseries/common/ui_restrictions.ts index 96726d51e4a7c..4508735f39ff9 100644 --- a/src/plugins/vis_type_timeseries/common/ui_restrictions.js +++ b/src/plugins/vis_type_timeseries/common/ui_restrictions.ts @@ -22,21 +22,30 @@ * @constant * @public */ -export const RESTRICTIONS_KEYS = { +export enum RESTRICTIONS_KEYS { /** * Key for getting the white listed group by fields from the UIRestrictions object. */ - WHITE_LISTED_GROUP_BY_FIELDS: 'whiteListedGroupByFields', + WHITE_LISTED_GROUP_BY_FIELDS = 'whiteListedGroupByFields', /** * Key for getting the white listed metrics from the UIRestrictions object. */ - WHITE_LISTED_METRICS: 'whiteListedMetrics', + WHITE_LISTED_METRICS = 'whiteListedMetrics', /** * Key for getting the white listed Time Range modes from the UIRestrictions object. */ - WHITE_LISTED_TIMERANGE_MODES: 'whiteListedTimerangeModes', + WHITE_LISTED_TIMERANGE_MODES = 'whiteListedTimerangeModes', +} + +export interface UIRestrictions { + '*': boolean; + [restriction: string]: boolean; +} + +export type TimeseriesUIRestrictions = { + [key in RESTRICTIONS_KEYS]: Record; }; /** @@ -44,6 +53,6 @@ export const RESTRICTIONS_KEYS = { * @constant * @public */ -export const DEFAULT_UI_RESTRICTION = { +export const DEFAULT_UI_RESTRICTION: UIRestrictions = { '*': true, }; diff --git a/src/plugins/vis_type_timeseries/server/routes/post_vis_schema.ts b/src/plugins/vis_type_timeseries/common/vis_schema.ts similarity index 73% rename from src/plugins/vis_type_timeseries/server/routes/post_vis_schema.ts rename to src/plugins/vis_type_timeseries/common/vis_schema.ts index bf2ea8651c5a2..7161c197b6940 100644 --- a/src/plugins/vis_type_timeseries/server/routes/post_vis_schema.ts +++ b/src/plugins/vis_type_timeseries/common/vis_schema.ts @@ -76,7 +76,7 @@ const gaugeColorRulesItems = schema.object({ operator: stringOptionalNullable, value: schema.maybe(schema.nullable(schema.number())), }); -const metricsItems = schema.object({ +export const metricsItems = schema.object({ field: stringOptionalNullable, id: stringRequired, metric_agg: stringOptionalNullable, @@ -133,7 +133,7 @@ const splitFiltersItems = schema.object({ label: stringOptionalNullable, }); -const seriesItems = schema.object({ +export const seriesItems = schema.object({ aggregate_by: stringOptionalNullable, aggregate_function: stringOptionalNullable, axis_position: stringRequired, @@ -195,66 +195,66 @@ const seriesItems = schema.object({ var_name: stringOptionalNullable, }); +export const panel = schema.object({ + annotations: schema.maybe(schema.arrayOf(annotationsItems)), + axis_formatter: stringRequired, + axis_position: stringRequired, + axis_scale: stringRequired, + axis_min: stringOrNumberOptionalNullable, + axis_max: stringOrNumberOptionalNullable, + bar_color_rules: schema.maybe(arrayNullable), + background_color: stringOptionalNullable, + background_color_rules: schema.maybe(schema.arrayOf(backgroundColorRulesItems)), + default_index_pattern: stringOptionalNullable, + default_timefield: stringOptionalNullable, + drilldown_url: stringOptionalNullable, + drop_last_bucket: numberIntegerOptional, + filter: schema.nullable( + schema.oneOf([ + stringOptionalNullable, + schema.object({ + language: stringOptionalNullable, + query: stringOptionalNullable, + }), + ]) + ), + gauge_color_rules: schema.maybe(schema.arrayOf(gaugeColorRulesItems)), + gauge_width: schema.nullable(schema.oneOf([stringOptionalNullable, numberOptional])), + gauge_inner_color: stringOptionalNullable, + gauge_inner_width: stringOrNumberOptionalNullable, + gauge_style: stringOptionalNullable, + gauge_max: stringOrNumberOptionalNullable, + id: stringRequired, + ignore_global_filters: numberOptional, + ignore_global_filter: numberOptional, + index_pattern: stringRequired, + interval: stringRequired, + isModelInvalid: schema.maybe(schema.boolean()), + legend_position: stringOptionalNullable, + markdown: stringOptionalNullable, + markdown_scrollbars: numberIntegerOptional, + markdown_openLinksInNewTab: numberIntegerOptional, + markdown_vertical_align: stringOptionalNullable, + markdown_less: stringOptionalNullable, + markdown_css: stringOptionalNullable, + pivot_id: stringOptionalNullable, + pivot_label: stringOptionalNullable, + pivot_type: stringOptionalNullable, + pivot_rows: stringOptionalNullable, + series: schema.arrayOf(seriesItems), + show_grid: numberIntegerRequired, + show_legend: numberIntegerRequired, + tooltip_mode: schema.maybe( + schema.oneOf([schema.literal('show_all'), schema.literal('show_focused')]) + ), + time_field: stringOptionalNullable, + time_range_mode: stringOptionalNullable, + type: stringRequired, +}); + export const visPayloadSchema = schema.object({ filters: arrayNullable, - panels: schema.arrayOf( - schema.object({ - annotations: schema.maybe(schema.arrayOf(annotationsItems)), - axis_formatter: stringRequired, - axis_position: stringRequired, - axis_scale: stringRequired, - axis_min: stringOrNumberOptionalNullable, - axis_max: stringOrNumberOptionalNullable, - bar_color_rules: schema.maybe(arrayNullable), - background_color: stringOptionalNullable, - background_color_rules: schema.maybe(schema.arrayOf(backgroundColorRulesItems)), - default_index_pattern: stringOptionalNullable, - default_timefield: stringOptionalNullable, - drilldown_url: stringOptionalNullable, - drop_last_bucket: numberIntegerOptional, - filter: schema.nullable( - schema.oneOf([ - stringOptionalNullable, - schema.object({ - language: stringOptionalNullable, - query: stringOptionalNullable, - }), - ]) - ), - gauge_color_rules: schema.maybe(schema.arrayOf(gaugeColorRulesItems)), - gauge_width: schema.nullable(schema.oneOf([stringOptionalNullable, numberOptional])), - gauge_inner_color: stringOptionalNullable, - gauge_inner_width: stringOrNumberOptionalNullable, - gauge_style: stringOptionalNullable, - gauge_max: stringOrNumberOptionalNullable, - id: stringRequired, - ignore_global_filters: numberOptional, - ignore_global_filter: numberOptional, - index_pattern: stringRequired, - interval: stringRequired, - isModelInvalid: schema.maybe(schema.boolean()), - legend_position: stringOptionalNullable, - markdown: stringOptionalNullable, - markdown_scrollbars: numberIntegerOptional, - markdown_openLinksInNewTab: numberIntegerOptional, - markdown_vertical_align: stringOptionalNullable, - markdown_less: stringOptionalNullable, - markdown_css: stringOptionalNullable, - pivot_id: stringOptionalNullable, - pivot_label: stringOptionalNullable, - pivot_type: stringOptionalNullable, - pivot_rows: stringOptionalNullable, - series: schema.arrayOf(seriesItems), - show_grid: numberIntegerRequired, - show_legend: numberIntegerRequired, - tooltip_mode: schema.maybe( - schema.oneOf([schema.literal('show_all'), schema.literal('show_focused')]) - ), - time_field: stringOptionalNullable, - time_range_mode: stringOptionalNullable, - type: stringRequired, - }) - ), + panels: schema.arrayOf(panel), // general query: schema.nullable(schema.arrayOf(queryObject)), state: schema.object({ diff --git a/src/plugins/vis_type_timeseries/public/application/components/add_delete_buttons.test.js b/src/plugins/vis_type_timeseries/public/application/components/add_delete_buttons.test.tsx similarity index 77% rename from src/plugins/vis_type_timeseries/public/application/components/add_delete_buttons.test.js rename to src/plugins/vis_type_timeseries/public/application/components/add_delete_buttons.test.tsx index 7afa71d6ba38f..0fb3e80344e2b 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/add_delete_buttons.test.js +++ b/src/plugins/vis_type_timeseries/public/application/components/add_delete_buttons.test.tsx @@ -18,51 +18,49 @@ */ import React from 'react'; -import { expect } from 'chai'; import { shallowWithIntl } from 'test_utils/enzyme_helpers'; -import sinon from 'sinon'; import { AddDeleteButtons } from './add_delete_buttons'; describe('AddDeleteButtons', () => { it('calls onAdd={handleAdd}', () => { - const handleAdd = sinon.spy(); + const handleAdd = jest.fn(); const wrapper = shallowWithIntl(); wrapper.find('EuiButtonIcon').at(0).simulate('click'); - expect(handleAdd.calledOnce).to.equal(true); + expect(handleAdd).toHaveBeenCalled(); }); it('calls onDelete={handleDelete}', () => { - const handleDelete = sinon.spy(); + const handleDelete = jest.fn(); const wrapper = shallowWithIntl(); wrapper.find('EuiButtonIcon').at(1).simulate('click'); - expect(handleDelete.calledOnce).to.equal(true); + expect(handleDelete).toHaveBeenCalled(); }); it('calls onClone={handleClone}', () => { - const handleClone = sinon.spy(); + const handleClone = jest.fn(); const wrapper = shallowWithIntl(); wrapper.find('EuiButtonIcon').at(0).simulate('click'); - expect(handleClone.calledOnce).to.equal(true); + expect(handleClone).toHaveBeenCalled(); }); it('disableDelete={true}', () => { const wrapper = shallowWithIntl(); - expect(wrapper.find({ text: 'Delete' })).to.have.length(0); + expect(wrapper.find({ text: 'Delete' })).toHaveLength(0); }); it('disableAdd={true}', () => { const wrapper = shallowWithIntl(); - expect(wrapper.find({ text: 'Add' })).to.have.length(0); + expect(wrapper.find({ text: 'Add' })).toHaveLength(0); }); it('should not display clone by default', () => { const wrapper = shallowWithIntl(); - expect(wrapper.find({ text: 'Clone' })).to.have.length(0); + expect(wrapper.find({ text: 'Clone' })).toHaveLength(0); }); it('should not display clone when disableAdd={true}', () => { - const fn = sinon.spy(); + const fn = jest.fn(); const wrapper = shallowWithIntl(); - expect(wrapper.find({ text: 'Clone' })).to.have.length(0); + expect(wrapper.find({ text: 'Clone' })).toHaveLength(0); }); }); diff --git a/src/plugins/vis_type_timeseries/public/application/components/add_delete_buttons.js b/src/plugins/vis_type_timeseries/public/application/components/add_delete_buttons.tsx similarity index 87% rename from src/plugins/vis_type_timeseries/public/application/components/add_delete_buttons.js rename to src/plugins/vis_type_timeseries/public/application/components/add_delete_buttons.tsx index 798d16947c3d9..7502de1cb1aa4 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/add_delete_buttons.js +++ b/src/plugins/vis_type_timeseries/public/application/components/add_delete_buttons.tsx @@ -17,13 +17,29 @@ * under the License. */ -import PropTypes from 'prop-types'; -import React from 'react'; -import { EuiToolTip, EuiButtonIcon, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; +import React, { MouseEvent } from 'react'; +import { EuiButtonIcon, EuiFlexGroup, EuiFlexItem, EuiToolTip } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { isBoolean } from 'lodash'; -export function AddDeleteButtons(props) { +interface AddDeleteButtonsProps { + addTooltip: string; + deleteTooltip: string; + cloneTooltip: string; + activatePanelTooltip: string; + deactivatePanelTooltip: string; + isPanelActive?: boolean; + disableAdd?: boolean; + disableDelete?: boolean; + responsive?: boolean; + testSubj: string; + togglePanelActivation?: () => void; + onClone?: () => void; + onAdd?: () => void; + onDelete?: (event: MouseEvent) => void; +} + +export function AddDeleteButtons(props: AddDeleteButtonsProps) { const { testSubj } = props; const createDelete = () => { if (props.disableDelete) { @@ -147,19 +163,3 @@ AddDeleteButtons.defaultProps = { } ), }; - -AddDeleteButtons.propTypes = { - addTooltip: PropTypes.string, - deleteTooltip: PropTypes.string, - cloneTooltip: PropTypes.string, - activatePanelTooltip: PropTypes.string, - deactivatePanelTooltip: PropTypes.string, - togglePanelActivation: PropTypes.func, - isPanelActive: PropTypes.bool, - disableAdd: PropTypes.bool, - disableDelete: PropTypes.bool, - onClone: PropTypes.func, - onAdd: PropTypes.func, - onDelete: PropTypes.func, - responsive: PropTypes.bool, -}; diff --git a/src/plugins/vis_type_timeseries/public/application/components/aggs/agg.js b/src/plugins/vis_type_timeseries/public/application/components/aggs/agg.tsx similarity index 70% rename from src/plugins/vis_type_timeseries/public/application/components/aggs/agg.js rename to src/plugins/vis_type_timeseries/public/application/components/aggs/agg.tsx index d547f64f13f67..e5236c3833b19 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/aggs/agg.js +++ b/src/plugins/vis_type_timeseries/public/application/components/aggs/agg.tsx @@ -17,15 +17,33 @@ * under the License. */ -import PropTypes from 'prop-types'; -import React from 'react'; +import React, { HTMLAttributes } from 'react'; +// @ts-ignore import { aggToComponent } from '../lib/agg_to_component'; +// @ts-ignore +import { isMetricEnabled } from '../../lib/check_ui_restrictions'; import { UnsupportedAgg } from './unsupported_agg'; import { TemporaryUnsupportedAgg } from './temporary_unsupported_agg'; +import { MetricsItemsSchema, PanelSchema, SeriesItemsSchema } from '../../../../common/types'; +import { DragHandleProps } from '../../../types'; +import { TimeseriesUIRestrictions } from '../../../../common/ui_restrictions'; +import { IFieldType } from '../../../../../data/common/index_patterns/fields'; -import { isMetricEnabled } from '../../lib/check_ui_restrictions'; +interface AggProps extends HTMLAttributes { + disableDelete: boolean; + fields: IFieldType[]; + model: MetricsItemsSchema; + panel: PanelSchema; + series: SeriesItemsSchema; + siblings: MetricsItemsSchema[]; + uiRestrictions: TimeseriesUIRestrictions; + dragHandleProps: DragHandleProps; + onAdd: () => void; + onChange: () => void; + onDelete: () => void; +} -export function Agg(props) { +export function Agg(props: AggProps) { const { model, uiRestrictions } = props; let Component = aggToComponent[model.type]; @@ -59,17 +77,3 @@ export function Agg(props) { ); } - -Agg.propTypes = { - disableDelete: PropTypes.bool, - fields: PropTypes.object, - model: PropTypes.object, - onAdd: PropTypes.func, - onChange: PropTypes.func, - onDelete: PropTypes.func, - panel: PropTypes.object, - series: PropTypes.object, - siblings: PropTypes.array, - uiRestrictions: PropTypes.object, - dragHandleProps: PropTypes.object, -}; diff --git a/src/plugins/vis_type_timeseries/public/application/components/aggs/agg_row.js b/src/plugins/vis_type_timeseries/public/application/components/aggs/agg_row.tsx similarity index 86% rename from src/plugins/vis_type_timeseries/public/application/components/aggs/agg_row.js rename to src/plugins/vis_type_timeseries/public/application/components/aggs/agg_row.tsx index a2f1640904dd0..0363ba486a775 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/aggs/agg_row.js +++ b/src/plugins/vis_type_timeseries/public/application/components/aggs/agg_row.tsx @@ -17,15 +17,26 @@ * under the License. */ -import PropTypes from 'prop-types'; import React from 'react'; import { last } from 'lodash'; -import { AddDeleteButtons } from '../add_delete_buttons'; import { EuiIcon, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; -import { SeriesDragHandler } from '../series_drag_handler'; import { i18n } from '@kbn/i18n'; +import { AddDeleteButtons } from '../add_delete_buttons'; +import { SeriesDragHandler } from '../series_drag_handler'; +import { MetricsItemsSchema } from '../../../../common/types'; +import { DragHandleProps } from '../../../types'; -export function AggRow(props) { +interface AggRowProps { + disableDelete: boolean; + model: MetricsItemsSchema; + siblings: MetricsItemsSchema[]; + dragHandleProps: DragHandleProps; + children: React.ReactNode; + onAdd: () => void; + onDelete: () => void; +} + +export function AggRow(props: AggRowProps) { let iconType = 'eyeClosed'; let iconColor = 'subdued'; const lastSibling = last(props.siblings); @@ -71,12 +82,3 @@ export function AggRow(props) { ); } - -AggRow.propTypes = { - disableDelete: PropTypes.bool, - model: PropTypes.object, - onAdd: PropTypes.func, - onDelete: PropTypes.func, - siblings: PropTypes.array, - dragHandleProps: PropTypes.object, -}; diff --git a/src/plugins/vis_type_timeseries/public/application/components/aggs/agg_select.js b/src/plugins/vis_type_timeseries/public/application/components/aggs/agg_select.tsx similarity index 88% rename from src/plugins/vis_type_timeseries/public/application/components/aggs/agg_select.js rename to src/plugins/vis_type_timeseries/public/application/components/aggs/agg_select.tsx index 7ff6b6eb56692..6fa1a2adaa08e 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/aggs/agg_select.js +++ b/src/plugins/vis_type_timeseries/public/application/components/aggs/agg_select.tsx @@ -17,14 +17,17 @@ * under the License. */ -import PropTypes from 'prop-types'; import React from 'react'; -import { EuiComboBox } from '@elastic/eui'; +import { EuiComboBox, EuiComboBoxOptionOption } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { injectI18n } from '@kbn/i18n/react'; +// @ts-ignore import { isMetricEnabled } from '../../lib/check_ui_restrictions'; +import { MetricsItemsSchema } from '../../../../common/types'; +import { TimeseriesUIRestrictions } from '../../../../common/ui_restrictions'; -const metricAggs = [ +type AggSelectOption = EuiComboBoxOptionOption; + +const metricAggs: AggSelectOption[] = [ { label: i18n.translate('visTypeTimeseries.aggSelect.metricsAggs.averageLabel', { defaultMessage: 'Average', @@ -123,7 +126,7 @@ const metricAggs = [ }, ]; -const pipelineAggs = [ +const pipelineAggs: AggSelectOption[] = [ { label: i18n.translate('visTypeTimeseries.aggSelect.pipelineAggs.bucketScriptLabel', { defaultMessage: 'Bucket Script', @@ -162,7 +165,7 @@ const pipelineAggs = [ }, ]; -const siblingAggs = [ +const siblingAggs: AggSelectOption[] = [ { label: i18n.translate('visTypeTimeseries.aggSelect.siblingAggs.overallAverageLabel', { defaultMessage: 'Overall Average', @@ -207,7 +210,7 @@ const siblingAggs = [ }, ]; -const specialAggs = [ +const specialAggs: AggSelectOption[] = [ { label: i18n.translate('visTypeTimeseries.aggSelect.specialAggs.seriesAggLabel', { defaultMessage: 'Series Agg', @@ -224,14 +227,23 @@ const specialAggs = [ const allAggOptions = [...metricAggs, ...pipelineAggs, ...siblingAggs, ...specialAggs]; -function filterByPanelType(panelType) { - return (agg) => { +function filterByPanelType(panelType: string) { + return (agg: AggSelectOption) => { if (panelType === 'table') return agg.value !== 'series_agg'; return true; }; } -function AggSelectUi(props) { +interface AggSelectUiProps { + id: string; + panelType: string; + siblings: MetricsItemsSchema[]; + value: string; + uiRestrictions?: TimeseriesUIRestrictions; + onChange: (currentlySelectedOptions: AggSelectOption[]) => void; +} + +export function AggSelect(props: AggSelectUiProps) { const { siblings, panelType, value, onChange, uiRestrictions, ...rest } = props; const selectedOptions = allAggOptions.filter((option) => { @@ -242,11 +254,11 @@ function AggSelectUi(props) { if (siblings.length <= 1) enablePipelines = false; - let options; + let options: EuiComboBoxOptionOption[]; if (panelType === 'metrics') { options = metricAggs; } else { - const disableSiblingAggs = (agg) => ({ + const disableSiblingAggs = (agg: AggSelectOption) => ({ ...agg, disabled: !enablePipelines || !isMetricEnabled(agg.value, uiRestrictions), }); @@ -282,9 +294,9 @@ function AggSelectUi(props) { ]; } - const handleChange = (selectedOptions) => { - if (!selectedOptions || selectedOptions.length <= 0) return; - onChange(selectedOptions); + const handleChange = (currentlySelectedOptions: AggSelectOption[]) => { + if (!currentlySelectedOptions || currentlySelectedOptions.length <= 0) return; + onChange(currentlySelectedOptions); }; return ( @@ -303,13 +315,3 @@ function AggSelectUi(props) { ); } - -AggSelectUi.propTypes = { - onChange: PropTypes.func, - panelType: PropTypes.string, - siblings: PropTypes.array, - value: PropTypes.string, - uiRestrictions: PropTypes.object, -}; - -export const AggSelect = injectI18n(AggSelectUi); diff --git a/src/plugins/vis_type_timeseries/public/application/components/aggs/aggs.js b/src/plugins/vis_type_timeseries/public/application/components/aggs/aggs.tsx similarity index 83% rename from src/plugins/vis_type_timeseries/public/application/components/aggs/aggs.js rename to src/plugins/vis_type_timeseries/public/application/components/aggs/aggs.tsx index 772b62b14f811..af3e42a59612b 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/aggs/aggs.js +++ b/src/plugins/vis_type_timeseries/public/application/components/aggs/aggs.tsx @@ -18,18 +18,29 @@ */ import React, { PureComponent } from 'react'; -import PropTypes from 'prop-types'; import { EuiDraggable, EuiDroppable } from '@elastic/eui'; import { Agg } from './agg'; -import { newMetricAggFn } from '../lib/new_metric_agg_fn'; +// @ts-ignore import { seriesChangeHandler } from '../lib/series_change_handler'; +// @ts-ignore import { handleAdd, handleDelete } from '../lib/collection_actions'; +import { newMetricAggFn } from '../lib/new_metric_agg_fn'; +import { PanelSchema, SeriesItemsSchema } from '../../../../common/types'; +import { TimeseriesUIRestrictions } from '../../../../common/ui_restrictions'; +import { IFieldType } from '../../../../../data/common/index_patterns/fields'; const DROPPABLE_ID = 'aggs_dnd'; -export class Aggs extends PureComponent { +export interface AggsProps { + panel: PanelSchema; + model: SeriesItemsSchema; + fields: IFieldType[]; + uiRestrictions: TimeseriesUIRestrictions; +} + +export class Aggs extends PureComponent { render() { const { panel, model, fields, uiRestrictions } = this.props; const list = model.metrics; @@ -68,12 +79,3 @@ export class Aggs extends PureComponent { ); } } - -Aggs.propTypes = { - name: PropTypes.string.isRequired, - fields: PropTypes.object.isRequired, - model: PropTypes.object.isRequired, - onChange: PropTypes.func.isRequired, - panel: PropTypes.object.isRequired, - dragHandleProps: PropTypes.object, -}; diff --git a/src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/multi_value_row.js b/src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/multi_value_row.tsx similarity index 79% rename from src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/multi_value_row.js rename to src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/multi_value_row.tsx index fd64559cc1ec2..ef8876a19b1a6 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/multi_value_row.js +++ b/src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/multi_value_row.tsx @@ -16,8 +16,7 @@ * specific language governing permissions and limitations * under the License. */ -import PropTypes from 'prop-types'; -import React from 'react'; +import React, { ChangeEvent } from 'react'; import { get } from 'lodash'; import { FormattedMessage } from '@kbn/i18n/react'; import { @@ -31,10 +30,29 @@ import { import { AddDeleteButtons } from '../../add_delete_buttons'; -export const MultiValueRow = ({ model, onChange, onDelete, onAdd, disableAdd, disableDelete }) => { +interface MultiValueRowProps { + model: { + id: number; + value: string; + }; + disableAdd: boolean; + disableDelete: boolean; + onChange: ({ value, id }: { id: number; value: string }) => void; + onDelete: (model: { id: number; value: string }) => void; + onAdd: () => void; +} + +export const MultiValueRow = ({ + model, + onChange, + onDelete, + onAdd, + disableAdd, + disableDelete, +}: MultiValueRowProps) => { const htmlId = htmlIdGenerator(); - const onFieldNumberChange = (event) => + const onFieldNumberChange = (event: ChangeEvent) => onChange({ ...model, value: get(event, 'target.value'), @@ -54,7 +72,7 @@ export const MultiValueRow = ({ model, onChange, onDelete, onAdd, disableAdd, di @@ -78,12 +96,3 @@ MultiValueRow.defaultProps = { value: '', }, }; - -MultiValueRow.propTypes = { - model: PropTypes.object, - onChange: PropTypes.func, - onDelete: PropTypes.func, - onAdd: PropTypes.func, - defaultAddValue: PropTypes.string, - disableDelete: PropTypes.bool, -}; diff --git a/src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/percentile_rank.js b/src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/percentile_rank.tsx similarity index 75% rename from src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/percentile_rank.js rename to src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/percentile_rank.tsx index c8af4089ed783..a16f5aeefc49c 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/percentile_rank.js +++ b/src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/percentile_rank.tsx @@ -17,16 +17,7 @@ * under the License. */ -import PropTypes from 'prop-types'; import React from 'react'; -import { assign } from 'lodash'; -import { AggSelect } from '../agg_select'; -import { FieldSelect } from '../field_select'; -import { AggRow } from '../agg_row'; -import { createChangeHandler } from '../../lib/create_change_handler'; -import { createSelectHandler } from '../../lib/create_select_handler'; -import { PercentileRankValues } from './percentile_rank_values'; - import { htmlIdGenerator, EuiFlexGroup, @@ -36,11 +27,36 @@ import { EuiSpacer, } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; -import { KBN_FIELD_TYPES } from '../../../../../../../plugins/data/public'; +import { AggSelect } from '../agg_select'; +// @ts-ignore +import { FieldSelect } from '../field_select'; +// @ts-ignore +import { createChangeHandler } from '../../lib/create_change_handler'; +// @ts-ignore +import { createSelectHandler } from '../../lib/create_select_handler'; +import { AggRow } from '../agg_row'; +import { PercentileRankValues } from './percentile_rank_values'; + +import { IFieldType, KBN_FIELD_TYPES } from '../../../../../../../plugins/data/public'; +import { MetricsItemsSchema, PanelSchema, SeriesItemsSchema } from '../../../../../common/types'; +import { DragHandleProps } from '../../../../types'; const RESTRICT_FIELDS = [KBN_FIELD_TYPES.NUMBER]; -export const PercentileRankAgg = (props) => { +interface PercentileRankAggProps { + disableDelete: boolean; + fields: IFieldType[]; + model: MetricsItemsSchema; + panel: PanelSchema; + series: SeriesItemsSchema; + siblings: MetricsItemsSchema[]; + dragHandleProps: DragHandleProps; + onAdd(): void; + onChange(): void; + onDelete(): void; +} + +export const PercentileRankAgg = (props: PercentileRankAggProps) => { const { series, panel, fields } = props; const defaults = { values: [''] }; const model = { ...defaults, ...props.model }; @@ -52,12 +68,11 @@ export const PercentileRankAgg = (props) => { const handleChange = createChangeHandler(props.onChange, model); const handleSelectChange = createSelectHandler(handleChange); - const handlePercentileRankValuesChange = (values) => { - handleChange( - assign({}, model, { - values, - }) - ); + const handlePercentileRankValuesChange = (values: MetricsItemsSchema['values']) => { + handleChange({ + ...model, + values, + }); }; return ( @@ -108,25 +123,15 @@ export const PercentileRankAgg = (props) => { - + {model.values && ( + + )} ); }; - -PercentileRankAgg.propTypes = { - disableDelete: PropTypes.bool, - fields: PropTypes.object, - model: PropTypes.object, - onAdd: PropTypes.func, - onChange: PropTypes.func, - onDelete: PropTypes.func, - panel: PropTypes.object, - series: PropTypes.object, - siblings: PropTypes.array, -}; diff --git a/src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/percentile_rank_values.js b/src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/percentile_rank_values.tsx similarity index 67% rename from src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/percentile_rank_values.js rename to src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/percentile_rank_values.tsx index 6d52eb9e3515c..b66d79d67f427 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/percentile_rank_values.js +++ b/src/plugins/vis_type_timeseries/public/application/components/aggs/percentile_rank/percentile_rank_values.tsx @@ -16,34 +16,49 @@ * specific language governing permissions and limitations * under the License. */ -import PropTypes from 'prop-types'; import React from 'react'; import { last } from 'lodash'; import { EuiFlexGroup } from '@elastic/eui'; import { MultiValueRow } from './multi_value_row'; -export const PercentileRankValues = (props) => { +interface PercentileRankValuesProps { + model: Array; + disableDelete: boolean; + disableAdd: boolean; + showOnlyLastRow: boolean; + onChange: (values: any[]) => void; +} + +export const PercentileRankValues = (props: PercentileRankValuesProps) => { const model = props.model || []; const { onChange, disableAdd, disableDelete, showOnlyLastRow } = props; - const onChangeValue = ({ value, id }) => { + const onChangeValue = ({ value, id }: { value: string; id: number }) => { model[id] = value; onChange(model); }; - const onDeleteValue = ({ id }) => + const onDeleteValue = ({ id }: { id: number }) => onChange(model.filter((item, currentIndex) => id !== currentIndex)); const onAddValue = () => onChange([...model, '']); - const renderRow = ({ rowModel, disableDelete, disableAdd }) => ( + const renderRow = ({ + rowModel, + disableDeleteRow, + disableAddRow, + }: { + rowModel: { id: number; value: string }; + disableDeleteRow: boolean; + disableAddRow: boolean; + }) => ( ); @@ -54,10 +69,10 @@ export const PercentileRankValues = (props) => { renderRow({ rowModel: { id: model.length - 1, - value: last(model), + value: last(model) || '', }, - disableAdd: true, - disableDelete: true, + disableAddRow: true, + disableDeleteRow: true, })} {!showOnlyLastRow && @@ -65,20 +80,12 @@ export const PercentileRankValues = (props) => { renderRow({ rowModel: { id, - value, + value: value || '', }, - disableAdd, - disableDelete: disableDelete || array.length < 2, + disableAddRow: disableAdd, + disableDeleteRow: disableDelete || array.length < 2, }) )} ); }; - -PercentileRankValues.propTypes = { - model: PropTypes.array, - onChange: PropTypes.func, - disableDelete: PropTypes.bool, - disableAdd: PropTypes.bool, - showOnlyLastRow: PropTypes.bool, -}; diff --git a/src/plugins/vis_type_timeseries/public/application/components/aggs/temporary_unsupported_agg.js b/src/plugins/vis_type_timeseries/public/application/components/aggs/temporary_unsupported_agg.tsx similarity index 79% rename from src/plugins/vis_type_timeseries/public/application/components/aggs/temporary_unsupported_agg.js rename to src/plugins/vis_type_timeseries/public/application/components/aggs/temporary_unsupported_agg.tsx index bae0491d978a2..d10c7ea7a7e36 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/aggs/temporary_unsupported_agg.js +++ b/src/plugins/vis_type_timeseries/public/application/components/aggs/temporary_unsupported_agg.tsx @@ -17,12 +17,23 @@ * under the License. */ -import { AggRow } from './agg_row'; import React from 'react'; import { EuiCode, EuiTitle } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; +import { AggRow } from './agg_row'; +import { MetricsItemsSchema } from '../../../../common/types'; +import { DragHandleProps } from '../../../types'; + +interface TemporaryUnsupportedAggProps { + disableDelete: boolean; + model: MetricsItemsSchema; + siblings: MetricsItemsSchema[]; + dragHandleProps: DragHandleProps; + onAdd: () => void; + onDelete: () => void; +} -export function TemporaryUnsupportedAgg(props) { +export function TemporaryUnsupportedAgg(props: TemporaryUnsupportedAggProps) { return ( void; + onDelete: () => void; +} -export function UnsupportedAgg(props) { +export function UnsupportedAgg(props: UnsupportedAggProps) { return ( { const defaultProps: ColorPickerProps = { @@ -42,6 +44,22 @@ describe('ColorPicker', () => { expect(component.find('.tvbColorPicker__clear').length).toBe(0); }); + it('should render the correct value to the input text if the prop value is hex', () => { + const props = { ...defaultProps, value: '#68BC00' }; + component = mount(); + component.find('.tvbColorPicker button').simulate('click'); + const input = findTestSubject(component, 'topColorPickerInput'); + expect(input.props().value).toBe('#68BC00'); + }); + + it('should render the correct value to the input text if the prop value is rgba', () => { + const props = { ...defaultProps, value: 'rgba(85,66,177,1)' }; + component = mount(); + component.find('.tvbColorPicker button').simulate('click'); + const input = findTestSubject(component, 'topColorPickerInput'); + expect(input.props().value).toBe('85,66,177,1'); + }); + it('should render the correct aria label to the color swatch button', () => { const props = { ...defaultProps, value: 'rgba(85,66,177,0.59)' }; component = mount(); diff --git a/src/plugins/vis_type_timeseries/public/application/components/color_picker.tsx b/src/plugins/vis_type_timeseries/public/application/components/color_picker.tsx index be580c80d5941..444e5c90c7a6d 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/color_picker.tsx +++ b/src/plugins/vis_type_timeseries/public/application/components/color_picker.tsx @@ -43,8 +43,10 @@ export interface ColorPickerProps { } export function ColorPicker({ name, value, disableTrash = false, onChange }: ColorPickerProps) { - const initialColorValue = value ? value.replace(COMMAS_NUMS_ONLY_RE, '') : ''; - const [color, setColor] = useState(initialColorValue); + const initialColorValue = value?.includes('rgba') + ? value.replace(COMMAS_NUMS_ONLY_RE, '') + : value; + const [color, setColor] = useState(initialColorValue || ''); const handleColorChange: EuiColorPickerProps['onChange'] = (text: string, { rgba, hex }) => { setColor(text); diff --git a/src/plugins/vis_type_timeseries/public/application/components/lib/new_metric_agg_fn.js b/src/plugins/vis_type_timeseries/public/application/components/lib/new_metric_agg_fn.ts similarity index 87% rename from src/plugins/vis_type_timeseries/public/application/components/lib/new_metric_agg_fn.js rename to src/plugins/vis_type_timeseries/public/application/components/lib/new_metric_agg_fn.ts index a518d37f35b74..9436eac5b6ed2 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/lib/new_metric_agg_fn.js +++ b/src/plugins/vis_type_timeseries/public/application/components/lib/new_metric_agg_fn.ts @@ -18,8 +18,9 @@ */ import uuid from 'uuid'; +import { MetricsItemsSchema } from '../../../../common/types'; -export const newMetricAggFn = () => { +export const newMetricAggFn = (): MetricsItemsSchema => { return { id: uuid.v1(), type: 'count', diff --git a/src/plugins/vis_type_timeseries/public/application/components/series_drag_handler.js b/src/plugins/vis_type_timeseries/public/application/components/series_drag_handler.tsx similarity index 85% rename from src/plugins/vis_type_timeseries/public/application/components/series_drag_handler.js rename to src/plugins/vis_type_timeseries/public/application/components/series_drag_handler.tsx index f978348a5e45c..73293a0d330fd 100644 --- a/src/plugins/vis_type_timeseries/public/application/components/series_drag_handler.js +++ b/src/plugins/vis_type_timeseries/public/application/components/series_drag_handler.tsx @@ -18,11 +18,20 @@ */ import React, { PureComponent } from 'react'; -import PropTypes from 'prop-types'; import { EuiFlexItem, EuiToolTip, EuiIcon } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; +import { DragHandleProps } from '../../types'; + +interface SeriesDragHandlerProps { + hideDragHandler: boolean; + dragHandleProps: DragHandleProps; +} + +export class SeriesDragHandler extends PureComponent { + static defaultProps = { + hideDragHandler: true, + }; -export class SeriesDragHandler extends PureComponent { render() { const { dragHandleProps, hideDragHandler } = this.props; @@ -49,12 +58,3 @@ export class SeriesDragHandler extends PureComponent { ); } } - -SeriesDragHandler.defaultProps = { - hideDragHandler: true, -}; - -SeriesDragHandler.propTypes = { - hideDragHandler: PropTypes.bool, - dragHandleProps: PropTypes.object.isRequired, -}; diff --git a/src/plugins/data/common/index_patterns/index_patterns/types.ts b/src/plugins/vis_type_timeseries/public/types.ts similarity index 65% rename from src/plugins/data/common/index_patterns/index_patterns/types.ts rename to src/plugins/vis_type_timeseries/public/types.ts index b2060dd1d48ba..338118dcdc5aa 100644 --- a/src/plugins/data/common/index_patterns/index_patterns/types.ts +++ b/src/plugins/vis_type_timeseries/public/types.ts @@ -17,19 +17,13 @@ * under the License. */ -export type AggregationRestrictions = Record< - string, - { - agg?: string; - interval?: number; - fixed_interval?: string; - calendar_interval?: string; - delay?: string; - time_zone?: string; - } ->; +import React from 'react'; +import { EuiDraggable } from '@elastic/eui'; -export interface TypeMeta { - aggs?: Record; - [key: string]: any; -} +type PropsOf = T extends React.ComponentType ? ComponentProps : never; +type FirstArgumentOf = Func extends (arg1: infer FirstArgument, ...rest: any[]) => any + ? FirstArgument + : never; +export type DragHandleProps = FirstArgumentOf< + Exclude['children'], React.ReactElement> +>['dragHandleProps']; diff --git a/src/plugins/vis_type_timeseries/server/routes/vis.ts b/src/plugins/vis_type_timeseries/server/routes/vis.ts index 744020b583882..48efd4398e4d4 100644 --- a/src/plugins/vis_type_timeseries/server/routes/vis.ts +++ b/src/plugins/vis_type_timeseries/server/routes/vis.ts @@ -20,7 +20,7 @@ import { IRouter, KibanaRequest } from 'kibana/server'; import { schema } from '@kbn/config-schema'; import { getVisData, GetVisDataOptions } from '../lib/get_vis_data'; -import { visPayloadSchema } from './post_vis_schema'; +import { visPayloadSchema } from '../../common/vis_schema'; import { Framework, ValidationTelemetryServiceSetup } from '../index'; const escapeHatch = schema.object({}, { unknowns: 'allow' }); diff --git a/test/api_integration/apis/core/index.js b/test/api_integration/apis/core/index.js index c522acaea25a3..ab9bb8d33c2dc 100644 --- a/test/api_integration/apis/core/index.js +++ b/test/api_integration/apis/core/index.js @@ -22,19 +22,6 @@ export default function ({ getService }) { const supertest = getService('supertest'); describe('core', () => { - describe('request context', () => { - it('provides access to elasticsearch', async () => - await supertest.get('/requestcontext/elasticsearch').expect(200, 'Elasticsearch: true')); - - it('provides access to SavedObjects client', async () => - await supertest - .get('/requestcontext/savedobjectsclient') - .expect( - 200, - 'SavedObjects client: {"page":1,"per_page":20,"total":0,"saved_objects":[]}' - )); - }); - describe('compression', () => { it(`uses compression when there isn't a referer`, async () => { await supertest diff --git a/test/functional/apps/dashboard/dashboard_state.js b/test/functional/apps/dashboard/dashboard_state.js index 5bba2447cde28..3656c824394f4 100644 --- a/test/functional/apps/dashboard/dashboard_state.js +++ b/test/functional/apps/dashboard/dashboard_state.js @@ -251,8 +251,7 @@ export default function ({ getService, getPageObjects }) { }); }); - // Unskip once https://github.com/elastic/kibana/issues/15736 is fixed. - it.skip('and updates the pie slice legend color', async function () { + it('and updates the pie slice legend color', async function () { await retry.try(async () => { const colorExists = await PageObjects.visChart.doesSelectedLegendColorExist('#FFFFFF'); expect(colorExists).to.be(true); @@ -272,8 +271,7 @@ export default function ({ getService, getPageObjects }) { }); }); - // Unskip once https://github.com/elastic/kibana/issues/15736 is fixed. - it.skip('resets the legend color as well', async function () { + it('resets the legend color as well', async function () { await retry.try(async () => { const colorExists = await PageObjects.visChart.doesSelectedLegendColorExist('#57c17b'); expect(colorExists).to.be(true); diff --git a/test/functional/apps/dashboard/empty_dashboard.js b/test/functional/apps/dashboard/empty_dashboard.js index e7ebbcf09e828..7f13aca438842 100644 --- a/test/functional/apps/dashboard/empty_dashboard.js +++ b/test/functional/apps/dashboard/empty_dashboard.js @@ -49,10 +49,11 @@ export default function ({ getService, getPageObjects }) { expect(emptyWidgetExists).to.be(true); }); - it.skip('should open add panel when add button is clicked', async () => { + it('should open add panel when add button is clicked', async () => { await testSubjects.click('dashboardAddPanelButton'); const isAddPanelOpen = await dashboardAddPanel.isAddPanelOpen(); expect(isAddPanelOpen).to.be(true); + await testSubjects.click('euiFlyoutCloseButton'); }); it('should add new visualization from dashboard', async () => { diff --git a/test/functional/apps/discover/_discover.js b/test/functional/apps/discover/_discover.js index ecaa5aa2da97f..de9606f3d02ed 100644 --- a/test/functional/apps/discover/_discover.js +++ b/test/functional/apps/discover/_discover.js @@ -257,5 +257,16 @@ export default function ({ getService, getPageObjects }) { expect(refreshedTimeString).not.to.be(initialTimeString); }); }); + + describe('invalid time range in URL', function () { + it('should display a "Invalid time range toast"', async function () { + await PageObjects.common.navigateToUrl('discover', '#/?_g=(time:(from:now-15m,to:null))', { + useActualUrl: true, + }); + await PageObjects.header.awaitKibanaChrome(); + const toastMessage = await PageObjects.common.closeToast(); + expect(toastMessage).to.be('Invalid time range'); + }); + }); }); } diff --git a/test/functional/apps/discover/_errors.js b/test/functional/apps/discover/_errors.js index 5113fc8568d52..f3936d06bb6df 100644 --- a/test/functional/apps/discover/_errors.js +++ b/test/functional/apps/discover/_errors.js @@ -35,7 +35,7 @@ export default function ({ getService, getPageObjects }) { await esArchiver.unload('invalid_scripted_field'); }); - // https://github.com/elastic/kibana/issues/61366 + // ES issue https://github.com/elastic/elasticsearch/issues/54235 describe.skip('invalid scripted field error', () => { it('is rendered', async () => { const isFetchErrorVisible = await testSubjects.exists('discoverFetchError'); diff --git a/test/functional/apps/visualize/_data_table_nontimeindex.js b/test/functional/apps/visualize/_data_table_nontimeindex.js index 4ae66d14ec30d..d64629a65c2c3 100644 --- a/test/functional/apps/visualize/_data_table_nontimeindex.js +++ b/test/functional/apps/visualize/_data_table_nontimeindex.js @@ -27,7 +27,7 @@ export default function ({ getService, getPageObjects }) { const renderable = getService('renderable'); const PageObjects = getPageObjects(['visualize', 'visEditor', 'header', 'visChart']); - describe.skip('data table with index without time filter', function indexPatternCreation() { + describe('data table with index without time filter', function indexPatternCreation() { const vizName1 = 'Visualization DataTable without time filter'; before(async function () { @@ -112,65 +112,49 @@ export default function ({ getService, getPageObjects }) { expect(data.trim().split('\n')).to.be.eql(['14,004 1,412.6']); }); - it('should show correct data for a data table with date histogram', async () => { - await PageObjects.visualize.navigateToNewVisualization(); - await PageObjects.visualize.clickDataTable(); - await PageObjects.visualize.clickNewSearch( - PageObjects.visualize.index.LOGSTASH_NON_TIME_BASED - ); - await PageObjects.visEditor.clickBucket('Split rows'); - await PageObjects.visEditor.selectAggregation('Date Histogram'); - await PageObjects.visEditor.selectField('@timestamp'); - await PageObjects.visEditor.setInterval('Daily'); - await PageObjects.visEditor.clickGo(); - const data = await PageObjects.visChart.getTableVisData(); - log.debug(data.split('\n')); - expect(data.trim().split('\n')).to.be.eql([ - '2015-09-20', - '4,757', - '2015-09-21', - '4,614', - '2015-09-22', - '4,633', - ]); - }); + // bug https://github.com/elastic/kibana/issues/68977 + describe.skip('data table with date histogram', async () => { + before(async () => { + await PageObjects.visualize.navigateToNewVisualization(); + await PageObjects.visualize.clickDataTable(); + await PageObjects.visualize.clickNewSearch( + PageObjects.visualize.index.LOGSTASH_NON_TIME_BASED + ); + await PageObjects.visEditor.clickBucket('Split rows'); + await PageObjects.visEditor.selectAggregation('Date Histogram'); + await PageObjects.visEditor.selectField('@timestamp'); + await PageObjects.visEditor.setInterval('Daily'); + await PageObjects.visEditor.clickGo(); + }); - it('should show correct data for a data table with date histogram', async () => { - await PageObjects.visualize.navigateToNewVisualization(); - await PageObjects.visualize.clickDataTable(); - await PageObjects.visualize.clickNewSearch( - PageObjects.visualize.index.LOGSTASH_NON_TIME_BASED - ); - await PageObjects.visEditor.clickBucket('Split rows'); - await PageObjects.visEditor.selectAggregation('Date Histogram'); - await PageObjects.visEditor.selectField('@timestamp'); - await PageObjects.visEditor.setInterval('Daily'); - await PageObjects.visEditor.clickGo(); - const data = await PageObjects.visChart.getTableVisData(); - expect(data.trim().split('\n')).to.be.eql([ - '2015-09-20', - '4,757', - '2015-09-21', - '4,614', - '2015-09-22', - '4,633', - ]); - }); + it('should show correct data', async () => { + const data = await PageObjects.visChart.getTableVisData(); + log.debug(data.split('\n')); + expect(data.trim().split('\n')).to.be.eql([ + '2015-09-20', + '4,757', + '2015-09-21', + '4,614', + '2015-09-22', + '4,633', + ]); + }); - it('should correctly filter for applied time filter on the main timefield', async () => { - await filterBar.addFilter('@timestamp', 'is between', '2015-09-19', '2015-09-21'); - await PageObjects.header.waitUntilLoadingHasFinished(); - await renderable.waitForRender(); - const data = await PageObjects.visChart.getTableVisData(); - expect(data.trim().split('\n')).to.be.eql(['2015-09-20', '4,757']); - }); + it('should correctly filter for applied time filter on the main timefield', async () => { + await filterBar.addFilter('@timestamp', 'is between', '2015-09-19', '2015-09-21'); + await PageObjects.header.waitUntilLoadingHasFinished(); + await renderable.waitForRender(); + const data = await PageObjects.visChart.getTableVisData(); + expect(data.trim().split('\n')).to.be.eql(['2015-09-20', '4,757']); + }); - it('should correctly filter for pinned filters', async () => { - await filterBar.toggleFilterPinned('@timestamp'); - await PageObjects.header.waitUntilLoadingHasFinished(); - await renderable.waitForRender(); - const data = await PageObjects.visChart.getTableVisData(); - expect(data.trim().split('\n')).to.be.eql(['2015-09-20', '4,757']); + it('should correctly filter for pinned filters', async () => { + await filterBar.toggleFilterPinned('@timestamp'); + await PageObjects.header.waitUntilLoadingHasFinished(); + await renderable.waitForRender(); + const data = await PageObjects.visChart.getTableVisData(); + expect(data.trim().split('\n')).to.be.eql(['2015-09-20', '4,757']); + }); }); }); } diff --git a/test/functional/apps/visualize/_tsvb_chart.ts b/test/functional/apps/visualize/_tsvb_chart.ts index f1c5c916a89bf..7e22f543bc7db 100644 --- a/test/functional/apps/visualize/_tsvb_chart.ts +++ b/test/functional/apps/visualize/_tsvb_chart.ts @@ -28,8 +28,7 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { const security = getService('security'); const PageObjects = getPageObjects(['visualize', 'visualBuilder', 'timePicker', 'visChart']); - // FLAKY: https://github.com/elastic/kibana/issues/43150 - describe.skip('visual builder', function describeIndexTests() { + describe('visual builder', function describeIndexTests() { this.tags('includeFirefox'); beforeEach(async () => { await security.testUser.setRoles(['kibana_admin', 'test_logstash_reader']); @@ -74,7 +73,6 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { }); }); - // FLAKY: https://github.com/elastic/kibana/issues/46677 describe('gauge', () => { beforeEach(async () => { await PageObjects.visualBuilder.resetPage(); @@ -107,7 +105,8 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { }); }); - describe('switch index patterns', () => { + // FLAKY: https://github.com/elastic/kibana/issues/43150 + describe.skip('switch index patterns', () => { beforeEach(async () => { log.debug('Load kibana_sample_data_flights data'); await esArchiver.loadIfNeeded('kibana_sample_data_flights'); diff --git a/test/functional/page_objects/common_page.ts b/test/functional/page_objects/common_page.ts index 236b2fb9f2f1e..8c5a99204bab6 100644 --- a/test/functional/page_objects/common_page.ts +++ b/test/functional/page_objects/common_page.ts @@ -399,7 +399,7 @@ export function CommonPageProvider({ getService, getPageObjects }: FtrProviderCo const toast = await find.byCssSelector('.euiToast', 2 * defaultFindTimeout); await toast.moveMouseTo(); const title = await (await find.byCssSelector('.euiToastHeader__title')).getVisibleText(); - log.debug(`Toast title: ${title}`); + await find.clickByCssSelector('.euiToast__closeButton'); return title; } diff --git a/x-pack/mocks.ts b/x-pack/mocks.ts index 28c589bee4baa..777c8d0a08131 100644 --- a/x-pack/mocks.ts +++ b/x-pack/mocks.ts @@ -9,7 +9,7 @@ import { licensingMock } from './plugins/licensing/server/mocks'; function createCoreRequestHandlerContextMock() { return { core: coreMock.createRequestHandlerContext(), - licensing: { license: licensingMock.createLicense() }, + licensing: licensingMock.createRequestHandlerContext(), }; } diff --git a/x-pack/package.json b/x-pack/package.json index ad8c12d41000c..ac5b77c4f78db 100644 --- a/x-pack/package.json +++ b/x-pack/package.json @@ -198,7 +198,7 @@ "@elastic/eui": "24.1.0", "@elastic/filesaver": "1.1.2", "@elastic/maki": "6.3.0", - "@elastic/node-crypto": "1.1.1", + "@elastic/node-crypto": "1.2.1", "@elastic/numeral": "^2.5.0", "@kbn/babel-preset": "1.0.0", "@kbn/config-schema": "1.0.0", diff --git a/x-pack/plugins/apm/public/components/app/TraceOverview/index.tsx b/x-pack/plugins/apm/public/components/app/TraceOverview/index.tsx index cb6003c58e90d..cdebb3aac129b 100644 --- a/x-pack/plugins/apm/public/components/app/TraceOverview/index.tsx +++ b/x-pack/plugins/apm/public/components/app/TraceOverview/index.tsx @@ -12,11 +12,19 @@ import { useUrlParams } from '../../../hooks/useUrlParams'; import { useTrackPageview } from '../../../../../observability/public'; import { LocalUIFilters } from '../../shared/LocalUIFilters'; import { PROJECTION } from '../../../../common/projections/typings'; +import { APIReturnType } from '../../../services/rest/createCallApmApi'; + +type TracesAPIResponse = APIReturnType<'/api/apm/traces'>; +const DEFAULT_RESPONSE: TracesAPIResponse = { + items: [], + isAggregationAccurate: true, + bucketSize: 0, +}; export function TraceOverview() { const { urlParams, uiFilters } = useUrlParams(); const { start, end } = urlParams; - const { status, data = [] } = useFetcher( + const { status, data = DEFAULT_RESPONSE } = useFetcher( (callApmApi) => { if (start && end) { return callApmApi({ @@ -56,7 +64,7 @@ export function TraceOverview() { diff --git a/x-pack/plugins/apm/public/components/app/TransactionOverview/index.tsx b/x-pack/plugins/apm/public/components/app/TransactionOverview/index.tsx index fc5347d081316..a1e01b61d5c1b 100644 --- a/x-pack/plugins/apm/public/components/app/TransactionOverview/index.tsx +++ b/x-pack/plugins/apm/public/components/app/TransactionOverview/index.tsx @@ -11,16 +11,21 @@ import { EuiFlexGroup, EuiFlexItem, EuiHorizontalRule, + EuiCallOut, + EuiCode, } from '@elastic/eui'; import { Location } from 'history'; +import { FormattedMessage } from '@kbn/i18n/react'; import { first } from 'lodash'; import React, { useMemo } from 'react'; +import { i18n } from '@kbn/i18n'; import { useTransactionList } from '../../../hooks/useTransactionList'; import { useTransactionCharts } from '../../../hooks/useTransactionCharts'; import { IUrlParams } from '../../../context/UrlParamsContext/types'; import { TransactionCharts } from '../../shared/charts/TransactionCharts'; import { TransactionBreakdown } from '../../shared/TransactionBreakdown'; import { TransactionList } from './List'; +import { ElasticDocsLink } from '../../shared/Links/ElasticDocsLink'; import { useRedirect } from './useRedirect'; import { history } from '../../../utils/history'; import { useLocation } from '../../../hooks/useLocation'; @@ -140,9 +145,48 @@ export function TransactionOverview() {

Transactions

+ {!transactionListData.isAggregationAccurate && ( + +

+ + xpack.apm.ui.transactionGroupBucketSize + + ), + }} + /> + + + {i18n.translate( + 'xpack.apm.transactionCardinalityWarning.docsLink', + { defaultMessage: 'Learn more in the docs' } + )} + +

+ + )} + diff --git a/x-pack/plugins/apm/public/hooks/useTransactionList.ts b/x-pack/plugins/apm/public/hooks/useTransactionList.ts index 202437ae72257..ed6bb9309a557 100644 --- a/x-pack/plugins/apm/public/hooks/useTransactionList.ts +++ b/x-pack/plugins/apm/public/hooks/useTransactionList.ts @@ -8,8 +8,7 @@ import { useMemo } from 'react'; import { IUrlParams } from '../context/UrlParamsContext/types'; import { useUiFilters } from '../context/UrlParamsContext'; import { useFetcher } from './useFetcher'; -// eslint-disable-next-line @kbn/eslint/no-restricted-paths -import { TransactionGroupListAPIResponse } from '../../server/lib/transaction_groups'; +import { APIReturnType } from '../services/rest/createCallApmApi'; const getRelativeImpact = ( impact: number, @@ -21,7 +20,11 @@ const getRelativeImpact = ( 1 ); -function getWithRelativeImpact(items: TransactionGroupListAPIResponse) { +type TransactionsAPIResponse = APIReturnType< + '/api/apm/services/{serviceName}/transaction_groups' +>; + +function getWithRelativeImpact(items: TransactionsAPIResponse['items']) { const impacts = items .map(({ impact }) => impact) .filter((impact) => impact !== null) as number[]; @@ -40,10 +43,16 @@ function getWithRelativeImpact(items: TransactionGroupListAPIResponse) { }); } +const DEFAULT_RESPONSE: TransactionsAPIResponse = { + items: [], + isAggregationAccurate: true, + bucketSize: 0, +}; + export function useTransactionList(urlParams: IUrlParams) { const { serviceName, transactionType, start, end } = urlParams; const uiFilters = useUiFilters(urlParams); - const { data = [], error, status } = useFetcher( + const { data = DEFAULT_RESPONSE, error, status } = useFetcher( (callApmApi) => { if (serviceName && start && end && transactionType) { return callApmApi({ @@ -63,7 +72,14 @@ export function useTransactionList(urlParams: IUrlParams) { [serviceName, start, end, transactionType, uiFilters] ); - const memoizedData = useMemo(() => getWithRelativeImpact(data), [data]); + const memoizedData = useMemo( + () => ({ + items: getWithRelativeImpact(data.items), + isAggregationAccurate: data.isAggregationAccurate, + bucketSize: data.bucketSize, + }), + [data] + ); return { data: memoizedData, status, diff --git a/x-pack/plugins/apm/public/services/rest/createCallApmApi.ts b/x-pack/plugins/apm/public/services/rest/createCallApmApi.ts index 44768c94f3b1d..8babc72ef129c 100644 --- a/x-pack/plugins/apm/public/services/rest/createCallApmApi.ts +++ b/x-pack/plugins/apm/public/services/rest/createCallApmApi.ts @@ -8,7 +8,7 @@ import { callApi, FetchOptions } from './callApi'; // eslint-disable-next-line @kbn/eslint/no-restricted-paths import { APMAPI } from '../../../server/routes/create_apm_api'; // eslint-disable-next-line @kbn/eslint/no-restricted-paths -import { Client } from '../../../server/routes/typings'; +import { Client, HttpMethod } from '../../../server/routes/typings'; export type APMClient = Client; export type APMClientOptions = Omit & { @@ -43,3 +43,11 @@ export function createCallApmApi(http: HttpSetup) { }); }) as APMClient; } + +// infer return type from API +export type APIReturnType< + TPath extends keyof APMAPI['_S'], + TMethod extends HttpMethod = 'GET' +> = APMAPI['_S'][TPath] extends { [key in TMethod]: { ret: any } } + ? APMAPI['_S'][TPath][TMethod]['ret'] + : unknown; diff --git a/x-pack/plugins/apm/scripts/aggregate-latency-metrics.js b/x-pack/plugins/apm/scripts/aggregate-latency-metrics.js new file mode 100644 index 0000000000000..287f267343b11 --- /dev/null +++ b/x-pack/plugins/apm/scripts/aggregate-latency-metrics.js @@ -0,0 +1,31 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +// eslint-disable-next-line import/no-extraneous-dependencies +require('@babel/register')({ + extensions: ['.ts'], + plugins: [ + '@babel/plugin-proposal-optional-chaining', + '@babel/plugin-proposal-nullish-coalescing-operator', + ], + presets: [ + '@babel/typescript', + ['@babel/preset-env', { targets: { node: 'current' } }], + ], +}); + +const { + aggregateLatencyMetrics, +} = require('./aggregate-latency-metrics/index.ts'); + +aggregateLatencyMetrics().catch((err) => { + if (err.meta && err.meta.body) { + // error from elasticsearch client + console.error(err.meta.body); + } else { + console.error(err); + } + process.exit(1); +}); diff --git a/x-pack/plugins/apm/scripts/aggregate-latency-metrics/index.ts b/x-pack/plugins/apm/scripts/aggregate-latency-metrics/index.ts new file mode 100644 index 0000000000000..6bc370be903df --- /dev/null +++ b/x-pack/plugins/apm/scripts/aggregate-latency-metrics/index.ts @@ -0,0 +1,444 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Client } from '@elastic/elasticsearch'; +import { argv } from 'yargs'; +import pLimit from 'p-limit'; +import pRetry from 'p-retry'; +import { parse, format } from 'url'; +import { unique, without, set, merge, flatten } from 'lodash'; +import * as histogram from 'hdr-histogram-js'; +import { ESSearchResponse } from '../../typings/elasticsearch'; +import { + HOST_NAME, + SERVICE_NAME, + TRANSACTION_NAME, + TRANSACTION_TYPE, + AGENT_NAME, + SERVICE_ENVIRONMENT, + POD_NAME, + CONTAINER_ID, + SERVICE_VERSION, + TRANSACTION_RESULT, + PROCESSOR_EVENT, +} from '../../common/elasticsearch_fieldnames'; +import { stampLogger } from '../shared/stamp-logger'; +import { createOrUpdateIndex } from '../shared/create-or-update-index'; + +// This script will try to estimate how many latency metric documents +// will be created based on the available transaction documents. +// It can also generate metric documents based on a painless script +// and hdr histograms. +// +// Options: +// - interval: the interval (in minutes) for which latency metrics will be aggregated. +// Defaults to 1. +// - concurrency: number of maximum concurrent requests to ES. Defaults to 3. +// - from: start of the date range that should be processed. Should be a valid ISO timestamp. +// - to: end of the date range that should be processed. Should be a valid ISO timestamp. +// - source: from which transaction documents should be read. Should be location of ES (basic auth +// is supported) plus the index name (or an index pattern). Example: +// https://foo:bar@apm.elstc.co:9999/apm-8.0.0-transaction +// - dest: to which metric documents should be written. If this is not set, no metric documents +// will be created.Should be location of ES (basic auth is supported) plus the index name. +// Example: https://foo:bar@apm.elstc.co:9999/apm-8.0.0-metric +// - include: comma-separated list of fields that should be aggregated on, in addition to the +// default ones. +// - exclude: comma-separated list of fields that should be not be aggregated on. + +stampLogger(); + +export async function aggregateLatencyMetrics() { + const interval = parseInt(String(argv.interval), 10) || 1; + const concurrency = parseInt(String(argv.concurrency), 10) || 3; + const numSigFigures = (parseInt(String(argv.sigfig), 10) || 2) as + | 1 + | 2 + | 3 + | 4 + | 5; + + const from = new Date(String(argv.from)).getTime(); + const to = new Date(String(argv.to)).getTime(); + + if (isNaN(from) || isNaN(to)) { + throw new Error( + `from and to are not valid dates - please supply valid ISO timestamps` + ); + } + + if (to <= from) { + throw new Error('to cannot be earlier than from'); + } + + const limit = pLimit(concurrency); + // retry function to handle ES timeouts + const retry = (fn: (...args: any[]) => any) => { + return () => + pRetry(fn, { + factor: 1, + retries: 3, + minTimeout: 2500, + }); + }; + + const tasks: Array> = []; + + const defaultFields = [ + SERVICE_NAME, + SERVICE_VERSION, + SERVICE_ENVIRONMENT, + AGENT_NAME, + HOST_NAME, + POD_NAME, + CONTAINER_ID, + TRANSACTION_NAME, + TRANSACTION_RESULT, + TRANSACTION_TYPE, + ]; + + const include = String(argv.include ?? '') + .split(',') + .filter(Boolean) as string[]; + + const exclude = String(argv.exclude ?? '') + .split(',') + .filter(Boolean) as string[]; + + const only = String(argv.only ?? '') + .split(',') + .filter(Boolean) as string[]; + + const fields = only.length + ? unique(only) + : without(unique([...include, ...defaultFields]), ...exclude); + + const globalFilter = argv.filter ? JSON.parse(String(argv.filter)) : {}; + + // eslint-disable-next-line no-console + console.log('Aggregating on', fields.join(',')); + + const source = String(argv.source ?? ''); + const dest = String(argv.dest ?? ''); + + function getClientOptionsFromIndexUrl( + url: string + ): { node: string; index: string } { + const parsed = parse(url); + const { pathname, ...rest } = parsed; + + return { + node: format(rest), + index: pathname!.replace('/', ''), + }; + } + + const sourceOptions = getClientOptionsFromIndexUrl(source); + + const sourceClient = new Client({ + node: sourceOptions.node, + ssl: { + rejectUnauthorized: false, + }, + requestTimeout: 120000, + }); + + let destClient: Client | undefined; + let destOptions: { node: string; index: string } | undefined; + + const uploadMetrics = !!dest; + + if (uploadMetrics) { + destOptions = getClientOptionsFromIndexUrl(dest); + destClient = new Client({ + node: destOptions.node, + ssl: { + rejectUnauthorized: false, + }, + }); + + const mappings = ( + await sourceClient.indices.getMapping({ + index: sourceOptions.index, + }) + ).body; + + const lastMapping = mappings[Object.keys(mappings)[0]]; + + const newMapping = merge({}, lastMapping, { + mappings: { + properties: { + transaction: { + properties: { + duration: { + properties: { + histogram: { + type: 'histogram', + }, + }, + }, + }, + }, + }, + }, + }); + + await createOrUpdateIndex({ + client: destClient, + indexName: destOptions.index, + clear: false, + template: newMapping, + }); + } else { + // eslint-disable-next-line no-console + console.log( + 'No destination was defined, not uploading aggregated documents' + ); + } + + let at = to; + while (at > from) { + const end = at; + const start = Math.max(from, at - interval * 60 * 1000); + + tasks.push( + limit( + retry(async () => { + const filter = [ + { + term: { + [PROCESSOR_EVENT]: 'transaction', + }, + }, + { + range: { + '@timestamp': { + gte: start, + lt: end, + }, + }, + }, + ]; + + const query: { + query: Record; + } = { + ...globalFilter, + query: { + ...(globalFilter?.query ?? {}), + bool: { + ...(globalFilter?.query?.bool ?? {}), + filter: [ + ...Object.values(globalFilter?.query?.bool?.filter ?? {}), + ...filter, + ], + }, + }, + }; + + async function paginateThroughBuckets( + buckets: Array<{ + doc_count: number; + key: any; + recorded_values?: { value: unknown }; + }>, + after?: any + ): Promise< + Array<{ + doc_count: number; + key: any; + recorded_values?: { value: unknown }; + }> + > { + const params = { + index: sourceOptions.index, + body: { + ...query, + aggs: { + transactionGroups: { + composite: { + ...(after ? { after } : {}), + size: 10000, + sources: fields.map((field) => ({ + [field]: { + terms: { + field, + missing_bucket: true, + }, + }, + })), + }, + ...(dest + ? { + // scripted metric agg to get all the values (rather than downloading all the documents) + aggs: { + recorded_values: { + scripted_metric: { + init_script: 'state.values = new ArrayList()', + map_script: ` + if (!doc['transaction.duration.us'].empty) { + state.values.add(doc['transaction.duration.us'].value); + } + `, + combine_script: 'return state.values', + reduce_script: ` + return states.stream().flatMap(l -> l.stream()).collect(Collectors.toList()) + `, + }, + }, + }, + } + : {}), + }, + }, + }, + }; + + const response = (await sourceClient.search(params)) + .body as ESSearchResponse; + + const { aggregations } = response; + + if (!aggregations) { + return buckets; + } + + const { transactionGroups } = aggregations; + + const nextBuckets = buckets.concat(transactionGroups.buckets); + + if (!transactionGroups.after_key) { + return nextBuckets; + } + + return nextBuckets.concat( + await paginateThroughBuckets(buckets, transactionGroups.after_key) + ); + } + + async function getNumberOfTransactionDocuments() { + const params = { + index: sourceOptions.index, + body: { + query: { + bool: { + filter, + }, + }, + track_total_hits: true, + }, + }; + + const response = (await sourceClient.search(params)) + .body as ESSearchResponse; + + return response.hits.total.value; + } + + const [buckets, numberOfTransactionDocuments] = await Promise.all([ + paginateThroughBuckets([]), + getNumberOfTransactionDocuments(), + ]); + + const rangeLabel = `${new Date(start).toISOString()}-${new Date( + end + ).toISOString()}`; + + // eslint-disable-next-line no-console + console.log( + `${rangeLabel}: Compression: ${ + buckets.length + }/${numberOfTransactionDocuments} (${( + (buckets.length / numberOfTransactionDocuments) * + 100 + ).toPrecision(2)}%)` + ); + + const docs: Array> = []; + + if (uploadMetrics) { + buckets.forEach((bucket) => { + const values = (bucket.recorded_values?.value ?? []) as number[]; + const h = histogram.build({ + numberOfSignificantValueDigits: numSigFigures, + }); + values.forEach((value) => { + h.recordValue(value); + }); + + const iterator = h.recordedValuesIterator; + + const distribution = { + values: [] as number[], + counts: [] as number[], + }; + + iterator.reset(); + + while (iterator.hasNext()) { + const value = iterator.next(); + distribution.values.push(value.valueIteratedTo); + distribution.counts.push(value.countAtValueIteratedTo); + } + + const structured = Object.keys(bucket.key).reduce((prev, key) => { + set(prev, key, bucket.key[key]); + return prev; + }, {}); + + const doc = merge({}, structured, { + '@timestamp': new Date(start).toISOString(), + timestamp: { + us: start * 1000, + }, + processor: { + name: 'metric', + event: 'metric', + }, + transaction: { + duration: { + histogram: distribution, + }, + }, + }); + + docs.push(doc); + }); + + if (!docs.length) { + // eslint-disable-next-line no-console + console.log(`${rangeLabel}: No docs to upload`); + return; + } + + const response = await destClient?.bulk({ + refresh: 'wait_for', + body: flatten( + docs.map((doc) => [ + { index: { _index: destOptions?.index } }, + doc, + ]) + ), + }); + + if (response?.body.errors) { + throw new Error( + `${rangeLabel}: Could not upload all metric documents` + ); + } + // eslint-disable-next-line no-console + console.log( + `${rangeLabel}: Uploaded ${docs.length} metric documents` + ); + } + }) + ) + ); + at = start; + } + + await Promise.all(tasks); +} diff --git a/x-pack/plugins/apm/scripts/package.json b/x-pack/plugins/apm/scripts/package.json index 9121449c53619..c5a9df792f856 100644 --- a/x-pack/plugins/apm/scripts/package.json +++ b/x-pack/plugins/apm/scripts/package.json @@ -4,7 +4,10 @@ "main": "index.js", "license": "MIT", "dependencies": { + "@elastic/elasticsearch": "^7.6.1", "@octokit/rest": "^16.35.0", - "console-stamp": "^0.2.9" + "@types/console-stamp": "^0.2.32", + "console-stamp": "^0.2.9", + "hdr-histogram-js": "^1.2.0" } } diff --git a/x-pack/plugins/apm/scripts/shared/create-or-update-index.ts b/x-pack/plugins/apm/scripts/shared/create-or-update-index.ts new file mode 100644 index 0000000000000..3f88b73f55984 --- /dev/null +++ b/x-pack/plugins/apm/scripts/shared/create-or-update-index.ts @@ -0,0 +1,60 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Client } from '@elastic/elasticsearch'; + +export async function createOrUpdateIndex({ + client, + clear, + indexName, + template, +}: { + client: Client; + clear: boolean; + indexName: string; + template: any; +}) { + if (clear) { + try { + await client.indices.delete({ + index: indexName, + }); + } catch (err) { + // 404 = index not found, totally okay + if (err.body.status !== 404) { + throw err; + } + } + } + + const indexExists = ( + await client.indices.exists({ + index: indexName, + }) + ).body as boolean; + + if (!indexExists) { + await client.indices.create({ + index: indexName, + body: template, + }); + } else { + await Promise.all([ + template.mappings + ? client.indices.putMapping({ + index: indexName, + body: template.mappings, + }) + : Promise.resolve(undefined as any), + template.settings + ? client.indices.putSettings({ + index: indexName, + body: template.settings, + }) + : Promise.resolve(undefined as any), + ]); + } +} diff --git a/x-pack/plugins/apm/scripts/upload-telemetry-data/download-telemetry-template.ts b/x-pack/plugins/apm/scripts/shared/download-telemetry-template.ts similarity index 68% rename from x-pack/plugins/apm/scripts/upload-telemetry-data/download-telemetry-template.ts rename to x-pack/plugins/apm/scripts/shared/download-telemetry-template.ts index 31559f1ab3c78..f20c6328281f4 100644 --- a/x-pack/plugins/apm/scripts/upload-telemetry-data/download-telemetry-template.ts +++ b/x-pack/plugins/apm/scripts/shared/download-telemetry-template.ts @@ -4,15 +4,20 @@ * you may not use this file except in compliance with the Elastic License. */ -// @ts-ignore import { Octokit } from '@octokit/rest'; -export async function downloadTelemetryTemplate(octokit: Octokit) { +export async function downloadTelemetryTemplate({ + githubToken, +}: { + githubToken: string; +}) { + const octokit = new Octokit({ + auth: githubToken, + }); const file = await octokit.repos.getContents({ owner: 'elastic', repo: 'telemetry', path: 'config/templates/xpack-phone-home.json', - // @ts-ignore mediaType: { format: 'application/vnd.github.VERSION.raw', }, @@ -22,5 +27,11 @@ export async function downloadTelemetryTemplate(octokit: Octokit) { throw new Error('Expected single response, got array'); } - return JSON.parse(Buffer.from(file.data.content!, 'base64').toString()); + return JSON.parse(Buffer.from(file.data.content!, 'base64').toString()) as { + index_patterns: string[]; + mappings: { + properties: Record; + }; + settings: Record; + }; } diff --git a/x-pack/plugins/apm/scripts/shared/get-http-auth.ts b/x-pack/plugins/apm/scripts/shared/get-http-auth.ts new file mode 100644 index 0000000000000..b662deb863a35 --- /dev/null +++ b/x-pack/plugins/apm/scripts/shared/get-http-auth.ts @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { KibanaConfig } from './read-kibana-config'; + +export const getHttpAuth = (config: KibanaConfig) => { + const httpAuth = + config['elasticsearch.username'] && config['elasticsearch.password'] + ? { + username: config['elasticsearch.username'], + password: config['elasticsearch.password'], + } + : null; + + return httpAuth; +}; diff --git a/x-pack/plugins/apm/scripts/shared/read-kibana-config.ts b/x-pack/plugins/apm/scripts/shared/read-kibana-config.ts new file mode 100644 index 0000000000000..bc5f1afc63cac --- /dev/null +++ b/x-pack/plugins/apm/scripts/shared/read-kibana-config.ts @@ -0,0 +1,49 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import path from 'path'; +import fs from 'fs'; +import yaml from 'js-yaml'; +import { identity, pick } from 'lodash'; + +export type KibanaConfig = ReturnType; + +export const readKibanaConfig = () => { + const kibanaConfigDir = path.join(__filename, '../../../../../../config'); + const kibanaDevConfig = path.join(kibanaConfigDir, 'kibana.dev.yml'); + const kibanaConfig = path.join(kibanaConfigDir, 'kibana.yml'); + + const loadedKibanaConfig = (yaml.safeLoad( + fs.readFileSync( + fs.existsSync(kibanaDevConfig) ? kibanaDevConfig : kibanaConfig, + 'utf8' + ) + ) || {}) as {}; + + const cliEsCredentials = pick( + { + 'elasticsearch.username': process.env.ELASTICSEARCH_USERNAME, + 'elasticsearch.password': process.env.ELASTICSEARCH_PASSWORD, + 'elasticsearch.hosts': process.env.ELASTICSEARCH_HOST, + }, + identity + ) as { + 'elasticsearch.username'?: string; + 'elasticsearch.password'?: string; + 'elasticsearch.hosts'?: string; + }; + + return { + 'apm_oss.transactionIndices': 'apm-*', + 'apm_oss.metricsIndices': 'apm-*', + 'apm_oss.errorIndices': 'apm-*', + 'apm_oss.spanIndices': 'apm-*', + 'apm_oss.onboardingIndices': 'apm-*', + 'apm_oss.sourcemapIndices': 'apm-*', + 'elasticsearch.hosts': 'http://localhost:9200', + ...loadedKibanaConfig, + ...cliEsCredentials, + }; +}; diff --git a/x-pack/plugins/apm/scripts/shared/stamp-logger.ts b/x-pack/plugins/apm/scripts/shared/stamp-logger.ts new file mode 100644 index 0000000000000..65d24bbae7008 --- /dev/null +++ b/x-pack/plugins/apm/scripts/shared/stamp-logger.ts @@ -0,0 +1,11 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import consoleStamp from 'console-stamp'; + +export function stampLogger() { + consoleStamp(console, { pattern: '[HH:MM:ss.l]' }); +} diff --git a/x-pack/plugins/apm/scripts/tsconfig.json b/x-pack/plugins/apm/scripts/tsconfig.json new file mode 100644 index 0000000000000..350db55e72446 --- /dev/null +++ b/x-pack/plugins/apm/scripts/tsconfig.json @@ -0,0 +1,12 @@ +{ + "extends": "../../../tsconfig.json", + "include": [ + "./**/*" + ], + "exclude": [], + "compilerOptions": { + "types": [ + "node" + ] + } +} diff --git a/x-pack/plugins/apm/scripts/upload-telemetry-data/index.ts b/x-pack/plugins/apm/scripts/upload-telemetry-data/index.ts index a3c97cd8828d8..5f9c72810fc91 100644 --- a/x-pack/plugins/apm/scripts/upload-telemetry-data/index.ts +++ b/x-pack/plugins/apm/scripts/upload-telemetry-data/index.ts @@ -11,115 +11,50 @@ // - Easier testing of the telemetry tasks // - Validate whether we can run the queries we want to on the telemetry data -import fs from 'fs'; -import path from 'path'; -// @ts-ignore -import { Octokit } from '@octokit/rest'; -import { merge, chunk, flatten, pick, identity } from 'lodash'; -import axios from 'axios'; -import yaml from 'js-yaml'; -import { Client } from 'elasticsearch'; +import { merge, chunk, flatten } from 'lodash'; +import { Client } from '@elastic/elasticsearch'; import { argv } from 'yargs'; -import { promisify } from 'util'; import { Logger } from 'kibana/server'; -// @ts-ignore -import consoleStamp from 'console-stamp'; +import { stampLogger } from '../shared/stamp-logger'; // eslint-disable-next-line @kbn/eslint/no-restricted-paths import { CollectTelemetryParams } from '../../server/lib/apm_telemetry/collect_data_telemetry'; -import { downloadTelemetryTemplate } from './download-telemetry-template'; -import mapping from '../../mappings.json'; +import { downloadTelemetryTemplate } from '../shared/download-telemetry-template'; +// eslint-disable-next-line @kbn/eslint/no-restricted-paths +import { apmTelemetry } from '../../server/saved_objects/apm_telemetry'; import { generateSampleDocuments } from './generate-sample-documents'; +import { readKibanaConfig } from '../shared/read-kibana-config'; +import { getHttpAuth } from '../shared/get-http-auth'; +import { createOrUpdateIndex } from '../shared/create-or-update-index'; -consoleStamp(console, '[HH:MM:ss.l]'); - -const githubToken = process.env.GITHUB_TOKEN; +stampLogger(); -if (!githubToken) { - throw new Error('GITHUB_TOKEN was not provided.'); -} +async function uploadData() { + const githubToken = process.env.GITHUB_TOKEN; -const kibanaConfigDir = path.join(__filename, '../../../../../../config'); -const kibanaDevConfig = path.join(kibanaConfigDir, 'kibana.dev.yml'); -const kibanaConfig = path.join(kibanaConfigDir, 'kibana.yml'); - -const xpackTelemetryIndexName = 'xpack-phone-home'; - -const loadedKibanaConfig = (yaml.safeLoad( - fs.readFileSync( - fs.existsSync(kibanaDevConfig) ? kibanaDevConfig : kibanaConfig, - 'utf8' - ) -) || {}) as {}; - -const cliEsCredentials = pick( - { - 'elasticsearch.username': process.env.ELASTICSEARCH_USERNAME, - 'elasticsearch.password': process.env.ELASTICSEARCH_PASSWORD, - 'elasticsearch.hosts': process.env.ELASTICSEARCH_HOST, - }, - identity -) as { - 'elasticsearch.username'?: string; - 'elasticsearch.password'?: string; - 'elasticsearch.hosts'?: string; -}; - -const config = { - 'apm_oss.transactionIndices': 'apm-*', - 'apm_oss.metricsIndices': 'apm-*', - 'apm_oss.errorIndices': 'apm-*', - 'apm_oss.spanIndices': 'apm-*', - 'apm_oss.onboardingIndices': 'apm-*', - 'apm_oss.sourcemapIndices': 'apm-*', - 'elasticsearch.hosts': 'http://localhost:9200', - ...loadedKibanaConfig, - ...cliEsCredentials, -}; + if (!githubToken) { + throw new Error('GITHUB_TOKEN was not provided.'); + } -async function uploadData() { - const octokit = new Octokit({ - auth: githubToken, + const xpackTelemetryIndexName = 'xpack-phone-home'; + const telemetryTemplate = await downloadTelemetryTemplate({ + githubToken, }); - const telemetryTemplate = await downloadTelemetryTemplate(octokit); + const kibanaMapping = apmTelemetry.mappings; - const kibanaMapping = mapping['apm-telemetry']; + const config = readKibanaConfig(); - const httpAuth = - config['elasticsearch.username'] && config['elasticsearch.password'] - ? { - username: config['elasticsearch.username'], - password: config['elasticsearch.password'], - } - : null; + const httpAuth = getHttpAuth(config); const client = new Client({ - host: config['elasticsearch.hosts'], + nodes: [config['elasticsearch.hosts']], ...(httpAuth ? { - httpAuth: `${httpAuth.username}:${httpAuth.password}`, + auth: httpAuth, } : {}), }); - if (argv.clear) { - try { - await promisify(client.indices.delete.bind(client))({ - index: xpackTelemetryIndexName, - }); - } catch (err) { - // 404 = index not found, totally okay - if (err.status !== 404) { - throw err; - } - } - } - - const axiosInstance = axios.create({ - baseURL: config['elasticsearch.hosts'], - ...(httpAuth ? { auth: httpAuth } : {}), - }); - const newTemplate = merge(telemetryTemplate, { settings: { index: { mapping: { total_fields: { limit: 10000 } } }, @@ -129,7 +64,12 @@ async function uploadData() { // override apm mapping instead of merging newTemplate.mappings.properties.stack_stats.properties.kibana.properties.plugins.properties.apm = kibanaMapping; - await axiosInstance.put(`/_template/xpack-phone-home`, newTemplate); + await createOrUpdateIndex({ + indexName: xpackTelemetryIndexName, + client, + template: newTemplate, + clear: !!argv.clear, + }); const sampleDocuments = await generateSampleDocuments({ collectTelemetryParams: { @@ -140,19 +80,16 @@ async function uploadData() { apmAgentConfigurationIndex: '.apm-agent-configuration', }, search: (body) => { - return promisify(client.search.bind(client))({ - ...body, - requestTimeout: 120000, - }) as any; + return client.search(body as any).then((res) => res.body); }, indicesStats: (body) => { - return promisify(client.indices.stats.bind(client))({ - ...body, - requestTimeout: 120000, - }) as any; + return client.indices.stats(body as any); }, transportRequest: ((params) => { - return axiosInstance[params.method](params.path); + return client.transport.request({ + method: params.method, + path: params.path, + }); }) as CollectTelemetryParams['transportRequest'], }, }); @@ -162,20 +99,27 @@ async function uploadData() { await chunks.reduce>((prev, documents) => { return prev.then(async () => { const body = flatten( - documents.map((doc) => [{ index: { _index: 'xpack-phone-home' } }, doc]) + documents.map((doc) => [ + { index: { _index: xpackTelemetryIndexName } }, + doc, + ]) ); - return promisify(client.bulk.bind(client))({ - body, - refresh: true, - }).then((response: any) => { - if (response.errors) { - const firstError = response.items.filter( - (item: any) => item.index.status >= 400 - )[0].index.error; - throw new Error(`Failed to upload documents: ${firstError.reason} `); - } - }); + return client + .bulk({ + body, + refresh: 'wait_for', + }) + .then((response: any) => { + if (response.errors) { + const firstError = response.items.filter( + (item: any) => item.index.status >= 400 + )[0].index.error; + throw new Error( + `Failed to upload documents: ${firstError.reason} ` + ); + } + }); }); }, Promise.resolve()); } diff --git a/x-pack/plugins/apm/server/lib/services/annotations/get_stored_annotations.ts b/x-pack/plugins/apm/server/lib/services/annotations/get_stored_annotations.ts index 2409da59d66ae..e77307a3f9db1 100644 --- a/x-pack/plugins/apm/server/lib/services/annotations/get_stored_annotations.ts +++ b/x-pack/plugins/apm/server/lib/services/annotations/get_stored_annotations.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { APICaller } from 'kibana/server'; +import { APICaller, Logger } from 'kibana/server'; import { SERVICE_NAME } from '../../../../common/elasticsearch_fieldnames'; import { ESSearchResponse } from '../../../../typings/elasticsearch'; import { ScopedAnnotationsClient } from '../../../../../observability/server'; @@ -19,12 +19,14 @@ export async function getStoredAnnotations({ environment, apiCaller, annotationsClient, + logger, }: { setup: Setup & SetupTimeRange; serviceName: string; environment?: string; apiCaller: APICaller; annotationsClient: ScopedAnnotationsClient; + logger: Logger; }): Promise { try { const environmentFilter = getEnvironmentUiFilterES(environment); @@ -71,6 +73,14 @@ export async function getStoredAnnotations({ if (error.body?.error?.type === 'index_not_found_exception') { return []; } + + if (error.body?.error?.type === 'security_exception') { + logger.warn( + `Unable to get stored annotations due to a security exception. Please make sure that the user has 'indices:data/read/search' permissions for ${annotationsClient.index}` + ); + return []; + } + throw error; } } diff --git a/x-pack/plugins/apm/server/lib/services/annotations/index.ts b/x-pack/plugins/apm/server/lib/services/annotations/index.ts index 9365213a87f6e..e2b6e74d4d65a 100644 --- a/x-pack/plugins/apm/server/lib/services/annotations/index.ts +++ b/x-pack/plugins/apm/server/lib/services/annotations/index.ts @@ -3,7 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { APICaller } from 'kibana/server'; +import { APICaller, Logger } from 'kibana/server'; import { ScopedAnnotationsClient } from '../../../../../observability/server'; import { getDerivedServiceAnnotations } from './get_derived_service_annotations'; import { Setup, SetupTimeRange } from '../../helpers/setup_request'; @@ -15,12 +15,14 @@ export async function getServiceAnnotations({ environment, annotationsClient, apiCaller, + logger, }: { serviceName: string; environment?: string; setup: Setup & SetupTimeRange; annotationsClient?: ScopedAnnotationsClient; apiCaller: APICaller; + logger: Logger; }) { // start fetching derived annotations (based on transactions), but don't wait on it // it will likely be significantly slower than the stored annotations @@ -37,6 +39,7 @@ export async function getServiceAnnotations({ environment, annotationsClient, apiCaller, + logger, }) : []; diff --git a/x-pack/plugins/apm/server/lib/transaction_groups/__snapshots__/fetcher.test.ts.snap b/x-pack/plugins/apm/server/lib/transaction_groups/__snapshots__/fetcher.test.ts.snap index 64f06ad0a81cd..087dc6afc9a58 100644 --- a/x-pack/plugins/apm/server/lib/transaction_groups/__snapshots__/fetcher.test.ts.snap +++ b/x-pack/plugins/apm/server/lib/transaction_groups/__snapshots__/fetcher.test.ts.snap @@ -46,7 +46,7 @@ Array [ }, }, "composite": Object { - "size": 10000, + "size": 101, "sources": Array [ Object { "service": Object { @@ -159,7 +159,7 @@ Array [ }, }, "composite": Object { - "size": 10000, + "size": 101, "sources": Array [ Object { "transaction": Object { diff --git a/x-pack/plugins/apm/server/lib/transaction_groups/__snapshots__/queries.test.ts.snap b/x-pack/plugins/apm/server/lib/transaction_groups/__snapshots__/queries.test.ts.snap index b93f842b878cb..496533cf97e65 100644 --- a/x-pack/plugins/apm/server/lib/transaction_groups/__snapshots__/queries.test.ts.snap +++ b/x-pack/plugins/apm/server/lib/transaction_groups/__snapshots__/queries.test.ts.snap @@ -44,7 +44,7 @@ Object { }, }, "composite": Object { - "size": 10000, + "size": 101, "sources": Array [ Object { "service": Object { @@ -153,7 +153,7 @@ Object { }, }, "composite": Object { - "size": 10000, + "size": 101, "sources": Array [ Object { "transaction": Object { diff --git a/x-pack/plugins/apm/server/lib/transaction_groups/fetcher.test.ts b/x-pack/plugins/apm/server/lib/transaction_groups/fetcher.test.ts index 00702be6744ec..a26c3d85a3fc4 100644 --- a/x-pack/plugins/apm/server/lib/transaction_groups/fetcher.test.ts +++ b/x-pack/plugins/apm/server/lib/transaction_groups/fetcher.test.ts @@ -39,7 +39,8 @@ describe('transactionGroupsFetcher', () => { describe('type: top_traces', () => { it('should call client.search with correct query', async () => { const setup = getSetup(); - await transactionGroupsFetcher({ type: 'top_traces' }, setup); + const bucketSize = 100; + await transactionGroupsFetcher({ type: 'top_traces' }, setup, bucketSize); expect(setup.client.search.mock.calls).toMatchSnapshot(); }); }); @@ -47,13 +48,15 @@ describe('transactionGroupsFetcher', () => { describe('type: top_transactions', () => { it('should call client.search with correct query', async () => { const setup = getSetup(); + const bucketSize = 100; await transactionGroupsFetcher( { type: 'top_transactions', serviceName: 'opbeans-node', transactionType: 'request', }, - setup + setup, + bucketSize ); expect(setup.client.search.mock.calls).toMatchSnapshot(); }); diff --git a/x-pack/plugins/apm/server/lib/transaction_groups/fetcher.ts b/x-pack/plugins/apm/server/lib/transaction_groups/fetcher.ts index d10c45ecbdbfb..595ee9d8da2dc 100644 --- a/x-pack/plugins/apm/server/lib/transaction_groups/fetcher.ts +++ b/x-pack/plugins/apm/server/lib/transaction_groups/fetcher.ts @@ -36,9 +36,10 @@ interface TopTraceOptions { export type Options = TopTransactionOptions | TopTraceOptions; export type ESResponse = PromiseReturnType; -export function transactionGroupsFetcher( +export async function transactionGroupsFetcher( options: Options, - setup: Setup & SetupTimeRange & SetupUIFilters + setup: Setup & SetupTimeRange & SetupUIFilters, + bucketSize: number ) { const { client } = setup; @@ -71,7 +72,7 @@ export function transactionGroupsFetcher( aggs: { transaction_groups: { composite: { - size: 10000, + size: bucketSize + 1, // 1 extra bucket is added to check whether the total number of buckets exceed the specified bucket size. sources: [ ...(isTopTraces ? [{ service: { terms: { field: SERVICE_NAME } } }] diff --git a/x-pack/plugins/apm/server/lib/transaction_groups/index.ts b/x-pack/plugins/apm/server/lib/transaction_groups/index.ts index 30c4975120483..893e586b351a8 100644 --- a/x-pack/plugins/apm/server/lib/transaction_groups/index.ts +++ b/x-pack/plugins/apm/server/lib/transaction_groups/index.ts @@ -11,20 +11,18 @@ import { } from '../helpers/setup_request'; import { transactionGroupsFetcher, Options } from './fetcher'; import { transactionGroupsTransformer } from './transform'; -import { PromiseReturnType } from '../../../../observability/typings/common'; -export type TransactionGroupListAPIResponse = PromiseReturnType< - typeof getTransactionGroupList ->; export async function getTransactionGroupList( options: Options, setup: Setup & SetupTimeRange & SetupUIFilters ) { const { start, end } = setup; - const response = await transactionGroupsFetcher(options, setup); + const bucketSize = setup.config['xpack.apm.ui.transactionGroupBucketSize']; + const response = await transactionGroupsFetcher(options, setup, bucketSize); return transactionGroupsTransformer({ response, start, end, + bucketSize, }); } diff --git a/x-pack/plugins/apm/server/lib/transaction_groups/queries.test.ts b/x-pack/plugins/apm/server/lib/transaction_groups/queries.test.ts index 58d770bebce97..2c5aa79bb3483 100644 --- a/x-pack/plugins/apm/server/lib/transaction_groups/queries.test.ts +++ b/x-pack/plugins/apm/server/lib/transaction_groups/queries.test.ts @@ -18,6 +18,7 @@ describe('transaction group queries', () => { }); it('fetches top transactions', async () => { + const bucketSize = 100; mock = await inspectSearchParams((setup) => transactionGroupsFetcher( { @@ -25,7 +26,8 @@ describe('transaction group queries', () => { serviceName: 'foo', transactionType: 'bar', }, - setup + setup, + bucketSize ) ); @@ -33,12 +35,14 @@ describe('transaction group queries', () => { }); it('fetches top traces', async () => { + const bucketSize = 100; mock = await inspectSearchParams((setup) => transactionGroupsFetcher( { type: 'top_traces', }, - setup + setup, + bucketSize ) ); diff --git a/x-pack/plugins/apm/server/lib/transaction_groups/transform.test.ts b/x-pack/plugins/apm/server/lib/transaction_groups/transform.test.ts index e5ec9a8eae782..0bb29e27f0219 100644 --- a/x-pack/plugins/apm/server/lib/transaction_groups/transform.test.ts +++ b/x-pack/plugins/apm/server/lib/transaction_groups/transform.test.ts @@ -10,13 +10,20 @@ import { transactionGroupsTransformer } from './transform'; describe('transactionGroupsTransformer', () => { it('should match snapshot', () => { - expect( - transactionGroupsTransformer({ - response: transactionGroupsResponse, - start: 100, - end: 2000, - }) - ).toMatchSnapshot(); + const { + bucketSize, + isAggregationAccurate, + items, + } = transactionGroupsTransformer({ + response: transactionGroupsResponse, + start: 100, + end: 2000, + bucketSize: 100, + }); + + expect(bucketSize).toBe(100); + expect(isAggregationAccurate).toBe(true); + expect(items).toMatchSnapshot(); }); it('should transform response correctly', () => { @@ -43,17 +50,59 @@ describe('transactionGroupsTransformer', () => { } as unknown) as ESResponse; expect( - transactionGroupsTransformer({ response, start: 100, end: 20000 }) - ).toEqual([ - { - averageResponseTime: 255966.30555555556, - impact: 0, - name: 'POST /api/orders', - p95: 320238.5, - sample: 'sample source', - transactionsPerMinute: 542.713567839196, + transactionGroupsTransformer({ + response, + start: 100, + end: 20000, + bucketSize: 100, + }) + ).toEqual({ + bucketSize: 100, + isAggregationAccurate: true, + items: [ + { + averageResponseTime: 255966.30555555556, + impact: 0, + name: 'POST /api/orders', + p95: 320238.5, + sample: 'sample source', + transactionsPerMinute: 542.713567839196, + }, + ], + }); + }); + + it('`isAggregationAccurate` should be false if number of bucket is higher than `bucketSize`', () => { + const bucket = { + key: { transaction: 'POST /api/orders' }, + doc_count: 180, + avg: { value: 255966.30555555556 }, + p95: { values: { '95.0': 320238.5 } }, + sum: { value: 3000000000 }, + sample: { + hits: { + total: 180, + hits: [{ _source: 'sample source' }], + }, }, - ]); + }; + + const response = ({ + aggregations: { + transaction_groups: { + buckets: [bucket, bucket, bucket, bucket], // four buckets returned + }, + }, + } as unknown) as ESResponse; + + const { isAggregationAccurate } = transactionGroupsTransformer({ + response, + start: 100, + end: 20000, + bucketSize: 3, // bucket size of three + }); + + expect(isAggregationAccurate).toEqual(false); }); it('should calculate impact from sum', () => { @@ -74,10 +123,13 @@ describe('transactionGroupsTransformer', () => { }, } as unknown) as ESResponse; - expect( - transactionGroupsTransformer({ response, start: 100, end: 20000 }).map( - (bucket) => bucket.impact - ) - ).toEqual([100, 25, 0]); + const { items } = transactionGroupsTransformer({ + response, + start: 100, + end: 20000, + bucketSize: 100, + }); + + expect(items.map((bucket) => bucket.impact)).toEqual([100, 25, 0]); }); }); diff --git a/x-pack/plugins/apm/server/lib/transaction_groups/transform.ts b/x-pack/plugins/apm/server/lib/transaction_groups/transform.ts index 2f34d365e5be9..81dba39e9d712 100644 --- a/x-pack/plugins/apm/server/lib/transaction_groups/transform.ts +++ b/x-pack/plugins/apm/server/lib/transaction_groups/transform.ts @@ -8,15 +8,15 @@ import moment from 'moment'; import { sortByOrder } from 'lodash'; import { ESResponse } from './fetcher'; -function calculateRelativeImpacts(transactionGroups: ITransactionGroup[]) { - const values = transactionGroups +function calculateRelativeImpacts(items: ITransactionGroup[]) { + const values = items .map(({ impact }) => impact) .filter((value) => value !== null) as number[]; const max = Math.max(...values); const min = Math.min(...values); - return transactionGroups.map((bucket) => ({ + return items.map((bucket) => ({ ...bucket, impact: bucket.impact !== null @@ -60,17 +60,30 @@ export function transactionGroupsTransformer({ response, start, end, + bucketSize, }: { response: ESResponse; start: number; end: number; -}): ITransactionGroup[] { + bucketSize: number; +}): { + items: ITransactionGroup[]; + isAggregationAccurate: boolean; + bucketSize: number; +} { const buckets = getBuckets(response); const duration = moment.duration(end - start); const minutes = duration.asMinutes(); - const transactionGroups = buckets.map((bucket) => - getTransactionGroup(bucket, minutes) - ); + const items = buckets.map((bucket) => getTransactionGroup(bucket, minutes)); - return calculateRelativeImpacts(transactionGroups); + const itemsWithRelativeImpact = calculateRelativeImpacts(items); + + return { + items: itemsWithRelativeImpact, + + // The aggregation is considered accurate if the configured bucket size is larger or equal to the number of buckets returned + // the actual number of buckets retrieved are `bucketsize + 1` to detect whether it's above the limit + isAggregationAccurate: bucketSize >= buckets.length, + bucketSize, + }; } diff --git a/x-pack/plugins/apm/server/routes/services.ts b/x-pack/plugins/apm/server/routes/services.ts index 8672c6c108c4c..08eba00251e26 100644 --- a/x-pack/plugins/apm/server/routes/services.ts +++ b/x-pack/plugins/apm/server/routes/services.ts @@ -105,6 +105,7 @@ export const serviceAnnotationsRoute = createRoute(() => ({ environment, annotationsClient, apiCaller: context.core.elasticsearch.legacy.client.callAsCurrentUser, + logger: context.logger, }); }, })); diff --git a/x-pack/plugins/encrypted_saved_objects/README.md b/x-pack/plugins/encrypted_saved_objects/README.md index 2f0af9e866797..0a5e79a96f02a 100644 --- a/x-pack/plugins/encrypted_saved_objects/README.md +++ b/x-pack/plugins/encrypted_saved_objects/README.md @@ -99,6 +99,138 @@ const savedObjectWithDecryptedContent = await esoClient.getDecryptedAsInternalU one would pass to `SavedObjectsClient.get`. These argument allows to specify `namespace` property that, for example, is required if Saved Object was created within a non-default space. +### Defining migrations +EncryptedSavedObjects rely on standard SavedObject migrations, but due to the additional complexity introduced by the need to decrypt and reencrypt the migrated document, there are some caveats to how we support this. +The good news is, most of this complexity is abstracted away by the plugin and all you need to do is leverage our api. + +The `EncryptedSavedObjects` Plugin _SetupContract_ exposes an `createMigration` api which facilitates defining a migration for your EncryptedSavedObject type. + +The `createMigration` function takes four arguments: + +|Argument|Description|Type| +|---|---|---| +|isMigrationNeededPredicate|A predicate which is called for each document, prior to being decrypted, which confirms whether a document requires migration or not. This predicate is important as the decryption step is costly and we would rather not decrypt and re-encrypt a document if we can avoid it.|function| +|migration|A migration function which will migrate each decrypted document from the old shape to the new one.|function| +|inputType|Optional. An `EncryptedSavedObjectTypeRegistration` which describes the ESOType of the input (the document prior to migration). If this type isn't provided, we'll assume the input doc follows the registered type. |object| +|migratedType| Optional. An `EncryptedSavedObjectTypeRegistration` which describes the ESOType of the output (the document after migration). If this type isn't provided, we'll assume the migrated doc follows the registered type.|object| + +### Example: Migrating a Value + +```typescript +encryptedSavedObjects.registerType({ + type: 'alert', + attributesToEncrypt: new Set(['apiKey']), + attributesToExcludeFromAAD: new Set(['mutedInstanceIds', 'updatedBy']), +}); + +const migration790 = encryptedSavedObjects.createMigration( + function shouldBeMigrated(doc): doc is SavedObjectUnsanitizedDoc { + return doc.consumer === 'alerting' || doc.consumer === undefined; + }, + (doc: SavedObjectUnsanitizedDoc): SavedObjectUnsanitizedDoc => { + const { + attributes: { consumer }, + } = doc; + return { + ...doc, + attributes: { + ...doc.attributes, + consumer: consumer === 'alerting' || !consumer ? 'alerts' : consumer, + }, + }; + } +); +``` + +In the above example you can see thwe following: +1. In `shouldBeMigrated` we limit the migrated alerts to those whose `consumer` field equals `alerting` or is undefined. +2. In the migration function we then migrate the value of `consumer` to the value we want (`alerts` or `unknown`, depending on the current value). In this function we can assume that only documents with a `consumer` of `alerting` or `undefined` will be passed in, but it's still safest not to, and so we use the current `consumer` as the default when needed. +3. Note that we haven't passed in any type definitions. This is because we can rely on the registered type, as the migration is changing a value and not the shape of the object. + +As we said above, an EncryptedSavedObject migration is a normal SavedObjects migration, and so we can plug it into the underlying SavedObject just like any other kind of migration: + +```typescript +savedObjects.registerType({ + name: 'alert', + hidden: true, + namespaceType: 'single', + migrations: { + // apply this migration in 7.9.0 + '7.9.0': migration790, + }, + mappings: { + //... + }, +}); +``` + +### Example: Migating a Type +If your migration needs to change the type by, for example, removing an encrypted field, you will have to specify the legacy type for the input. + +```typescript +encryptedSavedObjects.registerType({ + type: 'alert', + attributesToEncrypt: new Set(['apiKey']), + attributesToExcludeFromAAD: new Set(['mutedInstanceIds', 'updatedBy']), +}); + +const migration790 = encryptedSavedObjects.createMigration( + function shouldBeMigrated(doc): doc is SavedObjectUnsanitizedDoc { + return doc.consumer === 'alerting' || doc.consumer === undefined; + }, + (doc: SavedObjectUnsanitizedDoc): SavedObjectUnsanitizedDoc => { + const { + attributes: { legacyEncryptedField, ...attributes }, + } = doc; + return { + ...doc, + attributes: { + ...attributes + }, + }; + }, + { + type: 'alert', + attributesToEncrypt: new Set(['apiKey', 'legacyEncryptedField']), + attributesToExcludeFromAAD: new Set(['mutedInstanceIds', 'updatedBy']), + } +); +``` + +As you can see in this example we provide a legacy type which describes the _input_ which needs to be decrypted. +The migration function will default to using the registered type to encrypt the migrated document after the migration is applied. + +If you need to migrate between two legacy types, you can specify both types at once: + +```typescript +encryptedSavedObjects.registerType({ + type: 'alert', + attributesToEncrypt: new Set(['apiKey']), + attributesToExcludeFromAAD: new Set(['mutedInstanceIds', 'updatedBy']), +}); + +const migration780 = encryptedSavedObjects.createMigration( + function shouldBeMigrated(doc): doc is SavedObjectUnsanitizedDoc { + // ... + }, + (doc: SavedObjectUnsanitizedDoc): SavedObjectUnsanitizedDoc => { + // ... + }, + // legacy input type + { + type: 'alert', + attributesToEncrypt: new Set(['apiKey', 'legacyEncryptedField']), + attributesToExcludeFromAAD: new Set(['mutedInstanceIds', 'updatedBy']), + }, + // legacy migration type + { + type: 'alert', + attributesToEncrypt: new Set(['apiKey', 'legacyEncryptedField']), + attributesToExcludeFromAAD: new Set(['mutedInstanceIds', 'updatedBy', 'legacyEncryptedField']), + } +); +``` + ## Testing ### Unit tests diff --git a/x-pack/plugins/encrypted_saved_objects/server/create_migration.test.ts b/x-pack/plugins/encrypted_saved_objects/server/create_migration.test.ts new file mode 100644 index 0000000000000..620e001677594 --- /dev/null +++ b/x-pack/plugins/encrypted_saved_objects/server/create_migration.test.ts @@ -0,0 +1,296 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { SavedObjectUnsanitizedDoc } from 'kibana/server'; +import { migrationMocks } from 'src/core/server/mocks'; +import { encryptedSavedObjectsServiceMock } from './crypto/index.mock'; +import { getCreateMigration } from './create_migration'; + +afterEach(() => { + jest.clearAllMocks(); +}); + +describe('createMigration()', () => { + const { log } = migrationMocks.createContext(); + const inputType = { type: 'known-type-1', attributesToEncrypt: new Set(['firstAttr']) }; + const migrationType = { + type: 'known-type-1', + attributesToEncrypt: new Set(['firstAttr', 'secondAttr']), + }; + + interface InputType { + firstAttr: string; + nonEncryptedAttr?: string; + } + interface MigrationType { + firstAttr: string; + encryptedAttr?: string; + } + + const encryptionSavedObjectService = encryptedSavedObjectsServiceMock.create(); + + it('throws if the types arent compatible', async () => { + const migrationCreator = getCreateMigration(encryptionSavedObjectService, () => + encryptedSavedObjectsServiceMock.create() + ); + expect(() => + migrationCreator( + function (doc): doc is SavedObjectUnsanitizedDoc { + return true; + }, + (doc) => doc, + { + type: 'known-type-1', + attributesToEncrypt: new Set(), + }, + { + type: 'known-type-2', + attributesToEncrypt: new Set(), + } + ) + ).toThrowErrorMatchingInlineSnapshot( + `"An Invalid Encrypted Saved Objects migration is trying to migrate across types (\\"known-type-1\\" => \\"known-type-2\\"), which isn't permitted"` + ); + }); + + describe('migration of an existing type', () => { + it('uses the type in the current service for both input and migration types when none are specified', async () => { + const instantiateServiceWithLegacyType = jest.fn(() => + encryptedSavedObjectsServiceMock.create() + ); + + const migrationCreator = getCreateMigration( + encryptionSavedObjectService, + instantiateServiceWithLegacyType + ); + const noopMigration = migrationCreator( + function (doc): doc is SavedObjectUnsanitizedDoc { + return true; + }, + (doc) => doc + ); + + const attributes = { + firstAttr: 'first_attr', + }; + + encryptionSavedObjectService.decryptAttributesSync.mockReturnValueOnce(attributes); + encryptionSavedObjectService.encryptAttributesSync.mockReturnValueOnce(attributes); + + noopMigration( + { + id: '123', + type: 'known-type-1', + namespace: 'namespace', + attributes, + }, + { log } + ); + + expect(encryptionSavedObjectService.decryptAttributesSync).toHaveBeenCalledWith( + { + id: '123', + type: 'known-type-1', + namespace: 'namespace', + }, + attributes + ); + + expect(encryptionSavedObjectService.encryptAttributesSync).toHaveBeenCalledWith( + { + id: '123', + type: 'known-type-1', + namespace: 'namespace', + }, + attributes + ); + }); + }); + + describe('migration of a single legacy type', () => { + it('uses the input type as the mirgation type when omitted', async () => { + const serviceWithLegacyType = encryptedSavedObjectsServiceMock.create(); + const instantiateServiceWithLegacyType = jest.fn(() => serviceWithLegacyType); + + const migrationCreator = getCreateMigration( + encryptionSavedObjectService, + instantiateServiceWithLegacyType + ); + const noopMigration = migrationCreator( + function (doc): doc is SavedObjectUnsanitizedDoc { + return true; + }, + (doc) => doc, + inputType + ); + + const attributes = { + firstAttr: 'first_attr', + }; + + serviceWithLegacyType.decryptAttributesSync.mockReturnValueOnce(attributes); + encryptionSavedObjectService.encryptAttributesSync.mockReturnValueOnce(attributes); + + noopMigration( + { + id: '123', + type: 'known-type-1', + namespace: 'namespace', + attributes, + }, + { log } + ); + + expect(serviceWithLegacyType.decryptAttributesSync).toHaveBeenCalledWith( + { + id: '123', + type: 'known-type-1', + namespace: 'namespace', + }, + attributes + ); + + expect(encryptionSavedObjectService.encryptAttributesSync).toHaveBeenCalledWith( + { + id: '123', + type: 'known-type-1', + namespace: 'namespace', + }, + attributes + ); + }); + }); + + describe('migration across two legacy types', () => { + const serviceWithInputLegacyType = encryptedSavedObjectsServiceMock.create(); + const serviceWithMigrationLegacyType = encryptedSavedObjectsServiceMock.create(); + const instantiateServiceWithLegacyType = jest.fn(); + + function createMigration() { + instantiateServiceWithLegacyType + .mockImplementationOnce(() => serviceWithInputLegacyType) + .mockImplementationOnce(() => serviceWithMigrationLegacyType); + + const migrationCreator = getCreateMigration( + encryptionSavedObjectService, + instantiateServiceWithLegacyType + ); + return migrationCreator( + function (doc): doc is SavedObjectUnsanitizedDoc { + // migrate doc that have the second field + return ( + typeof (doc as SavedObjectUnsanitizedDoc).attributes.nonEncryptedAttr === + 'string' + ); + }, + ({ attributes: { firstAttr, nonEncryptedAttr }, ...doc }) => ({ + attributes: { + // modify an encrypted field + firstAttr: `~~${firstAttr}~~`, + // encrypt a non encrypted field if it's there + ...