diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.test.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.test.ts index 095e49a6c4306..8d1ab391ff47b 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.test.ts +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.test.ts @@ -70,7 +70,7 @@ describe('endpoint list saga', () => { expect(fakeHttpServices.post).not.toHaveBeenCalled(); dispatch({ type: 'userNavigatedToPage', payload: 'managementPage' }); await sleep(); - expect(fakeHttpServices.post).toHaveBeenCalledWith('/api/endpoint/endpoints', { + expect(fakeHttpServices.post).toHaveBeenCalledWith('/api/endpoint/metadata', { body: JSON.stringify({ paging_properties: [{ page_index: 0 }, { page_size: 10 }], }), diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.ts index ae756caf5aa35..754a855c171ad 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.ts +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/managing/middleware.ts @@ -18,7 +18,7 @@ export const managementMiddlewareFactory: MiddlewareFactory ) { const managementPageIndex = pageIndex(getState()); const managementPageSize = pageSize(getState()); - const response = await coreStart.http.post('/api/endpoint/endpoints', { + const response = await coreStart.http.post('/api/endpoint/metadata', { body: JSON.stringify({ paging_properties: [ { page_index: managementPageIndex }, diff --git a/x-pack/plugins/endpoint/server/plugin.ts b/x-pack/plugins/endpoint/server/plugin.ts index afed5199b7d72..aef85f39e0382 100644 --- a/x-pack/plugins/endpoint/server/plugin.ts +++ b/x-pack/plugins/endpoint/server/plugin.ts @@ -10,7 +10,7 @@ import { createConfig$, EndpointConfigType } from './config'; import { EndpointAppContext } from './types'; import { addRoutes } from './routes'; -import { registerEndpointRoutes } from './routes/endpoints'; +import { registerEndpointRoutes } from './routes/metadata'; import { registerAlertRoutes } from './routes/alerts'; import { registerResolverRoutes } from './routes/resolver'; diff --git a/x-pack/plugins/endpoint/server/routes/endpoints.test.ts b/x-pack/plugins/endpoint/server/routes/metadata.test.ts similarity index 95% rename from x-pack/plugins/endpoint/server/routes/endpoints.test.ts rename to x-pack/plugins/endpoint/server/routes/metadata.test.ts index 25c4225495a41..ee374bc1b57d6 100644 --- a/x-pack/plugins/endpoint/server/routes/endpoints.test.ts +++ b/x-pack/plugins/endpoint/server/routes/metadata.test.ts @@ -20,9 +20,9 @@ import { } from '../../../../../src/core/server/mocks'; import { EndpointMetadata, EndpointResultList } from '../../common/types'; import { SearchResponse } from 'elasticsearch'; -import { registerEndpointRoutes } from './endpoints'; +import { registerEndpointRoutes } from './metadata'; import { EndpointConfigSchema } from '../config'; -import * as data from '../test_data/all_endpoints_data.json'; +import * as data from '../test_data/all_metadata_data.json'; describe('test endpoint route', () => { let routerMock: jest.Mocked; @@ -54,7 +54,7 @@ describe('test endpoint route', () => { >; mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => - path.startsWith('/api/endpoint/endpoints') + path.startsWith('/api/endpoint/metadata') )!; await routeHandler( @@ -96,7 +96,7 @@ describe('test endpoint route', () => { Promise.resolve((data as unknown) as SearchResponse) ); [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => - path.startsWith('/api/endpoint/endpoints') + path.startsWith('/api/endpoint/metadata') )!; await routeHandler( @@ -143,7 +143,7 @@ describe('test endpoint route', () => { Promise.resolve((data as unknown) as SearchResponse) ); [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => - path.startsWith('/api/endpoint/endpoints') + path.startsWith('/api/endpoint/metadata') )!; await routeHandler( @@ -208,7 +208,7 @@ describe('test endpoint route', () => { }) ); [routeConfig, routeHandler] = routerMock.get.mock.calls.find(([{ path }]) => - path.startsWith('/api/endpoint/endpoints') + path.startsWith('/api/endpoint/metadata') )!; await routeHandler( @@ -239,7 +239,7 @@ describe('test endpoint route', () => { >; mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); [routeConfig, routeHandler] = routerMock.get.mock.calls.find(([{ path }]) => - path.startsWith('/api/endpoint/endpoints') + path.startsWith('/api/endpoint/metadata') )!; await routeHandler( diff --git a/x-pack/plugins/endpoint/server/routes/endpoints.ts b/x-pack/plugins/endpoint/server/routes/metadata.ts similarity index 90% rename from x-pack/plugins/endpoint/server/routes/endpoints.ts rename to x-pack/plugins/endpoint/server/routes/metadata.ts index 054172a7f258a..278cfac020a3b 100644 --- a/x-pack/plugins/endpoint/server/routes/endpoints.ts +++ b/x-pack/plugins/endpoint/server/routes/metadata.ts @@ -9,9 +9,9 @@ import { SearchResponse } from 'elasticsearch'; import { schema } from '@kbn/config-schema'; import { - kibanaRequestToEndpointListQuery, - kibanaRequestToEndpointFetchQuery, -} from '../services/endpoint/endpoint_query_builders'; + kibanaRequestToMetadataListESQuery, + kibanaRequestToMetadataGetESQuery, +} from '../services/endpoint/metadata_query_builders'; import { EndpointMetadata, EndpointResultList } from '../../common/types'; import { EndpointAppContext } from '../types'; @@ -22,7 +22,7 @@ interface HitSource { export function registerEndpointRoutes(router: IRouter, endpointAppContext: EndpointAppContext) { router.post( { - path: '/api/endpoint/endpoints', + path: '/api/endpoint/metadata', validate: { body: schema.nullable( schema.object({ @@ -53,7 +53,7 @@ export function registerEndpointRoutes(router: IRouter, endpointAppContext: Endp }, async (context, req, res) => { try { - const queryParams = await kibanaRequestToEndpointListQuery(req, endpointAppContext); + const queryParams = await kibanaRequestToMetadataListESQuery(req, endpointAppContext); const response = (await context.core.elasticsearch.dataClient.callAsCurrentUser( 'search', queryParams @@ -67,7 +67,7 @@ export function registerEndpointRoutes(router: IRouter, endpointAppContext: Endp router.get( { - path: '/api/endpoint/endpoints/{id}', + path: '/api/endpoint/metadata/{id}', validate: { params: schema.object({ id: schema.string() }), }, @@ -75,7 +75,7 @@ export function registerEndpointRoutes(router: IRouter, endpointAppContext: Endp }, async (context, req, res) => { try { - const query = kibanaRequestToEndpointFetchQuery(req, endpointAppContext); + const query = kibanaRequestToMetadataGetESQuery(req, endpointAppContext); const response = (await context.core.elasticsearch.dataClient.callAsCurrentUser( 'search', query diff --git a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.test.ts b/x-pack/plugins/endpoint/server/services/endpoint/metadata_query_builders.test.ts similarity index 79% rename from x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.test.ts rename to x-pack/plugins/endpoint/server/services/endpoint/metadata_query_builders.test.ts index bd9986ecf1f97..a3090361d4965 100644 --- a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.test.ts +++ b/x-pack/plugins/endpoint/server/services/endpoint/metadata_query_builders.test.ts @@ -6,17 +6,18 @@ import { httpServerMock, loggingServiceMock } from '../../../../../../src/core/server/mocks'; import { EndpointConfigSchema } from '../../config'; import { - kibanaRequestToEndpointListQuery, - kibanaRequestToEndpointFetchQuery, -} from './endpoint_query_builders'; + kibanaRequestToMetadataListESQuery, + kibanaRequestToMetadataGetESQuery, +} from './metadata_query_builders'; +import { EndpointAppConstants } from '../../../common/types'; describe('query builder', () => { - describe('EndpointListQuery', () => { - it('test default query params for all endpoints when no params or body is provided', async () => { + describe('MetadataListESQuery', () => { + it('test default query params for all endpoints metadata when no params or body is provided', async () => { const mockRequest = httpServerMock.createKibanaRequest({ body: {}, }); - const query = await kibanaRequestToEndpointListQuery(mockRequest, { + const query = await kibanaRequestToMetadataListESQuery(mockRequest, { logFactory: loggingServiceMock.create(), config: () => Promise.resolve(EndpointConfigSchema.validate({})), }); @@ -50,19 +51,19 @@ describe('query builder', () => { }, from: 0, size: 10, - index: 'endpoint-agent*', + index: EndpointAppConstants.ENDPOINT_INDEX_NAME, } as Record); }); }); describe('test query builder with kql filter', () => { - it('test default query params for all endpoints when no params or body is provided', async () => { + it('test default query params for all endpoints metadata when body filter is provided', async () => { const mockRequest = httpServerMock.createKibanaRequest({ body: { filter: 'not host.ip:10.140.73.246', }, }); - const query = await kibanaRequestToEndpointListQuery(mockRequest, { + const query = await kibanaRequestToMetadataListESQuery(mockRequest, { logFactory: loggingServiceMock.create(), config: () => Promise.resolve(EndpointConfigSchema.validate({})), }); @@ -109,12 +110,12 @@ describe('query builder', () => { }, from: 0, size: 10, - index: 'endpoint-agent*', + index: EndpointAppConstants.ENDPOINT_INDEX_NAME, } as Record); }); }); - describe('EndpointFetchQuery', () => { + describe('MetadataGetQuery', () => { it('searches for the correct ID', () => { const mockID = 'AABBCCDD-0011-2233-AA44-DEADBEEF8899'; const mockRequest = httpServerMock.createKibanaRequest({ @@ -122,7 +123,7 @@ describe('query builder', () => { id: mockID, }, }); - const query = kibanaRequestToEndpointFetchQuery(mockRequest, { + const query = kibanaRequestToMetadataGetESQuery(mockRequest, { logFactory: loggingServiceMock.create(), config: () => Promise.resolve(EndpointConfigSchema.validate({})), }); @@ -132,7 +133,7 @@ describe('query builder', () => { sort: [{ 'event.created': { order: 'desc' } }], size: 1, }, - index: 'endpoint-agent*', + index: EndpointAppConstants.ENDPOINT_INDEX_NAME, }); }); }); diff --git a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.ts