(nonEncryptedAttr ? { encryptedAttr: `${nonEncryptedAttr}` } : {}), + }, + ...doc, + }), + inputType, + migrationType + ); + } + + it('doesnt decrypt saved objects that dont need to be migrated', async () => { + const migration = createMigration(); + expect(instantiateServiceWithLegacyType).toHaveBeenCalledWith(inputType); + expect(instantiateServiceWithLegacyType).toHaveBeenCalledWith(migrationType); + + expect( + migration( + { + id: '123', + type: 'known-type-1', + namespace: 'namespace', + attributes: { + firstAttr: '#####', + }, + }, + { log } + ) + ).toMatchObject({ + id: '123', + type: 'known-type-1', + namespace: 'namespace', + attributes: { + firstAttr: '#####', + }, + }); + + expect(serviceWithInputLegacyType.decryptAttributesSync).not.toHaveBeenCalled(); + expect(serviceWithMigrationLegacyType.encryptAttributesSync).not.toHaveBeenCalled(); + }); + + it('decrypt, migrates and reencrypts saved objects that need to be migrated', async () => { + const migration = createMigration(); + expect(instantiateServiceWithLegacyType).toHaveBeenCalledWith(inputType); + expect(instantiateServiceWithLegacyType).toHaveBeenCalledWith(migrationType); + + serviceWithInputLegacyType.decryptAttributesSync.mockReturnValueOnce({ + firstAttr: 'first_attr', + nonEncryptedAttr: 'non encrypted', + }); + + serviceWithMigrationLegacyType.encryptAttributesSync.mockReturnValueOnce({ + firstAttr: `#####`, + encryptedAttr: `#####`, + }); + + expect( + migration( + { + id: '123', + type: 'known-type-1', + namespace: 'namespace', + attributes: { + firstAttr: '#####', + nonEncryptedAttr: 'non encrypted', + }, + }, + { log } + ) + ).toMatchObject({ + id: '123', + type: 'known-type-1', + namespace: 'namespace', + attributes: { + firstAttr: '#####', + encryptedAttr: `#####`, + }, + }); + + expect(serviceWithInputLegacyType.decryptAttributesSync).toHaveBeenCalledWith( + { + id: '123', + type: 'known-type-1', + namespace: 'namespace', + }, + { + firstAttr: '#####', + nonEncryptedAttr: 'non encrypted', + } + ); + + expect(serviceWithMigrationLegacyType.encryptAttributesSync).toHaveBeenCalledWith( + { + id: '123', + type: 'known-type-1', + namespace: 'namespace', + }, + { + firstAttr: `~~first_attr~~`, + encryptedAttr: 'non encrypted', + } + ); + }); + }); +}); diff --git a/x-pack/plugins/encrypted_saved_objects/server/create_migration.ts b/x-pack/plugins/encrypted_saved_objects/server/create_migration.ts new file mode 100644 index 0000000000000..8e9dc1c138966 --- /dev/null +++ b/x-pack/plugins/encrypted_saved_objects/server/create_migration.ts @@ -0,0 +1,91 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { + SavedObjectUnsanitizedDoc, + SavedObjectMigrationFn, + SavedObjectMigrationContext, +} from 'src/core/server'; +import { EncryptedSavedObjectTypeRegistration, EncryptedSavedObjectsService } from './crypto'; + +type SavedObjectOptionalMigrationFn = ( + doc: SavedObjectUnsanitizedDoc | SavedObjectUnsanitizedDoc, + context: SavedObjectMigrationContext +) => SavedObjectUnsanitizedDoc; + +type IsMigrationNeededPredicate = ( + encryptedDoc: + | SavedObjectUnsanitizedDoc + | SavedObjectUnsanitizedDoc +) => encryptedDoc is SavedObjectUnsanitizedDoc; + +export type CreateEncryptedSavedObjectsMigrationFn = < + InputAttributes = unknown, + MigratedAttributes = InputAttributes +>( + isMigrationNeededPredicate: IsMigrationNeededPredicate, + migration: SavedObjectMigrationFn, + inputType?: EncryptedSavedObjectTypeRegistration, + migratedType?: EncryptedSavedObjectTypeRegistration +) => SavedObjectOptionalMigrationFn; + +export const getCreateMigration = ( + encryptedSavedObjectsService: Readonly, + instantiateServiceWithLegacyType: ( + typeRegistration: EncryptedSavedObjectTypeRegistration + ) => EncryptedSavedObjectsService +): CreateEncryptedSavedObjectsMigrationFn => ( + isMigrationNeededPredicate, + migration, + inputType, + migratedType +) => { + if (inputType && migratedType && inputType.type !== migratedType.type) { + throw new Error( + `An Invalid Encrypted Saved Objects migration is trying to migrate across types ("${inputType.type}" => "${migratedType.type}"), which isn't permitted` + ); + } + + const inputService = inputType + ? instantiateServiceWithLegacyType(inputType) + : encryptedSavedObjectsService; + + const migratedService = migratedType + ? instantiateServiceWithLegacyType(migratedType) + : encryptedSavedObjectsService; + + return (encryptedDoc, context) => { + if (!isMigrationNeededPredicate(encryptedDoc)) { + return encryptedDoc; + } + + const descriptor = { + id: encryptedDoc.id!, + type: encryptedDoc.type, + namespace: encryptedDoc.namespace, + }; + + // decrypt the attributes using the input type definition + // then migrate the document + // then encrypt the attributes using the migration type definition + return mapAttributes( + migration( + mapAttributes(encryptedDoc, (inputAttributes) => + inputService.decryptAttributesSync(descriptor, inputAttributes) + ), + context + ), + (migratedAttributes) => + migratedService.encryptAttributesSync(descriptor, migratedAttributes) + ); + }; +}; + +function mapAttributes(obj: SavedObjectUnsanitizedDoc, mapper: (attributes: T) => T) { + return Object.assign(obj, { + attributes: mapper(obj.attributes), + }); +} diff --git a/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.mocks.ts b/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.mocks.ts new file mode 100644 index 0000000000000..c692d8698771f --- /dev/null +++ b/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.mocks.ts @@ -0,0 +1,84 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { + EncryptedSavedObjectsService, + EncryptedSavedObjectTypeRegistration, + SavedObjectDescriptor, +} from './encrypted_saved_objects_service'; + +function createEncryptedSavedObjectsServiceMock() { + return ({ + isRegistered: jest.fn(), + stripOrDecryptAttributes: jest.fn(), + encryptAttributes: jest.fn(), + decryptAttributes: jest.fn(), + encryptAttributesSync: jest.fn(), + decryptAttributesSync: jest.fn(), + } as unknown) as jest.Mocked; +} + +export const encryptedSavedObjectsServiceMock = { + create: createEncryptedSavedObjectsServiceMock, + createWithTypes(registrations: EncryptedSavedObjectTypeRegistration[] = []) { + const mock = createEncryptedSavedObjectsServiceMock(); + + function processAttributes>( + descriptor: Pick, + attrs: T, + action: (attrs: T, attrName: string, shouldExpose: boolean) => void + ) { + const registration = registrations.find((r) => r.type === descriptor.type); + if (!registration) { + return attrs; + } + + const clonedAttrs = { ...attrs }; + for (const attr of registration.attributesToEncrypt) { + const [attrName, shouldExpose] = + typeof attr === 'string' + ? [attr, false] + : [attr.key, attr.dangerouslyExposeValue === true]; + if (attrName in clonedAttrs) { + action(clonedAttrs, attrName, shouldExpose); + } + } + return clonedAttrs; + } + + mock.isRegistered.mockImplementation( + (type) => registrations.findIndex((r) => r.type === type) >= 0 + ); + mock.encryptAttributes.mockImplementation(async (descriptor, attrs) => + processAttributes( + descriptor, + attrs, + (clonedAttrs, attrName) => (clonedAttrs[attrName] = `*${clonedAttrs[attrName]}*`) + ) + ); + mock.decryptAttributes.mockImplementation(async (descriptor, attrs) => + processAttributes( + descriptor, + attrs, + (clonedAttrs, attrName) => + (clonedAttrs[attrName] = (clonedAttrs[attrName] as string).slice(1, -1)) + ) + ); + mock.stripOrDecryptAttributes.mockImplementation((descriptor, attrs) => + Promise.resolve({ + attributes: processAttributes(descriptor, attrs, (clonedAttrs, attrName, shouldExpose) => { + if (shouldExpose) { + clonedAttrs[attrName] = (clonedAttrs[attrName] as string).slice(1, -1); + } else { + delete clonedAttrs[attrName]; + } + }), + }) + ); + + return mock; + }, +}; diff --git a/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.test.ts b/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.test.ts index db7c96f83dff2..42d2e2ffd1516 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.test.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.test.ts @@ -4,10 +4,9 @@ * you may not use this file except in compliance with the Elastic License. */ -import { mockAuthenticatedUser } from '../../../security/common/model/authenticated_user.mock'; - -jest.mock('@elastic/node-crypto', () => jest.fn()); +import nodeCrypto, { Crypto } from '@elastic/node-crypto'; +import { mockAuthenticatedUser } from '../../../security/common/model/authenticated_user.mock'; import { EncryptedSavedObjectsAuditLogger } from '../audit'; import { EncryptedSavedObjectsService } from './encrypted_saved_objects_service'; import { EncryptionError } from './encryption_error'; @@ -15,19 +14,37 @@ import { EncryptionError } from './encryption_error'; import { loggingSystemMock } from 'src/core/server/mocks'; import { encryptedSavedObjectsAuditLoggerMock } from '../audit/index.mock'; +const crypto = nodeCrypto({ encryptionKey: 'encryption-key-abc' }); + +const mockNodeCrypto: jest.Mocked = { + encrypt: jest.fn(), + decrypt: jest.fn(), + encryptSync: jest.fn(), + decryptSync: jest.fn(), +}; + let service: EncryptedSavedObjectsService; let mockAuditLogger: jest.Mocked; -beforeEach(() => { - mockAuditLogger = encryptedSavedObjectsAuditLoggerMock.create(); +beforeEach(() => { // Call actual `@elastic/node-crypto` by default, but allow to override implementation in tests. - jest.requireMock('@elastic/node-crypto').mockImplementation((...args: any[]) => { - const { default: nodeCrypto } = jest.requireActual('@elastic/node-crypto'); - return nodeCrypto(...args); - }); + mockNodeCrypto.encrypt.mockImplementation(async (input: any, aad?: string) => + crypto.encrypt(input, aad) + ); + mockNodeCrypto.decrypt.mockImplementation( + async (encryptedOutput: string | Buffer, aad?: string) => crypto.decrypt(encryptedOutput, aad) + ); + mockNodeCrypto.encryptSync.mockImplementation((input: any, aad?: string) => + crypto.encryptSync(input, aad) + ); + mockNodeCrypto.decryptSync.mockImplementation((encryptedOutput: string | Buffer, aad?: string) => + crypto.decryptSync(encryptedOutput, aad) + ); + + mockAuditLogger = encryptedSavedObjectsAuditLoggerMock.create(); service = new EncryptedSavedObjectsService( - 'encryption-key-abc', + mockNodeCrypto, loggingSystemMock.create().get(), mockAuditLogger ); @@ -35,12 +52,6 @@ beforeEach(() => { afterEach(() => jest.resetAllMocks()); -it('correctly initializes crypto', () => { - const mockNodeCrypto = jest.requireMock('@elastic/node-crypto'); - expect(mockNodeCrypto).toHaveBeenCalledTimes(1); - expect(mockNodeCrypto).toHaveBeenCalledWith({ encryptionKey: 'encryption-key-abc' }); -}); - describe('#registerType', () => { it('throws if `attributesToEncrypt` is empty', () => { expect(() => @@ -213,15 +224,13 @@ describe('#stripOrDecryptAttributes', () => { }); describe('#encryptAttributes', () => { - let mockEncrypt: jest.Mock; beforeEach(() => { - mockEncrypt = jest - .fn() - .mockImplementation(async (valueToEncrypt, aad) => `|${valueToEncrypt}|${aad}|`); - jest.requireMock('@elastic/node-crypto').mockReturnValue({ encrypt: mockEncrypt }); + mockNodeCrypto.encrypt.mockImplementation( + async (valueToEncrypt, aad) => `|${valueToEncrypt}|${aad}|` + ); service = new EncryptedSavedObjectsService( - 'encryption-key-abc', + mockNodeCrypto, loggingSystemMock.create().get(), mockAuditLogger ); @@ -399,7 +408,7 @@ describe('#encryptAttributes', () => { attributesToEncrypt: new Set(['attrOne', 'attrThree']), }); - mockEncrypt + mockNodeCrypto.encrypt .mockResolvedValueOnce('Successfully encrypted attrOne') .mockRejectedValueOnce(new Error('Something went wrong with attrThree...')); @@ -915,7 +924,7 @@ describe('#decryptAttributes', () => { it('fails if encrypted with another encryption key', async () => { service = new EncryptedSavedObjectsService( - 'encryption-key-abc*', + nodeCrypto({ encryptionKey: 'encryption-key-abc*' }), loggingSystemMock.create().get(), mockAuditLogger ); @@ -941,3 +950,532 @@ describe('#decryptAttributes', () => { }); }); }); + +describe('#encryptAttributesSync', () => { + beforeEach(() => { + mockNodeCrypto.encryptSync.mockImplementation( + (valueToEncrypt, aad) => `|${valueToEncrypt}|${aad}|` + ); + + service = new EncryptedSavedObjectsService( + mockNodeCrypto, + loggingSystemMock.create().get(), + mockAuditLogger + ); + }); + + it('does not encrypt attributes that are not supposed to be encrypted', () => { + const attributes = { attrOne: 'one', attrTwo: 'two', attrThree: 'three' }; + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrFour']), + }); + expect( + service.encryptAttributesSync({ type: 'known-type-1', id: 'object-id' }, attributes) + ).toEqual({ + attrOne: 'one', + attrTwo: 'two', + attrThree: 'three', + }); + }); + + it('encrypts only attributes that are supposed to be encrypted', () => { + const attributes = { attrOne: 'one', attrTwo: 'two', attrThree: 'three', attrFour: null }; + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrOne', 'attrThree', 'attrFour']), + }); + + expect( + service.encryptAttributesSync({ type: 'known-type-1', id: 'object-id' }, attributes) + ).toEqual({ + attrOne: '|one|["known-type-1","object-id",{"attrTwo":"two"}]|', + attrTwo: 'two', + attrThree: '|three|["known-type-1","object-id",{"attrTwo":"two"}]|', + attrFour: null, + }); + }); + + it('encrypts only attributes that are supposed to be encrypted even if not all provided', () => { + const attributes = { attrTwo: 'two', attrThree: 'three' }; + + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrOne', 'attrThree']), + }); + + expect( + service.encryptAttributesSync({ type: 'known-type-1', id: 'object-id' }, attributes) + ).toEqual({ + attrTwo: 'two', + attrThree: '|three|["known-type-1","object-id",{"attrTwo":"two"}]|', + }); + }); + + it('includes `namespace` into AAD if provided', () => { + const attributes = { attrTwo: 'two', attrThree: 'three' }; + + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrOne', 'attrThree']), + }); + + expect( + service.encryptAttributesSync( + { type: 'known-type-1', id: 'object-id', namespace: 'object-ns' }, + attributes + ) + ).toEqual({ + attrTwo: 'two', + attrThree: '|three|["object-ns","known-type-1","object-id",{"attrTwo":"two"}]|', + }); + }); + + it('does not include specified attributes to AAD', () => { + const knownType1attributes = { attrOne: 'one', attrTwo: 'two', attrThree: 'three' }; + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrThree']), + }); + + const knownType2attributes = { attrOne: 'one', attrTwo: 'two', attrThree: 'three' }; + service.registerType({ + type: 'known-type-2', + attributesToEncrypt: new Set(['attrThree']), + attributesToExcludeFromAAD: new Set(['attrTwo']), + }); + + expect( + service.encryptAttributesSync( + { type: 'known-type-1', id: 'object-id-1' }, + knownType1attributes + ) + ).toEqual({ + attrOne: 'one', + attrTwo: 'two', + attrThree: '|three|["known-type-1","object-id-1",{"attrOne":"one","attrTwo":"two"}]|', + }); + expect( + service.encryptAttributesSync( + { type: 'known-type-2', id: 'object-id-2' }, + knownType2attributes + ) + ).toEqual({ + attrOne: 'one', + attrTwo: 'two', + attrThree: '|three|["known-type-2","object-id-2",{"attrOne":"one"}]|', + }); + }); + + it('encrypts even if no attributes are included into AAD', () => { + const attributes = { attrOne: 'one', attrThree: 'three' }; + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrOne', 'attrThree']), + }); + + expect( + service.encryptAttributesSync({ type: 'known-type-1', id: 'object-id-1' }, attributes) + ).toEqual({ + attrOne: '|one|["known-type-1","object-id-1",{}]|', + attrThree: '|three|["known-type-1","object-id-1",{}]|', + }); + }); + + it('fails if encryption of any attribute fails', () => { + const attributes = { attrOne: 'one', attrTwo: 'two', attrThree: 'three' }; + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrOne', 'attrThree']), + }); + + mockNodeCrypto.encryptSync + .mockImplementationOnce(() => 'Successfully encrypted attrOne') + .mockImplementationOnce(() => { + throw new Error('Something went wrong with attrThree...'); + }); + + expect(() => + service.encryptAttributesSync({ type: 'known-type-1', id: 'object-id' }, attributes) + ).toThrowError(EncryptionError); + + expect(attributes).toEqual({ + attrOne: 'one', + attrTwo: 'two', + attrThree: 'three', + }); + }); +}); + +describe('#decryptAttributesSync', () => { + it('does not decrypt attributes that are not supposed to be decrypted', () => { + const attributes = { attrOne: 'one', attrTwo: 'two', attrThree: 'three' }; + + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrFour']), + }); + + expect( + service.decryptAttributesSync({ type: 'known-type-1', id: 'object-id' }, attributes) + ).toEqual({ + attrOne: 'one', + attrTwo: 'two', + attrThree: 'three', + }); + }); + + it('decrypts only attributes that are supposed to be decrypted', () => { + const attributes = { attrOne: 'one', attrTwo: 'two', attrThree: 'three', attrFour: null }; + + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrOne', 'attrThree', 'attrFour']), + }); + + const encryptedAttributes = service.encryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + attributes + ); + expect(encryptedAttributes).toEqual({ + attrOne: expect.not.stringMatching(/^one$/), + attrTwo: 'two', + attrThree: expect.not.stringMatching(/^three$/), + attrFour: null, + }); + + expect( + service.decryptAttributesSync({ type: 'known-type-1', id: 'object-id' }, encryptedAttributes) + ).toEqual({ + attrOne: 'one', + attrTwo: 'two', + attrThree: 'three', + attrFour: null, + }); + }); + + it('decrypts only attributes that are supposed to be encrypted even if not all provided', () => { + const attributes = { attrTwo: 'two', attrThree: 'three' }; + + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrOne', 'attrThree']), + }); + + const encryptedAttributes = service.encryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + attributes + ); + expect(encryptedAttributes).toEqual({ + attrTwo: 'two', + attrThree: expect.not.stringMatching(/^three$/), + }); + + expect( + service.decryptAttributesSync({ type: 'known-type-1', id: 'object-id' }, encryptedAttributes) + ).toEqual({ + attrTwo: 'two', + attrThree: 'three', + }); + }); + + it('decrypts if all attributes that contribute to AAD are present', () => { + const attributes = { attrOne: 'one', attrTwo: 'two', attrThree: 'three' }; + + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrThree']), + attributesToExcludeFromAAD: new Set(['attrOne']), + }); + + const encryptedAttributes = service.encryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + attributes + ); + expect(encryptedAttributes).toEqual({ + attrOne: 'one', + attrTwo: 'two', + attrThree: expect.not.stringMatching(/^three$/), + }); + + const attributesWithoutAttr = { attrTwo: 'two', attrThree: encryptedAttributes.attrThree }; + + expect( + service.decryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + attributesWithoutAttr + ) + ).toEqual({ + attrTwo: 'two', + attrThree: 'three', + }); + }); + + it('decrypts even if attributes in AAD are defined in a different order', () => { + const attributes = { attrOne: 'one', attrTwo: 'two', attrThree: 'three' }; + + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrThree']), + }); + + const encryptedAttributes = service.encryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + attributes + ); + expect(encryptedAttributes).toEqual({ + attrOne: 'one', + attrTwo: 'two', + attrThree: expect.not.stringMatching(/^three$/), + }); + + const attributesInDifferentOrder = { + attrThree: encryptedAttributes.attrThree, + attrTwo: 'two', + attrOne: 'one', + }; + + expect( + service.decryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + attributesInDifferentOrder + ) + ).toEqual({ + attrOne: 'one', + attrTwo: 'two', + attrThree: 'three', + }); + }); + + it('decrypts if correct namespace is provided', () => { + const attributes = { attrOne: 'one', attrTwo: 'two', attrThree: 'three' }; + + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrThree']), + }); + + const encryptedAttributes = service.encryptAttributesSync( + { type: 'known-type-1', id: 'object-id', namespace: 'object-ns' }, + attributes + ); + expect(encryptedAttributes).toEqual({ + attrOne: 'one', + attrTwo: 'two', + attrThree: expect.not.stringMatching(/^three$/), + }); + + expect( + service.decryptAttributesSync( + { type: 'known-type-1', id: 'object-id', namespace: 'object-ns' }, + encryptedAttributes + ) + ).toEqual({ + attrOne: 'one', + attrTwo: 'two', + attrThree: 'three', + }); + }); + + it('decrypts even if no attributes are included into AAD', () => { + const attributes = { attrOne: 'one', attrThree: 'three' }; + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrOne', 'attrThree']), + }); + + const encryptedAttributes = service.encryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + attributes + ); + expect(encryptedAttributes).toEqual({ + attrOne: expect.not.stringMatching(/^one$/), + attrThree: expect.not.stringMatching(/^three$/), + }); + + expect( + service.decryptAttributesSync({ type: 'known-type-1', id: 'object-id' }, encryptedAttributes) + ).toEqual({ + attrOne: 'one', + attrThree: 'three', + }); + }); + + it('decrypts non-string attributes and restores their original type', () => { + const attributes = { + attrOne: 'one', + attrTwo: 'two', + attrThree: 'three', + attrFour: null, + attrFive: { nested: 'five' }, + attrSix: 6, + }; + + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrOne', 'attrThree', 'attrFour', 'attrFive', 'attrSix']), + }); + + const encryptedAttributes = service.encryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + attributes + ); + expect(encryptedAttributes).toEqual({ + attrOne: expect.not.stringMatching(/^one$/), + attrTwo: 'two', + attrThree: expect.not.stringMatching(/^three$/), + attrFour: null, + attrFive: expect.any(String), + attrSix: expect.any(String), + }); + + expect( + service.decryptAttributesSync({ type: 'known-type-1', id: 'object-id' }, encryptedAttributes) + ).toEqual({ + attrOne: 'one', + attrTwo: 'two', + attrThree: 'three', + attrFour: null, + attrFive: { nested: 'five' }, + attrSix: 6, + }); + }); + + describe('decryption failures', () => { + let encryptedAttributes: Record; + + const type1 = { + type: 'known-type-1', + attributesToEncrypt: new Set(['attrThree']), + }; + + const type2 = { + type: 'known-type-2', + attributesToEncrypt: new Set(['attrThree']), + }; + + beforeEach(() => { + service.registerType(type1); + service.registerType(type2); + + const attributes = { attrOne: 'one', attrTwo: 'two', attrThree: 'three' }; + + encryptedAttributes = service.encryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + attributes + ); + }); + + it('fails to decrypt if not all attributes that contribute to AAD are present', () => { + const attributesWithoutAttr = { attrTwo: 'two', attrThree: encryptedAttributes.attrThree }; + expect(() => + service.decryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + attributesWithoutAttr + ) + ).toThrowError(EncryptionError); + }); + + it('fails to decrypt if ID does not match', () => { + expect(() => + service.decryptAttributesSync( + { type: 'known-type-1', id: 'object-id*' }, + encryptedAttributes + ) + ).toThrowError(EncryptionError); + }); + + it('fails to decrypt if type does not match', () => { + expect(() => + service.decryptAttributesSync( + { type: 'known-type-2', id: 'object-id' }, + encryptedAttributes + ) + ).toThrowError(EncryptionError); + }); + + it('fails to decrypt if namespace does not match', () => { + encryptedAttributes = service.encryptAttributesSync( + { type: 'known-type-1', id: 'object-id', namespace: 'object-ns' }, + { attrOne: 'one', attrTwo: 'two', attrThree: 'three' } + ); + + expect(() => + service.decryptAttributesSync( + { type: 'known-type-1', id: 'object-id', namespace: 'object-NS' }, + encryptedAttributes + ) + ).toThrowError(EncryptionError); + }); + + it('fails to decrypt if namespace is expected, but is not provided', () => { + encryptedAttributes = service.encryptAttributesSync( + { type: 'known-type-1', id: 'object-id', namespace: 'object-ns' }, + { attrOne: 'one', attrTwo: 'two', attrThree: 'three' } + ); + + expect(() => + service.decryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + encryptedAttributes + ) + ).toThrowError(EncryptionError); + }); + + it('fails to decrypt if encrypted attribute is defined, but not a string', () => { + expect(() => + service.decryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + { + ...encryptedAttributes, + attrThree: 2, + } + ) + ).toThrowError('Encrypted "attrThree" attribute should be a string, but found number'); + }); + + it('fails to decrypt if encrypted attribute is not correct', () => { + expect(() => + service.decryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + { + ...encryptedAttributes, + attrThree: 'some-unknown-string', + } + ) + ).toThrowError(EncryptionError); + }); + + it('fails to decrypt if the AAD attribute has changed', () => { + expect(() => + service.decryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + { + ...encryptedAttributes, + attrOne: 'oNe', + } + ) + ).toThrowError(EncryptionError); + }); + + it('fails if encrypted with another encryption key', () => { + service = new EncryptedSavedObjectsService( + nodeCrypto({ encryptionKey: 'encryption-key-abc*' }), + loggingSystemMock.create().get(), + mockAuditLogger + ); + + service.registerType({ + type: 'known-type-1', + attributesToEncrypt: new Set(['attrThree']), + }); + + expect(() => + service.decryptAttributesSync( + { type: 'known-type-1', id: 'object-id' }, + encryptedAttributes + ) + ).toThrowError(EncryptionError); + }); + }); +}); diff --git a/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.ts b/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.ts index 5cf3e1c2d65ae..99361107047c2 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.ts @@ -4,9 +4,9 @@ * you may not use this file except in compliance with the Elastic License. */ -import nodeCrypto, { Crypto } from '@elastic/node-crypto'; -import stringify from 'json-stable-stringify'; +import { Crypto, EncryptOutput } from '@elastic/node-crypto'; import typeDetect from 'type-detect'; +import stringify from 'json-stable-stringify'; import { Logger } from 'src/core/server'; import { AuthenticatedUser } from '../../../security/common/model'; import { EncryptedSavedObjectsAuditLogger } from '../audit'; @@ -70,8 +70,6 @@ export function descriptorToArray(descriptor: SavedObjectDescriptor) { * attributes. */ export class EncryptedSavedObjectsService { - private readonly crypto: Readonly; - /** * Map of all registered saved object types where the `key` is saved object type and the `value` * is the definition (names of attributes that need to be encrypted etc.). @@ -82,17 +80,15 @@ export class EncryptedSavedObjectsService { > = new Map(); /** - * @param encryptionKey The key used to encrypt and decrypt saved objects attributes. + * @param crypto nodeCrypto instance. * @param logger Ordinary logger instance. * @param audit Audit logger instance. */ constructor( - encryptionKey: string, + private readonly crypto: Readonly, private readonly logger: Logger, private readonly audit: EncryptedSavedObjectsAuditLogger - ) { - this.crypto = nodeCrypto({ encryptionKey }); - } + ) {} /** * Registers saved object type as the one that contains attributes that should be encrypted. @@ -193,20 +189,11 @@ export class EncryptedSavedObjectsService { return { attributes: clonedAttributes as T, error: decryptionError }; } - /** - * Takes saved object attributes for the specified type and encrypts all of them that are supposed - * to be encrypted if any and returns that __NEW__ attributes dictionary back. If none of the - * attributes were encrypted original attributes dictionary is returned. - * @param descriptor Descriptor of the saved object to encrypt attributes for. - * @param attributes Dictionary of __ALL__ saved object attributes. - * @param [params] Additional parameters. - * @throws Will throw if encryption fails for whatever reason. - */ - public async encryptAttributes>( + private *attributesToEncryptIterator>( descriptor: SavedObjectDescriptor, attributes: T, params?: CommonParameters - ): Promise { + ): Iterator<[unknown, string], T, string> { const typeDefinition = this.typeDefinitions.get(descriptor.type); if (typeDefinition === undefined) { return attributes; @@ -218,10 +205,7 @@ export class EncryptedSavedObjectsService { const attributeValue = attributes[attributeName]; if (attributeValue != null) { try { - encryptedAttributes[attributeName] = await this.crypto.encrypt( - attributeValue, - encryptionAAD - ); + encryptedAttributes[attributeName] = (yield [attributeValue, encryptionAAD])!; } catch (err) { this.logger.error( `Failed to encrypt "${attributeName}" attribute: ${err.message || err}` @@ -263,6 +247,64 @@ export class EncryptedSavedObjectsService { }; } + /** + * Takes saved object attributes for the specified type and encrypts all of them that are supposed + * to be encrypted if any and returns that __NEW__ attributes dictionary back. If none of the + * attributes were encrypted original attributes dictionary is returned. + * @param descriptor Descriptor of the saved object to encrypt attributes for. + * @param attributes Dictionary of __ALL__ saved object attributes. + * @param [params] Additional parameters. + * @throws Will throw if encryption fails for whatever reason. + */ + public async encryptAttributes>( + descriptor: SavedObjectDescriptor, + attributes: T, + params?: CommonParameters + ): Promise { + const iterator = this.attributesToEncryptIterator(descriptor, attributes, params); + + let iteratorResult = iterator.next(); + while (!iteratorResult.done) { + const [attributeValue, encryptionAAD] = iteratorResult.value; + try { + iteratorResult = iterator.next(await this.crypto.encrypt(attributeValue, encryptionAAD)); + } catch (err) { + iterator.throw!(err); + } + } + + return iteratorResult.value; + } + + /** + * Takes saved object attributes for the specified type and encrypts all of them that are supposed + * to be encrypted if any and returns that __NEW__ attributes dictionary back. If none of the + * attributes were encrypted original attributes dictionary is returned. + * @param descriptor Descriptor of the saved object to encrypt attributes for. + * @param attributes Dictionary of __ALL__ saved object attributes. + * @param [params] Additional parameters. + * @throws Will throw if encryption fails for whatever reason. + */ + public encryptAttributesSync>( + descriptor: SavedObjectDescriptor, + attributes: T, + params?: CommonParameters + ): T { + const iterator = this.attributesToEncryptIterator(descriptor, attributes, params); + + let iteratorResult = iterator.next(); + while (!iteratorResult.done) { + const [attributeValue, encryptionAAD] = iteratorResult.value; + try { + iteratorResult = iterator.next(this.crypto.encryptSync(attributeValue, encryptionAAD)); + } catch (err) { + iterator.throw!(err); + } + } + + return iteratorResult.value; + } + /** * Takes saved object attributes for the specified type and decrypts all of them that are supposed * to be encrypted if any and returns that __NEW__ attributes dictionary back. If none of the @@ -278,13 +320,65 @@ export class EncryptedSavedObjectsService { attributes: T, params?: CommonParameters ): Promise { + const iterator = this.attributesToDecryptIterator(descriptor, attributes, params); + + let iteratorResult = iterator.next(); + while (!iteratorResult.done) { + const [attributeValue, encryptionAAD] = iteratorResult.value; + try { + iteratorResult = iterator.next( + (await this.crypto.decrypt(attributeValue, encryptionAAD)) as string + ); + } catch (err) { + iterator.throw!(err); + } + } + + return iteratorResult.value; + } + + /** + * Takes saved object attributes for the specified type and decrypts all of them that are supposed + * to be encrypted if any and returns that __NEW__ attributes dictionary back. If none of the + * attributes were decrypted original attributes dictionary is returned. + * @param descriptor Descriptor of the saved object to decrypt attributes for. + * @param attributes Dictionary of __ALL__ saved object attributes. + * @param [params] Additional parameters. + * @throws Will throw if decryption fails for whatever reason. + * @throws Will throw if any of the attributes to decrypt is not a string. + */ + public decryptAttributesSync>( + descriptor: SavedObjectDescriptor, + attributes: T, + params?: CommonParameters + ): T { + const iterator = this.attributesToDecryptIterator(descriptor, attributes, params); + + let iteratorResult = iterator.next(); + while (!iteratorResult.done) { + const [attributeValue, encryptionAAD] = iteratorResult.value; + try { + iteratorResult = iterator.next(this.crypto.decryptSync(attributeValue, encryptionAAD)); + } catch (err) { + iterator.throw!(err); + } + } + + return iteratorResult.value; + } + + private *attributesToDecryptIterator>( + descriptor: SavedObjectDescriptor, + attributes: T, + params?: CommonParameters + ): Iterator<[string, string], T, EncryptOutput> { const typeDefinition = this.typeDefinitions.get(descriptor.type); if (typeDefinition === undefined) { return attributes; } const encryptionAAD = this.getAAD(typeDefinition, descriptor, attributes); - const decryptedAttributes: Record = {}; + const decryptedAttributes: Record = {}; for (const attributeName of typeDefinition.attributesToEncrypt) { const attributeValue = attributes[attributeName]; if (attributeValue == null) { @@ -301,10 +395,7 @@ export class EncryptedSavedObjectsService { } try { - decryptedAttributes[attributeName] = (await this.crypto.decrypt( - attributeValue, - encryptionAAD - )) as string; + decryptedAttributes[attributeName] = (yield [attributeValue, encryptionAAD])!; } catch (err) { this.logger.error(`Failed to decrypt "${attributeName}" attribute: ${err.message || err}`); this.audit.decryptAttributeFailure(attributeName, descriptor, params?.user); diff --git a/x-pack/plugins/encrypted_saved_objects/server/crypto/index.mock.ts b/x-pack/plugins/encrypted_saved_objects/server/crypto/index.mock.ts index 11a0cd6f33307..3e4983deca625 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/crypto/index.mock.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/crypto/index.mock.ts @@ -4,71 +4,4 @@ * you may not use this file except in compliance with the Elastic License. */ -import { - EncryptedSavedObjectsService, - EncryptedSavedObjectTypeRegistration, - SavedObjectDescriptor, -} from '.'; - -export const encryptedSavedObjectsServiceMock = { - create(registrations: EncryptedSavedObjectTypeRegistration[] = []) { - const mock: jest.Mocked = new (jest.requireMock( - './encrypted_saved_objects_service' - ).EncryptedSavedObjectsService)(); - - function processAttributes>( - descriptor: Pick, - attrs: T, - action: (attrs: T, attrName: string, shouldExpose: boolean) => void - ) { - const registration = registrations.find((r) => r.type === descriptor.type); - if (!registration) { - return attrs; - } - - const clonedAttrs = { ...attrs }; - for (const attr of registration.attributesToEncrypt) { - const [attrName, shouldExpose] = - typeof attr === 'string' - ? [attr, false] - : [attr.key, attr.dangerouslyExposeValue === true]; - if (attrName in clonedAttrs) { - action(clonedAttrs, attrName, shouldExpose); - } - } - return clonedAttrs; - } - - mock.isRegistered.mockImplementation( - (type) => registrations.findIndex((r) => r.type === type) >= 0 - ); - mock.encryptAttributes.mockImplementation(async (descriptor, attrs) => - processAttributes( - descriptor, - attrs, - (clonedAttrs, attrName) => (clonedAttrs[attrName] = `*${clonedAttrs[attrName]}*`) - ) - ); - mock.decryptAttributes.mockImplementation(async (descriptor, attrs) => - processAttributes( - descriptor, - attrs, - (clonedAttrs, attrName) => - (clonedAttrs[attrName] = (clonedAttrs[attrName] as string).slice(1, -1)) - ) - ); - mock.stripOrDecryptAttributes.mockImplementation((descriptor, attrs) => - Promise.resolve({ - attributes: processAttributes(descriptor, attrs, (clonedAttrs, attrName, shouldExpose) => { - if (shouldExpose) { - clonedAttrs[attrName] = (clonedAttrs[attrName] as string).slice(1, -1); - } else { - delete clonedAttrs[attrName]; - } - }), - }) - ); - - return mock; - }, -}; +export { encryptedSavedObjectsServiceMock } from './encrypted_saved_objects_service.mocks'; diff --git a/x-pack/plugins/encrypted_saved_objects/server/crypto/index.ts b/x-pack/plugins/encrypted_saved_objects/server/crypto/index.ts index 0849f0eb320dd..75445bd24eba8 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/crypto/index.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/crypto/index.ts @@ -11,3 +11,4 @@ export { SavedObjectDescriptor, } from './encrypted_saved_objects_service'; export { EncryptionError } from './encryption_error'; +export { EncryptedSavedObjectAttributesDefinition } from './encrypted_saved_object_type_definition'; diff --git a/x-pack/plugins/encrypted_saved_objects/server/mocks.ts b/x-pack/plugins/encrypted_saved_objects/server/mocks.ts index 38ac8f254315e..adec3a3b9fbf4 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/mocks.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/mocks.ts @@ -12,6 +12,7 @@ function createEncryptedSavedObjectsSetupMock() { registerType: jest.fn(), __legacyCompat: { registerLegacyAPI: jest.fn() }, usingEphemeralEncryptionKey: true, + createMigration: jest.fn(), } as jest.Mocked; } diff --git a/x-pack/plugins/encrypted_saved_objects/server/plugin.test.ts b/x-pack/plugins/encrypted_saved_objects/server/plugin.test.ts index 4afd74488f9fe..57108954f2568 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/plugin.test.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/plugin.test.ts @@ -16,6 +16,7 @@ describe('EncryptedSavedObjects Plugin', () => { await expect(plugin.setup(coreMock.createSetup(), { security: securityMock.createSetup() })) .resolves.toMatchInlineSnapshot(` Object { + "createMigration": [Function], "registerType": [Function], "usingEphemeralEncryptionKey": true, } diff --git a/x-pack/plugins/encrypted_saved_objects/server/plugin.ts b/x-pack/plugins/encrypted_saved_objects/server/plugin.ts index cdbdd18b9d696..69777798ddf19 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/plugin.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/plugin.ts @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ +import nodeCrypto from '@elastic/node-crypto'; import { Logger, PluginInitializerContext, CoreSetup } from 'src/core/server'; import { first } from 'rxjs/operators'; import { SecurityPluginSetup } from '../../security/server'; @@ -15,6 +16,7 @@ import { } from './crypto'; import { EncryptedSavedObjectsAuditLogger } from './audit'; import { setupSavedObjects, ClientInstanciator } from './saved_objects'; +import { getCreateMigration, CreateEncryptedSavedObjectsMigrationFn } from './create_migration'; export interface PluginsSetup { security?: SecurityPluginSetup; @@ -23,6 +25,7 @@ export interface PluginsSetup { export interface EncryptedSavedObjectsPluginSetup { registerType: (typeRegistration: EncryptedSavedObjectTypeRegistration) => void; usingEphemeralEncryptionKey: boolean; + createMigration: CreateEncryptedSavedObjectsMigrationFn; } export interface EncryptedSavedObjectsPluginStart { @@ -45,18 +48,18 @@ export class Plugin { core: CoreSetup, deps: PluginsSetup ): Promise { - const { config, usingEphemeralEncryptionKey } = await createConfig$(this.initializerContext) - .pipe(first()) - .toPromise(); + const { + config: { encryptionKey }, + usingEphemeralEncryptionKey, + } = await createConfig$(this.initializerContext).pipe(first()).toPromise(); + + const crypto = nodeCrypto({ encryptionKey }); + const auditLogger = new EncryptedSavedObjectsAuditLogger( + deps.security?.audit.getLogger('encryptedSavedObjects') + ); const service = Object.freeze( - new EncryptedSavedObjectsService( - config.encryptionKey, - this.logger, - new EncryptedSavedObjectsAuditLogger( - deps.security?.audit.getLogger('encryptedSavedObjects') - ) - ) + new EncryptedSavedObjectsService(crypto, this.logger, auditLogger) ); this.savedObjectsSetup = setupSavedObjects({ @@ -70,6 +73,18 @@ export class Plugin { registerType: (typeRegistration: EncryptedSavedObjectTypeRegistration) => service.registerType(typeRegistration), usingEphemeralEncryptionKey, + createMigration: getCreateMigration( + service, + (typeRegistration: EncryptedSavedObjectTypeRegistration) => { + const serviceForMigration = new EncryptedSavedObjectsService( + crypto, + this.logger, + auditLogger + ); + serviceForMigration.registerType(typeRegistration); + return serviceForMigration; + } + ), }; } diff --git a/x-pack/plugins/encrypted_saved_objects/server/saved_objects/encrypted_saved_objects_client_wrapper.test.ts b/x-pack/plugins/encrypted_saved_objects/server/saved_objects/encrypted_saved_objects_client_wrapper.test.ts index ec5d81532e238..eea19bb1aa7dd 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/saved_objects/encrypted_saved_objects_client_wrapper.test.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/saved_objects/encrypted_saved_objects_client_wrapper.test.ts @@ -22,7 +22,7 @@ let encryptedSavedObjectsServiceMockInstance: jest.Mocked { mockBaseClient = savedObjectsClientMock.create(); mockBaseTypeRegistry = savedObjectsTypeRegistryMock.create(); - encryptedSavedObjectsServiceMockInstance = encryptedSavedObjectsServiceMock.create([ + encryptedSavedObjectsServiceMockInstance = encryptedSavedObjectsServiceMock.createWithTypes([ { type: 'known-type', attributesToEncrypt: new Set([ diff --git a/x-pack/plugins/encrypted_saved_objects/server/saved_objects/index.test.ts b/x-pack/plugins/encrypted_saved_objects/server/saved_objects/index.test.ts index 8e9f12268cd7e..ef9aed8706e2c 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/saved_objects/index.test.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/saved_objects/index.test.ts @@ -42,7 +42,7 @@ describe('#setupSavedObjects', () => { coreSetupMock = coreMock.createSetup(); coreSetupMock.getStartServices.mockResolvedValue([coreStartMock, {}, {}]); - mockEncryptedSavedObjectsService = encryptedSavedObjectsServiceMock.create([ + mockEncryptedSavedObjectsService = encryptedSavedObjectsServiceMock.createWithTypes([ { type: 'known-type', attributesToEncrypt: new Set(['attrSecret']) }, ]); setupContract = setupSavedObjects({ diff --git a/x-pack/plugins/features/server/routes/index.test.ts b/x-pack/plugins/features/server/routes/index.test.ts index c2e8cd6129d80..3d1efc8a479b2 100644 --- a/x-pack/plugins/features/server/routes/index.test.ts +++ b/x-pack/plugins/features/server/routes/index.test.ts @@ -16,9 +16,7 @@ import { FeatureConfig } from '../../common'; function createContextMock(licenseType: LicenseType = 'gold') { return { core: coreMock.createRequestHandlerContext(), - licensing: { - license: licensingMock.createLicense({ license: { type: licenseType } }), - }, + licensing: licensingMock.createRequestHandlerContext({ license: { type: licenseType } }), }; } diff --git a/x-pack/plugins/infra/kibana.json b/x-pack/plugins/infra/kibana.json index 4701182c96813..4e23f1985d450 100644 --- a/x-pack/plugins/infra/kibana.json +++ b/x-pack/plugins/infra/kibana.json @@ -13,6 +13,9 @@ "alerts", "triggers_actions_ui" ], + "optionalPlugins": [ + "ml" + ], "server": true, "ui": true, "configPath": ["xpack", "infra"] diff --git a/x-pack/plugins/infra/public/alerting/inventory/components/alert_dropdown.tsx b/x-pack/plugins/infra/public/alerting/inventory/components/alert_dropdown.tsx index 47a0f037816bc..04642a01c15b4 100644 --- a/x-pack/plugins/infra/public/alerting/inventory/components/alert_dropdown.tsx +++ b/x-pack/plugins/infra/public/alerting/inventory/components/alert_dropdown.tsx @@ -7,6 +7,7 @@ import React, { useState, useCallback, useMemo } from 'react'; import { EuiPopover, EuiButtonEmpty, EuiContextMenuItem, EuiContextMenuPanel } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; +import { useAlertPrefillContext } from '../../../alerting/use_alert_prefill'; import { AlertFlyout } from './alert_flyout'; import { useKibana } from '../../../../../../../src/plugins/kibana_react/public'; @@ -15,6 +16,9 @@ export const InventoryAlertDropdown = () => { const [flyoutVisible, setFlyoutVisible] = useState(false); const kibana = useKibana(); + const { inventoryPrefill } = useAlertPrefillContext(); + const { nodeType, metric, filterQuery } = inventoryPrefill; + const closePopover = useCallback(() => { setPopoverOpen(false); }, [setPopoverOpen]); @@ -57,7 +61,13 @@ export const InventoryAlertDropdown = () => { > - + ); }; diff --git a/x-pack/plugins/infra/public/alerting/inventory/hooks/use_inventory_alert_prefill.ts b/x-pack/plugins/infra/public/alerting/inventory/hooks/use_inventory_alert_prefill.ts new file mode 100644 index 0000000000000..d659057b95ed9 --- /dev/null +++ b/x-pack/plugins/infra/public/alerting/inventory/hooks/use_inventory_alert_prefill.ts @@ -0,0 +1,24 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { useState } from 'react'; +import { SnapshotMetricInput } from '../../../../common/http_api/snapshot_api'; +import { InventoryItemType } from '../../../../common/inventory_models/types'; + +export const useInventoryAlertPrefill = () => { + const [nodeType, setNodeType] = useState('host'); + const [filterQuery, setFilterQuery] = useState(); + const [metric, setMetric] = useState({ type: 'cpu' }); + + return { + nodeType, + filterQuery, + metric, + setNodeType, + setFilterQuery, + setMetric, + }; +}; diff --git a/x-pack/plugins/infra/public/alerting/metric_threshold/components/alert_dropdown.tsx b/x-pack/plugins/infra/public/alerting/metric_threshold/components/alert_dropdown.tsx index d26575f65dfec..384a93e796dbe 100644 --- a/x-pack/plugins/infra/public/alerting/metric_threshold/components/alert_dropdown.tsx +++ b/x-pack/plugins/infra/public/alerting/metric_threshold/components/alert_dropdown.tsx @@ -7,14 +7,18 @@ import React, { useState, useCallback, useMemo } from 'react'; import { EuiPopover, EuiButtonEmpty, EuiContextMenuItem, EuiContextMenuPanel } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; -import { AlertFlyout } from './alert_flyout'; import { useKibana } from '../../../../../../../src/plugins/kibana_react/public'; +import { useAlertPrefillContext } from '../../use_alert_prefill'; +import { AlertFlyout } from './alert_flyout'; export const MetricsAlertDropdown = () => { const [popoverOpen, setPopoverOpen] = useState(false); const [flyoutVisible, setFlyoutVisible] = useState(false); const kibana = useKibana(); + const { metricThresholdPrefill } = useAlertPrefillContext(); + const { groupBy, filterQuery, metrics } = metricThresholdPrefill; + const closePopover = useCallback(() => { setPopoverOpen(false); }, [setPopoverOpen]); @@ -57,7 +61,11 @@ export const MetricsAlertDropdown = () => { > - + ); }; diff --git a/x-pack/plugins/infra/public/alerting/metric_threshold/components/expression.test.tsx b/x-pack/plugins/infra/public/alerting/metric_threshold/components/expression.test.tsx new file mode 100644 index 0000000000000..f6119107ac133 --- /dev/null +++ b/x-pack/plugins/infra/public/alerting/metric_threshold/components/expression.test.tsx @@ -0,0 +1,119 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { mountWithIntl, nextTick } from 'test_utils/enzyme_helpers'; +import { actionTypeRegistryMock } from '../../../../../triggers_actions_ui/public/application/action_type_registry.mock'; +import { alertTypeRegistryMock } from '../../../../../triggers_actions_ui/public/application/alert_type_registry.mock'; +import { coreMock } from '../../../../../../../src/core/public/mocks'; +import { AlertsContextValue } from '../../../../../triggers_actions_ui/public/application/context/alerts_context'; +import { AlertContextMeta } from '../types'; +import { MetricsExplorerMetric } from '../../../../common/http_api/metrics_explorer'; +import React from 'react'; +import { Expressions } from './expression'; +import { act } from 'react-dom/test-utils'; +// eslint-disable-next-line @kbn/eslint/no-restricted-paths +import { Comparator } from '../../../../server/lib/alerting/metric_threshold/types'; + +jest.mock('../../../containers/source/use_source_via_http', () => ({ + useSourceViaHttp: () => ({ + source: { id: 'default' }, + createDerivedIndexPattern: () => ({ fields: [], title: 'metricbeat-*' }), + }), +})); + +describe('Expression', () => { + async function setup(currentOptions: { + metrics?: MetricsExplorerMetric[]; + filterQuery?: string; + groupBy?: string; + }) { + const alertParams = { + criteria: [], + groupBy: undefined, + filterQueryText: '', + }; + + const mocks = coreMock.createSetup(); + const startMocks = coreMock.createStart(); + const [ + { + application: { capabilities }, + }, + ] = await mocks.getStartServices(); + + const context: AlertsContextValue = { + http: mocks.http, + toastNotifications: mocks.notifications.toasts, + actionTypeRegistry: actionTypeRegistryMock.create() as any, + alertTypeRegistry: alertTypeRegistryMock.create() as any, + docLinks: startMocks.docLinks, + capabilities: { + ...capabilities, + actions: { + delete: true, + save: true, + show: true, + }, + }, + metadata: { + currentOptions, + }, + }; + + const wrapper = mountWithIntl( + Reflect.set(alertParams, key, value)} + setAlertProperty={() => {}} + /> + ); + + const update = async () => + await act(async () => { + await nextTick(); + wrapper.update(); + }); + + await update(); + + return { wrapper, update, alertParams }; + } + + it('should prefill the alert using the context metadata', async () => { + const currentOptions = { + groupBy: 'host.hostname', + filterQuery: 'foo', + metrics: [ + { aggregation: 'avg', field: 'system.load.1' }, + { aggregation: 'cardinality', field: 'system.cpu.user.pct' }, + ] as MetricsExplorerMetric[], + }; + const { alertParams } = await setup(currentOptions); + expect(alertParams.groupBy).toBe('host.hostname'); + expect(alertParams.filterQueryText).toBe('foo'); + expect(alertParams.criteria).toEqual([ + { + metric: 'system.load.1', + comparator: Comparator.GT, + threshold: [], + timeSize: 1, + timeUnit: 'm', + aggType: 'avg', + }, + { + metric: 'system.cpu.user.pct', + comparator: Comparator.GT, + threshold: [], + timeSize: 1, + timeUnit: 'm', + aggType: 'cardinality', + }, + ]); + }); +}); diff --git a/x-pack/plugins/infra/public/alerting/metric_threshold/components/expression.tsx b/x-pack/plugins/infra/public/alerting/metric_threshold/components/expression.tsx index 3c3351f4ddd76..f45474f284484 100644 --- a/x-pack/plugins/infra/public/alerting/metric_threshold/components/expression.tsx +++ b/x-pack/plugins/infra/public/alerting/metric_threshold/components/expression.tsx @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { debounce, pick } from 'lodash'; +import { debounce, pick, omit } from 'lodash'; import { Unit } from '@elastic/datemath'; import * as rt from 'io-ts'; import React, { ChangeEvent, useCallback, useMemo, useEffect, useState } from 'react'; @@ -52,7 +52,7 @@ import { useSourceViaHttp } from '../../../containers/source/use_source_via_http import { convertKueryToElasticSearchQuery } from '../../../utils/kuery'; import { ExpressionRow } from './expression_row'; -import { AlertContextMeta, TimeUnit, MetricExpression } from '../types'; +import { AlertContextMeta, TimeUnit, MetricExpression, AlertParams } from '../types'; import { ExpressionChart } from './expression_chart'; import { validateMetricThreshold } from './validation'; @@ -60,14 +60,7 @@ const FILTER_TYPING_DEBOUNCE_MS = 500; interface Props { errors: IErrorObject[]; - alertParams: { - criteria: MetricExpression[]; - groupBy?: string; - filterQuery?: string; - sourceId?: string; - filterQueryText?: string; - alertOnNoData?: boolean; - }; + alertParams: AlertParams; alertsContext: AlertsContextValue; alertInterval: string; setAlertParams(key: string, value: any): void; @@ -81,6 +74,7 @@ const defaultExpression = { timeSize: 1, timeUnit: 'm', } as MetricExpression; +export { defaultExpression }; export const Expressions: React.FC = (props) => { const { setAlertParams, alertParams, errors, alertsContext, alertInterval } = props; @@ -247,6 +241,13 @@ export const Expressions: React.FC = (props) => { } }, [alertsContext.metadata, derivedIndexPattern, setAlertParams]); + const preFillAlertGroupBy = useCallback(() => { + const md = alertsContext.metadata; + if (md && md.currentOptions?.groupBy && !md.series) { + setAlertParams('groupBy', md.currentOptions.groupBy); + } + }, [alertsContext.metadata, setAlertParams]); + const onSelectPreviewLookbackInterval = useCallback((e) => { setPreviewLookbackInterval(e.target.value); setPreviewResult(null); @@ -286,6 +287,10 @@ export const Expressions: React.FC = (props) => { preFillAlertFilter(); } + if (!alertParams.groupBy) { + preFillAlertGroupBy(); + } + if (!alertParams.sourceId) { setAlertParams('sourceId', source?.id || 'default'); } @@ -465,7 +470,7 @@ export const Expressions: React.FC = (props) => { id="selectPreviewLookbackInterval" value={previewLookbackInterval} onChange={onSelectPreviewLookbackInterval} - options={previewOptions} + options={previewDOMOptions} /> @@ -588,6 +593,10 @@ export const Expressions: React.FC = (props) => { ); }; +const previewDOMOptions: Array<{ text: string; value: string }> = previewOptions.map((o) => + omit(o, 'shortText') +); + // required for dynamic import // eslint-disable-next-line import/no-default-export export default Expressions; diff --git a/x-pack/plugins/infra/public/alerting/metric_threshold/components/validation.tsx b/x-pack/plugins/infra/public/alerting/metric_threshold/components/validation.tsx index da342f0a45420..2221d3cd4fe12 100644 --- a/x-pack/plugins/infra/public/alerting/metric_threshold/components/validation.tsx +++ b/x-pack/plugins/infra/public/alerting/metric_threshold/components/validation.tsx @@ -50,7 +50,7 @@ export function validateMetricThreshold({ if (!c.aggType) { errors[id].aggField.push( i18n.translate('xpack.infra.metrics.alertFlyout.error.aggregationRequired', { - defaultMessage: 'Aggreation is required.', + defaultMessage: 'Aggregation is required.', }) ); } diff --git a/x-pack/plugins/infra/public/alerting/metric_threshold/hooks/use_metric_threshold_alert_prefill.ts b/x-pack/plugins/infra/public/alerting/metric_threshold/hooks/use_metric_threshold_alert_prefill.ts new file mode 100644 index 0000000000000..366d6aa7003e6 --- /dev/null +++ b/x-pack/plugins/infra/public/alerting/metric_threshold/hooks/use_metric_threshold_alert_prefill.ts @@ -0,0 +1,34 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { isEqual } from 'lodash'; +import { useState } from 'react'; +import { MetricsExplorerMetric } from '../../../../common/http_api/metrics_explorer'; + +interface MetricThresholdPrefillOptions { + groupBy: string | string[] | undefined; + filterQuery: string | undefined; + metrics: MetricsExplorerMetric[]; +} + +export const useMetricThresholdAlertPrefill = () => { + const [prefillOptionsState, setPrefillOptionsState] = useState({ + groupBy: undefined, + filterQuery: undefined, + metrics: [], + }); + + const { groupBy, filterQuery, metrics } = prefillOptionsState; + + return { + groupBy, + filterQuery, + metrics, + setPrefillOptions(newState: MetricThresholdPrefillOptions) { + if (!isEqual(newState, prefillOptionsState)) setPrefillOptionsState(newState); + }, + }; +}; diff --git a/x-pack/plugins/infra/public/alerting/metric_threshold/types.ts b/x-pack/plugins/infra/public/alerting/metric_threshold/types.ts index feeec4b0ce8bf..2f8d7ec0ba6f4 100644 --- a/x-pack/plugins/infra/public/alerting/metric_threshold/types.ts +++ b/x-pack/plugins/infra/public/alerting/metric_threshold/types.ts @@ -51,3 +51,12 @@ export interface ExpressionChartData { id: string; series: ExpressionChartSeries; } + +export interface AlertParams { + criteria: MetricExpression[]; + groupBy?: string; + filterQuery?: string; + sourceId?: string; + filterQueryText?: string; + alertOnNoData?: boolean; +} diff --git a/x-pack/plugins/infra/public/alerting/use_alert_prefill.ts b/x-pack/plugins/infra/public/alerting/use_alert_prefill.ts new file mode 100644 index 0000000000000..eff2fe462509f --- /dev/null +++ b/x-pack/plugins/infra/public/alerting/use_alert_prefill.ts @@ -0,0 +1,18 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import createContainer from 'constate'; +import { useMetricThresholdAlertPrefill } from './metric_threshold/hooks/use_metric_threshold_alert_prefill'; +import { useInventoryAlertPrefill } from './inventory/hooks/use_inventory_alert_prefill'; + +const useAlertPrefill = () => { + const metricThresholdPrefill = useMetricThresholdAlertPrefill(); + const inventoryPrefill = useInventoryAlertPrefill(); + + return { metricThresholdPrefill, inventoryPrefill }; +}; + +export const [AlertPrefillProvider, useAlertPrefillContext] = createContainer(useAlertPrefill); diff --git a/x-pack/plugins/infra/public/assets/anomaly_chart_minified.svg b/x-pack/plugins/infra/public/assets/anomaly_chart_minified.svg new file mode 100644 index 0000000000000..dd1b39248bba2 --- /dev/null +++ b/x-pack/plugins/infra/public/assets/anomaly_chart_minified.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/x-pack/plugins/infra/public/components/logging/log_analysis_setup/index.ts b/x-pack/plugins/infra/public/components/logging/log_analysis_setup/index.ts index 7f2982f221a3c..72099e9b1b4b6 100644 --- a/x-pack/plugins/infra/public/components/logging/log_analysis_setup/index.ts +++ b/x-pack/plugins/infra/public/components/logging/log_analysis_setup/index.ts @@ -13,3 +13,4 @@ export * from './missing_results_privileges_prompt'; export * from './missing_setup_privileges_prompt'; export * from './ml_unavailable_prompt'; export * from './setup_status_unknown_prompt'; +export * from './subscription_splash_content'; diff --git a/x-pack/plugins/infra/public/components/logging/log_analysis_setup/subscription_splash_content.tsx b/x-pack/plugins/infra/public/components/logging/log_analysis_setup/subscription_splash_content.tsx new file mode 100644 index 0000000000000..e0e293b1cc3e7 --- /dev/null +++ b/x-pack/plugins/infra/public/components/logging/log_analysis_setup/subscription_splash_content.tsx @@ -0,0 +1,174 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React, { useEffect } from 'react'; +import { i18n } from '@kbn/i18n'; +import { + EuiPage, + EuiPageBody, + EuiPageContent, + EuiFlexGroup, + EuiFlexItem, + EuiSpacer, + EuiTitle, + EuiText, + EuiButton, + EuiButtonEmpty, + EuiImage, +} from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n/react'; +import { LoadingPage } from '../../loading_page'; + +import { useKibana } from '../../../../../../../src/plugins/kibana_react/public'; +import { euiStyled } from '../../../../../observability/public'; +import { useTrialStatus } from '../../../hooks/use_trial_status'; + +export const SubscriptionSplashContent: React.FC = () => { + const { services } = useKibana(); + const { loadState, isTrialAvailable, checkTrialAvailability } = useTrialStatus(); + + useEffect(() => { + checkTrialAvailability(); + }, [checkTrialAvailability]); + + if (loadState === 'pending') { + return ( + + ); + } + + const canStartTrial = isTrialAvailable && loadState === 'resolved'; + + let title; + let description; + let cta; + + if (canStartTrial) { + title = ( + + ); + + description = ( + + ); + + cta = ( + + + + ); + } else { + title = ( + + ); + + description = ( + + ); + + cta = ( + + + + ); + } + + return ( + + + + + + +

{title}

+ + + +

{description}

+ + +
{cta}
+ + + + + + + +

+ +

+ + + + + + + + + ); +}; + +const SubscriptionPage = euiStyled(EuiPage)` + height: 100% +`; + +const SubscriptionPageContent = euiStyled(EuiPageContent)` + max-width: 768px !important; +`; + +const SubscriptionPageFooter = euiStyled.div` + background: ${(props) => props.theme.eui.euiColorLightestShade}; + margin: 0 -${(props) => props.theme.eui.paddingSizes.l} -${(props) => + props.theme.eui.paddingSizes.l}; + padding: ${(props) => props.theme.eui.paddingSizes.l}; +`; diff --git a/x-pack/plugins/infra/public/components/logging/log_text_stream/log_entry_actions_column.tsx b/x-pack/plugins/infra/public/components/logging/log_text_stream/log_entry_actions_column.tsx deleted file mode 100644 index e27de7fd6b5a8..0000000000000 --- a/x-pack/plugins/infra/public/components/logging/log_text_stream/log_entry_actions_column.tsx +++ /dev/null @@ -1,120 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import React, { useCallback } from 'react'; -import { EuiButtonIcon, EuiPopover, EuiContextMenuPanel, EuiContextMenuItem } from '@elastic/eui'; -import { i18n } from '@kbn/i18n'; - -import { LogEntryColumnContent } from './log_entry_column'; -import { euiStyled } from '../../../../../observability/public'; - -interface LogEntryActionsColumnProps { - isHovered: boolean; - isMenuOpen: boolean; - onOpenMenu: () => void; - onCloseMenu: () => void; - onViewDetails?: () => void; - onViewLogInContext?: () => void; -} - -const MENU_LABEL = i18n.translate('xpack.infra.logEntryItemView.logEntryActionsMenuToolTip', { - defaultMessage: 'View actions for line', -}); - -const LOG_DETAILS_LABEL = i18n.translate('xpack.infra.logs.logEntryActionsDetailsButton', { - defaultMessage: 'View details', -}); - -const LOG_VIEW_IN_CONTEXT_LABEL = i18n.translate( - 'xpack.infra.lobs.logEntryActionsViewInContextButton', - { - defaultMessage: 'View in context', - } -); - -export const LogEntryActionsColumn: React.FC = ({ - isHovered, - isMenuOpen, - onOpenMenu, - onCloseMenu, - onViewDetails, - onViewLogInContext, -}) => { - const handleClickViewDetails = useCallback(() => { - onCloseMenu(); - - // Function might be `undefined` and the linter doesn't like that. - // eslint-disable-next-line no-unused-expressions - onViewDetails?.(); - }, [onCloseMenu, onViewDetails]); - - const handleClickViewInContext = useCallback(() => { - onCloseMenu(); - - // Function might be `undefined` and the linter doesn't like that. - // eslint-disable-next-line no-unused-expressions - onViewLogInContext?.(); - }, [onCloseMenu, onViewLogInContext]); - - const button = ( - - - - ); - - const items = [ - - {LOG_DETAILS_LABEL} - , - ]; - - if (onViewLogInContext !== undefined) { - items.push( - - {LOG_VIEW_IN_CONTEXT_LABEL} - - ); - } - - return ( - - {isHovered || isMenuOpen ? ( - - - - - - ) : null} - - ); -}; - -const ActionsColumnContent = euiStyled(LogEntryColumnContent)` - overflow: hidden; - user-select: none; -`; - -const ButtonWrapper = euiStyled.div` - background: ${(props) => props.theme.eui.euiColorPrimary}; - border-radius: 50%; - padding: 4px; - transform: translateY(-6px); -`; - -// this prevents the button from influencing the line height -const AbsoluteWrapper = euiStyled.div` - position: absolute; -`; diff --git a/x-pack/plugins/infra/public/components/logging/log_text_stream/log_entry_context_menu.tsx b/x-pack/plugins/infra/public/components/logging/log_text_stream/log_entry_context_menu.tsx new file mode 100644 index 0000000000000..4aa81846d90ef --- /dev/null +++ b/x-pack/plugins/infra/public/components/logging/log_text_stream/log_entry_context_menu.tsx @@ -0,0 +1,94 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React, { useMemo } from 'react'; +import { i18n } from '@kbn/i18n'; +import { EuiButtonIcon, EuiPopover, EuiContextMenuPanel, EuiContextMenuItem } from '@elastic/eui'; + +import { euiStyled } from '../../../../../observability/public'; +import { LogEntryColumnContent } from './log_entry_column'; + +interface LogEntryContextMenuItem { + label: string; + onClick: () => void; +} + +interface LogEntryContextMenuProps { + 'aria-label'?: string; + isOpen: boolean; + onOpen: () => void; + onClose: () => void; + items: LogEntryContextMenuItem[]; +} + +const DEFAULT_MENU_LABEL = i18n.translate( + 'xpack.infra.logEntryItemView.logEntryActionsMenuToolTip', + { + defaultMessage: 'View actions for line', + } +); + +export const LogEntryContextMenu: React.FC = ({ + 'aria-label': ariaLabel, + isOpen, + onOpen, + onClose, + items, +}) => { + const closeMenuAndCall = useMemo(() => { + return (callback: LogEntryContextMenuItem['onClick']) => { + return () => { + onClose(); + callback(); + }; + }; + }, [onClose]); + + const button = ( + + + + ); + + const wrappedItems = useMemo(() => { + return items.map((item, i) => ( + + {item.label} + + )); + }, [items, closeMenuAndCall]); + + return ( + + + + + + + + ); +}; + +const LogEntryContextMenuContent = euiStyled(LogEntryColumnContent)` + overflow: hidden; + user-select: none; +`; + +const AbsoluteWrapper = euiStyled.div` + position: absolute; +`; + +const ButtonWrapper = euiStyled.div` + background: ${(props) => props.theme.eui.euiColorPrimary}; + border-radius: 50%; + padding: 4px; + transform: translateY(-6px); +`; diff --git a/x-pack/plugins/infra/public/components/logging/log_text_stream/log_entry_row.tsx b/x-pack/plugins/infra/public/components/logging/log_text_stream/log_entry_row.tsx index 0d971151dd95c..2d53203a60e4f 100644 --- a/x-pack/plugins/infra/public/components/logging/log_text_stream/log_entry_row.tsx +++ b/x-pack/plugins/infra/public/components/logging/log_text_stream/log_entry_row.tsx @@ -5,6 +5,7 @@ */ import React, { memo, useState, useCallback, useMemo } from 'react'; +import { i18n } from '@kbn/i18n'; import { isEmpty } from 'lodash'; import { euiStyled } from '../../../../../observability/public'; @@ -18,11 +19,26 @@ import { import { TextScale } from '../../../../common/log_text_scale'; import { LogEntryColumn, LogEntryColumnWidths, iconColumnId } from './log_entry_column'; import { LogEntryFieldColumn } from './log_entry_field_column'; -import { LogEntryActionsColumn } from './log_entry_actions_column'; import { LogEntryMessageColumn } from './log_entry_message_column'; import { LogEntryTimestampColumn } from './log_entry_timestamp_column'; import { monospaceTextStyle, hoveredContentStyle, highlightedContentStyle } from './text_styles'; import { LogEntry, LogColumn } from '../../../../common/http_api'; +import { LogEntryContextMenu } from './log_entry_context_menu'; + +const MENU_LABEL = i18n.translate('xpack.infra.logEntryItemView.logEntryActionsMenuToolTip', { + defaultMessage: 'View actions for line', +}); + +const LOG_DETAILS_LABEL = i18n.translate('xpack.infra.logs.logEntryActionsDetailsButton', { + defaultMessage: 'View details', +}); + +const LOG_VIEW_IN_CONTEXT_LABEL = i18n.translate( + 'xpack.infra.lobs.logEntryActionsViewInContextButton', + { + defaultMessage: 'View in context', + } +); interface LogEntryRowProps { boundingBoxRef?: React.Ref; @@ -76,6 +92,29 @@ export const LogEntryRow = memo( const hasActionViewLogInContext = hasContext && openViewLogInContext !== undefined; const hasActionsMenu = hasActionFlyoutWithItem || hasActionViewLogInContext; + const menuItems = useMemo(() => { + const items = []; + if (hasActionFlyoutWithItem) { + items.push({ + label: LOG_DETAILS_LABEL, + onClick: openFlyout, + }); + } + if (hasActionViewLogInContext) { + items.push({ + label: LOG_VIEW_IN_CONTEXT_LABEL, + onClick: handleOpenViewLogInContext, + }); + } + + return items; + }, [ + hasActionFlyoutWithItem, + hasActionViewLogInContext, + openFlyout, + handleOpenViewLogInContext, + ]); + const logEntryColumnsById = useMemo( () => logEntry.columns.reduce<{ @@ -183,16 +222,15 @@ export const LogEntryRow = memo( key="logColumn iconLogColumn iconLogColumn:details" {...columnWidths[iconColumnId]} > - + {isHovered || isMenuOpen ? ( + + ) : null} ) : null} diff --git a/x-pack/plugins/infra/public/containers/with_kuery_autocompletion.tsx b/x-pack/plugins/infra/public/containers/with_kuery_autocompletion.tsx index a04897d9c738d..2c76b3bb925ee 100644 --- a/x-pack/plugins/infra/public/containers/with_kuery_autocompletion.tsx +++ b/x-pack/plugins/infra/public/containers/with_kuery_autocompletion.tsx @@ -59,7 +59,7 @@ class WithKueryAutocompletionComponent extends React.Component< ) => { const { indexPattern } = this.props; const language = 'kuery'; - const hasQuerySuggestions = this.props.kibana.services.data.autocomplete.hasQuerySuggestions( + const hasQuerySuggestions = this.props.kibana.services.data?.autocomplete.hasQuerySuggestions( language ); diff --git a/x-pack/plugins/infra/public/hooks/use_trial_status.tsx b/x-pack/plugins/infra/public/hooks/use_trial_status.tsx new file mode 100644 index 0000000000000..9cc118d09c7e0 --- /dev/null +++ b/x-pack/plugins/infra/public/hooks/use_trial_status.tsx @@ -0,0 +1,51 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { boolean } from 'io-ts'; +import { i18n } from '@kbn/i18n'; + +import { useState } from 'react'; +import { useKibana } from '../../../../../src/plugins/kibana_react/public'; +import { API_BASE_PATH as LICENSE_MANAGEMENT_API_BASE_PATH } from '../../../license_management/common/constants'; +import { useTrackedPromise } from '../utils/use_tracked_promise'; +import { decodeOrThrow } from '../../common/runtime_types'; + +interface UseTrialStatusState { + loadState: 'uninitialized' | 'pending' | 'resolved' | 'rejected'; + isTrialAvailable: boolean; + checkTrialAvailability: () => void; +} + +export function useTrialStatus(): UseTrialStatusState { + const { services } = useKibana(); + const [isTrialAvailable, setIsTrialAvailable] = useState(false); + + const [loadState, checkTrialAvailability] = useTrackedPromise( + { + createPromise: async () => { + const response = await services.http.get(`${LICENSE_MANAGEMENT_API_BASE_PATH}/start_trial`); + return decodeOrThrow(boolean)(response); + }, + onResolve: (response) => { + setIsTrialAvailable(response); + }, + onReject: (error) => { + services.notifications.toasts.addDanger( + i18n.translate('xpack.infra.trialStatus.trialStatusNetworkErrorMessage', { + defaultMessage: 'We could not determine if the trial license is available', + }) + ); + }, + }, + [services] + ); + + return { + loadState: loadState.state, + isTrialAvailable, + checkTrialAvailability, + }; +} diff --git a/x-pack/plugins/infra/public/pages/logs/log_entry_categories/page_content.tsx b/x-pack/plugins/infra/public/pages/logs/log_entry_categories/page_content.tsx index 04b472ceb59c8..5d9adb8a4f6ec 100644 --- a/x-pack/plugins/infra/public/pages/logs/log_entry_categories/page_content.tsx +++ b/x-pack/plugins/infra/public/pages/logs/log_entry_categories/page_content.tsx @@ -12,7 +12,7 @@ import { LogAnalysisSetupStatusUnknownPrompt, MissingResultsPrivilegesPrompt, MissingSetupPrivilegesPrompt, - MlUnavailablePrompt, + SubscriptionSplashContent, } from '../../../components/logging/log_analysis_setup'; import { SourceErrorPage } from '../../../components/source_error_page'; import { SourceLoadingPage } from '../../../components/source_loading_page'; @@ -50,7 +50,7 @@ export const LogEntryCategoriesPageContent = () => { } else if (hasFailedLoadingSource) { return ; } else if (!hasLogAnalysisCapabilites) { - return ; + return ; } else if (!hasLogAnalysisReadCapabilities) { return ; } else if (setupStatus.type === 'initializing') { diff --git a/x-pack/plugins/infra/public/pages/logs/log_entry_rate/page_content.tsx b/x-pack/plugins/infra/public/pages/logs/log_entry_rate/page_content.tsx index fc07289f02fe7..4ec05a9778512 100644 --- a/x-pack/plugins/infra/public/pages/logs/log_entry_rate/page_content.tsx +++ b/x-pack/plugins/infra/public/pages/logs/log_entry_rate/page_content.tsx @@ -12,7 +12,7 @@ import { LogAnalysisSetupStatusUnknownPrompt, MissingResultsPrivilegesPrompt, MissingSetupPrivilegesPrompt, - MlUnavailablePrompt, + SubscriptionSplashContent, } from '../../../components/logging/log_analysis_setup'; import { SourceErrorPage } from '../../../components/source_error_page'; import { SourceLoadingPage } from '../../../components/source_loading_page'; @@ -50,7 +50,7 @@ export const LogEntryRatePageContent = () => { } else if (hasFailedLoadingSource) { return ; } else if (!hasLogAnalysisCapabilites) { - return ; + return ; } else if (!hasLogAnalysisReadCapabilities) { return ; } else if (setupStatus.type === 'initializing') { diff --git a/x-pack/plugins/infra/public/pages/logs/page_content.tsx b/x-pack/plugins/infra/public/pages/logs/page_content.tsx index 78b7f86993cbd..c5047dbdf3bb5 100644 --- a/x-pack/plugins/infra/public/pages/logs/page_content.tsx +++ b/x-pack/plugins/infra/public/pages/logs/page_content.tsx @@ -17,7 +17,6 @@ import { HelpCenterContent } from '../../components/help_center_content'; import { AppNavigation } from '../../components/navigation/app_navigation'; import { RoutedTabs } from '../../components/navigation/routed_tabs'; import { ColumnarPage } from '../../components/page'; -import { useLogAnalysisCapabilitiesContext } from '../../containers/logs/log_analysis'; import { useLogSourceContext } from '../../containers/logs/log_source'; import { RedirectWithQueryParams } from '../../utils/redirect_with_query_params'; import { LogEntryCategoriesPage } from './log_entry_categories'; @@ -28,7 +27,6 @@ import { AlertDropdown } from '../../components/alerting/logs/alert_dropdown'; export const LogsPageContent: React.FunctionComponent = () => { const uiCapabilities = useKibana().services.application?.capabilities; - const logAnalysisCapabilities = useLogAnalysisCapabilitiesContext(); const { initialize } = useLogSourceContext(); @@ -79,13 +77,7 @@ export const LogsPageContent: React.FunctionComponent = () => { - + diff --git a/x-pack/plugins/infra/public/pages/metrics/index.tsx b/x-pack/plugins/infra/public/pages/metrics/index.tsx index ab7f41e3066b8..121748f8e5220 100644 --- a/x-pack/plugins/infra/public/pages/metrics/index.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/index.tsx @@ -31,6 +31,7 @@ import { WaffleFiltersProvider } from './inventory_view/hooks/use_waffle_filters import { InventoryAlertDropdown } from '../../alerting/inventory/components/alert_dropdown'; import { MetricsAlertDropdown } from '../../alerting/metric_threshold/components/alert_dropdown'; +import { AlertPrefillProvider } from '../../alerting/use_alert_prefill'; const ADD_DATA_LABEL = i18n.translate('xpack.infra.metricsHeaderAddDataButtonLabel', { defaultMessage: 'Add data', @@ -44,114 +45,119 @@ export const InfrastructurePage = ({ match }: RouteComponentProps) => { return ( - - - - - - - + + + + + + -
- - - - - - - - - - - - {ADD_DATA_LABEL} - - - - + - - - ( - - {({ configuration, createDerivedIndexPattern }) => ( - - - {configuration ? ( - - ) : ( - - )} - - )} - - )} +
- - - - - - + + + + + + + + + + + + {ADD_DATA_LABEL} + + + + + + + + ( + + {({ configuration, createDerivedIndexPattern }) => ( + + + {configuration ? ( + + ) : ( + + )} + + )} + + )} + /> + + + + + + + ); diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_filters.test.ts b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_filters.test.ts new file mode 100644 index 0000000000000..93b6b635183dd --- /dev/null +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_filters.test.ts @@ -0,0 +1,56 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { renderHook, act } from '@testing-library/react-hooks'; + +import { useWaffleFilters, WaffleFiltersState } from './use_waffle_filters'; + +// Mock useUrlState hook +jest.mock('react-router-dom', () => ({ + useHistory: () => ({ + location: '', + replace: () => {}, + }), +})); + +jest.mock('../../../../containers/source', () => ({ + useSourceContext: () => ({ + createDerivedIndexPattern: () => 'jestbeat-*', + }), +})); + +let PREFILL: Record = {}; +jest.mock('../../../../alerting/use_alert_prefill', () => ({ + useAlertPrefillContext: () => ({ + inventoryPrefill: { + setFilterQuery(filterQuery: string) { + PREFILL = { filterQuery }; + }, + }, + }), +})); + +const renderUseWaffleFiltersHook = () => renderHook(() => useWaffleFilters()); + +describe('useWaffleFilters', () => { + beforeEach(() => { + PREFILL = {}; + }); + + it('should sync the options to the inventory alert preview context', () => { + const { result, rerender } = renderUseWaffleFiltersHook(); + + const newQuery = { + expression: 'foo', + kind: 'kuery', + } as WaffleFiltersState; + act(() => { + result.current.applyFilterQuery(newQuery); + }); + rerender(); + expect(PREFILL.filterQuery).toEqual(newQuery.expression); + }); +}); diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_filters.ts b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_filters.ts index 63d9d08796f05..d4fb1356be77e 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_filters.ts +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_filters.ts @@ -10,6 +10,7 @@ import { pipe } from 'fp-ts/lib/pipeable'; import { fold } from 'fp-ts/lib/Either'; import { constant, identity } from 'fp-ts/lib/function'; import createContainter from 'constate'; +import { useAlertPrefillContext } from '../../../../alerting/use_alert_prefill'; import { useUrlState } from '../../../../utils/use_url_state'; import { useSourceContext } from '../../../../containers/source'; import { convertKueryToElasticSearchQuery } from '../../../../utils/kuery'; @@ -68,6 +69,10 @@ export const useWaffleFilters = () => { filterQueryDraft, ]); + const { inventoryPrefill } = useAlertPrefillContext(); + const prefillContext = useMemo(() => inventoryPrefill, [inventoryPrefill]); // For Jest compatibility + useEffect(() => prefillContext.setFilterQuery(state.expression), [prefillContext, state]); + return { filterQuery: urlState, filterQueryDraft, diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_options.test.ts b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_options.test.ts new file mode 100644 index 0000000000000..579073e9500d0 --- /dev/null +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_options.test.ts @@ -0,0 +1,62 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { renderHook, act } from '@testing-library/react-hooks'; + +import { useWaffleOptions, WaffleOptionsState } from './use_waffle_options'; + +// Mock useUrlState hook +jest.mock('react-router-dom', () => ({ + useHistory: () => ({ + location: '', + replace: () => {}, + }), +})); + +// Jest can't access variables outside the scope of the mock factory function except to +// reassign them, so we can't make these both part of the same object +let PREFILL_NODETYPE: WaffleOptionsState['nodeType'] | undefined; +let PREFILL_METRIC: WaffleOptionsState['metric'] | undefined; +jest.mock('../../../../alerting/use_alert_prefill', () => ({ + useAlertPrefillContext: () => ({ + inventoryPrefill: { + setNodeType(nodeType: WaffleOptionsState['nodeType']) { + PREFILL_NODETYPE = nodeType; + }, + setMetric(metric: WaffleOptionsState['metric']) { + PREFILL_METRIC = metric; + }, + }, + }), +})); + +const renderUseWaffleOptionsHook = () => renderHook(() => useWaffleOptions()); + +describe('useWaffleOptions', () => { + beforeEach(() => { + PREFILL_NODETYPE = undefined; + PREFILL_METRIC = undefined; + }); + + it('should sync the options to the inventory alert preview context', () => { + const { result, rerender } = renderUseWaffleOptionsHook(); + + const newOptions = { + nodeType: 'pod', + metric: { type: 'memory' }, + } as WaffleOptionsState; + act(() => { + result.current.changeNodeType(newOptions.nodeType); + }); + rerender(); + expect(PREFILL_NODETYPE).toEqual(newOptions.nodeType); + act(() => { + result.current.changeMetric(newOptions.metric); + }); + rerender(); + expect(PREFILL_METRIC).toEqual(newOptions.metric); + }); +}); diff --git a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_options.ts b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_options.ts index 975e33cf2415f..a3132c8384979 100644 --- a/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_options.ts +++ b/x-pack/plugins/infra/public/pages/metrics/inventory_view/hooks/use_waffle_options.ts @@ -10,6 +10,7 @@ import { pipe } from 'fp-ts/lib/pipeable'; import { fold } from 'fp-ts/lib/Either'; import { constant, identity } from 'fp-ts/lib/function'; import createContainer from 'constate'; +import { useAlertPrefillContext } from '../../../../alerting/use_alert_prefill'; import { InventoryColorPaletteRT } from '../../../../lib/lib'; import { SnapshotMetricInput, @@ -121,6 +122,13 @@ export const useWaffleOptions = () => { [setState] ); + const { inventoryPrefill } = useAlertPrefillContext(); + useEffect(() => { + const { setNodeType, setMetric } = inventoryPrefill; + setNodeType(state.nodeType); + setMetric(state.metric); + }, [state, inventoryPrefill]); + return { ...DEFAULT_WAFFLE_OPTIONS_STATE, ...state, diff --git a/x-pack/plugins/infra/public/pages/metrics/metrics_explorer/hooks/use_metrics_explorer_options.test.tsx b/x-pack/plugins/infra/public/pages/metrics/metrics_explorer/hooks/use_metrics_explorer_options.test.tsx index 1381ed9da656a..c35e9f17bdcc3 100644 --- a/x-pack/plugins/infra/public/pages/metrics/metrics_explorer/hooks/use_metrics_explorer_options.test.tsx +++ b/x-pack/plugins/infra/public/pages/metrics/metrics_explorer/hooks/use_metrics_explorer_options.test.tsx @@ -4,26 +4,27 @@ * you may not use this file except in compliance with the Elastic License. */ -import React from 'react'; import { renderHook, act } from '@testing-library/react-hooks'; import { useMetricsExplorerOptions, - MetricsExplorerOptionsContainer, MetricsExplorerOptions, MetricsExplorerTimeOptions, DEFAULT_OPTIONS, DEFAULT_TIMERANGE, } from './use_metrics_explorer_options'; -const renderUseMetricsExplorerOptionsHook = () => - renderHook(() => useMetricsExplorerOptions(), { - initialProps: {}, - wrapper: ({ children }) => ( - - {children} - - ), - }); +let PREFILL: Record = {}; +jest.mock('../../../../alerting/use_alert_prefill', () => ({ + useAlertPrefillContext: () => ({ + metricThresholdPrefill: { + setPrefillOptions(opts: Record) { + PREFILL = opts; + }, + }, + }), +})); + +const renderUseMetricsExplorerOptionsHook = () => renderHook(() => useMetricsExplorerOptions()); interface LocalStore { [key: string]: string; @@ -52,6 +53,7 @@ describe('useMetricExplorerOptions', () => { beforeEach(() => { delete STORE.MetricsExplorerOptions; delete STORE.MetricsExplorerTimeRange; + PREFILL = {}; }); it('should just work', () => { @@ -100,4 +102,22 @@ describe('useMetricExplorerOptions', () => { const { result } = renderUseMetricsExplorerOptionsHook(); expect(result.current.options).toEqual(newOptions); }); + + it('should sync the options to the threshold alert preview context', () => { + const { result, rerender } = renderUseMetricsExplorerOptionsHook(); + + const newOptions: MetricsExplorerOptions = { + ...DEFAULT_OPTIONS, + metrics: [{ aggregation: 'count' }], + filterQuery: 'foo', + groupBy: 'host.hostname', + }; + act(() => { + result.current.setOptions(newOptions); + }); + rerender(); + expect(PREFILL.metrics).toEqual(newOptions.metrics); + expect(PREFILL.groupBy).toEqual(newOptions.groupBy); + expect(PREFILL.filterQuery).toEqual(newOptions.filterQuery); + }); }); diff --git a/x-pack/plugins/infra/public/pages/metrics/metrics_explorer/hooks/use_metrics_explorer_options.ts b/x-pack/plugins/infra/public/pages/metrics/metrics_explorer/hooks/use_metrics_explorer_options.ts index 56595c09aadde..8abdffd39ed3a 100644 --- a/x-pack/plugins/infra/public/pages/metrics/metrics_explorer/hooks/use_metrics_explorer_options.ts +++ b/x-pack/plugins/infra/public/pages/metrics/metrics_explorer/hooks/use_metrics_explorer_options.ts @@ -5,7 +5,8 @@ */ import createContainer from 'constate'; -import { useState, useEffect, Dispatch, SetStateAction } from 'react'; +import { useState, useEffect, useMemo, Dispatch, SetStateAction } from 'react'; +import { useAlertPrefillContext } from '../../../../alerting/use_alert_prefill'; import { MetricsExplorerColor } from '../../../../../common/color_palette'; import { MetricsExplorerAggregation, @@ -122,6 +123,21 @@ export const useMetricsExplorerOptions = () => { DEFAULT_CHART_OPTIONS ); const [isAutoReloading, setAutoReloading] = useState(false); + + const { metricThresholdPrefill } = useAlertPrefillContext(); + // For Jest compatibility; including metricThresholdPrefill as a dep in useEffect causes an + // infinite loop in test environment + const prefillContext = useMemo(() => metricThresholdPrefill, [metricThresholdPrefill]); + + useEffect(() => { + if (prefillContext) { + const { setPrefillOptions } = prefillContext; + const { metrics, groupBy, filterQuery } = options; + + setPrefillOptions({ metrics, groupBy, filterQuery }); + } + }, [options, prefillContext]); + return { defaultViewState: { options: DEFAULT_OPTIONS, diff --git a/x-pack/plugins/infra/server/lib/adapters/framework/adapter_types.ts b/x-pack/plugins/infra/server/lib/adapters/framework/adapter_types.ts index d00afbc7b497a..905b7dfa314bd 100644 --- a/x-pack/plugins/infra/server/lib/adapters/framework/adapter_types.ts +++ b/x-pack/plugins/infra/server/lib/adapters/framework/adapter_types.ts @@ -4,18 +4,18 @@ * you may not use this file except in compliance with the Elastic License. */ -import { SearchResponse, GenericParams } from 'elasticsearch'; +import { GenericParams, SearchResponse } from 'elasticsearch'; import { Lifecycle } from 'hapi'; import { UsageCollectionSetup } from 'src/plugins/usage_collection/server'; -import { RouteMethod, RouteConfig } from '../../../../../../../src/core/server'; -import { PluginSetupContract as FeaturesPluginSetup } from '../../../../../../plugins/features/server'; -import { SpacesPluginSetup } from '../../../../../../plugins/spaces/server'; +import { RouteConfig, RouteMethod } from '../../../../../../../src/core/server'; +import { HomeServerPluginSetup } from '../../../../../../../src/plugins/home/server'; import { VisTypeTimeseriesSetup } from '../../../../../../../src/plugins/vis_type_timeseries/server'; import { APMPluginSetup } from '../../../../../../plugins/apm/server'; -import { HomeServerPluginSetup } from '../../../../../../../src/plugins/home/server'; +import { PluginSetupContract as FeaturesPluginSetup } from '../../../../../../plugins/features/server'; +import { SpacesPluginSetup } from '../../../../../../plugins/spaces/server'; import { PluginSetupContract as AlertingPluginContract } from '../../../../../alerts/server'; +import { MlPluginSetup } from '../../../../../ml/server'; -// NP_TODO: Compose real types from plugins we depend on, no "any" export interface InfraServerPluginDeps { home: HomeServerPluginSetup; spaces: SpacesPluginSetup; @@ -24,6 +24,7 @@ export interface InfraServerPluginDeps { features: FeaturesPluginSetup; apm: APMPluginSetup; alerts: AlertingPluginContract; + ml?: MlPluginSetup; } export interface CallWithRequestParams extends GenericParams { diff --git a/x-pack/plugins/infra/server/lib/compose/kibana.ts b/x-pack/plugins/infra/server/lib/compose/kibana.ts deleted file mode 100644 index 626b9d46bbde3..0000000000000 --- a/x-pack/plugins/infra/server/lib/compose/kibana.ts +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import { FrameworkFieldsAdapter } from '../adapters/fields/framework_fields_adapter'; -import { KibanaFramework } from '../adapters/framework/kibana_framework_adapter'; -import { InfraKibanaLogEntriesAdapter } from '../adapters/log_entries/kibana_log_entries_adapter'; -import { KibanaMetricsAdapter } from '../adapters/metrics/kibana_metrics_adapter'; -import { InfraElasticsearchSourceStatusAdapter } from '../adapters/source_status'; -import { InfraFieldsDomain } from '../domains/fields_domain'; -import { InfraLogEntriesDomain } from '../domains/log_entries_domain'; -import { InfraMetricsDomain } from '../domains/metrics_domain'; -import { InfraBackendLibs, InfraDomainLibs } from '../infra_types'; -import { LogEntryCategoriesAnalysis, LogEntryRateAnalysis } from '../log_analysis'; -import { InfraSnapshot } from '../snapshot'; -import { InfraSourceStatus } from '../source_status'; -import { InfraSources } from '../sources'; -import { InfraConfig } from '../../../server'; -import { CoreSetup } from '../../../../../../src/core/server'; -import { InfraServerPluginDeps } from '../adapters/framework/adapter_types'; - -export function compose(core: CoreSetup, config: InfraConfig, plugins: InfraServerPluginDeps) { - const framework = new KibanaFramework(core, config, plugins); - const sources = new InfraSources({ - config, - }); - const sourceStatus = new InfraSourceStatus(new InfraElasticsearchSourceStatusAdapter(framework), { - sources, - }); - const snapshot = new InfraSnapshot(); - const logEntryCategoriesAnalysis = new LogEntryCategoriesAnalysis({ framework }); - const logEntryRateAnalysis = new LogEntryRateAnalysis({ framework }); - - // TODO: separate these out individually and do away with "domains" as a temporary group - const domainLibs: InfraDomainLibs = { - fields: new InfraFieldsDomain(new FrameworkFieldsAdapter(framework), { - sources, - }), - logEntries: new InfraLogEntriesDomain(new InfraKibanaLogEntriesAdapter(framework), { - framework, - sources, - }), - metrics: new InfraMetricsDomain(new KibanaMetricsAdapter(framework)), - }; - - const libs: InfraBackendLibs = { - configuration: config, // NP_TODO: Do we ever use this anywhere? - framework, - logEntryCategoriesAnalysis, - logEntryRateAnalysis, - snapshot, - sources, - sourceStatus, - ...domainLibs, - }; - - return libs; -} diff --git a/x-pack/plugins/infra/server/lib/infra_types.ts b/x-pack/plugins/infra/server/lib/infra_types.ts index 51c433557f4fc..9896ad6ac1cd1 100644 --- a/x-pack/plugins/infra/server/lib/infra_types.ts +++ b/x-pack/plugins/infra/server/lib/infra_types.ts @@ -8,7 +8,6 @@ import { InfraSourceConfiguration } from '../../common/graphql/types'; import { InfraFieldsDomain } from './domains/fields_domain'; import { InfraLogEntriesDomain } from './domains/log_entries_domain'; import { InfraMetricsDomain } from './domains/metrics_domain'; -import { LogEntryCategoriesAnalysis, LogEntryRateAnalysis } from './log_analysis'; import { InfraSnapshot } from './snapshot'; import { InfraSources } from './sources'; import { InfraSourceStatus } from './source_status'; @@ -31,8 +30,6 @@ export interface InfraDomainLibs { export interface InfraBackendLibs extends InfraDomainLibs { configuration: InfraConfig; framework: KibanaFramework; - logEntryCategoriesAnalysis: LogEntryCategoriesAnalysis; - logEntryRateAnalysis: LogEntryRateAnalysis; snapshot: InfraSnapshot; sources: InfraSources; sourceStatus: InfraSourceStatus; diff --git a/x-pack/plugins/infra/server/lib/log_analysis/log_entry_categories_analysis.ts b/x-pack/plugins/infra/server/lib/log_analysis/log_entry_categories_analysis.ts index d0a6ae0fc9357..4298ccb61bbed 100644 --- a/x-pack/plugins/infra/server/lib/log_analysis/log_entry_categories_analysis.ts +++ b/x-pack/plugins/infra/server/lib/log_analysis/log_entry_categories_analysis.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { KibanaRequest, RequestHandlerContext } from 'src/core/server'; +import type { IScopedClusterClient } from 'src/core/server'; import { compareDatasetsByMaximumAnomalyScore, getJobId, @@ -13,7 +13,7 @@ import { } from '../../../common/log_analysis'; import { startTracingSpan, TracingSpan } from '../../../common/performance_tracing'; import { decodeOrThrow } from '../../../common/runtime_types'; -import { KibanaFramework } from '../adapters/framework/kibana_framework_adapter'; +import type { MlAnomalyDetectors, MlSystem } from '../../types'; import { InsufficientLogAnalysisMlJobConfigurationError, NoLogAnalysisMlJobError, @@ -39,7 +39,6 @@ import { LogEntryDatasetBucket, logEntryDatasetsResponseRT, } from './queries/log_entry_data_sets'; -import { createMlJobsQuery, mlJobsResponseRT } from './queries/ml_jobs'; import { createTopLogEntryCategoriesQuery, topLogEntryCategoriesResponseRT, @@ -47,489 +46,470 @@ import { const COMPOSITE_AGGREGATION_BATCH_SIZE = 1000; -export class LogEntryCategoriesAnalysis { - constructor( - private readonly libs: { - framework: KibanaFramework; - } - ) {} - - public async getTopLogEntryCategories( - requestContext: RequestHandlerContext, - request: KibanaRequest, - sourceId: string, - startTime: number, - endTime: number, - categoryCount: number, - datasets: string[], - histograms: HistogramParameters[] - ) { - const finalizeTopLogEntryCategoriesSpan = startTracingSpan('get top categories'); - - const logEntryCategoriesCountJobId = getJobId( - this.libs.framework.getSpaceId(request), - sourceId, - logEntryCategoriesJobTypes[0] - ); - - const { - topLogEntryCategories, - timing: { spans: fetchTopLogEntryCategoriesAggSpans }, - } = await this.fetchTopLogEntryCategories( - requestContext, - logEntryCategoriesCountJobId, - startTime, - endTime, - categoryCount, - datasets - ); - - const categoryIds = topLogEntryCategories.map(({ categoryId }) => categoryId); - - const { - logEntryCategoriesById, - timing: { spans: fetchTopLogEntryCategoryPatternsSpans }, - } = await this.fetchLogEntryCategories( - requestContext, - logEntryCategoriesCountJobId, - categoryIds - ); - - const { - categoryHistogramsById, - timing: { spans: fetchTopLogEntryCategoryHistogramsSpans }, - } = await this.fetchTopLogEntryCategoryHistograms( - requestContext, - logEntryCategoriesCountJobId, - categoryIds, - histograms - ); - - const topLogEntryCategoriesSpan = finalizeTopLogEntryCategoriesSpan(); - - return { - data: topLogEntryCategories.map((topCategory) => ({ - ...topCategory, - regularExpression: logEntryCategoriesById[topCategory.categoryId]?._source.regex ?? '', - histograms: categoryHistogramsById[topCategory.categoryId] ?? [], - })), - timing: { - spans: [ - topLogEntryCategoriesSpan, - ...fetchTopLogEntryCategoriesAggSpans, - ...fetchTopLogEntryCategoryPatternsSpans, - ...fetchTopLogEntryCategoryHistogramsSpans, - ], - }, - }; - } - - public async getLogEntryCategoryDatasets( - requestContext: RequestHandlerContext, - request: KibanaRequest, - sourceId: string, - startTime: number, - endTime: number - ) { - const finalizeLogEntryDatasetsSpan = startTracingSpan('get data sets'); - - const logEntryCategoriesCountJobId = getJobId( - this.libs.framework.getSpaceId(request), - sourceId, - logEntryCategoriesJobTypes[0] - ); - - let logEntryDatasetBuckets: LogEntryDatasetBucket[] = []; - let afterLatestBatchKey: CompositeDatasetKey | undefined; - let esSearchSpans: TracingSpan[] = []; - - while (true) { - const finalizeEsSearchSpan = startTracingSpan('fetch category dataset batch from ES'); - - const logEntryDatasetsResponse = decodeOrThrow(logEntryDatasetsResponseRT)( - await this.libs.framework.callWithRequest( - requestContext, - 'search', - createLogEntryDatasetsQuery( - logEntryCategoriesCountJobId, - startTime, - endTime, - COMPOSITE_AGGREGATION_BATCH_SIZE, - afterLatestBatchKey - ) - ) - ); - - if (logEntryDatasetsResponse._shards.total === 0) { - throw new NoLogAnalysisResultsIndexError( - `Failed to find ml result index for job ${logEntryCategoriesCountJobId}.` - ); - } - - const { - after_key: afterKey, - buckets: latestBatchBuckets, - } = logEntryDatasetsResponse.aggregations.dataset_buckets; - - logEntryDatasetBuckets = [...logEntryDatasetBuckets, ...latestBatchBuckets]; - afterLatestBatchKey = afterKey; - esSearchSpans = [...esSearchSpans, finalizeEsSearchSpan()]; - - if (latestBatchBuckets.length < COMPOSITE_AGGREGATION_BATCH_SIZE) { - break; - } - } - - const logEntryDatasetsSpan = finalizeLogEntryDatasetsSpan(); - - return { - data: logEntryDatasetBuckets.map( - (logEntryDatasetBucket) => logEntryDatasetBucket.key.dataset - ), - timing: { - spans: [logEntryDatasetsSpan, ...esSearchSpans], - }, +export async function getTopLogEntryCategories( + context: { + infra: { + mlSystem: MlSystem; + spaceId: string; }; - } - - public async getLogEntryCategoryExamples( - requestContext: RequestHandlerContext, - request: KibanaRequest, - sourceId: string, - startTime: number, - endTime: number, - categoryId: number, - exampleCount: number - ) { - const finalizeLogEntryCategoryExamplesSpan = startTracingSpan( - 'get category example log entries' - ); - - const logEntryCategoriesCountJobId = getJobId( - this.libs.framework.getSpaceId(request), - sourceId, - logEntryCategoriesJobTypes[0] - ); - - const { - mlJob, - timing: { spans: fetchMlJobSpans }, - } = await this.fetchMlJob(requestContext, logEntryCategoriesCountJobId); - - const customSettings = decodeOrThrow(jobCustomSettingsRT)(mlJob.custom_settings); - const indices = customSettings?.logs_source_config?.indexPattern; - const timestampField = customSettings?.logs_source_config?.timestampField; - - if (indices == null || timestampField == null) { - throw new InsufficientLogAnalysisMlJobConfigurationError( - `Failed to find index configuration for ml job ${logEntryCategoriesCountJobId}` - ); - } - - const { - logEntryCategoriesById, - timing: { spans: fetchLogEntryCategoriesSpans }, - } = await this.fetchLogEntryCategories(requestContext, logEntryCategoriesCountJobId, [ - categoryId, - ]); - const category = logEntryCategoriesById[categoryId]; - - if (category == null) { - throw new UnknownCategoryError(categoryId); - } - - const { - examples, - timing: { spans: fetchLogEntryCategoryExamplesSpans }, - } = await this.fetchLogEntryCategoryExamples( - requestContext, - indices, - timestampField, - startTime, - endTime, - category._source.terms, - exampleCount - ); - - const logEntryCategoryExamplesSpan = finalizeLogEntryCategoryExamplesSpan(); + }, + sourceId: string, + startTime: number, + endTime: number, + categoryCount: number, + datasets: string[], + histograms: HistogramParameters[] +) { + const finalizeTopLogEntryCategoriesSpan = startTracingSpan('get top categories'); + + const logEntryCategoriesCountJobId = getJobId( + context.infra.spaceId, + sourceId, + logEntryCategoriesJobTypes[0] + ); + + const { + topLogEntryCategories, + timing: { spans: fetchTopLogEntryCategoriesAggSpans }, + } = await fetchTopLogEntryCategories( + context, + logEntryCategoriesCountJobId, + startTime, + endTime, + categoryCount, + datasets + ); + + const categoryIds = topLogEntryCategories.map(({ categoryId }) => categoryId); + + const { + logEntryCategoriesById, + timing: { spans: fetchTopLogEntryCategoryPatternsSpans }, + } = await fetchLogEntryCategories(context, logEntryCategoriesCountJobId, categoryIds); + + const { + categoryHistogramsById, + timing: { spans: fetchTopLogEntryCategoryHistogramsSpans }, + } = await fetchTopLogEntryCategoryHistograms( + context, + logEntryCategoriesCountJobId, + categoryIds, + histograms + ); + + const topLogEntryCategoriesSpan = finalizeTopLogEntryCategoriesSpan(); + + return { + data: topLogEntryCategories.map((topCategory) => ({ + ...topCategory, + regularExpression: logEntryCategoriesById[topCategory.categoryId]?._source.regex ?? '', + histograms: categoryHistogramsById[topCategory.categoryId] ?? [], + })), + timing: { + spans: [ + topLogEntryCategoriesSpan, + ...fetchTopLogEntryCategoriesAggSpans, + ...fetchTopLogEntryCategoryPatternsSpans, + ...fetchTopLogEntryCategoryHistogramsSpans, + ], + }, + }; +} - return { - data: examples, - timing: { - spans: [ - logEntryCategoryExamplesSpan, - ...fetchMlJobSpans, - ...fetchLogEntryCategoriesSpans, - ...fetchLogEntryCategoryExamplesSpans, - ], - }, +export async function getLogEntryCategoryDatasets( + context: { + infra: { + mlSystem: MlSystem; + spaceId: string; }; - } - - private async fetchTopLogEntryCategories( - requestContext: RequestHandlerContext, - logEntryCategoriesCountJobId: string, - startTime: number, - endTime: number, - categoryCount: number, - datasets: string[] - ) { - const finalizeEsSearchSpan = startTracingSpan('Fetch top categories from ES'); - - const topLogEntryCategoriesResponse = decodeOrThrow(topLogEntryCategoriesResponseRT)( - await this.libs.framework.callWithRequest( - requestContext, - 'search', - createTopLogEntryCategoriesQuery( + }, + sourceId: string, + startTime: number, + endTime: number +) { + const finalizeLogEntryDatasetsSpan = startTracingSpan('get data sets'); + + const logEntryCategoriesCountJobId = getJobId( + context.infra.spaceId, + sourceId, + logEntryCategoriesJobTypes[0] + ); + + let logEntryDatasetBuckets: LogEntryDatasetBucket[] = []; + let afterLatestBatchKey: CompositeDatasetKey | undefined; + let esSearchSpans: TracingSpan[] = []; + + while (true) { + const finalizeEsSearchSpan = startTracingSpan('fetch category dataset batch from ES'); + + const logEntryDatasetsResponse = decodeOrThrow(logEntryDatasetsResponseRT)( + await context.infra.mlSystem.mlAnomalySearch( + createLogEntryDatasetsQuery( logEntryCategoriesCountJobId, startTime, endTime, - categoryCount, - datasets + COMPOSITE_AGGREGATION_BATCH_SIZE, + afterLatestBatchKey ) ) ); - const esSearchSpan = finalizeEsSearchSpan(); - - if (topLogEntryCategoriesResponse._shards.total === 0) { + if (logEntryDatasetsResponse._shards.total === 0) { throw new NoLogAnalysisResultsIndexError( `Failed to find ml result index for job ${logEntryCategoriesCountJobId}.` ); } - const topLogEntryCategories = topLogEntryCategoriesResponse.aggregations.terms_category_id.buckets.map( - (topCategoryBucket) => { - const maximumAnomalyScoresByDataset = topCategoryBucket.filter_record.terms_dataset.buckets.reduce< - Record - >( - (accumulatedMaximumAnomalyScores, datasetFromRecord) => ({ - ...accumulatedMaximumAnomalyScores, - [datasetFromRecord.key]: datasetFromRecord.maximum_record_score.value ?? 0, - }), - {} - ); - - return { - categoryId: parseCategoryId(topCategoryBucket.key), - logEntryCount: topCategoryBucket.filter_model_plot.sum_actual.value ?? 0, - datasets: topCategoryBucket.filter_model_plot.terms_dataset.buckets - .map((datasetBucket) => ({ - name: datasetBucket.key, - maximumAnomalyScore: maximumAnomalyScoresByDataset[datasetBucket.key] ?? 0, - })) - .sort(compareDatasetsByMaximumAnomalyScore) - .reverse(), - maximumAnomalyScore: topCategoryBucket.filter_record.maximum_record_score.value ?? 0, - }; - } - ); + const { + after_key: afterKey, + buckets: latestBatchBuckets, + } = logEntryDatasetsResponse.aggregations.dataset_buckets; - return { - topLogEntryCategories, - timing: { - spans: [esSearchSpan], - }, + logEntryDatasetBuckets = [...logEntryDatasetBuckets, ...latestBatchBuckets]; + afterLatestBatchKey = afterKey; + esSearchSpans = [...esSearchSpans, finalizeEsSearchSpan()]; + + if (latestBatchBuckets.length < COMPOSITE_AGGREGATION_BATCH_SIZE) { + break; + } + } + + const logEntryDatasetsSpan = finalizeLogEntryDatasetsSpan(); + + return { + data: logEntryDatasetBuckets.map((logEntryDatasetBucket) => logEntryDatasetBucket.key.dataset), + timing: { + spans: [logEntryDatasetsSpan, ...esSearchSpans], + }, + }; +} + +export async function getLogEntryCategoryExamples( + context: { + core: { elasticsearch: { legacy: { client: IScopedClusterClient } } }; + infra: { + mlAnomalyDetectors: MlAnomalyDetectors; + mlSystem: MlSystem; + spaceId: string; }; + }, + sourceId: string, + startTime: number, + endTime: number, + categoryId: number, + exampleCount: number +) { + const finalizeLogEntryCategoryExamplesSpan = startTracingSpan('get category example log entries'); + + const logEntryCategoriesCountJobId = getJobId( + context.infra.spaceId, + sourceId, + logEntryCategoriesJobTypes[0] + ); + + const { + mlJob, + timing: { spans: fetchMlJobSpans }, + } = await fetchMlJob(context, logEntryCategoriesCountJobId); + + const customSettings = decodeOrThrow(jobCustomSettingsRT)(mlJob.custom_settings); + const indices = customSettings?.logs_source_config?.indexPattern; + const timestampField = customSettings?.logs_source_config?.timestampField; + + if (indices == null || timestampField == null) { + throw new InsufficientLogAnalysisMlJobConfigurationError( + `Failed to find index configuration for ml job ${logEntryCategoriesCountJobId}` + ); } - private async fetchLogEntryCategories( - requestContext: RequestHandlerContext, - logEntryCategoriesCountJobId: string, - categoryIds: number[] - ) { - if (categoryIds.length === 0) { - return { - logEntryCategoriesById: {}, - timing: { spans: [] }, - }; - } + const { + logEntryCategoriesById, + timing: { spans: fetchLogEntryCategoriesSpans }, + } = await fetchLogEntryCategories(context, logEntryCategoriesCountJobId, [categoryId]); + const category = logEntryCategoriesById[categoryId]; + + if (category == null) { + throw new UnknownCategoryError(categoryId); + } - const finalizeEsSearchSpan = startTracingSpan('Fetch category patterns from ES'); + const { + examples, + timing: { spans: fetchLogEntryCategoryExamplesSpans }, + } = await fetchLogEntryCategoryExamples( + context, + indices, + timestampField, + startTime, + endTime, + category._source.terms, + exampleCount + ); + + const logEntryCategoryExamplesSpan = finalizeLogEntryCategoryExamplesSpan(); + + return { + data: examples, + timing: { + spans: [ + logEntryCategoryExamplesSpan, + ...fetchMlJobSpans, + ...fetchLogEntryCategoriesSpans, + ...fetchLogEntryCategoryExamplesSpans, + ], + }, + }; +} - const logEntryCategoriesResponse = decodeOrThrow(logEntryCategoriesResponseRT)( - await this.libs.framework.callWithRequest( - requestContext, - 'search', - createLogEntryCategoriesQuery(logEntryCategoriesCountJobId, categoryIds) +async function fetchTopLogEntryCategories( + context: { infra: { mlSystem: MlSystem } }, + logEntryCategoriesCountJobId: string, + startTime: number, + endTime: number, + categoryCount: number, + datasets: string[] +) { + const finalizeEsSearchSpan = startTracingSpan('Fetch top categories from ES'); + + const topLogEntryCategoriesResponse = decodeOrThrow(topLogEntryCategoriesResponseRT)( + await context.infra.mlSystem.mlAnomalySearch( + createTopLogEntryCategoriesQuery( + logEntryCategoriesCountJobId, + startTime, + endTime, + categoryCount, + datasets ) - ); + ) + ); - const esSearchSpan = finalizeEsSearchSpan(); + const esSearchSpan = finalizeEsSearchSpan(); - const logEntryCategoriesById = logEntryCategoriesResponse.hits.hits.reduce< - Record - >( - (accumulatedCategoriesById, categoryHit) => ({ - ...accumulatedCategoriesById, - [categoryHit._source.category_id]: categoryHit, - }), - {} + if (topLogEntryCategoriesResponse._shards.total === 0) { + throw new NoLogAnalysisResultsIndexError( + `Failed to find ml result index for job ${logEntryCategoriesCountJobId}.` ); - - return { - logEntryCategoriesById, - timing: { - spans: [esSearchSpan], - }, - }; } - private async fetchTopLogEntryCategoryHistograms( - requestContext: RequestHandlerContext, - logEntryCategoriesCountJobId: string, - categoryIds: number[], - histograms: HistogramParameters[] - ) { - if (categoryIds.length === 0 || histograms.length === 0) { + const topLogEntryCategories = topLogEntryCategoriesResponse.aggregations.terms_category_id.buckets.map( + (topCategoryBucket) => { + const maximumAnomalyScoresByDataset = topCategoryBucket.filter_record.terms_dataset.buckets.reduce< + Record + >( + (accumulatedMaximumAnomalyScores, datasetFromRecord) => ({ + ...accumulatedMaximumAnomalyScores, + [datasetFromRecord.key]: datasetFromRecord.maximum_record_score.value ?? 0, + }), + {} + ); + return { - categoryHistogramsById: {}, - timing: { spans: [] }, + categoryId: parseCategoryId(topCategoryBucket.key), + logEntryCount: topCategoryBucket.filter_model_plot.sum_actual.value ?? 0, + datasets: topCategoryBucket.filter_model_plot.terms_dataset.buckets + .map((datasetBucket) => ({ + name: datasetBucket.key, + maximumAnomalyScore: maximumAnomalyScoresByDataset[datasetBucket.key] ?? 0, + })) + .sort(compareDatasetsByMaximumAnomalyScore) + .reverse(), + maximumAnomalyScore: topCategoryBucket.filter_record.maximum_record_score.value ?? 0, }; } + ); + + return { + topLogEntryCategories, + timing: { + spans: [esSearchSpan], + }, + }; +} - const finalizeEsSearchSpan = startTracingSpan('Fetch category histograms from ES'); - - const categoryHistogramsReponses = await Promise.all( - histograms.map(({ bucketCount, endTime, id: histogramId, startTime }) => - this.libs.framework - .callWithRequest( - requestContext, - 'search', - createLogEntryCategoryHistogramsQuery( - logEntryCategoriesCountJobId, - categoryIds, - startTime, - endTime, - bucketCount - ) - ) - .then(decodeOrThrow(logEntryCategoryHistogramsResponseRT)) - .then((response) => ({ - histogramId, - histogramBuckets: response.aggregations.filters_categories.buckets, - })) - ) - ); - - const esSearchSpan = finalizeEsSearchSpan(); - - const categoryHistogramsById = Object.values(categoryHistogramsReponses).reduce< - Record< - number, - Array<{ - histogramId: string; - buckets: Array<{ - bucketDuration: number; - logEntryCount: number; - startTime: number; - }>; - }> - > - >( - (outerAccumulatedHistograms, { histogramId, histogramBuckets }) => - Object.entries(histogramBuckets).reduce( - (innerAccumulatedHistograms, [categoryBucketKey, categoryBucket]) => { - const categoryId = parseCategoryId(categoryBucketKey); - return { - ...innerAccumulatedHistograms, - [categoryId]: [ - ...(innerAccumulatedHistograms[categoryId] ?? []), - { - histogramId, - buckets: categoryBucket.histogram_timestamp.buckets.map((bucket) => ({ - bucketDuration: categoryBucket.histogram_timestamp.meta.bucketDuration, - logEntryCount: bucket.sum_actual.value, - startTime: bucket.key, - })), - }, - ], - }; - }, - outerAccumulatedHistograms - ), - {} - ); - +async function fetchLogEntryCategories( + context: { infra: { mlSystem: MlSystem } }, + logEntryCategoriesCountJobId: string, + categoryIds: number[] +) { + if (categoryIds.length === 0) { return { - categoryHistogramsById, - timing: { - spans: [esSearchSpan], - }, + logEntryCategoriesById: {}, + timing: { spans: [] }, }; } - private async fetchMlJob( - requestContext: RequestHandlerContext, - logEntryCategoriesCountJobId: string - ) { - const finalizeMlGetJobSpan = startTracingSpan('Fetch ml job from ES'); - - const { - jobs: [mlJob], - } = decodeOrThrow(mlJobsResponseRT)( - await this.libs.framework.callWithRequest( - requestContext, - 'transport.request', - createMlJobsQuery([logEntryCategoriesCountJobId]) - ) - ); - - const mlGetJobSpan = finalizeMlGetJobSpan(); - - if (mlJob == null) { - throw new NoLogAnalysisMlJobError(`Failed to find ml job ${logEntryCategoriesCountJobId}.`); - } + const finalizeEsSearchSpan = startTracingSpan('Fetch category patterns from ES'); + + const logEntryCategoriesResponse = decodeOrThrow(logEntryCategoriesResponseRT)( + await context.infra.mlSystem.mlAnomalySearch( + createLogEntryCategoriesQuery(logEntryCategoriesCountJobId, categoryIds) + ) + ); + + const esSearchSpan = finalizeEsSearchSpan(); + + const logEntryCategoriesById = logEntryCategoriesResponse.hits.hits.reduce< + Record + >( + (accumulatedCategoriesById, categoryHit) => ({ + ...accumulatedCategoriesById, + [categoryHit._source.category_id]: categoryHit, + }), + {} + ); + + return { + logEntryCategoriesById, + timing: { + spans: [esSearchSpan], + }, + }; +} +async function fetchTopLogEntryCategoryHistograms( + context: { infra: { mlSystem: MlSystem } }, + logEntryCategoriesCountJobId: string, + categoryIds: number[], + histograms: HistogramParameters[] +) { + if (categoryIds.length === 0 || histograms.length === 0) { return { - mlJob, - timing: { - spans: [mlGetJobSpan], - }, + categoryHistogramsById: {}, + timing: { spans: [] }, }; } - private async fetchLogEntryCategoryExamples( - requestContext: RequestHandlerContext, - indices: string, - timestampField: string, - startTime: number, - endTime: number, - categoryQuery: string, - exampleCount: number - ) { - const finalizeEsSearchSpan = startTracingSpan('Fetch examples from ES'); + const finalizeEsSearchSpan = startTracingSpan('Fetch category histograms from ES'); - const { - hits: { hits }, - } = decodeOrThrow(logEntryCategoryExamplesResponseRT)( - await this.libs.framework.callWithRequest( - requestContext, - 'search', - createLogEntryCategoryExamplesQuery( - indices, - timestampField, - startTime, - endTime, - categoryQuery, - exampleCount + const categoryHistogramsReponses = await Promise.all( + histograms.map(({ bucketCount, endTime, id: histogramId, startTime }) => + context.infra.mlSystem + .mlAnomalySearch( + createLogEntryCategoryHistogramsQuery( + logEntryCategoriesCountJobId, + categoryIds, + startTime, + endTime, + bucketCount + ) ) - ) - ); + .then(decodeOrThrow(logEntryCategoryHistogramsResponseRT)) + .then((response) => ({ + histogramId, + histogramBuckets: response.aggregations.filters_categories.buckets, + })) + ) + ); + + const esSearchSpan = finalizeEsSearchSpan(); + + const categoryHistogramsById = Object.values(categoryHistogramsReponses).reduce< + Record< + number, + Array<{ + histogramId: string; + buckets: Array<{ + bucketDuration: number; + logEntryCount: number; + startTime: number; + }>; + }> + > + >( + (outerAccumulatedHistograms, { histogramId, histogramBuckets }) => + Object.entries(histogramBuckets).reduce( + (innerAccumulatedHistograms, [categoryBucketKey, categoryBucket]) => { + const categoryId = parseCategoryId(categoryBucketKey); + return { + ...innerAccumulatedHistograms, + [categoryId]: [ + ...(innerAccumulatedHistograms[categoryId] ?? []), + { + histogramId, + buckets: categoryBucket.histogram_timestamp.buckets.map((bucket) => ({ + bucketDuration: categoryBucket.histogram_timestamp.meta.bucketDuration, + logEntryCount: bucket.sum_actual.value, + startTime: bucket.key, + })), + }, + ], + }; + }, + outerAccumulatedHistograms + ), + {} + ); + + return { + categoryHistogramsById, + timing: { + spans: [esSearchSpan], + }, + }; +} - const esSearchSpan = finalizeEsSearchSpan(); +async function fetchMlJob( + context: { infra: { mlAnomalyDetectors: MlAnomalyDetectors } }, + logEntryCategoriesCountJobId: string +) { + const finalizeMlGetJobSpan = startTracingSpan('Fetch ml job from ES'); - return { - examples: hits.map((hit) => ({ - dataset: hit._source.event?.dataset ?? '', - message: hit._source.message ?? '', - timestamp: hit.sort[0], - })), - timing: { - spans: [esSearchSpan], - }, - }; + const { + jobs: [mlJob], + } = await context.infra.mlAnomalyDetectors.jobs(logEntryCategoriesCountJobId); + + const mlGetJobSpan = finalizeMlGetJobSpan(); + + if (mlJob == null) { + throw new NoLogAnalysisMlJobError(`Failed to find ml job ${logEntryCategoriesCountJobId}.`); } + + return { + mlJob, + timing: { + spans: [mlGetJobSpan], + }, + }; +} + +async function fetchLogEntryCategoryExamples( + requestContext: { core: { elasticsearch: { legacy: { client: IScopedClusterClient } } } }, + indices: string, + timestampField: string, + startTime: number, + endTime: number, + categoryQuery: string, + exampleCount: number +) { + const finalizeEsSearchSpan = startTracingSpan('Fetch examples from ES'); + + const { + hits: { hits }, + } = decodeOrThrow(logEntryCategoryExamplesResponseRT)( + await requestContext.core.elasticsearch.legacy.client.callAsCurrentUser( + 'search', + createLogEntryCategoryExamplesQuery( + indices, + timestampField, + startTime, + endTime, + categoryQuery, + exampleCount + ) + ) + ); + + const esSearchSpan = finalizeEsSearchSpan(); + + return { + examples: hits.map((hit) => ({ + dataset: hit._source.event?.dataset ?? '', + message: hit._source.message ?? '', + timestamp: hit.sort[0], + })), + timing: { + spans: [esSearchSpan], + }, + }; } const parseCategoryId = (rawCategoryId: string) => parseInt(rawCategoryId, 10); diff --git a/x-pack/plugins/infra/server/lib/log_analysis/log_entry_rate_analysis.ts b/x-pack/plugins/infra/server/lib/log_analysis/log_entry_rate_analysis.ts index 28c1674841973..125cc2b196e09 100644 --- a/x-pack/plugins/infra/server/lib/log_analysis/log_entry_rate_analysis.ts +++ b/x-pack/plugins/infra/server/lib/log_analysis/log_entry_rate_analysis.ts @@ -7,10 +7,8 @@ import { pipe } from 'fp-ts/lib/pipeable'; import { map, fold } from 'fp-ts/lib/Either'; import { identity } from 'fp-ts/lib/function'; -import { RequestHandlerContext, KibanaRequest } from 'src/core/server'; import { getJobId } from '../../../common/log_analysis'; import { throwErrors, createPlainError } from '../../../common/runtime_types'; -import { KibanaFramework } from '../adapters/framework/kibana_framework_adapter'; import { NoLogAnalysisResultsIndexError } from './errors'; import { logRateModelPlotResponseRT, @@ -18,126 +16,114 @@ import { LogRateModelPlotBucket, CompositeTimestampPartitionKey, } from './queries'; +import { MlSystem } from '../../types'; const COMPOSITE_AGGREGATION_BATCH_SIZE = 1000; -export class LogEntryRateAnalysis { - constructor( - private readonly libs: { - framework: KibanaFramework; - } - ) {} - - public getJobIds(request: KibanaRequest, sourceId: string) { - return { - logEntryRate: getJobId(this.libs.framework.getSpaceId(request), sourceId, 'log-entry-rate'), +export async function getLogEntryRateBuckets( + context: { + infra: { + mlSystem: MlSystem; + spaceId: string; }; - } + }, + sourceId: string, + startTime: number, + endTime: number, + bucketDuration: number +) { + const logRateJobId = getJobId(context.infra.spaceId, sourceId, 'log-entry-rate'); + let mlModelPlotBuckets: LogRateModelPlotBucket[] = []; + let afterLatestBatchKey: CompositeTimestampPartitionKey | undefined; - public async getLogEntryRateBuckets( - requestContext: RequestHandlerContext, - request: KibanaRequest, - sourceId: string, - startTime: number, - endTime: number, - bucketDuration: number - ) { - const logRateJobId = this.getJobIds(request, sourceId).logEntryRate; - let mlModelPlotBuckets: LogRateModelPlotBucket[] = []; - let afterLatestBatchKey: CompositeTimestampPartitionKey | undefined; + while (true) { + const mlModelPlotResponse = await context.infra.mlSystem.mlAnomalySearch( + createLogEntryRateQuery( + logRateJobId, + startTime, + endTime, + bucketDuration, + COMPOSITE_AGGREGATION_BATCH_SIZE, + afterLatestBatchKey + ) + ); - while (true) { - const mlModelPlotResponse = await this.libs.framework.callWithRequest( - requestContext, - 'search', - createLogEntryRateQuery( - logRateJobId, - startTime, - endTime, - bucketDuration, - COMPOSITE_AGGREGATION_BATCH_SIZE, - afterLatestBatchKey - ) + if (mlModelPlotResponse._shards.total === 0) { + throw new NoLogAnalysisResultsIndexError( + `Failed to query ml result index for job ${logRateJobId}.` ); + } - if (mlModelPlotResponse._shards.total === 0) { - throw new NoLogAnalysisResultsIndexError( - `Failed to find ml result index for job ${logRateJobId}.` - ); - } - - const { after_key: afterKey, buckets: latestBatchBuckets } = pipe( - logRateModelPlotResponseRT.decode(mlModelPlotResponse), - map((response) => response.aggregations.timestamp_partition_buckets), - fold(throwErrors(createPlainError), identity) - ); + const { after_key: afterKey, buckets: latestBatchBuckets } = pipe( + logRateModelPlotResponseRT.decode(mlModelPlotResponse), + map((response) => response.aggregations.timestamp_partition_buckets), + fold(throwErrors(createPlainError), identity) + ); - mlModelPlotBuckets = [...mlModelPlotBuckets, ...latestBatchBuckets]; - afterLatestBatchKey = afterKey; + mlModelPlotBuckets = [...mlModelPlotBuckets, ...latestBatchBuckets]; + afterLatestBatchKey = afterKey; - if (latestBatchBuckets.length < COMPOSITE_AGGREGATION_BATCH_SIZE) { - break; - } + if (latestBatchBuckets.length < COMPOSITE_AGGREGATION_BATCH_SIZE) { + break; } + } - return mlModelPlotBuckets.reduce< - Array<{ - partitions: Array<{ - analysisBucketCount: number; - anomalies: Array<{ - actualLogEntryRate: number; - anomalyScore: number; - duration: number; - startTime: number; - typicalLogEntryRate: number; - }>; - averageActualLogEntryRate: number; - maximumAnomalyScore: number; - numberOfLogEntries: number; - partitionId: string; + return mlModelPlotBuckets.reduce< + Array<{ + partitions: Array<{ + analysisBucketCount: number; + anomalies: Array<{ + actualLogEntryRate: number; + anomalyScore: number; + duration: number; + startTime: number; + typicalLogEntryRate: number; }>; - startTime: number; - }> - >((histogramBuckets, timestampPartitionBucket) => { - const previousHistogramBucket = histogramBuckets[histogramBuckets.length - 1]; - const partition = { - analysisBucketCount: timestampPartitionBucket.filter_model_plot.doc_count, - anomalies: timestampPartitionBucket.filter_records.top_hits_record.hits.hits.map( - ({ _source: record }) => ({ - actualLogEntryRate: record.actual[0], - anomalyScore: record.record_score, - duration: record.bucket_span * 1000, - startTime: record.timestamp, - typicalLogEntryRate: record.typical[0], - }) - ), - averageActualLogEntryRate: - timestampPartitionBucket.filter_model_plot.average_actual.value || 0, - maximumAnomalyScore: - timestampPartitionBucket.filter_records.maximum_record_score.value || 0, - numberOfLogEntries: timestampPartitionBucket.filter_model_plot.sum_actual.value || 0, - partitionId: timestampPartitionBucket.key.partition, - }; - if ( - previousHistogramBucket && - previousHistogramBucket.startTime === timestampPartitionBucket.key.timestamp - ) { - return [ - ...histogramBuckets.slice(0, -1), - { - ...previousHistogramBucket, - partitions: [...previousHistogramBucket.partitions, partition], - }, - ]; - } else { - return [ - ...histogramBuckets, - { - partitions: [partition], - startTime: timestampPartitionBucket.key.timestamp, - }, - ]; - } - }, []); - } + averageActualLogEntryRate: number; + maximumAnomalyScore: number; + numberOfLogEntries: number; + partitionId: string; + }>; + startTime: number; + }> + >((histogramBuckets, timestampPartitionBucket) => { + const previousHistogramBucket = histogramBuckets[histogramBuckets.length - 1]; + const partition = { + analysisBucketCount: timestampPartitionBucket.filter_model_plot.doc_count, + anomalies: timestampPartitionBucket.filter_records.top_hits_record.hits.hits.map( + ({ _source: record }) => ({ + actualLogEntryRate: record.actual[0], + anomalyScore: record.record_score, + duration: record.bucket_span * 1000, + startTime: record.timestamp, + typicalLogEntryRate: record.typical[0], + }) + ), + averageActualLogEntryRate: + timestampPartitionBucket.filter_model_plot.average_actual.value || 0, + maximumAnomalyScore: timestampPartitionBucket.filter_records.maximum_record_score.value || 0, + numberOfLogEntries: timestampPartitionBucket.filter_model_plot.sum_actual.value || 0, + partitionId: timestampPartitionBucket.key.partition, + }; + if ( + previousHistogramBucket && + previousHistogramBucket.startTime === timestampPartitionBucket.key.timestamp + ) { + return [ + ...histogramBuckets.slice(0, -1), + { + ...previousHistogramBucket, + partitions: [...previousHistogramBucket.partitions, partition], + }, + ]; + } else { + return [ + ...histogramBuckets, + { + partitions: [partition], + startTime: timestampPartitionBucket.key.timestamp, + }, + ]; + } + }, []); } diff --git a/x-pack/plugins/infra/server/lib/log_analysis/queries/common.ts b/x-pack/plugins/infra/server/lib/log_analysis/queries/common.ts index f1e68d34fdae3..eacf29b303db0 100644 --- a/x-pack/plugins/infra/server/lib/log_analysis/queries/common.ts +++ b/x-pack/plugins/infra/server/lib/log_analysis/queries/common.ts @@ -4,10 +4,6 @@ * you may not use this file except in compliance with the Elastic License. */ -const ML_ANOMALY_INDEX_PREFIX = '.ml-anomalies-'; - -export const getMlResultIndex = (jobId: string) => `${ML_ANOMALY_INDEX_PREFIX}${jobId}`; - export const defaultRequestParameters = { allowNoIndices: true, ignoreUnavailable: true, @@ -15,6 +11,16 @@ export const defaultRequestParameters = { trackTotalHits: false, }; +export const createJobIdFilters = (jobId: string) => [ + { + term: { + job_id: { + value: jobId, + }, + }, + }, +]; + export const createTimeRangeFilters = (startTime: number, endTime: number) => [ { range: { @@ -26,12 +32,10 @@ export const createTimeRangeFilters = (startTime: number, endTime: number) => [ }, ]; -export const createResultTypeFilters = (resultType: 'model_plot' | 'record') => [ +export const createResultTypeFilters = (resultTypes: Array<'model_plot' | 'record'>) => [ { - term: { - result_type: { - value: resultType, - }, + terms: { + result_type: resultTypes, }, }, ]; diff --git a/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_categories.ts b/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_categories.ts index 2681a4c037f5d..c7ad60eeaabc2 100644 --- a/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_categories.ts +++ b/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_categories.ts @@ -5,9 +5,8 @@ */ import * as rt from 'io-ts'; - import { commonSearchSuccessResponseFieldsRT } from '../../../utils/elasticsearch_runtime_types'; -import { defaultRequestParameters, getMlResultIndex, createCategoryIdFilters } from './common'; +import { createCategoryIdFilters, createJobIdFilters, defaultRequestParameters } from './common'; export const createLogEntryCategoriesQuery = ( logEntryCategoriesJobId: string, @@ -17,12 +16,14 @@ export const createLogEntryCategoriesQuery = ( body: { query: { bool: { - filter: [...createCategoryIdFilters(categoryIds)], + filter: [ + ...createJobIdFilters(logEntryCategoriesJobId), + ...createCategoryIdFilters(categoryIds), + ], }, }, _source: ['category_id', 'regex', 'terms'], }, - index: getMlResultIndex(logEntryCategoriesJobId), size: categoryIds.length, }); diff --git a/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_category_histograms.ts b/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_category_histograms.ts index 67087f3b4775b..5fdafb5123251 100644 --- a/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_category_histograms.ts +++ b/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_category_histograms.ts @@ -5,13 +5,12 @@ */ import * as rt from 'io-ts'; - import { commonSearchSuccessResponseFieldsRT } from '../../../utils/elasticsearch_runtime_types'; import { + createJobIdFilters, createResultTypeFilters, createTimeRangeFilters, defaultRequestParameters, - getMlResultIndex, } from './common'; export const createLogEntryCategoryHistogramsQuery = ( @@ -26,8 +25,9 @@ export const createLogEntryCategoryHistogramsQuery = ( query: { bool: { filter: [ + ...createJobIdFilters(logEntryCategoriesJobId), ...createTimeRangeFilters(startTime, endTime), - ...createResultTypeFilters('model_plot'), + ...createResultTypeFilters(['model_plot']), ...createCategoryFilters(categoryIds), ], }, @@ -41,7 +41,6 @@ export const createLogEntryCategoryHistogramsQuery = ( }, }, }, - index: getMlResultIndex(logEntryCategoriesJobId), size: 0, }); diff --git a/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_data_sets.ts b/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_data_sets.ts index b41a21a21b6a6..dd22bedae8b2a 100644 --- a/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_data_sets.ts +++ b/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_data_sets.ts @@ -5,9 +5,13 @@ */ import * as rt from 'io-ts'; - import { commonSearchSuccessResponseFieldsRT } from '../../../utils/elasticsearch_runtime_types'; -import { defaultRequestParameters, getMlResultIndex } from './common'; +import { + createJobIdFilters, + createResultTypeFilters, + createTimeRangeFilters, + defaultRequestParameters, +} from './common'; export const createLogEntryDatasetsQuery = ( logEntryAnalysisJobId: string, @@ -21,21 +25,9 @@ export const createLogEntryDatasetsQuery = ( query: { bool: { filter: [ - { - range: { - timestamp: { - gte: startTime, - lt: endTime, - }, - }, - }, - { - term: { - result_type: { - value: 'model_plot', - }, - }, - }, + ...createJobIdFilters(logEntryAnalysisJobId), + ...createTimeRangeFilters(startTime, endTime), + ...createResultTypeFilters(['model_plot']), ], }, }, @@ -58,7 +50,6 @@ export const createLogEntryDatasetsQuery = ( }, }, }, - index: getMlResultIndex(logEntryAnalysisJobId), size: 0, }); diff --git a/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_rate.ts b/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_rate.ts index def7caf578b94..269850e292636 100644 --- a/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_rate.ts +++ b/x-pack/plugins/infra/server/lib/log_analysis/queries/log_entry_rate.ts @@ -5,8 +5,12 @@ */ import * as rt from 'io-ts'; - -import { defaultRequestParameters, getMlResultIndex } from './common'; +import { + createJobIdFilters, + createResultTypeFilters, + createTimeRangeFilters, + defaultRequestParameters, +} from './common'; export const createLogEntryRateQuery = ( logRateJobId: string, @@ -21,19 +25,9 @@ export const createLogEntryRateQuery = ( query: { bool: { filter: [ - { - range: { - timestamp: { - gte: startTime, - lt: endTime, - }, - }, - }, - { - terms: { - result_type: ['model_plot', 'record'], - }, - }, + ...createJobIdFilters(logRateJobId), + ...createTimeRangeFilters(startTime, endTime), + ...createResultTypeFilters(['model_plot', 'record']), { term: { detector_index: { @@ -118,7 +112,6 @@ export const createLogEntryRateQuery = ( }, }, }, - index: getMlResultIndex(logRateJobId), size: 0, }); diff --git a/x-pack/plugins/infra/server/lib/log_analysis/queries/top_log_entry_categories.ts b/x-pack/plugins/infra/server/lib/log_analysis/queries/top_log_entry_categories.ts index 517d31865e358..6fa7156240508 100644 --- a/x-pack/plugins/infra/server/lib/log_analysis/queries/top_log_entry_categories.ts +++ b/x-pack/plugins/infra/server/lib/log_analysis/queries/top_log_entry_categories.ts @@ -5,13 +5,12 @@ */ import * as rt from 'io-ts'; - import { commonSearchSuccessResponseFieldsRT } from '../../../utils/elasticsearch_runtime_types'; import { + createJobIdFilters, createResultTypeFilters, createTimeRangeFilters, defaultRequestParameters, - getMlResultIndex, } from './common'; export const createTopLogEntryCategoriesQuery = ( @@ -27,6 +26,7 @@ export const createTopLogEntryCategoriesQuery = ( query: { bool: { filter: [ + ...createJobIdFilters(logEntryCategoriesJobId), ...createTimeRangeFilters(startTime, endTime), ...createDatasetsFilters(datasets), { @@ -35,7 +35,7 @@ export const createTopLogEntryCategoriesQuery = ( { bool: { filter: [ - ...createResultTypeFilters('model_plot'), + ...createResultTypeFilters(['model_plot']), { range: { actual: { @@ -48,7 +48,7 @@ export const createTopLogEntryCategoriesQuery = ( }, { bool: { - filter: createResultTypeFilters('record'), + filter: createResultTypeFilters(['record']), }, }, ], @@ -119,7 +119,6 @@ export const createTopLogEntryCategoriesQuery = ( }, }, }, - index: getMlResultIndex(logEntryCategoriesJobId), size: 0, }); diff --git a/x-pack/plugins/infra/server/plugin.ts b/x-pack/plugins/infra/server/plugin.ts index 2fd614830c05d..8062c48d98617 100644 --- a/x-pack/plugins/infra/server/plugin.ts +++ b/x-pack/plugins/infra/server/plugin.ts @@ -19,7 +19,6 @@ import { InfraElasticsearchSourceStatusAdapter } from './lib/adapters/source_sta import { InfraFieldsDomain } from './lib/domains/fields_domain'; import { InfraLogEntriesDomain } from './lib/domains/log_entries_domain'; import { InfraMetricsDomain } from './lib/domains/metrics_domain'; -import { LogEntryCategoriesAnalysis, LogEntryRateAnalysis } from './lib/log_analysis'; import { InfraSnapshot } from './lib/snapshot'; import { InfraSourceStatus } from './lib/source_status'; import { InfraSources } from './lib/sources'; @@ -31,6 +30,7 @@ import { registerAlertTypes } from './lib/alerting'; import { infraSourceConfigurationSavedObjectType } from './lib/sources'; import { metricsExplorerViewSavedObjectType } from '../common/saved_objects/metrics_explorer_view'; import { inventoryViewSavedObjectType } from '../common/saved_objects/inventory_view'; +import { InfraRequestHandlerContext } from './types'; export const config = { schema: schema.object({ @@ -106,8 +106,6 @@ export class InfraServerPlugin { } ); const snapshot = new InfraSnapshot(); - const logEntryCategoriesAnalysis = new LogEntryCategoriesAnalysis({ framework }); - const logEntryRateAnalysis = new LogEntryRateAnalysis({ framework }); // register saved object types core.savedObjects.registerType(infraSourceConfigurationSavedObjectType); @@ -115,6 +113,8 @@ export class InfraServerPlugin { core.savedObjects.registerType(inventoryViewSavedObjectType); // TODO: separate these out individually and do away with "domains" as a temporary group + // and make them available via the request context so we can do away with + // the wrapper classes const domainLibs: InfraDomainLibs = { fields: new InfraFieldsDomain(new FrameworkFieldsAdapter(framework), { sources, @@ -129,8 +129,6 @@ export class InfraServerPlugin { this.libs = { configuration: this.config, framework, - logEntryCategoriesAnalysis, - logEntryRateAnalysis, snapshot, sources, sourceStatus, @@ -151,6 +149,25 @@ export class InfraServerPlugin { initInfraServer(this.libs); registerAlertTypes(plugins.alerts, this.libs); + core.http.registerRouteHandlerContext( + 'infra', + (context, request): InfraRequestHandlerContext => { + const mlSystem = + context.ml && + plugins.ml?.mlSystemProvider(context.ml?.mlClient.callAsCurrentUser, request); + const mlAnomalyDetectors = + context.ml && + plugins.ml?.anomalyDetectorsProvider(context.ml?.mlClient.callAsCurrentUser); + const spaceId = plugins.spaces?.spacesService.getSpaceId(request) || 'default'; + + return { + mlAnomalyDetectors, + mlSystem, + spaceId, + }; + } + ); + // Telemetry UsageCollector.registerUsageCollector(plugins.usageCollection); diff --git a/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_categories.ts b/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_categories.ts index d335774c85f38..f9f31f28dffeb 100644 --- a/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_categories.ts +++ b/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_categories.ts @@ -5,36 +5,29 @@ */ import Boom from 'boom'; - -import { pipe } from 'fp-ts/lib/pipeable'; -import { fold } from 'fp-ts/lib/Either'; -import { identity } from 'fp-ts/lib/function'; -import { schema } from '@kbn/config-schema'; -import { InfraBackendLibs } from '../../../lib/infra_types'; import { - LOG_ANALYSIS_GET_LOG_ENTRY_CATEGORIES_PATH, getLogEntryCategoriesRequestPayloadRT, getLogEntryCategoriesSuccessReponsePayloadRT, + LOG_ANALYSIS_GET_LOG_ENTRY_CATEGORIES_PATH, } from '../../../../common/http_api/log_analysis'; -import { throwErrors } from '../../../../common/runtime_types'; -import { NoLogAnalysisResultsIndexError } from '../../../lib/log_analysis'; - -const anyObject = schema.object({}, { unknowns: 'allow' }); +import { createValidationFunction } from '../../../../common/runtime_types'; +import type { InfraBackendLibs } from '../../../lib/infra_types'; +import { + getTopLogEntryCategories, + NoLogAnalysisResultsIndexError, +} from '../../../lib/log_analysis'; +import { assertHasInfraMlPlugins } from '../../../utils/request_context'; -export const initGetLogEntryCategoriesRoute = ({ - framework, - logEntryCategoriesAnalysis, -}: InfraBackendLibs) => { +export const initGetLogEntryCategoriesRoute = ({ framework }: InfraBackendLibs) => { framework.registerRoute( { method: 'post', path: LOG_ANALYSIS_GET_LOG_ENTRY_CATEGORIES_PATH, validate: { - // short-circuit forced @kbn/config-schema validation so we can do io-ts validation - body: anyObject, + body: createValidationFunction(getLogEntryCategoriesRequestPayloadRT), }, }, - async (requestContext, request, response) => { + framework.router.handleLegacyErrors(async (requestContext, request, response) => { const { data: { categoryCount, @@ -43,18 +36,13 @@ export const initGetLogEntryCategoriesRoute = ({ timeRange: { startTime, endTime }, datasets, }, - } = pipe( - getLogEntryCategoriesRequestPayloadRT.decode(request.body), - fold(throwErrors(Boom.badRequest), identity) - ); + } = request.body; try { - const { - data: topLogEntryCategories, - timing, - } = await logEntryCategoriesAnalysis.getTopLogEntryCategories( + assertHasInfraMlPlugins(requestContext); + + const { data: topLogEntryCategories, timing } = await getTopLogEntryCategories( requestContext, - request, sourceId, startTime, endTime, @@ -76,18 +64,22 @@ export const initGetLogEntryCategoriesRoute = ({ timing, }), }); - } catch (e) { - const { statusCode = 500, message = 'Unknown error occurred' } = e; + } catch (error) { + if (Boom.isBoom(error)) { + throw error; + } - if (e instanceof NoLogAnalysisResultsIndexError) { - return response.notFound({ body: { message } }); + if (error instanceof NoLogAnalysisResultsIndexError) { + return response.notFound({ body: { message: error.message } }); } return response.customError({ - statusCode, - body: { message }, + statusCode: error.statusCode ?? 500, + body: { + message: error.message ?? 'An unexpected error occurred', + }, }); } - } + }) ); }; diff --git a/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_category_datasets.ts b/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_category_datasets.ts index 730e32dee2fbe..69b1e942464fd 100644 --- a/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_category_datasets.ts +++ b/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_category_datasets.ts @@ -4,54 +4,42 @@ * you may not use this file except in compliance with the Elastic License. */ -import { schema } from '@kbn/config-schema'; import Boom from 'boom'; -import { fold } from 'fp-ts/lib/Either'; -import { identity } from 'fp-ts/lib/function'; -import { pipe } from 'fp-ts/lib/pipeable'; - import { getLogEntryCategoryDatasetsRequestPayloadRT, getLogEntryCategoryDatasetsSuccessReponsePayloadRT, LOG_ANALYSIS_GET_LOG_ENTRY_CATEGORY_DATASETS_PATH, } from '../../../../common/http_api/log_analysis'; -import { throwErrors } from '../../../../common/runtime_types'; -import { InfraBackendLibs } from '../../../lib/infra_types'; -import { NoLogAnalysisResultsIndexError } from '../../../lib/log_analysis'; - -const anyObject = schema.object({}, { unknowns: 'allow' }); +import { createValidationFunction } from '../../../../common/runtime_types'; +import type { InfraBackendLibs } from '../../../lib/infra_types'; +import { + getLogEntryCategoryDatasets, + NoLogAnalysisResultsIndexError, +} from '../../../lib/log_analysis'; +import { assertHasInfraMlPlugins } from '../../../utils/request_context'; -export const initGetLogEntryCategoryDatasetsRoute = ({ - framework, - logEntryCategoriesAnalysis, -}: InfraBackendLibs) => { +export const initGetLogEntryCategoryDatasetsRoute = ({ framework }: InfraBackendLibs) => { framework.registerRoute( { method: 'post', path: LOG_ANALYSIS_GET_LOG_ENTRY_CATEGORY_DATASETS_PATH, validate: { - // short-circuit forced @kbn/config-schema validation so we can do io-ts validation - body: anyObject, + body: createValidationFunction(getLogEntryCategoryDatasetsRequestPayloadRT), }, }, - async (requestContext, request, response) => { + framework.router.handleLegacyErrors(async (requestContext, request, response) => { const { data: { sourceId, timeRange: { startTime, endTime }, }, - } = pipe( - getLogEntryCategoryDatasetsRequestPayloadRT.decode(request.body), - fold(throwErrors(Boom.badRequest), identity) - ); + } = request.body; try { - const { - data: logEntryCategoryDatasets, - timing, - } = await logEntryCategoriesAnalysis.getLogEntryCategoryDatasets( + assertHasInfraMlPlugins(requestContext); + + const { data: logEntryCategoryDatasets, timing } = await getLogEntryCategoryDatasets( requestContext, - request, sourceId, startTime, endTime @@ -65,18 +53,22 @@ export const initGetLogEntryCategoryDatasetsRoute = ({ timing, }), }); - } catch (e) { - const { statusCode = 500, message = 'Unknown error occurred' } = e; + } catch (error) { + if (Boom.isBoom(error)) { + throw error; + } - if (e instanceof NoLogAnalysisResultsIndexError) { - return response.notFound({ body: { message } }); + if (error instanceof NoLogAnalysisResultsIndexError) { + return response.notFound({ body: { message: error.message } }); } return response.customError({ - statusCode, - body: { message }, + statusCode: error.statusCode ?? 500, + body: { + message: error.message ?? 'An unexpected error occurred', + }, }); } - } + }) ); }; diff --git a/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_category_examples.ts b/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_category_examples.ts index 44f466cc77c89..217180c0290f7 100644 --- a/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_category_examples.ts +++ b/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_category_examples.ts @@ -4,37 +4,30 @@ * you may not use this file except in compliance with the Elastic License. */ -import { schema } from '@kbn/config-schema'; import Boom from 'boom'; -import { fold } from 'fp-ts/lib/Either'; -import { identity } from 'fp-ts/lib/function'; -import { pipe } from 'fp-ts/lib/pipeable'; - import { getLogEntryCategoryExamplesRequestPayloadRT, getLogEntryCategoryExamplesSuccessReponsePayloadRT, LOG_ANALYSIS_GET_LOG_ENTRY_CATEGORY_EXAMPLES_PATH, } from '../../../../common/http_api/log_analysis'; -import { throwErrors } from '../../../../common/runtime_types'; -import { InfraBackendLibs } from '../../../lib/infra_types'; -import { NoLogAnalysisResultsIndexError } from '../../../lib/log_analysis'; - -const anyObject = schema.object({}, { unknowns: 'allow' }); +import { createValidationFunction } from '../../../../common/runtime_types'; +import type { InfraBackendLibs } from '../../../lib/infra_types'; +import { + getLogEntryCategoryExamples, + NoLogAnalysisResultsIndexError, +} from '../../../lib/log_analysis'; +import { assertHasInfraMlPlugins } from '../../../utils/request_context'; -export const initGetLogEntryCategoryExamplesRoute = ({ - framework, - logEntryCategoriesAnalysis, -}: InfraBackendLibs) => { +export const initGetLogEntryCategoryExamplesRoute = ({ framework }: InfraBackendLibs) => { framework.registerRoute( { method: 'post', path: LOG_ANALYSIS_GET_LOG_ENTRY_CATEGORY_EXAMPLES_PATH, validate: { - // short-circuit forced @kbn/config-schema validation so we can do io-ts validation - body: anyObject, + body: createValidationFunction(getLogEntryCategoryExamplesRequestPayloadRT), }, }, - async (requestContext, request, response) => { + framework.router.handleLegacyErrors(async (requestContext, request, response) => { const { data: { categoryId, @@ -42,18 +35,13 @@ export const initGetLogEntryCategoryExamplesRoute = ({ sourceId, timeRange: { startTime, endTime }, }, - } = pipe( - getLogEntryCategoryExamplesRequestPayloadRT.decode(request.body), - fold(throwErrors(Boom.badRequest), identity) - ); + } = request.body; try { - const { - data: logEntryCategoryExamples, - timing, - } = await logEntryCategoriesAnalysis.getLogEntryCategoryExamples( + assertHasInfraMlPlugins(requestContext); + + const { data: logEntryCategoryExamples, timing } = await getLogEntryCategoryExamples( requestContext, - request, sourceId, startTime, endTime, @@ -69,18 +57,22 @@ export const initGetLogEntryCategoryExamplesRoute = ({ timing, }), }); - } catch (e) { - const { statusCode = 500, message = 'Unknown error occurred' } = e; + } catch (error) { + if (Boom.isBoom(error)) { + throw error; + } - if (e instanceof NoLogAnalysisResultsIndexError) { - return response.notFound({ body: { message } }); + if (error instanceof NoLogAnalysisResultsIndexError) { + return response.notFound({ body: { message: error.message } }); } return response.customError({ - statusCode, - body: { message }, + statusCode: error.statusCode ?? 500, + body: { + message: error.message ?? 'An unexpected error occurred', + }, }); } - } + }) ); }; diff --git a/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_rate.ts b/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_rate.ts index 38dc0a790a7a3..ae86102980c16 100644 --- a/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_rate.ts +++ b/x-pack/plugins/infra/server/routes/log_analysis/results/log_entry_rate.ts @@ -5,11 +5,6 @@ */ import Boom from 'boom'; - -import { pipe } from 'fp-ts/lib/pipeable'; -import { fold } from 'fp-ts/lib/Either'; -import { identity } from 'fp-ts/lib/function'; -import { schema } from '@kbn/config-schema'; import { InfraBackendLibs } from '../../../lib/infra_types'; import { LOG_ANALYSIS_GET_LOG_ENTRY_RATE_PATH, @@ -17,57 +12,61 @@ import { getLogEntryRateSuccessReponsePayloadRT, GetLogEntryRateSuccessResponsePayload, } from '../../../../common/http_api/log_analysis'; -import { throwErrors } from '../../../../common/runtime_types'; -import { NoLogAnalysisResultsIndexError } from '../../../lib/log_analysis'; - -const anyObject = schema.object({}, { unknowns: 'allow' }); +import { createValidationFunction } from '../../../../common/runtime_types'; +import { NoLogAnalysisResultsIndexError, getLogEntryRateBuckets } from '../../../lib/log_analysis'; +import { assertHasInfraMlPlugins } from '../../../utils/request_context'; -export const initGetLogEntryRateRoute = ({ framework, logEntryRateAnalysis }: InfraBackendLibs) => { +export const initGetLogEntryRateRoute = ({ framework }: InfraBackendLibs) => { framework.registerRoute( { method: 'post', path: LOG_ANALYSIS_GET_LOG_ENTRY_RATE_PATH, validate: { - // short-circuit forced @kbn/config-schema validation so we can do io-ts validation - body: anyObject, + body: createValidationFunction(getLogEntryRateRequestPayloadRT), }, }, - async (requestContext, request, response) => { + framework.router.handleLegacyErrors(async (requestContext, request, response) => { + const { + data: { sourceId, timeRange, bucketDuration }, + } = request.body; + try { - const payload = pipe( - getLogEntryRateRequestPayloadRT.decode(request.body), - fold(throwErrors(Boom.badRequest), identity) - ); + assertHasInfraMlPlugins(requestContext); - const logEntryRateBuckets = await logEntryRateAnalysis.getLogEntryRateBuckets( + const logEntryRateBuckets = await getLogEntryRateBuckets( requestContext, - request, - payload.data.sourceId, - payload.data.timeRange.startTime, - payload.data.timeRange.endTime, - payload.data.bucketDuration + sourceId, + timeRange.startTime, + timeRange.endTime, + bucketDuration ); return response.ok({ body: getLogEntryRateSuccessReponsePayloadRT.encode({ data: { - bucketDuration: payload.data.bucketDuration, + bucketDuration, histogramBuckets: logEntryRateBuckets, totalNumberOfLogEntries: getTotalNumberOfLogEntries(logEntryRateBuckets), }, }), }); - } catch (e) { - const { statusCode = 500, message = 'Unknown error occurred' } = e; - if (e instanceof NoLogAnalysisResultsIndexError) { - return response.notFound({ body: { message } }); + } catch (error) { + if (Boom.isBoom(error)) { + throw error; } + + if (error instanceof NoLogAnalysisResultsIndexError) { + return response.notFound({ body: { message: error.message } }); + } + return response.customError({ - statusCode, - body: { message }, + statusCode: error.statusCode ?? 500, + body: { + message: error.message ?? 'An unexpected error occurred', + }, }); } - } + }) ); }; diff --git a/x-pack/plugins/infra/server/types.ts b/x-pack/plugins/infra/server/types.ts new file mode 100644 index 0000000000000..735569a790f64 --- /dev/null +++ b/x-pack/plugins/infra/server/types.ts @@ -0,0 +1,28 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { MlPluginSetup } from '../../ml/server'; + +export type MlSystem = ReturnType; +export type MlAnomalyDetectors = ReturnType; + +export interface InfraMlRequestHandlerContext { + mlAnomalyDetectors?: MlAnomalyDetectors; + mlSystem?: MlSystem; +} + +export interface InfraSpacesRequestHandlerContext { + spaceId: string; +} + +export type InfraRequestHandlerContext = InfraMlRequestHandlerContext & + InfraSpacesRequestHandlerContext; + +declare module 'src/core/server' { + interface RequestHandlerContext { + infra?: InfraRequestHandlerContext; + } +} diff --git a/x-pack/plugins/infra/server/utils/request_context.ts b/x-pack/plugins/infra/server/utils/request_context.ts new file mode 100644 index 0000000000000..30855d74d9e30 --- /dev/null +++ b/x-pack/plugins/infra/server/utils/request_context.ts @@ -0,0 +1,43 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +/* eslint-disable max-classes-per-file */ + +import { InfraMlRequestHandlerContext, InfraRequestHandlerContext } from '../types'; + +export class MissingContextValuesError extends Error { + constructor(message?: string) { + super(message); + Object.setPrototypeOf(this, new.target.prototype); + } +} + +export class NoMlPluginError extends Error { + constructor(message?: string) { + super(message); + Object.setPrototypeOf(this, new.target.prototype); + } +} + +export function assertHasInfraPlugins( + context: Context +): asserts context is Context & { infra: Context['infra'] } { + if (context.infra == null) { + throw new MissingContextValuesError('Failed to access "infra" context values.'); + } +} + +export function assertHasInfraMlPlugins( + context: Context +): asserts context is Context & { + infra: Context['infra'] & Required; +} { + assertHasInfraPlugins(context); + + if (context.infra?.mlAnomalyDetectors == null || context.infra?.mlSystem == null) { + throw new NoMlPluginError('Failed to access ML plugin.'); + } +} diff --git a/x-pack/plugins/ingest_manager/common/openapi/spec_oas3.json b/x-pack/plugins/ingest_manager/common/openapi/spec_oas3.json index ea61d97145795..d17b4115e64ab 100644 --- a/x-pack/plugins/ingest_manager/common/openapi/spec_oas3.json +++ b/x-pack/plugins/ingest_manager/common/openapi/spec_oas3.json @@ -1712,6 +1712,198 @@ }, "success": true } + }, + "required-package": { + "value": { + "response": { + "format_version": "1.0.0", + "name": "endpoint", + "title": "Elastic Endpoint", + "version": "0.3.0", + "readme": "/package/endpoint/0.3.0/docs/README.md", + "license": "basic", + "description": "This is the Elastic Endpoint package.", + "type": "solution", + "categories": [ + "security" + ], + "release": "beta", + "requirement": { + "kibana": { + "versions": ">7.4.0" + } + }, + "icons": [ + { + "src": "/package/endpoint/0.3.0/img/logo-endpoint-64-color.svg", + "size": "16x16", + "type": "image/svg+xml" + } + ], + "assets": { + "kibana": { + "dashboard": [ + { + "pkgkey": "endpoint-0.3.0", + "service": "kibana", + "type": "dashboard", + "file": "826759f0-7074-11ea-9bc8-6b38f4d29a16.json", + "path": "endpoint-0.3.0/kibana/dashboard/826759f0-7074-11ea-9bc8-6b38f4d29a16.json" + } + ], + "map": [ + { + "pkgkey": "endpoint-0.3.0", + "service": "kibana", + "type": "map", + "file": "a3a3bd10-706b-11ea-9bc8-6b38f4d29a16.json", + "path": "endpoint-0.3.0/kibana/map/a3a3bd10-706b-11ea-9bc8-6b38f4d29a16.json" + } + ], + "visualization": [ + { + "pkgkey": "endpoint-0.3.0", + "service": "kibana", + "type": "visualization", + "file": "1cfceda0-728b-11ea-9bc8-6b38f4d29a16.json", + "path": "endpoint-0.3.0/kibana/visualization/1cfceda0-728b-11ea-9bc8-6b38f4d29a16.json" + }, + { + "pkgkey": "endpoint-0.3.0", + "service": "kibana", + "type": "visualization", + "file": "1e525190-7074-11ea-9bc8-6b38f4d29a16.json", + "path": "endpoint-0.3.0/kibana/visualization/1e525190-7074-11ea-9bc8-6b38f4d29a16.json" + }, + { + "pkgkey": "endpoint-0.3.0", + "service": "kibana", + "type": "visualization", + "file": "55387750-729c-11ea-9bc8-6b38f4d29a16.json", + "path": "endpoint-0.3.0/kibana/visualization/55387750-729c-11ea-9bc8-6b38f4d29a16.json" + }, + { + "pkgkey": "endpoint-0.3.0", + "service": "kibana", + "type": "visualization", + "file": "92b1edc0-706a-11ea-9bc8-6b38f4d29a16.json", + "path": "endpoint-0.3.0/kibana/visualization/92b1edc0-706a-11ea-9bc8-6b38f4d29a16.json" + } + ] + } + }, + "datasets": [ + { + "id": "endpoint", + "title": "Endpoint Events", + "release": "experimental", + "type": "events", + "package": "endpoint", + "path": "events" + }, + { + "id": "endpoint.metadata", + "title": "Endpoint Metadata", + "release": "experimental", + "type": "metrics", + "package": "endpoint", + "path": "metadata" + }, + { + "id": "endpoint.policy", + "title": "Endpoint Policy Response", + "release": "experimental", + "type": "metrics", + "package": "endpoint", + "path": "policy" + }, + { + "id": "endpoint.telemetry", + "title": "Endpoint Telemetry", + "release": "experimental", + "type": "metrics", + "package": "endpoint", + "path": "telemetry" + } + ], + "datasources": [ + { + "name": "endpoint", + "title": "Endpoint data source", + "description": "Interact with the endpoint.", + "inputs": null, + "multiple": false + } + ], + "download": "/epr/endpoint/endpoint-0.3.0.tar.gz", + "path": "/package/endpoint/0.3.0", + "latestVersion": "0.3.0", + "removable": false, + "status": "installed", + "savedObject": { + "id": "endpoint", + "type": "epm-packages", + "updated_at": "2020-06-23T21:44:59.319Z", + "version": "Wzk4LDFd", + "attributes": { + "installed": [ + { + "id": "826759f0-7074-11ea-9bc8-6b38f4d29a16", + "type": "dashboard" + }, + { + "id": "1cfceda0-728b-11ea-9bc8-6b38f4d29a16", + "type": "visualization" + }, + { + "id": "1e525190-7074-11ea-9bc8-6b38f4d29a16", + "type": "visualization" + }, + { + "id": "55387750-729c-11ea-9bc8-6b38f4d29a16", + "type": "visualization" + }, + { + "id": "92b1edc0-706a-11ea-9bc8-6b38f4d29a16", + "type": "visualization" + }, + { + "id": "a3a3bd10-706b-11ea-9bc8-6b38f4d29a16", + "type": "map" + }, + { + "id": "events-endpoint", + "type": "index-template" + }, + { + "id": "metrics-endpoint.metadata", + "type": "index-template" + }, + { + "id": "metrics-endpoint.policy", + "type": "index-template" + }, + { + "id": "metrics-endpoint.telemetry", + "type": "index-template" + } + ], + "es_index_patterns": { + "events": "events-endpoint-*", + "metadata": "metrics-endpoint.metadata-*", + "policy": "metrics-endpoint.policy-*", + "telemetry": "metrics-endpoint.telemetry-*" + }, + "name": "endpoint", + "version": "0.3.0", + "internal": false, + "removable": false + }, + "references": [] + } + }, + "success": true + } } } } @@ -3822,6 +4014,9 @@ }, "path": { "type": "string" + }, + "removable": { + "type": "boolean" } }, "required": [ diff --git a/x-pack/plugins/ingest_manager/common/types/models/epm.ts b/x-pack/plugins/ingest_manager/common/types/models/epm.ts index cc9e23dc9388f..599165d2bfd98 100644 --- a/x-pack/plugins/ingest_manager/common/types/models/epm.ts +++ b/x-pack/plugins/ingest_manager/common/types/models/epm.ts @@ -58,7 +58,6 @@ export interface RegistryPackage { icons?: RegistryImage[]; assets?: string[]; internal?: boolean; - removable?: boolean; format_version: string; datasets?: Dataset[]; datasources?: RegistryDatasource[]; @@ -206,6 +205,7 @@ interface PackageAdditions { title: string; latestVersion: string; assets: AssetsGroupedByServiceByType; + removable?: boolean; } // Managers public HTTP response types diff --git a/x-pack/plugins/ingest_manager/public/applications/ingest_manager/sections/agent_config/create_datasource_page/components/layout.tsx b/x-pack/plugins/ingest_manager/public/applications/ingest_manager/sections/agent_config/create_datasource_page/components/layout.tsx index 7939feed80143..6f23c0ce60850 100644 --- a/x-pack/plugins/ingest_manager/public/applications/ingest_manager/sections/agent_config/create_datasource_page/components/layout.tsx +++ b/x-pack/plugins/ingest_manager/public/applications/ingest_manager/sections/agent_config/create_datasource_page/components/layout.tsx @@ -23,14 +23,14 @@ import { CreateDatasourceFrom } from '../types'; export const CreateDatasourcePageLayout: React.FunctionComponent<{ from: CreateDatasourceFrom; cancelUrl: string; - cancelOnClick?: React.ReactEventHandler; + onCancel?: React.ReactEventHandler; agentConfig?: AgentConfig; packageInfo?: PackageInfo; 'data-test-subj'?: string; }> = ({ from, cancelUrl, - cancelOnClick, + onCancel, agentConfig, packageInfo, children, @@ -45,7 +45,7 @@ export const CreateDatasourcePageLayout: React.FunctionComponent<{ iconType="arrowLeft" flush="left" href={cancelUrl} - onClick={cancelOnClick} + onClick={onCancel} data-test-subj={`${dataTestSubj}_cancelBackLink`} > { const layoutProps = { from, cancelUrl, - cancelOnClick: cancelClickHandler, + onCancel: cancelClickHandler, agentConfig, packageInfo, }; diff --git a/x-pack/plugins/ingest_manager/public/applications/ingest_manager/sections/agent_config/edit_datasource_page/index.tsx b/x-pack/plugins/ingest_manager/public/applications/ingest_manager/sections/agent_config/edit_datasource_page/index.tsx index d47eea80da8b7..af39cb87f18c9 100644 --- a/x-pack/plugins/ingest_manager/public/applications/ingest_manager/sections/agent_config/edit_datasource_page/index.tsx +++ b/x-pack/plugins/ingest_manager/public/applications/ingest_manager/sections/agent_config/edit_datasource_page/index.tsx @@ -242,7 +242,7 @@ export const EditDatasourcePage: React.FunctionComponent = () => { }; return ( - + {isLoadingData ? ( ) : loadingError || !agentConfig || !packageInfo ? ( diff --git a/x-pack/plugins/ingest_manager/public/applications/ingest_manager/sections/fleet/agent_list_page/index.tsx b/x-pack/plugins/ingest_manager/public/applications/ingest_manager/sections/fleet/agent_list_page/index.tsx index 281a8d3a9745c..75d0556755149 100644 --- a/x-pack/plugins/ingest_manager/public/applications/ingest_manager/sections/fleet/agent_list_page/index.tsx +++ b/x-pack/plugins/ingest_manager/public/applications/ingest_manager/sections/fleet/agent_list_page/index.tsx @@ -489,6 +489,7 @@ export const AgentListPage: React.FunctionComponent<{}> = () => { className="fleet__agentList__table" + data-test-subj="fleetAgentListTable" loading={isLoading && agentsRequest.isInitialRequest} hasActions={true} noItemsMessage={ diff --git a/x-pack/plugins/ingest_manager/server/constants/index.ts b/x-pack/plugins/ingest_manager/server/constants/index.ts index 4d60b9031414e..ebcce6320ec4b 100644 --- a/x-pack/plugins/ingest_manager/server/constants/index.ts +++ b/x-pack/plugins/ingest_manager/server/constants/index.ts @@ -36,7 +36,7 @@ export { PACKAGES_SAVED_OBJECT_TYPE, INDEX_PATTERN_SAVED_OBJECT_TYPE, ENROLLMENT_API_KEYS_SAVED_OBJECT_TYPE, - GLOBAL_SETTINGS_SAVED_OBJECT_TYPE as GLOBAL_SETTINGS_SAVED_OBJET_TYPE, + GLOBAL_SETTINGS_SAVED_OBJECT_TYPE, // Defaults DEFAULT_AGENT_CONFIG, DEFAULT_OUTPUT, diff --git a/x-pack/plugins/ingest_manager/server/saved_objects/index.ts b/x-pack/plugins/ingest_manager/server/saved_objects/index.ts index 703ddb521c831..1199c9d198e3a 100644 --- a/x-pack/plugins/ingest_manager/server/saved_objects/index.ts +++ b/x-pack/plugins/ingest_manager/server/saved_objects/index.ts @@ -15,7 +15,7 @@ import { AGENT_EVENT_SAVED_OBJECT_TYPE, AGENT_ACTION_SAVED_OBJECT_TYPE, ENROLLMENT_API_KEYS_SAVED_OBJECT_TYPE, - GLOBAL_SETTINGS_SAVED_OBJET_TYPE, + GLOBAL_SETTINGS_SAVED_OBJECT_TYPE, } from '../constants'; import { migrateDatasourcesToV790 } from './migrations/datasources_v790'; import { migrateAgentConfigToV790 } from './migrations/agent_config_v790'; @@ -26,8 +26,8 @@ import { migrateAgentConfigToV790 } from './migrations/agent_config_v790'; */ const savedObjectTypes: { [key: string]: SavedObjectsType } = { - [GLOBAL_SETTINGS_SAVED_OBJET_TYPE]: { - name: GLOBAL_SETTINGS_SAVED_OBJET_TYPE, + [GLOBAL_SETTINGS_SAVED_OBJECT_TYPE]: { + name: GLOBAL_SETTINGS_SAVED_OBJECT_TYPE, hidden: false, namespaceType: 'agnostic', management: { @@ -246,7 +246,7 @@ const savedObjectTypes: { [key: string]: SavedObjectsType } = { internal: { type: 'boolean' }, removable: { type: 'boolean' }, es_index_patterns: { - dynamic: 'false', + enabled: false, type: 'object', }, installed: { diff --git a/x-pack/plugins/ingest_manager/server/services/epm/packages/get.ts b/x-pack/plugins/ingest_manager/server/services/epm/packages/get.ts index 7d5e6d6e88387..a261eec899d7c 100644 --- a/x-pack/plugins/ingest_manager/server/services/epm/packages/get.ts +++ b/x-pack/plugins/ingest_manager/server/services/epm/packages/get.ts @@ -8,7 +8,7 @@ import { SavedObjectsClientContract } from 'src/core/server'; import { PACKAGES_SAVED_OBJECT_TYPE } from '../../../constants'; import { Installation, InstallationStatus, PackageInfo, KibanaAssetType } from '../../../types'; import * as Registry from '../registry'; -import { createInstallableFrom } from './index'; +import { createInstallableFrom, isRequiredPackage } from './index'; export { fetchFile as getFile, SearchParams } from '../registry'; @@ -79,10 +79,7 @@ export async function getPackageInfo(options: { getInstallationObject({ savedObjectsClient, pkgName }), Registry.fetchFindLatestPackage(pkgName), Registry.getArchiveInfo(pkgName, pkgVersion), - ] as const); - // adding `as const` due to regression in TS 3.7.2 - // see https://github.com/microsoft/TypeScript/issues/34925#issuecomment-550021453 - // and https://github.com/microsoft/TypeScript/pull/33707#issuecomment-550718523 + ]); // add properties that aren't (or aren't yet) on Registry response const updated = { @@ -90,6 +87,7 @@ export async function getPackageInfo(options: { latestVersion: latestPackage.version, title: item.title || nameAsTitle(item.name), assets: Registry.groupPathsByService(assets || []), + removable: !isRequiredPackage(pkgName), }; return createInstallableFrom(updated, savedObject); } diff --git a/x-pack/plugins/ingest_manager/server/services/epm/packages/index.ts b/x-pack/plugins/ingest_manager/server/services/epm/packages/index.ts index d49e0e661440f..b79f9178ad6af 100644 --- a/x-pack/plugins/ingest_manager/server/services/epm/packages/index.ts +++ b/x-pack/plugins/ingest_manager/server/services/epm/packages/index.ts @@ -26,6 +26,16 @@ export { export { installKibanaAssets, installPackage, ensureInstalledPackage } from './install'; export { removeInstallation } from './remove'; +type RequiredPackage = 'system' | 'endpoint'; +const requiredPackages: Record = { + system: true, + endpoint: true, +}; + +export function isRequiredPackage(value: string): value is RequiredPackage { + return value in requiredPackages; +} + export class PackageNotInstalledError extends Error { constructor(pkgkey: string) { super(`${pkgkey} is not installed`); diff --git a/x-pack/plugins/ingest_manager/server/services/epm/packages/install.ts b/x-pack/plugins/ingest_manager/server/services/epm/packages/install.ts index 736711f9152e9..910283549abdf 100644 --- a/x-pack/plugins/ingest_manager/server/services/epm/packages/install.ts +++ b/x-pack/plugins/ingest_manager/server/services/epm/packages/install.ts @@ -19,7 +19,7 @@ import { import { installIndexPatterns } from '../kibana/index_pattern/install'; import * as Registry from '../registry'; import { getObject } from './get_objects'; -import { getInstallation, getInstallationObject } from './index'; +import { getInstallation, getInstallationObject, isRequiredPackage } from './index'; import { installTemplates } from '../elasticsearch/template/install'; import { generateESIndexPatterns } from '../elasticsearch/template/template'; import { installPipelines } from '../elasticsearch/ingest_pipeline/install'; @@ -104,7 +104,8 @@ export async function installPackage(options: { throw Boom.badRequest('Cannot install or update to an out-of-date package'); const reinstall = pkgVersion === installedPkg?.attributes.version; - const { internal = false, removable = true } = registryPackageInfo; + const removable = !isRequiredPackage(pkgName); + const { internal = false } = registryPackageInfo; // delete the previous version's installation's SO kibana assets before installing new ones // in case some assets were removed in the new version diff --git a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/_workspace_panel_wrapper.scss b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/_workspace_panel_wrapper.scss index 4ba19cb4ab05b..e663754707e05 100644 --- a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/_workspace_panel_wrapper.scss +++ b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/_workspace_panel_wrapper.scss @@ -10,11 +10,14 @@ .lnsWorkspacePanelWrapper__pageContentHeader { @include euiTitle('xs'); padding: $euiSizeM; - border-bottom: $euiBorderThin; // override EuiPage margin-bottom: 0 !important; // sass-lint:disable-line no-important } + .lnsWorkspacePanelWrapper__pageContentHeader--unsaved { + color: $euiTextSubduedColor; + } + .lnsWorkspacePanelWrapper__pageContentBody { @include euiScrollBar; flex-grow: 1; diff --git a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/config_panel/_dimension_popover.scss b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/config_panel/_dimension_popover.scss index 254807d06d386..691cda9ff0d79 100644 --- a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/config_panel/_dimension_popover.scss +++ b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/config_panel/_dimension_popover.scss @@ -1,9 +1,11 @@ .lnsDimensionPopover { line-height: 0; flex-grow: 1; + max-width: calc(100% - #{$euiSizeL}); } .lnsDimensionPopover__trigger { max-width: 100%; display: block; + word-break: break-word; } diff --git a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/editor_frame.tsx b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/editor_frame.tsx index 07c76a81ed62d..af3d0ed068d2f 100644 --- a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/editor_frame.tsx +++ b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/editor_frame.tsx @@ -23,7 +23,6 @@ import { WorkspacePanel } from './workspace_panel'; import { Document } from '../../persistence/saved_object_store'; import { RootDragDropProvider } from '../../drag_drop'; import { getSavedObjectFormat } from './save'; -import { WorkspacePanelWrapper } from './workspace_panel_wrapper'; import { generateId } from '../../id_generator'; import { Filter, Query, SavedQuery } from '../../../../../../src/plugins/data/public'; import { EditorFrameStartPlugins } from '../service'; @@ -275,21 +274,20 @@ export function EditorFrame(props: EditorFrameProps) { } workspacePanel={ allLoaded && ( - - - + ) } suggestionsPanel={ diff --git a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel.tsx b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel.tsx index e4d37772eac2e..670afe28293a4 100644 --- a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel.tsx +++ b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel.tsx @@ -37,6 +37,7 @@ import { trackUiEvent } from '../../lens_ui_telemetry'; import { UiActionsStart } from '../../../../../../src/plugins/ui_actions/public'; import { VIS_EVENT_TO_TRIGGER } from '../../../../../../src/plugins/visualizations/public'; import { DataPublicPluginStart } from '../../../../../../src/plugins/data/public'; +import { WorkspacePanelWrapper } from './workspace_panel_wrapper'; export interface WorkspacePanelProps { activeVisualizationId: string | null; @@ -56,6 +57,7 @@ export interface WorkspacePanelProps { ExpressionRenderer: ReactExpressionRendererType; core: CoreStart | CoreSetup; plugins: { uiActions?: UiActionsStart; data: DataPublicPluginStart }; + title?: string; } export const WorkspacePanel = debouncedComponent(InnerWorkspacePanel); @@ -73,6 +75,7 @@ export function InnerWorkspacePanel({ core, plugins, ExpressionRenderer: ExpressionRendererComponent, + title, }: WorkspacePanelProps) { const IS_DARK_THEME = core.uiSettings.get('theme:darkMode'); const emptyStateGraphicURL = IS_DARK_THEME @@ -291,13 +294,22 @@ export function InnerWorkspacePanel({ } return ( - - {renderVisualization()} - + + {renderVisualization()} + + ); } diff --git a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel_wrapper.test.tsx b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel_wrapper.test.tsx new file mode 100644 index 0000000000000..517dff5b5e74c --- /dev/null +++ b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel_wrapper.test.tsx @@ -0,0 +1,65 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import { Visualization } from '../../types'; +import { createMockVisualization, createMockFramePublicAPI, FrameMock } from '../mocks'; +import { mountWithIntl as mount } from 'test_utils/enzyme_helpers'; +import { ReactWrapper } from 'enzyme'; +import { WorkspacePanelWrapper, WorkspacePanelWrapperProps } from './workspace_panel_wrapper'; + +describe('workspace_panel_wrapper', () => { + let mockVisualization: jest.Mocked; + let mockFrameAPI: FrameMock; + let instance: ReactWrapper; + + beforeEach(() => { + mockVisualization = createMockVisualization(); + mockFrameAPI = createMockFramePublicAPI(); + }); + + afterEach(() => { + instance.unmount(); + }); + + it('should render its children', () => { + const MyChild = () => The child elements; + instance = mount( + + + + ); + + expect(instance.find(MyChild)).toHaveLength(1); + }); + + it('should call the toolbar renderer if provided', () => { + const renderToolbarMock = jest.fn(); + const visState = { internalState: 123 }; + instance = mount( + } + activeVisualization={{ ...mockVisualization, renderToolbar: renderToolbarMock }} + emptyExpression={false} + /> + ); + + expect(renderToolbarMock).toHaveBeenCalledWith(expect.any(Element), { + state: visState, + frame: mockFrameAPI, + setState: expect.anything(), + }); + }); +}); diff --git a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel_wrapper.tsx b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel_wrapper.tsx index cc91510146f35..17461b9fc274f 100644 --- a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel_wrapper.tsx +++ b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel_wrapper.tsx @@ -4,25 +4,86 @@ * you may not use this file except in compliance with the Elastic License. */ -import React from 'react'; -import { EuiPageContent, EuiPageContentHeader, EuiPageContentBody } from '@elastic/eui'; +import React, { useCallback } from 'react'; +import { i18n } from '@kbn/i18n'; +import classNames from 'classnames'; +import { + EuiPageContent, + EuiPageContentBody, + EuiPageContentHeader, + EuiFlexGroup, + EuiFlexItem, +} from '@elastic/eui'; +import { FramePublicAPI, Visualization } from '../../types'; +import { NativeRenderer } from '../../native_renderer'; +import { Action } from './state_management'; -interface Props { - title: string; +export interface WorkspacePanelWrapperProps { children: React.ReactNode | React.ReactNode[]; + framePublicAPI: FramePublicAPI; + visualizationState: unknown; + activeVisualization: Visualization | null; + dispatch: (action: Action) => void; + emptyExpression: boolean; + title?: string; } -export function WorkspacePanelWrapper({ children, title }: Props) { +export function WorkspacePanelWrapper({ + children, + framePublicAPI, + visualizationState, + activeVisualization, + dispatch, + title, + emptyExpression, +}: WorkspacePanelWrapperProps) { + const setVisualizationState = useCallback( + (newState: unknown) => { + if (!activeVisualization) { + return; + } + dispatch({ + type: 'UPDATE_VISUALIZATION_STATE', + visualizationId: activeVisualization.id, + newState, + clearStagedPreview: false, + }); + }, + [dispatch] + ); return ( - - {title && ( - - {title} - + + {activeVisualization && activeVisualization.renderToolbar && ( + + + )} - - {children} - - + + + {(!emptyExpression || title) && ( + + + {title || + i18n.translate('xpack.lens.chartTitle.unsaved', { defaultMessage: 'Unsaved' })} + + + )} + + {children} + + + + ); } diff --git a/x-pack/plugins/lens/public/indexpattern_datasource/_field_item.scss b/x-pack/plugins/lens/public/indexpattern_datasource/_field_item.scss index 41919b900c71f..6e51c45ad02c1 100644 --- a/x-pack/plugins/lens/public/indexpattern_datasource/_field_item.scss +++ b/x-pack/plugins/lens/public/indexpattern_datasource/_field_item.scss @@ -29,6 +29,7 @@ .lnsFieldItem__name { margin-left: $euiSizeS; flex-grow: 1; + word-break: break-word; } .lnsFieldListPanel__fieldIcon, diff --git a/x-pack/plugins/lens/public/types.ts b/x-pack/plugins/lens/public/types.ts index c2437aa3cc3cc..d451e312446bd 100644 --- a/x-pack/plugins/lens/public/types.ts +++ b/x-pack/plugins/lens/public/types.ts @@ -290,6 +290,12 @@ export type VisualizationLayerWidgetProps = VisualizationConfigProp setState: (newState: T) => void; }; +export interface VisualizationToolbarProps { + setState: (newState: T) => void; + frame: FramePublicAPI; + state: T; +} + export type VisualizationDimensionEditorProps = VisualizationConfigProps & { groupId: string; accessor: string; @@ -454,6 +460,11 @@ export interface Visualization { * for extra configurability, such as for styling the legend or axis */ renderLayerContextMenu?: (domElement: Element, props: VisualizationLayerWidgetProps) => void; + /** + * Toolbar rendered above the visualization. This is meant to be used to provide chart-level + * settings for the visualization. + */ + renderToolbar?: (domElement: Element, props: VisualizationToolbarProps) => void; /** * Visualizations can provide a custom icon which will open a layer-specific popover * If no icon is provided, gear icon is default diff --git a/x-pack/plugins/licensing/server/licensing_route_handler_context.test.ts b/x-pack/plugins/licensing/server/licensing_route_handler_context.test.ts index 29bff40293958..4942d21f64ee2 100644 --- a/x-pack/plugins/licensing/server/licensing_route_handler_context.test.ts +++ b/x-pack/plugins/licensing/server/licensing_route_handler_context.test.ts @@ -5,9 +5,19 @@ */ import { BehaviorSubject } from 'rxjs'; -import { licenseMock } from '../common/licensing.mock'; +import { licenseMock } from '../common/licensing.mock'; import { createRouteHandlerContext } from './licensing_route_handler_context'; +import { featureUsageMock } from './services/feature_usage_service.mock'; +import { FeatureUsageServiceStart } from './services'; +import { StartServicesAccessor } from 'src/core/server'; +import { LicensingPluginStart } from './types'; + +const createStartServices = ( + featureUsage: FeatureUsageServiceStart = featureUsageMock.createStart() +): StartServicesAccessor<{}, LicensingPluginStart> => { + return async () => [{} as any, {}, { featureUsage } as LicensingPluginStart]; +}; describe('createRouteHandlerContext', () => { it('returns a function providing the last license value', async () => { @@ -15,7 +25,7 @@ describe('createRouteHandlerContext', () => { const secondLicense = licenseMock.createLicense(); const license$ = new BehaviorSubject(firstLicense); - const routeHandler = createRouteHandlerContext(license$); + const routeHandler = createRouteHandlerContext(license$, createStartServices()); const firstCtx = await routeHandler({} as any, {} as any, {} as any); license$.next(secondLicense); @@ -24,4 +34,14 @@ describe('createRouteHandlerContext', () => { expect(firstCtx.license).toBe(firstLicense); expect(secondCtx.license).toBe(secondLicense); }); + + it('returns a the feature usage API', async () => { + const license$ = new BehaviorSubject(licenseMock.createLicense()); + const featureUsage = featureUsageMock.createStart(); + + const routeHandler = createRouteHandlerContext(license$, createStartServices(featureUsage)); + const ctx = await routeHandler({} as any, {} as any, {} as any); + + expect(ctx.featureUsage).toBe(featureUsage); + }); }); diff --git a/x-pack/plugins/licensing/server/licensing_route_handler_context.ts b/x-pack/plugins/licensing/server/licensing_route_handler_context.ts index 42cb0959fc373..736a2151a3dbd 100644 --- a/x-pack/plugins/licensing/server/licensing_route_handler_context.ts +++ b/x-pack/plugins/licensing/server/licensing_route_handler_context.ts @@ -4,11 +4,12 @@ * you may not use this file except in compliance with the Elastic License. */ -import { IContextProvider, RequestHandler } from 'src/core/server'; +import { IContextProvider, RequestHandler, StartServicesAccessor } from 'src/core/server'; import { Observable } from 'rxjs'; import { take } from 'rxjs/operators'; import { ILicense } from '../common/types'; +import { LicensingPluginStart } from './types'; /** * Create a route handler context for access to Kibana license information. @@ -16,9 +17,16 @@ import { ILicense } from '../common/types'; * @public */ export function createRouteHandlerContext( - license$: Observable + license$: Observable, + getStartServices: StartServicesAccessor<{}, LicensingPluginStart> ): IContextProvider, 'licensing'> { return async function licensingRouteHandlerContext() { - return { license: await license$.pipe(take(1)).toPromise() }; + const [, , { featureUsage }] = await getStartServices(); + const license = await license$.pipe(take(1)).toPromise(); + + return { + featureUsage, + license, + }; }; } diff --git a/x-pack/plugins/licensing/server/mocks.ts b/x-pack/plugins/licensing/server/mocks.ts index 0d154f76d5134..1a2b543b47df5 100644 --- a/x-pack/plugins/licensing/server/mocks.ts +++ b/x-pack/plugins/licensing/server/mocks.ts @@ -4,7 +4,11 @@ * you may not use this file except in compliance with the Elastic License. */ import { BehaviorSubject } from 'rxjs'; -import { LicensingPluginSetup, LicensingPluginStart } from './types'; +import { + LicensingPluginSetup, + LicensingPluginStart, + LicensingRequestHandlerContext, +} from './types'; import { licenseMock } from '../common/licensing.mock'; import { featureUsageMock } from './services/feature_usage_service.mock'; @@ -43,8 +47,20 @@ const createStartMock = (): jest.Mocked => { return mock; }; +const createRequestHandlerContextMock = ( + ...options: Parameters +): jest.Mocked => { + const mock: jest.Mocked = { + license: licenseMock.createLicense(...options), + featureUsage: featureUsageMock.createStart(), + }; + + return mock; +}; + export const licensingMock = { createSetup: createSetupMock, createStart: createStartMock, + createRequestHandlerContext: createRequestHandlerContextMock, ...licenseMock, }; diff --git a/x-pack/plugins/licensing/server/plugin.ts b/x-pack/plugins/licensing/server/plugin.ts index e1aa4a1b32517..0a6964b1b829d 100644 --- a/x-pack/plugins/licensing/server/plugin.ts +++ b/x-pack/plugins/licensing/server/plugin.ts @@ -128,7 +128,10 @@ export class LicensingPlugin implements Plugin, field: string, type: "nested" |})>"`; +const returnedSchemaError = + '"Array<({| field: string, operator: "excluded" | "included", type: "match", value: string |} | {| field: string, operator: "excluded" | "included", type: "match_any", value: DefaultStringArray |} | {| field: string, list: {| id: string, type: "ip" | "keyword" |}, operator: "excluded" | "included", type: "list" |} | {| field: string, operator: "excluded" | "included", type: "exists" |} | {| entries: Array<{| field: string, operator: "excluded" | "included", type: "match", value: string |}>, field: string, type: "nested" |})>"'; describe('default_entries_array', () => { test('it should validate an empty array', () => { diff --git a/x-pack/plugins/lists/common/schemas/types/default_namespace.test.ts b/x-pack/plugins/lists/common/schemas/types/default_namespace.test.ts new file mode 100644 index 0000000000000..152f85233aa1a --- /dev/null +++ b/x-pack/plugins/lists/common/schemas/types/default_namespace.test.ts @@ -0,0 +1,61 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { pipe } from 'fp-ts/lib/pipeable'; +import { left } from 'fp-ts/lib/Either'; + +import { foldLeftRight, getPaths } from '../../siem_common_deps'; + +import { DefaultNamespace } from './default_namespace'; + +describe('default_namespace', () => { + test('it should validate "single"', () => { + const payload = 'single'; + const decoded = DefaultNamespace.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual(payload); + }); + + test('it should validate "agnostic"', () => { + const payload = 'agnostic'; + const decoded = DefaultNamespace.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual(payload); + }); + + test('it defaults to "single" if "undefined"', () => { + const payload = undefined; + const decoded = DefaultNamespace.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual('single'); + }); + + test('it defaults to "single" if "null"', () => { + const payload = null; + const decoded = DefaultNamespace.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual('single'); + }); + + test('it should NOT validate if not "single" or "agnostic"', () => { + const payload = 'something else'; + const decoded = DefaultNamespace.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([ + `Invalid value "something else" supplied to "DefaultNamespace"`, + ]); + expect(message.schema).toEqual({}); + }); +}); diff --git a/x-pack/plugins/lists/common/schemas/types/default_namespace.ts b/x-pack/plugins/lists/common/schemas/types/default_namespace.ts index c98cb8d2bba72..8f8f8d105b624 100644 --- a/x-pack/plugins/lists/common/schemas/types/default_namespace.ts +++ b/x-pack/plugins/lists/common/schemas/types/default_namespace.ts @@ -7,7 +7,7 @@ import * as t from 'io-ts'; import { Either } from 'fp-ts/lib/Either'; -const namespaceType = t.keyof({ agnostic: null, single: null }); +export const namespaceType = t.keyof({ agnostic: null, single: null }); type NamespaceType = t.TypeOf; diff --git a/x-pack/plugins/lists/common/schemas/types/entries.mock.ts b/x-pack/plugins/lists/common/schemas/types/entries.mock.ts index 1926cb09db119..8af18c970c6ae 100644 --- a/x-pack/plugins/lists/common/schemas/types/entries.mock.ts +++ b/x-pack/plugins/lists/common/schemas/types/entries.mock.ts @@ -9,10 +9,12 @@ import { EXISTS, FIELD, LIST, + LIST_ID, MATCH, MATCH_ANY, NESTED, OPERATOR, + TYPE, } from '../../constants.mock'; import { @@ -40,9 +42,9 @@ export const getEntryMatchAnyMock = (): EntryMatchAny => ({ export const getEntryListMock = (): EntryList => ({ field: FIELD, + list: { id: LIST_ID, type: TYPE }, operator: OPERATOR, type: LIST, - value: [ENTRY_VALUE], }); export const getEntryExistsMock = (): EntryExists => ({ @@ -52,7 +54,7 @@ export const getEntryExistsMock = (): EntryExists => ({ }); export const getEntryNestedMock = (): EntryNested => ({ - entries: [getEntryMatchMock(), getEntryExistsMock()], + entries: [getEntryMatchMock(), getEntryMatchMock()], field: FIELD, type: NESTED, }); diff --git a/x-pack/plugins/lists/common/schemas/types/entries.test.ts b/x-pack/plugins/lists/common/schemas/types/entries.test.ts index a13d4c0347e45..01f82f12f2b2c 100644 --- a/x-pack/plugins/lists/common/schemas/types/entries.test.ts +++ b/x-pack/plugins/lists/common/schemas/types/entries.test.ts @@ -251,16 +251,16 @@ describe('Entries', () => { expect(message.schema).toEqual(payload); }); - test('it should not validate when "value" is not string array', () => { - const payload: Omit & { value: string } = { + test('it should not validate when "list" is not expected value', () => { + const payload: Omit & { list: string } = { ...getEntryListMock(), - value: 'someListId', + list: 'someListId', }; const decoded = entriesList.decode(payload); const message = pipe(decoded, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([ - 'Invalid value "someListId" supplied to "value"', + 'Invalid value "someListId" supplied to "list"', ]); expect(message.schema).toEqual({}); }); @@ -338,6 +338,20 @@ describe('Entries', () => { expect(message.schema).toEqual({}); }); + test('it should NOT validate when "entries" contains an entry item that is not type "match"', () => { + const payload: Omit & { + entries: EntryMatchAny[]; + } = { ...getEntryNestedMock(), entries: [getEntryMatchAnyMock()] }; + const decoded = entriesNested.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "match_any" supplied to "entries,type"', + 'Invalid value "["some host name"]" supplied to "entries,value"', + ]); + expect(message.schema).toEqual({}); + }); + test('it should strip out extra keys', () => { const payload: EntryNested & { extraKey?: string; diff --git a/x-pack/plugins/lists/common/schemas/types/entries.ts b/x-pack/plugins/lists/common/schemas/types/entries.ts index e3625dbe08334..c379f77b862c8 100644 --- a/x-pack/plugins/lists/common/schemas/types/entries.ts +++ b/x-pack/plugins/lists/common/schemas/types/entries.ts @@ -8,7 +8,7 @@ import * as t from 'io-ts'; -import { operator } from '../common/schemas'; +import { operator, type } from '../common/schemas'; import { DefaultStringArray } from '../../siem_common_deps'; export const entriesMatch = t.exact( @@ -34,9 +34,9 @@ export type EntryMatchAny = t.TypeOf; export const entriesList = t.exact( t.type({ field: t.string, + list: t.exact(t.type({ id: t.string, type })), operator, type: t.keyof({ list: null }), - value: DefaultStringArray, }) ); export type EntryList = t.TypeOf; @@ -52,7 +52,7 @@ export type EntryExists = t.TypeOf; export const entriesNested = t.exact( t.type({ - entries: t.array(t.union([entriesMatch, entriesMatchAny, entriesList, entriesExists])), + entries: t.array(entriesMatch), field: t.string, type: t.keyof({ nested: null }), }) diff --git a/x-pack/plugins/lists/common/schemas/types/index.ts b/x-pack/plugins/lists/common/schemas/types/index.ts index 8e4b28b31d95c..97f2b0f59a5fd 100644 --- a/x-pack/plugins/lists/common/schemas/types/index.ts +++ b/x-pack/plugins/lists/common/schemas/types/index.ts @@ -5,5 +5,6 @@ */ export * from './default_comments_array'; export * from './default_entries_array'; +export * from './default_namespace'; export * from './comments'; export * from './entries'; diff --git a/x-pack/plugins/lists/server/index.ts b/x-pack/plugins/lists/server/index.ts index 33f58ba65d3c3..31f22108028a6 100644 --- a/x-pack/plugins/lists/server/index.ts +++ b/x-pack/plugins/lists/server/index.ts @@ -11,6 +11,7 @@ import { ListPlugin } from './plugin'; // exporting these since its required at top level in siem plugin export { ListClient } from './services/lists/list_client'; +export { ExceptionListClient } from './services/exception_lists/exception_list_client'; export { ListPluginSetup } from './types'; export const config = { schema: ConfigSchema }; diff --git a/x-pack/plugins/lists/server/saved_objects/exception_list.ts b/x-pack/plugins/lists/server/saved_objects/exception_list.ts index 10f9b1f4383f5..57bc63e6f7e35 100644 --- a/x-pack/plugins/lists/server/saved_objects/exception_list.ts +++ b/x-pack/plugins/lists/server/saved_objects/exception_list.ts @@ -105,6 +105,16 @@ export const exceptionListItemMapping: SavedObjectsType['mappings'] = { field: { type: 'keyword', }, + list: { + properties: { + id: { + type: 'keyword', + }, + type: { + type: 'keyword', + }, + }, + }, operator: { type: 'keyword', }, diff --git a/x-pack/plugins/lists/server/scripts/exception_lists/new/exception_list_item_with_list.json b/x-pack/plugins/lists/server/scripts/exception_lists/new/exception_list_item_with_list.json new file mode 100644 index 0000000000000..e1dab72c1c7f6 --- /dev/null +++ b/x-pack/plugins/lists/server/scripts/exception_lists/new/exception_list_item_with_list.json @@ -0,0 +1,24 @@ +{ + "list_id": "endpoint_list", + "item_id": "endpoint_list_item_lg_val_list", + "_tags": ["endpoint", "process", "malware", "os:windows"], + "tags": ["user added string for a tag", "malware"], + "type": "simple", + "description": "This is a sample exception list item with a large value list included", + "name": "Sample Endpoint Exception List Item with large value list", + "comments": [], + "entries": [ + { + "field": "event.module", + "operator": "excluded", + "type": "match_any", + "value": ["zeek"] + }, + { + "field": "source.ip", + "operator": "excluded", + "type": "list", + "list": { "id": "list-ip", "type": "ip" } + } + ] +} diff --git a/x-pack/plugins/lists/server/scripts/lists/new/list_ip_item.json b/x-pack/plugins/lists/server/scripts/lists/new/list_ip_item.json index 1516fa5057e50..1ece2268f3cf6 100644 --- a/x-pack/plugins/lists/server/scripts/lists/new/list_ip_item.json +++ b/x-pack/plugins/lists/server/scripts/lists/new/list_ip_item.json @@ -1,5 +1,5 @@ { "id": "hand_inserted_item_id", "list_id": "list-ip", - "value": "127.0.0.1" + "value": "10.4.2.140" } diff --git a/x-pack/plugins/maps/common/constants.ts b/x-pack/plugins/maps/common/constants.ts index 1d795c370dc00..f7374ba91f8fe 100644 --- a/x-pack/plugins/maps/common/constants.ts +++ b/x-pack/plugins/maps/common/constants.ts @@ -25,16 +25,18 @@ export const EMS_TILES_VECTOR_TILE_PATH = 'vector/tile'; export const MAP_SAVED_OBJECT_TYPE = 'map'; export const APP_ID = 'maps'; export const APP_ICON = 'gisApp'; -export const TELEMETRY_TYPE = APP_ID; -export const MAP_APP_PATH = `app/${APP_ID}`; +export const MAPS_APP_PATH = `app/${APP_ID}`; +export const MAP_PATH = 'map'; export const GIS_API_PATH = `api/${APP_ID}`; export const INDEX_SETTINGS_API_PATH = `${GIS_API_PATH}/indexSettings`; export const FONTS_API_PATH = `${GIS_API_PATH}/fonts`; -export const MAP_BASE_URL = `/${MAP_APP_PATH}/${MAP_SAVED_OBJECT_TYPE}`; - -export function createMapPath(id: string) { +const MAP_BASE_URL = `/${MAPS_APP_PATH}/${MAP_PATH}`; +export function getNewMapPath() { + return MAP_BASE_URL; +} +export function getExistingMapPath(id: string) { return `${MAP_BASE_URL}/${id}`; } @@ -233,3 +235,15 @@ export enum LAYER_WIZARD_CATEGORY { REFERENCE = 'REFERENCE', SOLUTIONS = 'SOLUTIONS', } + +export enum VECTOR_SHAPE_TYPE { + POINT = 'POINT', + LINE = 'LINE', + POLYGON = 'POLYGON', +} + +// https://docs.mapbox.com/mapbox-gl-js/style-spec/expressions/#data-expressions +export enum MB_LOOKUP_FUNCTION { + GET = 'get', + FEATURE_STATE = 'feature-state', +} diff --git a/x-pack/plugins/maps/public/classes/sources/ems_file_source/ems_file_source.tsx b/x-pack/plugins/maps/public/classes/sources/ems_file_source/ems_file_source.tsx index f7fb0078764c4..f55a7434d1217 100644 --- a/x-pack/plugins/maps/public/classes/sources/ems_file_source/ems_file_source.tsx +++ b/x-pack/plugins/maps/public/classes/sources/ems_file_source/ems_file_source.tsx @@ -11,8 +11,7 @@ import { Adapters } from 'src/plugins/inspector/public'; import { FileLayer } from '@elastic/ems-client'; import { Attribution, ImmutableSourceProperty, SourceEditorArgs } from '../source'; import { AbstractVectorSource, GeoJsonWithMeta, IVectorSource } from '../vector_source'; -import { VECTOR_SHAPE_TYPES } from '../vector_feature_types'; -import { SOURCE_TYPES, FIELD_ORIGIN } from '../../../../common/constants'; +import { SOURCE_TYPES, FIELD_ORIGIN, VECTOR_SHAPE_TYPE } from '../../../../common/constants'; import { getEmsFileLayers } from '../../../meta'; import { getDataSourceLabel } from '../../../../common/i18n_getters'; import { UpdateSourceEditor } from './update_source_editor'; @@ -179,8 +178,8 @@ export class EMSFileSource extends AbstractVectorSource implements IEmsFileSourc return Promise.all(promises); } - async getSupportedShapeTypes(): Promise { - return [VECTOR_SHAPE_TYPES.POLYGON]; + async getSupportedShapeTypes(): Promise { + return [VECTOR_SHAPE_TYPE.POLYGON]; } } diff --git a/x-pack/plugins/maps/public/classes/sources/es_geo_grid_source/es_geo_grid_source.js b/x-pack/plugins/maps/public/classes/sources/es_geo_grid_source/es_geo_grid_source.js index c05c1f2dd7c1e..b613f577067ba 100644 --- a/x-pack/plugins/maps/public/classes/sources/es_geo_grid_source/es_geo_grid_source.js +++ b/x-pack/plugins/maps/public/classes/sources/es_geo_grid_source/es_geo_grid_source.js @@ -7,7 +7,6 @@ import React from 'react'; import uuid from 'uuid/v4'; -import { VECTOR_SHAPE_TYPES } from '../vector_feature_types'; import { convertCompositeRespToGeoJson, convertRegularRespToGeoJson } from './convert_to_geojson'; import { UpdateSourceEditor } from './update_source_editor'; import { @@ -15,6 +14,7 @@ import { DEFAULT_MAX_BUCKETS_LIMIT, RENDER_AS, GRID_RESOLUTION, + VECTOR_SHAPE_TYPE, } from '../../../../common/constants'; import { i18n } from '@kbn/i18n'; import { getDataSourceLabel } from '../../../../common/i18n_getters'; @@ -326,10 +326,10 @@ export class ESGeoGridSource extends AbstractESAggSource { async getSupportedShapeTypes() { if (this._descriptor.requestType === RENDER_AS.GRID) { - return [VECTOR_SHAPE_TYPES.POLYGON]; + return [VECTOR_SHAPE_TYPE.POLYGON]; } - return [VECTOR_SHAPE_TYPES.POINT]; + return [VECTOR_SHAPE_TYPE.POINT]; } } diff --git a/x-pack/plugins/maps/public/classes/sources/es_pew_pew_source/es_pew_pew_source.js b/x-pack/plugins/maps/public/classes/sources/es_pew_pew_source/es_pew_pew_source.js index fda73bc0f73a0..076e7a758a4fb 100644 --- a/x-pack/plugins/maps/public/classes/sources/es_pew_pew_source/es_pew_pew_source.js +++ b/x-pack/plugins/maps/public/classes/sources/es_pew_pew_source/es_pew_pew_source.js @@ -7,10 +7,9 @@ import React from 'react'; import uuid from 'uuid/v4'; -import { VECTOR_SHAPE_TYPES } from '../vector_feature_types'; import { UpdateSourceEditor } from './update_source_editor'; import { i18n } from '@kbn/i18n'; -import { SOURCE_TYPES } from '../../../../common/constants'; +import { SOURCE_TYPES, VECTOR_SHAPE_TYPE } from '../../../../common/constants'; import { getDataSourceLabel } from '../../../../common/i18n_getters'; import { convertToLines } from './convert_to_lines'; import { AbstractESAggSource } from '../es_agg_source'; @@ -61,7 +60,7 @@ export class ESPewPewSource extends AbstractESAggSource { } async getSupportedShapeTypes() { - return [VECTOR_SHAPE_TYPES.LINE]; + return [VECTOR_SHAPE_TYPE.LINE]; } async getImmutableProperties() { diff --git a/x-pack/plugins/maps/public/classes/sources/es_search_source/es_search_source.js b/x-pack/plugins/maps/public/classes/sources/es_search_source/es_search_source.js index 51dd57ffad0d1..c8f14f1dc6a4b 100644 --- a/x-pack/plugins/maps/public/classes/sources/es_search_source/es_search_source.js +++ b/x-pack/plugins/maps/public/classes/sources/es_search_source/es_search_source.js @@ -7,7 +7,6 @@ import _ from 'lodash'; import React from 'react'; -import { VECTOR_SHAPE_TYPES } from '../vector_feature_types'; import { AbstractESSource } from '../es_source'; import { getSearchService } from '../../../kibana_services'; import { hitsToGeoJson } from '../../../elasticsearch_geo_utils'; @@ -18,6 +17,7 @@ import { DEFAULT_MAX_BUCKETS_LIMIT, SORT_ORDER, SCALING_TYPES, + VECTOR_SHAPE_TYPE, } from '../../../../common/constants'; import { i18n } from '@kbn/i18n'; import { getDataSourceLabel } from '../../../../common/i18n_getters'; @@ -471,10 +471,10 @@ export class ESSearchSource extends AbstractESSource { } if (geoFieldType === ES_GEO_FIELD_TYPE.GEO_POINT) { - return [VECTOR_SHAPE_TYPES.POINT]; + return [VECTOR_SHAPE_TYPE.POINT]; } - return [VECTOR_SHAPE_TYPES.POINT, VECTOR_SHAPE_TYPES.LINE, VECTOR_SHAPE_TYPES.POLYGON]; + return [VECTOR_SHAPE_TYPE.POINT, VECTOR_SHAPE_TYPE.LINE, VECTOR_SHAPE_TYPE.POLYGON]; } getSourceTooltipContent(sourceDataRequest) { diff --git a/x-pack/plugins/maps/public/classes/sources/mvt_single_layer_vector_source/mvt_single_layer_vector_source.ts b/x-pack/plugins/maps/public/classes/sources/mvt_single_layer_vector_source/mvt_single_layer_vector_source.ts index 86a1589a7a030..03b91df22d3ca 100644 --- a/x-pack/plugins/maps/public/classes/sources/mvt_single_layer_vector_source/mvt_single_layer_vector_source.ts +++ b/x-pack/plugins/maps/public/classes/sources/mvt_single_layer_vector_source/mvt_single_layer_vector_source.ts @@ -8,8 +8,7 @@ import { i18n } from '@kbn/i18n'; import uuid from 'uuid/v4'; import { AbstractSource, ImmutableSourceProperty } from '../source'; import { BoundsFilters, GeoJsonWithMeta, ITiledSingleLayerVectorSource } from '../vector_source'; -import { MAX_ZOOM, MIN_ZOOM, SOURCE_TYPES } from '../../../../common/constants'; -import { VECTOR_SHAPE_TYPES } from '../vector_feature_types'; +import { MAX_ZOOM, MIN_ZOOM, SOURCE_TYPES, VECTOR_SHAPE_TYPE } from '../../../../common/constants'; import { IField } from '../../fields/field'; import { registerSource } from '../source_registry'; import { getDataSourceLabel, getUrlLabel } from '../../../../common/i18n_getters'; @@ -116,8 +115,8 @@ export class MVTSingleLayerVectorSource extends AbstractSource }; } - async getSupportedShapeTypes(): Promise { - return [VECTOR_SHAPE_TYPES.POINT, VECTOR_SHAPE_TYPES.LINE, VECTOR_SHAPE_TYPES.POLYGON]; + async getSupportedShapeTypes(): Promise { + return [VECTOR_SHAPE_TYPE.POINT, VECTOR_SHAPE_TYPE.LINE, VECTOR_SHAPE_TYPE.POLYGON]; } canFormatFeatureProperties() { diff --git a/x-pack/plugins/maps/public/classes/sources/vector_source/vector_source.d.ts b/x-pack/plugins/maps/public/classes/sources/vector_source/vector_source.d.ts index 711b7d600d74d..99a7478cd8362 100644 --- a/x-pack/plugins/maps/public/classes/sources/vector_source/vector_source.d.ts +++ b/x-pack/plugins/maps/public/classes/sources/vector_source/vector_source.d.ts @@ -16,7 +16,7 @@ import { VectorSourceRequestMeta, VectorSourceSyncMeta, } from '../../../../common/descriptor_types'; -import { VECTOR_SHAPE_TYPES } from '../vector_feature_types'; +import { VECTOR_SHAPE_TYPE } from '../../../../common/constants'; import { ITooltipProperty } from '../../tooltips/tooltip_property'; export type GeoJsonFetchMeta = ESSearchSourceResponseMeta; @@ -68,7 +68,7 @@ export class AbstractVectorSource extends AbstractSource implements IVectorSourc getFields(): Promise; getFieldByName(fieldName: string): IField | null; getSyncMeta(): VectorSourceSyncMeta; - getSupportedShapeTypes(): Promise; + getSupportedShapeTypes(): Promise; canFormatFeatureProperties(): boolean; getApplyGlobalQuery(): boolean; getFieldNames(): string[]; diff --git a/x-pack/plugins/maps/public/classes/sources/vector_source/vector_source.js b/x-pack/plugins/maps/public/classes/sources/vector_source/vector_source.js index ccf6c7963c9b4..ecb13bb875721 100644 --- a/x-pack/plugins/maps/public/classes/sources/vector_source/vector_source.js +++ b/x-pack/plugins/maps/public/classes/sources/vector_source/vector_source.js @@ -9,7 +9,7 @@ import { AbstractSource } from './../source'; import * as topojson from 'topojson-client'; import _ from 'lodash'; import { i18n } from '@kbn/i18n'; -import { VECTOR_SHAPE_TYPES } from './../vector_feature_types'; +import { VECTOR_SHAPE_TYPE } from '../../../../common/constants'; export class AbstractVectorSource extends AbstractSource { static async getGeoJson({ format, featureCollectionPath, fetchUrl }) { @@ -127,7 +127,7 @@ export class AbstractVectorSource extends AbstractSource { } async getSupportedShapeTypes() { - return [VECTOR_SHAPE_TYPES.POINT, VECTOR_SHAPE_TYPES.LINE, VECTOR_SHAPE_TYPES.POLYGON]; + return [VECTOR_SHAPE_TYPE.POINT, VECTOR_SHAPE_TYPE.LINE, VECTOR_SHAPE_TYPE.POLYGON]; } getSourceTooltipContent(/* sourceDataRequest */) { diff --git a/x-pack/plugins/maps/public/classes/styles/vector/components/vector_style_editor.js b/x-pack/plugins/maps/public/classes/styles/vector/components/vector_style_editor.js index 3424a972fed06..7856a4ddaff39 100644 --- a/x-pack/plugins/maps/public/classes/styles/vector/components/vector_style_editor.js +++ b/x-pack/plugins/maps/public/classes/styles/vector/components/vector_style_editor.js @@ -16,7 +16,6 @@ import { VectorStyleLabelBorderSizeEditor } from './label/vector_style_label_bor import { OrientationEditor } from './orientation/orientation_editor'; import { getDefaultDynamicProperties, getDefaultStaticProperties } from '../vector_style_defaults'; import { DEFAULT_FILL_COLORS, DEFAULT_LINE_COLORS } from '../../color_utils'; -import { VECTOR_SHAPE_TYPES } from '../../../sources/vector_feature_types'; import { i18n } from '@kbn/i18n'; import { EuiSpacer, EuiButtonGroup, EuiFormRow, EuiSwitch } from '@elastic/eui'; @@ -26,6 +25,7 @@ import { LABEL_BORDER_SIZES, VECTOR_STYLES, STYLE_TYPE, + VECTOR_SHAPE_TYPE, } from '../../../../../common/constants'; export class VectorStyleEditor extends Component { @@ -96,11 +96,11 @@ export class VectorStyleEditor extends Component { } if (this.state.selectedFeature === null) { - let selectedFeature = VECTOR_SHAPE_TYPES.POLYGON; + let selectedFeature = VECTOR_SHAPE_TYPE.POLYGON; if (this.props.isPointsOnly) { - selectedFeature = VECTOR_SHAPE_TYPES.POINT; + selectedFeature = VECTOR_SHAPE_TYPE.POINT; } else if (this.props.isLinesOnly) { - selectedFeature = VECTOR_SHAPE_TYPES.LINE; + selectedFeature = VECTOR_SHAPE_TYPE.LINE; } this.setState({ selectedFeature: selectedFeature, @@ -414,30 +414,30 @@ export class VectorStyleEditor extends Component { if (supportedFeatures.length === 1) { switch (supportedFeatures[0]) { - case VECTOR_SHAPE_TYPES.POINT: + case VECTOR_SHAPE_TYPE.POINT: return this._renderPointProperties(); - case VECTOR_SHAPE_TYPES.LINE: + case VECTOR_SHAPE_TYPE.LINE: return this._renderLineProperties(); - case VECTOR_SHAPE_TYPES.POLYGON: + case VECTOR_SHAPE_TYPE.POLYGON: return this._renderPolygonProperties(); } } const featureButtons = [ { - id: VECTOR_SHAPE_TYPES.POINT, + id: VECTOR_SHAPE_TYPE.POINT, label: i18n.translate('xpack.maps.vectorStyleEditor.pointLabel', { defaultMessage: 'Points', }), }, { - id: VECTOR_SHAPE_TYPES.LINE, + id: VECTOR_SHAPE_TYPE.LINE, label: i18n.translate('xpack.maps.vectorStyleEditor.lineLabel', { defaultMessage: 'Lines', }), }, { - id: VECTOR_SHAPE_TYPES.POLYGON, + id: VECTOR_SHAPE_TYPE.POLYGON, label: i18n.translate('xpack.maps.vectorStyleEditor.polygonLabel', { defaultMessage: 'Polygons', }), @@ -445,9 +445,9 @@ export class VectorStyleEditor extends Component { ]; let styleProperties = this._renderPolygonProperties(); - if (selectedFeature === VECTOR_SHAPE_TYPES.LINE) { + if (selectedFeature === VECTOR_SHAPE_TYPE.LINE) { styleProperties = this._renderLineProperties(); - } else if (selectedFeature === VECTOR_SHAPE_TYPES.POINT) { + } else if (selectedFeature === VECTOR_SHAPE_TYPE.POINT) { styleProperties = this._renderPointProperties(); } diff --git a/x-pack/plugins/maps/public/classes/styles/vector/properties/__snapshots__/dynamic_icon_property.test.tsx.snap b/x-pack/plugins/maps/public/classes/styles/vector/properties/__snapshots__/dynamic_icon_property.test.tsx.snap index b4843324a0def..631a6117a111d 100644 --- a/x-pack/plugins/maps/public/classes/styles/vector/properties/__snapshots__/dynamic_icon_property.test.tsx.snap +++ b/x-pack/plugins/maps/public/classes/styles/vector/properties/__snapshots__/dynamic_icon_property.test.tsx.snap @@ -1,6 +1,6 @@ // Jest Snapshot v1, https://goo.gl/fbAQLP -exports[`Should render categorical legend with breaks 1`] = ` +exports[`renderLegendDetailRow Should render categorical legend with breaks 1`] = `
+ + + Other + + } + styleName="icon" + symbolId="square" + /> +
`; diff --git a/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_color_property.js b/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_color_property.js index 4c02dee762e9d..556bb2b79e836 100644 --- a/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_color_property.js +++ b/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_color_property.js @@ -13,7 +13,7 @@ import { GRADIENT_INTERVALS, } from '../../color_utils'; import React from 'react'; -import { COLOR_MAP_TYPE } from '../../../../../common/constants'; +import { COLOR_MAP_TYPE, MB_LOOKUP_FUNCTION } from '../../../../../common/constants'; import { isCategoricalStopsInvalid, getOtherCategoryLabel, @@ -152,7 +152,7 @@ export class DynamicColorProperty extends DynamicStyleProperty { makeMbClampedNumberExpression({ minValue: rangeFieldMeta.min, maxValue: rangeFieldMeta.max, - lookupFunction: 'feature-state', + lookupFunction: MB_LOOKUP_FUNCTION.FEATURE_STATE, fallback: lessThanFirstStopValue, fieldName: targetName, }), diff --git a/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_icon_property.js b/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_icon_property.js index c7620512710dc..665317569e5e8 100644 --- a/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_icon_property.js +++ b/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_icon_property.js @@ -23,7 +23,7 @@ export class DynamicIconProperty extends DynamicStyleProperty { getNumberOfCategories() { const palette = getIconPalette(this._options.iconPaletteId); - return palette ? palette.length : 0; + return palette.length; } syncIconWithMb(symbolLayerId, mbMap, iconPixelSize) { diff --git a/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_icon_property.test.tsx b/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_icon_property.test.tsx index 505c08ac35ba7..132c0b3f27603 100644 --- a/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_icon_property.test.tsx +++ b/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_icon_property.test.tsx @@ -34,8 +34,8 @@ const makeProperty = (options: Partial, field: IField = mock ); }; -describe('DynamicIconProperty', () => { - it('should derive category number from palettes', async () => { +describe('getNumberOfCategories', () => { + test('should derive category number from palettes', async () => { const filled = makeProperty({ iconPaletteId: 'filledShapes', }); @@ -47,15 +47,53 @@ describe('DynamicIconProperty', () => { }); }); -test('Should render categorical legend with breaks', async () => { - const iconStyle = makeProperty({ - iconPaletteId: 'filledShapes', +describe('renderLegendDetailRow', () => { + test('Should render categorical legend with breaks', async () => { + const iconStyle = makeProperty({ + iconPaletteId: 'filledShapes', + }); + + const legendRow = iconStyle.renderLegendDetailRow({ isPointsOnly: true, isLinesOnly: false }); + const component = shallow(legendRow); + await new Promise((resolve) => process.nextTick(resolve)); + component.update(); + + expect(component).toMatchSnapshot(); }); +}); - const legendRow = iconStyle.renderLegendDetailRow({ isPointsOnly: true, isLinesOnly: false }); - const component = shallow(legendRow); - await new Promise((resolve) => process.nextTick(resolve)); - component.update(); +describe('get mapbox icon-image expression (via internal _getMbIconImageExpression)', () => { + describe('categorical icon palette', () => { + test('should return mapbox expression for pre-defined icon palette', async () => { + const iconStyle = makeProperty({ + iconPaletteId: 'filledShapes', + }); + expect(iconStyle._getMbIconImageExpression(15)).toEqual([ + 'match', + ['to-string', ['get', 'foobar']], + 'US', + 'circle-15', + 'CN', + 'marker-15', + 'square-15', + ]); + }); - expect(component).toMatchSnapshot(); + test('should return mapbox expression for custom icon palette', async () => { + const iconStyle = makeProperty({ + useCustomIconMap: true, + customIconStops: [ + { stop: null, icon: 'circle' }, + { stop: 'MX', icon: 'marker' }, + ], + }); + expect(iconStyle._getMbIconImageExpression(15)).toEqual([ + 'match', + ['to-string', ['get', 'foobar']], + 'MX', + 'marker-15', + 'circle-15', + ]); + }); + }); }); diff --git a/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_size_property.js b/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_size_property.js index a0af2fbb939d8..662d1ccf33b95 100644 --- a/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_size_property.js +++ b/x-pack/plugins/maps/public/classes/styles/vector/properties/dynamic_size_property.js @@ -12,7 +12,7 @@ import { LARGE_MAKI_ICON_SIZE, SMALL_MAKI_ICON_SIZE, } from '../symbol_utils'; -import { VECTOR_STYLES } from '../../../../../common/constants'; +import { MB_LOOKUP_FUNCTION, VECTOR_STYLES } from '../../../../../common/constants'; import _ from 'lodash'; import React from 'react'; @@ -60,7 +60,7 @@ export class DynamicSizeProperty extends DynamicStyleProperty { minValue: rangeFieldMeta.min, maxValue: rangeFieldMeta.max, fallback: 0, - lookupFunction: 'get', + lookupFunction: MB_LOOKUP_FUNCTION.GET, fieldName: targetName, }), rangeFieldMeta.min, @@ -109,7 +109,9 @@ export class DynamicSizeProperty extends DynamicStyleProperty { } _getMbDataDrivenSize({ targetName, minSize, maxSize, minValue, maxValue }) { - const lookup = this.supportsMbFeatureState() ? 'feature-state' : 'get'; + const lookup = this.supportsMbFeatureState() + ? MB_LOOKUP_FUNCTION.FEATURE_STATE + : MB_LOOKUP_FUNCTION.GET; const stops = minValue === maxValue ? [maxValue, maxSize] : [minValue, minSize, maxValue, maxSize]; diff --git a/x-pack/plugins/maps/public/classes/styles/vector/style_util.test.js b/x-pack/plugins/maps/public/classes/styles/vector/style_util.test.ts similarity index 60% rename from x-pack/plugins/maps/public/classes/styles/vector/style_util.test.js rename to x-pack/plugins/maps/public/classes/styles/vector/style_util.test.ts index eb4c6708fb2dd..6c1f060383d05 100644 --- a/x-pack/plugins/maps/public/classes/styles/vector/style_util.test.js +++ b/x-pack/plugins/maps/public/classes/styles/vector/style_util.test.ts @@ -5,58 +5,67 @@ */ import { isOnlySingleFeatureType, assignCategoriesToPalette, dynamicRound } from './style_util'; -import { VECTOR_SHAPE_TYPES } from '../../sources/vector_feature_types'; +import { VECTOR_SHAPE_TYPE } from '../../../../common/constants'; describe('isOnlySingleFeatureType', () => { describe('source supports single feature type', () => { - const supportedFeatures = [VECTOR_SHAPE_TYPES.POINT]; + const supportedFeatures = [VECTOR_SHAPE_TYPE.POINT]; + const hasFeatureType = { + [VECTOR_SHAPE_TYPE.POINT]: false, + [VECTOR_SHAPE_TYPE.LINE]: false, + [VECTOR_SHAPE_TYPE.POLYGON]: false, + }; test('Is only single feature type when only supported feature type is target feature type', () => { - expect(isOnlySingleFeatureType(VECTOR_SHAPE_TYPES.POINT, supportedFeatures)).toBe(true); + expect( + isOnlySingleFeatureType(VECTOR_SHAPE_TYPE.POINT, supportedFeatures, hasFeatureType) + ).toBe(true); }); test('Is not single feature type when only supported feature type is not target feature type', () => { - expect(isOnlySingleFeatureType(VECTOR_SHAPE_TYPES.LINE, supportedFeatures)).toBe(false); + expect( + isOnlySingleFeatureType(VECTOR_SHAPE_TYPE.LINE, supportedFeatures, hasFeatureType) + ).toBe(false); }); }); describe('source supports multiple feature types', () => { const supportedFeatures = [ - VECTOR_SHAPE_TYPES.POINT, - VECTOR_SHAPE_TYPES.LINE, - VECTOR_SHAPE_TYPES.POLYGON, + VECTOR_SHAPE_TYPE.POINT, + VECTOR_SHAPE_TYPE.LINE, + VECTOR_SHAPE_TYPE.POLYGON, ]; test('Is only single feature type when data only has target feature type', () => { const hasFeatureType = { - [VECTOR_SHAPE_TYPES.POINT]: true, - [VECTOR_SHAPE_TYPES.LINE]: false, - [VECTOR_SHAPE_TYPES.POLYGON]: false, + [VECTOR_SHAPE_TYPE.POINT]: true, + [VECTOR_SHAPE_TYPE.LINE]: false, + [VECTOR_SHAPE_TYPE.POLYGON]: false, }; expect( - isOnlySingleFeatureType(VECTOR_SHAPE_TYPES.POINT, supportedFeatures, hasFeatureType) + isOnlySingleFeatureType(VECTOR_SHAPE_TYPE.POINT, supportedFeatures, hasFeatureType) ).toBe(true); }); test('Is not single feature type when data has multiple feature types', () => { const hasFeatureType = { - [VECTOR_SHAPE_TYPES.POINT]: true, - [VECTOR_SHAPE_TYPES.LINE]: true, - [VECTOR_SHAPE_TYPES.POLYGON]: true, + [VECTOR_SHAPE_TYPE.POINT]: true, + [VECTOR_SHAPE_TYPE.LINE]: true, + [VECTOR_SHAPE_TYPE.POLYGON]: true, }; expect( - isOnlySingleFeatureType(VECTOR_SHAPE_TYPES.LINE, supportedFeatures, hasFeatureType) + isOnlySingleFeatureType(VECTOR_SHAPE_TYPE.LINE, supportedFeatures, hasFeatureType) ).toBe(false); }); test('Is not single feature type when data does not have target feature types', () => { const hasFeatureType = { - [VECTOR_SHAPE_TYPES.POINT]: false, - [VECTOR_SHAPE_TYPES.LINE]: true, - [VECTOR_SHAPE_TYPES.POLYGON]: false, + [VECTOR_SHAPE_TYPE.POINT]: false, + [VECTOR_SHAPE_TYPE.LINE]: true, + [VECTOR_SHAPE_TYPE.POLYGON]: false, }; expect( - isOnlySingleFeatureType(VECTOR_SHAPE_TYPES.POINT, supportedFeatures, hasFeatureType) + isOnlySingleFeatureType(VECTOR_SHAPE_TYPE.POINT, supportedFeatures, hasFeatureType) ).toBe(false); }); }); @@ -64,7 +73,12 @@ describe('isOnlySingleFeatureType', () => { describe('assignCategoriesToPalette', () => { test('Categories and palette values have same length', () => { - const categories = [{ key: 'alpah' }, { key: 'bravo' }, { key: 'charlie' }, { key: 'delta' }]; + const categories = [ + { key: 'alpah', count: 1 }, + { key: 'bravo', count: 1 }, + { key: 'charlie', count: 1 }, + { key: 'delta', count: 1 }, + ]; const paletteValues = ['red', 'orange', 'yellow', 'green']; expect(assignCategoriesToPalette({ categories, paletteValues })).toEqual({ stops: [ @@ -72,31 +86,39 @@ describe('assignCategoriesToPalette', () => { { stop: 'bravo', style: 'orange' }, { stop: 'charlie', style: 'yellow' }, ], - fallback: 'green', + fallbackSymbolId: 'green', }); }); test('Should More categories than palette values', () => { - const categories = [{ key: 'alpah' }, { key: 'bravo' }, { key: 'charlie' }, { key: 'delta' }]; + const categories = [ + { key: 'alpah', count: 1 }, + { key: 'bravo', count: 1 }, + { key: 'charlie', count: 1 }, + { key: 'delta', count: 1 }, + ]; const paletteValues = ['red', 'orange', 'yellow']; expect(assignCategoriesToPalette({ categories, paletteValues })).toEqual({ stops: [ { stop: 'alpah', style: 'red' }, { stop: 'bravo', style: 'orange' }, ], - fallback: 'yellow', + fallbackSymbolId: 'yellow', }); }); test('Less categories than palette values', () => { - const categories = [{ key: 'alpah' }, { key: 'bravo' }]; + const categories = [ + { key: 'alpah', count: 1 }, + { key: 'bravo', count: 1 }, + ]; const paletteValues = ['red', 'orange', 'yellow', 'green', 'blue']; expect(assignCategoriesToPalette({ categories, paletteValues })).toEqual({ stops: [ { stop: 'alpah', style: 'red' }, { stop: 'bravo', style: 'orange' }, ], - fallback: 'yellow', + fallbackSymbolId: 'yellow', }); }); }); diff --git a/x-pack/plugins/maps/public/classes/styles/vector/style_util.js b/x-pack/plugins/maps/public/classes/styles/vector/style_util.ts similarity index 57% rename from x-pack/plugins/maps/public/classes/styles/vector/style_util.js rename to x-pack/plugins/maps/public/classes/styles/vector/style_util.ts index 3b62dcb27dced..d190a62e6f300 100644 --- a/x-pack/plugins/maps/public/classes/styles/vector/style_util.js +++ b/x-pack/plugins/maps/public/classes/styles/vector/style_util.ts @@ -5,6 +5,8 @@ */ import { i18n } from '@kbn/i18n'; +import { MB_LOOKUP_FUNCTION, VECTOR_SHAPE_TYPE } from '../../../../common/constants'; +import { Category } from '../../../../common/descriptor_types'; export function getOtherCategoryLabel() { return i18n.translate('xpack.maps.styles.categorical.otherCategoryLabel', { @@ -12,29 +14,32 @@ export function getOtherCategoryLabel() { }); } -export function getComputedFieldName(styleName, fieldName) { +export function getComputedFieldName(styleName: string, fieldName: string) { return `${getComputedFieldNamePrefix(fieldName)}__${styleName}`; } -export function getComputedFieldNamePrefix(fieldName) { +export function getComputedFieldNamePrefix(fieldName: string) { return `__kbn__dynamic__${fieldName}`; } -export function isOnlySingleFeatureType(featureType, supportedFeatures, hasFeatureType) { +export function isOnlySingleFeatureType( + featureType: VECTOR_SHAPE_TYPE, + supportedFeatures: VECTOR_SHAPE_TYPE[], + hasFeatureType: { [key in keyof typeof VECTOR_SHAPE_TYPE]: boolean } +): boolean { if (supportedFeatures.length === 1) { return supportedFeatures[0] === featureType; } const featureTypes = Object.keys(hasFeatureType); - return featureTypes.reduce((isOnlyTargetFeatureType, featureTypeKey) => { + // @ts-expect-error + return featureTypes.reduce((accumulator: boolean, featureTypeKey: VECTOR_SHAPE_TYPE) => { const hasFeature = hasFeatureType[featureTypeKey]; - return featureTypeKey === featureType - ? isOnlyTargetFeatureType && hasFeature - : isOnlyTargetFeatureType && !hasFeature; + return featureTypeKey === featureType ? accumulator && hasFeature : accumulator && !hasFeature; }, true); } -export function dynamicRound(value) { +export function dynamicRound(value: number | string) { if (typeof value !== 'number') { return value; } @@ -49,13 +54,19 @@ export function dynamicRound(value) { return precision === 0 ? Math.round(value) : parseFloat(value.toFixed(precision + 1)); } -export function assignCategoriesToPalette({ categories, paletteValues }) { +export function assignCategoriesToPalette({ + categories, + paletteValues, +}: { + categories: Category[]; + paletteValues: string[]; +}) { const stops = []; - let fallback = null; + let fallbackSymbolId = null; - if (categories && categories.length && paletteValues && paletteValues.length) { + if (categories.length && paletteValues.length) { const maxLength = Math.min(paletteValues.length, categories.length + 1); - fallback = paletteValues[maxLength - 1]; + fallbackSymbolId = paletteValues[maxLength - 1]; for (let i = 0; i < maxLength - 1; i++) { stops.push({ stop: categories[i].key, @@ -66,7 +77,7 @@ export function assignCategoriesToPalette({ categories, paletteValues }) { return { stops, - fallback, + fallbackSymbolId, }; } @@ -76,6 +87,12 @@ export function makeMbClampedNumberExpression({ minValue, maxValue, fallback, +}: { + lookupFunction: MB_LOOKUP_FUNCTION; + fieldName: string; + minValue: number; + maxValue: number; + fallback: number; }) { const clamp = ['max', ['min', ['to-number', [lookupFunction, fieldName]], maxValue], minValue]; return [ @@ -83,7 +100,7 @@ export function makeMbClampedNumberExpression({ [ 'case', ['==', [lookupFunction, fieldName], null], - minValue - 1, //== does a JS-y like check where returns true for null and undefined + minValue - 1, // == does a JS-y like check where returns true for null and undefined clamp, ], fallback, diff --git a/x-pack/plugins/maps/public/classes/styles/vector/symbol_utils.js b/x-pack/plugins/maps/public/classes/styles/vector/symbol_utils.js index 1672af8eccff8..04df9d73d75cd 100644 --- a/x-pack/plugins/maps/public/classes/styles/vector/symbol_utils.js +++ b/x-pack/plugins/maps/public/classes/styles/vector/symbol_utils.js @@ -140,5 +140,5 @@ export function getIconPaletteOptions(isDarkMode) { export function getIconPalette(paletteId) { const palette = ICON_PALETTES.find(({ id }) => id === paletteId); - return palette ? [...palette.icons] : null; + return palette ? [...palette.icons] : []; } diff --git a/x-pack/plugins/maps/public/classes/styles/vector/vector_style.js b/x-pack/plugins/maps/public/classes/styles/vector/vector_style.js index 989ac268c0552..04a5381fa2592 100644 --- a/x-pack/plugins/maps/public/classes/styles/vector/vector_style.js +++ b/x-pack/plugins/maps/public/classes/styles/vector/vector_style.js @@ -16,12 +16,12 @@ import { SOURCE_FORMATTERS_DATA_REQUEST_ID, LAYER_STYLE_TYPE, DEFAULT_ICON, + VECTOR_SHAPE_TYPE, VECTOR_STYLES, } from '../../../../common/constants'; import { StyleMeta } from './style_meta'; import { VectorIcon } from './components/legend/vector_icon'; import { VectorStyleLegend } from './components/legend/vector_style_legend'; -import { VECTOR_SHAPE_TYPES } from '../../sources/vector_feature_types'; import { getComputedFieldName, isOnlySingleFeatureType } from './style_util'; import { StaticStyleProperty } from './properties/static_style_property'; import { DynamicStyleProperty } from './properties/dynamic_style_property'; @@ -249,24 +249,24 @@ export class VectorStyle extends AbstractStyle { const supportedFeatures = await this._source.getSupportedShapeTypes(); const hasFeatureType = { - [VECTOR_SHAPE_TYPES.POINT]: false, - [VECTOR_SHAPE_TYPES.LINE]: false, - [VECTOR_SHAPE_TYPES.POLYGON]: false, + [VECTOR_SHAPE_TYPE.POINT]: false, + [VECTOR_SHAPE_TYPE.LINE]: false, + [VECTOR_SHAPE_TYPE.POLYGON]: false, }; if (supportedFeatures.length > 1) { for (let i = 0; i < features.length; i++) { const feature = features[i]; - if (!hasFeatureType[VECTOR_SHAPE_TYPES.POINT] && POINTS.includes(feature.geometry.type)) { - hasFeatureType[VECTOR_SHAPE_TYPES.POINT] = true; + if (!hasFeatureType[VECTOR_SHAPE_TYPE.POINT] && POINTS.includes(feature.geometry.type)) { + hasFeatureType[VECTOR_SHAPE_TYPE.POINT] = true; } - if (!hasFeatureType[VECTOR_SHAPE_TYPES.LINE] && LINES.includes(feature.geometry.type)) { - hasFeatureType[VECTOR_SHAPE_TYPES.LINE] = true; + if (!hasFeatureType[VECTOR_SHAPE_TYPE.LINE] && LINES.includes(feature.geometry.type)) { + hasFeatureType[VECTOR_SHAPE_TYPE.LINE] = true; } if ( - !hasFeatureType[VECTOR_SHAPE_TYPES.POLYGON] && + !hasFeatureType[VECTOR_SHAPE_TYPE.POLYGON] && POLYGONS.includes(feature.geometry.type) ) { - hasFeatureType[VECTOR_SHAPE_TYPES.POLYGON] = true; + hasFeatureType[VECTOR_SHAPE_TYPE.POLYGON] = true; } } } @@ -274,17 +274,17 @@ export class VectorStyle extends AbstractStyle { const styleMeta = { geometryTypes: { isPointsOnly: isOnlySingleFeatureType( - VECTOR_SHAPE_TYPES.POINT, + VECTOR_SHAPE_TYPE.POINT, supportedFeatures, hasFeatureType ), isLinesOnly: isOnlySingleFeatureType( - VECTOR_SHAPE_TYPES.LINE, + VECTOR_SHAPE_TYPE.LINE, supportedFeatures, hasFeatureType ), isPolygonsOnly: isOnlySingleFeatureType( - VECTOR_SHAPE_TYPES.POLYGON, + VECTOR_SHAPE_TYPE.POLYGON, supportedFeatures, hasFeatureType ), diff --git a/x-pack/plugins/maps/public/classes/styles/vector/vector_style.test.js b/x-pack/plugins/maps/public/classes/styles/vector/vector_style.test.js index 426f1d6afa952..a0dc07b8e545b 100644 --- a/x-pack/plugins/maps/public/classes/styles/vector/vector_style.test.js +++ b/x-pack/plugins/maps/public/classes/styles/vector/vector_style.test.js @@ -6,8 +6,7 @@ import { VectorStyle } from './vector_style'; import { DataRequest } from '../../util/data_request'; -import { VECTOR_SHAPE_TYPES } from '../../sources/vector_feature_types'; -import { FIELD_ORIGIN, STYLE_TYPE } from '../../../../common/constants'; +import { FIELD_ORIGIN, STYLE_TYPE, VECTOR_SHAPE_TYPE } from '../../../../common/constants'; jest.mock('../../../kibana_services'); jest.mock('ui/new_platform'); @@ -28,7 +27,7 @@ class MockField { class MockSource { constructor({ supportedShapeTypes } = {}) { - this._supportedShapeTypes = supportedShapeTypes || Object.values(VECTOR_SHAPE_TYPES); + this._supportedShapeTypes = supportedShapeTypes || Object.values(VECTOR_SHAPE_TYPE); } getSupportedShapeTypes() { return this._supportedShapeTypes; diff --git a/x-pack/plugins/maps/public/connected_components/layer_panel/__snapshots__/view.test.js.snap b/x-pack/plugins/maps/public/connected_components/layer_panel/__snapshots__/view.test.js.snap index a9216e4817762..1620e3058be67 100644 --- a/x-pack/plugins/maps/public/connected_components/layer_panel/__snapshots__/view.test.js.snap +++ b/x-pack/plugins/maps/public/connected_components/layer_panel/__snapshots__/view.test.js.snap @@ -32,17 +32,9 @@ exports[`LayerPanel is rendered 1`] = ` - - - + { - dispatch(fitToLayerExtent(layerId)); - }, updateSourceProp: (id, propName, value, newLayerType) => dispatch(updateSourceProp(id, propName, value, newLayerType)), }; diff --git a/x-pack/plugins/maps/public/connected_components/layer_panel/view.js b/x-pack/plugins/maps/public/connected_components/layer_panel/view.js index f34c402a4d417..14252dcfc067d 100644 --- a/x-pack/plugins/maps/public/connected_components/layer_panel/view.js +++ b/x-pack/plugins/maps/public/connected_components/layer_panel/view.js @@ -13,7 +13,7 @@ import { LayerErrors } from './layer_errors'; import { LayerSettings } from './layer_settings'; import { StyleSettings } from './style_settings'; import { - EuiButtonIcon, + EuiIcon, EuiFlexItem, EuiTitle, EuiPanel, @@ -27,7 +27,6 @@ import { } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { FormattedMessage } from '@kbn/i18n/react'; import { KibanaContextProvider } from '../../../../../../src/plugins/kibana_react/public'; import { Storage } from '../../../../../../src/plugins/kibana_utils/public'; @@ -175,18 +174,7 @@ export class LayerPanel extends React.Component { - - - + diff --git a/x-pack/plugins/maps/public/embeddable/map_embeddable_factory.ts b/x-pack/plugins/maps/public/embeddable/map_embeddable_factory.ts index c73225fc4285b..8fb0ecb50b28b 100644 --- a/x-pack/plugins/maps/public/embeddable/map_embeddable_factory.ts +++ b/x-pack/plugins/maps/public/embeddable/map_embeddable_factory.ts @@ -12,7 +12,7 @@ import { IContainer, } from '../../../../../src/plugins/embeddable/public'; import '../index.scss'; -import { createMapPath, MAP_SAVED_OBJECT_TYPE, APP_ICON } from '../../common/constants'; +import { getExistingMapPath, MAP_SAVED_OBJECT_TYPE, APP_ICON } from '../../common/constants'; import { LayerDescriptor } from '../../common/descriptor_types'; import { MapEmbeddableInput } from './types'; import { lazyLoadMapModules } from '../lazy_load_bundle'; @@ -113,7 +113,7 @@ export class MapEmbeddableFactory implements EmbeddableFactoryDefinition { { layerList, title: savedMap.title, - editUrl: getHttp().basePath.prepend(createMapPath(savedObjectId)), + editUrl: getHttp().basePath.prepend(getExistingMapPath(savedObjectId)), indexPatterns, editable: await this.isEditable(), settings, diff --git a/x-pack/plugins/maps/public/maps_vis_type_alias.js b/x-pack/plugins/maps/public/maps_vis_type_alias.js index cb7b3db17eab5..d90674f0f7725 100644 --- a/x-pack/plugins/maps/public/maps_vis_type_alias.js +++ b/x-pack/plugins/maps/public/maps_vis_type_alias.js @@ -5,7 +5,7 @@ */ import { i18n } from '@kbn/i18n'; -import { APP_ID, APP_ICON, MAP_SAVED_OBJECT_TYPE } from '../common/constants'; +import { APP_ID, APP_ICON, MAP_PATH } from '../common/constants'; import { getShowMapVisualizationTypes, getVisualizations } from './kibana_services'; export function getMapsVisTypeAlias() { @@ -28,7 +28,7 @@ The Maps app offers more functionality and is easier to use.`, return { aliasApp: APP_ID, - aliasPath: `/${MAP_SAVED_OBJECT_TYPE}`, + aliasPath: `/${MAP_PATH}`, name: APP_ID, title: i18n.translate('xpack.maps.visTypeAlias.title', { defaultMessage: 'Maps', diff --git a/x-pack/plugins/maps/public/routing/bootstrap/services/saved_gis_map.js b/x-pack/plugins/maps/public/routing/bootstrap/services/saved_gis_map.js index f24c7be65afa3..f8c783f673bab 100644 --- a/x-pack/plugins/maps/public/routing/bootstrap/services/saved_gis_map.js +++ b/x-pack/plugins/maps/public/routing/bootstrap/services/saved_gis_map.js @@ -19,7 +19,7 @@ import { import { getIsLayerTOCOpen, getOpenTOCDetails } from '../../../selectors/ui_selectors'; import { copyPersistentState } from '../../../reducers/util'; import { extractReferences, injectReferences } from '../../../../common/migrations/references'; -import { MAP_BASE_URL, MAP_SAVED_OBJECT_TYPE } from '../../../../common/constants'; +import { getExistingMapPath, MAP_SAVED_OBJECT_TYPE } from '../../../../common/constants'; import { getStore } from '../../store_operations'; export function createSavedGisMapClass(services) { @@ -76,7 +76,7 @@ export function createSavedGisMapClass(services) { } getFullPath() { - return `${MAP_BASE_URL}/${this.id}`; + return getExistingMapPath(this.id); } getLayerList() { diff --git a/x-pack/plugins/maps/public/routing/page_elements/breadcrumbs.js b/x-pack/plugins/maps/public/routing/page_elements/breadcrumbs.js index 36a355719d945..de2ee42b49171 100644 --- a/x-pack/plugins/maps/public/routing/page_elements/breadcrumbs.js +++ b/x-pack/plugins/maps/public/routing/page_elements/breadcrumbs.js @@ -6,7 +6,7 @@ import { i18n } from '@kbn/i18n'; import { getCoreChrome } from '../../kibana_services'; -import { MAP_SAVED_OBJECT_TYPE } from '../../../common/constants'; +import { MAP_PATH } from '../../../common/constants'; import _ from 'lodash'; import { getLayerListRaw } from '../../selectors/map_selectors'; import { copyPersistentState } from '../../reducers/util'; @@ -31,7 +31,7 @@ function hasUnsavedChanges(savedMap, initialLayerListConfig) { } export const updateBreadcrumbs = (savedMap, initialLayerListConfig, currentPath = '') => { - const isOnMapNow = currentPath.startsWith(`/${MAP_SAVED_OBJECT_TYPE}`); + const isOnMapNow = currentPath.startsWith(`/${MAP_PATH}`); const breadCrumbs = isOnMapNow ? [ { diff --git a/x-pack/plugins/maps/server/maps_telemetry/collectors/register.ts b/x-pack/plugins/maps/server/maps_telemetry/collectors/register.ts index 383d7773663c6..f54776f5ab629 100644 --- a/x-pack/plugins/maps/server/maps_telemetry/collectors/register.ts +++ b/x-pack/plugins/maps/server/maps_telemetry/collectors/register.ts @@ -6,8 +6,6 @@ import { UsageCollectionSetup } from 'src/plugins/usage_collection/server'; import { getMapsTelemetry } from '../maps_telemetry'; -// @ts-ignore -import { TELEMETRY_TYPE } from '../../../common/constants'; import { MapsConfigType } from '../../../config'; export function registerMapsUsageCollector( @@ -19,7 +17,7 @@ export function registerMapsUsageCollector( } const mapsUsageCollector = usageCollection.makeUsageCollector({ - type: TELEMETRY_TYPE, + type: 'maps', isReady: () => true, fetch: async () => await getMapsTelemetry(config), }); diff --git a/x-pack/plugins/maps/server/plugin.ts b/x-pack/plugins/maps/server/plugin.ts index f2331b9a1a960..60f3a9b68202c 100644 --- a/x-pack/plugins/maps/server/plugin.ts +++ b/x-pack/plugins/maps/server/plugin.ts @@ -14,8 +14,8 @@ import { getFlightsSavedObjects } from './sample_data/flights_saved_objects.js'; // @ts-ignore import { getWebLogsSavedObjects } from './sample_data/web_logs_saved_objects.js'; import { registerMapsUsageCollector } from './maps_telemetry/collectors/register'; -import { APP_ID, APP_ICON, MAP_SAVED_OBJECT_TYPE, createMapPath } from '../common/constants'; -import { mapSavedObjects, mapsTelemetrySavedObjects } from './saved_objects'; +import { APP_ID, APP_ICON, MAP_SAVED_OBJECT_TYPE, getExistingMapPath } from '../common/constants'; +import { mapSavedObjects } from './saved_objects'; import { MapsXPackConfig } from '../config'; // @ts-ignore import { setInternalRepository } from './kibana_server_services'; @@ -58,7 +58,7 @@ export class MapsPlugin implements Plugin { home.sampleData.addAppLinksToSampleDataset('ecommerce', [ { - path: createMapPath('2c9c1f60-1909-11e9-919b-ffe5949a18d2'), + path: getExistingMapPath('2c9c1f60-1909-11e9-919b-ffe5949a18d2'), label: sampleDataLinkLabel, icon: APP_ICON, }, @@ -80,7 +80,7 @@ export class MapsPlugin implements Plugin { home.sampleData.addAppLinksToSampleDataset('flights', [ { - path: createMapPath('5dd88580-1906-11e9-919b-ffe5949a18d2'), + path: getExistingMapPath('5dd88580-1906-11e9-919b-ffe5949a18d2'), label: sampleDataLinkLabel, icon: APP_ICON, }, @@ -101,7 +101,7 @@ export class MapsPlugin implements Plugin { home.sampleData.addSavedObjectsToSampleDataset('logs', getWebLogsSavedObjects()); home.sampleData.addAppLinksToSampleDataset('logs', [ { - path: createMapPath('de71f4f0-1902-11e9-919b-ffe5949a18d2'), + path: getExistingMapPath('de71f4f0-1902-11e9-919b-ffe5949a18d2'), label: sampleDataLinkLabel, icon: APP_ICON, }, @@ -191,7 +191,6 @@ export class MapsPlugin implements Plugin { }, }); - core.savedObjects.registerType(mapsTelemetrySavedObjects); core.savedObjects.registerType(mapSavedObjects); registerMapsUsageCollector(usageCollection, currentConfig); diff --git a/x-pack/plugins/maps/server/saved_objects/index.ts b/x-pack/plugins/maps/server/saved_objects/index.ts index c4b779183a2de..804d720a13ab0 100644 --- a/x-pack/plugins/maps/server/saved_objects/index.ts +++ b/x-pack/plugins/maps/server/saved_objects/index.ts @@ -3,5 +3,4 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -export { mapsTelemetrySavedObjects } from './maps_telemetry'; export { mapSavedObjects } from './map'; diff --git a/x-pack/plugins/maps/server/saved_objects/map.ts b/x-pack/plugins/maps/server/saved_objects/map.ts index 0fcadc5a97203..ce9d579137864 100644 --- a/x-pack/plugins/maps/server/saved_objects/map.ts +++ b/x-pack/plugins/maps/server/saved_objects/map.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ import { SavedObjectsType } from 'src/core/server'; -import { APP_ICON, createMapPath } from '../../common/constants'; +import { APP_ICON, getExistingMapPath } from '../../common/constants'; // @ts-ignore import { migrations } from './migrations'; @@ -31,7 +31,7 @@ export const mapSavedObjects: SavedObjectsType = { }, getInAppUrl(obj) { return { - path: createMapPath(obj.id), + path: getExistingMapPath(obj.id), uiCapabilitiesPath: 'maps.show', }; }, diff --git a/x-pack/plugins/maps/server/saved_objects/maps_telemetry.ts b/x-pack/plugins/maps/server/saved_objects/maps_telemetry.ts deleted file mode 100644 index ad0b17af36dda..0000000000000 --- a/x-pack/plugins/maps/server/saved_objects/maps_telemetry.ts +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ -import { SavedObjectsType } from 'src/core/server'; - -export const mapsTelemetrySavedObjects: SavedObjectsType = { - name: 'maps', - hidden: false, - namespaceType: 'agnostic', - mappings: { - properties: { - settings: { - properties: { - showMapVisualizationTypes: { type: 'boolean' }, - }, - }, - indexPatternsWithGeoFieldCount: { type: 'long' }, - indexPatternsWithGeoPointFieldCount: { type: 'long' }, - indexPatternsWithGeoShapeFieldCount: { type: 'long' }, - mapsTotalCount: { type: 'long' }, - timeCaptured: { type: 'date' }, - attributesPerMap: { - properties: { - dataSourcesCount: { - properties: { - min: { type: 'long' }, - max: { type: 'long' }, - avg: { type: 'long' }, - }, - }, - layersCount: { - properties: { - min: { type: 'long' }, - max: { type: 'long' }, - avg: { type: 'long' }, - }, - }, - layerTypesCount: { dynamic: 'true', properties: {} }, - emsVectorLayersCount: { dynamic: 'true', properties: {} }, - }, - }, - }, - }, -}; diff --git a/x-pack/plugins/maps/server/tutorials/ems/index.ts b/x-pack/plugins/maps/server/tutorials/ems/index.ts index e96af89e52685..be15120cb19e1 100644 --- a/x-pack/plugins/maps/server/tutorials/ems/index.ts +++ b/x-pack/plugins/maps/server/tutorials/ems/index.ts @@ -6,7 +6,7 @@ import { i18n } from '@kbn/i18n'; import { TutorialsCategory } from '../../../../../../src/plugins/home/server'; -import { MAP_BASE_URL } from '../../../common/constants'; +import { getNewMapPath } from '../../../common/constants'; export function emsBoundariesSpecProvider({ emsLandingPageUrl, @@ -64,7 +64,7 @@ Indexing EMS administrative boundaries in Elasticsearch allows for search on bou 2. Click `Add layer`, then select `Upload GeoJSON`.\n\ 3. Upload the GeoJSON file and click `Import file`.', values: { - newMapUrl: prependBasePath(MAP_BASE_URL), + newMapUrl: prependBasePath(getNewMapPath()), }, }), }, diff --git a/x-pack/plugins/ml/public/application/data_frame_analytics/common/analytics.ts b/x-pack/plugins/ml/public/application/data_frame_analytics/common/analytics.ts index 16d888a9da27b..ac455120dca83 100644 --- a/x-pack/plugins/ml/public/application/data_frame_analytics/common/analytics.ts +++ b/x-pack/plugins/ml/public/application/data_frame_analytics/common/analytics.ts @@ -25,11 +25,18 @@ export enum ANALYSIS_CONFIG_TYPE { } export enum ANALYSIS_ADVANCED_FIELDS { + ETA = 'eta', + FEATURE_BAG_FRACTION = 'feature_bag_fraction', FEATURE_INFLUENCE_THRESHOLD = 'feature_influence_threshold', GAMMA = 'gamma', LAMBDA = 'lambda', MAX_TREES = 'max_trees', + METHOD = 'method', + N_NEIGHBORS = 'n_neighbors', + NUM_TOP_CLASSES = 'num_top_classes', NUM_TOP_FEATURE_IMPORTANCE_VALUES = 'num_top_feature_importance_values', + OUTLIER_FRACTION = 'outlier_fraction', + RANDOMIZE_SEED = 'randomize_seed', } export enum OUTLIER_ANALYSIS_METHOD { diff --git a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/advanced_step/advanced_step_form.tsx b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/advanced_step/advanced_step_form.tsx index 8b137ac72361c..bc9bb0cce5ae8 100644 --- a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/advanced_step/advanced_step_form.tsx +++ b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/advanced_step/advanced_step_form.tsx @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import React, { FC, Fragment, useMemo } from 'react'; +import React, { FC, Fragment, useMemo, useEffect, useState } from 'react'; import { EuiAccordion, EuiFieldNumber, @@ -23,9 +23,11 @@ import { getModelMemoryLimitErrors } from '../../../analytics_management/hooks/u import { ANALYSIS_CONFIG_TYPE, NUM_TOP_FEATURE_IMPORTANCE_VALUES_MIN, + ANALYSIS_ADVANCED_FIELDS, } from '../../../../common/analytics'; import { DEFAULT_MODEL_MEMORY_LIMIT } from '../../../analytics_management/hooks/use_create_analytics_form/state'; import { ANALYTICS_STEPS } from '../../page'; +import { fetchExplainData } from '../shared'; import { ContinueButton } from '../continue_button'; import { OutlierHyperParameters } from './outlier_hyper_parameters'; @@ -33,23 +35,39 @@ export function getNumberValue(value?: number) { return value === undefined ? '' : +value; } +export type AdvancedParamErrors = { + [key in ANALYSIS_ADVANCED_FIELDS]?: string; +}; + export const AdvancedStepForm: FC = ({ actions, state, setCurrentStep, }) => { + const [advancedParamErrors, setAdvancedParamErrors] = useState({}); + const [fetchingAdvancedParamErrors, setFetchingAdvancedParamErrors] = useState(false); + const { setFormState } = actions; const { form, isJobCreated } = state; const { computeFeatureInfluence, + eta, + featureBagFraction, featureInfluenceThreshold, + gamma, jobType, + lambda, + maxTrees, + method, modelMemoryLimit, modelMemoryLimitValidationResult, + nNeighbors, numTopClasses, numTopFeatureImportanceValues, numTopFeatureImportanceValuesValid, + outlierFraction, predictionFieldName, + randomizeSeed, } = form; const mmlErrors = useMemo(() => getModelMemoryLimitErrors(modelMemoryLimitValidationResult), [ @@ -61,6 +79,43 @@ export const AdvancedStepForm: FC = ({ const mmlInvalid = modelMemoryLimitValidationResult !== null; + const isStepInvalid = + mmlInvalid || + Object.keys(advancedParamErrors).length > 0 || + fetchingAdvancedParamErrors === true; + + useEffect(() => { + setFetchingAdvancedParamErrors(true); + (async function () { + const { success, errorMessage } = await fetchExplainData(form); + const paramErrors: AdvancedParamErrors = {}; + + if (!success) { + // Check which field is invalid + Object.values(ANALYSIS_ADVANCED_FIELDS).forEach((param) => { + if (errorMessage.includes(`[${param}]`)) { + paramErrors[param] = errorMessage; + } + }); + } + setFetchingAdvancedParamErrors(false); + setAdvancedParamErrors(paramErrors); + })(); + }, [ + eta, + featureBagFraction, + featureInfluenceThreshold, + gamma, + lambda, + maxTrees, + method, + nNeighbors, + numTopClasses, + numTopFeatureImportanceValues, + outlierFraction, + randomizeSeed, + ]); + const outlierDetectionAdvancedConfig = ( @@ -126,6 +181,10 @@ export const AdvancedStepForm: FC = ({ 'The minimum outlier score that a document needs to have in order to calculate its feature influence score. Value range: 0-1. Defaults to 0.1.', } )} + isInvalid={ + advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.FEATURE_INFLUENCE_THRESHOLD] !== undefined + } + error={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.FEATURE_INFLUENCE_THRESHOLD]} > @@ -315,14 +374,24 @@ export const AdvancedStepForm: FC = ({ > {jobType === ANALYSIS_CONFIG_TYPE.OUTLIER_DETECTION && ( - + + )} + {isRegOrClassJob && ( + )} - {isRegOrClassJob && } { setCurrentStep(ANALYTICS_STEPS.DETAILS); }} diff --git a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/advanced_step/hyper_parameters.tsx b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/advanced_step/hyper_parameters.tsx index 144a062106003..620e81e30a0c4 100644 --- a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/advanced_step/hyper_parameters.tsx +++ b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/advanced_step/hyper_parameters.tsx @@ -8,11 +8,16 @@ import React, { FC, Fragment } from 'react'; import { EuiFieldNumber, EuiFlexItem, EuiFormRow } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { CreateAnalyticsFormProps } from '../../../analytics_management/hooks/use_create_analytics_form'; -import { getNumberValue } from './advanced_step_form'; +import { AdvancedParamErrors, getNumberValue } from './advanced_step_form'; +import { ANALYSIS_ADVANCED_FIELDS } from '../../../../common/analytics'; const MAX_TREES_LIMIT = 2000; -export const HyperParameters: FC = ({ actions, state }) => { +interface Props extends CreateAnalyticsFormProps { + advancedParamErrors: AdvancedParamErrors; +} + +export const HyperParameters: FC = ({ actions, state, advancedParamErrors }) => { const { setFormState } = actions; const { eta, featureBagFraction, gamma, lambda, maxTrees, randomizeSeed } = state.form; @@ -28,6 +33,8 @@ export const HyperParameters: FC = ({ actions, state } defaultMessage: 'Regularization parameter to prevent overfitting on the training data set. Must be a non negative value.', })} + isInvalid={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.LAMBDA] !== undefined} + error={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.LAMBDA]} > = ({ actions, state } helpText={i18n.translate('xpack.ml.dataframe.analytics.create.maxTreesText', { defaultMessage: 'The maximum number of trees the forest is allowed to contain.', })} + isInvalid={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.MAX_TREES] !== undefined} + error={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.MAX_TREES]} > = ({ actions, state } defaultMessage: 'Multiplies a linear penalty associated with the size of individual trees in the forest. Must be non-negative value.', })} + isInvalid={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.GAMMA] !== undefined} + error={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.GAMMA]} > = ({ actions, state } helpText={i18n.translate('xpack.ml.dataframe.analytics.create.etaText', { defaultMessage: 'The shrinkage applied to the weights. Must be between 0.001 and 1.', })} + isInvalid={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.ETA] !== undefined} + error={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.ETA]} > = ({ actions, state } defaultMessage: 'The fraction of features used when selecting a random bag for each candidate split.', })} + isInvalid={ + advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.FEATURE_BAG_FRACTION] !== undefined + } + error={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.FEATURE_BAG_FRACTION]} > = ({ actions, state } = ({ actions, state }) => { +interface Props extends CreateAnalyticsFormProps { + advancedParamErrors: AdvancedParamErrors; +} + +export const OutlierHyperParameters: FC = ({ actions, state, advancedParamErrors }) => { const { setFormState } = actions; const { method, nNeighbors, outlierFraction, standardizationEnabled } = state.form; @@ -27,6 +31,8 @@ export const OutlierHyperParameters: FC = ({ actions, defaultMessage: 'Sets the method that outlier detection uses. If not set, uses an ensemble of different methods and normalises and combines their individual outlier scores to obtain the overall outlier score. We recommend to use the ensemble method', })} + isInvalid={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.METHOD] !== undefined} + error={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.METHOD]} > ({ @@ -51,6 +57,8 @@ export const OutlierHyperParameters: FC = ({ actions, defaultMessage: 'The value for how many nearest neighbors each method of outlier detection will use to calculate its outlier score. When not set, different values will be used for different ensemble members. Must be a positive integer', })} + isInvalid={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.N_NEIGHBORS] !== undefined} + error={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.N_NEIGHBORS]} > = ({ actions, defaultMessage: 'Sets the proportion of the data set that is assumed to be outlying prior to outlier detection.', })} + isInvalid={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.OUTLIER_FRACTION] !== undefined} + error={advancedParamErrors[ANALYSIS_ADVANCED_FIELDS.OUTLIER_FRACTION]} > )} {tableItems.length > 0 && ( - + = ({ const { currentSavedSearch, currentIndexPattern } = mlContext; const { savedSearchQuery, savedSearchQueryStr } = useSavedSearch(); + const [loadingFieldOptions, setLoadingFieldOptions] = useState(false); + const [fieldOptionsFetchFail, setFieldOptionsFetchFail] = useState(false); + const [loadingDepVarOptions, setLoadingDepVarOptions] = useState(false); + const [dependentVariableFetchFail, setDependentVariableFetchFail] = useState(false); + const [dependentVariableOptions, setDependentVariableOptions] = useState< + EuiComboBoxOptionOption[] + >([]); + const [excludesTableItems, setExcludesTableItems] = useState([]); + const [maxDistinctValuesError, setMaxDistinctValuesError] = useState( + undefined + ); + const { setEstimatedModelMemoryLimit, setFormState } = actions; const { estimatedModelMemoryLimit, form, isJobCreated, requestMessages } = state; const firstUpdate = useRef(true); const { dependentVariable, - dependentVariableFetchFail, - dependentVariableOptions, excludes, - excludesTableItems, - fieldOptionsFetchFail, jobConfigQuery, jobConfigQueryString, jobType, - loadingDepVarOptions, - loadingFieldOptions, - maxDistinctValuesError, modelMemoryLimit, previousJobType, requiredFieldsError, @@ -109,30 +120,20 @@ export const ConfigurationStepForm: FC = ({ requiredFieldsError !== undefined; const loadDepVarOptions = async (formState: State['form']) => { - setFormState({ - loadingDepVarOptions: true, - maxDistinctValuesError: undefined, - }); + setLoadingDepVarOptions(true); + setMaxDistinctValuesError(undefined); + try { if (currentIndexPattern !== undefined) { - const formStateUpdate: { - loadingDepVarOptions: boolean; - dependentVariableFetchFail: boolean; - dependentVariableOptions: State['form']['dependentVariableOptions']; - dependentVariable?: State['form']['dependentVariable']; - } = { - loadingDepVarOptions: false, - dependentVariableFetchFail: false, - dependentVariableOptions: [] as State['form']['dependentVariableOptions'], - }; - + const depVarOptions = []; + let depVarUpdate = dependentVariable; // Get fields and filter for supported types for job type const { fields } = newJobCapsService; let resetDependentVariable = true; for (const field of fields) { if (shouldAddAsDepVarOption(field, jobType)) { - formStateUpdate.dependentVariableOptions.push({ + depVarOptions.push({ label: field.id, }); @@ -143,13 +144,16 @@ export const ConfigurationStepForm: FC = ({ } if (resetDependentVariable) { - formStateUpdate.dependentVariable = ''; + depVarUpdate = ''; } - - setFormState(formStateUpdate); + setDependentVariableOptions(depVarOptions); + setLoadingDepVarOptions(false); + setDependentVariableFetchFail(false); + setFormState({ dependentVariable: depVarUpdate }); } } catch (e) { - setFormState({ loadingDepVarOptions: false, dependentVariableFetchFail: true }); + setLoadingDepVarOptions(false); + setDependentVariableFetchFail(true); } }; @@ -165,72 +169,48 @@ export const ConfigurationStepForm: FC = ({ // Reset if jobType changes (jobType requires dependent_variable to be set - // which won't be the case if switching from outlier detection) if (jobTypeChanged) { - setFormState({ - loadingFieldOptions: true, - }); + setLoadingFieldOptions(true); } - try { - const jobConfig = getJobConfigFromFormState(form); - delete jobConfig.dest; - delete jobConfig.model_memory_limit; - const resp: DfAnalyticsExplainResponse = await ml.dataFrameAnalytics.explainDataFrameAnalytics( - jobConfig - ); - const expectedMemoryWithoutDisk = resp.memory_estimation?.expected_memory_without_disk; + const { success, expectedMemory, fieldSelection, errorMessage } = await fetchExplainData(form); + if (success) { if (shouldUpdateEstimatedMml) { - setEstimatedModelMemoryLimit(expectedMemoryWithoutDisk); + setEstimatedModelMemoryLimit(expectedMemory); } - const fieldSelection: FieldSelectionItem[] | undefined = resp.field_selection; - - let hasRequiredFields = false; - if (fieldSelection) { - for (let i = 0; i < fieldSelection.length; i++) { - const field = fieldSelection[i]; - if (field.is_included === true && field.is_required === false) { - hasRequiredFields = true; - break; - } - } - } + const hasRequiredFields = fieldSelection.some( + (field) => field.is_included === true && field.is_required === false + ); - // If job type has changed load analysis field options again if (jobTypeChanged) { + setLoadingFieldOptions(false); + setFieldOptionsFetchFail(false); + setMaxDistinctValuesError(undefined); + setExcludesTableItems(fieldSelection ? fieldSelection : []); setFormState({ - ...(shouldUpdateModelMemoryLimit ? { modelMemoryLimit: expectedMemoryWithoutDisk } : {}), - excludesTableItems: fieldSelection ? fieldSelection : [], - loadingFieldOptions: false, - fieldOptionsFetchFail: false, - maxDistinctValuesError: undefined, + ...(shouldUpdateModelMemoryLimit ? { modelMemoryLimit: expectedMemory } : {}), requiredFieldsError: !hasRequiredFields ? requiredFieldsErrorText : undefined, }); } else { setFormState({ - ...(shouldUpdateModelMemoryLimit ? { modelMemoryLimit: expectedMemoryWithoutDisk } : {}), + ...(shouldUpdateModelMemoryLimit ? { modelMemoryLimit: expectedMemory } : {}), requiredFieldsError: !hasRequiredFields ? requiredFieldsErrorText : undefined, }); } - } catch (e) { + } else { let maxDistinctValuesErrorMessage; - if ( jobType === ANALYSIS_CONFIG_TYPE.CLASSIFICATION && - e.body && - e.body.message !== undefined && - e.body.message.includes('status_exception') && - (e.body.message.includes('must have at most') || - e.body.message.includes('must have at least')) + errorMessage.includes('status_exception') && + (errorMessage.includes('must have at most') || errorMessage.includes('must have at least')) ) { - maxDistinctValuesErrorMessage = e.body.message; + maxDistinctValuesErrorMessage = errorMessage; } if ( - e.body && - e.body.message !== undefined && - e.body.message.includes('status_exception') && - e.body.message.includes('Unable to estimate memory usage as no documents') + errorMessage.includes('status_exception') && + errorMessage.includes('Unable to estimate memory usage as no documents') ) { toastNotifications.addWarning( i18n.translate('xpack.ml.dataframe.analytics.create.allDocsMissingFieldsErrorMessage', { @@ -241,15 +221,17 @@ export const ConfigurationStepForm: FC = ({ }) ); } + const fallbackModelMemoryLimit = jobType !== undefined ? DEFAULT_MODEL_MEMORY_LIMIT[jobType] : DEFAULT_MODEL_MEMORY_LIMIT.outlier_detection; + setEstimatedModelMemoryLimit(fallbackModelMemoryLimit); + setLoadingFieldOptions(false); + setFieldOptionsFetchFail(true); + setMaxDistinctValuesError(maxDistinctValuesErrorMessage); setFormState({ - fieldOptionsFetchFail: true, - maxDistinctValuesError: maxDistinctValuesErrorMessage, - loadingFieldOptions: false, ...(shouldUpdateModelMemoryLimit ? { modelMemoryLimit: fallbackModelMemoryLimit } : {}), }); } diff --git a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/shared/fetch_explain_data.ts b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/shared/fetch_explain_data.ts new file mode 100644 index 0000000000000..655a5e6a59304 --- /dev/null +++ b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/shared/fetch_explain_data.ts @@ -0,0 +1,48 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { ml } from '../../../../../services/ml_api_service'; +import { extractErrorMessage } from '../../../../../../../common/util/errors'; +import { DfAnalyticsExplainResponse, FieldSelectionItem } from '../../../../common/analytics'; +import { + getJobConfigFromFormState, + State, +} from '../../../analytics_management/hooks/use_create_analytics_form/state'; + +export interface FetchExplainDataReturnType { + success: boolean; + expectedMemory: string; + fieldSelection: FieldSelectionItem[]; + errorMessage: string; +} + +export const fetchExplainData = async (formState: State['form']) => { + const jobConfig = getJobConfigFromFormState(formState); + let errorMessage = ''; + let success = true; + let expectedMemory = ''; + let fieldSelection: FieldSelectionItem[] = []; + + try { + delete jobConfig.dest; + delete jobConfig.model_memory_limit; + const resp: DfAnalyticsExplainResponse = await ml.dataFrameAnalytics.explainDataFrameAnalytics( + jobConfig + ); + expectedMemory = resp.memory_estimation?.expected_memory_without_disk; + fieldSelection = resp.field_selection || []; + } catch (error) { + success = false; + errorMessage = extractErrorMessage(error); + } + + return { + success, + expectedMemory, + fieldSelection, + errorMessage, + }; +}; diff --git a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/shared/index.ts b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/shared/index.ts index ed3f9ef2e9384..45545cf98e0d6 100644 --- a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/shared/index.ts +++ b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/components/shared/index.ts @@ -5,3 +5,4 @@ */ export { Messages } from './messages'; +export { fetchExplainData } from './fetch_explain_data'; diff --git a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/page.tsx b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/page.tsx index 966ef33a1ac8b..ff718277a88a7 100644 --- a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/page.tsx +++ b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_creation/page.tsx @@ -144,7 +144,7 @@ export const Page: FC = ({ jobId }) => { - +

{jobId === undefined && ( { - const { - jobIdEmpty, - jobIdValid, - jobIdExists, - jobType, - createIndexPattern, - excludes, - maxDistinctValuesError, - requiredFieldsError, - } = state.form; + const { jobIdEmpty, jobIdValid, jobIdExists, jobType, createIndexPattern, excludes } = state.form; const { jobConfig } = state; state.advancedEditorMessages = []; @@ -330,8 +321,6 @@ export const validateAdvancedEditor = (state: State): State => { state.form.destinationIndexPatternTitleExists = destinationIndexPatternTitleExists; state.isValid = - maxDistinctValuesError === undefined && - requiredFieldsError === undefined && excludesValid && trainingPercentValid && state.form.modelMemoryLimitUnitValid && @@ -396,10 +385,8 @@ const validateForm = (state: State): State => { destinationIndexPatternTitleExists, createIndexPattern, dependentVariable, - maxDistinctValuesError, modelMemoryLimit, numTopFeatureImportanceValuesValid, - requiredFieldsError, } = state.form; const { estimatedModelMemoryLimit } = state; @@ -414,8 +401,6 @@ const validateForm = (state: State): State => { state.form.modelMemoryLimitValidationResult = mmlValidationResult; state.isValid = - maxDistinctValuesError === undefined && - requiredFieldsError === undefined && !jobTypeEmpty && !mmlValidationResult && !jobIdEmpty && diff --git a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/state.ts b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/state.ts index 8a07704e39910..241866b56c5c8 100644 --- a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/state.ts +++ b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/hooks/use_create_analytics_form/state.ts @@ -4,14 +4,12 @@ * you may not use this file except in compliance with the Elastic License. */ -import { EuiComboBoxOptionOption } from '@elastic/eui'; import { DeepPartial, DeepReadonly } from '../../../../../../../common/types/common'; import { checkPermission } from '../../../../../capabilities/check_capabilities'; import { mlNodesAvailable } from '../../../../../ml_nodes_check'; import { newJobCapsService } from '../../../../../services/new_job_capabilities_service'; import { - FieldSelectionItem, isClassificationAnalysis, isRegressionAnalysis, DataFrameAnalyticsId, @@ -52,8 +50,6 @@ export interface State { computeFeatureInfluence: string; createIndexPattern: boolean; dependentVariable: DependentVariable; - dependentVariableFetchFail: boolean; - dependentVariableOptions: EuiComboBoxOptionOption[]; description: string; destinationIndex: EsIndexName; destinationIndexNameExists: boolean; @@ -62,11 +58,8 @@ export interface State { destinationIndexPatternTitleExists: boolean; eta: undefined | number; excludes: string[]; - excludesTableItems: FieldSelectionItem[]; - excludesOptions: EuiComboBoxOptionOption[]; featureBagFraction: undefined | number; featureInfluenceThreshold: undefined | number; - fieldOptionsFetchFail: boolean; gamma: undefined | number; jobId: DataFrameAnalyticsId; jobIdExists: boolean; @@ -77,9 +70,7 @@ export interface State { jobConfigQuery: any; jobConfigQueryString: string | undefined; lambda: number | undefined; - loadingDepVarOptions: boolean; loadingFieldOptions: boolean; - maxDistinctValuesError: string | undefined; maxTrees: undefined | number; method: undefined | string; modelMemoryLimit: string | undefined; @@ -124,8 +115,6 @@ export const getInitialState = (): State => ({ computeFeatureInfluence: 'true', createIndexPattern: true, dependentVariable: '', - dependentVariableFetchFail: false, - dependentVariableOptions: [], description: '', destinationIndex: '', destinationIndexNameExists: false, @@ -136,10 +125,7 @@ export const getInitialState = (): State => ({ excludes: [], featureBagFraction: undefined, featureInfluenceThreshold: undefined, - fieldOptionsFetchFail: false, gamma: undefined, - excludesTableItems: [], - excludesOptions: [], jobId: '', jobIdExists: false, jobIdEmpty: true, @@ -149,9 +135,7 @@ export const getInitialState = (): State => ({ jobConfigQuery: { match_all: {} }, jobConfigQueryString: undefined, lambda: undefined, - loadingDepVarOptions: false, loadingFieldOptions: false, - maxDistinctValuesError: undefined, maxTrees: undefined, method: undefined, modelMemoryLimit: undefined, @@ -311,6 +295,9 @@ export const getJobConfigFromFormState = ( n_neighbors: formState.nNeighbors, }, formState.outlierFraction && { outlier_fraction: formState.outlierFraction }, + formState.featureInfluenceThreshold && { + feature_influence_threshold: formState.featureInfluenceThreshold, + }, formState.standardizationEnabled && { standardization_enabled: formState.standardizationEnabled, } diff --git a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/page.tsx b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/page.tsx index c0b7d63e623ce..07442124959d0 100644 --- a/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/page.tsx +++ b/x-pack/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/page.tsx @@ -48,7 +48,7 @@ export const Page: FC = () => {

  = memo( fill={true} href={resultsUrl} aria-label={i18n.translate('xpack.ml.newJob.recognize.viewResultsAriaLabel', { - defaultMessage: 'View Results', + defaultMessage: 'View results', })} > diff --git a/x-pack/plugins/ml/public/application/overview/components/analytics_panel/analytics_panel.tsx b/x-pack/plugins/ml/public/application/overview/components/analytics_panel/analytics_panel.tsx index c379cd702daee..65e7ba9e8ab52 100644 --- a/x-pack/plugins/ml/public/application/overview/components/analytics_panel/analytics_panel.tsx +++ b/x-pack/plugins/ml/public/application/overview/components/analytics_panel/analytics_panel.tsx @@ -89,7 +89,7 @@ export const AnalyticsPanel: FC = ({ jobCreationDisabled }) => { body={

{i18n.translate('xpack.ml.overview.analyticsList.emptyPromptText', { - defaultMessage: `Data frame analytics enable you to perform different analyses of your data and annotates it with the results. The job puts the annotated data and a copy of the source data in a new index.`, + defaultMessage: `Data frame analytics enables you to perform outlier detection, regression, or classification analysis on your data and annotates it with the results. The job puts the annotated data and a copy of the source data in a new index.`, })}

} diff --git a/x-pack/plugins/observability/public/data_handler.test.ts b/x-pack/plugins/observability/public/data_handler.test.ts new file mode 100644 index 0000000000000..71c2c942239fd --- /dev/null +++ b/x-pack/plugins/observability/public/data_handler.test.ts @@ -0,0 +1,365 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import { registerDataHandler, getDataHandler } from './data_handler'; + +const params = { + startTime: '0', + endTime: '1', + bucketSize: '10s', +}; + +describe('registerDataHandler', () => { + describe('APM', () => { + registerDataHandler({ + appName: 'apm', + fetchData: async () => { + return { + title: 'apm', + appLink: '/apm', + stats: { + services: { + label: 'services', + type: 'number', + value: 1, + }, + transactions: { + label: 'transactions', + type: 'number', + value: 1, + }, + }, + series: { + transactions: { + label: 'transactions', + coordinates: [{ x: 1 }], + }, + }, + }; + }, + hasData: async () => true, + }); + + it('registered data handler', () => { + const dataHandler = getDataHandler('apm'); + expect(dataHandler?.fetchData).toBeDefined(); + expect(dataHandler?.hasData).toBeDefined(); + }); + + it('returns data when fetchData is called', async () => { + const dataHandler = getDataHandler('apm'); + const response = await dataHandler?.fetchData(params); + expect(response).toEqual({ + title: 'apm', + appLink: '/apm', + stats: { + services: { + label: 'services', + type: 'number', + value: 1, + }, + transactions: { + label: 'transactions', + type: 'number', + value: 1, + }, + }, + series: { + transactions: { + label: 'transactions', + coordinates: [{ x: 1 }], + }, + }, + }); + }); + + it('returns true when hasData is called', async () => { + const dataHandler = getDataHandler('apm'); + const hasData = await dataHandler?.hasData(); + expect(hasData).toBeTruthy(); + }); + }); + describe('Logs', () => { + registerDataHandler({ + appName: 'infra_logs', + fetchData: async () => { + return { + title: 'logs', + appLink: '/logs', + stats: { + foo: { + label: 'Foo', + type: 'number', + value: 1, + }, + bar: { + label: 'bar', + type: 'number', + value: 1, + }, + }, + series: { + foo: { + label: 'Foo', + coordinates: [{ x: 1 }], + }, + bar: { + label: 'Bar', + coordinates: [{ x: 1 }], + }, + }, + }; + }, + hasData: async () => true, + }); + + it('registered data handler', () => { + const dataHandler = getDataHandler('infra_logs'); + expect(dataHandler?.fetchData).toBeDefined(); + expect(dataHandler?.hasData).toBeDefined(); + }); + + it('returns data when fetchData is called', async () => { + const dataHandler = getDataHandler('infra_logs'); + const response = await dataHandler?.fetchData(params); + expect(response).toEqual({ + title: 'logs', + appLink: '/logs', + stats: { + foo: { + label: 'Foo', + type: 'number', + value: 1, + }, + bar: { + label: 'bar', + type: 'number', + value: 1, + }, + }, + series: { + foo: { + label: 'Foo', + coordinates: [{ x: 1 }], + }, + bar: { + label: 'Bar', + coordinates: [{ x: 1 }], + }, + }, + }); + }); + + it('returns true when hasData is called', async () => { + const dataHandler = getDataHandler('apm'); + const hasData = await dataHandler?.hasData(); + expect(hasData).toBeTruthy(); + }); + }); + describe('Uptime', () => { + registerDataHandler({ + appName: 'uptime', + fetchData: async () => { + return { + title: 'uptime', + appLink: '/uptime', + stats: { + monitors: { + label: 'Monitors', + type: 'number', + value: 1, + }, + up: { + label: 'Up', + type: 'number', + value: 1, + }, + down: { + label: 'Down', + type: 'number', + value: 1, + }, + }, + series: { + down: { + label: 'Down', + coordinates: [{ x: 1 }], + }, + up: { + label: 'Up', + coordinates: [{ x: 1 }], + }, + }, + }; + }, + hasData: async () => true, + }); + + it('registered data handler', () => { + const dataHandler = getDataHandler('uptime'); + expect(dataHandler?.fetchData).toBeDefined(); + expect(dataHandler?.hasData).toBeDefined(); + }); + + it('returns data when fetchData is called', async () => { + const dataHandler = getDataHandler('uptime'); + const response = await dataHandler?.fetchData(params); + expect(response).toEqual({ + title: 'uptime', + appLink: '/uptime', + stats: { + monitors: { + label: 'Monitors', + type: 'number', + value: 1, + }, + up: { + label: 'Up', + type: 'number', + value: 1, + }, + down: { + label: 'Down', + type: 'number', + value: 1, + }, + }, + series: { + down: { + label: 'Down', + coordinates: [{ x: 1 }], + }, + up: { + label: 'Up', + coordinates: [{ x: 1 }], + }, + }, + }); + }); + + it('returns true when hasData is called', async () => { + const dataHandler = getDataHandler('apm'); + const hasData = await dataHandler?.hasData(); + expect(hasData).toBeTruthy(); + }); + }); + describe('Metrics', () => { + registerDataHandler({ + appName: 'infra_metrics', + fetchData: async () => { + return { + title: 'metrics', + appLink: '/metrics', + stats: { + hosts: { + label: 'hosts', + type: 'number', + value: 1, + }, + cpu: { + label: 'cpu', + type: 'number', + value: 1, + }, + memory: { + label: 'memory', + type: 'number', + value: 1, + }, + disk: { + label: 'disk', + type: 'number', + value: 1, + }, + inboundTraffic: { + label: 'inboundTraffic', + type: 'number', + value: 1, + }, + outboundTraffic: { + label: 'outboundTraffic', + type: 'number', + value: 1, + }, + }, + series: { + inboundTraffic: { + label: 'inbound Traffic', + coordinates: [{ x: 1 }], + }, + outboundTraffic: { + label: 'outbound Traffic', + coordinates: [{ x: 1 }], + }, + }, + }; + }, + hasData: async () => true, + }); + + it('registered data handler', () => { + const dataHandler = getDataHandler('infra_metrics'); + expect(dataHandler?.fetchData).toBeDefined(); + expect(dataHandler?.hasData).toBeDefined(); + }); + + it('returns data when fetchData is called', async () => { + const dataHandler = getDataHandler('infra_metrics'); + const response = await dataHandler?.fetchData(params); + expect(response).toEqual({ + title: 'metrics', + appLink: '/metrics', + stats: { + hosts: { + label: 'hosts', + type: 'number', + value: 1, + }, + cpu: { + label: 'cpu', + type: 'number', + value: 1, + }, + memory: { + label: 'memory', + type: 'number', + value: 1, + }, + disk: { + label: 'disk', + type: 'number', + value: 1, + }, + inboundTraffic: { + label: 'inboundTraffic', + type: 'number', + value: 1, + }, + outboundTraffic: { + label: 'outboundTraffic', + type: 'number', + value: 1, + }, + }, + series: { + inboundTraffic: { + label: 'inbound Traffic', + coordinates: [{ x: 1 }], + }, + outboundTraffic: { + label: 'outbound Traffic', + coordinates: [{ x: 1 }], + }, + }, + }); + }); + + it('returns true when hasData is called', async () => { + const dataHandler = getDataHandler('apm'); + const hasData = await dataHandler?.hasData(); + expect(hasData).toBeTruthy(); + }); + }); +}); diff --git a/x-pack/plugins/observability/public/data_handler.ts b/x-pack/plugins/observability/public/data_handler.ts index 8f80f79b2e829..288da3d78bf36 100644 --- a/x-pack/plugins/observability/public/data_handler.ts +++ b/x-pack/plugins/observability/public/data_handler.ts @@ -19,25 +19,27 @@ interface FetchDataParams { export type FetchData = ( fetchDataParams: FetchDataParams ) => Promise; + export type HasData = () => Promise; -interface DataHandler { - fetchData: FetchData; +interface DataHandler { + fetchData: FetchData; hasData: HasData; } const dataHandlers: Partial> = {}; -export type RegisterDataHandler = (params: { - appName: T; - fetchData: FetchData; - hasData: HasData; -}) => void; - -export const registerDataHandler: RegisterDataHandler = ({ appName, fetchData, hasData }) => { +export function registerDataHandler({ + appName, + fetchData, + hasData, +}: { appName: T } & DataHandler) { dataHandlers[appName] = { fetchData, hasData }; -}; +} -export function getDataHandler(appName: ObservabilityApp): DataHandler | undefined { - return dataHandlers[appName]; +export function getDataHandler(appName: T) { + const dataHandler = dataHandlers[appName]; + if (dataHandler) { + return dataHandler as DataHandler; + } } diff --git a/x-pack/plugins/observability/public/index.ts b/x-pack/plugins/observability/public/index.ts index ade347c79728d..fcb569f535d76 100644 --- a/x-pack/plugins/observability/public/index.ts +++ b/x-pack/plugins/observability/public/index.ts @@ -5,15 +5,15 @@ */ import { PluginInitializerContext, PluginInitializer } from 'kibana/public'; -import { Plugin, ObservabilityPluginSetup, ObservabilityPluginStart } from './plugin'; +import { Plugin, ObservabilityPluginSetup } from './plugin'; -export const plugin: PluginInitializer = ( +export const plugin: PluginInitializer = ( context: PluginInitializerContext ) => { return new Plugin(context); }; -export { ObservabilityPluginSetup, ObservabilityPluginStart }; +export { ObservabilityPluginSetup }; export * from './components/action_menu'; diff --git a/x-pack/plugins/observability/public/plugin.ts b/x-pack/plugins/observability/public/plugin.ts index 16adf88d152c5..c20e8c7b75d49 100644 --- a/x-pack/plugins/observability/public/plugin.ts +++ b/x-pack/plugins/observability/public/plugin.ts @@ -10,15 +10,13 @@ import { Plugin as PluginClass, PluginInitializerContext, } from '../../../../src/core/public'; -import { RegisterDataHandler, registerDataHandler } from './data_handler'; +import { registerDataHandler } from './data_handler'; export interface ObservabilityPluginSetup { - dashboard: { register: RegisterDataHandler }; + dashboard: { register: typeof registerDataHandler }; } -export type ObservabilityPluginStart = void; - -export class Plugin implements PluginClass { +export class Plugin implements PluginClass { constructor(context: PluginInitializerContext) {} public setup(core: CoreSetup) { diff --git a/x-pack/plugins/reporting/server/core.ts b/x-pack/plugins/reporting/server/core.ts index 9acd359fa0db4..eccd6c7db1698 100644 --- a/x-pack/plugins/reporting/server/core.ts +++ b/x-pack/plugins/reporting/server/core.ts @@ -24,6 +24,7 @@ import { screenshotsObservableFactory } from './export_types/common/lib/screensh import { checkLicense, getExportTypesRegistry } from './lib'; import { ESQueueInstance } from './lib/create_queue'; import { EnqueueJobFn } from './lib/enqueue_job'; +import { ReportingStore } from './lib/store'; export interface ReportingInternalSetup { elasticsearch: ElasticsearchServiceSetup; @@ -37,6 +38,7 @@ export interface ReportingInternalStart { browserDriverFactory: HeadlessChromiumDriverFactory; enqueueJob: EnqueueJobFn; esqueue: ESQueueInstance; + store: ReportingStore; savedObjects: SavedObjectsServiceStart; uiSettings: UiSettingsServiceStart; } diff --git a/x-pack/plugins/reporting/server/lib/create_queue.ts b/x-pack/plugins/reporting/server/lib/create_queue.ts index 5d09af312a41b..a8dcb92c55b2d 100644 --- a/x-pack/plugins/reporting/server/lib/create_queue.ts +++ b/x-pack/plugins/reporting/server/lib/create_queue.ts @@ -8,17 +8,16 @@ import { ReportingCore } from '../core'; import { JobSource, TaskRunResult } from '../types'; import { createTaggedLogger } from './create_tagged_logger'; // TODO remove createTaggedLogger once esqueue is removed import { createWorkerFactory } from './create_worker'; -import { Job } from './enqueue_job'; // @ts-ignore import { Esqueue } from './esqueue'; import { LevelLogger } from './level_logger'; +import { ReportingStore } from './store'; interface ESQueueWorker { on: (event: string, handler: any) => void; } export interface ESQueueInstance { - addJob: (type: string, payload: unknown, options: object) => Job; registerWorker: ( pluginId: string, workerFn: GenericWorkerFn, @@ -37,26 +36,25 @@ type GenericWorkerFn = ( ...workerRestArgs: any[] ) => void | Promise; -export async function createQueueFactory( +export async function createQueueFactory( reporting: ReportingCore, + store: ReportingStore, logger: LevelLogger ): Promise { const config = reporting.getConfig(); - const queueIndexInterval = config.get('queue', 'indexInterval'); + + // esqueue-related const queueTimeout = config.get('queue', 'timeout'); - const queueIndex = config.get('index'); const isPollingEnabled = config.get('queue', 'pollEnabled'); - const elasticsearch = await reporting.getElasticsearchService(); + const elasticsearch = reporting.getElasticsearchService(); const queueOptions = { - interval: queueIndexInterval, timeout: queueTimeout, - dateSeparator: '.', client: elasticsearch.legacy.client, logger: createTaggedLogger(logger, ['esqueue', 'queue-worker']), }; - const queue: ESQueueInstance = new Esqueue(queueIndex, queueOptions); + const queue: ESQueueInstance = new Esqueue(store, queueOptions); if (isPollingEnabled) { // create workers to poll the index for idle jobs waiting to be claimed and executed diff --git a/x-pack/plugins/reporting/server/lib/enqueue_job.ts b/x-pack/plugins/reporting/server/lib/enqueue_job.ts index 625da90f3b4f2..d1554a03b9389 100644 --- a/x-pack/plugins/reporting/server/lib/enqueue_job.ts +++ b/x-pack/plugins/reporting/server/lib/enqueue_job.ts @@ -4,39 +4,24 @@ * you may not use this file except in compliance with the Elastic License. */ -import { EventEmitter } from 'events'; import { KibanaRequest, RequestHandlerContext } from 'src/core/server'; import { AuthenticatedUser } from '../../../security/server'; import { ESQueueCreateJobFn } from '../../server/types'; import { ReportingCore } from '../core'; -// @ts-ignore -import { events as esqueueEvents } from './esqueue'; -import { LevelLogger } from './level_logger'; +import { LevelLogger } from './'; +import { ReportingStore, Report } from './store'; -interface ConfirmedJob { - id: string; - index: string; - _seq_no: number; - _primary_term: number; -} - -export type Job = EventEmitter & { - id: string; - toJSON: () => { - id: string; - }; -}; - -export type EnqueueJobFn = ( +export type EnqueueJobFn = ( exportTypeId: string, - jobParams: JobParamsType, + jobParams: unknown, user: AuthenticatedUser | null, context: RequestHandlerContext, request: KibanaRequest -) => Promise; +) => Promise; export function enqueueJobFactory( reporting: ReportingCore, + store: ReportingStore, parentLogger: LevelLogger ): EnqueueJobFn { const config = reporting.getConfig(); @@ -45,16 +30,16 @@ export function enqueueJobFactory( const maxAttempts = config.get('capture', 'maxAttempts'); const logger = parentLogger.clone(['queue-job']); - return async function enqueueJob( + return async function enqueueJob( exportTypeId: string, - jobParams: JobParamsType, + jobParams: unknown, user: AuthenticatedUser | null, context: RequestHandlerContext, request: KibanaRequest - ): Promise { - type ScheduleTaskFnType = ESQueueCreateJobFn; + ) { + type ScheduleTaskFnType = ESQueueCreateJobFn; + const username = user ? user.username : false; - const esqueue = await reporting.getEsqueue(); const exportType = reporting.getExportTypesRegistry().getById(exportTypeId); if (exportType == null) { @@ -71,16 +56,6 @@ export function enqueueJobFactory( max_attempts: maxAttempts, }; - return new Promise((resolve, reject) => { - const job = esqueue.addJob(exportType.jobType, payload, options); - - job.on(esqueueEvents.EVENT_JOB_CREATED, (createdJob: ConfirmedJob) => { - if (createdJob.id === job.id) { - logger.info(`Successfully queued job: ${createdJob.id}`); - resolve(job); - } - }); - job.on(esqueueEvents.EVENT_JOB_CREATE_ERROR, reject); - }); + return await store.addReport(exportType.jobType, payload, options); }; } diff --git a/x-pack/plugins/reporting/server/lib/esqueue/__tests__/helpers/create_index.js b/x-pack/plugins/reporting/server/lib/esqueue/__tests__/helpers/create_index.js deleted file mode 100644 index 691bd4f618a1c..0000000000000 --- a/x-pack/plugins/reporting/server/lib/esqueue/__tests__/helpers/create_index.js +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from '@kbn/expect'; -import sinon from 'sinon'; -import { createIndex } from '../../helpers/create_index'; -import { ClientMock } from '../fixtures/legacy_elasticsearch'; -import { constants } from '../../constants'; - -describe('Create Index', function () { - describe('Does not exist', function () { - let client; - let createSpy; - - beforeEach(function () { - client = new ClientMock(); - createSpy = sinon.spy(client, 'callAsInternalUser').withArgs('indices.create'); - }); - - it('should return true', function () { - const indexName = 'test-index'; - const result = createIndex(client, indexName); - - return result.then((exists) => expect(exists).to.be(true)); - }); - - it('should create the index with mappings and default settings', function () { - const indexName = 'test-index'; - const settings = constants.DEFAULT_SETTING_INDEX_SETTINGS; - const result = createIndex(client, indexName); - - return result.then(function () { - const payload = createSpy.getCall(0).args[1]; - sinon.assert.callCount(createSpy, 1); - expect(payload).to.have.property('index', indexName); - expect(payload).to.have.property('body'); - expect(payload.body).to.have.property('settings'); - expect(payload.body.settings).to.eql(settings); - expect(payload.body).to.have.property('mappings'); - expect(payload.body.mappings).to.have.property('properties'); - }); - }); - - it('should create the index with custom settings', function () { - const indexName = 'test-index'; - const settings = { - ...constants.DEFAULT_SETTING_INDEX_SETTINGS, - auto_expand_replicas: false, - number_of_shards: 3000, - number_of_replicas: 1, - format: '3000', - }; - const result = createIndex(client, indexName, settings); - - return result.then(function () { - const payload = createSpy.getCall(0).args[1]; - sinon.assert.callCount(createSpy, 1); - expect(payload).to.have.property('index', indexName); - expect(payload).to.have.property('body'); - expect(payload.body).to.have.property('settings'); - expect(payload.body.settings).to.eql(settings); - expect(payload.body).to.have.property('mappings'); - expect(payload.body.mappings).to.have.property('properties'); - }); - }); - }); - - describe('Does exist', function () { - let client; - let createSpy; - - beforeEach(function () { - client = new ClientMock(); - sinon - .stub(client, 'callAsInternalUser') - .withArgs('indices.exists') - .callsFake(() => Promise.resolve(true)); - createSpy = client.callAsInternalUser.withArgs('indices.create'); - }); - - it('should return true', function () { - const indexName = 'test-index'; - const result = createIndex(client, indexName); - - return result.then((exists) => expect(exists).to.be(true)); - }); - - it('should not create the index', function () { - const indexName = 'test-index'; - const result = createIndex(client, indexName); - - return result.then(function () { - sinon.assert.callCount(createSpy, 0); - }); - }); - }); -}); diff --git a/x-pack/plugins/reporting/server/lib/esqueue/__tests__/helpers/index_timestamp.js b/x-pack/plugins/reporting/server/lib/esqueue/__tests__/helpers/index_timestamp.js deleted file mode 100644 index 71dc8a363e429..0000000000000 --- a/x-pack/plugins/reporting/server/lib/esqueue/__tests__/helpers/index_timestamp.js +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import expect from '@kbn/expect'; -import sinon from 'sinon'; -import moment from 'moment'; -import { constants } from '../../constants'; -import { indexTimestamp } from '../../helpers/index_timestamp'; - -const anchor = '2016-04-02T01:02:03.456'; // saturday - -describe('Index timestamp interval', function () { - describe('construction', function () { - it('should throw given an invalid interval', function () { - const init = () => indexTimestamp('bananas'); - expect(init).to.throwException(/invalid.+interval/i); - }); - }); - - describe('timestamps', function () { - let clock; - let separator; - - beforeEach(function () { - separator = constants.DEFAULT_SETTING_DATE_SEPARATOR; - clock = sinon.useFakeTimers(moment(anchor).valueOf()); - }); - - afterEach(function () { - clock.restore(); - }); - - describe('formats', function () { - it('should return the year', function () { - const timestamp = indexTimestamp('year'); - const str = `2016`; - expect(timestamp).to.equal(str); - }); - - it('should return the year and month', function () { - const timestamp = indexTimestamp('month'); - const str = `2016${separator}04`; - expect(timestamp).to.equal(str); - }); - - it('should return the year, month, and first day of the week', function () { - const timestamp = indexTimestamp('week'); - const str = `2016${separator}03${separator}27`; - expect(timestamp).to.equal(str); - }); - - it('should return the year, month, and day of the week', function () { - const timestamp = indexTimestamp('day'); - const str = `2016${separator}04${separator}02`; - expect(timestamp).to.equal(str); - }); - - it('should return the year, month, day and hour', function () { - const timestamp = indexTimestamp('hour'); - const str = `2016${separator}04${separator}02${separator}01`; - expect(timestamp).to.equal(str); - }); - - it('should return the year, month, day, hour and minute', function () { - const timestamp = indexTimestamp('minute'); - const str = `2016${separator}04${separator}02${separator}01${separator}02`; - expect(timestamp).to.equal(str); - }); - }); - - describe('date separator', function () { - it('should be customizable', function () { - const separators = ['-', '.', '_']; - separators.forEach((customSep) => { - const str = `2016${customSep}04${customSep}02${customSep}01${customSep}02`; - const timestamp = indexTimestamp('minute', customSep); - expect(timestamp).to.equal(str); - }); - }); - - it('should throw if a letter is used', function () { - const separators = ['a', 'B', 'YYYY']; - separators.forEach((customSep) => { - const fn = () => indexTimestamp('minute', customSep); - expect(fn).to.throwException(); - }); - }); - }); - }); -}); diff --git a/x-pack/plugins/reporting/server/lib/esqueue/__tests__/job.js b/x-pack/plugins/reporting/server/lib/esqueue/__tests__/job.js deleted file mode 100644 index 955eed8d65722..0000000000000 --- a/x-pack/plugins/reporting/server/lib/esqueue/__tests__/job.js +++ /dev/null @@ -1,420 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import events from 'events'; -import expect from '@kbn/expect'; -import sinon from 'sinon'; -import proxyquire from 'proxyquire'; -import { QueueMock } from './fixtures/queue'; -import { ClientMock } from './fixtures/legacy_elasticsearch'; -import { constants } from '../constants'; - -const createIndexMock = sinon.stub(); -const { Job } = proxyquire.noPreserveCache()('../job', { - './helpers/create_index': { createIndex: createIndexMock }, -}); - -const maxPriority = 20; -const minPriority = -20; -const defaultPriority = 10; -const defaultCreatedBy = false; - -function validateDoc(spy) { - sinon.assert.callCount(spy, 1); - const spyCall = spy.getCall(0); - return spyCall.args[1]; -} - -describe('Job Class', function () { - let mockQueue; - let client; - let index; - - let type; - let payload; - let options; - - beforeEach(function () { - createIndexMock.resetHistory(); - createIndexMock.returns(Promise.resolve('mock')); - index = 'test'; - - client = new ClientMock(); - mockQueue = new QueueMock(); - mockQueue.setClient(client); - }); - - it('should be an event emitter', function () { - const job = new Job(mockQueue, index, 'test', {}); - expect(job).to.be.an(events.EventEmitter); - }); - - describe('invalid construction', function () { - it('should throw with a missing type', function () { - const init = () => new Job(mockQueue, index); - expect(init).to.throwException(/type.+string/i); - }); - - it('should throw with an invalid type', function () { - const init = () => new Job(mockQueue, index, { 'not a string': true }); - expect(init).to.throwException(/type.+string/i); - }); - - it('should throw with an invalid payload', function () { - const init = () => new Job(mockQueue, index, 'type1', [1, 2, 3]); - expect(init).to.throwException(/plain.+object/i); - }); - - it(`should throw error if invalid maxAttempts`, function () { - const init = () => new Job(mockQueue, index, 'type1', { id: '123' }, { max_attempts: -1 }); - expect(init).to.throwException(/invalid.+max_attempts/i); - }); - }); - - describe('construction', function () { - let indexSpy; - beforeEach(function () { - type = 'type1'; - payload = { id: '123' }; - indexSpy = sinon.spy(client, 'callAsInternalUser').withArgs('index'); - }); - - it('should create the target index', function () { - const job = new Job(mockQueue, index, type, payload, options); - return job.ready.then(() => { - sinon.assert.calledOnce(createIndexMock); - const args = createIndexMock.getCall(0).args; - expect(args[0]).to.equal(client); - expect(args[1]).to.equal(index); - }); - }); - - it('should index the payload', function () { - const job = new Job(mockQueue, index, type, payload); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs).to.have.property('index', index); - expect(indexArgs).to.have.property('body'); - expect(indexArgs.body).to.have.property('payload', payload); - }); - }); - - it('should index the job type', function () { - const job = new Job(mockQueue, index, type, payload); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs).to.have.property('index', index); - expect(indexArgs).to.have.property('body'); - expect(indexArgs.body).to.have.property('jobtype', type); - }); - }); - - it('should set event creation time', function () { - const job = new Job(mockQueue, index, type, payload); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs.body).to.have.property('created_at'); - }); - }); - - it('should refresh the index', function () { - const refreshSpy = client.callAsInternalUser.withArgs('indices.refresh'); - - const job = new Job(mockQueue, index, type, payload); - return job.ready.then(() => { - sinon.assert.calledOnce(refreshSpy); - const spyCall = refreshSpy.getCall(0); - expect(spyCall.args[1]).to.have.property('index', index); - }); - }); - - it('should emit the job information on success', function (done) { - const job = new Job(mockQueue, index, type, payload); - job.once(constants.EVENT_JOB_CREATED, (jobDoc) => { - try { - expect(jobDoc).to.have.property('id'); - expect(jobDoc).to.have.property('index'); - expect(jobDoc).to.have.property('_seq_no'); - expect(jobDoc).to.have.property('_primary_term'); - done(); - } catch (e) { - done(e); - } - }); - }); - - it('should emit error on index creation failure', function (done) { - const errMsg = 'test index creation failure'; - - createIndexMock.returns(Promise.reject(new Error(errMsg))); - const job = new Job(mockQueue, index, type, payload); - - job.once(constants.EVENT_JOB_CREATE_ERROR, (err) => { - try { - expect(err.message).to.equal(errMsg); - done(); - } catch (e) { - done(e); - } - }); - }); - - it('should emit error on client index failure', function (done) { - const errMsg = 'test document index failure'; - - client.callAsInternalUser.restore(); - sinon - .stub(client, 'callAsInternalUser') - .withArgs('index') - .callsFake(() => Promise.reject(new Error(errMsg))); - const job = new Job(mockQueue, index, type, payload); - - job.once(constants.EVENT_JOB_CREATE_ERROR, (err) => { - try { - expect(err.message).to.equal(errMsg); - done(); - } catch (e) { - done(e); - } - }); - }); - }); - - describe('event emitting', function () { - it('should trigger events on the queue instance', function (done) { - const eventName = 'test event'; - const payload1 = { - test: true, - deep: { object: 'ok' }, - }; - const payload2 = 'two'; - const payload3 = new Error('test error'); - - const job = new Job(mockQueue, index, type, payload, options); - - mockQueue.on(eventName, (...args) => { - try { - expect(args[0]).to.equal(payload1); - expect(args[1]).to.equal(payload2); - expect(args[2]).to.equal(payload3); - done(); - } catch (e) { - done(e); - } - }); - - job.emit(eventName, payload1, payload2, payload3); - }); - }); - - describe('default values', function () { - let indexSpy; - beforeEach(function () { - type = 'type1'; - payload = { id: '123' }; - indexSpy = sinon.spy(client, 'callAsInternalUser').withArgs('index'); - }); - - it('should set attempt count to 0', function () { - const job = new Job(mockQueue, index, type, payload); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs.body).to.have.property('attempts', 0); - }); - }); - - it('should index default created_by value', function () { - const job = new Job(mockQueue, index, type, payload); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs.body).to.have.property('created_by', defaultCreatedBy); - }); - }); - - it('should set an expired process_expiration time', function () { - const now = new Date().getTime(); - const job = new Job(mockQueue, index, type, payload); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs.body).to.have.property('process_expiration'); - expect(indexArgs.body.process_expiration.getTime()).to.be.lessThan(now); - }); - }); - - it('should set status as pending', function () { - const job = new Job(mockQueue, index, type, payload); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs.body).to.have.property('status', constants.JOB_STATUS_PENDING); - }); - }); - - it('should have a default priority of 10', function () { - const job = new Job(mockQueue, index, type, payload, options); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs.body).to.have.property('priority', defaultPriority); - }); - }); - - it('should set a browser type', function () { - const job = new Job(mockQueue, index, type, payload); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs.body).to.have.property('browser_type'); - }); - }); - }); - - describe('option passing', function () { - let indexSpy; - beforeEach(function () { - type = 'type1'; - payload = { id: '123' }; - options = { - timeout: 4567, - max_attempts: 9, - headers: { - authorization: 'Basic cXdlcnR5', - }, - }; - indexSpy = sinon.spy(client, 'callAsInternalUser').withArgs('index'); - }); - - it('should index the created_by value', function () { - const createdBy = 'user_identifier'; - const job = new Job(mockQueue, index, type, payload, { - created_by: createdBy, - ...options, - }); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs.body).to.have.property('created_by', createdBy); - }); - }); - - it('should index timeout value from options', function () { - const job = new Job(mockQueue, index, type, payload, options); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs.body).to.have.property('timeout', options.timeout); - }); - }); - - it('should set max attempt count', function () { - const job = new Job(mockQueue, index, type, payload, options); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs.body).to.have.property('max_attempts', options.max_attempts); - }); - }); - - it('should add headers to the request params', function () { - const job = new Job(mockQueue, index, type, payload, options); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs).to.have.property('headers', options.headers); - }); - }); - - it(`should use upper priority of ${maxPriority}`, function () { - const job = new Job(mockQueue, index, type, payload, { priority: maxPriority * 2 }); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs.body).to.have.property('priority', maxPriority); - }); - }); - - it(`should use lower priority of ${minPriority}`, function () { - const job = new Job(mockQueue, index, type, payload, { priority: minPriority * 2 }); - return job.ready.then(() => { - const indexArgs = validateDoc(indexSpy); - expect(indexArgs.body).to.have.property('priority', minPriority); - }); - }); - }); - - describe('get method', function () { - beforeEach(function () { - type = 'type2'; - payload = { id: '123' }; - }); - - it('should return the job document', function () { - const job = new Job(mockQueue, index, type, payload); - - return job.get().then((doc) => { - const jobDoc = job.document; // document should be resolved - expect(doc).to.have.property('index', index); - expect(doc).to.have.property('id', jobDoc.id); - expect(doc).to.have.property('_seq_no', jobDoc._seq_no); - expect(doc).to.have.property('_primary_term', jobDoc._primary_term); - expect(doc).to.have.property('created_by', defaultCreatedBy); - - expect(doc).to.have.property('payload'); - expect(doc).to.have.property('jobtype'); - expect(doc).to.have.property('priority'); - expect(doc).to.have.property('timeout'); - }); - }); - - it('should contain optional data', function () { - const optionals = { - created_by: 'some_ident', - }; - - const job = new Job(mockQueue, index, type, payload, optionals); - return Promise.resolve(client.callAsInternalUser('get', {}, optionals)) - .then((doc) => { - sinon.stub(client, 'callAsInternalUser').withArgs('get').returns(Promise.resolve(doc)); - }) - .then(() => { - return job.get().then((doc) => { - expect(doc).to.have.property('created_by', optionals.created_by); - }); - }); - }); - }); - - describe('toJSON method', function () { - beforeEach(function () { - type = 'type2'; - payload = { id: '123' }; - options = { - timeout: 4567, - max_attempts: 9, - priority: 8, - }; - }); - - it('should return the static information about the job', function () { - const job = new Job(mockQueue, index, type, payload, options); - - // toJSON is sync, should work before doc is written to elasticsearch - expect(job.document).to.be(undefined); - - const doc = job.toJSON(); - expect(doc).to.have.property('index', index); - expect(doc).to.have.property('jobtype', type); - expect(doc).to.have.property('created_by', defaultCreatedBy); - expect(doc).to.have.property('timeout', options.timeout); - expect(doc).to.have.property('max_attempts', options.max_attempts); - expect(doc).to.have.property('priority', options.priority); - expect(doc).to.have.property('id'); - expect(doc).to.not.have.property('version'); - }); - - it('should contain optional data', function () { - const optionals = { - created_by: 'some_ident', - }; - - const job = new Job(mockQueue, index, type, payload, optionals); - const doc = job.toJSON(); - expect(doc).to.have.property('created_by', optionals.created_by); - }); - }); -}); diff --git a/x-pack/plugins/reporting/server/lib/esqueue/index.js b/x-pack/plugins/reporting/server/lib/esqueue/index.js index 735d19f8f6c47..0fbcb54c673dd 100644 --- a/x-pack/plugins/reporting/server/lib/esqueue/index.js +++ b/x-pack/plugins/reporting/server/lib/esqueue/index.js @@ -5,20 +5,17 @@ */ import { EventEmitter } from 'events'; -import { Job } from './job'; import { Worker } from './worker'; import { constants } from './constants'; -import { indexTimestamp } from './helpers/index_timestamp'; import { omit } from 'lodash'; export { events } from './constants/events'; export class Esqueue extends EventEmitter { - constructor(index, options = {}) { - if (!index) throw new Error('Must specify an index to write to'); - + constructor(store, options = {}) { super(); - this.index = index; + this.store = store; // for updating jobs in ES + this.index = this.store.indexPrefix; // for polling for pending jobs this.settings = { interval: constants.DEFAULT_SETTING_INTERVAL, timeout: constants.DEFAULT_SETTING_TIMEOUT, @@ -40,21 +37,6 @@ export class Esqueue extends EventEmitter { }); } - addJob(jobtype, payload, opts = {}) { - const timestamp = indexTimestamp(this.settings.interval, this.settings.dateSeparator); - const index = `${this.index}-${timestamp}`; - const defaults = { - timeout: this.settings.timeout, - }; - - const options = Object.assign(defaults, opts, { - indexSettings: this.settings.indexSettings, - logger: this._logger, - }); - - return new Job(this, index, jobtype, payload, options); - } - registerWorker(type, workerFn, opts) { const worker = new Worker(this, type, workerFn, { ...opts, logger: this._logger }); this._workers.push(worker); diff --git a/x-pack/plugins/reporting/server/lib/esqueue/job.js b/x-pack/plugins/reporting/server/lib/esqueue/job.js deleted file mode 100644 index 6ab78eeb1b86b..0000000000000 --- a/x-pack/plugins/reporting/server/lib/esqueue/job.js +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import events from 'events'; -import Puid from 'puid'; -import { constants } from './constants'; -import { createIndex } from './helpers/create_index'; -import { isPlainObject } from 'lodash'; - -const puid = new Puid(); - -export class Job extends events.EventEmitter { - constructor(queue, index, jobtype, payload, options = {}) { - if (typeof jobtype !== 'string') throw new Error('Jobtype must be a string'); - if (!isPlainObject(payload)) throw new Error('Payload must be a plain object'); - - super(); - - this.queue = queue; - this._client = this.queue.client; - this.id = puid.generate(); - this.index = index; - this.jobtype = jobtype; - this.payload = payload; - this.created_by = options.created_by || false; - this.timeout = options.timeout || 10000; - this.maxAttempts = options.max_attempts || 3; - this.priority = Math.max(Math.min(options.priority || 10, 20), -20); - this.indexSettings = options.indexSettings || {}; - this.browser_type = options.browser_type; - - if (typeof this.maxAttempts !== 'number' || this.maxAttempts < 1) { - throw new Error(`Invalid max_attempts: ${this.maxAttempts}`); - } - - this.debug = (msg, err) => { - const logger = options.logger || function () {}; - const message = `${this.id} - ${msg}`; - const tags = ['debug']; - - if (err) { - logger(`${message}: ${err}`, tags); - return; - } - - logger(message, tags); - }; - - const indexParams = { - index: this.index, - id: this.id, - body: { - jobtype: this.jobtype, - meta: { - // We are copying these values out of payload because these fields are indexed and can be aggregated on - // for tracking stats, while payload contents are not. - objectType: payload.objectType, - layout: payload.layout ? payload.layout.id : 'none', - }, - payload: this.payload, - priority: this.priority, - created_by: this.created_by, - timeout: this.timeout, - process_expiration: new Date(0), // use epoch so the job query works - created_at: new Date(), - attempts: 0, - max_attempts: this.maxAttempts, - status: constants.JOB_STATUS_PENDING, - browser_type: this.browser_type, - }, - }; - - if (options.headers) { - indexParams.headers = options.headers; - } - - this.ready = createIndex(this._client, this.index, this.indexSettings) - .then(() => this._client.callAsInternalUser('index', indexParams)) - .then((doc) => { - this.document = { - id: doc._id, - index: doc._index, - _seq_no: doc._seq_no, - _primary_term: doc._primary_term, - }; - this.debug(`Job created in index ${this.index}`); - - return this._client - .callAsInternalUser('indices.refresh', { - index: this.index, - }) - .then(() => { - this.debug(`Job index refreshed ${this.index}`); - this.emit(constants.EVENT_JOB_CREATED, this.document); - }); - }) - .catch((err) => { - this.debug('Job creation failed', err); - this.emit(constants.EVENT_JOB_CREATE_ERROR, err); - }); - } - - emit(name, ...args) { - super.emit(name, ...args); - this.queue.emit(name, ...args); - } - - get() { - return this.ready - .then(() => { - return this._client.callAsInternalUser('get', { - index: this.index, - id: this.id, - }); - }) - .then((doc) => { - return Object.assign(doc._source, { - index: doc._index, - id: doc._id, - _seq_no: doc._seq_no, - _primary_term: doc._primary_term, - }); - }); - } - - toJSON() { - return { - id: this.id, - index: this.index, - jobtype: this.jobtype, - created_by: this.created_by, - payload: this.payload, - timeout: this.timeout, - max_attempts: this.maxAttempts, - priority: this.priority, - browser_type: this.browser_type, - }; - } -} diff --git a/x-pack/plugins/reporting/server/lib/esqueue/worker.js b/x-pack/plugins/reporting/server/lib/esqueue/worker.js index b26ed731c6831..469bafd694612 100644 --- a/x-pack/plugins/reporting/server/lib/esqueue/worker.js +++ b/x-pack/plugins/reporting/server/lib/esqueue/worker.js @@ -158,8 +158,8 @@ export class Worker extends events.EventEmitter { kibana_name: this.kibanaName, }; - return this._client - .callAsInternalUser('update', { + return this.queue.store + .updateReport({ index: job._index, id: job._id, if_seq_no: job._seq_no, @@ -197,8 +197,8 @@ export class Worker extends events.EventEmitter { output: docOutput, }); - return this._client - .callAsInternalUser('update', { + return this.queue.store + .updateReport({ index: job._index, id: job._id, if_seq_no: job._seq_no, @@ -294,8 +294,8 @@ export class Worker extends events.EventEmitter { output: docOutput, }; - return this._client - .callAsInternalUser('update', { + return this.queue.store + .updateReport({ index: job._index, id: job._id, if_seq_no: job._seq_no, diff --git a/x-pack/plugins/reporting/server/lib/index.ts b/x-pack/plugins/reporting/server/lib/index.ts index 0e9c49b170887..f5a50fca28b7a 100644 --- a/x-pack/plugins/reporting/server/lib/index.ts +++ b/x-pack/plugins/reporting/server/lib/index.ts @@ -12,3 +12,4 @@ export { enqueueJobFactory } from './enqueue_job'; export { getExportTypesRegistry } from './export_types_registry'; export { runValidations } from './validate'; export { startTrace } from './trace'; +export { ReportingStore } from './store'; diff --git a/x-pack/plugins/maps/public/classes/sources/vector_feature_types.ts b/x-pack/plugins/reporting/server/lib/store/index.ts similarity index 72% rename from x-pack/plugins/maps/public/classes/sources/vector_feature_types.ts rename to x-pack/plugins/reporting/server/lib/store/index.ts index 9f03357e17dad..a88d36d3fdf9a 100644 --- a/x-pack/plugins/maps/public/classes/sources/vector_feature_types.ts +++ b/x-pack/plugins/reporting/server/lib/store/index.ts @@ -4,8 +4,5 @@ * you may not use this file except in compliance with the Elastic License. */ -export enum VECTOR_SHAPE_TYPES { - POINT = 'POINT', - LINE = 'LINE', - POLYGON = 'POLYGON', -} +export { Report } from './report'; +export { ReportingStore } from './store'; diff --git a/x-pack/plugins/reporting/server/lib/esqueue/helpers/index_timestamp.js b/x-pack/plugins/reporting/server/lib/store/index_timestamp.ts similarity index 80% rename from x-pack/plugins/reporting/server/lib/esqueue/helpers/index_timestamp.js rename to x-pack/plugins/reporting/server/lib/store/index_timestamp.ts index ceb4ef43b2d9d..71ce0b1e572f8 100644 --- a/x-pack/plugins/reporting/server/lib/esqueue/helpers/index_timestamp.js +++ b/x-pack/plugins/reporting/server/lib/store/index_timestamp.ts @@ -4,19 +4,20 @@ * you may not use this file except in compliance with the Elastic License. */ -import moment from 'moment'; +import moment, { unitOfTime } from 'moment'; export const intervals = ['year', 'month', 'week', 'day', 'hour', 'minute']; // TODO: This helper function can be removed by using `schema.duration` objects in the reporting config schema -export function indexTimestamp(intervalStr, separator = '-') { +export function indexTimestamp(intervalStr: string, separator = '-') { + const startOf = intervalStr as unitOfTime.StartOf; if (separator.match(/[a-z]/i)) throw new Error('Interval separator can not be a letter'); const index = intervals.indexOf(intervalStr); - if (index === -1) throw new Error('Invalid index interval: ', intervalStr); + if (index === -1) throw new Error('Invalid index interval: ' + intervalStr); const m = moment(); - m.startOf(intervalStr); + m.startOf(startOf); let dateString; switch (intervalStr) { diff --git a/x-pack/plugins/reporting/server/lib/store/mapping.ts b/x-pack/plugins/reporting/server/lib/store/mapping.ts new file mode 100644 index 0000000000000..a819923e2f105 --- /dev/null +++ b/x-pack/plugins/reporting/server/lib/store/mapping.ts @@ -0,0 +1,65 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export const mapping = { + meta: { + // We are indexing these properties with both text and keyword fields because that's what will be auto generated + // when an index already exists. This schema is only used when a reporting index doesn't exist. This way existing + // reporting indexes and new reporting indexes will look the same and the data can be queried in the same + // manner. + properties: { + /** + * Type of object that is triggering this report. Should be either search, visualization or dashboard. + * Used for job listing and telemetry stats only. + */ + objectType: { + type: 'text', + fields: { + keyword: { + type: 'keyword', + ignore_above: 256, + }, + }, + }, + /** + * Can be either preserve_layout, print or none (in the case of csv export). + * Used for phone home stats only. + */ + layout: { + type: 'text', + fields: { + keyword: { + type: 'keyword', + ignore_above: 256, + }, + }, + }, + }, + }, + browser_type: { type: 'keyword' }, + jobtype: { type: 'keyword' }, + payload: { type: 'object', enabled: false }, + priority: { type: 'byte' }, + timeout: { type: 'long' }, + process_expiration: { type: 'date' }, + created_by: { type: 'keyword' }, + created_at: { type: 'date' }, + started_at: { type: 'date' }, + completed_at: { type: 'date' }, + attempts: { type: 'short' }, + max_attempts: { type: 'short' }, + kibana_name: { type: 'keyword' }, + kibana_id: { type: 'keyword' }, + status: { type: 'keyword' }, + output: { + type: 'object', + properties: { + content_type: { type: 'keyword' }, + size: { type: 'long' }, + content: { type: 'object', enabled: false }, + }, + }, +}; diff --git a/x-pack/plugins/reporting/server/lib/store/report.test.ts b/x-pack/plugins/reporting/server/lib/store/report.test.ts new file mode 100644 index 0000000000000..83444494e61d3 --- /dev/null +++ b/x-pack/plugins/reporting/server/lib/store/report.test.ts @@ -0,0 +1,77 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Report } from './report'; + +describe('Class Report', () => { + it('constructs Report instance', () => { + const opts = { + index: '.reporting-test-index-12345', + jobtype: 'test-report', + created_by: 'created_by_test_string', + browser_type: 'browser_type_test_string', + max_attempts: 50, + payload: { payload_test_field: 1 }, + timeout: 30000, + priority: 1, + }; + const report = new Report(opts); + expect(report.toJSON()).toMatchObject({ + _primary_term: undefined, + _seq_no: undefined, + browser_type: 'browser_type_test_string', + created_by: 'created_by_test_string', + jobtype: 'test-report', + max_attempts: 50, + payload: { + payload_test_field: 1, + }, + priority: 1, + timeout: 30000, + }); + + expect(report.id).toBeDefined(); + }); + + it('updateWithDoc method syncs takes fields to sync ES metadata', () => { + const opts = { + index: '.reporting-test-index-12345', + jobtype: 'test-report', + created_by: 'created_by_test_string', + browser_type: 'browser_type_test_string', + max_attempts: 50, + payload: { payload_test_field: 1 }, + timeout: 30000, + priority: 1, + }; + const report = new Report(opts); + + const metadata = { + _index: '.reporting-test-update', + _id: '12342p9o387549o2345', + _primary_term: 77, + _seq_no: 99, + }; + report.updateWithDoc(metadata); + + expect(report.toJSON()).toMatchObject({ + index: '.reporting-test-update', + _primary_term: 77, + _seq_no: 99, + browser_type: 'browser_type_test_string', + created_by: 'created_by_test_string', + jobtype: 'test-report', + max_attempts: 50, + payload: { + payload_test_field: 1, + }, + priority: 1, + timeout: 30000, + }); + + expect(report._id).toBe('12342p9o387549o2345'); + }); +}); diff --git a/x-pack/plugins/reporting/server/lib/store/report.ts b/x-pack/plugins/reporting/server/lib/store/report.ts new file mode 100644 index 0000000000000..cc9967e64b6eb --- /dev/null +++ b/x-pack/plugins/reporting/server/lib/store/report.ts @@ -0,0 +1,85 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +// @ts-ignore no module definition +import Puid from 'puid'; + +interface Payload { + id?: string; + index: string; + jobtype: string; + created_by: string | boolean; + payload: unknown; + browser_type: string; + priority: number; + max_attempts: number; + timeout: number; +} + +const puid = new Puid(); + +export class Report { + public readonly jobtype: string; + public readonly created_by: string | boolean; + public readonly payload: unknown; + public readonly browser_type: string; + public readonly id: string; + + public readonly priority: number; + // queue stuff, to be removed with Task Manager integration + public readonly max_attempts: number; + public readonly timeout: number; + + public _index: string; + public _id?: string; // set by ES + public _primary_term?: unknown; // set by ES + public _seq_no: unknown; // set by ES + + /* + * Create an unsaved report + */ + constructor(opts: Payload) { + this.jobtype = opts.jobtype; + this.created_by = opts.created_by; + this.payload = opts.payload; + this.browser_type = opts.browser_type; + this.priority = opts.priority; + this.max_attempts = opts.max_attempts; + this.timeout = opts.timeout; + this.id = puid.generate(); + + this._index = opts.index; + } + + /* + * Update the report with "live" storage metadata + */ + updateWithDoc(doc: Partial) { + if (doc._index) { + this._index = doc._index; // can not be undefined + } + + this._id = doc._id; + this._primary_term = doc._primary_term; + this._seq_no = doc._seq_no; + } + + toJSON() { + return { + id: this.id, + index: this._index, + _seq_no: this._seq_no, + _primary_term: this._primary_term, + jobtype: this.jobtype, + created_by: this.created_by, + payload: this.payload, + timeout: this.timeout, + max_attempts: this.max_attempts, + priority: this.priority, + browser_type: this.browser_type, + }; + } +} diff --git a/x-pack/plugins/reporting/server/lib/store/store.test.ts b/x-pack/plugins/reporting/server/lib/store/store.test.ts new file mode 100644 index 0000000000000..4868a1dfdd8f3 --- /dev/null +++ b/x-pack/plugins/reporting/server/lib/store/store.test.ts @@ -0,0 +1,166 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import sinon from 'sinon'; +import { ReportingConfig, ReportingCore } from '../..'; +import { createMockReportingCore } from '../../test_helpers'; +import { createMockLevelLogger } from '../../test_helpers/create_mock_levellogger'; +import { ReportingStore } from './store'; +import { ElasticsearchServiceSetup } from 'src/core/server'; + +const getMockConfig = (mockConfigGet: sinon.SinonStub) => ({ + get: mockConfigGet, + kbnConfig: { get: mockConfigGet }, +}); + +describe('ReportingStore', () => { + const mockLogger = createMockLevelLogger(); + let mockConfig: ReportingConfig; + let mockCore: ReportingCore; + + const callClusterStub = sinon.stub(); + const mockElasticsearch = { legacy: { client: { callAsInternalUser: callClusterStub } } }; + + beforeEach(async () => { + const mockConfigGet = sinon.stub(); + mockConfigGet.withArgs('index').returns('.reporting-test'); + mockConfigGet.withArgs('queue', 'indexInterval').returns('week'); + mockConfig = getMockConfig(mockConfigGet); + mockCore = await createMockReportingCore(mockConfig); + + callClusterStub.withArgs('indices.exists').resolves({}); + callClusterStub.withArgs('indices.create').resolves({}); + callClusterStub.withArgs('index').resolves({}); + callClusterStub.withArgs('indices.refresh').resolves({}); + callClusterStub.withArgs('update').resolves({}); + + mockCore.getElasticsearchService = () => + (mockElasticsearch as unknown) as ElasticsearchServiceSetup; + }); + + describe('addReport', () => { + it('returns Report object', async () => { + const store = new ReportingStore(mockCore, mockLogger); + const reportType = 'unknowntype'; + const reportPayload = {}; + const reportOptions = { + timeout: 10000, + created_by: 'created_by_string', + browser_type: 'browser_type_string', + max_attempts: 1, + }; + await expect( + store.addReport(reportType, reportPayload, reportOptions) + ).resolves.toMatchObject({ + _primary_term: undefined, + _seq_no: undefined, + browser_type: 'browser_type_string', + created_by: 'created_by_string', + jobtype: 'unknowntype', + max_attempts: 1, + payload: {}, + priority: 10, + timeout: 10000, + }); + }); + + it('throws if options has invalid indexInterval', async () => { + const mockConfigGet = sinon.stub(); + mockConfigGet.withArgs('index').returns('.reporting-test'); + mockConfigGet.withArgs('queue', 'indexInterval').returns('centurially'); + mockConfig = getMockConfig(mockConfigGet); + mockCore = await createMockReportingCore(mockConfig); + + const store = new ReportingStore(mockCore, mockLogger); + const reportType = 'unknowntype'; + const reportPayload = {}; + const reportOptions = { + timeout: 10000, + created_by: 'created_by_string', + browser_type: 'browser_type_string', + max_attempts: 1, + }; + expect( + store.addReport(reportType, reportPayload, reportOptions) + ).rejects.toMatchInlineSnapshot(`[Error: Invalid index interval: centurially]`); + }); + + it('handles error creating the index', async () => { + // setup + callClusterStub.withArgs('indices.exists').resolves(false); + callClusterStub.withArgs('indices.create').rejects(new Error('error')); + + const store = new ReportingStore(mockCore, mockLogger); + const reportType = 'unknowntype'; + const reportPayload = {}; + const reportOptions = { + timeout: 10000, + created_by: 'created_by_string', + browser_type: 'browser_type_string', + max_attempts: 1, + }; + await expect( + store.addReport(reportType, reportPayload, reportOptions) + ).rejects.toMatchInlineSnapshot(`[Error: error]`); + }); + + /* Creating the index will fail, if there were multiple jobs staged in + * parallel and creation completed from another Kibana instance. Only the + * first request in line can successfully create it. + * In spite of that race condition, adding the new job in Elasticsearch is + * fine. + */ + it('ignores index creation error if the index already exists and continues adding the report', async () => { + // setup + callClusterStub.withArgs('indices.exists').resolves(false); + callClusterStub.withArgs('indices.create').rejects(new Error('error')); + + const store = new ReportingStore(mockCore, mockLogger); + const reportType = 'unknowntype'; + const reportPayload = {}; + const reportOptions = { + timeout: 10000, + created_by: 'created_by_string', + browser_type: 'browser_type_string', + max_attempts: 1, + }; + await expect( + store.addReport(reportType, reportPayload, reportOptions) + ).rejects.toMatchInlineSnapshot(`[Error: error]`); + }); + + it('skips creating the index if already exists', async () => { + // setup + callClusterStub.withArgs('indices.exists').resolves(false); + callClusterStub + .withArgs('indices.create') + .rejects(new Error('resource_already_exists_exception')); // will be triggered but ignored + + const store = new ReportingStore(mockCore, mockLogger); + const reportType = 'unknowntype'; + const reportPayload = {}; + const reportOptions = { + timeout: 10000, + created_by: 'created_by_string', + browser_type: 'browser_type_string', + max_attempts: 1, + }; + await expect( + store.addReport(reportType, reportPayload, reportOptions) + ).resolves.toMatchObject({ + _primary_term: undefined, + _seq_no: undefined, + browser_type: 'browser_type_string', + created_by: 'created_by_string', + jobtype: 'unknowntype', + max_attempts: 1, + payload: {}, + priority: 10, + timeout: 10000, + }); + }); + }); +}); diff --git a/x-pack/plugins/reporting/server/lib/store/store.ts b/x-pack/plugins/reporting/server/lib/store/store.ts new file mode 100644 index 0000000000000..1cb964a7bbfac --- /dev/null +++ b/x-pack/plugins/reporting/server/lib/store/store.ts @@ -0,0 +1,169 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { ElasticsearchServiceSetup } from 'src/core/server'; +import { LevelLogger } from '../'; +import { ReportingCore } from '../../'; +import { LayoutInstance } from '../../export_types/common/layouts'; +import { indexTimestamp } from './index_timestamp'; +import { mapping } from './mapping'; +import { Report } from './report'; + +export const statuses = { + JOB_STATUS_PENDING: 'pending', + JOB_STATUS_PROCESSING: 'processing', + JOB_STATUS_COMPLETED: 'completed', + JOB_STATUS_WARNINGS: 'completed_with_warnings', + JOB_STATUS_FAILED: 'failed', + JOB_STATUS_CANCELLED: 'cancelled', +}; + +interface AddReportOpts { + timeout: number; + created_by: string | boolean; + browser_type: string; + max_attempts: number; +} + +interface UpdateQuery { + index: string; + id: string; + if_seq_no: unknown; + if_primary_term: unknown; + body: { doc: Partial }; +} + +/* + * A class to give an interface to historical reports in the reporting.index + * - track the state: pending, processing, completed, etc + * - handle updates and deletes to the reporting document + * - interface for downloading the report + */ +export class ReportingStore { + public readonly indexPrefix: string; + public readonly indexInterval: string; + + private client: ElasticsearchServiceSetup['legacy']['client']; + private logger: LevelLogger; + + constructor(reporting: ReportingCore, logger: LevelLogger) { + const config = reporting.getConfig(); + const elasticsearch = reporting.getElasticsearchService(); + + this.client = elasticsearch.legacy.client; + this.indexPrefix = config.get('index'); + this.indexInterval = config.get('queue', 'indexInterval'); + + this.logger = logger; + } + + private async createIndex(indexName: string) { + return this.client + .callAsInternalUser('indices.exists', { + index: indexName, + }) + .then((exists) => { + if (exists) { + return exists; + } + + const indexSettings = { + number_of_shards: 1, + auto_expand_replicas: '0-1', + }; + const body = { + settings: indexSettings, + mappings: { + properties: mapping, + }, + }; + + return this.client + .callAsInternalUser('indices.create', { + index: indexName, + body, + }) + .then(() => true) + .catch((err: Error) => { + const isIndexExistsError = err.message.match(/resource_already_exists_exception/); + if (isIndexExistsError) { + // Do not fail a job if the job runner hits the race condition. + this.logger.warn(`Automatic index creation failed: index already exists: ${err}`); + return; + } + + throw err; + }); + }); + } + + private async saveReport(report: Report) { + const payload = report.payload as { objectType: string; layout: LayoutInstance }; + + const indexParams = { + index: report._index, + id: report.id, + body: { + jobtype: report.jobtype, + meta: { + // We are copying these values out of payload because these fields are indexed and can be aggregated on + // for tracking stats, while payload contents are not. + objectType: payload.objectType, + layout: payload.layout ? payload.layout.id : 'none', + }, + payload: report.payload, + created_by: report.created_by, + timeout: report.timeout, + process_expiration: new Date(0), // use epoch so the job query works + created_at: new Date(), + attempts: 0, + max_attempts: report.max_attempts, + status: statuses.JOB_STATUS_PENDING, + browser_type: report.browser_type, + }, + }; + return this.client.callAsInternalUser('index', indexParams); + } + + private async refreshIndex(index: string) { + return this.client.callAsInternalUser('indices.refresh', { index }); + } + + public async addReport(type: string, payload: unknown, options: AddReportOpts): Promise { + const timestamp = indexTimestamp(this.indexInterval); + const index = `${this.indexPrefix}-${timestamp}`; + await this.createIndex(index); + + const report = new Report({ + index, + payload, + jobtype: type, + created_by: options.created_by, + browser_type: options.browser_type, + max_attempts: options.max_attempts, + timeout: options.timeout, + priority: 10, // unused + }); + + const doc = await this.saveReport(report); + report.updateWithDoc(doc); + + await this.refreshIndex(index); + this.logger.info(`Successfully queued pending job: ${report._index}/${report.id}`); + + return report; + } + + public async updateReport(query: UpdateQuery): Promise { + return this.client.callAsInternalUser('update', { + index: query.index, + id: query.id, + if_seq_no: query.if_seq_no, + if_primary_term: query.if_primary_term, + body: { doc: query.body.doc }, + }); + } +} diff --git a/x-pack/plugins/reporting/server/plugin.ts b/x-pack/plugins/reporting/server/plugin.ts index 693b0917603fc..cedc9dc14a237 100644 --- a/x-pack/plugins/reporting/server/plugin.ts +++ b/x-pack/plugins/reporting/server/plugin.ts @@ -8,7 +8,13 @@ import { CoreSetup, CoreStart, Plugin, PluginInitializerContext } from 'src/core import { ReportingCore } from './'; import { initializeBrowserDriverFactory } from './browsers'; import { buildConfig, ReportingConfigType } from './config'; -import { createQueueFactory, enqueueJobFactory, LevelLogger, runValidations } from './lib'; +import { + createQueueFactory, + enqueueJobFactory, + LevelLogger, + runValidations, + ReportingStore, +} from './lib'; import { registerRoutes } from './routes'; import { setFieldFormats } from './services'; import { ReportingSetup, ReportingSetupDeps, ReportingStart, ReportingStartDeps } from './types'; @@ -86,9 +92,9 @@ export class ReportingPlugin const config = reportingCore.getConfig(); const browserDriverFactory = await initializeBrowserDriverFactory(config, logger); - - const esqueue = await createQueueFactory(reportingCore, logger); // starts polling for pending jobs - const enqueueJob = enqueueJobFactory(reportingCore, logger); // called from generation routes + const store = new ReportingStore(reportingCore, logger); + const esqueue = await createQueueFactory(reportingCore, store, logger); // starts polling for pending jobs + const enqueueJob = enqueueJobFactory(reportingCore, store, logger); // called from generation routes reportingCore.pluginStart({ browserDriverFactory, @@ -96,6 +102,7 @@ export class ReportingPlugin uiSettings: core.uiSettings, esqueue, enqueueJob, + store, }); // run self-check validations diff --git a/x-pack/plugins/reporting/server/test_helpers/create_mock_levellogger.ts b/x-pack/plugins/reporting/server/test_helpers/create_mock_levellogger.ts new file mode 100644 index 0000000000000..f5e9a44281cb6 --- /dev/null +++ b/x-pack/plugins/reporting/server/test_helpers/create_mock_levellogger.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { LevelLogger } from '../lib'; + +export function createMockLevelLogger() { + // eslint-disable-next-line no-console + const consoleLogger = (tag: string) => (message: unknown) => console.log(tag, message); + const innerLogger = { + get: () => innerLogger, + debug: consoleLogger('debug'), + info: consoleLogger('info'), + warn: consoleLogger('warn'), + trace: consoleLogger('trace'), + error: consoleLogger('error'), + fatal: consoleLogger('fatal'), + log: consoleLogger('log'), + }; + return new LevelLogger(innerLogger); +} diff --git a/x-pack/plugins/reporting/server/test_helpers/create_mock_reportingplugin.ts b/x-pack/plugins/reporting/server/test_helpers/create_mock_reportingplugin.ts index 579035a46f615..427a6362a7258 100644 --- a/x-pack/plugins/reporting/server/test_helpers/create_mock_reportingplugin.ts +++ b/x-pack/plugins/reporting/server/test_helpers/create_mock_reportingplugin.ts @@ -20,6 +20,8 @@ import { } from '../browsers'; import { ReportingInternalSetup, ReportingInternalStart } from '../core'; import { ReportingStartDeps } from '../types'; +import { ReportingStore } from '../lib'; +import { createMockLevelLogger } from './create_mock_levellogger'; (initializeBrowserDriverFactory as jest.Mock< Promise @@ -37,13 +39,19 @@ const createMockPluginSetup = (setupMock?: any): ReportingInternalSetup => { }; }; -const createMockPluginStart = (startMock?: any): ReportingInternalStart => { +const createMockPluginStart = ( + mockReportingCore: ReportingCore, + startMock?: any +): ReportingInternalStart => { + const logger = createMockLevelLogger(); + const store = new ReportingStore(mockReportingCore, logger); return { browserDriverFactory: startMock.browserDriverFactory, enqueueJob: startMock.enqueueJob, esqueue: startMock.esqueue, savedObjects: startMock.savedObjects || { getScopedClient: jest.fn() }, uiSettings: startMock.uiSettings || { asScopedToClient: () => ({ get: jest.fn() }) }, + store, }; }; @@ -60,9 +68,22 @@ export const createMockStartDeps = (startMock?: any): ReportingStartDeps => ({ export const createMockReportingCore = async ( config: ReportingConfig, - setupDepsMock: ReportingInternalSetup | undefined = createMockPluginSetup({}), - startDepsMock: ReportingInternalStart | undefined = createMockPluginStart({}) + setupDepsMock: ReportingInternalSetup | undefined = undefined, + startDepsMock: ReportingInternalStart | undefined = undefined ) => { + if (!setupDepsMock) { + setupDepsMock = createMockPluginSetup({}); + } + + const mockReportingCore = { + getConfig: () => config, + getElasticsearchService: () => setupDepsMock?.elasticsearch, + } as ReportingCore; + + if (!startDepsMock) { + startDepsMock = createMockPluginStart(mockReportingCore, {}); + } + config = config || {}; const core = new ReportingCore(); diff --git a/x-pack/plugins/security_solution/public/resolver/index.ts b/x-pack/plugins/security_solution/common/detection_engine/lists_common_deps.ts similarity index 69% rename from x-pack/plugins/security_solution/public/resolver/index.ts rename to x-pack/plugins/security_solution/common/detection_engine/lists_common_deps.ts index e4f3cc90ae30a..a8b177f587a48 100644 --- a/x-pack/plugins/security_solution/public/resolver/index.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/lists_common_deps.ts @@ -4,5 +4,4 @@ * you may not use this file except in compliance with the Elastic License. */ -export { ResolverEmbeddableFactory } from './factory'; -export { ResolverEmbeddable } from './embeddable'; +export { EntriesArray, namespaceType } from '../../../lists/common/schemas'; diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/common/schemas.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/common/schemas.ts index 0c7bcdefd360d..f6b732cd1f64e 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/common/schemas.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/common/schemas.ts @@ -341,40 +341,3 @@ export type Note = t.TypeOf; export const noteOrUndefined = t.union([note, t.undefined]); export type NoteOrUndefined = t.TypeOf; - -// NOTE: Experimental list support not being shipped currently and behind a feature flag -// TODO: Remove this comment once we lists have passed testing and is ready for the release -export const list_field = t.string; -export const list_values_operator = t.keyof({ included: null, excluded: null }); -export const list_values_type = t.keyof({ match: null, match_all: null, list: null, exists: null }); -export const list_values = t.exact( - t.intersection([ - t.type({ - name: t.string, - }), - t.partial({ - id: t.string, - description: t.string, - created_at, - }), - ]) -); -export const list = t.exact( - t.intersection([ - t.type({ - field: t.string, - values_operator: list_values_operator, - values_type: list_values_type, - }), - t.partial({ values: t.array(list_values) }), - ]) -); -export const list_and = t.intersection([ - list, - t.partial({ - and: t.array(list), - }), -]); - -export const listAndOrUndefined = t.union([t.array(list_and), t.undefined]); -export type ListAndOrUndefined = t.TypeOf; diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackaged_rules_schema.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackaged_rules_schema.ts index 3e7e7e5409c9c..43000f6d36f46 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackaged_rules_schema.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackaged_rules_schema.ts @@ -40,16 +40,19 @@ import { } from '../common/schemas'; /* eslint-enable @typescript-eslint/camelcase */ -import { DefaultStringArray } from '../types/default_string_array'; -import { DefaultActionsArray } from '../types/default_actions_array'; -import { DefaultBooleanFalse } from '../types/default_boolean_false'; -import { DefaultFromString } from '../types/default_from_string'; -import { DefaultIntervalString } from '../types/default_interval_string'; -import { DefaultMaxSignalsNumber } from '../types/default_max_signals_number'; -import { DefaultToString } from '../types/default_to_string'; -import { DefaultThreatArray } from '../types/default_threat_array'; -import { DefaultThrottleNull } from '../types/default_throttle_null'; -import { ListsDefaultArray, ListsDefaultArraySchema } from '../types/lists_default_array'; +import { + DefaultStringArray, + DefaultActionsArray, + DefaultBooleanFalse, + DefaultFromString, + DefaultIntervalString, + DefaultMaxSignalsNumber, + DefaultToString, + DefaultThreatArray, + DefaultThrottleNull, + DefaultListArray, + ListArray, +} from '../types'; /** * Big differences between this schema and the createRulesSchema @@ -96,7 +99,7 @@ export const addPrepackagedRulesSchema = t.intersection([ throttle: DefaultThrottleNull, // defaults to "null" if not set during decode references: DefaultStringArray, // defaults to empty array of strings if not set during decode note, // defaults to "undefined" if not set during decode - exceptions_list: ListsDefaultArray, // defaults to empty array if not set during decode + exceptions_list: DefaultListArray, // defaults to empty array if not set during decode }) ), ]); @@ -130,5 +133,5 @@ export type AddPrepackagedRulesSchemaDecoded = Omit< to: To; threat: Threat; throttle: ThrottleOrNull; - exceptions_list: ListsDefaultArraySchema; + exceptions_list: ListArray; }; diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackged_rules_schema.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackged_rules_schema.test.ts index f946b3ad3b39b..47a98166927b4 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackged_rules_schema.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackged_rules_schema.test.ts @@ -19,6 +19,7 @@ import { getAddPrepackagedRulesSchemaDecodedMock, } from './add_prepackaged_rules_schema.mock'; import { DEFAULT_MAX_SIGNALS } from '../../../constants'; +import { getListArrayMock } from '../types/lists.mock'; describe('add prepackaged rules schema', () => { test('empty objects do not validate', () => { @@ -1379,14 +1380,189 @@ describe('add prepackaged rules schema', () => { }); }); - // TODO: The exception_list tests are skipped and empty until we re-integrate it from the lists plugin - describe.skip('exception_list', () => { - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and exceptions_list] does validate', () => {}); + describe('exception_list', () => { + test('[rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, version, and exceptions_list] does validate', () => { + const payload: AddPrepackagedRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + version: 1, + exceptions_list: getListArrayMock(), + }; - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and empty exceptions_list] does validate', () => {}); + const decoded = addPrepackagedRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: AddPrepackagedRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + note: '# some markdown', + references: [], + actions: [], + enabled: false, + false_positives: [], + max_signals: DEFAULT_MAX_SIGNALS, + tags: [], + threat: [], + throttle: null, + version: 1, + filters: [], + exceptions_list: [ + { + id: 'some_uuid', + namespace_type: 'single', + }, + { + id: 'some_uuid', + namespace_type: 'agnostic', + }, + ], + }; + expect(message.schema).toEqual(expected); + }); - test('rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and invalid exceptions_list] does NOT validate', () => {}); + test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, version, and empty exceptions_list] does validate', () => { + const payload: AddPrepackagedRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + version: 1, + note: '# some markdown', + exceptions_list: [], + }; - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and non-existent exceptions_list] does validate with empty exceptions_list', () => {}); + const decoded = addPrepackagedRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: AddPrepackagedRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + note: '# some markdown', + references: [], + actions: [], + enabled: false, + false_positives: [], + max_signals: DEFAULT_MAX_SIGNALS, + tags: [], + threat: [], + throttle: null, + version: 1, + filters: [], + exceptions_list: [], + }; + expect(message.schema).toEqual(expected); + }); + + test('rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, version, and invalid exceptions_list] does NOT validate', () => { + const payload: Omit & { + exceptions_list: Array<{ id: string; namespace_type: string }>; + } = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + version: 1, + note: '# some markdown', + exceptions_list: [{ id: 'uuid_here', namespace_type: 'not a namespace type' }], + }; + + const decoded = addPrepackagedRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"', + ]); + expect(message.schema).toEqual({}); + }); + + test('[rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, version, and non-existent exceptions_list] does validate with empty exceptions_list', () => { + const payload: AddPrepackagedRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + version: 1, + note: '# some markdown', + }; + + const decoded = addPrepackagedRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: AddPrepackagedRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + note: '# some markdown', + references: [], + actions: [], + enabled: false, + false_positives: [], + max_signals: DEFAULT_MAX_SIGNALS, + tags: [], + threat: [], + throttle: null, + version: 1, + exceptions_list: [], + filters: [], + }; + expect(message.schema).toEqual(expected); + }); }); }); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_schema.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_schema.test.ts index a126b833ba461..1648044f5305a 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_schema.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_schema.test.ts @@ -18,6 +18,7 @@ import { getCreateRulesSchemaDecodedMock, } from './create_rules_schema.mock'; import { DEFAULT_MAX_SIGNALS } from '../../../constants'; +import { getListArrayMock } from '../types/lists.mock'; describe('create rules schema', () => { test('empty objects do not validate', () => { @@ -1435,14 +1436,185 @@ describe('create rules schema', () => { ); }); - // TODO: The exception_list tests are skipped and empty until we re-integrate it from the lists plugin - describe.skip('exception_list', () => { - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and exceptions_list] does validate', () => {}); + describe('exception_list', () => { + test('[rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, and exceptions_list] does validate', () => { + const payload: CreateRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + exceptions_list: getListArrayMock(), + }; - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and empty exceptions_list] does validate', () => {}); + const decoded = createRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: CreateRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + note: '# some markdown', + references: [], + actions: [], + enabled: true, + false_positives: [], + max_signals: DEFAULT_MAX_SIGNALS, + tags: [], + threat: [], + throttle: null, + version: 1, + filters: [], + exceptions_list: [ + { + id: 'some_uuid', + namespace_type: 'single', + }, + { + id: 'some_uuid', + namespace_type: 'agnostic', + }, + ], + }; + expect(message.schema).toEqual(expected); + }); - test('rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and invalid exceptions_list] does NOT validate', () => {}); + test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and empty exceptions_list] does validate', () => { + const payload: CreateRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + exceptions_list: [], + }; - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and non-existent exceptions_list] does validate with empty exceptions_list', () => {}); + const decoded = createRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: CreateRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + note: '# some markdown', + references: [], + actions: [], + enabled: true, + false_positives: [], + max_signals: DEFAULT_MAX_SIGNALS, + tags: [], + threat: [], + throttle: null, + version: 1, + filters: [], + exceptions_list: [], + }; + expect(message.schema).toEqual(expected); + }); + + test('rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, and invalid exceptions_list] does NOT validate', () => { + const payload: Omit & { + exceptions_list: Array<{ id: string; namespace_type: string }>; + } = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + exceptions_list: [{ id: 'uuid_here', namespace_type: 'not a namespace type' }], + }; + + const decoded = createRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"', + ]); + expect(message.schema).toEqual({}); + }); + + test('[rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, and non-existent exceptions_list] does validate with empty exceptions_list', () => { + const payload: CreateRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + }; + + const decoded = createRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: CreateRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + note: '# some markdown', + references: [], + actions: [], + enabled: true, + false_positives: [], + max_signals: DEFAULT_MAX_SIGNALS, + tags: [], + threat: [], + throttle: null, + version: 1, + exceptions_list: [], + filters: [], + }; + expect(message.schema).toEqual(expected); + }); }); }); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_schema.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_schema.ts index 4e60201b8030e..d623cff8f1fc3 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_schema.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_schema.ts @@ -41,18 +41,21 @@ import { } from '../common/schemas'; /* eslint-enable @typescript-eslint/camelcase */ -import { DefaultStringArray } from '../types/default_string_array'; -import { DefaultActionsArray } from '../types/default_actions_array'; -import { DefaultBooleanTrue } from '../types/default_boolean_true'; -import { DefaultFromString } from '../types/default_from_string'; -import { DefaultIntervalString } from '../types/default_interval_string'; -import { DefaultMaxSignalsNumber } from '../types/default_max_signals_number'; -import { DefaultToString } from '../types/default_to_string'; -import { DefaultThreatArray } from '../types/default_threat_array'; -import { DefaultThrottleNull } from '../types/default_throttle_null'; -import { DefaultVersionNumber } from '../types/default_version_number'; -import { ListsDefaultArray, ListsDefaultArraySchema } from '../types/lists_default_array'; -import { DefaultUuid } from '../types/default_uuid'; +import { + DefaultStringArray, + DefaultActionsArray, + DefaultBooleanTrue, + DefaultFromString, + DefaultIntervalString, + DefaultMaxSignalsNumber, + DefaultToString, + DefaultThreatArray, + DefaultThrottleNull, + DefaultVersionNumber, + DefaultListArray, + ListArray, + DefaultUuid, +} from '../types'; export const createRulesSchema = t.intersection([ t.exact( @@ -92,7 +95,7 @@ export const createRulesSchema = t.intersection([ references: DefaultStringArray, // defaults to empty array of strings if not set during decode note, // defaults to "undefined" if not set during decode version: DefaultVersionNumber, // defaults to 1 if not set during decode - exceptions_list: ListsDefaultArray, // defaults to empty array if not set during decode + exceptions_list: DefaultListArray, // defaults to empty array if not set during decode }) ), ]); @@ -129,6 +132,6 @@ export type CreateRulesSchemaDecoded = Omit< threat: Threat; throttle: ThrottleOrNull; version: Version; - exceptions_list: ListsDefaultArraySchema; + exceptions_list: ListArray; rule_id: RuleId; }; diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_schema.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_schema.test.ts index 9fe3e95a20621..12a13ab1a5ed1 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_schema.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_schema.test.ts @@ -22,6 +22,7 @@ import { getImportRulesSchemaDecodedMock, } from './import_rules_schema.mock'; import { DEFAULT_MAX_SIGNALS } from '../../../constants'; +import { getListArrayMock } from '../types/lists.mock'; describe('import rules schema', () => { test('empty objects do not validate', () => { @@ -1569,14 +1570,188 @@ describe('import rules schema', () => { }); }); - // TODO: The exception_list tests are skipped and empty until we re-integrate it from the lists plugin - describe.skip('exception_list', () => { - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and exceptions_list] does validate', () => {}); + describe('exception_list', () => { + test('[rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, and exceptions_list] does validate', () => { + const payload: ImportRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + exceptions_list: getListArrayMock(), + }; + + const decoded = importRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: ImportRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + note: '# some markdown', + references: [], + actions: [], + enabled: true, + false_positives: [], + max_signals: DEFAULT_MAX_SIGNALS, + tags: [], + threat: [], + throttle: null, + version: 1, + filters: [], + immutable: false, + exceptions_list: [ + { + id: 'some_uuid', + namespace_type: 'single', + }, + { + id: 'some_uuid', + namespace_type: 'agnostic', + }, + ], + }; + expect(message.schema).toEqual(expected); + }); + + test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and empty exceptions_list] does validate', () => { + const payload: ImportRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + exceptions_list: [], + }; + + const decoded = importRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: ImportRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + note: '# some markdown', + references: [], + actions: [], + enabled: true, + false_positives: [], + max_signals: DEFAULT_MAX_SIGNALS, + tags: [], + threat: [], + throttle: null, + version: 1, + immutable: false, + filters: [], + exceptions_list: [], + }; + expect(message.schema).toEqual(expected); + }); - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and empty exceptions_list] does validate', () => {}); + test('rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, and invalid exceptions_list] does NOT validate', () => { + const payload: Omit & { + exceptions_list: Array<{ id: string; namespace_type: string }>; + } = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + exceptions_list: [{ id: 'uuid_here', namespace_type: 'not a namespace type' }], + }; - test('rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and invalid exceptions_list] does NOT validate', () => {}); + const decoded = importRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"', + ]); + expect(message.schema).toEqual({}); + }); - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and non-existent exceptions_list] does validate with empty exceptions_list', () => {}); + test('[rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, and non-existent exceptions_list] does validate with empty exceptions_list', () => { + const payload: ImportRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + }; + + const decoded = importRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: ImportRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + note: '# some markdown', + references: [], + actions: [], + enabled: true, + false_positives: [], + max_signals: DEFAULT_MAX_SIGNALS, + tags: [], + threat: [], + throttle: null, + version: 1, + immutable: false, + exceptions_list: [], + filters: [], + }; + expect(message.schema).toEqual(expected); + }); }); }); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_schema.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_schema.ts index a2110263e8e51..7d79861aacf38 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_schema.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_schema.ts @@ -47,19 +47,22 @@ import { } from '../common/schemas'; /* eslint-enable @typescript-eslint/camelcase */ -import { DefaultStringArray } from '../types/default_string_array'; -import { DefaultActionsArray } from '../types/default_actions_array'; -import { DefaultBooleanTrue } from '../types/default_boolean_true'; -import { DefaultFromString } from '../types/default_from_string'; -import { DefaultIntervalString } from '../types/default_interval_string'; -import { DefaultMaxSignalsNumber } from '../types/default_max_signals_number'; -import { DefaultToString } from '../types/default_to_string'; -import { DefaultThreatArray } from '../types/default_threat_array'; -import { DefaultThrottleNull } from '../types/default_throttle_null'; -import { DefaultVersionNumber } from '../types/default_version_number'; -import { ListsDefaultArray, ListsDefaultArraySchema } from '../types/lists_default_array'; -import { OnlyFalseAllowed } from '../types/only_false_allowed'; -import { DefaultStringBooleanFalse } from '../types/default_string_boolean_false'; +import { + DefaultStringArray, + DefaultActionsArray, + DefaultBooleanTrue, + DefaultFromString, + DefaultIntervalString, + DefaultMaxSignalsNumber, + DefaultToString, + DefaultThreatArray, + DefaultThrottleNull, + DefaultVersionNumber, + OnlyFalseAllowed, + DefaultStringBooleanFalse, + DefaultListArray, + ListArray, +} from '../types'; /** * Differences from this and the createRulesSchema are @@ -111,7 +114,7 @@ export const importRulesSchema = t.intersection([ references: DefaultStringArray, // defaults to empty array of strings if not set during decode note, // defaults to "undefined" if not set during decode version: DefaultVersionNumber, // defaults to 1 if not set during decode - exceptions_list: ListsDefaultArray, // defaults to empty array if not set during decode + exceptions_list: DefaultListArray, // defaults to empty array if not set during decode created_at, // defaults "undefined" if not set during decode updated_at, // defaults "undefined" if not set during decode created_by, // defaults "undefined" if not set during decode @@ -153,7 +156,7 @@ export type ImportRulesSchemaDecoded = Omit< threat: Threat; throttle: ThrottleOrNull; version: Version; - exceptions_list: ListsDefaultArraySchema; + exceptions_list: ListArray; rule_id: RuleId; immutable: false; }; diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.test.ts index 55363ffb18307..81a17df43daf6 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.test.ts @@ -10,6 +10,7 @@ import { exactCheck } from '../../../exact_check'; import { pipe } from 'fp-ts/lib/pipeable'; import { foldLeftRight, getPaths } from '../../../test_utils'; import { left } from 'fp-ts/lib/Either'; +import { getListArrayMock } from '../types/lists.mock'; describe('patch_rules_schema', () => { test('made up values do not validate', () => { @@ -1139,14 +1140,156 @@ describe('patch_rules_schema', () => { expect(message.schema).toEqual({}); }); - // TODO: The exception_list tests are skipped and empty until we re-integrate it from the lists plugin - describe.skip('exception_list', () => { - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and exceptions_list] does validate', () => {}); + describe('exception_list', () => { + test('[rule_id, description, from, to, index, name, severity, interval, type, filters, note, and exceptions_list] does validate', () => { + const payload: PatchRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + note: '# some documentation markdown', + exceptions_list: getListArrayMock(), + }; + + const decoded = patchRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: PatchRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + note: '# some documentation markdown', + exceptions_list: [ + { + id: 'some_uuid', + namespace_type: 'single', + }, + { + id: 'some_uuid', + namespace_type: 'agnostic', + }, + ], + }; + expect(message.schema).toEqual(expected); + }); + + test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and empty exceptions_list] does validate', () => { + const payload: PatchRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + exceptions_list: [], + }; + + const decoded = patchRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: PatchRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + exceptions_list: [], + }; + expect(message.schema).toEqual(expected); + }); + + test('rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, and invalid exceptions_list] does NOT validate', () => { + const payload: Omit & { + exceptions_list: Array<{ id: string; namespace_type: string }>; + } = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + exceptions_list: [{ id: 'uuid_here', namespace_type: 'not a namespace type' }], + }; - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and empty exceptions_list] does validate', () => {}); + const decoded = patchRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"', + 'Invalid value "[{"id":"uuid_here","namespace_type":"not a namespace type"}]" supplied to "exceptions_list"', + ]); + expect(message.schema).toEqual({}); + }); - test('rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and invalid exceptions_list] does NOT validate', () => {}); + test('[rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, and non-existent exceptions_list] does validate with empty exceptions_list', () => { + const payload: PatchRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + }; - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and non-existent exceptions_list] does validate with empty exceptions_list', () => {}); + const decoded = patchRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: PatchRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + filters: [], + risk_score: 50, + note: '# some markdown', + }; + expect(message.schema).toEqual(expected); + }); }); }); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.ts index 605e0272bbb4c..29d5467071a3d 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_schema.ts @@ -37,10 +37,10 @@ import { references, to, language, - listAndOrUndefined, query, id, } from '../common/schemas'; +import { listArrayOrUndefined } from '../types/lists'; /* eslint-enable @typescript-eslint/camelcase */ /** @@ -80,7 +80,7 @@ export const patchRulesSchema = t.exact( references, note, version, - exceptions_list: listAndOrUndefined, + exceptions_list: listArrayOrUndefined, }) ); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_schema.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_schema.test.ts index 1ff38f1351f59..02f8e7bbeb59b 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_schema.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_schema.test.ts @@ -18,6 +18,7 @@ import { getUpdateRulesSchemaDecodedMock, } from './update_rules_schema.mock'; import { DEFAULT_MAX_SIGNALS } from '../../../constants'; +import { getListArrayMock } from '../types/lists.mock'; describe('update rules schema', () => { test('empty objects do not validate', () => { @@ -1377,14 +1378,182 @@ describe('update rules schema', () => { }); }); - // TODO: The exception_list tests are skipped and empty until we re-integrate it from the lists plugin - describe.skip('exception_list', () => { - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and exceptions_list] does validate', () => {}); + describe('exception_list', () => { + test('[rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, and exceptions_list] does validate', () => { + const payload: UpdateRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + filters: [], + note: '# some markdown', + exceptions_list: getListArrayMock(), + }; + + const decoded = updateRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: UpdateRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + note: '# some markdown', + references: [], + actions: [], + enabled: true, + false_positives: [], + max_signals: DEFAULT_MAX_SIGNALS, + tags: [], + threat: [], + throttle: null, + filters: [], + exceptions_list: [ + { + id: 'some_uuid', + namespace_type: 'single', + }, + { + id: 'some_uuid', + namespace_type: 'agnostic', + }, + ], + }; + expect(message.schema).toEqual(expected); + }); + + test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and empty exceptions_list] does validate', () => { + const payload: UpdateRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + filters: [], + note: '# some markdown', + exceptions_list: [], + }; + + const decoded = updateRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: UpdateRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + note: '# some markdown', + references: [], + actions: [], + enabled: true, + false_positives: [], + max_signals: DEFAULT_MAX_SIGNALS, + tags: [], + threat: [], + throttle: null, + filters: [], + exceptions_list: [], + }; + expect(message.schema).toEqual(expected); + }); - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and empty exceptions_list] does validate', () => {}); + test('rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, and invalid exceptions_list] does NOT validate', () => { + const payload: Omit & { + exceptions_list: Array<{ id: string; namespace_type: string }>; + } = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + filters: [], + note: '# some markdown', + exceptions_list: [{ id: 'uuid_here', namespace_type: 'not a namespace type' }], + }; + + const decoded = updateRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "not a namespace type" supplied to "exceptions_list,namespace_type"', + ]); + expect(message.schema).toEqual({}); + }); - test('rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and invalid exceptions_list] does NOT validate', () => {}); + test('[rule_id, description, from, to, index, name, severity, interval, type, filters, risk_score, note, and non-existent exceptions_list] does validate with empty exceptions_list', () => { + const payload: UpdateRulesSchema = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + filters: [], + note: '# some markdown', + }; - test('[rule_id, description, from, to, index, name, severity, interval, type, filter, risk_score, note, and non-existent exceptions_list] does validate with empty exceptions_list', () => {}); + const decoded = updateRulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([]); + const expected: UpdateRulesSchemaDecoded = { + rule_id: 'rule-1', + description: 'some description', + from: 'now-5m', + to: 'now', + index: ['index-1'], + name: 'some-name', + severity: 'low', + interval: '5m', + type: 'query', + risk_score: 50, + note: '# some markdown', + references: [], + actions: [], + enabled: true, + false_positives: [], + max_signals: DEFAULT_MAX_SIGNALS, + tags: [], + threat: [], + throttle: null, + exceptions_list: [], + filters: [], + }; + expect(message.schema).toEqual(expected); + }); }); }); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_schema.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_schema.ts index 504233f95986f..73078e617efc6 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_schema.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_schema.ts @@ -43,16 +43,19 @@ import { } from '../common/schemas'; /* eslint-enable @typescript-eslint/camelcase */ -import { DefaultStringArray } from '../types/default_string_array'; -import { DefaultActionsArray } from '../types/default_actions_array'; -import { DefaultBooleanTrue } from '../types/default_boolean_true'; -import { DefaultFromString } from '../types/default_from_string'; -import { DefaultIntervalString } from '../types/default_interval_string'; -import { DefaultMaxSignalsNumber } from '../types/default_max_signals_number'; -import { DefaultToString } from '../types/default_to_string'; -import { DefaultThreatArray } from '../types/default_threat_array'; -import { DefaultThrottleNull } from '../types/default_throttle_null'; -import { ListsDefaultArray, ListsDefaultArraySchema } from '../types/lists_default_array'; +import { + DefaultStringArray, + DefaultActionsArray, + DefaultBooleanTrue, + DefaultFromString, + DefaultIntervalString, + DefaultMaxSignalsNumber, + DefaultToString, + DefaultThreatArray, + DefaultThrottleNull, + DefaultListArray, + ListArray, +} from '../types'; /** * This almost identical to the create_rules_schema except for a few details. @@ -100,7 +103,7 @@ export const updateRulesSchema = t.intersection([ references: DefaultStringArray, // defaults to empty array of strings if not set during decode note, // defaults to "undefined" if not set during decode version, // defaults to "undefined" if not set during decode - exceptions_list: ListsDefaultArray, // defaults to empty array if not set during decode + exceptions_list: DefaultListArray, // defaults to empty array if not set during decode }) ), ]); @@ -135,6 +138,6 @@ export type UpdateRulesSchemaDecoded = Omit< to: To; threat: Threat; throttle: ThrottleOrNull; - exceptions_list: ListsDefaultArraySchema; + exceptions_list: ListArray; rule_id: RuleId; }; diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.mocks.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.mocks.ts index ecbf0321cdc67..e63a7ad981e12 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.mocks.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.mocks.ts @@ -3,6 +3,7 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ +import { getListArrayMock } from '../types/lists.mock'; import { RulesSchema } from './rules_schema'; @@ -64,38 +65,7 @@ export const getRulesSchemaMock = (anchorDate: string = ANCHOR_DATE): RulesSchem language: 'kuery', rule_id: 'query-rule-id', interval: '5m', - exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ], + exceptions_list: getListArrayMock(), }); export const getRulesMlSchemaMock = (anchorDate: string = ANCHOR_DATE): RulesSchema => { diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.test.ts index 90aef656db369..b3f9096b51483 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.test.ts @@ -22,6 +22,7 @@ import { exactCheck } from '../../../exact_check'; import { foldLeftRight, getPaths } from '../../../test_utils'; import { TypeAndTimelineOnly } from './type_timeline_only_schema'; import { getRulesSchemaMock, getRulesMlSchemaMock } from './rules_schema.mocks'; +import { ListArray } from '../types/lists'; export const ANCHOR_DATE = '2020-02-20T03:57:54.037Z'; @@ -650,4 +651,47 @@ describe('rules_schema', () => { expect(fields.length).toEqual(2); }); }); + + describe('exceptions_list', () => { + test('it should validate an empty array for "exceptions_list"', () => { + const payload = getRulesSchemaMock(); + payload.exceptions_list = []; + const decoded = rulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + const expected = getRulesSchemaMock(); + expected.exceptions_list = []; + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual(expected); + }); + + test('it should NOT validate when "exceptions_list" is not expected type', () => { + const payload: Omit & { + exceptions_list?: string; + } = { ...getRulesSchemaMock(), exceptions_list: 'invalid_data' }; + + const decoded = rulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "invalid_data" supplied to "exceptions_list"', + ]); + expect(message.schema).toEqual({}); + }); + + test('it should default to empty array if "exceptions_list" is undefined ', () => { + const payload: Omit & { + exceptions_list?: ListArray; + } = getRulesSchemaMock(); + payload.exceptions_list = undefined; + + const decoded = rulesSchema.decode(payload); + const checked = exactCheck(payload, decoded); + const message = pipe(checked, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual({ ...payload, exceptions_list: [] }); + }); + }); }); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.ts index a7a31ec9e1b59..9803a80f57857 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.ts @@ -56,7 +56,7 @@ import { meta, note, } from '../common/schemas'; -import { ListsDefaultArray } from '../types/lists_default_array'; +import { DefaultListArray } from '../types/lists_default_array'; /** * This is the required fields for the rules schema response. Put all required properties on @@ -87,7 +87,7 @@ export const requiredRulesSchema = t.type({ updated_at, created_by, version, - exceptions_list: ListsDefaultArray, + exceptions_list: DefaultListArray, }); export type RequiredRulesSchema = t.TypeOf; diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/index.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/index.ts new file mode 100644 index 0000000000000..368dd4922eec4 --- /dev/null +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/index.ts @@ -0,0 +1,34 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export * from './default_actions_array'; +export * from './default_boolean_false'; +export * from './default_boolean_true'; +export * from './default_empty_string'; +export * from './default_export_file_name'; +export * from './default_from_string'; +export * from './default_interval_string'; +export * from './default_language_string'; +export * from './default_max_signals_number'; +export * from './default_page'; +export * from './default_per_page'; +export * from './default_string_array'; +export * from './default_string_boolean_false'; +export * from './default_threat_array'; +export * from './default_throttle_null'; +export * from './default_to_string'; +export * from './default_uuid'; +export * from './default_version_number'; +export * from './iso_date_string'; +export * from './lists'; +export * from './lists_default_array'; +export * from './non_empty_string'; +export * from './only_false_allowed'; +export * from './positive_integer'; +export * from './positive_integer_greater_than_zero'; +export * from './references_default_array'; +export * from './risk_score'; +export * from './uuid'; diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.mock.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.mock.ts new file mode 100644 index 0000000000000..d76e2ac78f3d3 --- /dev/null +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.mock.ts @@ -0,0 +1,18 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import { List, ListArray } from './lists'; + +export const getListMock = (): List => ({ + id: 'some_uuid', + namespace_type: 'single', +}); + +export const getListAgnosticMock = (): List => ({ + id: 'some_uuid', + namespace_type: 'agnostic', +}); + +export const getListArrayMock = (): ListArray => [getListMock(), getListAgnosticMock()]; diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.test.ts new file mode 100644 index 0000000000000..657a4b479f164 --- /dev/null +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.test.ts @@ -0,0 +1,131 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { pipe } from 'fp-ts/lib/pipeable'; +import { left } from 'fp-ts/lib/Either'; + +import { foldLeftRight, getPaths } from '../../../test_utils'; + +import { getListAgnosticMock, getListMock, getListArrayMock } from './lists.mock'; +import { + List, + ListArray, + ListArrayOrUndefined, + list, + listArray, + listArrayOrUndefined, +} from './lists'; + +describe('Lists', () => { + describe('list', () => { + test('it should validate a list', () => { + const payload = getListMock(); + const decoded = list.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual(payload); + }); + + test('it should validate a list with "namespace_type" of"agnostic"', () => { + const payload = getListAgnosticMock(); + const decoded = list.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual(payload); + }); + + test('it should NOT validate a list without an "id"', () => { + const payload = getListMock(); + delete payload.id; + const decoded = list.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "undefined" supplied to "id"', + ]); + expect(message.schema).toEqual({}); + }); + + test('it should NOT validate a list without "namespace_type"', () => { + const payload = getListMock(); + delete payload.namespace_type; + const decoded = list.decode(payload); + const message = pipe(decoded, foldLeftRight); + expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "undefined" supplied to "namespace_type"', + ]); + expect(message.schema).toEqual({}); + }); + + test('it should strip out extra keys', () => { + const payload: List & { + extraKey?: string; + } = getListMock(); + payload.extraKey = 'some value'; + const decoded = list.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual(getListMock()); + }); + }); + + describe('listArray', () => { + test('it should validate an array of lists', () => { + const payload = getListArrayMock(); + const decoded = listArray.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual(payload); + }); + + test('it should not validate when unexpected type found in array', () => { + const payload = ([1] as unknown) as ListArray; + const decoded = listArray.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "1" supplied to "Array<{| id: string, namespace_type: "agnostic" | "single" |}>"', + ]); + expect(message.schema).toEqual({}); + }); + }); + + describe('listArrayOrUndefined', () => { + test('it should validate an array of lists', () => { + const payload = getListArrayMock(); + const decoded = listArrayOrUndefined.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual(payload); + }); + + test('it should validate when undefined', () => { + const payload = undefined; + const decoded = listArrayOrUndefined.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([]); + expect(message.schema).toEqual(payload); + }); + + test('it should not allow an item that is not of type "list" in array', () => { + const payload = ([1] as unknown) as ListArrayOrUndefined; + const decoded = listArrayOrUndefined.decode(payload); + const message = pipe(decoded, foldLeftRight); + + expect(getPaths(left(message.errors))).toEqual([ + 'Invalid value "1" supplied to "(Array<{| id: string, namespace_type: "agnostic" | "single" |}> | undefined)"', + 'Invalid value "[1]" supplied to "(Array<{| id: string, namespace_type: "agnostic" | "single" |}> | undefined)"', + ]); + expect(message.schema).toEqual({}); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.ts new file mode 100644 index 0000000000000..07be038ff3526 --- /dev/null +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import * as t from 'io-ts'; + +import { namespaceType } from '../../lists_common_deps'; + +export const list = t.exact( + t.type({ + id: t.string, + namespace_type: namespaceType, + }) +); + +export type List = t.TypeOf; +export const listArray = t.array(list); +export type ListArray = t.TypeOf; +export const listArrayOrUndefined = t.union([listArray, t.undefined]); +export type ListArrayOrUndefined = t.TypeOf; diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists_default_array.test.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists_default_array.test.ts index 9eb55c22756fa..2268e47bd1149 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists_default_array.test.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists_default_array.test.ts @@ -4,187 +4,60 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ListsDefaultArray } from './lists_default_array'; import { pipe } from 'fp-ts/lib/pipeable'; import { left } from 'fp-ts/lib/Either'; -import { foldLeftRight, getPaths } from '../../../test_utils'; - -describe('lists_default_array', () => { - test('it should validate an empty array', () => { - const payload: string[] = []; - const decoded = ListsDefaultArray.decode(payload); - const message = pipe(decoded, foldLeftRight); - - expect(getPaths(left(message.errors))).toEqual([]); - expect(message.schema).toEqual(payload); - }); - test('it should validate an array of lists', () => { - const payload = [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ]; - const decoded = ListsDefaultArray.decode(payload); - const message = pipe(decoded, foldLeftRight); - - expect(getPaths(left(message.errors))).toEqual([]); - expect(message.schema).toEqual(payload); - }); +import { foldLeftRight, getPaths } from '../../../test_utils'; - test('it should not validate an array of lists that includes a values_operator other than included or excluded', () => { - const payload = [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'exists', - }, - { - field: 'host.hostname', - values_operator: 'jibber jabber', - values_type: 'exists', - }, - ]; - const decoded = ListsDefaultArray.decode(payload); - const message = pipe(decoded, foldLeftRight); +import { DefaultListArray, DefaultListArrayC } from './lists_default_array'; +import { getListArrayMock } from './lists.mock'; - expect(getPaths(left(message.errors))).toEqual([ - 'Invalid value "jibber jabber" supplied to "values_operator"', - ]); - expect(message.schema).toEqual({}); - }); - - // TODO - this scenario should never come up, as the values key is forbidden when values_type is "exists" in the incoming schema - need to find a good way to do this in io-ts - test('it will validate an array of lists that includes "values" when "values_type" is "exists"', () => { - const payload = [ - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'exists', - values: [ - { - name: '127.0.0.1', - }, - ], - }, - ]; - const decoded = ListsDefaultArray.decode(payload); +describe('lists_default_array', () => { + test('it should return a default array when null', () => { + const payload = null; + const decoded = DefaultListArray.decode(payload); const message = pipe(decoded, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([]); - expect(message.schema).toEqual(payload); + expect(message.schema).toEqual([]); }); - // TODO - this scenario should never come up, as the values key is required when values_type is "match" in the incoming schema - need to find a good way to do this in io-ts - test('it will validate an array of lists that does not include "values" when "values_type" is "match"', () => { - const payload = [ - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - }, - ]; - const decoded = ListsDefaultArray.decode(payload); + test('it should return a default array when undefined', () => { + const payload = undefined; + const decoded = DefaultListArray.decode(payload); const message = pipe(decoded, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([]); - expect(message.schema).toEqual(payload); + expect(message.schema).toEqual([]); }); - // TODO - this scenario should never come up, as the values key is required when values_type is "match_all" in the incoming schema - need to find a good way to do this in io-ts - test('it will validate an array of lists that does not include "values" when "values_type" is "match_all"', () => { - const payload = [ - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match_all', - }, - ]; - const decoded = ListsDefaultArray.decode(payload); + test('it should validate an empty array', () => { + const payload: string[] = []; + const decoded = DefaultListArray.decode(payload); const message = pipe(decoded, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([]); expect(message.schema).toEqual(payload); }); - // TODO - this scenario should never come up, as the values key is required when values_type is "list" in the incoming schema - need to find a good way to do this in io-ts - test('it should not validate an array of lists that does not include "values" when "values_type" is "list"', () => { - const payload = [ - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'list', - }, - ]; - const decoded = ListsDefaultArray.decode(payload); + test('it should validate an array of lists', () => { + const payload = getListArrayMock(); + const decoded = DefaultListArray.decode(payload); const message = pipe(decoded, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([]); expect(message.schema).toEqual(payload); }); - test('it should not validate an array with a number', () => { - const payload = [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - values: [ - { - name: '127.0.0.1', - }, - ], - }, - 5, - ]; - const decoded = ListsDefaultArray.decode(payload); + test('it should not validate an array of non accepted types', () => { + // Terrible casting for purpose of tests + const payload = ([1] as unknown) as DefaultListArrayC; + const decoded = DefaultListArray.decode(payload); const message = pipe(decoded, foldLeftRight); expect(getPaths(left(message.errors))).toEqual([ - 'Invalid value "5" supplied to "listsWithDefaultArray"', - 'Invalid value "5" supplied to "listsWithDefaultArray"', + 'Invalid value "1" supplied to "DefaultListArray"', ]); expect(message.schema).toEqual({}); }); - - test('it should return a default array entry', () => { - const payload = null; - const decoded = ListsDefaultArray.decode(payload); - const message = pipe(decoded, foldLeftRight); - - expect(getPaths(left(message.errors))).toEqual([]); - expect(message.schema).toEqual([]); - }); }); diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists_default_array.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists_default_array.ts index 7fe98cdc300ef..ac5666cad23a7 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists_default_array.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/types/lists_default_array.ts @@ -7,28 +7,18 @@ import * as t from 'io-ts'; import { Either } from 'fp-ts/lib/Either'; -import { - list_and as listAnd, - list_values as listValues, - list_values_operator as listOperator, -} from '../common/schemas'; +import { ListArray, list } from './lists'; -export type List = t.TypeOf; -export type ListValues = t.TypeOf; -export type ListOperator = t.TypeOf; +export type DefaultListArrayC = t.Type; /** - * Types the ListsDefaultArray as: - * - If null or undefined, then a default array will be set for the list + * Types the DefaultListArray as: + * - If null or undefined, then a default array of type list will be set */ -export const ListsDefaultArray = new t.Type( - 'listsWithDefaultArray', - t.array(listAnd).is, - (input, context): Either => - input == null ? t.success([]) : t.array(listAnd).validate(input, context), +export const DefaultListArray: DefaultListArrayC = new t.Type( + 'DefaultListArray', + t.array(list).is, + (input, context): Either => + input == null ? t.success([]) : t.array(list).validate(input, context), t.identity ); - -export type ListsDefaultArrayC = typeof ListsDefaultArray; - -export type ListsDefaultArraySchema = t.TypeOf; diff --git a/x-pack/plugins/security_solution/common/endpoint/constants.ts b/x-pack/plugins/security_solution/common/endpoint/constants.ts index e311e358e6146..984cd7d2506a9 100644 --- a/x-pack/plugins/security_solution/common/endpoint/constants.ts +++ b/x-pack/plugins/security_solution/common/endpoint/constants.ts @@ -7,5 +7,6 @@ export const eventsIndexPattern = 'logs-endpoint.events.*'; export const alertsIndexPattern = 'logs-endpoint.alerts-*'; export const metadataIndexPattern = 'metrics-endpoint.metadata-*'; +export const metadataMirrorIndexPattern = 'metrics-endpoint.metadata_mirror-*'; export const policyIndexPattern = 'metrics-endpoint.policy-*'; export const telemetryIndexPattern = 'metrics-endpoint.telemetry-*'; diff --git a/x-pack/plugins/security_solution/common/endpoint/generate_data.ts b/x-pack/plugins/security_solution/common/endpoint/generate_data.ts index ef9e8376827a0..5af34b6a694e8 100644 --- a/x-pack/plugins/security_solution/common/endpoint/generate_data.ts +++ b/x-pack/plugins/security_solution/common/endpoint/generate_data.ts @@ -14,6 +14,7 @@ import { HostPolicyResponse, HostPolicyResponseActionStatus, PolicyData, + EndpointStatus, } from './types'; import { factory as policyFactory } from './models/policy_config'; @@ -209,6 +210,7 @@ interface HostInfo { }; host: Host; Endpoint: { + status: EndpointStatus; policy: { applied: { id: string; @@ -305,7 +307,7 @@ export class EndpointDocGenerator { * Creates new random policy id for the host to simulate new policy application */ public updatePolicyId() { - this.commonInfo.Endpoint.policy.applied = this.randomChoice(APPLIED_POLICIES); + this.commonInfo.Endpoint.policy.applied.id = this.randomChoice(APPLIED_POLICIES).id; this.commonInfo.Endpoint.policy.applied.status = this.randomChoice([ HostPolicyResponseActionStatus.success, HostPolicyResponseActionStatus.failure, @@ -333,6 +335,7 @@ export class EndpointDocGenerator { os: this.randomChoice(OS), }, Endpoint: { + status: EndpointStatus.enrolled, policy: { applied: this.randomChoice(APPLIED_POLICIES), }, diff --git a/x-pack/plugins/security_solution/common/endpoint/types.ts b/x-pack/plugins/security_solution/common/endpoint/types.ts index f8cfb8f7c3bbc..42f5f4b220da9 100644 --- a/x-pack/plugins/security_solution/common/endpoint/types.ts +++ b/x-pack/plugins/security_solution/common/endpoint/types.ts @@ -74,7 +74,7 @@ export interface ResolverNodeStats { /** * A child node can also have additional children so we need to provide a pagination cursor. */ -export interface ChildNode extends LifecycleNode { +export interface ResolverChildNode extends ResolverLifecycleNode { /** * A child node's pagination cursor can be null for a couple reasons: * 1. At the time of querying it could have no children in ES, in which case it will be marked as @@ -89,7 +89,7 @@ export interface ChildNode extends LifecycleNode { * has an array of lifecycle events. */ export interface ResolverChildren { - childNodes: ChildNode[]; + childNodes: ResolverChildNode[]; /** * This is the children cursor for the origin of a tree. */ @@ -116,7 +116,7 @@ export interface ResolverTree { /** * The lifecycle events (start, end etc) for a node. */ -export interface LifecycleNode { +export interface ResolverLifecycleNode { entityID: string; lifecycle: ResolverEvent[]; /** @@ -132,7 +132,7 @@ export interface ResolverAncestry { /** * An array of ancestors with the lifecycle events grouped together */ - ancestors: LifecycleNode[]; + ancestors: ResolverLifecycleNode[]; /** * A cursor for retrieving additional ancestors for a particular node. `null` indicates that there were no additional * ancestors when the request returned. More could have been ingested by ES after the fact though. @@ -350,7 +350,23 @@ export interface AlertEvent { } /** - * The status of the host + * The status of the Endpoint Agent as reported by the Agent or the + * Security Solution app using events from Fleet. + */ +export enum EndpointStatus { + /** + * Agent is enrolled with Fleet + */ + enrolled = 'enrolled', + + /** + * Agent is unenrrolled from Fleet + */ + unenrolled = 'unenrolled', +} + +/** + * The status of the host, which is mapped to the Elastic Agent status in Fleet */ export enum HostStatus { /** @@ -386,6 +402,7 @@ export type HostMetadata = Immutable<{ }; }; Endpoint: { + status: EndpointStatus; policy: { applied: { id: string; diff --git a/x-pack/plugins/security_solution/cypress/integration/events_viewer.spec.ts b/x-pack/plugins/security_solution/cypress/integration/events_viewer.spec.ts index cd4573817cc27..84ca1e20e9576 100644 --- a/x-pack/plugins/security_solution/cypress/integration/events_viewer.spec.ts +++ b/x-pack/plugins/security_solution/cypress/integration/events_viewer.spec.ts @@ -153,7 +153,7 @@ describe('Events Viewer', () => { }); }); - context.skip('Events columns', () => { + context('Events columns', () => { before(() => { loginAndWaitForPage(HOSTS_URL); openEvents(); diff --git a/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/detection_engine.test.tsx b/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/detection_engine.test.tsx index 62b942d03591c..d033bc25e9801 100644 --- a/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/detection_engine.test.tsx +++ b/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/detection_engine.test.tsx @@ -12,9 +12,10 @@ import '../../../common/mock/match_media'; import { setAbsoluteRangeDatePicker } from '../../../common/store/inputs/actions'; import { DetectionEnginePageComponent } from './detection_engine'; import { useUserInfo } from '../../components/user_info'; +import { useWithSource } from '../../../common/containers/source'; jest.mock('../../components/user_info'); -jest.mock('../../../common/lib/kibana'); +jest.mock('../../../common/containers/source'); jest.mock('../../../common/components/link_to'); jest.mock('react-router-dom', () => { const originalModule = jest.requireActual('react-router-dom'); @@ -30,7 +31,12 @@ describe('DetectionEnginePageComponent', () => { beforeAll(() => { (useParams as jest.Mock).mockReturnValue({}); (useUserInfo as jest.Mock).mockReturnValue({}); + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: true, + indexPattern: {}, + }); }); + it('renders correctly', () => { const wrapper = shallow( { /> ); - expect(wrapper.find('WithSource')).toHaveLength(1); + expect(wrapper.find('FiltersGlobal')).toHaveLength(1); }); }); diff --git a/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/detection_engine.tsx b/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/detection_engine.tsx index 05a0b4441bb3a..dc0b22c82af3e 100644 --- a/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/detection_engine.tsx +++ b/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/detection_engine.tsx @@ -13,10 +13,7 @@ import { useHistory } from 'react-router-dom'; import { SecurityPageName } from '../../../app/types'; import { TimelineId } from '../../../../common/types/timeline'; import { GlobalTime } from '../../../common/containers/global_time'; -import { - indicesExistOrDataTemporarilyUnavailable, - WithSource, -} from '../../../common/containers/source'; +import { useWithSource } from '../../../common/containers/source'; import { UpdateDateRange } from '../../../common/components/charts/common'; import { FiltersGlobal } from '../../../common/components/filters_global'; import { getRulesUrl } from '../../../common/components/link_to/redirect_to_detection_engine'; @@ -82,6 +79,7 @@ export const DetectionEnginePageComponent: React.FC = ({ const indexToAdd = useMemo(() => (signalIndexName == null ? [] : [signalIndexName]), [ signalIndexName, ]); + const { indicesExist, indexPattern } = useWithSource('default', indexToAdd); if (isUserAuthenticated != null && !isUserAuthenticated && !loading) { return ( @@ -104,77 +102,73 @@ export const DetectionEnginePageComponent: React.FC = ({ <> {hasEncryptionKey != null && !hasEncryptionKey && } {hasIndexWrite != null && !hasIndexWrite && } - - {({ indicesExist, indexPattern }) => { - return indicesExistOrDataTemporarilyUnavailable(indicesExist) ? ( - - - - - - - {i18n.LAST_ALERT} - {': '} - {lastAlerts} - - ) - } - title={i18n.PAGE_TITLE} - > - - {i18n.BUTTON_MANAGE_RULES} - - + {indicesExist ? ( + + + + + + + {i18n.LAST_ALERT} + {': '} + {lastAlerts} + + ) + } + title={i18n.PAGE_TITLE} + > + + {i18n.BUTTON_MANAGE_RULES} + + - - {({ to, from, deleteQuery, setQuery }) => ( - <> - <> - - - - - - )} - - - - ) : ( - - - - - ); - }} - + + {({ to, from, deleteQuery, setQuery }) => ( + <> + <> + + + + + + )} + + + + ) : ( + + + + + )} ); diff --git a/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/rules/details/index.test.tsx b/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/rules/details/index.test.tsx index df6ea65ba52ba..0acb18082379a 100644 --- a/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/rules/details/index.test.tsx +++ b/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/rules/details/index.test.tsx @@ -12,10 +12,12 @@ import { TestProviders } from '../../../../../common/mock'; import { RuleDetailsPageComponent } from './index'; import { setAbsoluteRangeDatePicker } from '../../../../../common/store/inputs/actions'; import { useUserInfo } from '../../../../components/user_info'; +import { useWithSource } from '../../../../../common/containers/source'; import { useParams } from 'react-router-dom'; jest.mock('../../../../../common/components/link_to'); jest.mock('../../../../components/user_info'); +jest.mock('../../../../../common/containers/source'); jest.mock('react-router-dom', () => { const originalModule = jest.requireActual('react-router-dom'); @@ -30,6 +32,10 @@ describe('RuleDetailsPageComponent', () => { beforeAll(() => { (useUserInfo as jest.Mock).mockReturnValue({}); (useParams as jest.Mock).mockReturnValue({}); + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: true, + indexPattern: {}, + }); }); it('renders correctly', () => { @@ -44,6 +50,6 @@ describe('RuleDetailsPageComponent', () => { } ); - expect(wrapper.find('WithSource')).toHaveLength(1); + expect(wrapper.find('GlobalTime')).toHaveLength(1); }); }); diff --git a/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/rules/details/index.tsx b/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/rules/details/index.tsx index 90fd4bb225ec5..2ec603546983e 100644 --- a/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/rules/details/index.tsx +++ b/x-pack/plugins/security_solution/public/alerts/pages/detection_engine/rules/details/index.tsx @@ -4,8 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -/* eslint-disable react-hooks/rules-of-hooks */ -/* eslint-disable complexity */ +/* eslint-disable react-hooks/rules-of-hooks, complexity */ // TODO: Disabling complexity is temporary till this component is refactored as part of lists UI integration import { @@ -36,10 +35,7 @@ import { SiemSearchBar } from '../../../../../common/components/search_bar'; import { WrapperPage } from '../../../../../common/components/wrapper_page'; import { useRule } from '../../../../../alerts/containers/detection_engine/rules'; -import { - indicesExistOrDataTemporarilyUnavailable, - WithSource, -} from '../../../../../common/containers/source'; +import { useWithSource } from '../../../../../common/containers/source'; import { SpyRoute } from '../../../../../common/utils/route/spy_routes'; import { StepAboutRuleToggleDetails } from '../../../../components/rules/step_about_rule_details'; @@ -255,6 +251,8 @@ export const RuleDetailsPageComponent: FC = ({ [history, ruleId] ); + const { indicesExist, indexPattern } = useWithSource('default', indexToAdd); + if (redirectToDetections(isSignalIndexExists, isAuthenticated, hasEncryptionKey)) { history.replace(getDetectionEngineUrl()); return null; @@ -264,187 +262,185 @@ export const RuleDetailsPageComponent: FC = ({ <> {hasIndexWrite != null && !hasIndexWrite && } {userHasNoPermissions(canUserCRUD) && } - - {({ indicesExist, indexPattern }) => { - return indicesExistOrDataTemporarilyUnavailable(indicesExist) ? ( - - {({ to, from, deleteQuery, setQuery }) => ( - - - - - - - - {detectionI18n.LAST_ALERT} - {': '} - {lastAlerts} - , - ] - : []), - , - ]} - title={title} - > - + {indicesExist ? ( + + {({ to, from, deleteQuery, setQuery }) => ( + + + + + + + + {detectionI18n.LAST_ALERT} + {': '} + {lastAlerts} + , + ] + : []), + , + ]} + title={title} + > + + + + + + + + + - - - + {ruleI18n.EDIT_RULE_SETTINGS} + - - - - - {ruleI18n.EDIT_RULE_SETTINGS} - - - - - - + - - {ruleError} - - - - - + + + + {ruleError} + + + + + - - - - - {defineRuleData != null && ( - - )} - - - - - - {scheduleRuleData != null && ( - - )} - - - + + + + + {defineRuleData != null && ( + + )} + + + + + + {scheduleRuleData != null && ( + + )} + + + + + {tabs} + + {ruleDetailTab === RuleDetailTabs.alerts && ( + <> + - {tabs} - - {ruleDetailTab === RuleDetailTabs.alerts && ( - <> - - - {ruleId != null && ( - - )} - - )} - {ruleDetailTab === RuleDetailTabs.exceptions && ( - )} - {ruleDetailTab === RuleDetailTabs.failures && } - - - )} - - ) : ( - - + + )} + {ruleDetailTab === RuleDetailTabs.exceptions && ( + + )} + {ruleDetailTab === RuleDetailTabs.failures && } + + + )} + + ) : ( + + - - - ); - }} - + + + )} ); }; +RuleDetailsPageComponent.displayName = 'RuleDetailsPageComponent'; + const makeMapStateToProps = () => { const getGlobalInputs = inputsSelectors.globalSelector(); return (state: State) => { @@ -467,3 +463,5 @@ const connector = connect(makeMapStateToProps, mapDispatchToProps); type PropsFromRedux = ConnectedProps; export const RuleDetailsPage = connector(memo(RuleDetailsPageComponent)); + +RuleDetailsPage.displayName = 'RuleDetailsPage'; diff --git a/x-pack/plugins/security_solution/public/app/home/index.tsx b/x-pack/plugins/security_solution/public/app/home/index.tsx index d8bdbd6e7ef5f..03e48282cb754 100644 --- a/x-pack/plugins/security_solution/public/app/home/index.tsx +++ b/x-pack/plugins/security_solution/public/app/home/index.tsx @@ -14,10 +14,7 @@ import { HeaderGlobal } from '../../common/components/header_global'; import { HelpMenu } from '../../common/components/help_menu'; import { AutoSaveWarningMsg } from '../../timelines/components/timeline/auto_save_warning'; import { UseUrlState } from '../../common/components/url_state'; -import { - WithSource, - indicesExistOrDataTemporarilyUnavailable, -} from '../../common/containers/source'; +import { useWithSource } from '../../common/containers/source'; import { useShowTimeline } from '../../common/utils/timeline/use_show_timeline'; import { navTabs } from './home_navigations'; @@ -60,31 +57,28 @@ export const HomePage: React.FC = ({ children }) => { ); const [showTimeline] = useShowTimeline(); + const { browserFields, indexPattern, indicesExist } = useWithSource(); return (
- - {({ browserFields, indexPattern, indicesExist }) => ( - - - {indicesExistOrDataTemporarilyUnavailable(indicesExist) && showTimeline && ( - <> - - - - )} - - {children} - + + + {indicesExist && showTimeline && ( + <> + + + )} - + + {children} +
diff --git a/x-pack/plugins/security_solution/public/common/components/drag_and_drop/draggable_wrapper_hover_content.test.tsx b/x-pack/plugins/security_solution/public/common/components/drag_and_drop/draggable_wrapper_hover_content.test.tsx index e60d876617dca..ee1dc73b27fe2 100644 --- a/x-pack/plugins/security_solution/public/common/components/drag_and_drop/draggable_wrapper_hover_content.test.tsx +++ b/x-pack/plugins/security_solution/public/common/components/drag_and_drop/draggable_wrapper_hover_content.test.tsx @@ -6,10 +6,9 @@ import { mount, ReactWrapper } from 'enzyme'; import React from 'react'; -import { MockedProvider } from 'react-apollo/test-utils'; -import { mocksSource } from '../../containers/source/mock'; -import { wait } from '../../lib/helpers'; +import { useWithSource } from '../../containers/source'; +import { mockBrowserFields } from '../../containers/source/mock'; import { useKibana } from '../../lib/kibana'; import { TestProviders } from '../../mock'; import { createKibanaCoreStartMock } from '../../mock/kibana_core'; @@ -21,10 +20,19 @@ import { ManageGlobalTimeline, timelineDefaults, } from '../../../timelines/components/manage_timeline'; +import { TimelineId } from '../../../../common/types/timeline'; jest.mock('../link_to'); jest.mock('../../lib/kibana'); +jest.mock('../../containers/source', () => { + const original = jest.requireActual('../../containers/source'); + + return { + ...original, + useWithSource: jest.fn(), + }; +}); jest.mock('uuid', () => { return { @@ -34,9 +42,24 @@ jest.mock('uuid', () => { }); jest.mock('../../hooks/use_add_to_timeline'); +const mockAddFilters = jest.fn(); +const mockGetTimelineFilterManager = jest.fn().mockReturnValue({ + addFilters: mockAddFilters, +}); +jest.mock('../../../timelines/components/manage_timeline', () => { + const original = jest.requireActual('../../../timelines/components/manage_timeline'); + + return { + ...original, + useManageTimeline: () => ({ + getTimelineFilterManager: mockGetTimelineFilterManager, + isManagedTimeline: jest.fn().mockReturnValue(false), + }), + }; +}); const mockUiSettingsForFilterManager = createKibanaCoreStartMock().uiSettings; -const timelineId = 'cool-id'; +const timelineId = TimelineId.active; const field = 'process.name'; const value = 'nice'; const toggleTopN = jest.fn(); @@ -52,6 +75,9 @@ describe('DraggableWrapperHoverContent', () => { beforeAll(() => { // our mock implementation of the useAddToTimeline hook returns a mock startDragToTimeline function: (useAddToTimeline as jest.Mock).mockReturnValue(jest.fn()); + (useWithSource as jest.Mock).mockReturnValue({ + browserFields: mockBrowserFields, + }); }); // Suppress warnings about "react-beautiful-dnd" @@ -78,6 +104,9 @@ describe('DraggableWrapperHoverContent', () => { forOrOut.forEach((hoverAction) => { describe(`Filter ${hoverAction} value`, () => { + beforeEach(() => { + jest.clearAllMocks(); + }); test(`it renders the 'Filter ${hoverAction} value' button when showTopN is false`, () => { const wrapper = mount( @@ -101,21 +130,16 @@ describe('DraggableWrapperHoverContent', () => { wrapper.find(`[data-test-subj="filter-${hoverAction}-value"]`).first().exists() ).toBe(false); }); - describe('when run in the context of a timeline', () => { - let filterManager: FilterManager; let wrapper: ReactWrapper; let onFilterAdded: () => void; beforeEach(() => { - filterManager = new FilterManager(mockUiSettingsForFilterManager); - filterManager.addFilters = jest.fn(); onFilterAdded = jest.fn(); const manageTimelineForTesting = { [timelineId]: { ...timelineDefaults, id: timelineId, - filterManager, }, }; @@ -131,7 +155,7 @@ describe('DraggableWrapperHoverContent', () => { wrapper.find(`[data-test-subj="filter-${hoverAction}-value"]`).first().simulate('click'); wrapper.update(); - expect(filterManager.addFilters).toBeCalledWith({ + expect(mockAddFilters).toBeCalledWith({ meta: { alias: null, disabled: false, @@ -164,7 +188,9 @@ describe('DraggableWrapperHoverContent', () => { wrapper = mount( - + ); }); @@ -253,7 +279,7 @@ describe('DraggableWrapperHoverContent', () => { wrapper.find(`[data-test-subj="filter-${hoverAction}-value"]`).first().simulate('click'); wrapper.update(); - expect(filterManager.addFilters).toBeCalledWith(expected); + expect(mockAddFilters).toBeCalledWith(expected); }); }); @@ -268,7 +294,14 @@ describe('DraggableWrapperHoverContent', () => { wrapper = mount( - + ); }); @@ -323,17 +356,15 @@ describe('DraggableWrapperHoverContent', () => { test(`it ${assertion} the 'Add to timeline investigation' button when showTopN is ${showTopN}, value is ${maybeValue}, and a draggableId is ${maybeDraggableId}`, () => { const wrapper = mount( - - - + ); @@ -348,15 +379,13 @@ describe('DraggableWrapperHoverContent', () => { test('when clicked, it invokes the `startDragToTimeline` function returned by the `useAddToTimeline` hook', () => { const wrapper = mount( - - - + ); @@ -380,18 +409,15 @@ describe('DraggableWrapperHoverContent', () => { const aggregatableStringField = 'cloud.account.id'; const wrapper = mount( - - - + ); - await wait(); // https://github.com/apollographql/react-apollo/issues/1711 wrapper.update(); expect(wrapper.find('[data-test-subj="show-top-field"]').first().exists()).toBe(true); @@ -401,18 +427,15 @@ describe('DraggableWrapperHoverContent', () => { const whitelistedField = 'signal.rule.name'; const wrapper = mount( - - - + ); - await wait(); wrapper.update(); expect(wrapper.find('[data-test-subj="show-top-field"]').first().exists()).toBe(true); @@ -422,18 +445,15 @@ describe('DraggableWrapperHoverContent', () => { const notKnownToBrowserFields = 'unknown.field'; const wrapper = mount( - - - + ); - await wait(); wrapper.update(); expect(wrapper.find('[data-test-subj="show-top-field"]').first().exists()).toBe(false); @@ -443,18 +463,15 @@ describe('DraggableWrapperHoverContent', () => { const whitelistedField = 'signal.rule.name'; const wrapper = mount( - - - + ); - await wait(); wrapper.update(); wrapper.find('[data-test-subj="show-top-field"]').first().simulate('click'); @@ -467,18 +484,15 @@ describe('DraggableWrapperHoverContent', () => { const whitelistedField = 'signal.rule.name'; const wrapper = mount( - - - + ); - await wait(); wrapper.update(); expect(wrapper.find('[data-test-subj="eventsByDatasetOverviewPanel"]').first().exists()).toBe( @@ -490,19 +504,16 @@ describe('DraggableWrapperHoverContent', () => { const whitelistedField = 'signal.rule.name'; const wrapper = mount( - - - + ); - await wait(); wrapper.update(); expect(wrapper.find('[data-test-subj="show-top-field"]').first().exists()).toBe(false); @@ -512,19 +523,16 @@ describe('DraggableWrapperHoverContent', () => { const whitelistedField = 'signal.rule.name'; const wrapper = mount( - - - + ); - await wait(); wrapper.update(); expect( @@ -559,4 +567,41 @@ describe('DraggableWrapperHoverContent', () => { expect(wrapper.find(`[data-test-subj="copy-to-clipboard"]`).first().exists()).toBe(false); }); }); + + describe('Filter Manager', () => { + beforeEach(() => { + jest.clearAllMocks(); + }); + test('filter manager, not active timeline', () => { + mount( + + + + ); + + expect(mockGetTimelineFilterManager).not.toBeCalled(); + }); + test('filter manager, active timeline', () => { + mount( + + + + ); + + expect(mockGetTimelineFilterManager).toBeCalled(); + }); + test('filter manager, active timeline in draggableId', () => { + mount( + + + + ); + + expect(mockGetTimelineFilterManager).toBeCalled(); + }); + }); }); diff --git a/x-pack/plugins/security_solution/public/common/components/drag_and_drop/draggable_wrapper_hover_content.tsx b/x-pack/plugins/security_solution/public/common/components/drag_and_drop/draggable_wrapper_hover_content.tsx index f916f42fe41cd..4efdea5eee43b 100644 --- a/x-pack/plugins/security_solution/public/common/components/drag_and_drop/draggable_wrapper_hover_content.tsx +++ b/x-pack/plugins/security_solution/public/common/components/drag_and_drop/draggable_wrapper_hover_content.tsx @@ -8,16 +8,17 @@ import { EuiButtonIcon, EuiToolTip } from '@elastic/eui'; import React, { useCallback, useMemo } from 'react'; import { DraggableId } from 'react-beautiful-dnd'; -import { getAllFieldsByName, WithSource } from '../../containers/source'; +import { getAllFieldsByName, useWithSource } from '../../containers/source'; import { useAddToTimeline } from '../../hooks/use_add_to_timeline'; import { WithCopyToClipboard } from '../../lib/clipboard/with_copy_to_clipboard'; import { useKibana } from '../../lib/kibana'; import { createFilter } from '../add_filter_to_global_search_bar'; -import { ACTIVE_TIMELINE_REDUX_ID, StatefulTopN } from '../top_n'; +import { StatefulTopN } from '../top_n'; import { allowTopN } from './helpers'; import * as i18n from './translations'; import { useManageTimeline } from '../../../timelines/components/manage_timeline'; +import { TimelineId } from '../../../../common/types/timeline'; interface Props { draggableId?: DraggableId; @@ -34,7 +35,7 @@ const DraggableWrapperHoverContentComponent: React.FC = ({ field, onFilterAdded, showTopN, - timelineId = ACTIVE_TIMELINE_REDUX_ID, + timelineId, toggleTopN, value, }) => { @@ -44,11 +45,16 @@ const DraggableWrapperHoverContentComponent: React.FC = ({ kibana.services.data.query.filterManager, ]); const { getTimelineFilterManager } = useManageTimeline(); - const filterManager = useMemo(() => getTimelineFilterManager(timelineId) ?? filterManagerBackup, [ - timelineId, - getTimelineFilterManager, - filterManagerBackup, - ]); + + const filterManager = useMemo( + () => + timelineId === TimelineId.active || + (draggableId != null && draggableId?.includes(TimelineId.active)) + ? getTimelineFilterManager(TimelineId.active) + : filterManagerBackup, + [draggableId, timelineId, getTimelineFilterManager, filterManagerBackup] + ); + const filterForValue = useCallback(() => { const filter = value?.length === 0 ? createFilter(field, undefined) : createFilter(field, value); @@ -79,6 +85,8 @@ const DraggableWrapperHoverContentComponent: React.FC = ({ // eslint-disable-next-line react-hooks/exhaustive-deps }, [field, value, filterManager, onFilterAdded]); + const { browserFields } = useWithSource(); + return ( <> {!showTopN && value != null && ( @@ -117,40 +125,36 @@ const DraggableWrapperHoverContentComponent: React.FC = ({ )} - - {({ browserFields }) => ( + <> + {allowTopN({ + browserField: getAllFieldsByName(browserFields)[field], + fieldName: field, + }) && ( <> - {allowTopN({ - browserField: getAllFieldsByName(browserFields)[field], - fieldName: field, - }) && ( - <> - {!showTopN && ( - - - - )} - - {showTopN && ( - - )} - + {!showTopN && ( + + + + )} + + {showTopN && ( + )} )} - + {!showTopN && ( diff --git a/x-pack/plugins/security_solution/public/common/components/exceptions/helpers.test.tsx b/x-pack/plugins/security_solution/public/common/components/exceptions/helpers.test.tsx index 2239de3764326..244819080c93d 100644 --- a/x-pack/plugins/security_solution/public/common/components/exceptions/helpers.test.tsx +++ b/x-pack/plugins/security_solution/public/common/components/exceptions/helpers.test.tsx @@ -215,7 +215,7 @@ describe('Exception helpers', () => { fieldName: 'host.name', isNested: false, operator: 'is in list', - value: ['some host name'], + value: 'some-list-id', }, { fieldName: 'host.name', @@ -238,8 +238,8 @@ describe('Exception helpers', () => { { fieldName: 'host.name.host.name', isNested: true, - operator: 'exists', - value: null, + operator: 'is', + value: 'some host name', }, ]; expect(result).toEqual(expected); diff --git a/x-pack/plugins/security_solution/public/common/components/exceptions/helpers.tsx b/x-pack/plugins/security_solution/public/common/components/exceptions/helpers.tsx index f8b9c39801ae5..164940db619f9 100644 --- a/x-pack/plugins/security_solution/public/common/components/exceptions/helpers.tsx +++ b/x-pack/plugins/security_solution/public/common/components/exceptions/helpers.tsx @@ -19,6 +19,7 @@ import { OperatorTypeEnum, entriesNested, entriesExists, + entriesList, } from '../../../lists_plugin_deps'; /** @@ -87,6 +88,16 @@ export const getFormattedEntries = (entries: EntriesArray): FormattedEntry[] => return formattedEntries.flat(); }; +export const getEntryValue = (entry: Entry): string | string[] | null => { + if (entriesList.is(entry)) { + return entry.list.id; + } else if (entriesExists.is(entry)) { + return null; + } else { + return entry.value; + } +}; + /** * Helper method for `getFormattedEntries` */ @@ -100,7 +111,7 @@ export const formatEntry = ({ item: Entry; }): FormattedEntry => { const operator = getExceptionOperatorSelect(item); - const value = !entriesExists.is(item) ? item.value : null; + const value = getEntryValue(item); return { fieldName: isNested ? `${parent}.${item.field}` : item.field, diff --git a/x-pack/plugins/security_solution/public/common/components/header_global/index.tsx b/x-pack/plugins/security_solution/public/common/components/header_global/index.tsx index de19c1903586a..17fdf2163b58e 100644 --- a/x-pack/plugins/security_solution/public/common/components/header_global/index.tsx +++ b/x-pack/plugins/security_solution/public/common/components/header_global/index.tsx @@ -16,7 +16,7 @@ import { getAppOverviewUrl } from '../link_to'; import { MlPopover } from '../ml_popover/ml_popover'; import { SiemNavigation } from '../navigation'; import * as i18n from './translations'; -import { indicesExistOrDataTemporarilyUnavailable, WithSource } from '../../containers/source'; +import { useWithSource } from '../../containers/source'; import { useGetUrlSearch } from '../navigation/use_get_url_search'; import { useKibana } from '../../lib/kibana'; import { APP_ID, ADD_DATA_PATH, APP_ALERTS_PATH } from '../../../../common/constants'; @@ -41,6 +41,7 @@ interface HeaderGlobalProps { hideDetectionEngine?: boolean; } export const HeaderGlobal = React.memo(({ hideDetectionEngine = false }) => { + const { indicesExist } = useWithSource(); const search = useGetUrlSearch(navTabs.overview); const { navigateToApp } = useKibana().services.application; const goToOverview = useCallback( @@ -54,60 +55,55 @@ export const HeaderGlobal = React.memo(({ hideDetectionEngine return ( - - {({ indicesExist }) => ( - <> - - - - - - - + <> + + + + + + + - - {indicesExistOrDataTemporarilyUnavailable(indicesExist) ? ( - key !== SecurityPageName.alerts, navTabs) - : navTabs - } - /> - ) : ( - key === SecurityPageName.overview, navTabs)} - /> - )} - - + + {indicesExist ? ( + key !== SecurityPageName.alerts, navTabs) + : navTabs + } + /> + ) : ( + key === SecurityPageName.overview, navTabs)} + /> + )} + + - - - {indicesExistOrDataTemporarilyUnavailable(indicesExist) && - window.location.pathname.includes(APP_ALERTS_PATH) && ( - - - - )} + + + {indicesExist && window.location.pathname.includes(APP_ALERTS_PATH) && ( + + + + )} - - - {i18n.BUTTON_ADD_DATA} - - - + + + {i18n.BUTTON_ADD_DATA} + - - )} - + + + ); diff --git a/x-pack/plugins/security_solution/public/common/components/top_n/index.tsx b/x-pack/plugins/security_solution/public/common/components/top_n/index.tsx index c28f5ab8aa44f..09da027569c61 100644 --- a/x-pack/plugins/security_solution/public/common/components/top_n/index.tsx +++ b/x-pack/plugins/security_solution/public/common/components/top_n/index.tsx @@ -8,7 +8,7 @@ import React, { useMemo } from 'react'; import { connect, ConnectedProps } from 'react-redux'; import { GlobalTime } from '../../containers/global_time'; -import { BrowserFields, WithSource } from '../../containers/source'; +import { BrowserFields, useWithSource } from '../../containers/source'; import { useKibana } from '../../lib/kibana'; import { esQuery, Filter, Query } from '../../../../../../../src/plugins/data/public'; import { inputsModel, inputsSelectors, State } from '../../store'; @@ -99,7 +99,7 @@ const StatefulTopNComponent: React.FC = ({ // * `id` (`timelineId`) may only be populated when we are rendered in the // context of the active timeline. // * `indexToAdd`, which enables the alerts index to be appended to - // the `indexPattern` returned by `WithSource`, may only be populated when + // the `indexPattern` returned by `useWithSource`, may only be populated when // this component is rendered in the context of the active timeline. This // behavior enables the 'All events' view by appending the alerts index // to the index pattern. @@ -117,54 +117,50 @@ const StatefulTopNComponent: React.FC = ({ timelineId === ACTIVE_TIMELINE_REDUX_ID ? activeTimelineEventType : undefined ); + const { indexPattern } = useWithSource('default', indexToAdd); + return ( {({ from, deleteQuery, setQuery, to }) => ( - - {({ indexPattern }) => ( - - )} - + )} ); diff --git a/x-pack/plugins/security_solution/public/common/containers/global_time/index.tsx b/x-pack/plugins/security_solution/public/common/containers/global_time/index.tsx index 9b9b5c5d815b9..9c9778c7074ee 100644 --- a/x-pack/plugins/security_solution/public/common/containers/global_time/index.tsx +++ b/x-pack/plugins/security_solution/public/common/containers/global_time/index.tsx @@ -94,3 +94,5 @@ export const connector = connect(mapStateToProps, mapDispatchToProps); type PropsFromRedux = ConnectedProps; export const GlobalTime = connector(React.memo(GlobalTimeComponent)); + +GlobalTime.displayName = 'GlobalTime'; diff --git a/x-pack/plugins/security_solution/public/common/containers/source/index.test.tsx b/x-pack/plugins/security_solution/public/common/containers/source/index.test.tsx index d1a183a402e37..c30c3668638a3 100644 --- a/x-pack/plugins/security_solution/public/common/containers/source/index.test.tsx +++ b/x-pack/plugins/security_solution/public/common/containers/source/index.test.tsx @@ -4,55 +4,48 @@ * you may not use this file except in compliance with the Elastic License. */ -import { isEqual } from 'lodash/fp'; -import { mount } from 'enzyme'; -import React from 'react'; -import { MockedProvider } from 'react-apollo/test-utils'; +import { act, renderHook } from '@testing-library/react-hooks'; -import { wait } from '../../lib/helpers'; - -import { WithSource, indicesExistOrDataTemporarilyUnavailable } from '.'; +import { useWithSource, indicesExistOrDataTemporarilyUnavailable } from '.'; import { mockBrowserFields, mockIndexFields, mocksSource } from './mock'; jest.mock('../../lib/kibana'); +jest.mock('../../utils/apollo_context', () => ({ + useApolloClient: jest.fn().mockReturnValue({ + query: jest.fn().mockImplementation(() => Promise.resolve(mocksSource[0].result)), + }), +})); describe('Index Fields & Browser Fields', () => { - test('Index Fields', async () => { - mount( - - - {({ indexPattern }) => { - if (!isEqual(indexPattern.fields, [])) { - expect(indexPattern.fields).toEqual(mockIndexFields); - } + test('returns memoized value', async () => { + const { result, waitForNextUpdate, rerender } = renderHook(() => useWithSource()); + await waitForNextUpdate(); - return null; - }} - - - ); + const result1 = result.current; + act(() => rerender()); + const result2 = result.current; - // Why => https://github.com/apollographql/react-apollo/issues/1711 - await wait(); + return expect(result1).toBe(result2); }); - test('Browser Fields', async () => { - mount( - - - {({ browserFields }) => { - if (!isEqual(browserFields, {})) { - expect(browserFields).toEqual(mockBrowserFields); - } + test('Index Fields', async () => { + const { result, waitForNextUpdate } = renderHook(() => useWithSource()); - return null; - }} - - - ); + await waitForNextUpdate(); - // Why => https://github.com/apollographql/react-apollo/issues/1711 - await wait(); + return expect(result).toEqual({ + current: { + indicesExist: true, + browserFields: mockBrowserFields, + indexPattern: { + fields: mockIndexFields, + title: 'apm-*-transaction*,auditbeat-*,endgame-*,filebeat-*,packetbeat-*,winlogbeat-*', + }, + loading: false, + errorMessage: null, + }, + error: undefined, + }); }); describe('indicesExistOrDataTemporarilyUnavailable', () => { diff --git a/x-pack/plugins/security_solution/public/common/containers/source/index.tsx b/x-pack/plugins/security_solution/public/common/containers/source/index.tsx index ad480ad2c496b..34ac5f8f5d94f 100644 --- a/x-pack/plugins/security_solution/public/common/containers/source/index.tsx +++ b/x-pack/plugins/security_solution/public/common/containers/source/index.tsx @@ -6,8 +6,7 @@ import { isUndefined } from 'lodash'; import { get, keyBy, pick, set, isEmpty } from 'lodash/fp'; -import { Query } from 'react-apollo'; -import React, { useEffect, useMemo, useState } from 'react'; +import { useEffect, useMemo, useState } from 'react'; import memoizeOne from 'memoize-one'; import { IIndexPattern } from 'src/plugins/data/public'; @@ -50,18 +49,6 @@ export const getAllFieldsByName = ( ): { [fieldName: string]: Partial } => keyBy('name', getAllBrowserFields(browserFields)); -interface WithSourceArgs { - indicesExist: boolean; - browserFields: BrowserFields; - indexPattern: IIndexPattern; -} - -interface WithSourceProps { - children: (args: WithSourceArgs) => React.ReactNode; - indexToAdd?: string[] | null; - sourceId: string; -} - export const getIndexFields = memoizeOne( (title: string, fields: IndexField[]): IIndexPattern => fields && fields.length > 0 @@ -71,7 +58,8 @@ export const getIndexFields = memoizeOne( ), title, } - : { fields: [], title } + : { fields: [], title }, + (newArgs, lastArgs) => newArgs[0] === lastArgs[0] && newArgs[1].length === lastArgs[1].length ); export const getBrowserFields = memoizeOne( @@ -82,10 +70,26 @@ export const getBrowserFields = memoizeOne( set([field.category, 'fields', field.name], field, accumulator), {} ) - : {} + : {}, + // Update the value only if _title has changed + (newArgs, lastArgs) => newArgs[0] === lastArgs[0] ); -export const WithSource = React.memo(({ children, indexToAdd, sourceId }) => { +export const indicesExistOrDataTemporarilyUnavailable = ( + indicesExist: boolean | null | undefined +) => indicesExist || isUndefined(indicesExist); + +const EMPTY_BROWSER_FIELDS = {}; + +interface UseWithSourceState { + browserFields: BrowserFields; + errorMessage: string | null; + indexPattern: IIndexPattern; + indicesExist: boolean | undefined | null; + loading: boolean; +} + +export const useWithSource = (sourceId = 'default', indexToAdd?: string[] | null) => { const [configIndex] = useUiSetting$(DEFAULT_INDEX_KEY); const defaultIndex = useMemo(() => { if (indexToAdd != null && !isEmpty(indexToAdd)) { @@ -94,87 +98,84 @@ export const WithSource = React.memo(({ children, indexToAdd, s return configIndex; }, [configIndex, indexToAdd]); - return ( - - query={sourceQuery} - fetchPolicy="cache-first" - notifyOnNetworkStatusChange - variables={{ - sourceId, - defaultIndex, - }} - > - {({ data }) => - children({ - indicesExist: get('source.status.indicesExist', data), - browserFields: getBrowserFields( - defaultIndex.join(), - get('source.status.indexFields', data) - ), - indexPattern: getIndexFields(defaultIndex.join(), get('source.status.indexFields', data)), - }) - } - - ); -}); + const [state, setState] = useState({ + browserFields: EMPTY_BROWSER_FIELDS, + errorMessage: null, + indexPattern: getIndexFields(defaultIndex.join(), []), + indicesExist: undefined, + loading: false, + }); -WithSource.displayName = 'WithSource'; + const apolloClient = useApolloClient(); -export const indicesExistOrDataTemporarilyUnavailable = (indicesExist: boolean | undefined) => - indicesExist || isUndefined(indicesExist); + useEffect(() => { + let isSubscribed = true; + const abortCtrl = new AbortController(); -export const useWithSource = (sourceId: string, indices: string[]) => { - const [loading, updateLoading] = useState(false); - const [indicesExist, setIndicesExist] = useState(undefined); - const [browserFields, setBrowserFields] = useState(null); - const [indexPattern, setIndexPattern] = useState(null); - const [errorMessage, updateErrorMessage] = useState(null); + async function fetchSource() { + if (!apolloClient) return; - const apolloClient = useApolloClient(); - async function fetchSource(signal: AbortSignal) { - updateLoading(true); - if (apolloClient) { - apolloClient - .query({ + setState((prevState) => ({ ...prevState, loading: true })); + + try { + const result = await apolloClient.query({ query: sourceQuery, fetchPolicy: 'cache-first', variables: { sourceId, - defaultIndex: indices, + defaultIndex, }, context: { fetchOptions: { - signal, + signal: abortCtrl.signal, }, }, - }) - .then( - (result) => { - updateLoading(false); - updateErrorMessage(null); - setIndicesExist(get('data.source.status.indicesExist', result)); - setBrowserFields( - getBrowserFields(indices.join(), get('data.source.status.indexFields', result)) - ); - setIndexPattern( - getIndexFields(indices.join(), get('data.source.status.indexFields', result)) - ); - }, - (error) => { - updateLoading(false); - updateErrorMessage(error.message); - } - ); + }); + if (!isSubscribed) { + return setState((prevState) => ({ + ...prevState, + loading: false, + })); + } + + setState({ + loading: false, + indicesExist: indicesExistOrDataTemporarilyUnavailable( + get('data.source.status.indicesExist', result) + ), + browserFields: getBrowserFields( + defaultIndex.join(), + get('data.source.status.indexFields', result) + ), + indexPattern: getIndexFields( + defaultIndex.join(), + get('data.source.status.indexFields', result) + ), + errorMessage: null, + }); + } catch (error) { + if (!isSubscribed) { + return setState((prevState) => ({ + ...prevState, + loading: false, + })); + } + + setState((prevState) => ({ + ...prevState, + loading: false, + errorMessage: error.message, + })); + } } - } - useEffect(() => { - const abortCtrl = new AbortController(); - const signal = abortCtrl.signal; - fetchSource(signal); - return () => abortCtrl.abort(); - // eslint-disable-next-line react-hooks/exhaustive-deps - }, [apolloClient, sourceId, indices]); + fetchSource(); + + return () => { + isSubscribed = false; + return abortCtrl.abort(); + }; + }, [apolloClient, sourceId, defaultIndex]); - return { indicesExist, browserFields, indexPattern, loading, errorMessage }; + return state; }; diff --git a/x-pack/plugins/security_solution/public/common/lib/connectors/jira/flyout.tsx b/x-pack/plugins/security_solution/public/common/lib/connectors/jira/flyout.tsx index c9953fdb30e02..0737db3cd08eb 100644 --- a/x-pack/plugins/security_solution/public/common/lib/connectors/jira/flyout.tsx +++ b/x-pack/plugins/security_solution/public/common/lib/connectors/jira/flyout.tsx @@ -63,7 +63,7 @@ const JiraConnectorForm: React.FC> fullWidth error={errors.email} isInvalid={isEmailInvalid} - label={i18n.EMAIL_LABEL} + label={i18n.JIRA_EMAIL_LABEL} > > fullWidth error={errors.apiToken} isInvalid={isApiTokenInvalid} - label={i18n.API_TOKEN_LABEL} + label={i18n.JIRA_API_TOKEN_LABEL} > { } if (!action.secrets.email) { - errors.email = [...errors.email, i18n.EMAIL_REQUIRED]; + errors.email = [...errors.email, i18n.JIRA_EMAIL_REQUIRED]; } if (!action.secrets.apiToken) { - errors.apiToken = [...errors.apiToken, i18n.API_TOKEN_REQUIRED]; + errors.apiToken = [...errors.apiToken, i18n.JIRA_API_TOKEN_REQUIRED]; } return { errors }; diff --git a/x-pack/plugins/security_solution/public/common/lib/connectors/jira/translations.ts b/x-pack/plugins/security_solution/public/common/lib/connectors/jira/translations.ts index 286f81842411b..bcb2c49a0de74 100644 --- a/x-pack/plugins/security_solution/public/common/lib/connectors/jira/translations.ts +++ b/x-pack/plugins/security_solution/public/common/lib/connectors/jira/translations.ts @@ -36,6 +36,34 @@ export const JIRA_PROJECT_KEY_REQUIRED = i18n.translate( } ); +export const JIRA_EMAIL_LABEL = i18n.translate( + 'xpack.securitySolution.case.connectors.jira.emailTextFieldLabel', + { + defaultMessage: 'Email or Username', + } +); + +export const JIRA_EMAIL_REQUIRED = i18n.translate( + 'xpack.securitySolution.case.connectors.jira.requiredEmailTextField', + { + defaultMessage: 'Email or Username is required', + } +); + +export const JIRA_API_TOKEN_LABEL = i18n.translate( + 'xpack.securitySolution.case.connectors.jira.apiTokenTextFieldLabel', + { + defaultMessage: 'API token or Password', + } +); + +export const JIRA_API_TOKEN_REQUIRED = i18n.translate( + 'xpack.securitySolution.case.connectors.jira.requiredApiTokenTextField', + { + defaultMessage: 'API token or Password is required', + } +); + export const MAPPING_FIELD_SUMMARY = i18n.translate( 'xpack.securitySolution.case.configureCases.mappingFieldSummary', { diff --git a/x-pack/plugins/security_solution/public/common/lib/connectors/translations.ts b/x-pack/plugins/security_solution/public/common/lib/connectors/translations.ts index 40848ea769008..6dd1247d40fcb 100644 --- a/x-pack/plugins/security_solution/public/common/lib/connectors/translations.ts +++ b/x-pack/plugins/security_solution/public/common/lib/connectors/translations.ts @@ -58,14 +58,14 @@ export const PASSWORD_REQUIRED = i18n.translate( export const API_TOKEN_LABEL = i18n.translate( 'xpack.securitySolution.case.connectors.common.apiTokenTextFieldLabel', { - defaultMessage: 'Api token', + defaultMessage: 'API token', } ); export const API_TOKEN_REQUIRED = i18n.translate( 'xpack.securitySolution.case.connectors.common.requiredApiTokenTextField', { - defaultMessage: 'Api token is required', + defaultMessage: 'API token is required', } ); diff --git a/x-pack/plugins/security_solution/public/hosts/pages/details/details_tabs.test.tsx b/x-pack/plugins/security_solution/public/hosts/pages/details/details_tabs.test.tsx index 936789625a4dd..e520facf285c2 100644 --- a/x-pack/plugins/security_solution/public/hosts/pages/details/details_tabs.test.tsx +++ b/x-pack/plugins/security_solution/public/hosts/pages/details/details_tabs.test.tsx @@ -5,7 +5,6 @@ */ import React from 'react'; -import { IIndexPattern } from 'src/plugins/data/public'; import { MemoryRouter } from 'react-router-dom'; import useResizeObserver from 'use-resize-observer/polyfilled'; @@ -19,12 +18,7 @@ import { useMountAppended } from '../../../common/utils/use_mount_appended'; import { getHostDetailsPageFilters } from './helpers'; jest.mock('../../../common/containers/source', () => ({ - indicesExistOrDataTemporarilyUnavailable: () => true, - WithSource: ({ - children, - }: { - children: (args: { indicesExist: boolean; indexPattern: IIndexPattern }) => React.ReactNode; - }) => children({ indicesExist: true, indexPattern: mockIndexPattern }), + useWithSource: jest.fn().mockReturnValue({ indicesExist: true, indexPattern: mockIndexPattern }), })); // Test will fail because we will to need to mock some core services to make the test work diff --git a/x-pack/plugins/security_solution/public/hosts/pages/details/index.tsx b/x-pack/plugins/security_solution/public/hosts/pages/details/index.tsx index e3f00a377d272..1c66a9edc1947 100644 --- a/x-pack/plugins/security_solution/public/hosts/pages/details/index.tsx +++ b/x-pack/plugins/security_solution/public/hosts/pages/details/index.tsx @@ -27,10 +27,7 @@ import { SiemSearchBar } from '../../../common/components/search_bar'; import { WrapperPage } from '../../../common/components/wrapper_page'; import { HostOverviewByNameQuery } from '../../containers/hosts/overview'; import { KpiHostDetailsQuery } from '../../containers/kpi_host_details'; -import { - indicesExistOrDataTemporarilyUnavailable, - WithSource, -} from '../../../common/containers/source'; +import { useWithSource } from '../../../common/containers/source'; import { LastEventIndexKey } from '../../../graphql/types'; import { useKibana } from '../../../common/lib/kibana'; import { convertToBuildEsQuery } from '../../../common/lib/keury'; @@ -83,132 +80,126 @@ const HostDetailsComponent = React.memo( }, [setAbsoluteRangeDatePicker] ); + const { indicesExist, indexPattern } = useWithSource(); + const filterQuery = convertToBuildEsQuery({ + config: esQuery.getEsQueryConfig(kibana.services.uiSettings), + indexPattern, + queries: [query], + filters: getFilters(), + }); return ( <> - - {({ indicesExist, indexPattern }) => { - const filterQuery = convertToBuildEsQuery({ - config: esQuery.getEsQueryConfig(kibana.services.uiSettings), - indexPattern, - queries: [query], - filters: getFilters(), - }); - return indicesExistOrDataTemporarilyUnavailable(indicesExist) ? ( - - - - - - - - } - title={detailName} - /> - - + + + + + + + } + title={detailName} + /> + + + {({ hostOverview, loading, id, inspect, refetch }) => ( + - {({ hostOverview, loading, id, inspect, refetch }) => ( - - {({ isLoadingAnomaliesData, anomaliesData }) => ( - { - const fromTo = scoreIntervalToDateTime(score, interval); - setAbsoluteRangeDatePicker({ - id: 'global', - from: fromTo.from, - to: fromTo.to, - }); - }} - /> - )} - - )} - - - - - - {({ kpiHostDetails, id, inspect, loading, refetch }) => ( - ( + { + const fromTo = scoreIntervalToDateTime(score, interval); + setAbsoluteRangeDatePicker({ + id: 'global', + from: fromTo.from, + to: fromTo.to, + }); + }} /> )} - - - - - - - - - + )} + + + + + + {({ kpiHostDetails, id, inspect, loading, refetch }) => ( + - - - ) : ( - - - - - - ); - }} - + )} + + + + + + + + + + + + ) : ( + + + + + + )} diff --git a/x-pack/plugins/security_solution/public/hosts/pages/hosts.test.tsx b/x-pack/plugins/security_solution/public/hosts/pages/hosts.test.tsx index 85db3b4e159f1..ea0b32137eb39 100644 --- a/x-pack/plugins/security_solution/public/hosts/pages/hosts.test.tsx +++ b/x-pack/plugins/security_solution/public/hosts/pages/hosts.test.tsx @@ -5,15 +5,12 @@ */ import { mount } from 'enzyme'; -import { cloneDeep } from 'lodash/fp'; import React from 'react'; import { Router } from 'react-router-dom'; -import { MockedProvider } from 'react-apollo/test-utils'; import { Filter } from '../../../../../../src/plugins/data/common/es_query'; import '../../common/mock/match_media'; -import { mocksSource } from '../../common/containers/source/mock'; -import { wait } from '../../common/lib/helpers'; +import { useWithSource } from '../../common/containers/source'; import { apolloClientObservable, TestProviders, @@ -28,6 +25,8 @@ import { HostsComponentProps } from './types'; import { Hosts } from './hosts'; import { HostsTabs } from './hosts_tabs'; +jest.mock('../../common/containers/source'); + // Test will fail because we will to need to mock some core services to make the test work // For now let's forget about SiemSearchBar and QueryBar jest.mock('../../common/components/search_bar', () => ({ @@ -37,19 +36,6 @@ jest.mock('../../common/components/query_bar', () => ({ QueryBar: () => null, })); -let localSource: Array<{ - request: {}; - result: { - data: { - source: { - status: { - indicesExist: boolean; - }; - }; - }; - }; -}>; - type Action = 'PUSH' | 'POP' | 'REPLACE'; const pop: Action = 'POP'; const location = { @@ -84,57 +70,49 @@ describe('Hosts - rendering', () => { hostsPagePath: '', }; - beforeEach(() => { - localSource = cloneDeep(mocksSource); - }); - test('it renders the Setup Instructions text when no index is available', async () => { - localSource[0].result.data.source.status.indicesExist = false; + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: false, + }); + const wrapper = mount( - - - - - + + + ); - // Why => https://github.com/apollographql/react-apollo/issues/1711 - await new Promise((resolve) => setTimeout(resolve)); - wrapper.update(); expect(wrapper.find('[data-test-subj="empty-page"]').exists()).toBe(true); }); test('it DOES NOT render the Setup Instructions text when an index is available', async () => { - localSource[0].result.data.source.status.indicesExist = true; + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: true, + indexPattern: {}, + }); const wrapper = mount( - - - - - + + + ); - // Why => https://github.com/apollographql/react-apollo/issues/1711 - await new Promise((resolve) => setTimeout(resolve)); - wrapper.update(); expect(wrapper.find('[data-test-subj="empty-page"]').exists()).toBe(false); }); test('it should render tab navigation', async () => { - localSource[0].result.data.source.status.indicesExist = true; + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: true, + indexPattern: {}, + }); + const wrapper = mount( - - - - - + + + ); - await wait(); - wrapper.update(); expect(wrapper.find(SiemNavigation).exists()).toBe(true); }); @@ -170,22 +148,21 @@ describe('Hosts - rendering', () => { }, }, ]; - localSource[0].result.data.source.status.indicesExist = true; + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: true, + indexPattern: { fields: [], title: 'title' }, + }); const myState: State = mockGlobalState; const { storage } = createSecuritySolutionStorageMock(); const myStore = createStore(myState, SUB_PLUGINS_REDUCER, apolloClientObservable, storage); const wrapper = mount( - - - - - + + + ); - await wait(); wrapper.update(); - myStore.dispatch(inputsActions.setSearchBarFilter({ id: 'global', filters: newFilters })); wrapper.update(); expect(wrapper.find(HostsTabs).props().filterQuery).toEqual( diff --git a/x-pack/plugins/security_solution/public/hosts/pages/hosts.tsx b/x-pack/plugins/security_solution/public/hosts/pages/hosts.tsx index f6429544f855e..f5cc651a30443 100644 --- a/x-pack/plugins/security_solution/public/hosts/pages/hosts.tsx +++ b/x-pack/plugins/security_solution/public/hosts/pages/hosts.tsx @@ -22,10 +22,7 @@ import { manageQuery } from '../../common/components/page/manage_query'; import { SiemSearchBar } from '../../common/components/search_bar'; import { WrapperPage } from '../../common/components/wrapper_page'; import { KpiHostsQuery } from '../containers/kpi_hosts'; -import { - indicesExistOrDataTemporarilyUnavailable, - WithSource, -} from '../../common/containers/source'; +import { useWithSource } from '../../common/containers/source'; import { LastEventIndexKey } from '../../graphql/types'; import { useKibana } from '../../common/lib/kibana'; import { convertToBuildEsQuery } from '../../common/lib/keury'; @@ -77,87 +74,84 @@ export const HostsComponent = React.memo( }, [setAbsoluteRangeDatePicker] ); + const { indicesExist, indexPattern } = useWithSource(); + const filterQuery = convertToBuildEsQuery({ + config: esQuery.getEsQueryConfig(kibana.services.uiSettings), + indexPattern, + queries: [query], + filters, + }); + const tabsFilterQuery = convertToBuildEsQuery({ + config: esQuery.getEsQueryConfig(kibana.services.uiSettings), + indexPattern, + queries: [query], + filters: tabsFilters, + }); return ( <> - - {({ indicesExist, indexPattern }) => { - const filterQuery = convertToBuildEsQuery({ - config: esQuery.getEsQueryConfig(kibana.services.uiSettings), - indexPattern, - queries: [query], - filters, - }); - const tabsFilterQuery = convertToBuildEsQuery({ - config: esQuery.getEsQueryConfig(kibana.services.uiSettings), - indexPattern, - queries: [query], - filters: tabsFilters, - }); - return indicesExistOrDataTemporarilyUnavailable(indicesExist) ? ( - - - - - - - } - title={i18n.PAGE_TITLE} - /> - - - {({ kpiHosts, loading, id, inspect, refetch }) => ( - - )} - - - - - - - - - + + + + + + } + title={i18n.PAGE_TITLE} + /> + + + {({ kpiHosts, loading, id, inspect, refetch }) => ( + - - - ) : ( - - - - - - ); - }} - + )} + + + + + + + + + + + + ) : ( + + + + + + )} diff --git a/x-pack/plugins/security_solution/public/lists_plugin_deps.ts b/x-pack/plugins/security_solution/public/lists_plugin_deps.ts index 22732c86bd9a9..575ff26330a46 100644 --- a/x-pack/plugins/security_solution/public/lists_plugin_deps.ts +++ b/x-pack/plugins/security_solution/public/lists_plugin_deps.ts @@ -27,4 +27,5 @@ export { OperatorTypeEnum, entriesNested, entriesExists, + entriesList, } from '../../lists/common/schemas'; diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/action.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/action.ts index e14e39bf45c93..b04b2f085689e 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/action.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/action.ts @@ -6,7 +6,10 @@ import { PolicyData } from '../../../../../../common/endpoint/types'; import { ServerApiError } from '../../../../../common/types'; -import { GetAgentStatusResponse } from '../../../../../../../ingest_manager/common/types/rest_spec'; +import { + GetAgentStatusResponse, + GetPackagesResponse, +} from '../../../../../../../ingest_manager/common'; interface ServerReturnedPolicyListData { type: 'serverReturnedPolicyListData'; @@ -53,6 +56,11 @@ interface ServerReturnedPolicyAgentsSummaryForDelete { payload: { agentStatusSummary: GetAgentStatusResponse['results'] }; } +interface ServerReturnedEndpointPackageInfo { + type: 'serverReturnedEndpointPackageInfo'; + payload: GetPackagesResponse['response'][0]; +} + export type PolicyListAction = | ServerReturnedPolicyListData | ServerFailedToReturnPolicyListData @@ -61,4 +69,5 @@ export type PolicyListAction = | ServerDeletedPolicy | UserOpenedPolicyListDeleteModal | ServerReturnedPolicyAgentsSummaryForDeleteFailure - | ServerReturnedPolicyAgentsSummaryForDelete; + | ServerReturnedPolicyAgentsSummaryForDelete + | ServerReturnedEndpointPackageInfo; diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/index.test.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/index.test.ts index c24c47becc0b5..f454061055e96 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/index.test.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/index.test.ts @@ -18,6 +18,7 @@ import { selectIsLoading, urlSearchParams, selectIsDeleting, + endpointPackageVersion, } from './selectors'; import { DepsStartMock, depsStartMock } from '../../../../../common/mock/endpoint'; import { setPolicyListApiMockImplementation } from './test_mock_utils'; @@ -254,5 +255,21 @@ describe('policy list store concerns', () => { page_size: 50, }); }); + + it('should load package information only if not already in state', async () => { + dispatchUserChangedUrl('?page_size=10&page_index=10'); + await waitForAction('serverReturnedEndpointPackageInfo'); + expect(endpointPackageVersion(store.getState())).toEqual('0.5.0'); + fakeCoreStart.http.get.mockClear(); + dispatchUserChangedUrl('?page_size=10&page_index=11'); + expect(fakeCoreStart.http.get).toHaveBeenCalledWith(INGEST_API_DATASOURCES, { + query: { + kuery: `${DATASOURCE_SAVED_OBJECT_TYPE}.package.name: endpoint`, + page: 12, + perPage: 10, + }, + }); + expect(endpointPackageVersion(store.getState())).toEqual('0.5.0'); + }); }); }); diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/middleware.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/middleware.ts index 39c685da3ec46..7d8620a5831d0 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/middleware.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/middleware.ts @@ -9,8 +9,9 @@ import { sendGetEndpointSpecificDatasources, sendDeleteDatasource, sendGetFleetAgentStatusForConfig, + sendGetEndpointSecurityPackage, } from './services/ingest'; -import { isOnPolicyListPage, urlSearchParams } from './selectors'; +import { endpointPackageInfo, isOnPolicyListPage, urlSearchParams } from './selectors'; import { ImmutableMiddlewareFactory } from '../../../../../common/store'; import { initialPolicyListState } from './reducer'; import { @@ -32,6 +33,25 @@ export const policyListMiddlewareFactory: ImmutableMiddlewareFactory { + dispatch({ + type: 'serverReturnedEndpointPackageInfo', + payload: packageInfo, + }); + }) + .catch((error) => { + // eslint-disable-next-line no-console + console.error(error); + }); + } + const { page_index: pageIndex, page_size: pageSize } = urlSearchParams(state); let response: GetPolicyListResponse; diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/reducer.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/reducer.ts index a8a2ad3e7cc26..52bed8d850ef4 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/reducer.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/reducer.ts @@ -16,6 +16,7 @@ import { PolicyListState } from '../../types'; */ export const initialPolicyListState: () => Immutable = () => ({ policyItems: [], + endpointPackageInfo: undefined, isLoading: false, isDeleting: false, deleteStatus: undefined, @@ -95,6 +96,13 @@ export const policyListReducer: ImmutableReducer = ( }; } + if (action.type === 'serverReturnedEndpointPackageInfo') { + return { + ...state, + endpointPackageInfo: action.payload, + }; + } + if (action.type === 'userChangedUrl') { const newState: Immutable = { ...state, diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/selectors.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/selectors.ts index 089c97b5520a2..ce57d238d7581 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/selectors.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/selectors.ts @@ -84,3 +84,17 @@ export const urlSearchParams: ( return searchParams; }); + +/** + * Returns package information for Endpoint + * @param state + */ +export const endpointPackageInfo = (state: Immutable) => state.endpointPackageInfo; + +/** + * Returns the version number for the endpoint package. + */ +export const endpointPackageVersion = createSelector( + endpointPackageInfo, + (info) => info?.version ?? undefined +); diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/services/ingest.test.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/services/ingest.test.ts index cbbc5c3c6fdbe..2270c65fb149f 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/services/ingest.test.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/services/ingest.test.ts @@ -4,7 +4,11 @@ * you may not use this file except in compliance with the Elastic License. */ -import { sendGetDatasource, sendGetEndpointSpecificDatasources } from './ingest'; +import { + sendGetDatasource, + sendGetEndpointSecurityPackage, + sendGetEndpointSpecificDatasources, +} from './ingest'; import { httpServiceMock } from '../../../../../../../../../../src/core/public/mocks'; import { DATASOURCE_SAVED_OBJECT_TYPE } from '../../../../../../../../ingest_manager/common'; @@ -37,6 +41,7 @@ describe('ingest service', () => { }); }); }); + describe('sendGetDatasource()', () => { it('builds correct API path', async () => { await sendGetDatasource(http, '123'); @@ -51,4 +56,90 @@ describe('ingest service', () => { }); }); }); + + describe('sendGetEndpointSecurityPackage()', () => { + it('should query EPM with category=security', async () => { + http.get.mockResolvedValue({ + response: [ + { + name: 'endpoint', + title: 'Elastic Endpoint', + version: '0.5.0', + description: 'This is the Elastic Endpoint package.', + type: 'solution', + download: '/epr/endpoint/endpoint-0.5.0.tar.gz', + path: '/package/endpoint/0.5.0', + icons: [ + { + src: '/package/endpoint/0.5.0/img/logo-endpoint-64-color.svg', + size: '16x16', + type: 'image/svg+xml', + }, + ], + status: 'installed', + savedObject: { + type: 'epm-packages', + id: 'endpoint', + attributes: { + installed: [ + { id: '826759f0-7074-11ea-9bc8-6b38f4d29a16', type: 'dashboard' }, + { id: '1cfceda0-728b-11ea-9bc8-6b38f4d29a16', type: 'visualization' }, + { id: '1e525190-7074-11ea-9bc8-6b38f4d29a16', type: 'visualization' }, + { id: '55387750-729c-11ea-9bc8-6b38f4d29a16', type: 'visualization' }, + { id: '92b1edc0-706a-11ea-9bc8-6b38f4d29a16', type: 'visualization' }, + { id: 'a3a3bd10-706b-11ea-9bc8-6b38f4d29a16', type: 'map' }, + { id: 'logs-endpoint.alerts', type: 'index-template' }, + { id: 'events-endpoint', type: 'index-template' }, + { id: 'logs-endpoint.events.file', type: 'index-template' }, + { id: 'logs-endpoint.events.library', type: 'index-template' }, + { id: 'metrics-endpoint.metadata', type: 'index-template' }, + { id: 'metrics-endpoint.metadata_mirror', type: 'index-template' }, + { id: 'logs-endpoint.events.network', type: 'index-template' }, + { id: 'metrics-endpoint.policy', type: 'index-template' }, + { id: 'logs-endpoint.events.process', type: 'index-template' }, + { id: 'logs-endpoint.events.registry', type: 'index-template' }, + { id: 'logs-endpoint.events.security', type: 'index-template' }, + { id: 'metrics-endpoint.telemetry', type: 'index-template' }, + ], + es_index_patterns: { + alerts: 'logs-endpoint.alerts-*', + events: 'events-endpoint-*', + file: 'logs-endpoint.events.file-*', + library: 'logs-endpoint.events.library-*', + metadata: 'metrics-endpoint.metadata-*', + metadata_mirror: 'metrics-endpoint.metadata_mirror-*', + network: 'logs-endpoint.events.network-*', + policy: 'metrics-endpoint.policy-*', + process: 'logs-endpoint.events.process-*', + registry: 'logs-endpoint.events.registry-*', + security: 'logs-endpoint.events.security-*', + telemetry: 'metrics-endpoint.telemetry-*', + }, + name: 'endpoint', + version: '0.5.0', + internal: false, + removable: false, + }, + references: [], + updated_at: '2020-06-24T14:41:23.098Z', + version: 'Wzc0LDFd', + score: 0, + }, + }, + ], + success: true, + }); + await sendGetEndpointSecurityPackage(http); + expect(http.get).toHaveBeenCalledWith('/api/ingest_manager/epm/packages', { + query: { category: 'security' }, + }); + }); + + it('should throw if package is not found', async () => { + http.get.mockResolvedValue({ response: [], success: true }); + await expect(async () => { + await sendGetEndpointSecurityPackage(http); + }).rejects.toThrow(); + }); + }); }); diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/services/ingest.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/services/ingest.ts index 66e98aa51601e..cbdd67261739f 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/services/ingest.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/services/ingest.ts @@ -20,7 +20,7 @@ const INGEST_API_ROOT = `/api/ingest_manager`; export const INGEST_API_DATASOURCES = `${INGEST_API_ROOT}/datasources`; const INGEST_API_FLEET = `${INGEST_API_ROOT}/fleet`; const INGEST_API_FLEET_AGENT_STATUS = `${INGEST_API_FLEET}/agent-status`; -const INGEST_API_EPM_PACKAGES = `${INGEST_API_ROOT}/epm/packages`; +export const INGEST_API_EPM_PACKAGES = `${INGEST_API_ROOT}/epm/packages`; const INGEST_API_DELETE_DATASOURCE = `${INGEST_API_DATASOURCES}/delete`; /** diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/test_mock_utils.ts b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/test_mock_utils.ts index 2c495202dc75b..0f0d1cb1b559d 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/test_mock_utils.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/store/policy_list/test_mock_utils.ts @@ -5,9 +5,14 @@ */ import { HttpStart } from 'kibana/public'; -import { INGEST_API_DATASOURCES } from './services/ingest'; +import { INGEST_API_DATASOURCES, INGEST_API_EPM_PACKAGES } from './services/ingest'; import { EndpointDocGenerator } from '../../../../../../common/endpoint/generate_data'; import { GetPolicyListResponse } from '../../types'; +import { + AssetReference, + GetPackagesResponse, + InstallationStatus, +} from '../../../../../../../ingest_manager/common'; const generator = new EndpointDocGenerator('policy-list'); @@ -32,6 +37,78 @@ export const setPolicyListApiMockImplementation = ( success: true, }); } + + if (path === INGEST_API_EPM_PACKAGES) { + return Promise.resolve({ + response: [ + { + name: 'endpoint', + title: 'Elastic Endpoint', + version: '0.5.0', + description: 'This is the Elastic Endpoint package.', + type: 'solution', + download: '/epr/endpoint/endpoint-0.5.0.tar.gz', + path: '/package/endpoint/0.5.0', + icons: [ + { + src: '/package/endpoint/0.5.0/img/logo-endpoint-64-color.svg', + size: '16x16', + type: 'image/svg+xml', + }, + ], + status: 'installed' as InstallationStatus, + savedObject: { + type: 'epm-packages', + id: 'endpoint', + attributes: { + installed: [ + { id: '826759f0-7074-11ea-9bc8-6b38f4d29a16', type: 'dashboard' }, + { id: '1cfceda0-728b-11ea-9bc8-6b38f4d29a16', type: 'visualization' }, + { id: '1e525190-7074-11ea-9bc8-6b38f4d29a16', type: 'visualization' }, + { id: '55387750-729c-11ea-9bc8-6b38f4d29a16', type: 'visualization' }, + { id: '92b1edc0-706a-11ea-9bc8-6b38f4d29a16', type: 'visualization' }, + { id: 'a3a3bd10-706b-11ea-9bc8-6b38f4d29a16', type: 'map' }, + { id: 'logs-endpoint.alerts', type: 'index-template' }, + { id: 'events-endpoint', type: 'index-template' }, + { id: 'logs-endpoint.events.file', type: 'index-template' }, + { id: 'logs-endpoint.events.library', type: 'index-template' }, + { id: 'metrics-endpoint.metadata', type: 'index-template' }, + { id: 'metrics-endpoint.metadata_mirror', type: 'index-template' }, + { id: 'logs-endpoint.events.network', type: 'index-template' }, + { id: 'metrics-endpoint.policy', type: 'index-template' }, + { id: 'logs-endpoint.events.process', type: 'index-template' }, + { id: 'logs-endpoint.events.registry', type: 'index-template' }, + { id: 'logs-endpoint.events.security', type: 'index-template' }, + { id: 'metrics-endpoint.telemetry', type: 'index-template' }, + ] as AssetReference[], + es_index_patterns: { + alerts: 'logs-endpoint.alerts-*', + events: 'events-endpoint-*', + file: 'logs-endpoint.events.file-*', + library: 'logs-endpoint.events.library-*', + metadata: 'metrics-endpoint.metadata-*', + metadata_mirror: 'metrics-endpoint.metadata_mirror-*', + network: 'logs-endpoint.events.network-*', + policy: 'metrics-endpoint.policy-*', + process: 'logs-endpoint.events.process-*', + registry: 'logs-endpoint.events.registry-*', + security: 'logs-endpoint.events.security-*', + telemetry: 'metrics-endpoint.telemetry-*', + }, + name: 'endpoint', + version: '0.5.0', + internal: false, + removable: false, + }, + references: [], + updated_at: '2020-06-24T14:41:23.098Z', + version: 'Wzc0LDFd', + }, + }, + ], + success: true, + }); + } } return Promise.reject(new Error(`MOCK: unknown policy list api: ${path}`)); }); diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/types.ts b/x-pack/plugins/security_solution/public/management/pages/policy/types.ts index 4d798d3717ce4..a3a0983331ac3 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/types.ts +++ b/x-pack/plugins/security_solution/public/management/pages/policy/types.ts @@ -16,6 +16,7 @@ import { GetAgentStatusResponse, GetDatasourcesResponse, GetOneDatasourceResponse, + GetPackagesResponse, UpdateDatasourceResponse, } from '../../../../../ingest_manager/common'; @@ -25,6 +26,8 @@ import { export interface PolicyListState { /** Array of policy items */ policyItems: PolicyData[]; + /** Information about the latest endpoint package */ + endpointPackageInfo?: GetPackagesResponse['response'][0]; /** API error if loading data failed */ apiError?: ServerApiError; /** total number of policies */ diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_hooks.ts b/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_hooks.ts deleted file mode 100644 index 75e1556ff0bb0..0000000000000 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_hooks.ts +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { useEffect, useState } from 'react'; -import { Immutable } from '../../../../../common/endpoint/types'; -import { GetPackagesResponse } from '../../../../../../ingest_manager/common/types/rest_spec'; -import { sendGetEndpointSecurityPackage } from '../store/policy_list/services/ingest'; -import { useKibana } from '../../../../common/lib/kibana'; - -type UseEndpointPackageInfo = [ - /** The Package Info. will be undefined while it is being fetched */ - Immutable | undefined, - /** Boolean indicating if fetching is underway */ - boolean, - /** Any error encountered during fetch */ - Error | undefined -]; - -/** - * Hook that fetches the endpoint package info - * - * @example - * const [packageInfo, isFetching, fetchError] = useEndpointPackageInfo(); - */ -export const useEndpointPackageInfo = (): UseEndpointPackageInfo => { - const { - services: { http }, - } = useKibana(); - const [endpointPackage, setEndpointPackage] = useState(); - const [isFetching, setIsFetching] = useState(true); - const [error, setError] = useState(); - - useEffect(() => { - sendGetEndpointSecurityPackage(http) - .then((packageInfo) => setEndpointPackage(packageInfo)) - .catch((apiError) => setError(apiError)) - .finally(() => setIsFetching(false)); - }, [http]); - - return [endpointPackage, isFetching, error]; -}; diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_manager_integration/configure_datasource.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_manager_integration/configure_datasource.tsx index 20346cb720acb..7b4dc36def133 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_manager_integration/configure_datasource.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/ingest_manager_integration/configure_datasource.tsx @@ -35,9 +35,13 @@ export const ConfigureEndpointDatasource = memo {from === 'edit' ? ( { const [policyIdToDelete, setPolicyIdToDelete] = useState(''); const dispatch = useDispatch<(action: PolicyListAction) => void>(); - const [packageInfo, isFetchingPackageInfo] = useEndpointPackageInfo(); const { selectPolicyItems: policyItems, selectPageIndex: pageIndex, @@ -146,6 +144,7 @@ export const PolicyList = React.memo(() => { selectIsDeleting: isDeleting, selectDeleteStatus: deleteStatus, selectAgentStatusSummary: agentStatusSummary, + endpointPackageVersion, } = usePolicyListSelector(selector); const handleCreatePolicyClick = useNavigateToAppEventHandler( @@ -156,7 +155,9 @@ export const PolicyList = React.memo(() => { // Also, // We pass along soem state information so that the Ingest page can change the behaviour // of the cancel and submit buttons and redirect the user back to endpoint policy - path: `#/integrations${packageInfo ? `/endpoint-${packageInfo.version}/add-datasource` : ''}`, + path: `#/integrations${ + endpointPackageVersion ? `/endpoint-${endpointPackageVersion}/add-datasource` : '' + }`, state: { onCancelNavigateTo: ['securitySolution:management', { path: getPoliciesPath() }], onCancelUrl: formatUrl(getPoliciesPath()), @@ -401,7 +402,6 @@ export const PolicyList = React.memo(() => { { )} @@ -449,7 +449,6 @@ export const PolicyList = React.memo(() => { }, [ policyItems, loading, - isFetchingPackageInfo, columns, handleCreatePolicyClick, handleTableChange, diff --git a/x-pack/plugins/security_solution/public/network/pages/ip_details/__snapshots__/index.test.tsx.snap b/x-pack/plugins/security_solution/public/network/pages/ip_details/__snapshots__/index.test.tsx.snap index 6e76ff00a8141..d7af8d6910f45 100644 --- a/x-pack/plugins/security_solution/public/network/pages/ip_details/__snapshots__/index.test.tsx.snap +++ b/x-pack/plugins/security_solution/public/network/pages/ip_details/__snapshots__/index.test.tsx.snap @@ -1,15 +1,18 @@ // Jest Snapshot v1, https://goo.gl/fbAQLP exports[`Ip Details it matches the snapshot 1`] = ` - - - - +
+ + + + - +
`; diff --git a/x-pack/plugins/security_solution/public/network/pages/ip_details/index.test.tsx b/x-pack/plugins/security_solution/public/network/pages/ip_details/index.test.tsx index bbb964ae17b9f..a87eb3d057447 100644 --- a/x-pack/plugins/security_solution/public/network/pages/ip_details/index.test.tsx +++ b/x-pack/plugins/security_solution/public/network/pages/ip_details/index.test.tsx @@ -5,15 +5,13 @@ */ import { shallow } from 'enzyme'; -import { cloneDeep } from 'lodash/fp'; import React from 'react'; import { Router } from 'react-router-dom'; -import { MockedProvider } from 'react-apollo/test-utils'; import { ActionCreator } from 'typescript-fsa'; import '../../../common/mock/match_media'; -import { mocksSource } from '../../../common/containers/source/mock'; +import { useWithSource } from '../../../common/containers/source'; import { FlowTarget } from '../../../graphql/types'; import { apolloClientObservable, @@ -32,6 +30,9 @@ const pop: Action = 'POP'; type GlobalWithFetch = NodeJS.Global & { fetch: jest.Mock }; +jest.mock('../../../common/lib/kibana'); +jest.mock('../../../common/containers/source'); + // Test will fail because we will to need to mock some core services to make the test work // For now let's forget about SiemSearchBar and QueryBar jest.mock('../../../common/components/search_bar', () => ({ @@ -41,19 +42,6 @@ jest.mock('../../../common/components/query_bar', () => ({ QueryBar: () => null, })); -let localSource: Array<{ - request: {}; - result: { - data: { - source: { - status: { - indicesExist: boolean; - }; - }; - }; - }; -}>; - const getMockHistory = (ip: string) => ({ length: 2, location: { @@ -104,6 +92,10 @@ describe('Ip Details', () => { const mount = useMountAppended(); beforeAll(() => { + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: false, + indexPattern: {}, + }); (global as GlobalWithFetch).fetch = jest.fn().mockImplementationOnce(() => Promise.resolve({ ok: true, @@ -124,7 +116,6 @@ describe('Ip Details', () => { beforeEach(() => { store = createStore(state, SUB_PLUGINS_REDUCER, apolloClientObservable, storage); - localSource = cloneDeep(mocksSource); }); test('it renders', () => { @@ -138,20 +129,18 @@ describe('Ip Details', () => { }); test('it renders ipv6 headline', async () => { - localSource[0].result.data.source.status.indicesExist = true; + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: true, + indexPattern: {}, + }); const ip = 'fe80--24ce-f7ff-fede-a571'; const wrapper = mount( - - - - - + + + ); - // Why => https://github.com/apollographql/react-apollo/issues/1711 - await new Promise((resolve) => setTimeout(resolve)); - wrapper.update(); expect( wrapper .find('[data-test-subj="ip-details-headline"] [data-test-subj="header-page-title"]') diff --git a/x-pack/plugins/security_solution/public/network/pages/ip_details/index.tsx b/x-pack/plugins/security_solution/public/network/pages/ip_details/index.tsx index face3f8904794..162b3a7c158d5 100644 --- a/x-pack/plugins/security_solution/public/network/pages/ip_details/index.tsx +++ b/x-pack/plugins/security_solution/public/network/pages/ip_details/index.tsx @@ -22,10 +22,7 @@ import { IpOverview } from '../../components/ip_overview'; import { SiemSearchBar } from '../../../common/components/search_bar'; import { WrapperPage } from '../../../common/components/wrapper_page'; import { IpOverviewQuery } from '../../containers/ip_overview'; -import { - indicesExistOrDataTemporarilyUnavailable, - WithSource, -} from '../../../common/containers/source'; +import { useWithSource } from '../../../common/containers/source'; import { FlowTargetSourceDest, LastEventIndexKey } from '../../../graphql/types'; import { useKibana } from '../../../common/lib/kibana'; import { decodeIpv6 } from '../../../common/lib/helpers'; @@ -74,208 +71,207 @@ export const IPDetailsComponent: React.FC { setIpDetailsTablesActivePageToZero(); }, [detailName, setIpDetailsTablesActivePageToZero]); - return ( - <> - - {({ indicesExist, indexPattern }) => { - const ip = decodeIpv6(detailName); - const filterQuery = convertToBuildEsQuery({ - config: esQuery.getEsQueryConfig(kibana.services.uiSettings), - indexPattern, - queries: [query], - filters, - }); + const { indicesExist, indexPattern } = useWithSource(); + const ip = decodeIpv6(detailName); + const filterQuery = convertToBuildEsQuery({ + config: esQuery.getEsQueryConfig(uiSettings), + indexPattern, + queries: [query], + filters, + }); - return indicesExistOrDataTemporarilyUnavailable(indicesExist) ? ( - - - - + return ( +
+ {indicesExist ? ( + + + + - - } - title={ip} - > - - + + } + title={ip} + > + + - + {({ id, inspect, ipOverviewData, loading, refetch }) => ( + - {({ id, inspect, ipOverviewData, loading, refetch }) => ( - - {({ isLoadingAnomaliesData, anomaliesData }) => ( - - )} - - )} - - - - - - - ( + - - - - - - - - - - - - - - - - - - + )} + + )} + - + - + + + - - - + + + - + - + + + - - - + - - - ) : ( - - + + + + + + + + + + + + + + + + + + + + + ) : ( + + - - - ); - }} - + + + )} - +
); }; IPDetailsComponent.displayName = 'IPDetailsComponent'; diff --git a/x-pack/plugins/security_solution/public/network/pages/network.test.tsx b/x-pack/plugins/security_solution/public/network/pages/network.test.tsx index e1078dee3eb0d..7cdfdbf0af69a 100644 --- a/x-pack/plugins/security_solution/public/network/pages/network.test.tsx +++ b/x-pack/plugins/security_solution/public/network/pages/network.test.tsx @@ -5,14 +5,12 @@ */ import { mount } from 'enzyme'; -import { cloneDeep } from 'lodash/fp'; import React from 'react'; import { Router } from 'react-router-dom'; -import { MockedProvider } from 'react-apollo/test-utils'; import '../../common/mock/match_media'; import { Filter } from '../../../../../../src/plugins/data/common/es_query'; -import { mocksSource } from '../../common/containers/source/mock'; +import { useWithSource } from '../../common/containers/source'; import { TestProviders, mockGlobalState, @@ -26,6 +24,8 @@ import { inputsActions } from '../../common/store/inputs'; import { Network } from './network'; import { NetworkRoutes } from './navigation'; +jest.mock('../../common/containers/source'); + // Test will fail because we will to need to mock some core services to make the test work // For now let's forget about SiemSearchBar and QueryBar jest.mock('../../common/components/search_bar', () => ({ @@ -35,19 +35,6 @@ jest.mock('../../common/components/query_bar', () => ({ QueryBar: () => null, })); -let localSource: Array<{ - request: {}; - result: { - data: { - source: { - status: { - indicesExist: boolean; - }; - }; - }; - }; -}>; - type Action = 'PUSH' | 'POP' | 'REPLACE'; const pop: Action = 'POP'; const location = { @@ -84,41 +71,33 @@ const getMockProps = () => ({ }); describe('rendering - rendering', () => { - beforeEach(() => { - localSource = cloneDeep(mocksSource); - }); - test('it renders the Setup Instructions text when no index is available', async () => { - localSource[0].result.data.source.status.indicesExist = false; + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: false, + }); + const wrapper = mount( - - - - - + + + ); - // Why => https://github.com/apollographql/react-apollo/issues/1711 - await new Promise((resolve) => setTimeout(resolve)); - wrapper.update(); expect(wrapper.find('[data-test-subj="empty-page"]').exists()).toBe(true); }); test('it DOES NOT render the Setup Instructions text when an index is available', async () => { - localSource[0].result.data.source.status.indicesExist = true; + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: true, + indexPattern: {}, + }); const wrapper = mount( - - - - - + + + ); - // Why => https://github.com/apollographql/react-apollo/issues/1711 - await new Promise((resolve) => setTimeout(resolve)); - wrapper.update(); expect(wrapper.find('[data-test-subj="empty-page"]').exists()).toBe(false); }); @@ -154,20 +133,20 @@ describe('rendering - rendering', () => { }, }, ]; - localSource[0].result.data.source.status.indicesExist = true; + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: true, + indexPattern: { fields: [], title: 'title' }, + }); const myState: State = mockGlobalState; const { storage } = createSecuritySolutionStorageMock(); const myStore = createStore(myState, SUB_PLUGINS_REDUCER, apolloClientObservable, storage); const wrapper = mount( - - - - - + + + ); - await new Promise((resolve) => setTimeout(resolve)); wrapper.update(); myStore.dispatch(inputsActions.setSearchBarFilter({ id: 'global', filters: newFilters })); diff --git a/x-pack/plugins/security_solution/public/network/pages/network.tsx b/x-pack/plugins/security_solution/public/network/pages/network.tsx index 845a6bbd95dd6..4275c1641f517 100644 --- a/x-pack/plugins/security_solution/public/network/pages/network.tsx +++ b/x-pack/plugins/security_solution/public/network/pages/network.tsx @@ -23,10 +23,7 @@ import { KpiNetworkComponent } from '..//components/kpi_network'; import { SiemSearchBar } from '../../common/components/search_bar'; import { WrapperPage } from '../../common/components/wrapper_page'; import { KpiNetworkQuery } from '../../network/containers/kpi_network'; -import { - indicesExistOrDataTemporarilyUnavailable, - WithSource, -} from '../../common/containers/source'; +import { useWithSource } from '../../common/containers/source'; import { LastEventIndexKey } from '../../graphql/types'; import { useKibana } from '../../common/lib/kibana'; import { convertToBuildEsQuery } from '../../common/lib/keury'; @@ -78,103 +75,100 @@ const NetworkComponent = React.memo( [setAbsoluteRangeDatePicker] ); + const { indicesExist, indexPattern } = useWithSource(sourceId); + const filterQuery = convertToBuildEsQuery({ + config: esQuery.getEsQueryConfig(kibana.services.uiSettings), + indexPattern, + queries: [query], + filters, + }); + const tabsFilterQuery = convertToBuildEsQuery({ + config: esQuery.getEsQueryConfig(kibana.services.uiSettings), + indexPattern, + queries: [query], + filters: tabsFilters, + }); + return ( <> - - {({ indicesExist, indexPattern }) => { - const filterQuery = convertToBuildEsQuery({ - config: esQuery.getEsQueryConfig(kibana.services.uiSettings), - indexPattern, - queries: [query], - filters, - }); - const tabsFilterQuery = convertToBuildEsQuery({ - config: esQuery.getEsQueryConfig(kibana.services.uiSettings), - indexPattern, - queries: [query], - filters: tabsFilters, - }); - - return indicesExistOrDataTemporarilyUnavailable(indicesExist) ? ( - - - - - - - } - title={i18n.PAGE_TITLE} - /> - - + + + + + + } + title={i18n.PAGE_TITLE} + /> + + + + + + + {({ kpiNetwork, loading, id, inspect, refetch }) => ( + + )} + + {capabilitiesFetched && !isInitializing ? ( + <> - - {({ kpiNetwork, loading, id, inspect, refetch }) => ( - - )} - - - {capabilitiesFetched && !isInitializing ? ( - <> - - - - - - - - - ) : ( - - )} + - - - ) : ( - - - - - ); - }} - + + + + ) : ( + + )} + + + + + ) : ( + + + + + )} diff --git a/x-pack/plugins/security_solution/public/overview/pages/overview.test.tsx b/x-pack/plugins/security_solution/public/overview/pages/overview.test.tsx index a2010f1f64b71..d6e8fb984ac0f 100644 --- a/x-pack/plugins/security_solution/public/overview/pages/overview.test.tsx +++ b/x-pack/plugins/security_solution/public/overview/pages/overview.test.tsx @@ -5,17 +5,16 @@ */ import { mount } from 'enzyme'; -import { cloneDeep } from 'lodash/fp'; import React from 'react'; -import { MockedProvider } from 'react-apollo/test-utils'; import { MemoryRouter } from 'react-router-dom'; import '../../common/mock/match_media'; import { TestProviders } from '../../common/mock'; -import { mocksSource } from '../../common/containers/source/mock'; +import { useWithSource } from '../../common/containers/source'; import { Overview } from './index'; jest.mock('../../common/lib/kibana'); +jest.mock('../../common/containers/source'); // Test will fail because we will to need to mock some core services to make the test work // For now let's forget about SiemSearchBar and QueryBar @@ -26,56 +25,36 @@ jest.mock('../../common/components/query_bar', () => ({ QueryBar: () => null, })); -let localSource: Array<{ - request: {}; - result: { - data: { - source: { - status: { - indicesExist: boolean; - }; - }; - }; - }; -}>; - describe('Overview', () => { describe('rendering', () => { - beforeEach(() => { - localSource = cloneDeep(mocksSource); - }); - test('it renders the Setup Instructions text when no index is available', async () => { - localSource[0].result.data.source.status.indicesExist = false; + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: false, + }); + const wrapper = mount( - - - - - + + + ); - // Why => https://github.com/apollographql/react-apollo/issues/1711 - await new Promise((resolve) => setTimeout(resolve)); - wrapper.update(); + expect(wrapper.find('[data-test-subj="empty-page"]').exists()).toBe(true); }); test('it DOES NOT render the Getting started text when an index is available', async () => { - localSource[0].result.data.source.status.indicesExist = true; + (useWithSource as jest.Mock).mockReturnValue({ + indicesExist: true, + indexPattern: {}, + }); const wrapper = mount( - - - - - + + + ); - // Why => https://github.com/apollographql/react-apollo/issues/1711 - await new Promise((resolve) => setTimeout(resolve)); - wrapper.update(); expect(wrapper.find('[data-test-subj="empty-page"]').exists()).toBe(false); }); }); diff --git a/x-pack/plugins/security_solution/public/overview/pages/overview.tsx b/x-pack/plugins/security_solution/public/overview/pages/overview.tsx index 543dafd50c8e0..53cb32a16a9de 100644 --- a/x-pack/plugins/security_solution/public/overview/pages/overview.tsx +++ b/x-pack/plugins/security_solution/public/overview/pages/overview.tsx @@ -16,10 +16,7 @@ import { FiltersGlobal } from '../../common/components/filters_global'; import { SiemSearchBar } from '../../common/components/search_bar'; import { WrapperPage } from '../../common/components/wrapper_page'; import { GlobalTime } from '../../common/containers/global_time'; -import { - WithSource, - indicesExistOrDataTemporarilyUnavailable, -} from '../../common/containers/source'; +import { useWithSource } from '../../common/containers/source'; import { EventsByDataset } from '../components/events_by_dataset'; import { EventCounts } from '../components/event_counts'; import { OverviewEmpty } from '../components/overview_empty'; @@ -41,89 +38,89 @@ const OverviewComponent: React.FC = ({ filters = NO_FILTERS, query = DEFAULT_QUERY, setAbsoluteRangeDatePicker, -}) => ( - <> - - {({ indicesExist, indexPattern }) => - indicesExistOrDataTemporarilyUnavailable(indicesExist) ? ( - - - - - - - - - - - - - - {({ from, deleteQuery, setQuery, to }) => ( - - - - - - - - - - - - - - - - - - - )} - - - - - - ) : ( - - ) - } - - - - -); +}) => { + const { indicesExist, indexPattern } = useWithSource(); + + return ( + <> + {indicesExist ? ( + + + + + + + + + + + + + + {({ from, deleteQuery, setQuery, to }) => ( + + + + + + + + + + + + + + + + + + + )} + + + + + + ) : ( + + )} + + + + ); +}; const makeMapStateToProps = () => { const getGlobalFiltersQuerySelector = inputsSelectors.globalFiltersQuerySelector(); diff --git a/x-pack/plugins/security_solution/public/resolver/embeddable.tsx b/x-pack/plugins/security_solution/public/resolver/embeddable.tsx deleted file mode 100644 index 5ec71e6b3041e..0000000000000 --- a/x-pack/plugins/security_solution/public/resolver/embeddable.tsx +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import ReactDOM from 'react-dom'; -import React from 'react'; -import { Provider } from 'react-redux'; -import { Resolver } from './view'; -import { storeFactory } from './store'; -import { Embeddable } from '../../../../../src/plugins/embeddable/public'; - -export class ResolverEmbeddable extends Embeddable { - public readonly type = 'resolver'; - private lastRenderTarget?: Element; - - public render(node: HTMLElement) { - if (this.lastRenderTarget !== undefined) { - ReactDOM.unmountComponentAtNode(this.lastRenderTarget); - } - this.lastRenderTarget = node; - const { store } = storeFactory(); - ReactDOM.render( - - - , - node - ); - } - - public reload(): void { - throw new Error('Method not implemented.'); - } - - public destroy(): void { - if (this.lastRenderTarget !== undefined) { - ReactDOM.unmountComponentAtNode(this.lastRenderTarget); - } - } -} diff --git a/x-pack/plugins/security_solution/public/resolver/factory.ts b/x-pack/plugins/security_solution/public/resolver/factory.ts deleted file mode 100644 index 5168d2771e723..0000000000000 --- a/x-pack/plugins/security_solution/public/resolver/factory.ts +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { i18n } from '@kbn/i18n'; -import { - IContainer, - EmbeddableInput, - EmbeddableFactoryDefinition, -} from '../../../../../src/plugins/embeddable/public'; -import { ResolverEmbeddable } from './embeddable'; - -export class ResolverEmbeddableFactory implements EmbeddableFactoryDefinition { - public readonly type = 'resolver'; - - public async isEditable() { - return true; - } - - public async create(initialInput: EmbeddableInput, parent?: IContainer) { - return new ResolverEmbeddable(initialInput, {}, parent); - } - - public getDisplayName() { - return i18n.translate('xpack.securitySolution.endpoint.resolver.displayNameTitle', { - defaultMessage: 'Resolver', - }); - } -} diff --git a/x-pack/plugins/security_solution/public/resolver/store/data/action.ts b/x-pack/plugins/security_solution/public/resolver/store/data/action.ts index fbeeefe1ab9f2..3de6f08f5e015 100644 --- a/x-pack/plugins/security_solution/public/resolver/store/data/action.ts +++ b/x-pack/plugins/security_solution/public/resolver/store/data/action.ts @@ -12,8 +12,11 @@ import { interface ServerReturnedResolverData { readonly type: 'serverReturnedResolverData'; - readonly events: ResolverEvent[]; - readonly stats: Map; + readonly payload: { + readonly events: Readonly; + readonly stats: Readonly>; + readonly lineageLimits: { readonly children: string | null; readonly ancestors: string | null }; + }; } interface ServerFailedToReturnResolverData { diff --git a/x-pack/plugins/security_solution/public/resolver/store/data/graphing.test.ts b/x-pack/plugins/security_solution/public/resolver/store/data/graphing.test.ts index d120adb72cd81..163846e0414db 100644 --- a/x-pack/plugins/security_solution/public/resolver/store/data/graphing.test.ts +++ b/x-pack/plugins/security_solution/public/resolver/store/data/graphing.test.ts @@ -9,8 +9,13 @@ import { DataAction } from './action'; import { dataReducer } from './reducer'; import { DataState } from '../../types'; import { LegacyEndpointEvent, ResolverEvent } from '../../../../common/endpoint/types'; -import { graphableProcesses, processNodePositionsAndEdgeLineSegments } from './selectors'; +import { + graphableProcesses, + processNodePositionsAndEdgeLineSegments, + limitsReached, +} from './selectors'; import { mockProcessEvent } from '../../models/process_event_test_helpers'; +import { EndpointDocGenerator } from '../../../../common/endpoint/generate_data'; describe('resolver graph layout', () => { let processA: LegacyEndpointEvent; @@ -114,7 +119,10 @@ describe('resolver graph layout', () => { describe('when rendering no nodes', () => { beforeEach(() => { const events: ResolverEvent[] = []; - const action: DataAction = { type: 'serverReturnedResolverData', events, stats: new Map() }; + const action: DataAction = { + type: 'serverReturnedResolverData', + payload: { events, stats: new Map(), lineageLimits: { children: null, ancestors: null } }, + }; store.dispatch(action); }); it('the graphableProcesses list should only include nothing', () => { @@ -128,7 +136,10 @@ describe('resolver graph layout', () => { describe('when rendering one node', () => { beforeEach(() => { const events = [processA]; - const action: DataAction = { type: 'serverReturnedResolverData', events, stats: new Map() }; + const action: DataAction = { + type: 'serverReturnedResolverData', + payload: { events, stats: new Map(), lineageLimits: { children: null, ancestors: null } }, + }; store.dispatch(action); }); it('the graphableProcesses list should only include nothing', () => { @@ -142,7 +153,10 @@ describe('resolver graph layout', () => { describe('when rendering two nodes, one being the parent of the other', () => { beforeEach(() => { const events = [processA, processB]; - const action: DataAction = { type: 'serverReturnedResolverData', events, stats: new Map() }; + const action: DataAction = { + type: 'serverReturnedResolverData', + payload: { events, stats: new Map(), lineageLimits: { children: null, ancestors: null } }, + }; store.dispatch(action); }); it('the graphableProcesses list should only include nothing', () => { @@ -166,7 +180,10 @@ describe('resolver graph layout', () => { processH, processI, ]; - const action: DataAction = { type: 'serverReturnedResolverData', events, stats: new Map() }; + const action: DataAction = { + type: 'serverReturnedResolverData', + payload: { events, stats: new Map(), lineageLimits: { children: null, ancestors: null } }, + }; store.dispatch(action); }); it("the graphableProcesses list should only include events with 'processCreated' an 'processRan' eventType", () => { @@ -187,3 +204,48 @@ describe('resolver graph layout', () => { }); }); }); + +describe('resolver graph with too much lineage', () => { + let generator: EndpointDocGenerator; + let store: Store; + let allEvents: ResolverEvent[]; + let childrenCursor: string; + let ancestorCursor: string; + + beforeEach(() => { + generator = new EndpointDocGenerator('seed'); + allEvents = generator.generateTree({ ancestors: 1, generations: 2, children: 2 }).allEvents; + childrenCursor = 'aValidChildursor'; + ancestorCursor = 'aValidAncestorCursor'; + store = createStore(dataReducer, undefined); + }); + + describe('should select from state properly', () => { + it('should indicate there are too many ancestors', () => { + const action: DataAction = { + type: 'serverReturnedResolverData', + payload: { + events: allEvents, + stats: new Map(), + lineageLimits: { children: childrenCursor, ancestors: ancestorCursor }, + }, + }; + store.dispatch(action); + const { ancestors } = limitsReached(store.getState()); + expect(ancestors).toEqual(true); + }); + it('should indicate there are too many children', () => { + const action: DataAction = { + type: 'serverReturnedResolverData', + payload: { + events: allEvents, + stats: new Map(), + lineageLimits: { children: childrenCursor, ancestors: ancestorCursor }, + }, + }; + store.dispatch(action); + const { children } = limitsReached(store.getState()); + expect(children).toEqual(true); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/public/resolver/store/data/reducer.ts b/x-pack/plugins/security_solution/public/resolver/store/data/reducer.ts index 3e897a91a74c6..a36d43b70b87d 100644 --- a/x-pack/plugins/security_solution/public/resolver/store/data/reducer.ts +++ b/x-pack/plugins/security_solution/public/resolver/store/data/reducer.ts @@ -13,6 +13,7 @@ function initialState(): DataState { relatedEventsStats: new Map(), relatedEvents: new Map(), relatedEventsReady: new Map(), + lineageLimits: { children: null, ancestors: null }, isLoading: false, hasError: false, }; @@ -22,8 +23,9 @@ export const dataReducer: Reducer = (state = initialS if (action.type === 'serverReturnedResolverData') { return { ...state, - results: action.events, - relatedEventsStats: action.stats, + results: action.payload.events, + relatedEventsStats: action.payload.stats, + lineageLimits: action.payload.lineageLimits, isLoading: false, hasError: false, }; diff --git a/x-pack/plugins/security_solution/public/resolver/store/data/sample.ts b/x-pack/plugins/security_solution/public/resolver/store/data/sample.ts deleted file mode 100644 index b0ed9f3554c9b..0000000000000 --- a/x-pack/plugins/security_solution/public/resolver/store/data/sample.ts +++ /dev/null @@ -1,1608 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { ProcessEvent } from '../../types'; - -interface ProcessEventSampleData { - data: { - result: { - search_results: ProcessEvent[]; - }; - }; -} - -const rawData = { - data: { - code: 200, - result: { - alert_id: 'a9834bf5-42c1-4039-83be-08c3ad3232b3', - bulk_task_id: null, - correlation_id: '7022e509-087e-493d-b02c-d88a206cd993', - created_at: '2019-09-24T03:17:36Z', - endpoint: { - ad_distinguished_name: - 'CN=ENDPOINT-W-1-07,OU=Desktops,OU=Workstations,OU=Computers_DEMO,DC=demo,DC=endgamelabs,DC=net', - ad_hostname: 'demo.endgamelabs.net', - display_operating_system: 'Windows 7 (SP1)', - hostname: 'ENDPOINT-W-1-07', - id: '39153006-0064-424b-99e9-4e21dcc00c2e', - ip_address: '172.31.27.17', - mac_address: '00:50:56:b1:b7:7b', - name: 'ENDPOINT-W-1-07', - operating_system: 'Windows 6.1 Service Pack 1', - status: 'monitored', - updated_at: '2019-09-24T01:48:47.960649+00:00', - }, - event_logging_search_request_count: 3, - family: 'collection', - investigation_id: null, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - message_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - metadata: { - chunk_id: 0, - correlation_id: '7022e509-087e-493d-b02c-d88a206cd993', - final: true, - message_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - origination_task_id: '2bed7d8b-72b1-4650-882c-5167a2fe1735', - os_type: 'windows', - priority: 50, - result: { - local_code: 0, - local_msg: 'Success', - }, - semantic_version: '3.52.8', - task_id: '2bed7d8b-72b1-4650-882c-5167a2fe1735', - type: 'collection', - }, - origination_task_id: '2bed7d8b-72b1-4650-882c-5167a2fe1735', - pagination: { - backwards: false, - eof: false, - page_number: 3, - page_offset: 31666, - params: - 'eyJhbGVydF9pZCI6ICJhOTgzNGJmNS00MmMxLTQwMzktODNiZS0wOGMzYWQzMjMyYjMiLCAidGVtcGxhdGVfZmlsZSI6ICJwcm9jZXNzLWNvbnRleHQubHVhIiwgImNyaXRlcmlhIjogeyJwaWQiOiAxODA4LCAidW5pcXVlX3BpZCI6IDE4OTQzfX0=', - remaining_events: 0, - }, - pending_event_logging_search_request: false, - results_count: 807, - search_results: [ - { - collection_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - data_buffer: { - _descendant_count: 6, - command_line: '', - depth: -5, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'already_running', - event_type_full: 'process_event', - integrity_level: 'system', - node_id: 1002, - opcode: 3, - pid: 4, - ppid: 0, - process_name: '', - process_path: '', - serial_event_id: 1002, - timestamp: 132137632670000000, - timestamp_utc: '2019-09-24 01:47:47Z', - unique_pid: 1002, - unique_ppid: 1001, - user_domain: 'NT AUTHORITY', - user_name: 'SYSTEM', - user_sid: 'S-1-5-18', - }, - event_timestamp: 132137632670000000, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - data_buffer: { - _descendant_count: 5, - command_line: '\\SystemRoot\\System32\\smss.exe', - depth: -4, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'already_running', - event_type_full: 'process_event', - integrity_level: 'system', - md5: '1911a3356fa3f77ccc825ccbac038c2a', - node_id: 1003, - opcode: 3, - original_file_name: 'smss.exe', - pid: 244, - ppid: 4, - process_name: 'smss.exe', - process_path: 'C:\\Windows\\System32\\smss.exe', - serial_event_id: 1003, - sha1: '706473ad489e5365af1e3431c4f8fe80a9139bc2', - sha256: '6ed135b792c81d78b33a57f0f4770db6105c9ed3e2193629cb3ec38bfd5b7e1b', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 1002, - timestamp: 132137632670000000, - timestamp_utc: '2019-09-24 01:47:47Z', - unique_pid: 1003, - unique_ppid: 1002, - user_domain: 'NT AUTHORITY', - user_name: 'SYSTEM', - user_sid: 'S-1-5-18', - }, - event_timestamp: 132137632670000000, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - data_buffer: { - _descendant_count: 4, - authentication_id: 999, - command_line: '\\SystemRoot\\System32\\smss.exe 00000000 00000048 ', - depth: -3, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'system', - md5: '1911a3356fa3f77ccc825ccbac038c2a', - node_id: 18643, - opcode: 1, - original_file_name: 'smss.exe', - parent_process_name: 'smss.exe', - parent_process_path: 'C:\\Windows\\System32\\smss.exe', - pid: 2364, - ppid: 244, - process_name: 'smss.exe', - process_path: 'C:\\Windows\\System32\\smss.exe', - serial_event_id: 18643, - sha1: '706473ad489e5365af1e3431c4f8fe80a9139bc2', - sha256: '6ed135b792c81d78b33a57f0f4770db6105c9ed3e2193629cb3ec38bfd5b7e1b', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 1003, - timestamp: 132137681960227504, - timestamp_utc: '2019-09-24 03:09:56Z', - unique_pid: 18643, - unique_ppid: 1003, - user_domain: 'NT AUTHORITY', - user_name: 'SYSTEM', - user_sid: 'S-1-5-18', - }, - event_timestamp: 132137681960227504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - data_buffer: { - _descendant_count: 3, - authentication_id: 999, - command_line: 'winlogon.exe', - depth: -2, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'system', - md5: '1151b1baa6f350b1db6598e0fea7c457', - node_id: 18645, - opcode: 1, - original_file_name: 'WINLOGON.EXE', - parent_process_name: 'smss.exe', - parent_process_path: 'C:\\Windows\\System32\\smss.exe', - pid: 3108, - ppid: 2364, - process_name: 'winlogon.exe', - process_path: 'C:\\Windows\\System32\\winlogon.exe', - serial_event_id: 18645, - sha1: '434856b834baf163c5ea4d26434eeae775a507fb', - sha256: 'b1506e0a7e826eff0f5252ef5026070c46e2235438403a9a24d73ee69c0b8a49', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18643, - timestamp: 132137681961163504, - timestamp_utc: '2019-09-24 03:09:56Z', - unique_pid: 18645, - unique_ppid: 18643, - user_domain: 'NT AUTHORITY', - user_name: 'SYSTEM', - user_sid: 'S-1-5-18', - }, - event_timestamp: 132137681961163504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - data_buffer: { - depth: -2, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 0, - md5: '1911a3356fa3f77ccc825ccbac038c2a', - node_id: 18646, - opcode: 2, - original_file_name: 'smss.exe', - parent_process_name: 'smss.exe', - parent_process_path: 'C:\\Windows\\System32\\smss.exe', - pid: 2364, - ppid: 244, - process_name: 'smss.exe', - process_path: 'C:\\Windows\\System32\\smss.exe', - serial_event_id: 18646, - sha1: '706473ad489e5365af1e3431c4f8fe80a9139bc2', - sha256: '6ed135b792c81d78b33a57f0f4770db6105c9ed3e2193629cb3ec38bfd5b7e1b', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18643, - timestamp: 132137681961787504, - timestamp_utc: '2019-09-24 03:09:56Z', - unique_pid: 18643, - unique_ppid: 1003, - user_domain: 'NT AUTHORITY', - user_name: 'SYSTEM', - user_sid: 'S-1-5-18', - }, - event_timestamp: 132137681961787504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - data_buffer: { - _descendant_count: 1, - authentication_id: 4904488, - command_line: 'C:\\Windows\\system32\\userinit.exe', - depth: -1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'bafe84e637bf7388c96ef48d4d3fdd53', - node_id: 18833, - opcode: 1, - original_file_name: 'USERINIT.EXE', - parent_process_name: 'winlogon.exe', - parent_process_path: 'C:\\Windows\\System32\\winlogon.exe', - pid: 3560, - ppid: 3108, - process_name: 'userinit.exe', - process_path: 'C:\\Windows\\System32\\userinit.exe', - serial_event_id: 18833, - sha1: '47267f943f060e36604d56c8895a6eece063d9a1', - sha256: '11c194d9adce90027272c627d7fbf3ba5025ff0f7b26a8333f764e11e1382cf9', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18645, - timestamp: 132137681981287504, - timestamp_utc: '2019-09-24 03:09:58Z', - unique_pid: 18833, - unique_ppid: 18645, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137681981287504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - data_buffer: { - _descendant_count: 0, - authentication_id: 4904488, - command_line: 'C:\\Windows\\Explorer.EXE', - depth: 0, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'ac4c51eb24aa95b77f705ab159189e24', - node_id: 18943, - opcode: 1, - origin: true, - original_file_name: 'EXPLORER.EXE', - parent_process_name: 'userinit.exe', - parent_process_path: 'C:\\Windows\\System32\\userinit.exe', - pid: 1808, - ppid: 3560, - process_name: 'explorer.exe', - process_path: 'C:\\Windows\\explorer.exe', - serial_event_id: 18943, - sha1: '4583daf9442880204730fb2c8a060430640494b1', - sha256: '6a671b92a69755de6fd063fcbe4ba926d83b49f78c42dbaeed8cdb6bbc57576a', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18833, - timestamp: 132137681985655504, - timestamp_utc: '2019-09-24 03:09:58Z', - unique_pid: 18943, - unique_ppid: 18833, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137681985655504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - data_buffer: { - authentication_id: 4904488, - command_line: '"C:\\Program Files\\VMware\\VMware Tools\\vmtoolsd.exe" -n vmusr', - depth: 1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: '8dc5ad50587b936f7f616738112bfd2a', - node_id: 19545, - opcode: 1, - original_file_name: 'vmtoolsd.exe', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 3596, - ppid: 1808, - process_name: 'vmtoolsd.exe', - process_path: 'C:\\Program Files\\VMware\\VMware Tools\\vmtoolsd.exe', - serial_event_id: 19545, - sha1: '04479ea30943ec471a6a5ca4c0dc74b5ff496e9f', - sha256: 'd6d9f041da6f724bf69f48bbee3bf41295a0ed4dca715b1908c5f35bc8034d53', - signature_signer: 'VMware, Inc.', - signature_status: 'trusted', - source_id: 18943, - timestamp: 132137681999539504, - timestamp_utc: '2019-09-24 03:09:59Z', - unique_pid: 19545, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137681999539504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - data_buffer: { - depth: 0, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 0, - md5: 'bafe84e637bf7388c96ef48d4d3fdd53', - node_id: 20261, - opcode: 2, - original_file_name: 'USERINIT.EXE', - parent_process_name: 'winlogon.exe', - parent_process_path: 'C:\\Windows\\System32\\winlogon.exe', - pid: 3560, - ppid: 3108, - process_name: 'userinit.exe', - process_path: 'C:\\Windows\\System32\\userinit.exe', - serial_event_id: 20261, - sha1: '47267f943f060e36604d56c8895a6eece063d9a1', - sha256: '11c194d9adce90027272c627d7fbf3ba5025ff0f7b26a8333f764e11e1382cf9', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18833, - timestamp: 132137682277819504, - timestamp_utc: '2019-09-24 03:10:27Z', - unique_pid: 18833, - unique_ppid: 18645, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137682277819504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - data_buffer: { - authentication_id: 4904488, - command_line: '"C:\\Windows\\explorer.exe" ', - depth: 1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'ac4c51eb24aa95b77f705ab159189e24', - node_id: 20303, - opcode: 1, - original_file_name: 'EXPLORER.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 3124, - ppid: 1808, - process_name: 'explorer.exe', - process_path: 'C:\\Windows\\explorer.exe', - serial_event_id: 20303, - sha1: '4583daf9442880204730fb2c8a060430640494b1', - sha256: '6a671b92a69755de6fd063fcbe4ba926d83b49f78c42dbaeed8cdb6bbc57576a', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18943, - timestamp: 132137682603979504, - timestamp_utc: '2019-09-24 03:11:00Z', - unique_pid: 20303, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137682603979504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: '310624aa-bb2b-442b-a6c9-3284148b0ae3', - data_buffer: { - depth: 2, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 1, - md5: 'ac4c51eb24aa95b77f705ab159189e24', - node_id: 20310, - opcode: 2, - original_file_name: 'EXPLORER.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 3124, - ppid: 1808, - process_name: 'explorer.exe', - process_path: 'C:\\Windows\\explorer.exe', - serial_event_id: 20310, - sha1: '4583daf9442880204730fb2c8a060430640494b1', - sha256: '6a671b92a69755de6fd063fcbe4ba926d83b49f78c42dbaeed8cdb6bbc57576a', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 20303, - timestamp: 132137682604229504, - timestamp_utc: '2019-09-24 03:11:00Z', - unique_pid: 20303, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137682604229504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - authentication_id: 4904488, - command_line: '"C:\\Windows\\explorer.exe" ', - depth: 1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'ac4c51eb24aa95b77f705ab159189e24', - node_id: 20455, - opcode: 1, - original_file_name: 'EXPLORER.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 3084, - ppid: 1808, - process_name: 'explorer.exe', - process_path: 'C:\\Windows\\explorer.exe', - serial_event_id: 20455, - sha1: '4583daf9442880204730fb2c8a060430640494b1', - sha256: '6a671b92a69755de6fd063fcbe4ba926d83b49f78c42dbaeed8cdb6bbc57576a', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18943, - timestamp: 132137682773669504, - timestamp_utc: '2019-09-24 03:11:17Z', - unique_pid: 20455, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137682773669504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - depth: 2, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 1, - md5: 'ac4c51eb24aa95b77f705ab159189e24', - node_id: 20462, - opcode: 2, - original_file_name: 'EXPLORER.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 3084, - ppid: 1808, - process_name: 'explorer.exe', - process_path: 'C:\\Windows\\explorer.exe', - serial_event_id: 20462, - sha1: '4583daf9442880204730fb2c8a060430640494b1', - sha256: '6a671b92a69755de6fd063fcbe4ba926d83b49f78c42dbaeed8cdb6bbc57576a', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 20455, - timestamp: 132137682774259504, - timestamp_utc: '2019-09-24 03:11:17Z', - unique_pid: 20455, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137682774259504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - authentication_id: 4904488, - command_line: '"C:\\Windows\\System32\\cmd.exe" ', - depth: 1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: '5746bd7e255dd6a8afa06f7c42c1ba41', - node_id: 21120, - opcode: 1, - original_file_name: 'Cmd.Exe', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 3280, - ppid: 1808, - process_name: 'cmd.exe', - process_path: 'C:\\Windows\\System32\\cmd.exe', - serial_event_id: 21120, - sha1: '0f3c4ff28f354aede202d54e9d1c5529a3bf87d8', - sha256: 'db06c3534964e3fc79d2763144ba53742d7fa250ca336f4a0fe724b75aaff386', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18943, - timestamp: 132137682997939504, - timestamp_utc: '2019-09-24 03:11:39Z', - unique_pid: 21120, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137682997939504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - authentication_id: 4904488, - command_line: '"C:\\Windows\\explorer.exe" ', - depth: 1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'ac4c51eb24aa95b77f705ab159189e24', - node_id: 21166, - opcode: 1, - original_file_name: 'EXPLORER.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 3548, - ppid: 1808, - process_name: 'explorer.exe', - process_path: 'C:\\Windows\\explorer.exe', - serial_event_id: 21166, - sha1: '4583daf9442880204730fb2c8a060430640494b1', - sha256: '6a671b92a69755de6fd063fcbe4ba926d83b49f78c42dbaeed8cdb6bbc57576a', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18943, - timestamp: 132137683166079504, - timestamp_utc: '2019-09-24 03:11:56Z', - unique_pid: 21166, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137683166079504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - depth: 2, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 1, - md5: 'ac4c51eb24aa95b77f705ab159189e24', - node_id: 21173, - opcode: 2, - original_file_name: 'EXPLORER.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 3548, - ppid: 1808, - process_name: 'explorer.exe', - process_path: 'C:\\Windows\\explorer.exe', - serial_event_id: 21173, - sha1: '4583daf9442880204730fb2c8a060430640494b1', - sha256: '6a671b92a69755de6fd063fcbe4ba926d83b49f78c42dbaeed8cdb6bbc57576a', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 21166, - timestamp: 132137683166729504, - timestamp_utc: '2019-09-24 03:11:56Z', - unique_pid: 21166, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137683166729504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - authentication_id: 4904488, - command_line: '"C:\\Python27\\python.exe" "C:\\tmp\\dns.py" ', - depth: 1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: '743b91619fbfee3c3e173ba5a17b1290', - node_id: 21480, - opcode: 1, - original_file_name: '', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 4060, - ppid: 1808, - process_name: 'python.exe', - process_path: 'C:\\Python27\\python.exe', - serial_event_id: 21480, - sha1: 'edabcf58d55a5e462f7a368d99616e3ac051c620', - sha256: '45b9384b852d850327e194ac86d84aed8916a3c13fc8f49ca54fddcbca4f7e32', - signature_signer: '', - signature_status: 'noSignature', - source_id: 18943, - timestamp: 132137683493349504, - timestamp_utc: '2019-09-24 03:12:29Z', - unique_pid: 21480, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137683493349504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - depth: 2, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 0, - md5: '743b91619fbfee3c3e173ba5a17b1290', - node_id: 21500, - opcode: 2, - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 4060, - ppid: 1808, - process_name: 'python.exe', - process_path: 'C:\\Python27\\python.exe', - serial_event_id: 21500, - sha1: 'edabcf58d55a5e462f7a368d99616e3ac051c620', - sha256: '45b9384b852d850327e194ac86d84aed8916a3c13fc8f49ca54fddcbca4f7e32', - signature_status: 'noSignature', - source_id: 21480, - timestamp: 132137683493889504, - timestamp_utc: '2019-09-24 03:12:29Z', - unique_pid: 21480, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137683493889504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - authentication_id: 4904488, - command_line: '"C:\\Python27\\python.exe" "C:\\tmp\\dns.py" ', - depth: 2, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: '743b91619fbfee3c3e173ba5a17b1290', - node_id: 21539, - opcode: 1, - original_file_name: '', - parent_process_name: 'cmd.exe', - parent_process_path: 'C:\\Windows\\System32\\cmd.exe', - pid: 2888, - ppid: 3280, - process_name: 'python.exe', - process_path: 'C:\\Python27\\python.exe', - serial_event_id: 21539, - sha1: 'edabcf58d55a5e462f7a368d99616e3ac051c620', - sha256: '45b9384b852d850327e194ac86d84aed8916a3c13fc8f49ca54fddcbca4f7e32', - signature_signer: '', - signature_status: 'noSignature', - source_id: 21120, - timestamp: 132137683555889504, - timestamp_utc: '2019-09-24 03:12:35Z', - unique_pid: 21539, - unique_ppid: 21120, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137683555889504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - depth: 3, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 0, - md5: '743b91619fbfee3c3e173ba5a17b1290', - node_id: 21540, - opcode: 2, - parent_process_name: 'cmd.exe', - parent_process_path: 'C:\\Windows\\System32\\cmd.exe', - pid: 2888, - ppid: 3280, - process_name: 'python.exe', - process_path: 'C:\\Python27\\python.exe', - serial_event_id: 21540, - sha1: 'edabcf58d55a5e462f7a368d99616e3ac051c620', - sha256: '45b9384b852d850327e194ac86d84aed8916a3c13fc8f49ca54fddcbca4f7e32', - signature_status: 'noSignature', - source_id: 21539, - timestamp: 132137683556159504, - timestamp_utc: '2019-09-24 03:12:35Z', - unique_pid: 21539, - unique_ppid: 21120, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137683556159504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - authentication_id: 4904488, - command_line: 'C:\\tmp\\fakenet1.4.3\\fakenet.exe', - depth: 2, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'c29675ce0750f73225bf05d03080dfb2', - node_id: 21634, - opcode: 1, - original_file_name: '', - parent_process_name: 'cmd.exe', - parent_process_path: 'C:\\Windows\\System32\\cmd.exe', - pid: 3996, - ppid: 3280, - process_name: 'fakenet.exe', - process_path: 'C:\\tmp\\fakenet1.4.3\\fakenet.exe', - serial_event_id: 21634, - sha1: 'b14763ef982450551bcb09f6e0ecc75d2b9684fb', - sha256: '948f1c024118e434b6867ea593bb180212d35f9d2a9401892903ef22841fb303', - signature_signer: '', - signature_status: 'noSignature', - source_id: 21120, - timestamp: 132137683921669504, - timestamp_utc: '2019-09-24 03:13:12Z', - unique_pid: 21634, - unique_ppid: 21120, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137683921669504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - authentication_id: 4904488, - command_line: 'C:\\tmp\\fakenet1.4.3\\fakenet.exe', - depth: 3, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'c29675ce0750f73225bf05d03080dfb2', - node_id: 21669, - opcode: 1, - original_file_name: '', - parent_process_name: 'fakenet.exe', - parent_process_path: 'C:\\tmp\\fakenet1.4.3\\fakenet.exe', - pid: 184, - ppid: 3996, - process_name: 'fakenet.exe', - process_path: 'C:\\tmp\\fakenet1.4.3\\fakenet.exe', - serial_event_id: 21669, - sha1: 'b14763ef982450551bcb09f6e0ecc75d2b9684fb', - sha256: '948f1c024118e434b6867ea593bb180212d35f9d2a9401892903ef22841fb303', - signature_signer: '', - signature_status: 'noSignature', - source_id: 21634, - timestamp: 132137683923819504, - timestamp_utc: '2019-09-24 03:13:12Z', - unique_pid: 21669, - unique_ppid: 21634, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137683923819504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - depth: 4, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 1, - md5: 'c29675ce0750f73225bf05d03080dfb2', - node_id: 21679, - opcode: 2, - parent_process_name: 'fakenet.exe', - parent_process_path: 'C:\\tmp\\fakenet1.4.3\\fakenet.exe', - pid: 184, - ppid: 3996, - process_name: 'fakenet.exe', - process_path: 'C:\\tmp\\fakenet1.4.3\\fakenet.exe', - serial_event_id: 21679, - sha1: 'b14763ef982450551bcb09f6e0ecc75d2b9684fb', - sha256: '948f1c024118e434b6867ea593bb180212d35f9d2a9401892903ef22841fb303', - signature_status: 'noSignature', - source_id: 21669, - timestamp: 132137683931089504, - timestamp_utc: '2019-09-24 03:13:13Z', - unique_pid: 21669, - unique_ppid: 21634, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137683931089504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - depth: 3, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 1, - md5: 'c29675ce0750f73225bf05d03080dfb2', - node_id: 21694, - opcode: 2, - parent_process_name: 'cmd.exe', - parent_process_path: 'C:\\Windows\\System32\\cmd.exe', - pid: 3996, - ppid: 3280, - process_name: 'fakenet.exe', - process_path: 'C:\\tmp\\fakenet1.4.3\\fakenet.exe', - serial_event_id: 21694, - sha1: 'b14763ef982450551bcb09f6e0ecc75d2b9684fb', - sha256: '948f1c024118e434b6867ea593bb180212d35f9d2a9401892903ef22841fb303', - signature_status: 'noSignature', - source_id: 21634, - timestamp: 132137683931569504, - timestamp_utc: '2019-09-24 03:13:13Z', - unique_pid: 21634, - unique_ppid: 21120, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137683931569504, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - authentication_id: 4904488, - command_line: - '"C:\\Windows\\system32\\NOTEPAD.EXE" C:\\tmp\\fakenet1.4.3\\configs\\default.ini', - depth: 1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'f2c7bb8acc97f92e987a2d4087d021b1', - node_id: 21769, - opcode: 1, - original_file_name: 'NOTEPAD.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 2492, - ppid: 1808, - process_name: 'notepad.exe', - process_path: 'C:\\Windows\\System32\\notepad.exe', - serial_event_id: 21769, - sha1: '7eb0139d2175739b3ccb0d1110067820be6abd29', - sha256: '142e1d688ef0568370c37187fd9f2351d7ddeda574f8bfa9b0fa4ef42db85aa2', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18943, - timestamp: 132137684112851830, - timestamp_utc: '2019-09-24 03:13:31Z', - unique_pid: 21769, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137684112851830, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - depth: 2, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 0, - md5: 'f2c7bb8acc97f92e987a2d4087d021b1', - node_id: 21794, - opcode: 2, - original_file_name: 'NOTEPAD.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 2492, - ppid: 1808, - process_name: 'notepad.exe', - process_path: 'C:\\Windows\\System32\\notepad.exe', - serial_event_id: 21794, - sha1: '7eb0139d2175739b3ccb0d1110067820be6abd29', - sha256: '142e1d688ef0568370c37187fd9f2351d7ddeda574f8bfa9b0fa4ef42db85aa2', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 21769, - timestamp: 132137684131573702, - timestamp_utc: '2019-09-24 03:13:33Z', - unique_pid: 21769, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137684131573702, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - authentication_id: 4904488, - command_line: 'fakenet.exe', - depth: 2, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'c29675ce0750f73225bf05d03080dfb2', - node_id: 21890, - opcode: 1, - original_file_name: '', - parent_process_name: 'cmd.exe', - parent_process_path: 'C:\\Windows\\System32\\cmd.exe', - pid: 1060, - ppid: 3280, - process_name: 'fakenet.exe', - process_path: 'C:\\tmp\\fakenet1.4.3\\fakenet.exe', - serial_event_id: 21890, - sha1: 'b14763ef982450551bcb09f6e0ecc75d2b9684fb', - sha256: '948f1c024118e434b6867ea593bb180212d35f9d2a9401892903ef22841fb303', - signature_signer: '', - signature_status: 'noSignature', - source_id: 21120, - timestamp: 132137684579848525, - timestamp_utc: '2019-09-24 03:14:17Z', - unique_pid: 21890, - unique_ppid: 21120, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137684579848525, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - authentication_id: 4904488, - command_line: 'fakenet.exe', - depth: 3, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'c29675ce0750f73225bf05d03080dfb2', - node_id: 21924, - opcode: 1, - original_file_name: '', - parent_process_name: 'fakenet.exe', - parent_process_path: 'C:\\tmp\\fakenet1.4.3\\fakenet.exe', - pid: 4024, - ppid: 1060, - process_name: 'fakenet.exe', - process_path: 'C:\\tmp\\fakenet1.4.3\\fakenet.exe', - serial_event_id: 21924, - sha1: 'b14763ef982450551bcb09f6e0ecc75d2b9684fb', - sha256: '948f1c024118e434b6867ea593bb180212d35f9d2a9401892903ef22841fb303', - signature_signer: '', - signature_status: 'noSignature', - source_id: 21890, - timestamp: 132137684580468587, - timestamp_utc: '2019-09-24 03:14:18Z', - unique_pid: 21924, - unique_ppid: 21890, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137684580468587, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - authentication_id: 4904488, - command_line: '"C:\\Windows\\System32\\cmd.exe" ', - depth: 1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: '5746bd7e255dd6a8afa06f7c42c1ba41', - node_id: 22238, - opcode: 1, - original_file_name: 'Cmd.Exe', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 3328, - ppid: 1808, - process_name: 'cmd.exe', - process_path: 'C:\\Windows\\System32\\cmd.exe', - serial_event_id: 22238, - sha1: '0f3c4ff28f354aede202d54e9d1c5529a3bf87d8', - sha256: 'db06c3534964e3fc79d2763144ba53742d7fa250ca336f4a0fe724b75aaff386', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18943, - timestamp: 132137684944024939, - timestamp_utc: '2019-09-24 03:14:54Z', - unique_pid: 22238, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137684944024939, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - attack_references: [ - { - tactics: ['Privilege Escalation', 'Execution', 'Persistence'], - technique_id: 'T1053', - technique_name: 'Scheduled Task', - }, - ], - authentication_id: 4904488, - command_line: 'SCHTASKS /CREATE /SC MINUTE /TN "Windiws" /TR "C:\\tmp\\scheduler.bat"', - depth: 2, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: '97e0ec3d6d99e8cc2b17ef2d3760e8fc', - node_id: 22376, - opcode: 1, - original_file_name: 'sctasks.exe', - parent_process_name: 'cmd.exe', - parent_process_path: 'C:\\Windows\\System32\\cmd.exe', - pid: 2864, - ppid: 3328, - process_name: 'schtasks.exe', - process_path: 'C:\\Windows\\System32\\schtasks.exe', - serial_event_id: 22376, - sha1: 'bd9dceffbcbbc82bee5f2109bd73a57477fe1f92', - sha256: '6dce7d58ebb0d705fcb4179349c441b45e160c94e43934c5ed8fa1964e2cd031', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 22238, - timestamp: 132137685249385472, - timestamp_utc: '2019-09-24 03:15:24Z', - unique_pid: 22376, - unique_ppid: 22238, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137685249385472, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - depth: 3, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 0, - md5: '97e0ec3d6d99e8cc2b17ef2d3760e8fc', - node_id: 22384, - opcode: 2, - original_file_name: 'sctasks.exe', - parent_process_name: 'cmd.exe', - parent_process_path: 'C:\\Windows\\System32\\cmd.exe', - pid: 2864, - ppid: 3328, - process_name: 'schtasks.exe', - process_path: 'C:\\Windows\\System32\\schtasks.exe', - serial_event_id: 22384, - sha1: 'bd9dceffbcbbc82bee5f2109bd73a57477fe1f92', - sha256: '6dce7d58ebb0d705fcb4179349c441b45e160c94e43934c5ed8fa1964e2cd031', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 22376, - timestamp: 132137685251515685, - timestamp_utc: '2019-09-24 03:15:25Z', - unique_pid: 22376, - unique_ppid: 22238, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137685251515685, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - authentication_id: 4904488, - command_line: '"C:\\Windows\\System32\\NOTEPAD.EXE" C:\\tmp\\scheduler.bat', - depth: 1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'f2c7bb8acc97f92e987a2d4087d021b1', - node_id: 22448, - opcode: 1, - original_file_name: 'NOTEPAD.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 4048, - ppid: 1808, - process_name: 'notepad.exe', - process_path: 'C:\\Windows\\System32\\notepad.exe', - serial_event_id: 22448, - sha1: '7eb0139d2175739b3ccb0d1110067820be6abd29', - sha256: '142e1d688ef0568370c37187fd9f2351d7ddeda574f8bfa9b0fa4ef42db85aa2', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18943, - timestamp: 132137685448755407, - timestamp_utc: '2019-09-24 03:15:44Z', - unique_pid: 22448, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137685448755407, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - depth: 2, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 0, - md5: 'f2c7bb8acc97f92e987a2d4087d021b1', - node_id: 22464, - opcode: 2, - original_file_name: 'NOTEPAD.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 4048, - ppid: 1808, - process_name: 'notepad.exe', - process_path: 'C:\\Windows\\System32\\notepad.exe', - serial_event_id: 22464, - sha1: '7eb0139d2175739b3ccb0d1110067820be6abd29', - sha256: '142e1d688ef0568370c37187fd9f2351d7ddeda574f8bfa9b0fa4ef42db85aa2', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 22448, - timestamp: 132137685516752206, - timestamp_utc: '2019-09-24 03:15:51Z', - unique_pid: 22448, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137685516752206, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - attack_references: [ - { - tactics: ['Execution'], - technique_id: 'T1085', - technique_name: 'Rundll32', - }, - ], - authentication_id: 4904488, - command_line: - '"C:\\Windows\\system32\\rundll32.exe" C:\\Windows\\system32\\shell32.dll,OpenAs_RunDLL C:\\tmp\\XLS_no_email_Upcoming Events February 2018.xls\\cb85072e6ca66a29cb0b73659a0fe5ba2456d9ba0b52e3a4c89e86549bc6e2c7.xls', - depth: 1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'dd81d91ff3b0763c392422865c9ac12e', - node_id: 22799, - opcode: 1, - original_file_name: 'RUNDLL32.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 2864, - ppid: 1808, - process_name: 'rundll32.exe', - process_path: 'C:\\Windows\\System32\\rundll32.exe', - serial_event_id: 22799, - sha1: '963b55acc8c566876364716d5aafa353995812a8', - sha256: 'f5691b8f200e3196e6808e932630e862f8f26f31cd949981373f23c9d87db8b9', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18943, - timestamp: 132137686572217742, - timestamp_utc: '2019-09-24 03:17:37Z', - unique_pid: 22799, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137686572217742, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - depth: 2, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 0, - md5: 'dd81d91ff3b0763c392422865c9ac12e', - node_id: 22805, - opcode: 2, - original_file_name: 'RUNDLL32.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 2864, - ppid: 1808, - process_name: 'rundll32.exe', - process_path: 'C:\\Windows\\System32\\rundll32.exe', - serial_event_id: 22805, - sha1: '963b55acc8c566876364716d5aafa353995812a8', - sha256: 'f5691b8f200e3196e6808e932630e862f8f26f31cd949981373f23c9d87db8b9', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 22799, - timestamp: 132137686585839104, - timestamp_utc: '2019-09-24 03:17:38Z', - unique_pid: 22799, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137686585839104, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - attack_references: [ - { - tactics: ['Execution'], - technique_id: 'T1085', - technique_name: 'Rundll32', - }, - ], - authentication_id: 4904488, - command_line: - '"C:\\Windows\\system32\\rundll32.exe" C:\\Windows\\system32\\shell32.dll,OpenAs_RunDLL C:\\tmp\\Upcoming Defense events February 2018.eml', - depth: 1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'dd81d91ff3b0763c392422865c9ac12e', - node_id: 22933, - opcode: 1, - original_file_name: 'RUNDLL32.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 1864, - ppid: 1808, - process_name: 'rundll32.exe', - process_path: 'C:\\Windows\\System32\\rundll32.exe', - serial_event_id: 22933, - sha1: '963b55acc8c566876364716d5aafa353995812a8', - sha256: 'f5691b8f200e3196e6808e932630e862f8f26f31cd949981373f23c9d87db8b9', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18943, - timestamp: 132137686702740793, - timestamp_utc: '2019-09-24 03:17:50Z', - unique_pid: 22933, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137686702740793, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - depth: 2, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 0, - md5: 'dd81d91ff3b0763c392422865c9ac12e', - node_id: 22945, - opcode: 2, - original_file_name: 'RUNDLL32.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 1864, - ppid: 1808, - process_name: 'rundll32.exe', - process_path: 'C:\\Windows\\System32\\rundll32.exe', - serial_event_id: 22945, - sha1: '963b55acc8c566876364716d5aafa353995812a8', - sha256: 'f5691b8f200e3196e6808e932630e862f8f26f31cd949981373f23c9d87db8b9', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 22933, - timestamp: 132137686718432362, - timestamp_utc: '2019-09-24 03:17:51Z', - unique_pid: 22933, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137686718432362, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - attack_references: [ - { - tactics: ['Execution'], - technique_id: 'T1085', - technique_name: 'Rundll32', - }, - ], - authentication_id: 4904488, - command_line: - '"C:\\Windows\\system32\\rundll32.exe" C:\\Windows\\system32\\shell32.dll,OpenAs_RunDLL C:\\Users\\Administrator\\AppData\\Roaming\\Microsoft\\Windows\\SendTo\\Mail Recipient.MAPIMail', - depth: 1, - elevated: true, - elevation_type: 'default', - event_subtype_full: 'creation_event', - event_type_full: 'process_event', - integrity_level: 'high', - md5: 'dd81d91ff3b0763c392422865c9ac12e', - node_id: 27050, - opcode: 1, - original_file_name: 'RUNDLL32.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 568, - ppid: 1808, - process_name: 'rundll32.exe', - process_path: 'C:\\Windows\\System32\\rundll32.exe', - serial_event_id: 27050, - sha1: '963b55acc8c566876364716d5aafa353995812a8', - sha256: 'f5691b8f200e3196e6808e932630e862f8f26f31cd949981373f23c9d87db8b9', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 18943, - timestamp: 132137686926723189, - timestamp_utc: '2019-09-24 03:18:12Z', - unique_pid: 27050, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137686926723189, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - { - collection_id: 'f287067d-3ec7-4d5a-b6de-ea1415bc5e56', - data_buffer: { - depth: 2, - event_subtype_full: 'termination_event', - event_type_full: 'process_event', - exit_code: 0, - md5: 'dd81d91ff3b0763c392422865c9ac12e', - node_id: 27053, - opcode: 2, - original_file_name: 'RUNDLL32.EXE', - parent_process_name: 'explorer.exe', - parent_process_path: 'C:\\Windows\\explorer.exe', - pid: 568, - ppid: 1808, - process_name: 'rundll32.exe', - process_path: 'C:\\Windows\\System32\\rundll32.exe', - serial_event_id: 27053, - sha1: '963b55acc8c566876364716d5aafa353995812a8', - sha256: 'f5691b8f200e3196e6808e932630e862f8f26f31cd949981373f23c9d87db8b9', - signature_signer: 'Microsoft Windows', - signature_status: 'trusted', - source_id: 27050, - timestamp: 132137686939784495, - timestamp_utc: '2019-09-24 03:18:13Z', - unique_pid: 27050, - unique_ppid: 18943, - user_domain: 'ENDPOINT-W-1-07', - user_name: 'vagrant', - user_sid: 'S-1-5-21-3883902650-1642591343-2485142877-1001', - }, - event_timestamp: 132137686939784495, - event_type: 4, - machine_id: '7f1660dc-2c12-ce99-71b8-1ef862aeec34', - serial_event_id: 0, - }, - ], - status: 'success', - task_id: '2bed7d8b-72b1-4650-882c-5167a2fe1735', - total_events_searched: 7730, - type: 'eventLoggingSearchResponse', - }, - }, - metadata: { - count: 39, - next: null, - next_url: null, - per_page: '4000', - previous_url: null, - timestamp: '2019-12-18T19:31:27.565110', - }, -}; - -export const sampleData: ProcessEventSampleData = rawData as ProcessEventSampleData; diff --git a/x-pack/plugins/security_solution/public/resolver/store/data/selectors.ts b/x-pack/plugins/security_solution/public/resolver/store/data/selectors.ts index 2873993cc645f..ba415e6d83c8d 100644 --- a/x-pack/plugins/security_solution/public/resolver/store/data/selectors.ts +++ b/x-pack/plugins/security_solution/public/resolver/store/data/selectors.ts @@ -529,3 +529,15 @@ export const processNodePositionsAndEdgeLineSegments = createSelector( }; } ); + +/** + * Returns the `children` and `ancestors` limits for the current graph, if any. + * + * @param state {DataState} the DataState from the reducer + */ +export const limitsReached = (state: DataState): { children: boolean; ancestors: boolean } => { + return { + children: state.lineageLimits.children !== null, + ancestors: state.lineageLimits.ancestors !== null, + }; +}; diff --git a/x-pack/plugins/security_solution/public/resolver/store/middleware.ts b/x-pack/plugins/security_solution/public/resolver/store/middleware.ts index 7f6f58dac7158..343b4e1a14478 100644 --- a/x-pack/plugins/security_solution/public/resolver/store/middleware.ts +++ b/x-pack/plugins/security_solution/public/resolver/store/middleware.ts @@ -12,7 +12,7 @@ import { ResolverEvent, ResolverChildren, ResolverAncestry, - LifecycleNode, + ResolverLifecycleNode, ResolverNodeStats, ResolverRelatedEvents, } from '../../../common/endpoint/types'; @@ -25,10 +25,10 @@ type MiddlewareFactory = ( ) => (next: Dispatch) => (action: ResolverAction) => unknown; function getLifecycleEventsAndStats( - nodes: LifecycleNode[], + nodes: ResolverLifecycleNode[], stats: Map ): ResolverEvent[] { - return nodes.reduce((flattenedEvents: ResolverEvent[], currentNode: LifecycleNode) => { + return nodes.reduce((flattenedEvents: ResolverEvent[], currentNode: ResolverLifecycleNode) => { if (currentNode.lifecycle && currentNode.lifecycle.length > 0) { flattenedEvents.push(...currentNode.lifecycle); } @@ -77,6 +77,8 @@ export const resolverMiddlewareFactory: MiddlewareFactory = (context) => { } const nodeStats: Map = new Map(); nodeStats.set(entityId, stats); + const lineageLimits = { children: children.nextChild, ancestors: ancestry.nextAncestor }; + const events = [ ...lifecycle, ...getLifecycleEventsAndStats(children.childNodes, nodeStats), @@ -84,8 +86,11 @@ export const resolverMiddlewareFactory: MiddlewareFactory = (context) => { ]; api.dispatch({ type: 'serverReturnedResolverData', - events, - stats: nodeStats, + payload: { + events, + stats: nodeStats, + lineageLimits, + }, }); } catch (error) { api.dispatch({ diff --git a/x-pack/plugins/security_solution/public/resolver/store/selectors.ts b/x-pack/plugins/security_solution/public/resolver/store/selectors.ts index bff30c62864f2..3a5c48009e5bb 100644 --- a/x-pack/plugins/security_solution/public/resolver/store/selectors.ts +++ b/x-pack/plugins/security_solution/public/resolver/store/selectors.ts @@ -152,6 +152,15 @@ export const graphableProcesses = composeSelectors( dataSelectors.graphableProcesses ); +/** + * Select the `ancestors` and `children` limits that were reached or exceeded + * during the request for the current tree. + */ +export const lineageLimitsReached = composeSelectors( + dataStateSelector, + dataSelectors.limitsReached +); + /** * Calls the `secondSelector` with the result of the `selector`. Use this when re-exporting a * concern-specific selector. `selector` should return the concern-specific state. diff --git a/x-pack/plugins/security_solution/public/resolver/types.ts b/x-pack/plugins/security_solution/public/resolver/types.ts index a48f3b59b0f6d..f0e401dd2e893 100644 --- a/x-pack/plugins/security_solution/public/resolver/types.ts +++ b/x-pack/plugins/security_solution/public/resolver/types.ts @@ -147,9 +147,10 @@ export type CameraState = { */ export interface DataState { readonly results: readonly ResolverEvent[]; - readonly relatedEventsStats: Map; + readonly relatedEventsStats: Readonly>; readonly relatedEvents: Map; readonly relatedEventsReady: Map; + readonly lineageLimits: Readonly<{ children: string | null; ancestors: string | null }>; isLoading: boolean; hasError: boolean; } diff --git a/x-pack/plugins/security_solution/public/resolver/view/use_camera.test.tsx b/x-pack/plugins/security_solution/public/resolver/view/use_camera.test.tsx index 8ed9f00d51af8..dc7cb9a2ab199 100644 --- a/x-pack/plugins/security_solution/public/resolver/view/use_camera.test.tsx +++ b/x-pack/plugins/security_solution/public/resolver/view/use_camera.test.tsx @@ -176,8 +176,11 @@ describe('useCamera on an unpainted element', () => { } const serverResponseAction: ResolverAction = { type: 'serverReturnedResolverData', - events, - stats: new Map(), + payload: { + events, + stats: new Map(), + lineageLimits: { children: null, ancestors: null }, + }, }; act(() => { store.dispatch(serverResponseAction); diff --git a/x-pack/plugins/security_solution/public/timelines/components/flyout/button/index.tsx b/x-pack/plugins/security_solution/public/timelines/components/flyout/button/index.tsx index ae05d99b58ee0..a1392ad8b8270 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/flyout/button/index.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/flyout/button/index.tsx @@ -10,7 +10,7 @@ import { rgba } from 'polished'; import React, { useMemo } from 'react'; import styled from 'styled-components'; -import { WithSource } from '../../../../common/containers/source'; +import { useWithSource } from '../../../../common/containers/source'; import { IS_DRAGGING_CLASS_NAME } from '../../../../common/components/drag_and_drop/helpers'; import { DataProvider } from '../../timeline/data_providers/data_provider'; import { flattenIntoAndGroups } from '../../timeline/data_providers/helpers'; @@ -84,6 +84,7 @@ interface FlyoutButtonProps { export const FlyoutButton = React.memo( ({ onOpen, show, dataProviders, timelineId }) => { const badgeCount = useMemo(() => getBadgeCount(dataProviders), [dataProviders]); + const { browserFields } = useWithSource(); if (!show) { return null; @@ -121,19 +122,15 @@ export const FlyoutButton = React.memo( - - {({ browserFields }) => ( - - )} - + ); diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/index.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/index.tsx index 51cfe8ae33b05..df76eb350ace7 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/index.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/index.tsx @@ -9,7 +9,7 @@ import { connect, ConnectedProps } from 'react-redux'; import deepEqual from 'fast-deep-equal'; import { NO_ALERT_INDEX } from '../../../../common/constants'; -import { WithSource } from '../../../common/containers/source'; +import { useWithSource } from '../../../common/containers/source'; import { useSignalIndex } from '../../../alerts/containers/detection_engine/alerts/use_signal_index'; import { inputsModel, inputsSelectors, State } from '../../../common/store'; import { timelineActions, timelineSelectors } from '../../store/timeline'; @@ -158,40 +158,38 @@ const StatefulTimelineComponent = React.memo( // eslint-disable-next-line react-hooks/exhaustive-deps }, []); + const { indexPattern, browserFields } = useWithSource('default', indexToAdd); + return ( - - {({ indexPattern, browserFields }) => ( - - )} - + ); }, (prevProps, nextProps) => { diff --git a/x-pack/plugins/security_solution/scripts/endpoint/README.md b/x-pack/plugins/security_solution/scripts/endpoint/README.md index 0c36a47307232..bd9502f2f59e0 100644 --- a/x-pack/plugins/security_solution/scripts/endpoint/README.md +++ b/x-pack/plugins/security_solution/scripts/endpoint/README.md @@ -13,52 +13,10 @@ Example command sequence to get ES and kibana running with sample data after ins `yarn es snapshot` -> starts ES -`npx yarn start --xpack.securitySolution.enabled=true --no-base-path` -> starts kibana +`npx yarn start --no-base-path` -> starts kibana. Note: you may need other configurations steps to start the security solution with endpoint support. -`cd ~/path/to/kibana/x-pack/plugins/endpoint` +`cd x-pack/plugins/security_solution/scripts/endpoint` -`yarn test:generate --auth elastic:changeme` -> run the resolver_generator.ts script +`yarn test:generate` -> run the resolver_generator.ts script -Resolver generator CLI options: - -```bash -Options: - --help Show help [boolean] - --seed, -s random seed to use for document generator - [string] - --node, -n elasticsearch node url - [string] [default: "http://elastic:changeme@localhost:9200"] - --kibana, -k kibana url - [string] [default: "http://elastic:changeme@localhost:5601"] - --eventIndex, --ei index to store events in - [string] [default: "events-endpoint-1"] - --metadataIndex, --mi index to store host metadata in - [string] [default: "metrics-endpoint.metadata-default-1"] - --policyIndex, --pi index to store host policy in - [string] [default: "metrics-endpoint.policy-default-1"] - --ancestors, --anc number of ancestors of origin to create - [number] [default: 3] - --generations, --gen number of child generations to create - [number] [default: 3] - --children, --ch maximum number of children per node - [number] [default: 3] - --relatedEvents, --related number of related events to create for each - process event [number] [default: 5] - --relatedAlerts, --relAlerts number of related alerts to create for each - process event [number] [default: 5] - --percentWithRelated, --pr percent of process events to add related events - and related alerts to [number] [default: 30] - --percentTerminated, --pt percent of process events to add termination - event for [number] [default: 30] - --maxChildrenPerNode, --maxCh always generate the max number of children per - node instead of it being random up to the max - children [boolean] [default: false] - --numHosts, --ne number of different hosts to generate alerts - for [number] [default: 1] - --numDocs, --nd number of metadata and policy response doc to - generate per host [number] [default: 5] - --alertsPerHost, --ape number of resolver trees to make for each host - [number] [default: 1] - --delete, -d delete indices and remake them - [boolean] [default: false] -``` +To see Resolver generator CLI options, run `yarn test:generate --help`. diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/metadata/index.ts b/x-pack/plugins/security_solution/server/endpoint/routes/metadata/index.ts index 4037f1a7cbc46..7c50a10846f9a 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/metadata/index.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/metadata/index.ts @@ -8,6 +8,7 @@ import { IRouter, Logger, RequestHandlerContext } from 'kibana/server'; import { SearchResponse } from 'elasticsearch'; import { schema } from '@kbn/config-schema'; +import Boom from 'boom'; import { metadataIndexPattern } from '../../../../common/endpoint/constants'; import { getESQueryHostMetadataByID, kibanaRequestToMetadataListESQuery } from './query_builders'; import { @@ -18,6 +19,7 @@ import { } from '../../../../common/endpoint/types'; import { EndpointAppContext } from '../../types'; import { AgentStatus } from '../../../../../ingest_manager/common/types/models'; +import { findAllUnenrolledHostIds, findUnenrolledHostByHostId, HostId } from './support/unenroll'; interface HitSource { _source: HostMetadata; @@ -68,10 +70,17 @@ export function registerEndpointRoutes(router: IRouter, endpointAppContext: Endp }, async (context, req, res) => { try { + const unenrolledHostIds = await findAllUnenrolledHostIds( + context.core.elasticsearch.legacy.client + ); + const queryParams = await kibanaRequestToMetadataListESQuery( req, endpointAppContext, - metadataIndexPattern + metadataIndexPattern, + { + unenrolledHostIds: unenrolledHostIds.map((host: HostId) => host.host.id), + } ); const response = (await context.core.elasticsearch.legacy.client.callAsCurrentUser( 'search', @@ -113,6 +122,12 @@ export function registerEndpointRoutes(router: IRouter, endpointAppContext: Endp return res.notFound({ body: 'Endpoint Not Found' }); } catch (err) { logger.warn(JSON.stringify(err, null, 2)); + if (err.isBoom) { + return res.customError({ + statusCode: err.output.statusCode, + body: { message: err.message }, + }); + } return res.internalError({ body: err }); } } @@ -123,6 +138,13 @@ export async function getHostData( metadataRequestContext: MetadataRequestContext, id: string ): Promise { + const unenrolledHostId = await findUnenrolledHostByHostId( + metadataRequestContext.requestHandlerContext.core.elasticsearch.legacy.client, + id + ); + if (unenrolledHostId) { + throw Boom.badRequest('the requested endpoint is unenrolled'); + } const query = getESQueryHostMetadataByID(id, metadataIndexPattern); const response = (await metadataRequestContext.requestHandlerContext.core.elasticsearch.legacy.client.callAsCurrentUser( 'search', diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/metadata/metadata.test.ts b/x-pack/plugins/security_solution/server/endpoint/routes/metadata/metadata.test.ts index c04975fa8b28e..1ca205f669fa3 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/metadata/metadata.test.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/metadata/metadata.test.ts @@ -35,6 +35,7 @@ import Boom from 'boom'; import { EndpointAppContextService } from '../../endpoint_app_context_services'; import { createMockConfig } from '../../../lib/detection_engine/routes/__mocks__'; import { EndpointDocGenerator } from '../../../../common/endpoint/generate_data'; +import { HostId } from './support/unenroll'; describe('test endpoint route', () => { let routerMock: jest.Mocked; @@ -50,6 +51,12 @@ describe('test endpoint route', () => { typeof createMockEndpointAppContextServiceStartContract >['agentService']; let endpointAppContextService: EndpointAppContextService; + const noUnenrolledEndpoint = () => + Promise.resolve(({ + hits: { + hits: [], + }, + } as unknown) as SearchResponse); beforeEach(() => { mockClusterClient = elasticsearchServiceMock.createClusterClient() as jest.Mocked< @@ -77,7 +84,9 @@ describe('test endpoint route', () => { it('test find the latest of all endpoints', async () => { const mockRequest = httpServerMock.createKibanaRequest({}); const response = createSearchResponse(new EndpointDocGenerator().generateHostMetadata()); - mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); + mockScopedClient.callAsCurrentUser + .mockImplementationOnce(noUnenrolledEndpoint) + .mockImplementationOnce(() => Promise.resolve(response)); [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => path.startsWith('/api/endpoint/metadata') )!; @@ -88,7 +97,7 @@ describe('test endpoint route', () => { mockResponse ); - expect(mockScopedClient.callAsCurrentUser).toBeCalled(); + expect(mockScopedClient.callAsCurrentUser).toHaveBeenCalledTimes(2); expect(routeConfig.options).toEqual({ authRequired: true }); expect(mockResponse.ok).toBeCalled(); const endpointResultList = mockResponse.ok.mock.calls[0][0]?.body as HostResultList; @@ -113,9 +122,11 @@ describe('test endpoint route', () => { }); mockAgentService.getAgentStatusById = jest.fn().mockReturnValue('error'); - mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => - Promise.resolve(createSearchResponse(new EndpointDocGenerator().generateHostMetadata())) - ); + mockScopedClient.callAsCurrentUser + .mockImplementationOnce(noUnenrolledEndpoint) + .mockImplementationOnce(() => + Promise.resolve(createSearchResponse(new EndpointDocGenerator().generateHostMetadata())) + ); [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => path.startsWith('/api/endpoint/metadata') )!; @@ -126,8 +137,8 @@ describe('test endpoint route', () => { mockResponse ); - expect(mockScopedClient.callAsCurrentUser).toBeCalled(); - expect(mockScopedClient.callAsCurrentUser.mock.calls[0][1]?.body?.query).toEqual({ + expect(mockScopedClient.callAsCurrentUser).toHaveBeenCalledTimes(2); + expect(mockScopedClient.callAsCurrentUser.mock.calls[1][1]?.body?.query).toEqual({ match_all: {}, }); expect(routeConfig.options).toEqual({ authRequired: true }); @@ -156,9 +167,11 @@ describe('test endpoint route', () => { }); mockAgentService.getAgentStatusById = jest.fn().mockReturnValue('error'); - mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => - Promise.resolve(createSearchResponse(new EndpointDocGenerator().generateHostMetadata())) - ); + mockScopedClient.callAsCurrentUser + .mockImplementationOnce(noUnenrolledEndpoint) + .mockImplementationOnce(() => + Promise.resolve(createSearchResponse(new EndpointDocGenerator().generateHostMetadata())) + ); [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => path.startsWith('/api/endpoint/metadata') )!; @@ -170,20 +183,26 @@ describe('test endpoint route', () => { ); expect(mockScopedClient.callAsCurrentUser).toBeCalled(); - expect(mockScopedClient.callAsCurrentUser.mock.calls[0][1]?.body?.query).toEqual({ + expect(mockScopedClient.callAsCurrentUser.mock.calls[1][1]?.body?.query).toEqual({ bool: { - must_not: { - bool: { - minimum_should_match: 1, - should: [ - { - match: { - 'host.ip': '10.140.73.246', + must: [ + { + bool: { + must_not: { + bool: { + minimum_should_match: 1, + should: [ + { + match: { + 'host.ip': '10.140.73.246', + }, + }, + ], }, }, - ], + }, }, - }, + ], }, }); expect(routeConfig.options).toEqual({ authRequired: true }); @@ -199,9 +218,10 @@ describe('test endpoint route', () => { it('should return 404 on no results', async () => { const mockRequest = httpServerMock.createKibanaRequest({ params: { id: 'BADID' } }); - mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => - Promise.resolve(createSearchResponse()) - ); + mockScopedClient.callAsCurrentUser + .mockImplementationOnce(noUnenrolledEndpoint) + .mockImplementationOnce(() => Promise.resolve(createSearchResponse())); + mockAgentService.getAgentStatusById = jest.fn().mockReturnValue('error'); [routeConfig, routeHandler] = routerMock.get.mock.calls.find(([{ path }]) => path.startsWith('/api/endpoint/metadata') @@ -212,7 +232,7 @@ describe('test endpoint route', () => { mockResponse ); - expect(mockScopedClient.callAsCurrentUser).toBeCalled(); + expect(mockScopedClient.callAsCurrentUser).toHaveBeenCalledTimes(2); expect(routeConfig.options).toEqual({ authRequired: true }); expect(mockResponse.notFound).toBeCalled(); const message = mockResponse.notFound.mock.calls[0][0]?.body; @@ -224,8 +244,12 @@ describe('test endpoint route', () => { const mockRequest = httpServerMock.createKibanaRequest({ params: { id: response.hits.hits[0]._id }, }); + mockAgentService.getAgentStatusById = jest.fn().mockReturnValue('online'); - mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); + mockScopedClient.callAsCurrentUser + .mockImplementationOnce(noUnenrolledEndpoint) + .mockImplementationOnce(() => Promise.resolve(response)); + [routeConfig, routeHandler] = routerMock.get.mock.calls.find(([{ path }]) => path.startsWith('/api/endpoint/metadata') )!; @@ -236,7 +260,7 @@ describe('test endpoint route', () => { mockResponse ); - expect(mockScopedClient.callAsCurrentUser).toBeCalled(); + expect(mockScopedClient.callAsCurrentUser).toHaveBeenCalledTimes(2); expect(routeConfig.options).toEqual({ authRequired: true }); expect(mockResponse.ok).toBeCalled(); const result = mockResponse.ok.mock.calls[0][0]?.body as HostInfo; @@ -254,7 +278,11 @@ describe('test endpoint route', () => { mockAgentService.getAgentStatusById = jest.fn().mockImplementation(() => { throw Boom.notFound('Agent not found'); }); - mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); + + mockScopedClient.callAsCurrentUser + .mockImplementationOnce(noUnenrolledEndpoint) + .mockImplementationOnce(() => Promise.resolve(response)); + [routeConfig, routeHandler] = routerMock.get.mock.calls.find(([{ path }]) => path.startsWith('/api/endpoint/metadata') )!; @@ -265,7 +293,7 @@ describe('test endpoint route', () => { mockResponse ); - expect(mockScopedClient.callAsCurrentUser).toBeCalled(); + expect(mockScopedClient.callAsCurrentUser).toHaveBeenCalledTimes(2); expect(routeConfig.options).toEqual({ authRequired: true }); expect(mockResponse.ok).toBeCalled(); const result = mockResponse.ok.mock.calls[0][0]?.body as HostInfo; @@ -280,7 +308,11 @@ describe('test endpoint route', () => { }); mockAgentService.getAgentStatusById = jest.fn().mockReturnValue('warning'); - mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); + + mockScopedClient.callAsCurrentUser + .mockImplementationOnce(noUnenrolledEndpoint) + .mockImplementationOnce(() => Promise.resolve(response)); + [routeConfig, routeHandler] = routerMock.get.mock.calls.find(([{ path }]) => path.startsWith('/api/endpoint/metadata') )!; @@ -291,12 +323,50 @@ describe('test endpoint route', () => { mockResponse ); - expect(mockScopedClient.callAsCurrentUser).toBeCalled(); + expect(mockScopedClient.callAsCurrentUser).toHaveBeenCalledTimes(2); expect(routeConfig.options).toEqual({ authRequired: true }); expect(mockResponse.ok).toBeCalled(); const result = mockResponse.ok.mock.calls[0][0]?.body as HostInfo; expect(result.host_status).toEqual(HostStatus.ERROR); }); + + it('should throw error when endpoint is unenrolled', async () => { + const mockRequest = httpServerMock.createKibanaRequest({ + params: { id: 'hostId' }, + }); + + mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => + Promise.resolve(({ + hits: { + hits: [ + { + _index: 'metrics-endpoint.metadata_mirror-default', + _id: 'S5M1yHIBLSMVtiLw6Wpr', + _score: 0.0, + _source: { + host: { + id: 'hostId', + }, + }, + }, + ], + }, + } as unknown) as SearchResponse) + ); + + [routeConfig, routeHandler] = routerMock.get.mock.calls.find(([{ path }]) => + path.startsWith('/api/endpoint/metadata') + )!; + + await routeHandler( + createRouteHandlerContext(mockScopedClient, mockSavedObjectClient), + mockRequest, + mockResponse + ); + + expect(mockScopedClient.callAsCurrentUser).toHaveBeenCalledTimes(1); + expect(mockResponse.customError).toBeCalled(); + }); }); }); @@ -319,7 +389,7 @@ function createSearchResponse(hostMetadata?: HostMetadata): SearchResponse { // eslint-disable-next-line @typescript-eslint/no-explicit-any } as Record); }); + + it( + 'test default query params for all endpoints metadata when no params or body is provided ' + + 'with unenrolled host ids excluded', + async () => { + const unenrolledHostId = '1fdca33f-799f-49f4-939c-ea4383c77672'; + const mockRequest = httpServerMock.createKibanaRequest({ + body: {}, + }); + const query = await kibanaRequestToMetadataListESQuery( + mockRequest, + { + logFactory: loggingSystemMock.create(), + service: new EndpointAppContextService(), + config: () => Promise.resolve(createMockConfig()), + }, + metadataIndexPattern, + { + unenrolledHostIds: [unenrolledHostId], + } + ); + + expect(query).toEqual({ + body: { + query: { + bool: { + must_not: { + terms: { + 'host.id': ['1fdca33f-799f-49f4-939c-ea4383c77672'], + }, + }, + }, + }, + collapse: { + field: 'host.id', + inner_hits: { + name: 'most_recent', + size: 1, + sort: [{ 'event.created': 'desc' }], + }, + }, + aggs: { + total: { + cardinality: { + field: 'host.id', + }, + }, + }, + sort: [ + { + 'event.created': { + order: 'desc', + }, + }, + ], + }, + from: 0, + size: 10, + index: metadataIndexPattern, + // eslint-disable-next-line @typescript-eslint/no-explicit-any + } as Record); + } + ); }); describe('test query builder with kql filter', () => { @@ -76,22 +139,29 @@ describe('query builder', () => { }, metadataIndexPattern ); + expect(query).toEqual({ body: { query: { bool: { - must_not: { - bool: { - minimum_should_match: 1, - should: [ - { - match: { - 'host.ip': '10.140.73.246', + must: [ + { + bool: { + must_not: { + bool: { + should: [ + { + match: { + 'host.ip': '10.140.73.246', + }, + }, + ], + minimum_should_match: 1, }, }, - ], + }, }, - }, + ], }, }, collapse: { @@ -123,6 +193,93 @@ describe('query builder', () => { // eslint-disable-next-line @typescript-eslint/no-explicit-any } as Record); }); + + it( + 'test default query params for all endpoints endpoint metadata excluding unerolled endpoint ' + + 'and when body filter is provided', + async () => { + const unenrolledHostId = '1fdca33f-799f-49f4-939c-ea4383c77672'; + const mockRequest = httpServerMock.createKibanaRequest({ + body: { + filter: 'not host.ip:10.140.73.246', + }, + }); + const query = await kibanaRequestToMetadataListESQuery( + mockRequest, + { + logFactory: loggingSystemMock.create(), + service: new EndpointAppContextService(), + config: () => Promise.resolve(createMockConfig()), + }, + metadataIndexPattern, + { + unenrolledHostIds: [unenrolledHostId], + } + ); + + expect(query).toEqual({ + body: { + query: { + bool: { + must: [ + { + bool: { + must_not: { + terms: { + 'host.id': [unenrolledHostId], + }, + }, + }, + }, + { + bool: { + must_not: { + bool: { + should: [ + { + match: { + 'host.ip': '10.140.73.246', + }, + }, + ], + minimum_should_match: 1, + }, + }, + }, + }, + ], + }, + }, + collapse: { + field: 'host.id', + inner_hits: { + name: 'most_recent', + size: 1, + sort: [{ 'event.created': 'desc' }], + }, + }, + aggs: { + total: { + cardinality: { + field: 'host.id', + }, + }, + }, + sort: [ + { + 'event.created': { + order: 'desc', + }, + }, + ], + }, + from: 0, + size: 10, + index: metadataIndexPattern, + // eslint-disable-next-line @typescript-eslint/no-explicit-any + } as Record); + } + ); }); describe('MetadataGetQuery', () => { diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/metadata/query_builders.ts b/x-pack/plugins/security_solution/server/endpoint/routes/metadata/query_builders.ts index 075e4377f0b2a..b6ec91675f248 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/metadata/query_builders.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/metadata/query_builders.ts @@ -7,17 +7,22 @@ import { KibanaRequest } from 'kibana/server'; import { esKuery } from '../../../../../../../src/plugins/data/server'; import { EndpointAppContext } from '../../types'; -export const kibanaRequestToMetadataListESQuery = async ( +export interface QueryBuilderOptions { + unenrolledHostIds?: string[]; +} + +export async function kibanaRequestToMetadataListESQuery( // eslint-disable-next-line @typescript-eslint/no-explicit-any request: KibanaRequest, endpointAppContext: EndpointAppContext, - index: string + index: string, + queryBuilderOptions?: QueryBuilderOptions // eslint-disable-next-line @typescript-eslint/no-explicit-any -): Promise> => { +): Promise> { const pagingProperties = await getPagingProperties(request, endpointAppContext); return { body: { - query: buildQueryBody(request), + query: buildQueryBody(request, queryBuilderOptions?.unenrolledHostIds!), collapse: { field: 'host.id', inner_hits: { @@ -45,7 +50,7 @@ export const kibanaRequestToMetadataListESQuery = async ( size: pagingProperties.pageSize, index, }; -}; +} async function getPagingProperties( // eslint-disable-next-line @typescript-eslint/no-explicit-any @@ -68,14 +73,53 @@ async function getPagingProperties( }; } -// eslint-disable-next-line @typescript-eslint/no-explicit-any -function buildQueryBody(request: KibanaRequest): Record { +function buildQueryBody( + // eslint-disable-next-line @typescript-eslint/no-explicit-any + request: KibanaRequest, + unerolledHostIds: string[] | undefined + // eslint-disable-next-line @typescript-eslint/no-explicit-any +): Record { + const filterUnenrolledHosts = unerolledHostIds && unerolledHostIds.length > 0; if (typeof request?.body?.filter === 'string') { - return esKuery.toElasticsearchQuery(esKuery.fromKueryExpression(request.body.filter)); + const kqlQuery = esKuery.toElasticsearchQuery(esKuery.fromKueryExpression(request.body.filter)); + return { + bool: { + must: filterUnenrolledHosts + ? [ + { + bool: { + must_not: { + terms: { + 'host.id': unerolledHostIds, + }, + }, + }, + }, + { + ...kqlQuery, + }, + ] + : [ + { + ...kqlQuery, + }, + ], + }, + }; } - return { - match_all: {}, - }; + return filterUnenrolledHosts + ? { + bool: { + must_not: { + terms: { + 'host.id': unerolledHostIds, + }, + }, + }, + } + : { + match_all: {}, + }; } export function getESQueryHostMetadataByID(hostID: string, index: string) { diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/metadata/support/unenroll.test.ts b/x-pack/plugins/security_solution/server/endpoint/routes/metadata/support/unenroll.test.ts new file mode 100644 index 0000000000000..2e6bb2c976fef --- /dev/null +++ b/x-pack/plugins/security_solution/server/endpoint/routes/metadata/support/unenroll.test.ts @@ -0,0 +1,147 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { IScopedClusterClient } from 'kibana/server'; +import { + findAllUnenrolledHostIds, + fetchAllUnenrolledHostIdsWithScroll, + HostId, + findUnenrolledHostByHostId, +} from './unenroll'; +import { elasticsearchServiceMock } from '../../../../../../../../src/core/server/mocks'; +import { SearchResponse } from 'elasticsearch'; +import { metadataMirrorIndexPattern } from '../../../../../common/endpoint/constants'; +import { EndpointStatus } from '../../../../../common/endpoint/types'; + +const noUnenrolledEndpoint = () => + Promise.resolve(({ + hits: { + hits: [], + }, + } as unknown) as SearchResponse); + +describe('test find all unenrolled HostId', () => { + let mockScopedClient: jest.Mocked; + + it('can find all hits with scroll', async () => { + const firstHostId = '1fdca33f-799f-49f4-939c-ea4383c77671'; + const secondHostId = '2fdca33f-799f-49f4-939c-ea4383c77672'; + mockScopedClient = elasticsearchServiceMock.createScopedClusterClient(); + mockScopedClient.callAsCurrentUser + .mockImplementationOnce(() => Promise.resolve(createSearchResponse(secondHostId, 'scrollId'))) + .mockImplementationOnce(noUnenrolledEndpoint); + + const initialResponse = createSearchResponse(firstHostId, 'initialScrollId'); + const hostIds = await fetchAllUnenrolledHostIdsWithScroll( + initialResponse, + mockScopedClient.callAsCurrentUser + ); + + expect(hostIds).toEqual([{ host: { id: firstHostId } }, { host: { id: secondHostId } }]); + }); + + it('can find all unerolled endpoint host ids', async () => { + const firstEndpointHostId = '1fdca33f-799f-49f4-939c-ea4383c77671'; + const secondEndpointHostId = '2fdca33f-799f-49f4-939c-ea4383c77672'; + mockScopedClient = elasticsearchServiceMock.createScopedClusterClient(); + mockScopedClient.callAsCurrentUser + .mockImplementationOnce(() => + Promise.resolve(createSearchResponse(firstEndpointHostId, 'initialScrollId')) + ) + .mockImplementationOnce(() => + Promise.resolve(createSearchResponse(secondEndpointHostId, 'scrollId')) + ) + .mockImplementationOnce(noUnenrolledEndpoint); + const hostIds = await findAllUnenrolledHostIds(mockScopedClient); + + expect(mockScopedClient.callAsCurrentUser.mock.calls[0][1]).toEqual({ + index: metadataMirrorIndexPattern, + scroll: '30s', + body: { + size: 1000, + _source: ['host.id'], + query: { + bool: { + filter: { + term: { + 'Endpoint.status': EndpointStatus.unenrolled, + }, + }, + }, + }, + }, + }); + expect(hostIds).toEqual([ + { host: { id: firstEndpointHostId } }, + { host: { id: secondEndpointHostId } }, + ]); + }); +}); + +describe('test find unenrolled endpoint host id by hostId', () => { + let mockScopedClient: jest.Mocked; + + it('can find unenrolled endpoint by the host id when unenrolled', async () => { + const firstEndpointHostId = '1fdca33f-799f-49f4-939c-ea4383c77671'; + mockScopedClient = elasticsearchServiceMock.createScopedClusterClient(); + mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => + Promise.resolve(createSearchResponse(firstEndpointHostId, 'initialScrollId')) + ); + const endpointHostId = await findUnenrolledHostByHostId(mockScopedClient, firstEndpointHostId); + expect(mockScopedClient.callAsCurrentUser.mock.calls[0][1]?.index).toEqual( + metadataMirrorIndexPattern + ); + expect(mockScopedClient.callAsCurrentUser.mock.calls[0][1]?.body).toEqual({ + size: 1, + _source: ['host.id'], + query: { + bool: { + filter: [ + { + term: { + 'Endpoint.status': EndpointStatus.unenrolled, + }, + }, + { + term: { + 'host.id': firstEndpointHostId, + }, + }, + ], + }, + }, + }); + expect(endpointHostId).toEqual({ host: { id: firstEndpointHostId } }); + }); + + it('find unenrolled endpoint host by the host id return undefined when no unenrolled host', async () => { + const firstHostId = '1fdca33f-799f-49f4-939c-ea4383c77671'; + mockScopedClient = elasticsearchServiceMock.createScopedClusterClient(); + mockScopedClient.callAsCurrentUser.mockImplementationOnce(noUnenrolledEndpoint); + const hostId = await findUnenrolledHostByHostId(mockScopedClient, firstHostId); + expect(hostId).toBeFalsy(); + }); +}); + +function createSearchResponse(hostId: string, scrollId: string): SearchResponse { + return ({ + hits: { + hits: [ + { + _index: metadataMirrorIndexPattern, + _id: 'S5M1yHIBLSMVtiLw6Wpr', + _score: 0.0, + _source: { + host: { + id: hostId, + }, + }, + }, + ], + }, + _scroll_id: scrollId, + } as unknown) as SearchResponse; +} diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/metadata/support/unenroll.ts b/x-pack/plugins/security_solution/server/endpoint/routes/metadata/support/unenroll.ts new file mode 100644 index 0000000000000..ef6898fad2807 --- /dev/null +++ b/x-pack/plugins/security_solution/server/endpoint/routes/metadata/support/unenroll.ts @@ -0,0 +1,114 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { APICaller, IScopedClusterClient } from 'kibana/server'; +import { SearchResponse } from 'elasticsearch'; +import { metadataMirrorIndexPattern } from '../../../../../common/endpoint/constants'; +import { EndpointStatus } from '../../../../../common/endpoint/types'; + +const KEEPALIVE = '30s'; +const SIZE = 1000; + +export interface HostId { + host: { + id: string; + }; +} + +interface HitSource { + _source: HostId; +} + +export async function findUnenrolledHostByHostId( + client: IScopedClusterClient, + hostId: string +): Promise { + const queryParams = { + index: metadataMirrorIndexPattern, + body: { + size: 1, + _source: ['host.id'], + query: { + bool: { + filter: [ + { + term: { + 'Endpoint.status': EndpointStatus.unenrolled, + }, + }, + { + term: { + 'host.id': hostId, + }, + }, + ], + }, + }, + }, + }; + + const response = (await client.callAsCurrentUser('search', queryParams)) as SearchResponse< + HostId + >; + const newHits = response.hits?.hits || []; + + if (newHits.length > 0) { + const hostIds = newHits.map((hitSource: HitSource) => hitSource._source); + return hostIds[0]; + } else { + return undefined; + } +} + +export async function findAllUnenrolledHostIds(client: IScopedClusterClient): Promise { + const queryParams = { + index: metadataMirrorIndexPattern, + scroll: KEEPALIVE, + body: { + size: SIZE, + _source: ['host.id'], + query: { + bool: { + filter: { + term: { + 'Endpoint.status': EndpointStatus.unenrolled, + }, + }, + }, + }, + }, + }; + const response = (await client.callAsCurrentUser('search', queryParams)) as SearchResponse< + HostId + >; + + return fetchAllUnenrolledHostIdsWithScroll(response, client.callAsCurrentUser); +} + +export async function fetchAllUnenrolledHostIdsWithScroll( + response: SearchResponse, + client: APICaller, + hits: HostId[] = [] +): Promise { + let newHits = response.hits?.hits || []; + let scrollId = response._scroll_id; + + while (newHits.length > 0) { + const hostIds: HostId[] = newHits.map((hitSource: HitSource) => hitSource._source); + hits.push(...hostIds); + + const innerResponse = await client('scroll', { + body: { + scroll: KEEPALIVE, + scroll_id: scrollId, + }, + }); + + newHits = innerResponse.hits?.hits || []; + scrollId = innerResponse._scroll_id; + } + return hits; +} diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/resolver/utils/children_helper.ts b/x-pack/plugins/security_solution/server/endpoint/routes/resolver/utils/children_helper.ts index 7a3e1fc591e82..e60e5087c30a9 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/resolver/utils/children_helper.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/resolver/utils/children_helper.ts @@ -9,7 +9,11 @@ import { parentEntityId, isProcessStart, } from '../../../../../common/endpoint/models/event'; -import { ChildNode, ResolverEvent, ResolverChildren } from '../../../../../common/endpoint/types'; +import { + ResolverChildNode, + ResolverEvent, + ResolverChildren, +} from '../../../../../common/endpoint/types'; import { PaginationBuilder } from './pagination'; import { createChild } from './node'; @@ -17,7 +21,7 @@ import { createChild } from './node'; * This class helps construct the children structure when building a resolver tree. */ export class ChildrenNodesHelper { - private readonly cache: Map = new Map(); + private readonly cache: Map = new Map(); constructor(private readonly rootID: string) { this.cache.set(rootID, createChild(rootID)); @@ -27,7 +31,7 @@ export class ChildrenNodesHelper { * Constructs a ResolverChildren response based on the children that were previously add. */ getNodes(): ResolverChildren { - const cacheCopy: Map = new Map(this.cache); + const cacheCopy: Map = new Map(this.cache); const rootNode = cacheCopy.get(this.rootID); let rootNextChild = null; diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/resolver/utils/fetch.ts b/x-pack/plugins/security_solution/server/endpoint/routes/resolver/utils/fetch.ts index d448649ae447b..0af2fca7106be 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/resolver/utils/fetch.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/resolver/utils/fetch.ts @@ -10,7 +10,7 @@ import { ResolverRelatedEvents, ResolverAncestry, ResolverRelatedAlerts, - LifecycleNode, + ResolverLifecycleNode, ResolverEvent, } from '../../../../../common/endpoint/types'; import { @@ -143,7 +143,7 @@ export class Fetcher { return tree; } - private async getNode(entityID: string): Promise { + private async getNode(entityID: string): Promise { const query = new LifecycleQuery(this.eventsIndexPattern, this.endpointID); const results = await query.search(this.client, entityID); if (results.length === 0) { @@ -186,7 +186,7 @@ export class Fetcher { // bucket the start and end events together for a single node const ancestryNodes = results.reduce( - (nodes: Map, ancestorEvent: ResolverEvent) => { + (nodes: Map, ancestorEvent: ResolverEvent) => { const nodeId = entityId(ancestorEvent); let node = nodes.get(nodeId); if (!node) { diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/resolver/utils/node.ts b/x-pack/plugins/security_solution/server/endpoint/routes/resolver/utils/node.ts index 58aa9efc1fc56..57a2ebfcc1792 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/resolver/utils/node.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/resolver/utils/node.ts @@ -7,10 +7,10 @@ import { ResolverEvent, ResolverAncestry, - LifecycleNode, + ResolverLifecycleNode, ResolverRelatedEvents, ResolverTree, - ChildNode, + ResolverChildNode, ResolverRelatedAlerts, } from '../../../../../common/endpoint/types'; @@ -49,7 +49,7 @@ export function createRelatedAlerts( * * @param entityID the entity_id of the child */ -export function createChild(entityID: string): ChildNode { +export function createChild(entityID: string): ResolverChildNode { const lifecycle = createLifecycle(entityID, []); return { ...lifecycle, @@ -70,7 +70,10 @@ export function createAncestry(): ResolverAncestry { * @param id the entity_id that these lifecycle nodes should have * @param lifecycle an array of lifecycle events */ -export function createLifecycle(entityID: string, lifecycle: ResolverEvent[]): LifecycleNode { +export function createLifecycle( + entityID: string, + lifecycle: ResolverEvent[] +): ResolverLifecycleNode { return { entityID, lifecycle }; } diff --git a/x-pack/plugins/security_solution/server/index.ts b/x-pack/plugins/security_solution/server/index.ts index 8a77137c20c11..06b35213b4713 100644 --- a/x-pack/plugins/security_solution/server/index.ts +++ b/x-pack/plugins/security_solution/server/index.ts @@ -4,15 +4,41 @@ * you may not use this file except in compliance with the Elastic License. */ -import { PluginInitializerContext } from '../../../../src/core/server'; +import { PluginInitializerContext, PluginConfigDescriptor } from '../../../../src/core/server'; import { Plugin, PluginSetup, PluginStart } from './plugin'; import { configSchema, ConfigType } from './config'; +import { SIGNALS_INDEX_KEY } from '../common/constants'; export const plugin = (context: PluginInitializerContext) => { return new Plugin(context); }; -export const config = { schema: configSchema }; +export const config: PluginConfigDescriptor = { + schema: configSchema, + deprecations: ({ renameFromRoot }) => [ + renameFromRoot('xpack.siem.enabled', 'xpack.securitySolution.enabled'), + renameFromRoot( + 'xpack.siem.maxRuleImportExportSize', + 'xpack.securitySolution.maxRuleImportExportSize' + ), + renameFromRoot( + 'xpack.siem.maxRuleImportPayloadBytes', + 'xpack.securitySolution.maxRuleImportPayloadBytes' + ), + renameFromRoot( + 'xpack.siem.maxTimelineImportExportSize', + 'xpack.securitySolution.maxTimelineImportExportSize' + ), + renameFromRoot( + 'xpack.siem.maxTimelineImportPayloadBytes', + 'xpack.securitySolution.maxTimelineImportPayloadBytes' + ), + renameFromRoot( + `xpack.siem.${SIGNALS_INDEX_KEY}`, + `xpack.securitySolution.${SIGNALS_INDEX_KEY}` + ), + ], +}; export { ConfigType, Plugin, PluginSetup, PluginStart }; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts index 9928ce4807da9..581946f2300b4 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts @@ -27,6 +27,7 @@ import { RuleNotificationAlertType } from '../../notifications/types'; import { QuerySignalsSchemaDecoded } from '../../../../../common/detection_engine/schemas/request/query_signals_index_schema'; import { SetSignalsStatusSchemaDecoded } from '../../../../../common/detection_engine/schemas/request/set_signal_status_schema'; import { getCreateRulesSchemaMock } from '../../../../../common/detection_engine/schemas/request/create_rules_schema.mock'; +import { getListArrayMock } from '../../../../../common/detection_engine/schemas/types/lists.mock'; export const typicalSetStatusSignalByIdsPayload = (): SetSignalsStatusSchemaDecoded => ({ signal_ids: ['somefakeid1', 'somefakeid2'], @@ -390,38 +391,7 @@ export const getResult = (): RuleAlertType => ({ references: ['http://www.example.com', 'https://ww.example.com'], note: '# Investigative notes', version: 1, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ], + exceptionsList: getListArrayMock(), }, createdAt: new Date('2019-12-13T16:40:33.400Z'), updatedAt: new Date('2019-12-13T16:40:33.400Z'), diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/utils.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/utils.ts index 063c9dffd66dd..7b7d3fbdea0bf 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/utils.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/utils.ts @@ -8,6 +8,7 @@ import { Readable } from 'stream'; import { HapiReadableStream } from '../../rules/types'; import { RulesSchema } from '../../../../../common/detection_engine/schemas/response/rules_schema'; +import { getListArrayMock } from '../../../../../common/detection_engine/schemas/types/lists.mock'; /** * Given a string, builds a hapi stream as our @@ -76,38 +77,7 @@ export const getOutputRuleAlertForRest = (): Omit< ], }, ], - exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ], + exceptions_list: getListArrayMock(), filters: [ { query: { diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/validate.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/validate.test.ts index 1f5442e23d884..0065696712628 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/validate.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/validate.test.ts @@ -14,6 +14,7 @@ import { FindResult } from '../../../../../../alerts/server'; import { BulkError } from '../utils'; import { setFeatureFlagsForTestsOnly, unSetFeatureFlagsForTestsOnly } from '../../feature_flags'; import { RulesSchema } from '../../../../../common/detection_engine/schemas/response/rules_schema'; +import { getListArrayMock } from '../../../../../common/detection_engine/schemas/types/lists.mock'; export const ruleOutput: RulesSchema = { actions: [], @@ -68,38 +69,7 @@ export const ruleOutput: RulesSchema = { }, }, ], - exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ], + exceptions_list: getListArrayMock(), index: ['auditbeat-*', 'filebeat-*', 'packetbeat-*', 'winlogbeat-*'], meta: { someMeta: 'someField', diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_all.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_all.test.ts index ee21c33540024..7d4bbfdced432 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_all.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_all.test.ts @@ -80,36 +80,8 @@ describe('getExportAll', () => { note: '# Investigative notes', version: 1, exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, + { id: 'some_uuid', namespace_type: 'single' }, + { id: 'some_uuid', namespace_type: 'agnostic' }, ], })}\n`, exportDetails: `${JSON.stringify({ diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts index b00b7353a370f..043e563a4c8b5 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts @@ -88,36 +88,8 @@ describe('get_export_by_object_ids', () => { note: '# Investigative notes', version: 1, exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, + { id: 'some_uuid', namespace_type: 'single' }, + { id: 'some_uuid', namespace_type: 'agnostic' }, ], })}\n`, exportDetails: `${JSON.stringify({ @@ -216,36 +188,8 @@ describe('get_export_by_object_ids', () => { note: '# Investigative notes', version: 1, exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, + { id: 'some_uuid', namespace_type: 'single' }, + { id: 'some_uuid', namespace_type: 'agnostic' }, ], }, ], diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/types.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/types.ts index 4b84057f6d795..fc95f0cfeb78e 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/types.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/types.ts @@ -14,7 +14,6 @@ import { SavedObjectsClientContract, } from 'kibana/server'; import { RuleAlertAction } from '../../../../common/detection_engine/types'; -import { ListsDefaultArraySchema } from '../../../../common/detection_engine/schemas/types/lists_default_array'; import { FalsePositives, From, @@ -62,7 +61,6 @@ import { ThreatOrUndefined, TypeOrUndefined, ReferencesOrUndefined, - ListAndOrUndefined, PerPageOrUndefined, PageOrUndefined, SortFieldOrUndefined, @@ -80,6 +78,7 @@ import { AlertsClient, PartialAlert } from '../../../../../alerts/server'; import { Alert, SanitizedAlert } from '../../../../../alerts/common'; import { SIGNALS_ID } from '../../../../common/constants'; import { RuleTypeParams, PartialFilter } from '../types'; +import { ListArrayOrUndefined, ListArray } from '../../../../common/detection_engine/schemas/types'; export interface RuleAlertType extends Alert { params: RuleTypeParams; @@ -194,7 +193,7 @@ export interface CreateRulesOptions { references: References; note: NoteOrUndefined; version: Version; - exceptionsList: ListsDefaultArraySchema; + exceptionsList: ListArray; actions: RuleAlertAction[]; } @@ -230,7 +229,7 @@ export interface UpdateRulesOptions { references: References; note: NoteOrUndefined; version: VersionOrUndefined; - exceptionsList: ListsDefaultArraySchema; + exceptionsList: ListArray; actions: RuleAlertAction[]; } @@ -264,7 +263,7 @@ export interface PatchRulesOptions { references: ReferencesOrUndefined; note: NoteOrUndefined; version: VersionOrUndefined; - exceptionsList: ListAndOrUndefined; + exceptionsList: ListArrayOrUndefined; actions: RuleAlertAction[] | undefined; rule: SanitizedAlert | null; } diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/utils.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/utils.ts index d40cb5d96669b..5c620a5df61f8 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/utils.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/utils.ts @@ -31,9 +31,9 @@ import { ThreatOrUndefined, TypeOrUndefined, ReferencesOrUndefined, - ListAndOrUndefined, } from '../../../../common/detection_engine/schemas/common/schemas'; import { PartialFilter } from '../types'; +import { ListArrayOrUndefined } from '../../../../common/detection_engine/schemas/types'; export const calculateInterval = ( interval: string | undefined, @@ -74,7 +74,7 @@ export interface UpdateProperties { references: ReferencesOrUndefined; note: NoteOrUndefined; version: VersionOrUndefined; - exceptionsList: ListAndOrUndefined; + exceptionsList: ListArrayOrUndefined; anomalyThreshold: AnomalyThresholdOrUndefined; } diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/patches/update_list.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/patches/update_list.json index 8d831f3a961d8..6323597fc0946 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/patches/update_list.json +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/patches/update_list.json @@ -2,31 +2,8 @@ "rule_id": "query-with-list", "exceptions_list": [ { - "field": "source.ip", - "values_operator": "excluded", - "values_type": "exists" - }, - { - "field": "host.name", - "values_operator": "included", - "values_type": "match", - "values": [ - { - "name": "rock01" - } - ], - "and": [ - { - "field": "host.id", - "values_operator": "included", - "values_type": "match_all", - "values": [ - { - "name": "123456" - } - ] - } - ] + "id": "some_updated_fake_id", + "namespace_type": "single" } ] } diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_and.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_and.json deleted file mode 100644 index 1575a712e2cba..0000000000000 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_and.json +++ /dev/null @@ -1,35 +0,0 @@ -{ - "name": "List - and", - "description": "Query with a list that includes and. This rule should only produce signals when host.name exists and when both event.module is endgame and event.category is anything other than file", - "rule_id": "query-with-list-and", - "risk_score": 1, - "severity": "high", - "type": "query", - "query": "host.name: *", - "interval": "30s", - "language": "kuery", - "exceptions_list": [ - { - "field": "event.module", - "values_operator": "excluded", - "values_type": "match", - "values": [ - { - "name": "endgame" - } - ], - "and": [ - { - "field": "event.category", - "values_operator": "included", - "values_type": "match", - "values": [ - { - "name": "file" - } - ] - } - ] - } - ] -} diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_excluded.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_excluded.json deleted file mode 100644 index 4e6d9403a276f..0000000000000 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_excluded.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "name": "List - excluded", - "description": "Query with a list of values_operator excluded. This rule should only produce signals when host.name exists and event.module is suricata", - "rule_id": "query-with-list-excluded", - "risk_score": 1, - "severity": "high", - "type": "query", - "query": "host.name: *", - "interval": "30s", - "language": "kuery", - "exceptions_list": [ - { - "field": "event.module", - "values_operator": "excluded", - "values_type": "match", - "values": [ - { - "name": "suricata" - } - ] - } - ] -} diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_exists.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_exists.json deleted file mode 100644 index 97beace37633f..0000000000000 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_exists.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "name": "List - exists", - "description": "Query with a list that includes exists. This rule should only produce signals when host.name exists and event.action does not exist", - "rule_id": "query-with-list-exists", - "risk_score": 1, - "severity": "high", - "type": "query", - "query": "host.name: *", - "interval": "30s", - "language": "kuery", - "exceptions_list": [ - { - "field": "event.action", - "values_operator": "included", - "values_type": "exists" - } - ] -} diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_list.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_list.json deleted file mode 100644 index ad0585b5a2ec5..0000000000000 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_list.json +++ /dev/null @@ -1,54 +0,0 @@ -{ - "name": "Query with a list", - "description": "Query with a list. This rule should only produce signals when either host.name exists and event.module is system and user.name is zeek or gdm OR when host.name exists and event.module is not endgame or zeek or system.", - "rule_id": "query-with-list", - "risk_score": 2, - "severity": "high", - "type": "query", - "query": "host.name: *", - "interval": "30s", - "language": "kuery", - "exceptions_list": [ - { - "field": "event.module", - "values_operator": "excluded", - "values_type": "match", - "values": [ - { - "name": "system" - } - ], - "and": [ - { - "field": "user.name", - "values_operator": "excluded", - "values_type": "match_all", - "values": [ - { - "name": "zeek" - }, - { - "name": "gdm" - } - ] - } - ] - }, - { - "field": "event.module", - "values_operator": "included", - "values_type": "match_all", - "values": [ - { - "name": "endgame" - }, - { - "name": "zeek" - }, - { - "name": "system" - } - ] - } - ] -} diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_list_plugin.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_list_plugin.json deleted file mode 100644 index fa6fe6ac71117..0000000000000 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_list_plugin.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "name": "Query with a list", - "description": "Query with a list only generate signals if source.ip is not in list", - "rule_id": "query-with-list", - "risk_score": 2, - "severity": "high", - "type": "query", - "query": "host.name: *", - "interval": "30s", - "language": "kuery", - "exceptions_list": [ - { - "field": "source.ip", - "values_operator": "excluded", - "values_type": "list", - "values": [ - { - "id": "ci-badguys.txt", - "name": "ip" - } - ] - } - ] -} diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match.json deleted file mode 100644 index 6e6880cc28f24..0000000000000 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "name": "List - match", - "description": "Query with a list that includes match. This rule should only produce signals when host.name exists and event.module is not suricata", - "rule_id": "query-with-list-match", - "risk_score": 1, - "severity": "high", - "type": "query", - "query": "host.name: *", - "interval": "30s", - "language": "kuery", - "exceptions_list": [ - { - "field": "event.module", - "values_operator": "included", - "values_type": "match", - "values": [ - { - "name": "suricata" - } - ] - } - ] -} diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match_all.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match_all.json deleted file mode 100644 index 44cc26ac3315e..0000000000000 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match_all.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "name": "List - match_all", - "description": "Query with a list that includes match_all. This rule should only produce signals when host.name exists and event.module is not suricata or auditd", - "rule_id": "query-with-list-match-all", - "risk_score": 1, - "severity": "high", - "type": "query", - "query": "host.name: *", - "interval": "30s", - "language": "kuery", - "exceptions_list": [ - { - "field": "event.module", - "values_operator": "included", - "values_type": "match_all", - "values": [ - { - "name": "suricata" - }, - { - "name": "auditd" - } - ] - } - ] -} diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_or.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_or.json deleted file mode 100644 index 9c4eda559d5bc..0000000000000 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/lists/query_with_or.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "name": "List - or", - "description": "Query with a list that includes or. This rule should only produce signals when host.name exists and event.module is suricata OR when host.name exists and event.category is file", - "rule_id": "query-with-list-or", - "risk_score": 1, - "severity": "high", - "type": "query", - "query": "host.name: *", - "interval": "30s", - "exceptions_list": [ - { - "field": "event.module", - "values_operator": "excluded", - "values_type": "match", - "values": [ - { - "name": "suricata" - } - ] - }, - { - "field": "event.category", - "values_operator": "excluded", - "values_type": "match", - "values": [ - { - "name": "file" - } - ] - } - ] -} diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/query_with_list.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/query_with_list.json new file mode 100644 index 0000000000000..1cb4c144aa293 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/query_with_list.json @@ -0,0 +1,10 @@ +{ + "name": "Rule w exceptions", + "description": "Sample rule with exception list", + "risk_score": 1, + "severity": "high", + "type": "query", + "query": "host.name: *", + "interval": "30s", + "exceptions_list": [{ "id": "endpoint_list", "namespace_type": "single" }] +} diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/updates/update_list.json b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/updates/update_list.json index df22dff5c046e..f7359d586bd86 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/updates/update_list.json +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/updates/update_list.json @@ -6,33 +6,5 @@ "severity": "high", "type": "query", "query": "user.name: root or user.name: admin", - "exceptions_list": [ - { - "field": "source.ip", - "values_operator": "excluded", - "values_type": "exists" - }, - { - "field": "host.name", - "values_operator": "included", - "values_type": "match", - "values": [ - { - "name": "rock01" - } - ], - "and": [ - { - "field": "host.id", - "values_operator": "included", - "values_type": "match_all", - "values": [ - { - "name": "123456" - } - ] - } - ] - } - ] + "exceptions_list": [{ "id": "some_updated_fake_id", "namespace_type": "single" }] } diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/__mocks__/es_results.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/__mocks__/es_results.ts index 101c998efa242..50f6e7d9e9c10 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/__mocks__/es_results.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/__mocks__/es_results.ts @@ -14,6 +14,7 @@ import { loggingSystemMock } from '../../../../../../../../src/core/server/mocks import { RuleTypeParams } from '../../types'; import { IRuleStatusAttributes } from '../../rules/types'; import { ruleStatusSavedObjectType } from '../../rules/saved_object_mappings'; +import { getListArrayMock } from '../../../../../common/detection_engine/schemas/types/lists.mock'; export const sampleRuleAlertParams = ( maxSignals?: number | undefined, @@ -44,38 +45,7 @@ export const sampleRuleAlertParams = ( meta: undefined, threat: undefined, version: 1, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ], + exceptionsList: getListArrayMock(), }); export const sampleDocNoSortId = (someUuid: string = sampleIdGuid): SignalSourceHit => ({ diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.test.ts index 80c2441193a0c..ad43932818836 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.test.ts @@ -12,6 +12,7 @@ import { } from './__mocks__/es_results'; import { buildBulkBody } from './build_bulk_body'; import { SignalHit } from './types'; +import { getListArrayMock } from '../../../../common/detection_engine/schemas/types/lists.mock'; describe('buildBulkBody', () => { beforeEach(() => { @@ -91,38 +92,7 @@ describe('buildBulkBody', () => { version: 1, created_at: fakeSignalSourceHit.signal.rule?.created_at, updated_at: fakeSignalSourceHit.signal.rule?.updated_at, - exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ], + exceptions_list: getListArrayMock(), }, }, }; @@ -218,38 +188,7 @@ describe('buildBulkBody', () => { updated_at: fakeSignalSourceHit.signal.rule?.updated_at, throttle: 'no_actions', threat: [], - exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ], + exceptions_list: getListArrayMock(), }, }, }; @@ -343,38 +282,7 @@ describe('buildBulkBody', () => { created_at: fakeSignalSourceHit.signal.rule?.created_at, updated_at: fakeSignalSourceHit.signal.rule?.updated_at, throttle: 'no_actions', - exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ], + exceptions_list: getListArrayMock(), }, }, }; @@ -461,38 +369,7 @@ describe('buildBulkBody', () => { updated_at: fakeSignalSourceHit.signal.rule?.updated_at, created_at: fakeSignalSourceHit.signal.rule?.created_at, throttle: 'no_actions', - exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ], + exceptions_list: getListArrayMock(), }, }, }; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_exceptions_query.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_exceptions_query.test.ts index 07adfde71c1a9..ce7cc50e81d67 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_exceptions_query.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_exceptions_query.test.ts @@ -6,16 +6,24 @@ import { buildQueryExceptions, - buildExceptions, + buildExceptionItemEntries, operatorBuilder, buildExists, buildMatch, - buildMatchAll, + buildMatchAny, evaluateValues, formatQuery, getLanguageBooleanOperator, + buildNested, } from './build_exceptions_query'; -import { List } from '../../../../common/detection_engine/schemas/types/lists_default_array'; +import { + EntriesArray, + EntryExists, + EntryMatch, + EntryMatchAny, + EntryNested, +} from '../../../../../lists/common/schemas'; +import { getExceptionListItemSchemaMock } from '../../../../../lists/common/schemas/response/exception_list_item_schema.mock'; describe('build_exceptions_query', () => { describe('getLanguageBooleanOperator', () => { @@ -34,30 +42,30 @@ describe('build_exceptions_query', () => { describe('operatorBuilder', () => { describe('kuery', () => { - test('it returns "not " when operator is "excluded"', () => { - const operator = operatorBuilder({ operator: 'excluded', language: 'kuery' }); + test('it returns "not " when operator is "included"', () => { + const operator = operatorBuilder({ operator: 'included', language: 'kuery' }); - expect(operator).toEqual(' and '); + expect(operator).toEqual('not '); }); - test('it returns empty string when operator is "included"', () => { - const operator = operatorBuilder({ operator: 'included', language: 'kuery' }); + test('it returns empty string when operator is "excluded"', () => { + const operator = operatorBuilder({ operator: 'excluded', language: 'kuery' }); - expect(operator).toEqual(' and not '); + expect(operator).toEqual(''); }); }); describe('lucene', () => { - test('it returns "NOT " when operator is "excluded"', () => { - const operator = operatorBuilder({ operator: 'excluded', language: 'lucene' }); + test('it returns "NOT " when operator is "included"', () => { + const operator = operatorBuilder({ operator: 'included', language: 'lucene' }); - expect(operator).toEqual(' AND '); + expect(operator).toEqual('NOT '); }); - test('it returns empty string when operator is "included"', () => { - const operator = operatorBuilder({ operator: 'included', language: 'lucene' }); + test('it returns empty string when operator is "excluded"', () => { + const operator = operatorBuilder({ operator: 'excluded', language: 'lucene' }); - expect(operator).toEqual(' AND NOT '); + expect(operator).toEqual(''); }); }); }); @@ -65,161 +73,117 @@ describe('build_exceptions_query', () => { describe('buildExists', () => { describe('kuery', () => { test('it returns formatted wildcard string when operator is "excluded"', () => { - const query = buildExists({ operator: 'excluded', field: 'host.name', language: 'kuery' }); + const query = buildExists({ + item: { type: 'exists', operator: 'excluded', field: 'host.name' }, + language: 'kuery', + }); - expect(query).toEqual(' and host.name:*'); + expect(query).toEqual('host.name:*'); }); test('it returns formatted wildcard string when operator is "included"', () => { - const query = buildExists({ operator: 'included', field: 'host.name', language: 'kuery' }); + const query = buildExists({ + item: { type: 'exists', operator: 'included', field: 'host.name' }, + language: 'kuery', + }); - expect(query).toEqual(' and not host.name:*'); + expect(query).toEqual('not host.name:*'); }); }); describe('lucene', () => { test('it returns formatted wildcard string when operator is "excluded"', () => { - const query = buildExists({ operator: 'excluded', field: 'host.name', language: 'lucene' }); + const query = buildExists({ + item: { type: 'exists', operator: 'excluded', field: 'host.name' }, + language: 'lucene', + }); - expect(query).toEqual(' AND _exists_host.name'); + expect(query).toEqual('_exists_host.name'); }); test('it returns formatted wildcard string when operator is "included"', () => { - const query = buildExists({ operator: 'included', field: 'host.name', language: 'lucene' }); + const query = buildExists({ + item: { type: 'exists', operator: 'included', field: 'host.name' }, + language: 'lucene', + }); - expect(query).toEqual(' AND NOT _exists_host.name'); + expect(query).toEqual('NOT _exists_host.name'); }); }); }); describe('buildMatch', () => { describe('kuery', () => { - test('it returns empty string if no items in "values"', () => { - const query = buildMatch({ - operator: 'included', - field: 'host.name', - values: [], - language: 'kuery', - }); - - expect(query).toEqual(''); - }); - test('it returns formatted string when operator is "included"', () => { - const values = [ - { - name: 'suricata', - }, - ]; const query = buildMatch({ - operator: 'included', - field: 'host.name', - values, + item: { + type: 'match', + operator: 'included', + field: 'host.name', + value: 'suricata', + }, language: 'kuery', }); - expect(query).toEqual(' and not host.name:suricata'); + expect(query).toEqual('not host.name:suricata'); }); test('it returns formatted string when operator is "excluded"', () => { - const values = [ - { - name: 'suricata', - }, - ]; const query = buildMatch({ - operator: 'excluded', - field: 'host.name', - values, - language: 'kuery', - }); - - expect(query).toEqual(' and host.name:suricata'); - }); - - // TODO: need to clean up types and maybe restrict values to one if type is 'match' - test('it returns formatted string when "values" includes more than one item', () => { - const values = [ - { - name: 'suricata', - }, - { - name: 'auditd', + item: { + type: 'match', + operator: 'excluded', + field: 'host.name', + value: 'suricata', }, - ]; - const query = buildMatch({ - operator: 'included', - field: 'host.name', - values, language: 'kuery', }); - expect(query).toEqual(' and not host.name:suricata'); + expect(query).toEqual('host.name:suricata'); }); }); describe('lucene', () => { test('it returns formatted string when operator is "included"', () => { - const values = [ - { - name: 'suricata', - }, - ]; const query = buildMatch({ - operator: 'included', - field: 'host.name', - values, + item: { + type: 'match', + operator: 'included', + field: 'host.name', + value: 'suricata', + }, language: 'lucene', }); - expect(query).toEqual(' AND NOT host.name:suricata'); + expect(query).toEqual('NOT host.name:suricata'); }); test('it returns formatted string when operator is "excluded"', () => { - const values = [ - { - name: 'suricata', - }, - ]; const query = buildMatch({ - operator: 'excluded', - field: 'host.name', - values, - language: 'lucene', - }); - - expect(query).toEqual(' AND host.name:suricata'); - }); - - // TODO: need to clean up types and maybe restrict values to one if type is 'match' - test('it returns formatted string when "values" includes more than one item', () => { - const values = [ - { - name: 'suricata', - }, - { - name: 'auditd', + item: { + type: 'match', + operator: 'excluded', + field: 'host.name', + value: 'suricata', }, - ]; - const query = buildMatch({ - operator: 'included', - field: 'host.name', - values, language: 'lucene', }); - expect(query).toEqual(' AND NOT host.name:suricata'); + expect(query).toEqual('host.name:suricata'); }); }); }); - describe('buildMatchAll', () => { + describe('buildMatchAny', () => { describe('kuery', () => { test('it returns empty string if given an empty array for "values"', () => { - const exceptionSegment = buildMatchAll({ - operator: 'included', - field: 'host.name', - values: [], + const exceptionSegment = buildMatchAny({ + item: { + operator: 'included', + field: 'host.name', + value: [], + type: 'match_any', + }, language: 'kuery', }); @@ -227,113 +191,180 @@ describe('build_exceptions_query', () => { }); test('it returns formatted string when "values" includes only one item', () => { - const values = [ - { - name: 'suricata', + const exceptionSegment = buildMatchAny({ + item: { + operator: 'included', + field: 'host.name', + value: ['suricata'], + type: 'match_any', }, - ]; - const exceptionSegment = buildMatchAll({ - operator: 'included', - field: 'host.name', - values, language: 'kuery', }); - expect(exceptionSegment).toEqual(' and not host.name:suricata'); + expect(exceptionSegment).toEqual('not host.name:(suricata)'); }); test('it returns formatted string when operator is "included"', () => { - const values = [ - { - name: 'suricata', - }, - { - name: 'auditd', + const exceptionSegment = buildMatchAny({ + item: { + operator: 'included', + field: 'host.name', + value: ['suricata', 'auditd'], + type: 'match_any', }, - ]; - const exceptionSegment = buildMatchAll({ - operator: 'included', - field: 'host.name', - values, language: 'kuery', }); - expect(exceptionSegment).toEqual(' and not host.name:(suricata or auditd)'); + expect(exceptionSegment).toEqual('not host.name:(suricata or auditd)'); }); test('it returns formatted string when operator is "excluded"', () => { - const values = [ - { - name: 'suricata', - }, - { - name: 'auditd', + const exceptionSegment = buildMatchAny({ + item: { + operator: 'excluded', + field: 'host.name', + value: ['suricata', 'auditd'], + type: 'match_any', }, - ]; - const exceptionSegment = buildMatchAll({ - operator: 'excluded', - field: 'host.name', - values, language: 'kuery', }); - expect(exceptionSegment).toEqual(' and host.name:(suricata or auditd)'); + expect(exceptionSegment).toEqual('host.name:(suricata or auditd)'); }); }); describe('lucene', () => { test('it returns formatted string when operator is "included"', () => { - const values = [ - { - name: 'suricata', - }, - { - name: 'auditd', + const exceptionSegment = buildMatchAny({ + item: { + operator: 'included', + field: 'host.name', + value: ['suricata', 'auditd'], + type: 'match_any', }, - ]; - const exceptionSegment = buildMatchAll({ - operator: 'included', - field: 'host.name', - values, language: 'lucene', }); - expect(exceptionSegment).toEqual(' AND NOT host.name:(suricata OR auditd)'); + expect(exceptionSegment).toEqual('NOT host.name:(suricata OR auditd)'); }); test('it returns formatted string when operator is "excluded"', () => { - const values = [ - { - name: 'suricata', - }, - { - name: 'auditd', + const exceptionSegment = buildMatchAny({ + item: { + operator: 'excluded', + field: 'host.name', + value: ['suricata', 'auditd'], + type: 'match_any', }, - ]; - const exceptionSegment = buildMatchAll({ - operator: 'excluded', - field: 'host.name', - values, language: 'lucene', }); - expect(exceptionSegment).toEqual(' AND host.name:(suricata OR auditd)'); + expect(exceptionSegment).toEqual('host.name:(suricata OR auditd)'); }); test('it returns formatted string when "values" includes only one item', () => { - const values = [ - { - name: 'suricata', + const exceptionSegment = buildMatchAny({ + item: { + operator: 'included', + field: 'host.name', + value: ['suricata'], + type: 'match_any', }, - ]; - const exceptionSegment = buildMatchAll({ - operator: 'included', - field: 'host.name', - values, language: 'lucene', }); - expect(exceptionSegment).toEqual(' AND NOT host.name:suricata'); + expect(exceptionSegment).toEqual('NOT host.name:(suricata)'); + }); + }); + }); + + describe('buildNested', () => { + describe('kuery', () => { + test('it returns formatted query when one item in nested entry', () => { + const item: EntryNested = { + field: 'parent', + type: 'nested', + entries: [ + { + field: 'nestedField', + operator: 'excluded', + type: 'match', + value: 'value-3', + }, + ], + }; + const result = buildNested({ item, language: 'kuery' }); + + expect(result).toEqual('parent:{ nestedField:value-3 }'); + }); + + test('it returns formatted query when multiple items in nested entry', () => { + const item: EntryNested = { + field: 'parent', + type: 'nested', + entries: [ + { + field: 'nestedField', + operator: 'excluded', + type: 'match', + value: 'value-3', + }, + { + field: 'nestedFieldB', + operator: 'excluded', + type: 'match', + value: 'value-4', + }, + ], + }; + const result = buildNested({ item, language: 'kuery' }); + + expect(result).toEqual('parent:{ nestedField:value-3 and nestedFieldB:value-4 }'); + }); + }); + + // TODO: Does lucene support nested query syntax? + describe.skip('lucene', () => { + test('it returns formatted query when one item in nested entry', () => { + const item: EntryNested = { + field: 'parent', + type: 'nested', + entries: [ + { + field: 'nestedField', + operator: 'excluded', + type: 'match', + value: 'value-3', + }, + ], + }; + const result = buildNested({ item, language: 'lucene' }); + + expect(result).toEqual('parent:{ nestedField:value-3 }'); + }); + + test('it returns formatted query when multiple items in nested entry', () => { + const item: EntryNested = { + field: 'parent', + type: 'nested', + entries: [ + { + field: 'nestedField', + operator: 'excluded', + type: 'match', + value: 'value-3', + }, + { + field: 'nestedFieldB', + operator: 'excluded', + type: 'match', + value: 'value-4', + }, + ], + }; + const result = buildNested({ item, language: 'lucene' }); + + expect(result).toEqual('parent:{ nestedField:value-3 AND nestedFieldB:value-4 }'); }); }); }); @@ -341,110 +372,96 @@ describe('build_exceptions_query', () => { describe('evaluateValues', () => { describe('kuery', () => { test('it returns formatted wildcard string when "type" is "exists"', () => { - const list: List = { - values_operator: 'included', - values_type: 'exists', + const list: EntryExists = { + operator: 'included', + type: 'exists', field: 'host.name', }; const result = evaluateValues({ - list, + item: list, language: 'kuery', }); - expect(result).toEqual(' and not host.name:*'); + expect(result).toEqual('not host.name:*'); }); test('it returns formatted string when "type" is "match"', () => { - const list: List = { - values_operator: 'included', - values_type: 'match', + const list: EntryMatch = { + operator: 'included', + type: 'match', field: 'host.name', - values: [{ name: 'suricata' }], + value: 'suricata', }; const result = evaluateValues({ - list, + item: list, language: 'kuery', }); - expect(result).toEqual(' and not host.name:suricata'); + expect(result).toEqual('not host.name:suricata'); }); - test('it returns formatted string when "type" is "match_all"', () => { - const list: List = { - values_operator: 'included', - values_type: 'match_all', + test('it returns formatted string when "type" is "match_any"', () => { + const list: EntryMatchAny = { + operator: 'included', + type: 'match_any', field: 'host.name', - values: [ - { - name: 'suricata', - }, - { - name: 'auditd', - }, - ], + value: ['suricata', 'auditd'], }; const result = evaluateValues({ - list, + item: list, language: 'kuery', }); - expect(result).toEqual(' and not host.name:(suricata or auditd)'); + expect(result).toEqual('not host.name:(suricata or auditd)'); }); }); describe('lucene', () => { describe('kuery', () => { test('it returns formatted wildcard string when "type" is "exists"', () => { - const list: List = { - values_operator: 'included', - values_type: 'exists', + const list: EntryExists = { + operator: 'included', + type: 'exists', field: 'host.name', }; const result = evaluateValues({ - list, + item: list, language: 'lucene', }); - expect(result).toEqual(' AND NOT _exists_host.name'); + expect(result).toEqual('NOT _exists_host.name'); }); test('it returns formatted string when "type" is "match"', () => { - const list: List = { - values_operator: 'included', - values_type: 'match', + const list: EntryMatch = { + operator: 'included', + type: 'match', field: 'host.name', - values: [{ name: 'suricata' }], + value: 'suricata', }; const result = evaluateValues({ - list, + item: list, language: 'lucene', }); - expect(result).toEqual(' AND NOT host.name:suricata'); + expect(result).toEqual('NOT host.name:suricata'); }); - test('it returns formatted string when "type" is "match_all"', () => { - const list: List = { - values_operator: 'included', - values_type: 'match_all', + test('it returns formatted string when "type" is "match_any"', () => { + const list: EntryMatchAny = { + operator: 'included', + type: 'match_any', field: 'host.name', - values: [ - { - name: 'suricata', - }, - { - name: 'auditd', - }, - ], + value: ['suricata', 'auditd'], }; const result = evaluateValues({ - list, + item: list, language: 'lucene', }); - expect(result).toEqual(' AND NOT host.name:(suricata OR auditd)'); + expect(result).toEqual('NOT host.name:(suricata OR auditd)'); }); }); }); @@ -459,7 +476,7 @@ describe('build_exceptions_query', () => { test('it returns expected query string when single exception in array', () => { const formattedQuery = formatQuery({ - exceptions: [' and b:(value-1 or value-2) and not c:*'], + exceptions: ['b:(value-1 or value-2) and not c:*'], query: 'a:*', language: 'kuery', }); @@ -469,7 +486,7 @@ describe('build_exceptions_query', () => { test('it returns expected query string when multiple exceptions in array', () => { const formattedQuery = formatQuery({ - exceptions: [' and b:(value-1 or value-2) and not c:*', ' and not d:*'], + exceptions: ['b:(value-1 or value-2) and not c:*', 'not d:*'], query: 'a:*', language: 'kuery', }); @@ -480,149 +497,70 @@ describe('build_exceptions_query', () => { }); }); - describe('buildExceptions', () => { - test('it returns empty array if empty lists array passed in', () => { - const query = buildExceptions({ - query: 'a:*', + describe('buildExceptionItemEntries', () => { + test('it returns empty string if empty lists array passed in', () => { + const query = buildExceptionItemEntries({ language: 'kuery', lists: [], }); - expect(query).toEqual([]); + expect(query).toEqual(''); }); test('it returns expected query when more than one item in list', () => { // Equal to query && !(b && !c) -> (query AND NOT b) OR (query AND c) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const payload: EntriesArray = [ { field: 'b', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'value-1', - }, - { - name: 'value-2', - }, - ], + operator: 'included', + type: 'match_any', + value: ['value-1', 'value-2'], }, { field: 'c', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'value-3', - }, - ], - }, - ]; - const query = buildExceptions({ - query: 'a:*', - language: 'kuery', - lists, - }); - const expectedQuery = [' and not b:(value-1 or value-2)', ' and c:value-3']; - - expect(query).toEqual(expectedQuery); - }); - - test('it returns expected query when list item includes nested "and" value', () => { - // Equal to query && !(b || !c) -> (query AND NOT b AND c) - // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ - { - field: 'b', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'value-1', - }, - { - name: 'value-2', - }, - ], - and: [ - { - field: 'c', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'value-3', - }, - ], - }, - ], + operator: 'excluded', + type: 'match', + value: 'value-3', }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', - lists, + lists: payload, }); - const expectedQuery = [' and not b:(value-1 or value-2) and c:value-3']; + const expectedQuery = 'not b:(value-1 or value-2) and c:value-3'; expect(query).toEqual(expectedQuery); }); - test('it returns expected query when list item includes nested "and" value of empty array', () => { + test('it returns expected query when list item includes nested value', () => { // Equal to query && !(b || !c) -> (query AND NOT b AND c) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'value-1', - }, - { - name: 'value-2', - }, - ], - and: [], + operator: 'included', + type: 'match_any', + value: ['value-1', 'value-2'], }, - ]; - const query = buildExceptions({ - query: 'a:*', - language: 'kuery', - lists, - }); - const expectedQuery = [' and not b:(value-1 or value-2)']; - - expect(query).toEqual(expectedQuery); - }); - - test('it returns expected query when list item includes nested "and" value of null', () => { - // Equal to query && !(b || !c) -> (query AND NOT b AND c) - // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ { - field: 'b', - values_operator: 'included', - values_type: 'match_all', - values: [ + field: 'parent', + type: 'nested', + entries: [ { - name: 'value-1', - }, - { - name: 'value-2', + field: 'nestedField', + operator: 'excluded', + type: 'match', + value: 'value-3', }, ], - and: undefined, }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [' and not b:(value-1 or value-2)']; + const expectedQuery = 'not b:(value-1 or value-2) and parent:{ nestedField:value-3 }'; expect(query).toEqual(expectedQuery); }); @@ -630,130 +568,112 @@ describe('build_exceptions_query', () => { test('it returns expected query when list includes multiple items and nested "and" values', () => { // Equal to query && !((b || !c) && d) -> (query AND NOT b AND c) OR (query AND NOT d) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'value-1', - }, - { - name: 'value-2', - }, - ], - and: [ + operator: 'included', + type: 'match_any', + value: ['value-1', 'value-2'], + }, + { + field: 'parent', + type: 'nested', + entries: [ { - field: 'c', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'value-3', - }, - ], + field: 'nestedField', + operator: 'excluded', + type: 'match', + value: 'value-3', }, ], }, { field: 'd', - values_operator: 'included', - values_type: 'exists', + operator: 'included', + type: 'exists', }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [' and not b:(value-1 or value-2) and c:value-3', ' and not d:*']; - + const expectedQuery = + 'not b:(value-1 or value-2) and parent:{ nestedField:value-3 } and not d:*'; expect(query).toEqual(expectedQuery); }); test('it returns expected query when language is "lucene"', () => { // Equal to query && !((b || !c) && !d) -> (query AND NOT b AND c) OR (query AND d) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'value-1', - }, - { - name: 'value-2', - }, - ], - and: [ + operator: 'included', + type: 'match_any', + value: ['value-1', 'value-2'], + }, + { + field: 'parent', + type: 'nested', + entries: [ { - field: 'c', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'value-3', - }, - ], + field: 'nestedField', + operator: 'excluded', + type: 'match', + value: 'value-3', }, ], }, { field: 'e', - values_operator: 'excluded', - values_type: 'exists', + operator: 'excluded', + type: 'exists', }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'lucene', lists, }); - const expectedQuery = [' AND NOT b:(value-1 OR value-2) AND c:value-3', ' AND _exists_e']; - + const expectedQuery = + 'NOT b:(value-1 OR value-2) AND parent:{ nestedField:value-3 } AND _exists_e'; expect(query).toEqual(expectedQuery); }); describe('exists', () => { - test('it returns expected query when list includes single list item with values_operator of "included"', () => { + test('it returns expected query when list includes single list item with operator of "included"', () => { // Equal to query && !(b) -> (query AND NOT b) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'included', - values_type: 'exists', + operator: 'included', + type: 'exists', }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [' and not b:*']; + const expectedQuery = 'not b:*'; expect(query).toEqual(expectedQuery); }); - test('it returns expected query when list includes single list item with values_operator of "excluded"', () => { + test('it returns expected query when list includes single list item with operator of "excluded"', () => { // Equal to query && !(!b) -> (query AND b) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'excluded', - values_type: 'exists', + operator: 'excluded', + type: 'exists', }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [' and b:*']; + const expectedQuery = 'b:*'; expect(query).toEqual(expectedQuery); }); @@ -761,26 +681,30 @@ describe('build_exceptions_query', () => { test('it returns expected query when list includes list item with "and" values', () => { // Equal to query && !(!b || !c) -> (query AND b AND c) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'excluded', - values_type: 'exists', - and: [ + operator: 'excluded', + type: 'exists', + }, + { + field: 'parent', + type: 'nested', + entries: [ { field: 'c', - values_operator: 'excluded', - values_type: 'exists', + operator: 'excluded', + type: 'match', + value: 'value-1', }, ], }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [' and b:* and c:*']; + const expectedQuery = 'b:* and parent:{ c:value-1 }'; expect(query).toEqual(expectedQuery); }); @@ -788,88 +712,83 @@ describe('build_exceptions_query', () => { test('it returns expected query when list includes multiple items', () => { // Equal to query && !((b || !c || d) && e) -> (query AND NOT b AND c AND NOT d) OR (query AND NOT e) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'included', - values_type: 'exists', - and: [ + operator: 'included', + type: 'exists', + }, + { + field: 'parent', + type: 'nested', + entries: [ { field: 'c', - values_operator: 'excluded', - values_type: 'exists', + operator: 'excluded', + type: 'match', + value: 'value-1', }, { field: 'd', - values_operator: 'included', - values_type: 'exists', + operator: 'included', + type: 'match', + value: 'value-2', }, ], }, { field: 'e', - values_operator: 'included', - values_type: 'exists', + operator: 'included', + type: 'exists', }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [' and not b:* and c:* and not d:*', ' and not e:*']; + const expectedQuery = 'not b:* and parent:{ c:value-1 and d:value-2 } and not e:*'; expect(query).toEqual(expectedQuery); }); }); describe('match', () => { - test('it returns expected query when list includes single list item with values_operator of "included"', () => { + test('it returns expected query when list includes single list item with operator of "included"', () => { // Equal to query && !(b) -> (query AND NOT b) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'included', - values_type: 'match', - values: [ - { - name: 'value', - }, - ], + operator: 'included', + type: 'match', + value: 'value', }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [' and not b:value']; + const expectedQuery = 'not b:value'; expect(query).toEqual(expectedQuery); }); - test('it returns expected query when list includes single list item with values_operator of "excluded"', () => { + test('it returns expected query when list includes single list item with operator of "excluded"', () => { // Equal to query && !(!b) -> (query AND b) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'value', - }, - ], + operator: 'excluded', + type: 'match', + value: 'value', }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [' and b:value']; + const expectedQuery = 'b:value'; expect(query).toEqual(expectedQuery); }); @@ -877,36 +796,31 @@ describe('build_exceptions_query', () => { test('it returns expected query when list includes list item with "and" values', () => { // Equal to query && !(!b || !c) -> (query AND b AND c) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'value', - }, - ], - and: [ + operator: 'excluded', + type: 'match', + value: 'value', + }, + { + field: 'parent', + type: 'nested', + entries: [ { field: 'c', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'valueC', - }, - ], + operator: 'excluded', + type: 'match', + value: 'valueC', }, ], }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [' and b:value and c:valueC']; + const expectedQuery = 'b:value and parent:{ c:valueC }'; expect(query).toEqual(expectedQuery); }); @@ -914,160 +828,117 @@ describe('build_exceptions_query', () => { test('it returns expected query when list includes multiple items', () => { // Equal to query && !((b || !c || d) && e) -> (query AND NOT b AND c AND NOT d) OR (query AND NOT e) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'included', - values_type: 'match', - values: [ - { - name: 'value', - }, - ], - and: [ + operator: 'included', + type: 'match', + value: 'value', + }, + { + field: 'parent', + type: 'nested', + entries: [ { field: 'c', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'valueC', - }, - ], + operator: 'excluded', + type: 'match', + value: 'valueC', }, { field: 'd', - values_operator: 'included', - values_type: 'match', - values: [ - { - name: 'valueC', - }, - ], + operator: 'excluded', + type: 'match', + value: 'valueC', }, ], }, { field: 'e', - values_operator: 'included', - values_type: 'match', - values: [ - { - name: 'valueC', - }, - ], + operator: 'included', + type: 'match', + value: 'valueC', }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [ - ' and not b:value and c:valueC and not d:valueC', - ' and not e:valueC', - ]; + const expectedQuery = 'not b:value and parent:{ c:valueC and d:valueC } and not e:valueC'; expect(query).toEqual(expectedQuery); }); }); - describe('match_all', () => { - test('it returns expected query when list includes single list item with values_operator of "included"', () => { + describe('match_any', () => { + test('it returns expected query when list includes single list item with operator of "included"', () => { // Equal to query && !(b) -> (query AND NOT b) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'value', - }, - { - name: 'value-1', - }, - ], + operator: 'included', + type: 'match_any', + value: ['value', 'value-1'], }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [' and not b:(value or value-1)']; + const expectedQuery = 'not b:(value or value-1)'; expect(query).toEqual(expectedQuery); }); - test('it returns expected query when list includes single list item with values_operator of "excluded"', () => { + test('it returns expected query when list includes single list item with operator of "excluded"', () => { // Equal to query && !(!b) -> (query AND b) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'excluded', - values_type: 'match_all', - values: [ - { - name: 'value', - }, - { - name: 'value-1', - }, - ], + operator: 'excluded', + type: 'match_any', + value: ['value', 'value-1'], }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [' and b:(value or value-1)']; + const expectedQuery = 'b:(value or value-1)'; expect(query).toEqual(expectedQuery); }); - test('it returns expected query when list includes list item with "and" values', () => { + test('it returns expected query when list includes list item with nested values', () => { // Equal to query && !(!b || c) -> (query AND b AND NOT c) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'excluded', - values_type: 'match_all', - values: [ - { - name: 'value', - }, - { - name: 'value-1', - }, - ], - and: [ + operator: 'excluded', + type: 'match_any', + value: ['value', 'value-1'], + }, + { + field: 'parent', + type: 'nested', + entries: [ { field: 'c', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'valueC', - }, - { - name: 'value-2', - }, - ], + operator: 'excluded', + type: 'match', + value: 'valueC', }, ], }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [' and b:(value or value-1) and not c:(valueC or value-2)']; + const expectedQuery = 'b:(value or value-1) and parent:{ c:valueC }'; expect(query).toEqual(expectedQuery); }); @@ -1075,71 +946,25 @@ describe('build_exceptions_query', () => { test('it returns expected query when list includes multiple items', () => { // Equal to query && !((b || !c || d) && e) -> ((query AND NOT b AND c AND NOT d) OR (query AND NOT e) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const lists: EntriesArray = [ { field: 'b', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'value', - }, - { - name: 'value-1', - }, - ], - and: [ - { - field: 'c', - values_operator: 'excluded', - values_type: 'match_all', - values: [ - { - name: 'valueC', - }, - { - name: 'value-2', - }, - ], - }, - { - field: 'd', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'valueD', - }, - { - name: 'value-3', - }, - ], - }, - ], + operator: 'included', + type: 'match_any', + value: ['value', 'value-1'], }, { field: 'e', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'valueE', - }, - { - name: 'value-4', - }, - ], + operator: 'included', + type: 'match_any', + value: ['valueE', 'value-4'], }, ]; - const query = buildExceptions({ - query: 'a:*', + const query = buildExceptionItemEntries({ language: 'kuery', lists, }); - const expectedQuery = [ - ' and not b:(value or value-1) and c:(valueC or value-2) and not d:(valueD or value-3)', - ' and not e:(valueE or value-4)', - ]; + const expectedQuery = 'not b:(value or value-1) and not e:(valueE or value-4)'; expect(query).toEqual(expectedQuery); }); @@ -1157,65 +982,47 @@ describe('build_exceptions_query', () => { test('it returns expected query when lists exist and language is "kuery"', () => { // Equal to query && !((b || !c || d) && e) -> ((query AND NOT b AND c AND NOT d) OR (query AND NOT e) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const payload = getExceptionListItemSchemaMock(); + const payload2 = getExceptionListItemSchemaMock(); + payload2.entries = [ { field: 'b', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'value', - }, - { - name: 'value-1', - }, - ], - and: [ + operator: 'included', + type: 'match_any', + value: ['value', 'value-1'], + }, + { + field: 'parent', + type: 'nested', + entries: [ { field: 'c', - values_operator: 'excluded', - values_type: 'match_all', - values: [ - { - name: 'valueC', - }, - { - name: 'value-2', - }, - ], + operator: 'excluded', + type: 'match', + value: 'valueC', }, { field: 'd', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'valueD', - }, - { - name: 'value-3', - }, - ], + operator: 'excluded', + type: 'match', + value: 'valueD', }, ], }, { field: 'e', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'valueE', - }, - { - name: 'value-4', - }, - ], + operator: 'included', + type: 'match_any', + value: ['valueE', 'value-4'], }, ]; - const query = buildQueryExceptions({ query: 'a:*', language: 'kuery', lists }); + const query = buildQueryExceptions({ + query: 'a:*', + language: 'kuery', + lists: [payload, payload2], + }); const expectedQuery = - '(a:* and not b:(value or value-1) and c:(valueC or value-2) and not d:(valueD or value-3)) or (a:* and not e:(valueE or value-4))'; + '(a:* and some.parentField:{ nested.field:some value } and not some.not.nested.field:some value) or (a:* and not b:(value or value-1) and parent:{ c:valueC and d:valueD } and not e:(valueE or value-4))'; expect(query).toEqual([{ query: expectedQuery, language: 'kuery' }]); }); @@ -1223,65 +1030,47 @@ describe('build_exceptions_query', () => { test('it returns expected query when lists exist and language is "lucene"', () => { // Equal to query && !((b || !c || d) && e) -> ((query AND NOT b AND c AND NOT d) OR (query AND NOT e) // https://www.dcode.fr/boolean-expressions-calculator - const lists: List[] = [ + const payload = getExceptionListItemSchemaMock(); + const payload2 = getExceptionListItemSchemaMock(); + payload2.entries = [ { field: 'b', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'value', - }, - { - name: 'value-1', - }, - ], - and: [ + operator: 'included', + type: 'match_any', + value: ['value', 'value-1'], + }, + { + field: 'parent', + type: 'nested', + entries: [ { field: 'c', - values_operator: 'excluded', - values_type: 'match_all', - values: [ - { - name: 'valueC', - }, - { - name: 'value-2', - }, - ], + operator: 'excluded', + type: 'match', + value: 'valueC', }, { field: 'd', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'valueD', - }, - { - name: 'value-3', - }, - ], + operator: 'excluded', + type: 'match', + value: 'valueD', }, ], }, { field: 'e', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: 'valueE', - }, - { - name: 'value-4', - }, - ], + operator: 'included', + type: 'match_any', + value: ['valueE', 'value-4'], }, ]; - const query = buildQueryExceptions({ query: 'a:*', language: 'lucene', lists }); + const query = buildQueryExceptions({ + query: 'a:*', + language: 'lucene', + lists: [payload, payload2], + }); const expectedQuery = - '(a:* AND NOT b:(value OR value-1) AND c:(valueC OR value-2) AND NOT d:(valueD OR value-3)) OR (a:* AND NOT e:(valueE OR value-4))'; + '(a:* AND some.parentField:{ nested.field:some value } AND NOT some.not.nested.field:some value) OR (a:* AND NOT b:(value OR value-1) AND parent:{ c:valueC AND d:valueD } AND NOT e:(valueE OR value-4))'; expect(query).toEqual([{ query: expectedQuery, language: 'lucene' }]); }); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_exceptions_query.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_exceptions_query.ts index 233b20792299b..ba0d9dec7d1b0 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_exceptions_query.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_exceptions_query.ts @@ -3,17 +3,23 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { - ListAndOrUndefined, - Language, - Query, -} from '../../../../common/detection_engine/schemas/common/schemas'; -import { - ListOperator, - ListValues, - List, -} from '../../../../common/detection_engine/schemas/types/lists_default_array'; +import { Language, Query } from '../../../../common/detection_engine/schemas/common/schemas'; import { Query as DataQuery } from '../../../../../../../src/plugins/data/server'; +import { + Entry, + ExceptionListItemSchema, + EntryMatch, + EntryMatchAny, + EntryNested, + EntryExists, + EntriesArray, + Operator, + entriesMatchAny, + entriesExists, + entriesMatch, + entriesNested, + entriesList, +} from '../../../../../lists/common/schemas'; type Operators = 'and' | 'or' | 'not'; type LuceneOperators = 'AND' | 'OR' | 'NOT'; @@ -41,37 +47,30 @@ export const operatorBuilder = ({ operator, language, }: { - operator: ListOperator; + operator: Operator; language: Language; }): string => { - const and = getLanguageBooleanOperator({ - language, - value: 'and', - }); - const or = getLanguageBooleanOperator({ + const not = getLanguageBooleanOperator({ language, value: 'not', }); switch (operator) { - case 'excluded': - return ` ${and} `; case 'included': - return ` ${and} ${or} `; + return `${not} `; default: return ''; } }; export const buildExists = ({ - operator, - field, + item, language, }: { - operator: ListOperator; - field: string; + item: EntryExists; language: Language; }): string => { + const { operator, field } = item; const exceptionOperator = operatorBuilder({ operator, language }); switch (language) { @@ -85,64 +84,70 @@ export const buildExists = ({ }; export const buildMatch = ({ - operator, - field, - values, + item, language, }: { - operator: ListOperator; - field: string; - values: ListValues[]; + item: EntryMatch; language: Language; }): string => { - if (values.length > 0) { - const exceptionOperator = operatorBuilder({ operator, language }); - const [exception] = values; + const { value, operator, field } = item; + const exceptionOperator = operatorBuilder({ operator, language }); - return `${exceptionOperator}${field}:${exception.name}`; - } else { - return ''; - } + return `${exceptionOperator}${field}:${value}`; }; -export const buildMatchAll = ({ - operator, - field, - values, +export const buildMatchAny = ({ + item, language, }: { - operator: ListOperator; - field: string; - values: ListValues[]; + item: EntryMatchAny; language: Language; }): string => { - switch (values.length) { + const { value, operator, field } = item; + + switch (value.length) { case 0: return ''; - case 1: - return buildMatch({ operator, field, values, language }); default: const or = getLanguageBooleanOperator({ language, value: 'or' }); const exceptionOperator = operatorBuilder({ operator, language }); - const matchAllValues = values.map((value) => { - return value.name; - }); + const matchAnyValues = value.map((v) => v); - return `${exceptionOperator}${field}:(${matchAllValues.join(` ${or} `)})`; + return `${exceptionOperator}${field}:(${matchAnyValues.join(` ${or} `)})`; } }; -export const evaluateValues = ({ list, language }: { list: List; language: Language }): string => { - const { values_operator: operator, values_type: type, field, values } = list; - switch (type) { - case 'exists': - return buildExists({ operator, field, language }); - case 'match': - return buildMatch({ operator, field, values: values ?? [], language }); - case 'match_all': - return buildMatchAll({ operator, field, values: values ?? [], language }); - default: - return ''; +export const buildNested = ({ + item, + language, +}: { + item: EntryNested; + language: Language; +}): string => { + const { field, entries } = item; + const and = getLanguageBooleanOperator({ language, value: 'and' }); + const values = entries.map((entry) => `${entry.field}:${entry.value}`); + + return `${field}:{ ${values.join(` ${and} `)} }`; +}; + +export const evaluateValues = ({ + item, + language, +}: { + item: Entry | EntryNested; + language: Language; +}): string => { + if (entriesExists.is(item)) { + return buildExists({ item, language }); + } else if (entriesMatch.is(item)) { + return buildMatch({ item, language }); + } else if (entriesMatchAny.is(item)) { + return buildMatchAny({ item, language }); + } else if (entriesNested.is(item)) { + return buildNested({ item, language }); + } else { + return ''; } }; @@ -157,8 +162,9 @@ export const formatQuery = ({ }): string => { if (exceptions.length > 0) { const or = getLanguageBooleanOperator({ language, value: 'or' }); + const and = getLanguageBooleanOperator({ language, value: 'and' }); const formattedExceptions = exceptions.map((exception) => { - return `(${query}${exception})`; + return `(${query} ${and} ${exception})`; }); return formattedExceptions.join(` ${or} `); @@ -167,23 +173,22 @@ export const formatQuery = ({ } }; -export const buildExceptions = ({ - query, +export const buildExceptionItemEntries = ({ lists, language, }: { - query: string; - lists: List[]; + lists: EntriesArray; language: Language; -}): string[] => { - return lists.reduce((accum, listItem) => { - const { and, ...exceptionDetails } = { ...listItem }; - const andExceptionsSegments = and ? buildExceptions({ query, lists: and, language }) : []; - const exceptionSegment = evaluateValues({ list: exceptionDetails, language }); - const exception = [...exceptionSegment, ...andExceptionsSegments]; - - return [...accum, exception.join('')]; - }, []); +}): string => { + const and = getLanguageBooleanOperator({ language, value: 'and' }); + const exceptionItem = lists + .filter((t) => !entriesList.is(t)) + .reduce((accum, listItem) => { + const exceptionSegment = evaluateValues({ item: listItem, language }); + return [...accum, exceptionSegment]; + }, []); + + return exceptionItem.join(` ${and} `); }; export const buildQueryExceptions = ({ @@ -193,12 +198,13 @@ export const buildQueryExceptions = ({ }: { query: Query; language: Language; - lists: ListAndOrUndefined; + lists: ExceptionListItemSchema[] | undefined; }): DataQuery[] => { if (lists && lists !== null) { - const exceptions = buildExceptions({ lists, language, query }); + const exceptions = lists.map((exceptionItem) => + buildExceptionItemEntries({ lists: exceptionItem.entries, language }) + ); const formattedQuery = formatQuery({ exceptions, language, query }); - return [ { query: formattedQuery, diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.test.ts index eb87976a6fbab..9aef5a370b86a 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.test.ts @@ -7,6 +7,7 @@ import { buildRule } from './build_rule'; import { sampleRuleAlertParams, sampleRuleGuid } from './__mocks__/es_results'; import { RulesSchema } from '../../../../common/detection_engine/schemas/response/rules_schema'; +import { getListArrayMock } from '../../../../common/detection_engine/schemas/types/lists.mock'; describe('buildRule', () => { beforeEach(() => { @@ -80,38 +81,7 @@ describe('buildRule', () => { query: 'host.name: Braden', }, ], - exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ], + exceptions_list: getListArrayMock(), version: 1, }; expect(rule).toEqual(expected); @@ -164,38 +134,7 @@ describe('buildRule', () => { updated_at: rule.updated_at, created_at: rule.created_at, throttle: 'no_actions', - exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ], + exceptions_list: getListArrayMock(), }; expect(rule).toEqual(expected); }); @@ -247,38 +186,7 @@ describe('buildRule', () => { updated_at: rule.updated_at, created_at: rule.created_at, throttle: 'no_actions', - exceptions_list: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'exists', - }, - { - field: 'host.name', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'rock01', - }, - ], - and: [ - { - field: 'host.id', - values_operator: 'included', - values_type: 'match_all', - values: [ - { - name: '123', - }, - { - name: '678', - }, - ], - }, - ], - }, - ], + exceptions_list: getListArrayMock(), }; expect(rule).toEqual(expected); }); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/filter_events_with_list.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/filter_events_with_list.test.ts index 4e9eb8587484f..bb56926390af9 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/filter_events_with_list.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/filter_events_with_list.test.ts @@ -8,6 +8,7 @@ import uuid from 'uuid'; import { filterEventsAgainstList } from './filter_events_with_list'; import { mockLogger, repeatedSearchResultsWithSortId } from './__mocks__/es_results'; +import { getExceptionListItemSchemaMock } from '../../../../../lists/common/schemas/response/exception_list_item_schema.mock'; import { getListItemResponseMock } from '../../../../../lists/common/schemas/response/list_item_schema.mock'; import { listMock } from '../../../../../lists/server/mocks'; @@ -36,92 +37,42 @@ describe('filterEventsAgainstList', () => { expect(res.hits.hits.length).toEqual(4); }); - it('should throw an error if malformed exception list present', async () => { - let message = ''; - try { - await filterEventsAgainstList({ - logger: mockLogger, - listClient, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'excluded', - values_type: 'list', - values: undefined, + describe('operator_type is included', () => { + it('should respond with same list if no items match value list', async () => { + const exceptionItem = getExceptionListItemSchemaMock(); + exceptionItem.entries = [ + { + field: 'source.ip', + operator: 'included', + type: 'list', + list: { + id: 'ci-badguys.txt', + type: 'ip', }, - ], - eventSearchResult: repeatedSearchResultsWithSortId(4, 4, someGuids.slice(0, 3), [ - '1.1.1.1', - '2.2.2.2', - '3.3.3.3', - '7.7.7.7', - ]), - }); - } catch (exc) { - message = exc.message; - } - expect(message).toEqual( - 'Failed to query lists index. Reason: Malformed exception list provided' - ); - }); + }, + ]; - it('should throw an error if unsupported exception type', async () => { - let message = ''; - try { - await filterEventsAgainstList({ - logger: mockLogger, - listClient, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'excluded', - values_type: 'list', - values: [ - { - id: 'ci-badguys.txt', - name: 'unsupportedListPluginType', - }, - ], - }, - ], - eventSearchResult: repeatedSearchResultsWithSortId(4, 4, someGuids.slice(0, 3), [ - '1.1.1.1', - '2.2.2.2', - '3.3.3.3', - '7.7.7.7', - ]), - }); - } catch (exc) { - message = exc.message; - } - expect(message).toEqual( - 'Failed to query lists index. Reason: Unsupported list type used, please use one of ip,keyword' - ); - }); - - describe('operator_type is includes', () => { - it('should respond with same list if no items match value list', async () => { const res = await filterEventsAgainstList({ logger: mockLogger, listClient, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'list', - values: [ - { - id: 'ci-badguys.txt', - name: 'ip', - }, - ], - }, - ], + exceptionsList: [exceptionItem], eventSearchResult: repeatedSearchResultsWithSortId(4, 4, someGuids.slice(0, 3)), }); expect(res.hits.hits.length).toEqual(4); }); it('should respond with less items in the list if some values match', async () => { + const exceptionItem = getExceptionListItemSchemaMock(); + exceptionItem.entries = [ + { + field: 'source.ip', + operator: 'included', + type: 'list', + list: { + id: 'ci-badguys.txt', + type: 'ip', + }, + }, + ]; listClient.getListItemByValues = jest.fn(({ value }) => Promise.resolve( value.slice(0, 2).map((item) => ({ @@ -133,19 +84,7 @@ describe('filterEventsAgainstList', () => { const res = await filterEventsAgainstList({ logger: mockLogger, listClient, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'list', - values: [ - { - id: 'ci-badguys.txt', - name: 'ip', - }, - ], - }, - ], + exceptionsList: [exceptionItem], eventSearchResult: repeatedSearchResultsWithSortId(4, 4, someGuids.slice(0, 3), [ '1.1.1.1', '2.2.2.2', @@ -162,27 +101,39 @@ describe('filterEventsAgainstList', () => { }); describe('operator type is excluded', () => { it('should respond with empty list if no items match value list', async () => { + const exceptionItem = getExceptionListItemSchemaMock(); + exceptionItem.entries = [ + { + field: 'source.ip', + operator: 'excluded', + type: 'list', + list: { + id: 'ci-badguys.txt', + type: 'ip', + }, + }, + ]; const res = await filterEventsAgainstList({ logger: mockLogger, listClient, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'excluded', - values_type: 'list', - values: [ - { - id: 'ci-badguys.txt', - name: 'ip', - }, - ], - }, - ], + exceptionsList: [exceptionItem], eventSearchResult: repeatedSearchResultsWithSortId(4, 4, someGuids.slice(0, 3)), }); expect(res.hits.hits.length).toEqual(0); }); it('should respond with less items in the list if some values match', async () => { + const exceptionItem = getExceptionListItemSchemaMock(); + exceptionItem.entries = [ + { + field: 'source.ip', + operator: 'excluded', + type: 'list', + list: { + id: 'ci-badguys.txt', + type: 'ip', + }, + }, + ]; listClient.getListItemByValues = jest.fn(({ value }) => Promise.resolve( value.slice(0, 2).map((item) => ({ @@ -194,19 +145,7 @@ describe('filterEventsAgainstList', () => { const res = await filterEventsAgainstList({ logger: mockLogger, listClient, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'excluded', - values_type: 'list', - values: [ - { - id: 'ci-badguys.txt', - name: 'ip', - }, - ], - }, - ], + exceptionsList: [exceptionItem], eventSearchResult: repeatedSearchResultsWithSortId(4, 4, someGuids.slice(0, 3), [ '1.1.1.1', '2.2.2.2', diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/filter_events_with_list.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/filter_events_with_list.ts index 48b120d1b5806..1a2f648eb8562 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/filter_events_with_list.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/filter_events_with_list.ts @@ -6,15 +6,17 @@ import { get } from 'lodash/fp'; import { Logger } from 'src/core/server'; -import { ListAndOrUndefined } from '../../../../common/detection_engine/schemas/common/schemas'; -import { List } from '../../../../common/detection_engine/schemas/types/lists_default_array'; -import { type } from '../../../../../lists/common/schemas/common'; import { ListClient } from '../../../../../lists/server'; import { SignalSearchResponse, SearchTypes } from './types'; +import { + entriesList, + EntryList, + ExceptionListItemSchema, +} from '../../../../../lists/common/schemas'; interface FilterEventsAgainstList { listClient: ListClient; - exceptionsList: ListAndOrUndefined; + exceptionsList: ExceptionListItemSchema[]; logger: Logger; eventSearchResult: SignalSearchResponse; } @@ -34,63 +36,63 @@ export const filterEventsAgainstList = async ({ const isStringableType = (val: SearchTypes) => ['string', 'number', 'boolean'].includes(typeof val); // grab the signals with values found in the given exception lists. - const filteredHitsPromises = exceptionsList - .filter((exceptionItem: List) => exceptionItem.values_type === 'list') - .map(async (exceptionItem: List) => { - if (exceptionItem.values == null || exceptionItem.values.length === 0) { - throw new Error('Malformed exception list provided'); - } - if (!type.is(exceptionItem.values[0].name)) { - throw new Error( - `Unsupported list type used, please use one of ${Object.keys(type.keys).join()}` - ); - } - if (!exceptionItem.values[0].id) { - throw new Error(`Missing list id for exception on field ${exceptionItem.field}`); - } - // acquire the list values we are checking for. - const valuesOfGivenType = eventSearchResult.hits.hits.reduce((acc, searchResultItem) => { - const valueField = get(exceptionItem.field, searchResultItem._source); - if (valueField != null && isStringableType(valueField)) { - acc.add(valueField.toString()); - } - return acc; - }, new Set()); + const filteredHitsPromises = exceptionsList.map( + async (exceptionItem: ExceptionListItemSchema) => { + const { entries } = exceptionItem; - // matched will contain any list items that matched with the - // values passed in from the Set. - const matchedListItems = await listClient.getListItemByValues({ - listId: exceptionItem.values[0].id, - type: exceptionItem.values[0].name, - value: [...valuesOfGivenType], - }); + const filteredHitsEntries = entries + .filter((t): t is EntryList => entriesList.is(t)) + .map(async (entry) => { + // acquire the list values we are checking for. + const valuesOfGivenType = eventSearchResult.hits.hits.reduce( + (acc, searchResultItem) => { + const valueField = get(entry.field, searchResultItem._source); + if (valueField != null && isStringableType(valueField)) { + acc.add(valueField.toString()); + } + return acc; + }, + new Set() + ); - // create a set of list values that were a hit - easier to work with - const matchedListItemsSet = new Set( - matchedListItems.map((item) => item.value) - ); + // matched will contain any list items that matched with the + // values passed in from the Set. + const matchedListItems = await listClient.getListItemByValues({ + listId: entry.list.id, + type: entry.list.type, + value: [...valuesOfGivenType], + }); - // do a single search after with these values. - // painless script to do nested query in elasticsearch - // filter out the search results that match with the values found in the list. - const operator = exceptionItem.values_operator; - const filteredEvents = eventSearchResult.hits.hits.filter((item) => { - const eventItem = get(exceptionItem.field, item._source); - if (operator === 'included') { - if (eventItem != null) { - return !matchedListItemsSet.has(eventItem); - } - } else if (operator === 'excluded') { - if (eventItem != null) { - return matchedListItemsSet.has(eventItem); - } - } - return false; - }); - const diff = eventSearchResult.hits.hits.length - filteredEvents.length; - logger.debug(`Lists filtered out ${diff} events`); - return filteredEvents; - }); + // create a set of list values that were a hit - easier to work with + const matchedListItemsSet = new Set( + matchedListItems.map((item) => item.value) + ); + + // do a single search after with these values. + // painless script to do nested query in elasticsearch + // filter out the search results that match with the values found in the list. + const operator = entry.operator; + const filteredEvents = eventSearchResult.hits.hits.filter((item) => { + const eventItem = get(entry.field, item._source); + if (operator === 'included') { + if (eventItem != null) { + return !matchedListItemsSet.has(eventItem); + } + } else if (operator === 'excluded') { + if (eventItem != null) { + return matchedListItemsSet.has(eventItem); + } + } + return false; + }); + const diff = eventSearchResult.hits.hits.length - filteredEvents.length; + logger.debug(`Lists filtered out ${diff} events`); + return filteredEvents; + }); + + return (await Promise.all(filteredHitsEntries)).flat(); + } + ); const filteredHits = await Promise.all(filteredHitsPromises); const toReturn: SignalSearchResponse = { diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/get_filter.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/get_filter.test.ts index 61cd9cfedd94f..9b3a446bc666d 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/get_filter.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/get_filter.test.ts @@ -7,6 +7,7 @@ import { getQueryFilter, getFilter } from './get_filter'; import { PartialFilter } from '../types'; import { alertsMock, AlertServicesMock } from '../../../../../alerts/server/mocks'; +import { getExceptionListItemSchemaMock } from '../../../../../lists/common/schemas/response/exception_list_item_schema.mock'; describe('get_filter', () => { let servicesMock: AlertServicesMock; @@ -381,18 +382,7 @@ describe('get_filter', () => { 'kuery', [], ['auditbeat-*'], - [ - { - field: 'event.module', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'suricata', - }, - ], - }, - ] + [getExceptionListItemSchemaMock()] ); expect(esQuery).toEqual({ bool: { @@ -414,11 +404,39 @@ describe('get_filter', () => { }, { bool: { - minimum_should_match: 1, - should: [ + filter: [ { - match: { - 'event.module': 'suricata', + nested: { + path: 'some.parentField', + query: { + bool: { + minimum_should_match: 1, + should: [ + { + match: { + 'some.parentField.nested.field': 'some value', + }, + }, + ], + }, + }, + score_mode: 'none', + }, + }, + { + bool: { + must_not: { + bool: { + minimum_should_match: 1, + should: [ + { + match: { + 'some.not.nested.field': 'some value', + }, + }, + ], + }, + }, }, }, ], @@ -450,7 +468,7 @@ describe('get_filter', () => { }); test('it should work when lists has value undefined', () => { - const esQuery = getQueryFilter('host.name: linux', 'kuery', [], ['auditbeat-*'], undefined); + const esQuery = getQueryFilter('host.name: linux', 'kuery', [], ['auditbeat-*'], []); expect(esQuery).toEqual({ bool: { filter: [ @@ -529,7 +547,7 @@ describe('get_filter', () => { savedId: undefined, services: servicesMock, index: ['auditbeat-*'], - lists: undefined, + lists: [], }); expect(filter).toEqual({ bool: { @@ -564,7 +582,7 @@ describe('get_filter', () => { savedId: undefined, services: servicesMock, index: ['auditbeat-*'], - lists: undefined, + lists: [], }) ).rejects.toThrow('query, filters, and index parameter should be defined'); }); @@ -579,7 +597,7 @@ describe('get_filter', () => { savedId: undefined, services: servicesMock, index: ['auditbeat-*'], - lists: undefined, + lists: [], }) ).rejects.toThrow('query, filters, and index parameter should be defined'); }); @@ -594,7 +612,7 @@ describe('get_filter', () => { savedId: undefined, services: servicesMock, index: undefined, - lists: undefined, + lists: [], }) ).rejects.toThrow('query, filters, and index parameter should be defined'); }); @@ -608,7 +626,7 @@ describe('get_filter', () => { savedId: 'some-id', services: servicesMock, index: ['auditbeat-*'], - lists: undefined, + lists: [], }); expect(filter).toEqual({ bool: { @@ -632,7 +650,7 @@ describe('get_filter', () => { savedId: undefined, services: servicesMock, index: ['auditbeat-*'], - lists: undefined, + lists: [], }) ).rejects.toThrow('savedId parameter should be defined'); }); @@ -647,7 +665,7 @@ describe('get_filter', () => { savedId: 'some-id', services: servicesMock, index: undefined, - lists: undefined, + lists: [], }) ).rejects.toThrow('savedId parameter should be defined'); }); @@ -662,7 +680,7 @@ describe('get_filter', () => { savedId: 'some-id', services: servicesMock, index: undefined, - lists: undefined, + lists: [], }) ).rejects.toThrow('Unsupported Rule of type "machine_learning" supplied to getFilter'); }); @@ -812,18 +830,7 @@ describe('get_filter', () => { savedId: undefined, services: servicesMock, index: ['auditbeat-*'], - lists: [ - { - field: 'event.module', - values_operator: 'excluded', - values_type: 'match', - values: [ - { - name: 'suricata', - }, - ], - }, - ], + lists: [getExceptionListItemSchemaMock()], }); expect(filter).toEqual({ bool: { @@ -845,11 +852,39 @@ describe('get_filter', () => { }, { bool: { - minimum_should_match: 1, - should: [ + filter: [ { - match: { - 'event.module': 'suricata', + nested: { + path: 'some.parentField', + query: { + bool: { + minimum_should_match: 1, + should: [ + { + match: { + 'some.parentField.nested.field': 'some value', + }, + }, + ], + }, + }, + score_mode: 'none', + }, + }, + { + bool: { + must_not: { + bool: { + minimum_should_match: 1, + should: [ + { + match: { + 'some.not.nested.field': 'some value', + }, + }, + ], + }, + }, }, }, ], diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/get_filter.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/get_filter.ts index 3e9f79c67d8ca..50ce01aaa6f74 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/get_filter.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/get_filter.ts @@ -10,11 +10,11 @@ import { Type, SavedIdOrUndefined, IndexOrUndefined, - ListAndOrUndefined, Language, Index, Query, } from '../../../../common/detection_engine/schemas/common/schemas'; +import { ExceptionListItemSchema } from '../../../../../lists/common/schemas'; import { AlertServices } from '../../../../../alerts/server'; import { assertUnreachable } from '../../../utils/build_query'; import { @@ -33,7 +33,7 @@ export const getQueryFilter = ( language: Language, filters: PartialFilter[], index: Index, - lists: ListAndOrUndefined + lists: ExceptionListItemSchema[] ) => { const indexPattern = { fields: [], @@ -64,7 +64,7 @@ interface GetFilterArgs { savedId: SavedIdOrUndefined; services: AlertServices; index: IndexOrUndefined; - lists: ListAndOrUndefined; + lists: ExceptionListItemSchema[]; } interface QueryAttributes { diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/search_after_bulk_create.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/search_after_bulk_create.test.ts index 163ed76d0c6c3..1923f43c47b92 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/search_after_bulk_create.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/search_after_bulk_create.test.ts @@ -17,6 +17,7 @@ import { alertsMock, AlertServicesMock } from '../../../../../alerts/server/mock import uuid from 'uuid'; import { getListItemResponseMock } from '../../../../../lists/common/schemas/response/list_item_schema.mock'; import { listMock } from '../../../../../lists/server/mocks'; +import { getExceptionListItemSchemaMock } from '../../../../../lists/common/schemas/response/exception_list_item_schema.mock'; describe('searchAfterAndBulkCreate', () => { let mockService: AlertServicesMock; @@ -94,22 +95,23 @@ describe('searchAfterAndBulkCreate', () => { }, ], }); + const exceptionItem = getExceptionListItemSchemaMock(); + exceptionItem.entries = [ + { + field: 'source.ip', + operator: 'included', + type: 'list', + list: { + id: 'ci-badguys.txt', + type: 'ip', + }, + }, + ]; + const { success, createdSignalsCount, lastLookBackDate } = await searchAfterAndBulkCreate({ ruleParams: sampleParams, listClient, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'list', - values: [ - { - id: 'ci-badguys.txt', - name: 'ip', - }, - ], - }, - ], + exceptionsList: [exceptionItem], services: mockService, logger: mockLogger, id: sampleRuleGuid, @@ -168,22 +170,22 @@ describe('searchAfterAndBulkCreate', () => { }, ], }); + const exceptionItem = getExceptionListItemSchemaMock(); + exceptionItem.entries = [ + { + field: 'source.ip', + operator: 'included', + type: 'list', + list: { + id: 'ci-badguys.txt', + type: 'ip', + }, + }, + ]; const { success, createdSignalsCount, lastLookBackDate } = await searchAfterAndBulkCreate({ ruleParams: sampleParams, listClient, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'list', - values: [ - { - id: 'ci-badguys.txt', - name: 'ip', - }, - ], - }, - ], + exceptionsList: [exceptionItem], services: mockService, logger: mockLogger, id: sampleRuleGuid, @@ -254,7 +256,7 @@ describe('searchAfterAndBulkCreate', () => { const { success, createdSignalsCount, lastLookBackDate } = await searchAfterAndBulkCreate({ ruleParams: sampleParams, listClient, - exceptionsList: undefined, + exceptionsList: [], services: mockService, logger: mockLogger, id: sampleRuleGuid, @@ -281,25 +283,25 @@ describe('searchAfterAndBulkCreate', () => { }); test('if unsuccessful first bulk create', async () => { + const exceptionItem = getExceptionListItemSchemaMock(); + exceptionItem.entries = [ + { + field: 'source.ip', + operator: 'included', + type: 'list', + list: { + id: 'ci-badguys.txt', + type: 'ip', + }, + }, + ]; const sampleParams = sampleRuleAlertParams(10); mockService.callCluster .mockResolvedValueOnce(repeatedSearchResultsWithSortId(4, 1, someGuids.slice(0, 3))) .mockRejectedValue(new Error('bulk failed')); // Added this recently const { success, createdSignalsCount, lastLookBackDate } = await searchAfterAndBulkCreate({ listClient, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'list', - values: [ - { - id: 'ci-badguys.txt', - name: 'ip', - }, - ], - }, - ], + exceptionsList: [exceptionItem], ruleParams: sampleParams, services: mockService, logger: mockLogger, @@ -327,6 +329,18 @@ describe('searchAfterAndBulkCreate', () => { }); test('should return success with 0 total hits', async () => { + const exceptionItem = getExceptionListItemSchemaMock(); + exceptionItem.entries = [ + { + field: 'source.ip', + operator: 'included', + type: 'list', + list: { + id: 'ci-badguys.txt', + type: 'ip', + }, + }, + ]; const sampleParams = sampleRuleAlertParams(); mockService.callCluster.mockResolvedValueOnce(sampleEmptyDocSearchResults()); listClient.getListItemByValues = jest.fn(({ value }) => @@ -339,19 +353,7 @@ describe('searchAfterAndBulkCreate', () => { ); const { success, createdSignalsCount, lastLookBackDate } = await searchAfterAndBulkCreate({ listClient, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'list', - values: [ - { - id: 'ci-badguys.txt', - name: 'ip', - }, - ], - }, - ], + exceptionsList: [exceptionItem], ruleParams: sampleParams, services: mockService, logger: mockLogger, @@ -405,21 +407,21 @@ describe('searchAfterAndBulkCreate', () => { })) ) ); + const exceptionItem = getExceptionListItemSchemaMock(); + exceptionItem.entries = [ + { + field: 'source.ip', + operator: 'included', + type: 'list', + list: { + id: 'ci-badguys.txt', + type: 'ip', + }, + }, + ]; const { success, createdSignalsCount, lastLookBackDate } = await searchAfterAndBulkCreate({ listClient, - exceptionsList: [ - { - field: 'source.ip', - values_operator: 'included', - values_type: 'list', - values: [ - { - id: 'ci-badguys.txt', - name: 'ip', - }, - ], - }, - ], + exceptionsList: [exceptionItem], ruleParams: sampleParams, services: mockService, logger: mockLogger, diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/search_after_bulk_create.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/search_after_bulk_create.ts index 65679dc23e64f..7475257121552 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/search_after_bulk_create.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/search_after_bulk_create.ts @@ -4,7 +4,6 @@ * you may not use this file except in compliance with the Elastic License. */ -import { ListAndOrUndefined } from '../../../../common/detection_engine/schemas/common/schemas'; import { AlertServices } from '../../../../../alerts/server'; import { ListClient } from '../../../../../lists/server'; import { RuleAlertAction } from '../../../../common/detection_engine/types'; @@ -14,12 +13,13 @@ import { singleSearchAfter } from './single_search_after'; import { singleBulkCreate } from './single_bulk_create'; import { SignalSearchResponse } from './types'; import { filterEventsAgainstList } from './filter_events_with_list'; +import { ExceptionListItemSchema } from '../../../../../lists/common/schemas'; interface SearchAfterAndBulkCreateParams { ruleParams: RuleTypeParams; services: AlertServices; listClient: ListClient | undefined; // TODO: undefined is for temporary development, remove before merged - exceptionsList: ListAndOrUndefined; + exceptionsList: ExceptionListItemSchema[]; logger: Logger; id: string; inputIndexPattern: string[]; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts index 23c2d6068c09c..5832b4075a40b 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts @@ -10,7 +10,7 @@ import { getResult, getMlResult } from '../routes/__mocks__/request_responses'; import { signalRulesAlertType } from './signal_rule_alert_type'; import { alertsMock, AlertServicesMock } from '../../../../../alerts/server/mocks'; import { ruleStatusServiceFactory } from './rule_status_service'; -import { getGapBetweenRuns } from './utils'; +import { getGapBetweenRuns, getListsClient, getExceptions, sortExceptionItems } from './utils'; import { RuleExecutorOptions } from './types'; import { searchAfterAndBulkCreate } from './search_after_bulk_create'; import { scheduleNotificationActions } from '../notifications/schedule_notification_actions'; @@ -18,6 +18,9 @@ import { RuleAlertType } from '../rules/types'; import { findMlSignals } from './find_ml_signals'; import { bulkCreateMlSignals } from './bulk_create_ml_signals'; import { listMock } from '../../../../../lists/server/mocks'; +import { getListClientMock } from '../../../../../lists/server/services/lists/list_client.mock'; +import { getExceptionListClientMock } from '../../../../../lists/server/services/exception_lists/exception_list_client.mock'; +import { getExceptionListItemSchemaMock } from '../../../../../lists/common/schemas/response/exception_list_item_schema.mock'; jest.mock('./rule_status_saved_objects_client'); jest.mock('./rule_status_service'); @@ -84,6 +87,15 @@ describe('rules_notification_alert_type', () => { }; (ruleStatusServiceFactory as jest.Mock).mockReturnValue(ruleStatusService); (getGapBetweenRuns as jest.Mock).mockReturnValue(moment.duration(0)); + (getListsClient as jest.Mock).mockReturnValue({ + listClient: getListClientMock(), + exceptionsClient: getExceptionListClientMock(), + }); + (getExceptions as jest.Mock).mockReturnValue([getExceptionListItemSchemaMock()]); + (sortExceptionItems as jest.Mock).mockReturnValue({ + exceptionsWithoutValueLists: [getExceptionListItemSchemaMock()], + exceptionsWithValueLists: [], + }); (searchAfterAndBulkCreate as jest.Mock).mockClear(); (searchAfterAndBulkCreate as jest.Mock).mockResolvedValue({ success: true, diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.ts index 728bd66b7d65c..1bf27dc6e26b2 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.ts @@ -15,9 +15,6 @@ import { } from '../../../../common/constants'; import { isJobStarted, isMlRule } from '../../../../common/machine_learning/helpers'; import { SetupPlugins } from '../../../plugin'; - -import { ListClient } from '../../../../../lists/server'; - import { getInputIndex } from './get_input_output_index'; import { searchAfterAndBulkCreate, @@ -25,7 +22,7 @@ import { } from './search_after_bulk_create'; import { getFilter } from './get_filter'; import { SignalRuleAlertTypeDefinition, RuleAlertAttributes } from './types'; -import { getGapBetweenRuns, parseScheduleDates } from './utils'; +import { getGapBetweenRuns, parseScheduleDates, getListsClient, getExceptions } from './utils'; import { signalParamsSchema } from './signal_params_schema'; import { siemRuleActionGroups } from './siem_rule_action_groups'; import { findMlSignals } from './find_ml_signals'; @@ -38,7 +35,6 @@ import { ruleStatusServiceFactory } from './rule_status_service'; import { buildRuleMessageFactory } from './rule_messages'; import { ruleStatusSavedObjectsClientFactory } from './rule_status_saved_objects_client'; import { getNotificationResultsLink } from '../notifications/utils'; -import { hasListsFeature } from '../feature_flags'; export const signalRulesAlertType = ({ logger, @@ -140,6 +136,18 @@ export const signalRulesAlertType = ({ await ruleStatusService.error(gapMessage, { gap: gapString }); } try { + const { listClient, exceptionsClient } = await getListsClient({ + services, + updatedByUser, + spaceId, + lists, + savedObjectClient: services.savedObjectsClient, + }); + const exceptionItems = await getExceptions({ + client: exceptionsClient, + lists: exceptionsList, + }); + if (isMlRule(type)) { if (ml == null) { throw new Error('ML plugin unavailable during rule execution'); @@ -214,18 +222,6 @@ export const signalRulesAlertType = ({ result.bulkCreateTimes.push(bulkCreateDuration); } } else { - let listClient: ListClient | undefined; - if (hasListsFeature()) { - if (lists == null) { - throw new Error('lists plugin unavailable during rule execution'); - } - listClient = await lists.getListClient( - services.callCluster, - spaceId, - updatedByUser ?? 'elastic' - ); - } - const inputIndex = await getInputIndex(services, version, index); const esFilter = await getFilter({ type, @@ -235,13 +231,12 @@ export const signalRulesAlertType = ({ savedId, services, index: inputIndex, - // temporary filter out list type - lists: exceptionsList?.filter((item) => item.values_type !== 'list'), + lists: exceptionItems ?? [], }); result = await searchAfterAndBulkCreate({ listClient, - exceptionsList, + exceptionsList: exceptionItems ?? [], ruleParams: params, services, logger, diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.test.ts index f74694df613ce..24c2d24ee972e 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.test.ts @@ -7,6 +7,12 @@ import moment from 'moment'; import sinon from 'sinon'; +import { alertsMock, AlertServicesMock } from '../../../../../alerts/server/mocks'; +import { listMock } from '../../../../../lists/server/mocks'; +import { EntriesArray } from '../../../../common/detection_engine/lists_common_deps'; + +import * as featureFlags from '../feature_flags'; + import { generateId, parseInterval, @@ -14,10 +20,10 @@ import { getDriftTolerance, getGapBetweenRuns, errorAggregator, + getListsClient, + hasLargeValueList, } from './utils'; - import { BulkResponseErrorAggregation } from './types'; - import { sampleBulkResponse, sampleEmptyBulkResponse, @@ -529,4 +535,107 @@ describe('utils', () => { expect(aggregated).toEqual(expected); }); }); + + describe('#getListsClient', () => { + let alertServices: AlertServicesMock; + + beforeEach(() => { + alertServices = alertsMock.createAlertServices(); + }); + + afterEach(() => { + jest.clearAllMocks(); + }); + + test('it successfully returns list and exceptions list client', async () => { + jest.spyOn(featureFlags, 'hasListsFeature').mockReturnValue(true); + + const { listClient, exceptionsClient } = await getListsClient({ + services: alertServices, + savedObjectClient: alertServices.savedObjectsClient, + updatedByUser: 'some_user', + spaceId: '', + lists: listMock.createSetup(), + }); + + expect(listClient).toBeDefined(); + expect(exceptionsClient).toBeDefined(); + }); + + test('it returns list and exceptions client of "undefined" if lists feature flag is off', async () => { + jest.spyOn(featureFlags, 'hasListsFeature').mockReturnValue(false); + + const listsClient = await getListsClient({ + services: alertServices, + savedObjectClient: alertServices.savedObjectsClient, + updatedByUser: 'some_user', + spaceId: '', + lists: listMock.createSetup(), + }); + + expect(listsClient).toEqual({ listClient: undefined, exceptionsClient: undefined }); + }); + + test('it throws if "lists" is undefined', async () => { + jest.spyOn(featureFlags, 'hasListsFeature').mockReturnValue(true); + + await expect(() => + getListsClient({ + services: alertServices, + savedObjectClient: alertServices.savedObjectsClient, + updatedByUser: 'some_user', + spaceId: '', + lists: undefined, + }) + ).rejects.toThrowError('lists plugin unavailable during rule execution'); + }); + }); + + describe('#hasLargeValueList', () => { + test('it returns false if empty array', () => { + const hasLists = hasLargeValueList([]); + + expect(hasLists).toBeFalsy(); + }); + + test('it returns true if item of type EntryList exists', () => { + const entries: EntriesArray = [ + { + field: 'actingProcess.file.signer', + type: 'list', + operator: 'included', + list: { id: 'some id', type: 'ip' }, + }, + { + field: 'file.signature.signer', + type: 'match', + operator: 'excluded', + value: 'Global Signer', + }, + ]; + const hasLists = hasLargeValueList(entries); + + expect(hasLists).toBeTruthy(); + }); + + test('it returns false if item of type EntryList does not exist', () => { + const entries: EntriesArray = [ + { + field: 'actingProcess.file.signer', + type: 'match', + operator: 'included', + value: 'Elastic, N.V.', + }, + { + field: 'file.signature.signer', + type: 'match', + operator: 'excluded', + value: 'Global Signer', + }, + ]; + const hasLists = hasLargeValueList(entries); + + expect(hasLists).toBeFalsy(); + }); + }); }); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.ts index f0ca08b73fac6..e431e65fad623 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.ts @@ -7,9 +7,125 @@ import { createHash } from 'crypto'; import moment from 'moment'; import dateMath from '@elastic/datemath'; -import { parseDuration } from '../../../../../alerts/server'; +import { SavedObjectsClientContract } from '../../../../../../../src/core/server'; +import { AlertServices, parseDuration } from '../../../../../alerts/server'; +import { ExceptionListClient, ListClient, ListPluginSetup } from '../../../../../lists/server'; +import { EntriesArray, ExceptionListItemSchema } from '../../../../../lists/common/schemas'; +import { ListArrayOrUndefined } from '../../../../common/detection_engine/schemas/types/lists'; +import { hasListsFeature } from '../feature_flags'; import { BulkResponse, BulkResponseErrorAggregation } from './types'; +interface SortExceptionsReturn { + exceptionsWithValueLists: ExceptionListItemSchema[]; + exceptionsWithoutValueLists: ExceptionListItemSchema[]; +} + +export const getListsClient = async ({ + lists, + spaceId, + updatedByUser, + services, + savedObjectClient, +}: { + lists: ListPluginSetup | undefined; + spaceId: string; + updatedByUser: string | null; + services: AlertServices; + savedObjectClient: SavedObjectsClientContract; +}): Promise<{ + listClient: ListClient | undefined; + exceptionsClient: ExceptionListClient | undefined; +}> => { + // TODO Remove check once feature is no longer behind flag + if (hasListsFeature()) { + if (lists == null) { + throw new Error('lists plugin unavailable during rule execution'); + } + + const listClient = await lists.getListClient( + services.callCluster, + spaceId, + updatedByUser ?? 'elastic' + ); + const exceptionsClient = await lists.getExceptionListClient( + savedObjectClient, + updatedByUser ?? 'elastic' + ); + + return { listClient, exceptionsClient }; + } else { + return { listClient: undefined, exceptionsClient: undefined }; + } +}; + +export const hasLargeValueList = (entries: EntriesArray): boolean => { + const found = entries.filter(({ type }) => type === 'list'); + return found.length > 0; +}; + +export const getExceptions = async ({ + client, + lists, +}: { + client: ExceptionListClient | undefined; + lists: ListArrayOrUndefined; +}): Promise => { + // TODO Remove check once feature is no longer behind flag + if (hasListsFeature()) { + if (client == null) { + throw new Error('lists plugin unavailable during rule execution'); + } + + if (lists != null) { + try { + // Gather all exception items of all exception lists linked to rule + const exceptions = await Promise.all( + lists + .map(async (list) => { + const { id, namespace_type: namespaceType } = list; + const items = await client.findExceptionListItem({ + listId: id, + namespaceType, + page: 1, + perPage: 5000, + filter: undefined, + sortOrder: undefined, + sortField: undefined, + }); + return items != null ? items.data : []; + }) + .flat() + ); + return exceptions.flat(); + } catch { + return []; + } + } + } +}; + +export const sortExceptionItems = (exceptions: ExceptionListItemSchema[]): SortExceptionsReturn => { + return exceptions.reduce( + (acc, exception) => { + const { entries } = exception; + const { exceptionsWithValueLists, exceptionsWithoutValueLists } = acc; + + if (hasLargeValueList(entries)) { + return { + exceptionsWithValueLists: [...exceptionsWithValueLists, { ...exception }], + exceptionsWithoutValueLists, + }; + } else { + return { + exceptionsWithValueLists, + exceptionsWithoutValueLists: [...exceptionsWithoutValueLists, { ...exception }], + }; + } + }, + { exceptionsWithValueLists: [], exceptionsWithoutValueLists: [] } + ); +}; + export const generateId = ( docIndex: string, docId: string, diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/types.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/types.ts index 6e284908e3358..90484a46dc6d3 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/types.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/types.ts @@ -28,11 +28,11 @@ import { Version, MetaOrUndefined, RuleId, - ListAndOrUndefined, } from '../../../common/detection_engine/schemas/common/schemas'; import { CallAPIOptions } from '../../../../../../src/core/server'; import { Filter } from '../../../../../../src/plugins/data/server'; import { RuleType } from '../../../common/detection_engine/types'; +import { ListArrayOrUndefined } from '../../../common/detection_engine/schemas/types'; export type PartialFilter = Partial; @@ -62,7 +62,7 @@ export interface RuleTypeParams { type: RuleType; references: References; version: Version; - exceptionsList: ListAndOrUndefined; + exceptionsList: ListArrayOrUndefined; } // eslint-disable-next-line @typescript-eslint/no-explicit-any diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 0d85960807f93..2a7517540e708 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -9001,8 +9001,6 @@ "xpack.maps.layerPanel.filterEditor.emptyState.description": "フィルターを追加してレイヤーデータを絞ります。", "xpack.maps.layerPanel.filterEditor.queryBarSubmitButtonLabel": "フィルターを設定", "xpack.maps.layerPanel.filterEditor.title": "フィルタリング", - "xpack.maps.layerPanel.fitToBoundsAriaLabel": "境界に合わせる", - "xpack.maps.layerPanel.fitToBoundsButtonLabel": "合わせる", "xpack.maps.layerPanel.footer.cancelButtonLabel": "キャンセル", "xpack.maps.layerPanel.footer.closeButtonLabel": "閉じる", "xpack.maps.layerPanel.footer.removeLayerButtonLabel": "レイヤーを削除", @@ -10683,7 +10681,6 @@ "xpack.ml.newJob.wizard.validateJob.queryIsInvalidEsQuery": "データフィードクエリは有効な Elasticsearch クエリでなければなりません。", "xpack.ml.overview.analyticsList.createFirstJobMessage": "最初のデータフレーム分析ジョブを作成", "xpack.ml.overview.analyticsList.createJobButtonText": "ジョブを作成", - "xpack.ml.overview.analyticsList.emptyPromptText": "データフレーム分析は、様々なデータ分析を行い結果と共に注釈に追加することができます。ジョブは注釈付きデータと共に、ソースデータのコピーを新規インデックスに保存します。", "xpack.ml.overview.analyticsList.errorPromptTitle": "データフレーム分析リストの取得中にエラーが発生しました。", "xpack.ml.overview.analyticsList.id": "ID", "xpack.ml.overview.analyticsList.manageJobsButtonText": "ジョブの管理", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 85167e11b28ba..9a55fee2b8898 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -9005,8 +9005,6 @@ "xpack.maps.layerPanel.filterEditor.emptyState.description": "添加筛选以缩小图层数据范围。", "xpack.maps.layerPanel.filterEditor.queryBarSubmitButtonLabel": "设置筛选", "xpack.maps.layerPanel.filterEditor.title": "筛选", - "xpack.maps.layerPanel.fitToBoundsAriaLabel": "适应边界", - "xpack.maps.layerPanel.fitToBoundsButtonLabel": "适应", "xpack.maps.layerPanel.footer.cancelButtonLabel": "取消", "xpack.maps.layerPanel.footer.closeButtonLabel": "关闭", "xpack.maps.layerPanel.footer.removeLayerButtonLabel": "移除图层", @@ -10687,7 +10685,6 @@ "xpack.ml.newJob.wizard.validateJob.queryIsInvalidEsQuery": "数据馈送查询必须是有效的 Elasticsearch 查询。", "xpack.ml.overview.analyticsList.createFirstJobMessage": "创建您的首个数据帧分析作业", "xpack.ml.overview.analyticsList.createJobButtonText": "创建作业", - "xpack.ml.overview.analyticsList.emptyPromptText": "数据帧分析允许您对数据执行不同的分析,并使用结果标注数据。该作业会将标注的数据以及源数据的副本置于新的索引中。", "xpack.ml.overview.analyticsList.errorPromptTitle": "获取数据帧分析列表时发生错误。", "xpack.ml.overview.analyticsList.id": "ID", "xpack.ml.overview.analyticsList.manageJobsButtonText": "管理作业", diff --git a/x-pack/plugins/triggers_actions_ui/public/common/expression_items/threshold.tsx b/x-pack/plugins/triggers_actions_ui/public/common/expression_items/threshold.tsx index 09acf4fe1ef68..fe592aadb37a5 100644 --- a/x-pack/plugins/triggers_actions_ui/public/common/expression_items/threshold.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/common/expression_items/threshold.tsx @@ -136,14 +136,14 @@ export const ThresholdExpression = ({ ) : null} 0 || !threshold[i]} + isInvalid={errors[`threshold${i}`]?.length > 0 || !threshold[i]} error={errors[`threshold${i}`]} > 0 || !threshold[i]} + isInvalid={errors[`threshold${i}`]?.length > 0 || !threshold[i]} onChange={(e) => { const { value } = e.target; const thresholdVal = value !== '' ? parseFloat(value) : undefined; diff --git a/x-pack/test/api_integration/apis/endpoint/data_stream_helper.ts b/x-pack/test/api_integration/apis/endpoint/data_stream_helper.ts index b239ab41e41f1..d2e99a80ef8a1 100644 --- a/x-pack/test/api_integration/apis/endpoint/data_stream_helper.ts +++ b/x-pack/test/api_integration/apis/endpoint/data_stream_helper.ts @@ -10,6 +10,7 @@ import { eventsIndexPattern, alertsIndexPattern, policyIndexPattern, + metadataMirrorIndexPattern, } from '../../../../plugins/security_solution/common/endpoint/constants'; export async function deleteDataStream(getService: (serviceName: 'es') => Client, index: string) { @@ -29,6 +30,10 @@ export async function deleteMetadataStream(getService: (serviceName: 'es') => Cl await deleteDataStream(getService, metadataIndexPattern); } +export async function deleteMetadataMirrorStream(getService: (serviceName: 'es') => Client) { + await deleteDataStream(getService, metadataMirrorIndexPattern); +} + export async function deleteEventsStream(getService: (serviceName: 'es') => Client) { await deleteDataStream(getService, eventsIndexPattern); } diff --git a/x-pack/test/api_integration/apis/endpoint/metadata.ts b/x-pack/test/api_integration/apis/endpoint/metadata.ts index 41531269ddeb9..0d77486e07536 100644 --- a/x-pack/test/api_integration/apis/endpoint/metadata.ts +++ b/x-pack/test/api_integration/apis/endpoint/metadata.ts @@ -5,7 +5,7 @@ */ import expect from '@kbn/expect/expect.js'; import { FtrProviderContext } from '../../ftr_provider_context'; -import { deleteMetadataStream } from './data_stream_helper'; +import { deleteMetadataMirrorStream, deleteMetadataStream } from './data_stream_helper'; /** * The number of host documents in the es archive. @@ -33,6 +33,40 @@ export default function ({ getService }: FtrProviderContext) { }); }); + describe('POST /api/endpoint/metadata when metadata mirror index contains unenrolled host', () => { + before(async () => { + await esArchiver.load('endpoint/metadata/unenroll_feature/metadata', { useCreate: true }); + await esArchiver.load('endpoint/metadata/unenroll_feature/metadata_mirror', { + useCreate: true, + }); + }); + + after(async () => { + await deleteMetadataStream(getService); + await deleteMetadataMirrorStream(getService); + }); + + it('metadata api should return only enrolled host', async () => { + const { body } = await supertest + .post('/api/endpoint/metadata') + .set('kbn-xsrf', 'xxx') + .send() + .expect(200); + expect(body.total).to.eql(1); + expect(body.hosts.length).to.eql(1); + expect(body.request_page_size).to.eql(10); + expect(body.request_page_index).to.eql(0); + }); + + it('metadata api should return 400 when an unenrolled host is retrieved', async () => { + const { body } = await supertest + .get('/api/endpoint/metadata/1fdca33f-799f-49f4-939c-ea4383c77671') + .send() + .expect(400); + expect(body.message).to.eql('the requested endpoint is unenrolled'); + }); + }); + describe('POST /api/endpoint/metadata when index is not empty', () => { before( async () => await esArchiver.load('endpoint/metadata/api_feature', { useCreate: true }) diff --git a/x-pack/test/api_integration/apis/endpoint/resolver.ts b/x-pack/test/api_integration/apis/endpoint/resolver.ts index 67b828b8df30e..eeca8ee54e32f 100644 --- a/x-pack/test/api_integration/apis/endpoint/resolver.ts +++ b/x-pack/test/api_integration/apis/endpoint/resolver.ts @@ -6,8 +6,8 @@ import _ from 'lodash'; import expect from '@kbn/expect'; import { - ChildNode, - LifecycleNode, + ResolverChildNode, + ResolverLifecycleNode, ResolverAncestry, ResolverEvent, ResolverRelatedEvents, @@ -35,7 +35,7 @@ import { Options, GeneratedTrees } from '../../services/resolver'; * @param node a lifecycle node containing the start and end events for a node * @param nodeMap a map of entity_ids to nodes to look for the passed in `node` */ -const expectLifecycleNodeInMap = (node: LifecycleNode, nodeMap: Map) => { +const expectLifecycleNodeInMap = (node: ResolverLifecycleNode, nodeMap: Map) => { const genNode = nodeMap.get(node.entityID); expect(genNode).to.be.ok(); compareArrays(genNode!.lifecycle, node.lifecycle, true); @@ -49,7 +49,11 @@ const expectLifecycleNodeInMap = (node: LifecycleNode, nodeMap: Map { +const verifyAncestry = ( + ancestors: ResolverLifecycleNode[], + tree: Tree, + verifyLastParent: boolean +) => { // group the ancestors by their entity_id mapped to a lifecycle node const groupedAncestors = _.groupBy(ancestors, (ancestor) => ancestor.entityID); // group by parent entity_id @@ -97,7 +101,7 @@ const verifyAncestry = (ancestors: LifecycleNode[], tree: Tree, verifyLastParent * * @param ancestors an array of ancestor nodes */ -const retrieveDistantAncestor = (ancestors: LifecycleNode[]) => { +const retrieveDistantAncestor = (ancestors: ResolverLifecycleNode[]) => { // group the ancestors by their entity_id mapped to a lifecycle node const groupedAncestors = _.groupBy(ancestors, (ancestor) => ancestor.entityID); let node = ancestors[0]; @@ -124,7 +128,7 @@ const retrieveDistantAncestor = (ancestors: LifecycleNode[]) => { * @param childrenPerParent an optional number to compare that there are a certain number of children for each parent */ const verifyChildren = ( - children: ChildNode[], + children: ResolverChildNode[], tree: Tree, numberOfParents?: number, childrenPerParent?: number @@ -210,7 +214,7 @@ const verifyStats = ( * @param categories the related event info used when generating the resolver tree */ const verifyLifecycleStats = ( - nodes: LifecycleNode[], + nodes: ResolverLifecycleNode[], categories: RelatedEventInfo[], relatedAlerts: number ) => { diff --git a/x-pack/test/api_integration/apis/metrics_ui/log_analysis.ts b/x-pack/test/api_integration/apis/metrics_ui/log_analysis.ts index 172e582e40de5..7bcea4c17cdcd 100644 --- a/x-pack/test/api_integration/apis/metrics_ui/log_analysis.ts +++ b/x-pack/test/api_integration/apis/metrics_ui/log_analysis.ts @@ -37,7 +37,7 @@ export default ({ getService }: FtrProviderContext) => { before(() => esArchiver.load('empty_kibana')); after(() => esArchiver.unload('empty_kibana')); - it('should return buckets when the results index exists with matching documents', async () => { + it('should return buckets when there are matching ml result documents', async () => { const { body } = await supertest .post(LOG_ANALYSIS_GET_LOG_ENTRY_RATE_PATH) .set(COMMON_HEADERS) @@ -68,7 +68,7 @@ export default ({ getService }: FtrProviderContext) => { ).to.be(true); }); - it('should return no buckets when the results index exists without matching documents', async () => { + it('should return no buckets when there are no matching ml result documents', async () => { const { body } = await supertest .post(LOG_ANALYSIS_GET_LOG_ENTRY_RATE_PATH) .set(COMMON_HEADERS) @@ -78,7 +78,7 @@ export default ({ getService }: FtrProviderContext) => { sourceId: 'default', timeRange: { startTime: TIME_BEFORE_START - 10 * 15 * 60 * 1000, - endTime: TIME_BEFORE_START, + endTime: TIME_BEFORE_START - 1, }, bucketDuration: 15 * 60 * 1000, }, @@ -94,25 +94,6 @@ export default ({ getService }: FtrProviderContext) => { expect(logEntryRateBuckets.data.bucketDuration).to.be(15 * 60 * 1000); expect(logEntryRateBuckets.data.histogramBuckets).to.be.empty(); }); - - it('should return a NotFound error when the results index does not exist', async () => { - await supertest - .post(LOG_ANALYSIS_GET_LOG_ENTRY_RATE_PATH) - .set(COMMON_HEADERS) - .send( - getLogEntryRateRequestPayloadRT.encode({ - data: { - sourceId: 'does-not-exist', - timeRange: { - startTime: TIME_BEFORE_START, - endTime: TIME_AFTER_END, - }, - bucketDuration: 15 * 60 * 1000, - }, - }) - ) - .expect(404); - }); }); }); }); diff --git a/x-pack/test/api_integration/services/index.ts b/x-pack/test/api_integration/services/index.ts index 2a0327ff57104..d135c43e2302c 100644 --- a/x-pack/test/api_integration/services/index.ts +++ b/x-pack/test/api_integration/services/index.ts @@ -26,7 +26,7 @@ import { import { InfraOpsSourceConfigurationProvider } from './infraops_source_configuration'; import { InfraLogSourceConfigurationProvider } from './infra_log_source_configuration'; import { MachineLearningProvider } from './ml'; -import { IngestManagerProvider } from './ingest_manager'; +import { IngestManagerProvider } from '../../common/services/ingest_manager'; import { ResolverGeneratorProvider } from './resolver'; import { TransformProvider } from './transform'; diff --git a/x-pack/test/common/services/index.ts b/x-pack/test/common/services/index.ts index 079687577c3e5..41b01bffbd889 100644 --- a/x-pack/test/common/services/index.ts +++ b/x-pack/test/common/services/index.ts @@ -5,11 +5,13 @@ */ import { services as kibanaCommonServices } from '../../../../test/common/services'; +import { services as kibanaApiIntegrationServices } from '../../../../test/api_integration/services'; import { SpacesServiceProvider } from './spaces'; export const services = { ...kibanaCommonServices, + supertest: kibanaApiIntegrationServices.supertest, spaces: SpacesServiceProvider, }; diff --git a/x-pack/test/api_integration/services/ingest_manager.ts b/x-pack/test/common/services/ingest_manager.ts similarity index 100% rename from x-pack/test/api_integration/services/ingest_manager.ts rename to x-pack/test/common/services/ingest_manager.ts diff --git a/x-pack/test/encrypted_saved_objects_api_integration/config.ts b/x-pack/test/encrypted_saved_objects_api_integration/config.ts index fb643c2c5a901..f061a38b72ce6 100644 --- a/x-pack/test/encrypted_saved_objects_api_integration/config.ts +++ b/x-pack/test/encrypted_saved_objects_api_integration/config.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { resolve } from 'path'; +import path from 'path'; import { FtrConfigProviderContext } from '@kbn/test/types/ftr'; import { services } from './services'; @@ -18,12 +18,16 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { junit: { reportName: 'X-Pack Encrypted Saved Objects API Integration Tests', }, + esArchiver: { + directory: path.join(__dirname, 'fixtures', 'es_archiver'), + }, esTestCluster: xPackAPITestsConfig.get('esTestCluster'), kbnTestServer: { ...xPackAPITestsConfig.get('kbnTestServer'), serverArgs: [ ...xPackAPITestsConfig.get('kbnTestServer.serverArgs'), - `--plugin-path=${resolve(__dirname, './fixtures/api_consumer_plugin')}`, + '--xpack.encryptedSavedObjects.encryptionKey="wuGNaIhoMpk5sO4UBxgr3NyW1sFcLgIf"', + `--plugin-path=${path.resolve(__dirname, './fixtures/api_consumer_plugin')}`, ], }, }; diff --git a/x-pack/test/encrypted_saved_objects_api_integration/fixtures/api_consumer_plugin/server/index.ts b/x-pack/test/encrypted_saved_objects_api_integration/fixtures/api_consumer_plugin/server/index.ts index 7fb4de9ae4dc1..87bed7f416019 100644 --- a/x-pack/test/encrypted_saved_objects_api_integration/fixtures/api_consumer_plugin/server/index.ts +++ b/x-pack/test/encrypted_saved_objects_api_integration/fixtures/api_consumer_plugin/server/index.ts @@ -9,6 +9,7 @@ import { CoreSetup, PluginInitializer, SavedObjectsNamespaceType, + SavedObjectUnsanitizedDoc, } from '../../../../../../src/core/server'; import { EncryptedSavedObjectsPluginSetup, @@ -23,6 +24,17 @@ const SAVED_OBJECT_WITH_SECRET_AND_MULTIPLE_SPACES_TYPE = 'saved-object-with-secret-and-multiple-spaces'; const SAVED_OBJECT_WITHOUT_SECRET_TYPE = 'saved-object-without-secret'; +const SAVED_OBJECT_WITH_MIGRATION_TYPE = 'saved-object-with-migration'; +interface MigratedTypePre790 { + nonEncryptedAttribute: string; + encryptedAttribute: string; +} +interface MigratedType { + nonEncryptedAttribute: string; + encryptedAttribute: string; + additionalEncryptedAttribute: string; +} + export interface PluginsSetup { encryptedSavedObjects: EncryptedSavedObjectsPluginSetup; spaces: SpacesPluginSetup; @@ -34,7 +46,7 @@ export interface PluginsStart { } export const plugin: PluginInitializer = () => ({ - setup(core: CoreSetup, deps) { + setup(core: CoreSetup, deps: PluginsSetup) { for (const [name, namespaceType, hidden] of [ [SAVED_OBJECT_WITH_SECRET_TYPE, 'single', false], [HIDDEN_SAVED_OBJECT_WITH_SECRET_TYPE, 'single', true], @@ -71,6 +83,8 @@ export const plugin: PluginInitializer = mappings: deepFreeze({ properties: { publicProperty: { type: 'keyword' } } }), }); + defineTypeWithMigration(core, deps); + const router = core.http.createRouter(); router.get( { @@ -103,3 +117,83 @@ export const plugin: PluginInitializer = start() {}, stop() {}, }); + +function defineTypeWithMigration(core: CoreSetup, deps: PluginsSetup) { + const typePriorTo790 = { + type: SAVED_OBJECT_WITH_MIGRATION_TYPE, + attributesToEncrypt: new Set(['encryptedAttribute']), + }; + + // current type is registered + deps.encryptedSavedObjects.registerType({ + type: SAVED_OBJECT_WITH_MIGRATION_TYPE, + attributesToEncrypt: new Set(['encryptedAttribute', 'additionalEncryptedAttribute']), + }); + + core.savedObjects.registerType({ + name: SAVED_OBJECT_WITH_MIGRATION_TYPE, + hidden: false, + namespaceType: 'single', + mappings: { + properties: { + nonEncryptedAttribute: { + type: 'keyword', + }, + encryptedAttribute: { + type: 'binary', + }, + additionalEncryptedAttribute: { + type: 'keyword', + }, + }, + }, + migrations: { + // in this version we migrated a non encrypted field and type didnt change + '7.8.0': deps.encryptedSavedObjects.createMigration( + function shouldBeMigrated(doc): doc is SavedObjectUnsanitizedDoc { + return true; + }, + ( + doc: SavedObjectUnsanitizedDoc + ): SavedObjectUnsanitizedDoc => { + const { + attributes: { nonEncryptedAttribute }, + } = doc; + return { + ...doc, + attributes: { + ...doc.attributes, + nonEncryptedAttribute: `${nonEncryptedAttribute}-migrated`, + }, + }; + }, + // type hasn't changed as the field we're updating is not an encrypted one + typePriorTo790, + typePriorTo790 + ), + // in this version we encrypted an existing non encrypted field + '7.9.0': deps.encryptedSavedObjects.createMigration( + function shouldBeMigrated(doc): doc is SavedObjectUnsanitizedDoc { + return true; + }, + ( + doc: SavedObjectUnsanitizedDoc + ): SavedObjectUnsanitizedDoc => { + const { + attributes: { nonEncryptedAttribute }, + } = doc; + return { + ...doc, + attributes: { + ...doc.attributes, + nonEncryptedAttribute, + // clone and modify the non encrypted field + additionalEncryptedAttribute: `${nonEncryptedAttribute}-encrypted`, + }, + }; + }, + typePriorTo790 + ), + }, + }); +} diff --git a/x-pack/test/encrypted_saved_objects_api_integration/fixtures/es_archiver/encrypted_saved_objects/data.json b/x-pack/test/encrypted_saved_objects_api_integration/fixtures/es_archiver/encrypted_saved_objects/data.json new file mode 100644 index 0000000000000..88ec54cdf3a54 --- /dev/null +++ b/x-pack/test/encrypted_saved_objects_api_integration/fixtures/es_archiver/encrypted_saved_objects/data.json @@ -0,0 +1,370 @@ +{ + "type": "doc", + "value": { + "id": "config:8.0.0", + "index": ".kibana_1", + "source": { + "config": { + "buildNum": 9007199254740991 + }, + "migrationVersion": { + "config": "7.9.0" + }, + "references": [ + ], + "type": "config", + "updated_at": "2020-06-17T15:03:14.532Z" + } + } +} + +{ + "type": "doc", + "value": { + "id": "space:default", + "index": ".kibana_1", + "source": { + "migrationVersion": { + "space": "6.6.0" + }, + "references": [ + ], + "space": { + "_reserved": true, + "color": "#00bfb3", + "description": "This is your default space!", + "disabledFeatures": [ + ], + "name": "Default" + }, + "type": "space", + "updated_at": "2020-06-17T15:03:27.426Z" + } + } +} + +{ + "type": "doc", + "value": { + "id": "apm-telemetry:apm-telemetry", + "index": ".kibana_1", + "source": { + "apm-telemetry": { + "agents": { + }, + "cardinality": { + "transaction": { + "name": { + "all_agents": { + "1d": 0 + }, + "rum": { + "1d": 0 + } + } + }, + "user_agent": { + "original": { + "all_agents": { + "1d": 0 + }, + "rum": { + "1d": 0 + } + } + } + }, + "counts": { + "agent_configuration": { + "all": 0 + }, + "error": { + "1d": 0, + "all": 0 + }, + "max_error_groups_per_service": { + "1d": 0 + }, + "max_transaction_groups_per_service": { + "1d": 0 + }, + "metric": { + "1d": 0, + "all": 0 + }, + "onboarding": { + "1d": 0, + "all": 0 + }, + "services": { + "1d": 0 + }, + "sourcemap": { + "1d": 0, + "all": 0 + }, + "span": { + "1d": 0, + "all": 0 + }, + "traces": { + "1d": 0 + }, + "transaction": { + "1d": 0, + "all": 0 + } + }, + "has_any_services": false, + "indices": { + "all": { + "total": { + "docs": { + "count": 0 + }, + "store": { + "size_in_bytes": 416 + } + } + }, + "shards": { + "total": 2 + } + }, + "integrations": { + "ml": { + "all_jobs_count": 0 + } + }, + "services_per_agent": { + "dotnet": 0, + "go": 0, + "java": 0, + "js-base": 0, + "nodejs": 0, + "python": 0, + "ruby": 0, + "rum-js": 0 + }, + "tasks": { + "agent_configuration": { + "took": { + "ms": 21 + } + }, + "agents": { + "took": { + "ms": 65 + } + }, + "cardinality": { + "took": { + "ms": 80 + } + }, + "groupings": { + "took": { + "ms": 25 + } + }, + "indices_stats": { + "took": { + "ms": 65 + } + }, + "integrations": { + "took": { + "ms": 108 + } + }, + "processor_events": { + "took": { + "ms": 113 + } + }, + "services": { + "took": { + "ms": 98 + } + }, + "versions": { + "took": { + "ms": 6 + } + } + } + }, + "references": [ + ], + "type": "apm-telemetry", + "updated_at": "2020-06-17T15:03:47.184Z" + } + } +} + +{ + "type": "doc", + "value": { + "id": "saved-object-with-migration:74f3e6d7-b7bb-477d-ac28-92ee22728e6e", + "index": ".kibana_1", + "source": { + "saved-object-with-migration": { + "encryptedAttribute": "JuDwwSjflpKmPKUIfjgo04E0DW9iyhp8C94hwvflgkS0SUUPt+862FQ1eja4VEfEG7HVUt7xxj+BWeZv9vrf4olxgbr4/f5RrT8BVic0EOVS9nhspiDVEv12mV0uDWGtdneB/UWyaZg+0Qr0tPrwceSl8BS///U=", + "nonEncryptedAttribute": "elastic" + }, + "migrationVersion": { + "saved-object-with-migration": "7.7.0" + }, + "references": [ + ], + "type": "saved-object-with-migration", + "updated_at": "2020-06-17T15:35:39.839Z" + } + } +} + +{ + "type": "doc", + "value": { + "id": "application_usage_transactional:5f01fd40-b0b0-11ea-9510-fdf248d5f2a4", + "index": ".kibana_1", + "source": { + "application_usage_transactional": { + "appId": "management", + "minutesOnScreen": 1.60245, + "numberOfClicks": 6, + "timestamp": "2020-06-17T15:36:54.292Z" + }, + "references": [ + ], + "type": "application_usage_transactional", + "updated_at": "2020-06-17T15:36:54.292Z" + } + } +} + +{ + "type": "doc", + "value": { + "id": "application_usage_transactional:4ca5ac00-b0b0-11ea-9510-fdf248d5f2a4", + "index": ".kibana_1", + "source": { + "application_usage_transactional": { + "appId": "home", + "minutesOnScreen": 0.4106666666666667, + "numberOfClicks": 3, + "timestamp": "2020-06-17T15:36:23.487Z" + }, + "references": [ + ], + "type": "application_usage_transactional", + "updated_at": "2020-06-17T15:36:23.488Z" + } + } +} + +{ + "type": "doc", + "value": { + "id": "ui-metric:kibana-user_agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36", + "index": ".kibana_1", + "source": { + "references": [ + ], + "type": "ui-metric", + "ui-metric": { + "count": 1 + }, + "updated_at": "2020-06-17T15:36:23.487Z" + } + } +} + +{ + "type": "doc", + "value": { + "id": "ui-metric:Kibana_home:sampleDataDecline", + "index": ".kibana_1", + "source": { + "type": "ui-metric", + "ui-metric": { + "count": 1 + }, + "updated_at": "2020-06-17T15:36:23.488Z" + } + } +} + +{ + "type": "doc", + "value": { + "id": "ui-metric:Kibana_home:welcomeScreenMount", + "index": ".kibana_1", + "source": { + "type": "ui-metric", + "ui-metric": { + "count": 1 + }, + "updated_at": "2020-06-17T15:36:23.488Z" + } + } +} + +{ + "type": "doc", + "value": { + "id": "telemetry:telemetry", + "index": ".kibana_1", + "source": { + "references": [ + ], + "telemetry": { + "lastReported": 1592408310031, + "reportFailureCount": 0, + "userHasSeenNotice": true + }, + "type": "telemetry", + "updated_at": "2020-06-17T15:38:30.031Z" + } + } +} + +{ + "type": "doc", + "value": { + "id": "maps-telemetry:maps-telemetry", + "index": ".kibana_1", + "source": { + "maps-telemetry": { + "attributesPerMap": { + "dataSourcesCount": { + "avg": 0, + "max": 0, + "min": 0 + }, + "emsVectorLayersCount": { + }, + "layerTypesCount": { + }, + "layersCount": { + "avg": 0, + "max": 0, + "min": 0 + } + }, + "indexPatternsWithGeoFieldCount": 0, + "indexPatternsWithGeoPointFieldCount": 0, + "indexPatternsWithGeoShapeFieldCount": 0, + "mapsTotalCount": 0, + "settings": { + "showMapVisualizationTypes": false + }, + "timeCaptured": "2020-06-17T16:29:27.563Z" + }, + "references": [ + ], + "type": "maps-telemetry", + "updated_at": "2020-06-17T16:29:27.563Z" + } + } +} \ No newline at end of file diff --git a/x-pack/test/encrypted_saved_objects_api_integration/fixtures/es_archiver/encrypted_saved_objects/mappings.json b/x-pack/test/encrypted_saved_objects_api_integration/fixtures/es_archiver/encrypted_saved_objects/mappings.json new file mode 100644 index 0000000000000..c025ad9da1a9c --- /dev/null +++ b/x-pack/test/encrypted_saved_objects_api_integration/fixtures/es_archiver/encrypted_saved_objects/mappings.json @@ -0,0 +1,2413 @@ +{ + "type": "index", + "value": { + "aliases": { + ".kibana": { + } + }, + "index": ".kibana_1", + "mappings": { + "_meta": { + "migrationMappingPropertyHashes": { + "action": "6e96ac5e648f57523879661ea72525b7", + "action_task_params": "a9d49f184ee89641044be0ca2950fa3a", + "alert": "7b44fba6773e37c806ce290ea9b7024e", + "apm-indices": "9bb9b2bf1fa636ed8619cbab5ce6a1dd", + "apm-telemetry": "3525d7c22c42bc80f5e6e9cb3f2b26a2", + "application_usage_totals": "c897e4310c5f24b07caaff3db53ae2c1", + "application_usage_transactional": "965839e75f809fefe04f92dc4d99722a", + "canvas-element": "7390014e1091044523666d97247392fc", + "canvas-workpad": "b0a1706d356228dbdcb4a17e6b9eb231", + "cases": "32aa96a6d3855ddda53010ae2048ac22", + "cases-comments": "c2061fb929f585df57425102fa928b4b", + "cases-configure": "42711cbb311976c0687853f4c1354572", + "cases-user-actions": "32277330ec6b721abe3b846cfd939a71", + "config": "ae24d22d5986d04124cc6568f771066f", + "dashboard": "d00f614b29a80360e1190193fd333bab", + "file-upload-telemetry": "0ed4d3e1983d1217a30982630897092e", + "graph-workspace": "cd7ba1330e6682e9cc00b78850874be1", + "index-pattern": "66eccb05066c5a89924f48a9e9736499", + "infrastructure-ui-source": "ddc0ecb18383f6b26101a2fadb2dab0c", + "inventory-view": "88fc7e12fd1b45b6f0787323ce4f18d2", + "kql-telemetry": "d12a98a6f19a2d273696597547e064ee", + "lens": "d33c68a69ff1e78c9888dedd2164ac22", + "lens-ui-telemetry": "509bfa5978586998e05f9e303c07a327", + "map": "23d7aa4a720d4938ccde3983f87bd58d", + "maps-telemetry": "bfd39d88aadadb4be597ea984d433dbe", + "metrics-explorer-view": "428e319af3e822c80a84cf87123ca35c", + "migrationVersion": "4a1746014a75ade3a714e1db5763276f", + "ml-telemetry": "257fd1d4b4fdbb9cb4b8a3b27da201e9", + "namespace": "2f4316de49999235636386fe51dc06c1", + "namespaces": "2f4316de49999235636386fe51dc06c1", + "query": "11aaeb7f5f7fa5bb43f25e18ce26e7d9", + "references": "7997cf5a56cc02bdc9c93361bde732b0", + "sample-data-telemetry": "7d3cfeb915303c9641c59681967ffeb4", + "search": "181661168bbadd1eff5902361e2a0d5c", + "space": "c5ca8acafa0beaa4d08d014a97b6bc6b", + "telemetry": "36a616f7026dfa617d6655df850fe16d", + "timelion-sheet": "9a2a2748877c7a7b582fef201ab1d4cf", + "todo": "082a2cc96a590268344d5cd74c159ac4", + "tsvb-validation-telemetry": "3a37ef6c8700ae6fc97d5c7da00e9215", + "type": "2f4316de49999235636386fe51dc06c1", + "ui-metric": "0d409297dc5ebe1e3a1da691c6ee32e3", + "updated_at": "00da57df13e94e9d98437d13ace4bfe0", + "upgrade-assistant-reindex-operation": "296a89039fc4260292be36b1b005d8f2", + "upgrade-assistant-telemetry": "56702cec857e0a9dacfb696655b4ff7b", + "uptime-dynamic-settings": "fcdb453a30092f022f2642db29523d80", + "url": "b675c3be8d76ecf029294d51dc7ec65d", + "visualization": "52d7a13ad68a150c4525b292d23e12cc" + } + }, + "dynamic": "strict", + "properties": { + "action": { + "properties": { + "actionTypeId": { + "type": "keyword" + }, + "config": { + "enabled": false, + "type": "object" + }, + "name": { + "fields": { + "keyword": { + "type": "keyword" + } + }, + "type": "text" + }, + "secrets": { + "type": "binary" + } + } + }, + "action_task_params": { + "properties": { + "actionId": { + "type": "keyword" + }, + "apiKey": { + "type": "binary" + }, + "params": { + "enabled": false, + "type": "object" + } + } + }, + "alert": { + "properties": { + "actions": { + "properties": { + "actionRef": { + "type": "keyword" + }, + "actionTypeId": { + "type": "keyword" + }, + "group": { + "type": "keyword" + }, + "params": { + "enabled": false, + "type": "object" + } + }, + "type": "nested" + }, + "alertTypeId": { + "type": "keyword" + }, + "apiKey": { + "type": "binary" + }, + "apiKeyOwner": { + "type": "keyword" + }, + "consumer": { + "type": "keyword" + }, + "createdAt": { + "type": "date" + }, + "createdBy": { + "type": "keyword" + }, + "enabled": { + "type": "boolean" + }, + "muteAll": { + "type": "boolean" + }, + "mutedInstanceIds": { + "type": "keyword" + }, + "name": { + "fields": { + "keyword": { + "type": "keyword" + } + }, + "type": "text" + }, + "params": { + "enabled": false, + "type": "object" + }, + "schedule": { + "properties": { + "interval": { + "type": "keyword" + } + } + }, + "scheduledTaskId": { + "type": "keyword" + }, + "tags": { + "type": "keyword" + }, + "throttle": { + "type": "keyword" + }, + "updatedBy": { + "type": "keyword" + } + } + }, + "saved-object-with-migration": { + "properties": { + "encryptedAttribute": { + "type": "binary" + }, + "nonEncryptedAttribute": { + "type": "keyword" + }, + "additionalEncryptedAttribute": { + "type": "binary" + } + } + }, + "apm-indices": { + "properties": { + "apm_oss": { + "properties": { + "errorIndices": { + "type": "keyword" + }, + "metricsIndices": { + "type": "keyword" + }, + "onboardingIndices": { + "type": "keyword" + }, + "sourcemapIndices": { + "type": "keyword" + }, + "spanIndices": { + "type": "keyword" + }, + "transactionIndices": { + "type": "keyword" + } + } + } + } + }, + "apm-telemetry": { + "properties": { + "agents": { + "properties": { + "dotnet": { + "properties": { + "agent": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "service": { + "properties": { + "framework": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "language": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "runtime": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } + }, + "go": { + "properties": { + "agent": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "service": { + "properties": { + "framework": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "language": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "runtime": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } + }, + "java": { + "properties": { + "agent": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "service": { + "properties": { + "framework": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "language": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "runtime": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } + }, + "js-base": { + "properties": { + "agent": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "service": { + "properties": { + "framework": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "language": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "runtime": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } + }, + "nodejs": { + "properties": { + "agent": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "service": { + "properties": { + "framework": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "language": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "runtime": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } + }, + "python": { + "properties": { + "agent": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "service": { + "properties": { + "framework": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "language": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "runtime": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } + }, + "ruby": { + "properties": { + "agent": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "service": { + "properties": { + "framework": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "language": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "runtime": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } + }, + "rum-js": { + "properties": { + "agent": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "service": { + "properties": { + "framework": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "language": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "runtime": { + "properties": { + "composite": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } + } + } + }, + "cardinality": { + "properties": { + "transaction": { + "properties": { + "name": { + "properties": { + "all_agents": { + "properties": { + "1d": { + "type": "long" + } + } + }, + "rum": { + "properties": { + "1d": { + "type": "long" + } + } + } + } + } + } + }, + "user_agent": { + "properties": { + "original": { + "properties": { + "all_agents": { + "properties": { + "1d": { + "type": "long" + } + } + }, + "rum": { + "properties": { + "1d": { + "type": "long" + } + } + } + } + } + } + } + } + }, + "counts": { + "properties": { + "agent_configuration": { + "properties": { + "all": { + "type": "long" + } + } + }, + "error": { + "properties": { + "1d": { + "type": "long" + }, + "all": { + "type": "long" + } + } + }, + "max_error_groups_per_service": { + "properties": { + "1d": { + "type": "long" + } + } + }, + "max_transaction_groups_per_service": { + "properties": { + "1d": { + "type": "long" + } + } + }, + "metric": { + "properties": { + "1d": { + "type": "long" + }, + "all": { + "type": "long" + } + } + }, + "onboarding": { + "properties": { + "1d": { + "type": "long" + }, + "all": { + "type": "long" + } + } + }, + "services": { + "properties": { + "1d": { + "type": "long" + } + } + }, + "sourcemap": { + "properties": { + "1d": { + "type": "long" + }, + "all": { + "type": "long" + } + } + }, + "span": { + "properties": { + "1d": { + "type": "long" + }, + "all": { + "type": "long" + } + } + }, + "traces": { + "properties": { + "1d": { + "type": "long" + } + } + }, + "transaction": { + "properties": { + "1d": { + "type": "long" + }, + "all": { + "type": "long" + } + } + } + } + }, + "has_any_services": { + "type": "boolean" + }, + "indices": { + "properties": { + "all": { + "properties": { + "total": { + "properties": { + "docs": { + "properties": { + "count": { + "type": "long" + } + } + }, + "store": { + "properties": { + "size_in_bytes": { + "type": "long" + } + } + } + } + } + } + }, + "shards": { + "properties": { + "total": { + "type": "long" + } + } + } + } + }, + "integrations": { + "properties": { + "ml": { + "properties": { + "all_jobs_count": { + "type": "long" + } + } + } + } + }, + "retainment": { + "properties": { + "error": { + "properties": { + "ms": { + "type": "long" + } + } + }, + "metric": { + "properties": { + "ms": { + "type": "long" + } + } + }, + "onboarding": { + "properties": { + "ms": { + "type": "long" + } + } + }, + "span": { + "properties": { + "ms": { + "type": "long" + } + } + }, + "transaction": { + "properties": { + "ms": { + "type": "long" + } + } + } + } + }, + "services_per_agent": { + "properties": { + "dotnet": { + "null_value": 0, + "type": "long" + }, + "go": { + "null_value": 0, + "type": "long" + }, + "java": { + "null_value": 0, + "type": "long" + }, + "js-base": { + "null_value": 0, + "type": "long" + }, + "nodejs": { + "null_value": 0, + "type": "long" + }, + "python": { + "null_value": 0, + "type": "long" + }, + "ruby": { + "null_value": 0, + "type": "long" + }, + "rum-js": { + "null_value": 0, + "type": "long" + } + } + }, + "tasks": { + "properties": { + "agent_configuration": { + "properties": { + "took": { + "properties": { + "ms": { + "type": "long" + } + } + } + } + }, + "agents": { + "properties": { + "took": { + "properties": { + "ms": { + "type": "long" + } + } + } + } + }, + "cardinality": { + "properties": { + "took": { + "properties": { + "ms": { + "type": "long" + } + } + } + } + }, + "groupings": { + "properties": { + "took": { + "properties": { + "ms": { + "type": "long" + } + } + } + } + }, + "indices_stats": { + "properties": { + "took": { + "properties": { + "ms": { + "type": "long" + } + } + } + } + }, + "integrations": { + "properties": { + "took": { + "properties": { + "ms": { + "type": "long" + } + } + } + } + }, + "processor_events": { + "properties": { + "took": { + "properties": { + "ms": { + "type": "long" + } + } + } + } + }, + "services": { + "properties": { + "took": { + "properties": { + "ms": { + "type": "long" + } + } + } + } + }, + "versions": { + "properties": { + "took": { + "properties": { + "ms": { + "type": "long" + } + } + } + } + } + } + }, + "version": { + "properties": { + "apm_server": { + "properties": { + "major": { + "type": "long" + }, + "minor": { + "type": "long" + }, + "patch": { + "type": "long" + } + } + } + } + } + } + }, + "application_usage_totals": { + "properties": { + "appId": { + "type": "keyword" + }, + "minutesOnScreen": { + "type": "float" + }, + "numberOfClicks": { + "type": "long" + } + } + }, + "application_usage_transactional": { + "properties": { + "appId": { + "type": "keyword" + }, + "minutesOnScreen": { + "type": "float" + }, + "numberOfClicks": { + "type": "long" + }, + "timestamp": { + "type": "date" + } + } + }, + "canvas-element": { + "dynamic": "false", + "properties": { + "@created": { + "type": "date" + }, + "@timestamp": { + "type": "date" + }, + "content": { + "type": "text" + }, + "help": { + "type": "text" + }, + "image": { + "type": "text" + }, + "name": { + "fields": { + "keyword": { + "type": "keyword" + } + }, + "type": "text" + } + } + }, + "canvas-workpad": { + "dynamic": "false", + "properties": { + "@created": { + "type": "date" + }, + "@timestamp": { + "type": "date" + }, + "name": { + "fields": { + "keyword": { + "type": "keyword" + } + }, + "type": "text" + } + } + }, + "cases": { + "properties": { + "closed_at": { + "type": "date" + }, + "closed_by": { + "properties": { + "email": { + "type": "keyword" + }, + "full_name": { + "type": "keyword" + }, + "username": { + "type": "keyword" + } + } + }, + "connector_id": { + "type": "keyword" + }, + "created_at": { + "type": "date" + }, + "created_by": { + "properties": { + "email": { + "type": "keyword" + }, + "full_name": { + "type": "keyword" + }, + "username": { + "type": "keyword" + } + } + }, + "description": { + "type": "text" + }, + "external_service": { + "properties": { + "connector_id": { + "type": "keyword" + }, + "connector_name": { + "type": "keyword" + }, + "external_id": { + "type": "keyword" + }, + "external_title": { + "type": "text" + }, + "external_url": { + "type": "text" + }, + "pushed_at": { + "type": "date" + }, + "pushed_by": { + "properties": { + "email": { + "type": "keyword" + }, + "full_name": { + "type": "keyword" + }, + "username": { + "type": "keyword" + } + } + } + } + }, + "status": { + "type": "keyword" + }, + "tags": { + "type": "keyword" + }, + "title": { + "type": "keyword" + }, + "updated_at": { + "type": "date" + }, + "updated_by": { + "properties": { + "email": { + "type": "keyword" + }, + "full_name": { + "type": "keyword" + }, + "username": { + "type": "keyword" + } + } + } + } + }, + "cases-comments": { + "properties": { + "comment": { + "type": "text" + }, + "created_at": { + "type": "date" + }, + "created_by": { + "properties": { + "email": { + "type": "keyword" + }, + "full_name": { + "type": "keyword" + }, + "username": { + "type": "keyword" + } + } + }, + "pushed_at": { + "type": "date" + }, + "pushed_by": { + "properties": { + "email": { + "type": "keyword" + }, + "full_name": { + "type": "keyword" + }, + "username": { + "type": "keyword" + } + } + }, + "updated_at": { + "type": "date" + }, + "updated_by": { + "properties": { + "email": { + "type": "keyword" + }, + "full_name": { + "type": "keyword" + }, + "username": { + "type": "keyword" + } + } + } + } + }, + "cases-configure": { + "properties": { + "closure_type": { + "type": "keyword" + }, + "connector_id": { + "type": "keyword" + }, + "connector_name": { + "type": "keyword" + }, + "created_at": { + "type": "date" + }, + "created_by": { + "properties": { + "email": { + "type": "keyword" + }, + "full_name": { + "type": "keyword" + }, + "username": { + "type": "keyword" + } + } + }, + "updated_at": { + "type": "date" + }, + "updated_by": { + "properties": { + "email": { + "type": "keyword" + }, + "full_name": { + "type": "keyword" + }, + "username": { + "type": "keyword" + } + } + } + } + }, + "cases-user-actions": { + "properties": { + "action": { + "type": "keyword" + }, + "action_at": { + "type": "date" + }, + "action_by": { + "properties": { + "email": { + "type": "keyword" + }, + "full_name": { + "type": "keyword" + }, + "username": { + "type": "keyword" + } + } + }, + "action_field": { + "type": "keyword" + }, + "new_value": { + "type": "text" + }, + "old_value": { + "type": "text" + } + } + }, + "config": { + "dynamic": "true", + "properties": { + "buildNum": { + "type": "keyword" + } + } + }, + "dashboard": { + "properties": { + "description": { + "type": "text" + }, + "hits": { + "type": "integer" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "optionsJSON": { + "type": "text" + }, + "panelsJSON": { + "type": "text" + }, + "refreshInterval": { + "properties": { + "display": { + "type": "keyword" + }, + "pause": { + "type": "boolean" + }, + "section": { + "type": "integer" + }, + "value": { + "type": "integer" + } + } + }, + "timeFrom": { + "type": "keyword" + }, + "timeRestore": { + "type": "boolean" + }, + "timeTo": { + "type": "keyword" + }, + "title": { + "type": "text" + }, + "version": { + "type": "integer" + } + } + }, + "file-upload-telemetry": { + "properties": { + "filesUploadedTotalCount": { + "type": "long" + } + } + }, + "graph-workspace": { + "properties": { + "description": { + "type": "text" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "numLinks": { + "type": "integer" + }, + "numVertices": { + "type": "integer" + }, + "title": { + "type": "text" + }, + "version": { + "type": "integer" + }, + "wsState": { + "type": "text" + } + } + }, + "index-pattern": { + "properties": { + "fieldFormatMap": { + "type": "text" + }, + "fields": { + "type": "text" + }, + "intervalName": { + "type": "keyword" + }, + "notExpandable": { + "type": "boolean" + }, + "sourceFilters": { + "type": "text" + }, + "timeFieldName": { + "type": "keyword" + }, + "title": { + "type": "text" + }, + "type": { + "type": "keyword" + }, + "typeMeta": { + "type": "keyword" + } + } + }, + "infrastructure-ui-source": { + "properties": { + "description": { + "type": "text" + }, + "fields": { + "properties": { + "container": { + "type": "keyword" + }, + "host": { + "type": "keyword" + }, + "pod": { + "type": "keyword" + }, + "tiebreaker": { + "type": "keyword" + }, + "timestamp": { + "type": "keyword" + } + } + }, + "logAlias": { + "type": "keyword" + }, + "logColumns": { + "properties": { + "fieldColumn": { + "properties": { + "field": { + "type": "keyword" + }, + "id": { + "type": "keyword" + } + } + }, + "messageColumn": { + "properties": { + "id": { + "type": "keyword" + } + } + }, + "timestampColumn": { + "properties": { + "id": { + "type": "keyword" + } + } + } + }, + "type": "nested" + }, + "metricAlias": { + "type": "keyword" + }, + "name": { + "type": "text" + } + } + }, + "inventory-view": { + "properties": { + "accountId": { + "type": "keyword" + }, + "autoBounds": { + "type": "boolean" + }, + "autoReload": { + "type": "boolean" + }, + "boundsOverride": { + "properties": { + "max": { + "type": "integer" + }, + "min": { + "type": "integer" + } + } + }, + "customMetrics": { + "properties": { + "aggregation": { + "type": "keyword" + }, + "field": { + "type": "keyword" + }, + "id": { + "type": "keyword" + }, + "label": { + "type": "keyword" + }, + "type": { + "type": "keyword" + } + }, + "type": "nested" + }, + "customOptions": { + "properties": { + "field": { + "type": "keyword" + }, + "text": { + "type": "keyword" + } + }, + "type": "nested" + }, + "filterQuery": { + "properties": { + "expression": { + "type": "keyword" + }, + "kind": { + "type": "keyword" + } + } + }, + "groupBy": { + "properties": { + "field": { + "type": "keyword" + }, + "label": { + "type": "keyword" + } + }, + "type": "nested" + }, + "legend": { + "properties": { + "palette": { + "type": "keyword" + }, + "reverseColors": { + "type": "boolean" + }, + "steps": { + "type": "long" + } + } + }, + "metric": { + "properties": { + "aggregation": { + "type": "keyword" + }, + "field": { + "type": "keyword" + }, + "id": { + "type": "keyword" + }, + "label": { + "type": "keyword" + }, + "type": { + "type": "keyword" + } + } + }, + "name": { + "type": "keyword" + }, + "nodeType": { + "type": "keyword" + }, + "region": { + "type": "keyword" + }, + "sort": { + "properties": { + "by": { + "type": "keyword" + }, + "direction": { + "type": "keyword" + } + } + }, + "time": { + "type": "long" + }, + "view": { + "type": "keyword" + } + } + }, + "kql-telemetry": { + "properties": { + "optInCount": { + "type": "long" + }, + "optOutCount": { + "type": "long" + } + } + }, + "lens": { + "properties": { + "description": { + "type": "text" + }, + "expression": { + "index": false, + "type": "keyword" + }, + "state": { + "type": "flattened" + }, + "title": { + "type": "text" + }, + "visualizationType": { + "type": "keyword" + } + } + }, + "lens-ui-telemetry": { + "properties": { + "count": { + "type": "integer" + }, + "date": { + "type": "date" + }, + "name": { + "type": "keyword" + }, + "type": { + "type": "keyword" + } + } + }, + "map": { + "properties": { + "bounds": { + "type": "geo_shape" + }, + "description": { + "type": "text" + }, + "layerListJSON": { + "type": "text" + }, + "mapStateJSON": { + "type": "text" + }, + "title": { + "type": "text" + }, + "uiStateJSON": { + "type": "text" + }, + "version": { + "type": "integer" + } + } + }, + "maps-telemetry": { + "properties": { + "attributesPerMap": { + "properties": { + "dataSourcesCount": { + "properties": { + "avg": { + "type": "long" + }, + "max": { + "type": "long" + }, + "min": { + "type": "long" + } + } + }, + "emsVectorLayersCount": { + "dynamic": "true", + "type": "object" + }, + "layerTypesCount": { + "dynamic": "true", + "type": "object" + }, + "layersCount": { + "properties": { + "avg": { + "type": "long" + }, + "max": { + "type": "long" + }, + "min": { + "type": "long" + } + } + } + } + }, + "indexPatternsWithGeoFieldCount": { + "type": "long" + }, + "indexPatternsWithGeoPointFieldCount": { + "type": "long" + }, + "indexPatternsWithGeoShapeFieldCount": { + "type": "long" + }, + "mapsTotalCount": { + "type": "long" + }, + "settings": { + "properties": { + "showMapVisualizationTypes": { + "type": "boolean" + } + } + }, + "timeCaptured": { + "type": "date" + } + } + }, + "metrics-explorer-view": { + "properties": { + "chartOptions": { + "properties": { + "stack": { + "type": "boolean" + }, + "type": { + "type": "keyword" + }, + "yAxisMode": { + "type": "keyword" + } + } + }, + "currentTimerange": { + "properties": { + "from": { + "type": "keyword" + }, + "interval": { + "type": "keyword" + }, + "to": { + "type": "keyword" + } + } + }, + "name": { + "type": "keyword" + }, + "options": { + "properties": { + "aggregation": { + "type": "keyword" + }, + "filterQuery": { + "type": "keyword" + }, + "forceInterval": { + "type": "boolean" + }, + "groupBy": { + "type": "keyword" + }, + "limit": { + "type": "integer" + }, + "metrics": { + "properties": { + "aggregation": { + "type": "keyword" + }, + "color": { + "type": "keyword" + }, + "field": { + "type": "keyword" + }, + "label": { + "type": "keyword" + } + }, + "type": "nested" + } + } + } + } + }, + "migrationVersion": { + "dynamic": "true", + "properties": { + "alert": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + }, + "saved-object-with-migration": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + }, + "config": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + }, + "space": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + } + } + }, + "ml-telemetry": { + "properties": { + "file_data_visualizer": { + "properties": { + "index_creation_count": { + "type": "long" + } + } + } + } + }, + "namespace": { + "type": "keyword" + }, + "namespaces": { + "type": "keyword" + }, + "query": { + "properties": { + "description": { + "type": "text" + }, + "filters": { + "enabled": false, + "type": "object" + }, + "query": { + "properties": { + "language": { + "type": "keyword" + }, + "query": { + "index": false, + "type": "keyword" + } + } + }, + "timefilter": { + "enabled": false, + "type": "object" + }, + "title": { + "type": "text" + } + } + }, + "references": { + "properties": { + "id": { + "type": "keyword" + }, + "name": { + "type": "keyword" + }, + "type": { + "type": "keyword" + } + }, + "type": "nested" + }, + "sample-data-telemetry": { + "properties": { + "installCount": { + "type": "long" + }, + "unInstallCount": { + "type": "long" + } + } + }, + "search": { + "properties": { + "columns": { + "type": "keyword" + }, + "description": { + "type": "text" + }, + "hits": { + "type": "integer" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "sort": { + "type": "keyword" + }, + "title": { + "type": "text" + }, + "version": { + "type": "integer" + } + } + }, + "space": { + "properties": { + "_reserved": { + "type": "boolean" + }, + "color": { + "type": "keyword" + }, + "description": { + "type": "text" + }, + "disabledFeatures": { + "type": "keyword" + }, + "imageUrl": { + "index": false, + "type": "text" + }, + "initials": { + "type": "keyword" + }, + "name": { + "fields": { + "keyword": { + "ignore_above": 2048, + "type": "keyword" + } + }, + "type": "text" + } + } + }, + "telemetry": { + "properties": { + "allowChangingOptInStatus": { + "type": "boolean" + }, + "enabled": { + "type": "boolean" + }, + "lastReported": { + "type": "date" + }, + "lastVersionChecked": { + "type": "keyword" + }, + "reportFailureCount": { + "type": "integer" + }, + "reportFailureVersion": { + "type": "keyword" + }, + "sendUsageFrom": { + "type": "keyword" + }, + "userHasSeenNotice": { + "type": "boolean" + } + } + }, + "timelion-sheet": { + "properties": { + "description": { + "type": "text" + }, + "hits": { + "type": "integer" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "timelion_chart_height": { + "type": "integer" + }, + "timelion_columns": { + "type": "integer" + }, + "timelion_interval": { + "type": "keyword" + }, + "timelion_other_interval": { + "type": "keyword" + }, + "timelion_rows": { + "type": "integer" + }, + "timelion_sheet": { + "type": "text" + }, + "title": { + "type": "text" + }, + "version": { + "type": "integer" + } + } + }, + "todo": { + "properties": { + "icon": { + "type": "keyword" + }, + "task": { + "type": "text" + }, + "title": { + "type": "keyword" + } + } + }, + "tsvb-validation-telemetry": { + "properties": { + "failedRequests": { + "type": "long" + } + } + }, + "type": { + "type": "keyword" + }, + "ui-metric": { + "properties": { + "count": { + "type": "integer" + } + } + }, + "updated_at": { + "type": "date" + }, + "upgrade-assistant-reindex-operation": { + "properties": { + "errorMessage": { + "type": "keyword" + }, + "indexName": { + "type": "keyword" + }, + "lastCompletedStep": { + "type": "integer" + }, + "locked": { + "type": "date" + }, + "newIndexName": { + "type": "keyword" + }, + "reindexOptions": { + "properties": { + "openAndClose": { + "type": "boolean" + }, + "queueSettings": { + "properties": { + "queuedAt": { + "type": "long" + }, + "startedAt": { + "type": "long" + } + } + } + } + }, + "reindexTaskId": { + "type": "keyword" + }, + "reindexTaskPercComplete": { + "type": "float" + }, + "runningReindexCount": { + "type": "integer" + }, + "status": { + "type": "integer" + } + } + }, + "upgrade-assistant-telemetry": { + "properties": { + "features": { + "properties": { + "deprecation_logging": { + "properties": { + "enabled": { + "null_value": true, + "type": "boolean" + } + } + } + } + }, + "ui_open": { + "properties": { + "cluster": { + "null_value": 0, + "type": "long" + }, + "indices": { + "null_value": 0, + "type": "long" + }, + "overview": { + "null_value": 0, + "type": "long" + } + } + }, + "ui_reindex": { + "properties": { + "close": { + "null_value": 0, + "type": "long" + }, + "open": { + "null_value": 0, + "type": "long" + }, + "start": { + "null_value": 0, + "type": "long" + }, + "stop": { + "null_value": 0, + "type": "long" + } + } + } + } + }, + "uptime-dynamic-settings": { + "properties": { + "certAgeThreshold": { + "type": "long" + }, + "certExpirationThreshold": { + "type": "long" + }, + "heartbeatIndices": { + "type": "keyword" + } + } + }, + "url": { + "properties": { + "accessCount": { + "type": "long" + }, + "accessDate": { + "type": "date" + }, + "createDate": { + "type": "date" + }, + "url": { + "fields": { + "keyword": { + "type": "keyword" + } + }, + "type": "text" + } + } + }, + "visualization": { + "properties": { + "description": { + "type": "text" + }, + "kibanaSavedObjectMeta": { + "properties": { + "searchSourceJSON": { + "type": "text" + } + } + }, + "savedSearchRefName": { + "type": "keyword" + }, + "title": { + "type": "text" + }, + "uiStateJSON": { + "type": "text" + }, + "version": { + "type": "integer" + }, + "visState": { + "type": "text" + } + } + } + } + }, + "settings": { + "index": { + "auto_expand_replicas": "0-1", + "number_of_replicas": "1", + "number_of_shards": "1" + } + } + } +} \ No newline at end of file diff --git a/x-pack/test/encrypted_saved_objects_api_integration/tests/encrypted_saved_objects_api.ts b/x-pack/test/encrypted_saved_objects_api_integration/tests/encrypted_saved_objects_api.ts index 6b3ae62011704..8bdc1715bf487 100644 --- a/x-pack/test/encrypted_saved_objects_api_integration/tests/encrypted_saved_objects_api.ts +++ b/x-pack/test/encrypted_saved_objects_api_integration/tests/encrypted_saved_objects_api.ts @@ -12,6 +12,7 @@ export default function ({ getService }: FtrProviderContext) { const es = getService('legacyEs'); const randomness = getService('randomness'); const supertest = getService('supertest'); + const esArchiver = getService('esArchiver'); const SAVED_OBJECT_WITH_SECRET_TYPE = 'saved-object-with-secret'; const HIDDEN_SAVED_OBJECT_WITH_SECRET_TYPE = 'hidden-saved-object-with-secret'; @@ -501,5 +502,32 @@ export default function ({ getService }: FtrProviderContext) { ); }); }); + + describe('migrations', () => { + before(async () => { + await esArchiver.load('encrypted_saved_objects'); + }); + + after(async () => { + await esArchiver.unload('encrypted_saved_objects'); + }); + + it('migrates unencrypted fields on saved objects', async () => { + const { body: decryptedResponse } = await supertest + .get( + `/api/saved_objects/get-decrypted-as-internal-user/saved-object-with-migration/74f3e6d7-b7bb-477d-ac28-92ee22728e6e` + ) + .expect(200); + + expect(decryptedResponse.attributes).to.eql({ + // ensures the encrypted field can still be decrypted after the migration + encryptedAttribute: 'this is my secret api key', + // ensures the non-encrypted field has been migrated in 7.8.0 + nonEncryptedAttribute: 'elastic-migrated', + // ensures the non-encrypted field has been migrated into a new encrypted field in 7.9.0 + additionalEncryptedAttribute: 'elastic-migrated-encrypted', + }); + }); + }); }); } diff --git a/x-pack/test/functional/apps/dev_tools/searchprofiler_editor.ts b/x-pack/test/functional/apps/dev_tools/searchprofiler_editor.ts index 3483ddf769e5f..bf2a4192af543 100644 --- a/x-pack/test/functional/apps/dev_tools/searchprofiler_editor.ts +++ b/x-pack/test/functional/apps/dev_tools/searchprofiler_editor.ts @@ -12,15 +12,21 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { const testSubjects = getService('testSubjects'); const aceEditor = getService('aceEditor'); const retry = getService('retry'); + const security = getService('security'); const editorTestSubjectSelector = 'searchProfilerEditor'; describe('Search Profiler Editor', () => { before(async () => { + await security.testUser.setRoles(['global_devtools_read']); await PageObjects.common.navigateToApp('searchProfiler'); expect(await testSubjects.exists('searchProfilerEditor')).to.be(true); }); + after(async () => { + await security.testUser.restoreDefaults(); + }); + it('correctly parses triple quotes in JSON', async () => { // The below inputs are written to work _with_ ace's autocomplete unlike console's unit test // counterparts in src/legacy/core_plugins/console/public/tests/src/editor.test.js diff --git a/x-pack/test/functional/apps/ml/data_frame_analytics/cloning.ts b/x-pack/test/functional/apps/ml/data_frame_analytics/cloning.ts index 357ea36213521..525e25d0158bf 100644 --- a/x-pack/test/functional/apps/ml/data_frame_analytics/cloning.ts +++ b/x-pack/test/functional/apps/ml/data_frame_analytics/cloning.ts @@ -156,25 +156,45 @@ export default function ({ getService }: FtrProviderContext) { await ml.testResources.deleteIndexPatternByTitle(testData.job.dest!.index as string); }); - it('should open the flyout with a proper header', async () => { - expect(await ml.dataFrameAnalyticsCreation.getHeaderText()).to.be( - `Clone job from ${testData.job.id}` + it('should open the wizard with a proper header', async () => { + expect(await ml.dataFrameAnalyticsCreation.getHeaderText()).to.match( + /Clone analytics job/ ); }); - it('should have correct init form values', async () => { - await ml.dataFrameAnalyticsCreation.assertInitialCloneJobForm( + it('should have correct init form values for config step', async () => { + await ml.dataFrameAnalyticsCreation.assertInitialCloneJobConfigStep( testData.job as DataFrameAnalyticsConfig ); }); - it('should have disabled Create button on open', async () => { - expect(await ml.dataFrameAnalyticsCreation.isCreateButtonDisabled()).to.be(true); + it('should continue to the additional options step', async () => { + await ml.dataFrameAnalyticsCreation.continueToAdditionalOptionsStep(); }); - it('should enable Create button on a valid form input', async () => { + it('should have correct init form values for additional options step', async () => { + await ml.dataFrameAnalyticsCreation.assertInitialCloneJobAdditionalOptionsStep( + testData.job as DataFrameAnalyticsConfig + ); + }); + + it('should continue to the details step', async () => { + await ml.dataFrameAnalyticsCreation.continueToDetailsStep(); + }); + + it('should have correct init form values for details step', async () => { + await ml.dataFrameAnalyticsCreation.assertInitialCloneJobDetailsStep( + testData.job as DataFrameAnalyticsConfig + ); await ml.dataFrameAnalyticsCreation.setJobId(cloneJobId); await ml.dataFrameAnalyticsCreation.setDestIndex(cloneDestIndex); + }); + + it('should continue to the create step', async () => { + await ml.dataFrameAnalyticsCreation.continueToCreateStep(); + }); + + it('should have enabled Create button on a valid form input', async () => { expect(await ml.dataFrameAnalyticsCreation.isCreateButtonDisabled()).to.be(false); }); @@ -182,11 +202,12 @@ export default function ({ getService }: FtrProviderContext) { await ml.dataFrameAnalyticsCreation.createAnalyticsJob(cloneJobId); }); - it('finishes analytics processing', async () => { + it('should finish analytics processing', async () => { await ml.dataFrameAnalytics.waitForAnalyticsCompletion(cloneJobId); }); - it('displays the created job in the analytics table', async () => { + it('should display the created job in the analytics table', async () => { + await ml.dataFrameAnalyticsCreation.navigateToJobManagementPage(); await ml.dataFrameAnalyticsTable.refreshAnalyticsTable(); await ml.dataFrameAnalyticsTable.filterWithSearchString(cloneJobId); const rows = await ml.dataFrameAnalyticsTable.parseAnalyticsTable(); diff --git a/x-pack/test/functional/apps/status_page/status_page.ts b/x-pack/test/functional/apps/status_page/status_page.ts index b6f0fdce8b289..eeb9bc9b84450 100644 --- a/x-pack/test/functional/apps/status_page/status_page.ts +++ b/x-pack/test/functional/apps/status_page/status_page.ts @@ -13,7 +13,7 @@ export default function statusPageFunctonalTests({ const PageObjects = getPageObjects(['security', 'statusPage', 'home']); describe('Status Page', function () { - this.tags('includeFirefox'); + this.tags(['skipCloud', 'includeFirefox']); before(async () => await esArchiver.load('empty_kibana')); after(async () => await esArchiver.unload('empty_kibana')); diff --git a/x-pack/test/functional/config.js b/x-pack/test/functional/config.js index d5e3f82878d6b..14e05d21b8753 100644 --- a/x-pack/test/functional/config.js +++ b/x-pack/test/functional/config.js @@ -231,6 +231,17 @@ export default async function ({ readConfigFile }) { ], }, + global_devtools_read: { + kibana: [ + { + feature: { + dev_tools: ['read'], + }, + spaces: ['*'], + }, + ], + }, + //Kibana feature privilege isn't specific to advancedSetting. It can be anything. https://github.com/elastic/kibana/issues/35965 test_api_keys: { elasticsearch: { diff --git a/x-pack/test/functional/es_archives/endpoint/metadata/unenroll_feature/metadata/data.json.gz b/x-pack/test/functional/es_archives/endpoint/metadata/unenroll_feature/metadata/data.json.gz new file mode 100644 index 0000000000000..d7b130e405156 Binary files /dev/null and b/x-pack/test/functional/es_archives/endpoint/metadata/unenroll_feature/metadata/data.json.gz differ diff --git a/x-pack/test/functional/es_archives/endpoint/metadata/unenroll_feature/metadata_mirror/data.json.gz b/x-pack/test/functional/es_archives/endpoint/metadata/unenroll_feature/metadata_mirror/data.json.gz new file mode 100644 index 0000000000000..3b4da7c47d9f2 Binary files /dev/null and b/x-pack/test/functional/es_archives/endpoint/metadata/unenroll_feature/metadata_mirror/data.json.gz differ diff --git a/x-pack/test/functional/services/ml/data_frame_analytics_creation.ts b/x-pack/test/functional/services/ml/data_frame_analytics_creation.ts index 081eb8775fa5b..f67ea583e25cd 100644 --- a/x-pack/test/functional/services/ml/data_frame_analytics_creation.ts +++ b/x-pack/test/functional/services/ml/data_frame_analytics_creation.ts @@ -124,37 +124,15 @@ export function MachineLearningDataFrameAnalyticsCreationProvider( await this.assertJobDescriptionValue(jobDescription); }, - async assertSourceIndexInputExists() { - await testSubjects.existOrFail('mlAnalyticsCreateJobFlyoutSourceIndexSelect > comboBoxInput'); - }, - - async assertSourceIndexSelection(expectedSelection: string[]) { - const actualSelection = await comboBox.getComboBoxSelectedOptions( - 'mlAnalyticsCreateJobFlyoutSourceIndexSelect > comboBoxInput' - ); - expect(actualSelection).to.eql( - expectedSelection, - `Source index should be '${expectedSelection}' (got '${actualSelection}')` - ); - }, - - async assertExcludedFieldsSelection(expectedSelection: string[]) { - const actualSelection = await comboBox.getComboBoxSelectedOptions( - 'mlAnalyticsCreateJobFlyoutExcludesSelect > comboBoxInput' - ); - expect(actualSelection).to.eql( - expectedSelection, - `Excluded fields should be '${expectedSelection}' (got '${actualSelection}')` - ); - }, - - async selectSourceIndex(sourceIndex: string) { - await comboBox.set( - 'mlAnalyticsCreateJobFlyoutSourceIndexSelect > comboBoxInput', - sourceIndex - ); - await this.assertSourceIndexSelection([sourceIndex]); - }, + // async assertExcludedFieldsSelection(expectedSelection: string[]) { + // const actualSelection = await comboBox.getComboBoxSelectedOptions( + // 'mlAnalyticsCreateJobWizardExcludesSelect' + // ); + // expect(actualSelection).to.eql( + // expectedSelection, + // `Excluded fields should be '${expectedSelection}' (got '${actualSelection}')` + // ); + // }, async assertDestIndexInputExists() { await testSubjects.existOrFail('mlAnalyticsCreateJobFlyoutDestinationIndexInput'); @@ -384,24 +362,29 @@ export function MachineLearningDataFrameAnalyticsCreationProvider( }, async getHeaderText() { - return await testSubjects.getVisibleText('mlDataFrameAnalyticsFlyoutHeaderTitle'); + return await testSubjects.getVisibleText('mlDataFrameAnalyticsWizardHeaderTitle'); }, - async assertInitialCloneJobForm(job: DataFrameAnalyticsConfig) { + async assertInitialCloneJobConfigStep(job: DataFrameAnalyticsConfig) { const jobType = Object.keys(job.analysis)[0]; await this.assertJobTypeSelection(jobType); - await this.assertJobIdValue(''); // id should be empty - await this.assertJobDescriptionValue(String(job.description)); - await this.assertSourceIndexSelection(job.source.index as string[]); - await this.assertDestIndexValue(''); // destination index should be empty if (isClassificationAnalysis(job.analysis) || isRegressionAnalysis(job.analysis)) { await this.assertDependentVariableSelection([job.analysis[jobType].dependent_variable]); await this.assertTrainingPercentValue(String(job.analysis[jobType].training_percent)); } - await this.assertExcludedFieldsSelection(job.analyzed_fields.excludes); + // await this.assertExcludedFieldsSelection(job.analyzed_fields.excludes); + }, + + async assertInitialCloneJobAdditionalOptionsStep(job: DataFrameAnalyticsConfig) { await this.assertModelMemoryValue(job.model_memory_limit); }, + async assertInitialCloneJobDetailsStep(job: DataFrameAnalyticsConfig) { + await this.assertJobIdValue(''); // id should be empty + await this.assertJobDescriptionValue(String(job.description)); + await this.assertDestIndexValue(''); // destination index should be empty + }, + async assertCreationCalloutMessagesExist() { await testSubjects.existOrFail('analyticsWizardCreationCallout_0'); await testSubjects.existOrFail('analyticsWizardCreationCallout_1'); diff --git a/x-pack/test/functional/services/ml/data_frame_analytics_table.ts b/x-pack/test/functional/services/ml/data_frame_analytics_table.ts index 60507f5ab3331..f452c9cce7a1a 100644 --- a/x-pack/test/functional/services/ml/data_frame_analytics_table.ts +++ b/x-pack/test/functional/services/ml/data_frame_analytics_table.ts @@ -126,7 +126,7 @@ export function MachineLearningDataFrameAnalyticsTableProvider({ getService }: F public async cloneJob(analyticsId: string) { await this.openRowActions(analyticsId); await testSubjects.click(`mlAnalyticsJobCloneButton`); - await testSubjects.existOrFail('mlAnalyticsCreateJobFlyout'); + await testSubjects.existOrFail('mlAnalyticsCreationContainer'); } })(); } diff --git a/x-pack/test/reporting_api_integration/services.ts b/x-pack/test/reporting_api_integration/services.ts index dadb466d45982..85f5a98c69b2e 100644 --- a/x-pack/test/reporting_api_integration/services.ts +++ b/x-pack/test/reporting_api_integration/services.ts @@ -7,8 +7,7 @@ import expect from '@kbn/expect'; import * as Rx from 'rxjs'; import { filter, first, mapTo, switchMap, timeout } from 'rxjs/operators'; -// @ts-ignore no module definition -import { indexTimestamp } from '../../plugins/reporting/server/lib/esqueue/helpers/index_timestamp'; +import { indexTimestamp } from '../../plugins/reporting/server/lib/store/index_timestamp'; import { services as xpackServices } from '../functional/services'; import { FtrProviderContext } from './ftr_provider_context'; diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_list.ts b/x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_list.ts index bbc78cf399f71..730beb9143406 100644 --- a/x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_list.ts +++ b/x-pack/test/security_solution_endpoint/apps/endpoint/endpoint_list.ts @@ -6,6 +6,7 @@ import expect from '@kbn/expect'; import { FtrProviderContext } from '../../ftr_provider_context'; +import { deleteMetadataStream } from '../../../api_integration/apis/endpoint/data_stream_helper'; export default ({ getPageObjects, getService }: FtrProviderContext) => { const pageObjects = getPageObjects(['common', 'endpoint', 'header', 'endpointPageUtils']); @@ -17,11 +18,11 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { this.tags('ciGroup7'); const sleep = (ms = 100) => new Promise((resolve) => setTimeout(resolve, ms)); before(async () => { - await esArchiver.load('endpoint/metadata/api_feature'); + await esArchiver.load('endpoint/metadata/api_feature', { useCreate: true }); await pageObjects.endpoint.navigateToEndpointList(); }); - it('finds title', async () => { + it('finds page title', async () => { const title = await testSubjects.getVisibleText('pageViewHeaderLeftTitle'); expect(title).to.equal('Endpoints'); }); @@ -77,54 +78,61 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { expect(tableData).to.eql(expectedData); }); - it('no details flyout when endpoint page displayed', async () => { + it('does not show the details flyout initially', async () => { await testSubjects.missingOrFail('hostDetailsFlyout'); }); - it('display details flyout when the hostname is clicked on', async () => { - await (await testSubjects.find('hostnameCellLink')).click(); - await testSubjects.existOrFail('hostDetailsUpperList'); - await testSubjects.existOrFail('hostDetailsLowerList'); - }); + describe('when the hostname is clicked on,', () => { + it('display the details flyout', async () => { + await (await testSubjects.find('hostnameCellLink')).click(); + await testSubjects.existOrFail('hostDetailsUpperList'); + await testSubjects.existOrFail('hostDetailsLowerList'); + }); - it('update details flyout when new hostname is clicked on', async () => { - // display flyout for the first host in the list - await (await testSubjects.findAll('hostnameCellLink'))[0].click(); - await testSubjects.existOrFail('hostDetailsFlyoutTitle'); - const hostDetailTitle0 = await testSubjects.getVisibleText('hostDetailsFlyoutTitle'); - // select the 2nd host in the host list - await (await testSubjects.findAll('hostnameCellLink'))[1].click(); - await pageObjects.endpoint.waitForVisibleTextToChange( - 'hostDetailsFlyoutTitle', - hostDetailTitle0 - ); - const hostDetailTitle1 = await testSubjects.getVisibleText('hostDetailsFlyoutTitle'); - expect(hostDetailTitle1).to.not.eql(hostDetailTitle0); - }); + it('updates the details flyout when a new hostname is selected from the list', async () => { + // display flyout for the first host in the list + await (await testSubjects.findAll('hostnameCellLink'))[0].click(); + await testSubjects.existOrFail('hostDetailsFlyoutTitle'); + const hostDetailTitle0 = await testSubjects.getVisibleText('hostDetailsFlyoutTitle'); + // select the 2nd host in the host list + await (await testSubjects.findAll('hostnameCellLink'))[1].click(); + await pageObjects.endpoint.waitForVisibleTextToChange( + 'hostDetailsFlyoutTitle', + hostDetailTitle0 + ); + const hostDetailTitle1 = await testSubjects.getVisibleText('hostDetailsFlyoutTitle'); + expect(hostDetailTitle1).to.not.eql(hostDetailTitle0); + }); + + it('has the same flyout info when the same hostname is selected', async () => { + // display flyout for the first host in the list + await (await testSubjects.findAll('hostnameCellLink'))[1].click(); + await testSubjects.existOrFail('hostDetailsFlyoutTitle'); + const hostDetailTitleInitial = await testSubjects.getVisibleText('hostDetailsFlyoutTitle'); + // select the same host in the host list + await (await testSubjects.findAll('hostnameCellLink'))[1].click(); + await sleep(500); // give page time to refresh and verify it did not change + const hostDetailTitleNew = await testSubjects.getVisibleText('hostDetailsFlyoutTitle'); + expect(hostDetailTitleNew).to.equal(hostDetailTitleInitial); + }); - it('details flyout remains the same when current hostname is clicked on', async () => { - // display flyout for the first host in the list - await (await testSubjects.findAll('hostnameCellLink'))[1].click(); - await testSubjects.existOrFail('hostDetailsFlyoutTitle'); - const hostDetailTitleInitial = await testSubjects.getVisibleText('hostDetailsFlyoutTitle'); - // select the same host in the host list - await (await testSubjects.findAll('hostnameCellLink'))[1].click(); - await sleep(500); // give page time to refresh and verify it did not change - const hostDetailTitleNew = await testSubjects.getVisibleText('hostDetailsFlyoutTitle'); - expect(hostDetailTitleNew).to.equal(hostDetailTitleInitial); + it('navigates to ingest fleet when the Reassign Policy link is clicked', async () => { + await (await testSubjects.find('hostDetailsLinkToIngest')).click(); + await testSubjects.existOrFail('fleetAgentListTable'); + }); }); - describe('no data', () => { + describe('when there is no data,', () => { before(async () => { // clear out the data and reload the page - await esArchiver.unload('endpoint/metadata/api_feature'); + await deleteMetadataStream(getService); await pageObjects.endpoint.navigateToEndpointList(); }); after(async () => { // reload the data so the other tests continue to pass - await esArchiver.load('endpoint/metadata/api_feature'); + await esArchiver.load('endpoint/metadata/api_feature', { useCreate: true }); }); - it('displays no items found when empty', async () => { + it('displays No items found when empty', async () => { // get the endpoint list table data and verify message const [, [noItemsFoundMessage]] = await pageObjects.endpointPageUtils.tableData( 'hostListTable' @@ -166,7 +174,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { 'Windows 10', '', '0', - '00000000-0000-0000-0000-000000000000', + 'Default', 'Unknown', '10.101.149.262606:a000:ffc0:39:11ef:37b9:3371:578c', 'rezzani-7.example.com', @@ -175,7 +183,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { }); }); after(async () => { - await esArchiver.unload('endpoint/metadata/api_feature'); + await deleteMetadataStream(getService); }); }); }; diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts b/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts index 036f82a591fb3..b0c161ca1d0c2 100644 --- a/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts +++ b/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts @@ -9,7 +9,13 @@ import { FtrProviderContext } from '../../ftr_provider_context'; import { PolicyTestResourceInfo } from '../../services/endpoint_policy'; export default function ({ getPageObjects, getService }: FtrProviderContext) { - const pageObjects = getPageObjects(['common', 'endpoint', 'policy', 'endpointPageUtils']); + const pageObjects = getPageObjects([ + 'common', + 'endpoint', + 'policy', + 'endpointPageUtils', + 'ingestManagerCreateDatasource', + ]); const testSubjects = getService('testSubjects'); const policyTestResources = getService('policyTestResources'); @@ -185,5 +191,38 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }); }); }); + + describe('when on Ingest Configurations Edit Datasource page', async () => { + let policyInfo: PolicyTestResourceInfo; + beforeEach(async () => { + // Create a policy and navigate to Ingest app + policyInfo = await policyTestResources.createPolicy(); + await pageObjects.ingestManagerCreateDatasource.navigateToAgentConfigEditDatasource( + policyInfo.agentConfig.id, + policyInfo.datasource.id + ); + }); + afterEach(async () => { + if (policyInfo) { + await policyInfo.cleanup(); + } + }); + it('should show a link to Policy Details', async () => { + await testSubjects.existOrFail('editLinkToPolicyDetails'); + }); + it('should navigate to Policy Details when the link is clicked', async () => { + const linkToPolicy = await testSubjects.find('editLinkToPolicyDetails'); + await linkToPolicy.click(); + await pageObjects.policy.ensureIsOnDetailsPage(); + }); + it('should allow the user to navigate, edit and save Policy Details', async () => { + await (await testSubjects.find('editLinkToPolicyDetails')).click(); + await pageObjects.policy.ensureIsOnDetailsPage(); + await pageObjects.endpointPageUtils.clickOnEuiCheckbox('policyWindowsEvent_dns'); + await pageObjects.policy.confirmAndSave(); + + await testSubjects.existOrFail('policyDetailsSuccessMessage'); + }); + }); }); } diff --git a/x-pack/test/security_solution_endpoint/page_objects/ingest_manager_create_datasource_page.ts b/x-pack/test/security_solution_endpoint/page_objects/ingest_manager_create_datasource_page.ts index f50cde6285be7..e104b8701276c 100644 --- a/x-pack/test/security_solution_endpoint/page_objects/ingest_manager_create_datasource_page.ts +++ b/x-pack/test/security_solution_endpoint/page_objects/ingest_manager_create_datasource_page.ts @@ -6,13 +6,14 @@ import { FtrProviderContext } from '../ftr_provider_context'; -export function IngestManagerCreateDatasource({ getService }: FtrProviderContext) { +export function IngestManagerCreateDatasource({ getService, getPageObjects }: FtrProviderContext) { const testSubjects = getService('testSubjects'); const find = getService('find'); + const pageObjects = getPageObjects(['common']); return { /** - * Validates that the page shown is the Datasource Craete Page + * Validates that the page shown is the Datasource Create Page */ async ensureOnCreatePageOrFail() { await testSubjects.existOrFail('createDataSource_header'); @@ -75,5 +76,22 @@ export function IngestManagerCreateDatasource({ getService }: FtrProviderContext async waitForSaveSuccessNotification() { await testSubjects.existOrFail('datasourceCreateSuccessToast'); }, + + /** + * Validates that the page shown is the Datasource Edit Page + */ + async ensureOnEditPageOrFail() { + await testSubjects.existOrFail('editDataSource_header'); + }, + + /** + * Navigates to the Ingest Agent configuration Edit Datasource page + */ + async navigateToAgentConfigEditDatasource(agentConfigId: string, datasourceId: string) { + await pageObjects.common.navigateToApp('ingestManager', { + hash: `/configs/${agentConfigId}/edit-datasource/${datasourceId}`, + }); + await this.ensureOnEditPageOrFail(); + }, }; } diff --git a/x-pack/test/security_solution_endpoint/services/index.ts b/x-pack/test/security_solution_endpoint/services/index.ts index 90b4bc0b4d045..7eecae41aae4a 100644 --- a/x-pack/test/security_solution_endpoint/services/index.ts +++ b/x-pack/test/security_solution_endpoint/services/index.ts @@ -4,12 +4,12 @@ * you may not use this file except in compliance with the Elastic License. */ -import { services as apiIntegrationServices } from '../../api_integration/services'; import { services as xPackFunctionalServices } from '../../functional/services'; import { EndpointPolicyTestResourcesProvider } from './endpoint_policy'; +import { IngestManagerProvider } from '../../common/services/ingest_manager'; export const services = { ...xPackFunctionalServices, - ingestManager: apiIntegrationServices.ingestManager, policyTestResources: EndpointPolicyTestResourcesProvider, + ingestManager: IngestManagerProvider, }; diff --git a/x-pack/tsconfig.json b/x-pack/tsconfig.json index 306294c57b3c6..e978702a35634 100644 --- a/x-pack/tsconfig.json +++ b/x-pack/tsconfig.json @@ -14,6 +14,7 @@ "test/**/*", "plugins/security_solution/cypress/**/*", "plugins/apm/e2e/cypress/**/*", + "plugins/apm/scripts/**/*", "**/typespec_tests.ts" ], "compilerOptions": { diff --git a/yarn.lock b/yarn.lock index b600ccb75c9fa..93db6de88775c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2111,6 +2111,15 @@ debug "^3.1.0" lodash.once "^4.1.1" +"@dabh/diagnostics@^2.0.2": + version "2.0.2" + resolved "https://registry.yarnpkg.com/@dabh/diagnostics/-/diagnostics-2.0.2.tgz#290d08f7b381b8f94607dc8f471a12c675f9db31" + integrity sha512-+A1YivoVDNNVCdfozHSR8v/jyuuLTMXwjWuxPFlFlUapXoGc+Gj9mDlTDDfrwl7rXCl2tNZ0kE8sIBO6YOn96Q== + dependencies: + colorspace "1.1.x" + enabled "2.0.x" + kuler "^2.0.0" + "@elastic/apm-rum-core@^5.3.0": version "5.3.0" resolved "https://registry.yarnpkg.com/@elastic/apm-rum-core/-/apm-rum-core-5.3.0.tgz#3ae5e84eba5b5287b92458a49755f6e39e7bba5b" @@ -2288,6 +2297,11 @@ resolved "https://registry.yarnpkg.com/@elastic/node-crypto/-/node-crypto-1.1.1.tgz#619b70322c9cce4a7ee5fbf8f678b1baa7f06095" integrity sha512-F6tIk8Txdqjg8Siv60iAvXzO9ZdQI87K3sS/fh5xd2XaWK+T5ZfqeTvsT7srwG6fr6uCBfuQEJV1KBBl+JpLZA== +"@elastic/node-crypto@1.2.1": + version "1.2.1" + resolved "https://registry.yarnpkg.com/@elastic/node-crypto/-/node-crypto-1.2.1.tgz#dfd9218f9b5729fa519762e6a6968aaf61b86eb0" + integrity sha512-RlZg+poLA2SwZZUM5RMJDJiKojlSB1mJkumIvLgXvvTCcCliC6rM0lUaNecV9pbQLIHrGlX2BrbwiuPWhv0czQ== + "@elastic/numeral@^2.5.0": version "2.5.0" resolved "https://registry.yarnpkg.com/@elastic/numeral/-/numeral-2.5.0.tgz#8da714827fc278f17546601fdfe55f5c920e2bc5" @@ -8478,16 +8492,16 @@ backo2@1.0.2: resolved "https://registry.yarnpkg.com/backo2/-/backo2-1.0.2.tgz#31ab1ac8b129363463e35b3ebb69f4dfcfba7947" integrity sha1-MasayLEpNjRj41s+u2n038+6eUc= -backport@5.4.1: - version "5.4.1" - resolved "https://registry.yarnpkg.com/backport/-/backport-5.4.1.tgz#b066e8bbece91bc813187c13b7bea69ef5355471" - integrity sha512-vFR5Juss2pveS2OyyoE5n14j7ZDqeZXakzv4KngTEUTsb+5r/AVj2OG8LfJ14RJBMKBYSf1ojSKgDiWtUi0r+w== +backport@5.4.6: + version "5.4.6" + resolved "https://registry.yarnpkg.com/backport/-/backport-5.4.6.tgz#8d8d8cb7c0df4079a40c6f4892f393daa92c1ef8" + integrity sha512-O3fFmQXKZN5sP6R6GwXeobsEgoFzvnuTGj8/TTTjxt1xA07pfhTY67M16rr0eiDDtuSxAqWMX9Zo+5Q3DuxfpQ== dependencies: axios "^0.19.2" dedent "^0.7.0" del "^5.1.0" find-up "^4.1.0" - inquirer "^7.1.0" + inquirer "^7.2.0" lodash.flatmap "^4.5.0" lodash.isempty "^4.4.0" lodash.isstring "^4.0.1" @@ -8496,7 +8510,7 @@ backport@5.4.1: ora "^4.0.4" safe-json-stringify "^1.2.0" strip-json-comments "^3.1.0" - winston "^3.2.1" + winston "^3.3.3" yargs "^15.3.1" bail@^1.0.0: @@ -12992,6 +13006,11 @@ enabled@1.0.x: dependencies: env-variable "0.0.x" +enabled@2.0.x: + version "2.0.0" + resolved "https://registry.yarnpkg.com/enabled/-/enabled-2.0.0.tgz#f9dd92ec2d6f4bbc0d5d1e64e21d61cd4665e7c2" + integrity sha512-AKrN98kuwOzMIdAizXGI86UFBoo26CL21UM763y1h/GMSJ4/OHU9k2YlsmBpyScFo/wbLzWQJBMCW4+IO3/+OQ== + encodeurl@^1.0.2, encodeurl@~1.0.1, encodeurl@~1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59" @@ -14499,6 +14518,11 @@ fecha@^2.3.3: resolved "https://registry.yarnpkg.com/fecha/-/fecha-2.3.3.tgz#948e74157df1a32fd1b12c3a3c3cdcb6ec9d96cd" integrity sha512-lUGBnIamTAwk4znq5BcqsDaxSmZ9nDVJaij6NvRt/Tg4R69gERA+otPKbS86ROw9nxVMw2/mp1fnaiWqbs6Sdg== +fecha@^4.2.0: + version "4.2.0" + resolved "https://registry.yarnpkg.com/fecha/-/fecha-4.2.0.tgz#3ffb6395453e3f3efff850404f0a59b6747f5f41" + integrity sha512-aN3pcx/DSmtyoovUudctc8+6Hl4T+hI9GBBHLjA76jdZl7+b1sgh5g4k+u/GL3dTy1/pnYzKp69FpJ0OicE3Wg== + fetch-mock@^7.3.9: version "7.3.9" resolved "https://registry.yarnpkg.com/fetch-mock/-/fetch-mock-7.3.9.tgz#a80fd2a1728f72e0634ef7a9734bc61200096487" @@ -14909,6 +14933,11 @@ fmin@0.0.2: tape "^4.5.1" uglify-js "^2.6.2" +fn.name@1.x.x: + version "1.1.0" + resolved "https://registry.yarnpkg.com/fn.name/-/fn.name-1.1.0.tgz#26cad8017967aea8731bc42961d04a3d5988accc" + integrity sha512-GRnmB5gPyJpAhTQdSZTSp9uaPSvl09KoYcMQtsB9rQoOmzs9dH6ffeccH+Z+cv6P68Hu5bC6JjRh4Ah/mHSNRw== + focus-lock@^0.5.2: version "0.5.4" resolved "https://registry.yarnpkg.com/focus-lock/-/focus-lock-0.5.4.tgz#537644d61b9e90fd97075aa680b8add1de24e819" @@ -17816,10 +17845,10 @@ inquirer@^7.0.0: strip-ansi "^5.1.0" through "^2.3.6" -inquirer@^7.1.0: - version "7.1.0" - resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-7.1.0.tgz#1298a01859883e17c7264b82870ae1034f92dd29" - integrity sha512-5fJMWEmikSYu0nv/flMc475MhGbB7TSPd/2IpFV4I4rMklboCH2rQjYY5kKiYGHqUF9gvaambupcJFFG9dvReg== +inquirer@^7.2.0: + version "7.2.0" + resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-7.2.0.tgz#63ce99d823090de7eb420e4bb05e6f3449aa389a" + integrity sha512-E0c4rPwr9ByePfNlTIB8z51kK1s2n6jrHuJeEHENl/sbq2G/S1auvibgEwNR4uSyiU+PiYHqSwsgGiXjG8p5ZQ== dependencies: ansi-escapes "^4.2.1" chalk "^3.0.0" @@ -20116,6 +20145,11 @@ kuler@1.0.x: dependencies: colornames "^1.1.1" +kuler@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/kuler/-/kuler-2.0.0.tgz#e2c570a3800388fb44407e851531c1d670b061b3" + integrity sha512-Xq9nH7KlWZmXAtodXDDRE7vs6DU1gTU8zYDHDiWLSip45Egwq3plLHzPn27NgvzL2r1LMPC1vdqh98sQxtqj4A== + last-run@^1.1.0: version "1.1.1" resolved "https://registry.yarnpkg.com/last-run/-/last-run-1.1.1.tgz#45b96942c17b1c79c772198259ba943bebf8ca5b" @@ -20954,6 +20988,17 @@ logform@^2.1.1: ms "^2.1.1" triple-beam "^1.3.0" +logform@^2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/logform/-/logform-2.2.0.tgz#40f036d19161fc76b68ab50fdc7fe495544492f2" + integrity sha512-N0qPlqfypFx7UHNn4B3lzS/b0uLqt2hmuoa+PpuXNYgozdJYAyauF5Ky0BWVjrxDlMWiT3qN4zPq3vVAfZy7Yg== + dependencies: + colors "^1.2.1" + fast-safe-stringify "^2.0.4" + fecha "^4.2.0" + ms "^2.1.1" + triple-beam "^1.3.0" + loglevel@^1.6.4: version "1.6.4" resolved "https://registry.yarnpkg.com/loglevel/-/loglevel-1.6.4.tgz#f408f4f006db8354d0577dcf6d33485b3cb90d56" @@ -23186,6 +23231,13 @@ one-time@0.0.4: resolved "https://registry.yarnpkg.com/one-time/-/one-time-0.0.4.tgz#f8cdf77884826fe4dff93e3a9cc37b1e4480742e" integrity sha1-+M33eISCb+Tf+T46nMN7HkSAdC4= +one-time@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/one-time/-/one-time-1.0.0.tgz#e06bc174aed214ed58edede573b433bbf827cb45" + integrity sha512-5DXOiRKwuSEcQ/l0kGCF6Q3jcADFv5tSmRaJck/OqkVFcOzutB134KRSfF0xDrL39MNnqxbHBbUUcjZIhTgb2g== + dependencies: + fn.name "1.x.x" + onetime@^1.0.0: version "1.1.0" resolved "https://registry.npmjs.org/onetime/-/onetime-1.1.0.tgz#a1f7838f8314c516f05ecefcbc4ccfe04b4ed789" @@ -26172,7 +26224,7 @@ read-pkg@^5.1.1, read-pkg@^5.2.0: parse-json "^5.0.0" type-fest "^0.6.0" -"readable-stream@1 || 2", readable-stream@~2.3.3: +"readable-stream@1 || 2", readable-stream@^2.3.7, readable-stream@~2.3.3: version "2.3.7" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57" integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw== @@ -32875,6 +32927,14 @@ winston-transport@^4.3.0: readable-stream "^2.3.6" triple-beam "^1.2.0" +winston-transport@^4.4.0: + version "4.4.0" + resolved "https://registry.yarnpkg.com/winston-transport/-/winston-transport-4.4.0.tgz#17af518daa690d5b2ecccaa7acf7b20ca7925e59" + integrity sha512-Lc7/p3GtqtqPBYYtS6KCN3c77/2QCev51DvcJKbkFPQNoj1sinkGwLGFDxkXY9J6p9+EPnYs+D90uwbnaiURTw== + dependencies: + readable-stream "^2.3.7" + triple-beam "^1.2.0" + winston@3.2.1, winston@^3.0.0, winston@^3.2.1: version "3.2.1" resolved "https://registry.yarnpkg.com/winston/-/winston-3.2.1.tgz#63061377976c73584028be2490a1846055f77f07" @@ -32890,6 +32950,21 @@ winston@3.2.1, winston@^3.0.0, winston@^3.2.1: triple-beam "^1.3.0" winston-transport "^4.3.0" +winston@^3.3.3: + version "3.3.3" + resolved "https://registry.yarnpkg.com/winston/-/winston-3.3.3.tgz#ae6172042cafb29786afa3d09c8ff833ab7c9170" + integrity sha512-oEXTISQnC8VlSAKf1KYSSd7J6IWuRPQqDdo8eoRNaYKLvwSb5+79Z3Yi1lrl6KDpU6/VWaxpakDAtb1oQ4n9aw== + dependencies: + "@dabh/diagnostics" "^2.0.2" + async "^3.1.0" + is-stream "^2.0.0" + logform "^2.2.0" + one-time "^1.0.0" + readable-stream "^3.4.0" + stack-trace "0.0.x" + triple-beam "^1.3.0" + winston-transport "^4.4.0" + with@^5.0.0: version "5.1.1" resolved "https://registry.yarnpkg.com/with/-/with-5.1.1.tgz#fa4daa92daf32c4ea94ed453c81f04686b575dfe"