b/x-pack/plugins/endpoint/server/services/endpoint/metadata_query_builders.ts similarity index 96% rename from x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.ts rename to x-pack/plugins/endpoint/server/services/endpoint/metadata_query_builders.ts index c143b09ec453c..300e837c4af1e 100644 --- a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.ts +++ b/x-pack/plugins/endpoint/server/services/endpoint/metadata_query_builders.ts @@ -8,7 +8,7 @@ import { EndpointAppConstants } from '../../../common/types'; import { EndpointAppContext } from '../../types'; import { esKuery } from '../../../../../../src/plugins/data/server'; -export const kibanaRequestToEndpointListQuery = async ( +export const kibanaRequestToMetadataListESQuery = async ( request: KibanaRequest, endpointAppContext: EndpointAppContext ): Promise> => { @@ -74,7 +74,7 @@ function buildQueryBody(request: KibanaRequest): Record, endpointAppContext: EndpointAppContext ) => { diff --git a/x-pack/plugins/endpoint/server/test_data/all_endpoints_data.json b/x-pack/plugins/endpoint/server/test_data/all_metadata_data.json similarity index 100% rename from x-pack/plugins/endpoint/server/test_data/all_endpoints_data.json rename to x-pack/plugins/endpoint/server/test_data/all_metadata_data.json diff --git a/x-pack/test/api_integration/apis/endpoint/index.ts b/x-pack/test/api_integration/apis/endpoint/index.ts index 238c63640386a..4ffd0c3b6044b 100644 --- a/x-pack/test/api_integration/apis/endpoint/index.ts +++ b/x-pack/test/api_integration/apis/endpoint/index.ts @@ -10,7 +10,7 @@ export default function endpointAPIIntegrationTests({ loadTestFile }: FtrProvide describe('Endpoint plugin', function() { this.tags(['endpoint']); loadTestFile(require.resolve('./resolver')); - loadTestFile(require.resolve('./endpoints')); + loadTestFile(require.resolve('./metadata')); loadTestFile(require.resolve('./alerts')); }); } diff --git a/x-pack/test/api_integration/apis/endpoint/endpoints.ts b/x-pack/test/api_integration/apis/endpoint/metadata.ts similarity index 52% rename from x-pack/test/api_integration/apis/endpoint/endpoints.ts rename to x-pack/test/api_integration/apis/endpoint/metadata.ts index 210e9d78d7e18..4b0cc8d93a395 100644 --- a/x-pack/test/api_integration/apis/endpoint/endpoints.ts +++ b/x-pack/test/api_integration/apis/endpoint/metadata.ts @@ -9,12 +9,12 @@ import { FtrProviderContext } from '../../ftr_provider_context'; export default function({ getService }: FtrProviderContext) { const esArchiver = getService('esArchiver'); const supertest = getService('supertest'); - describe('test endpoints api', () => { - describe('POST /api/endpoint/endpoints when index is empty', () => { - it('endpoints api should return empty result when index is empty', async () => { - await esArchiver.unload('endpoint/endpoints/api_feature'); + describe('test metadata api', () => { + describe('POST /api/endpoint/metadata when index is empty', () => { + it('metadata api should return empty result when index is empty', async () => { + await esArchiver.unload('endpoint/metadata/api_feature'); const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send() .expect(200); @@ -25,12 +25,12 @@ export default function({ getService }: FtrProviderContext) { }); }); - describe('POST /api/endpoint/endpoints when index is not empty', () => { - before(() => esArchiver.load('endpoint/endpoints/api_feature')); - after(() => esArchiver.unload('endpoint/endpoints/api_feature')); - it('endpoints api should return one entry for each endpoint with default paging', async () => { + describe('POST /api/endpoint/metadata when index is not empty', () => { + before(() => esArchiver.load('endpoint/metadata/api_feature')); + after(() => esArchiver.unload('endpoint/metadata/api_feature')); + it('metadata api should return one entry for each endpoint with default paging', async () => { const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send() .expect(200); @@ -40,9 +40,9 @@ export default function({ getService }: FtrProviderContext) { expect(body.request_page_index).to.eql(0); }); - it('endpoints api should return page based on paging properties passed.', async () => { + it('metadata api should return page based on paging properties passed.', async () => { const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send({ paging_properties: [ @@ -61,12 +61,12 @@ export default function({ getService }: FtrProviderContext) { expect(body.request_page_index).to.eql(1); }); - /* test that when paging properties produces no result, the total should reflect the actual number of endpoints + /* test that when paging properties produces no result, the total should reflect the actual number of metadata in the index. */ - it('endpoints api should return accurate total endpoints if page index produces no result', async () => { + it('metadata api should return accurate total metadata if page index produces no result', async () => { const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send({ paging_properties: [ @@ -85,9 +85,9 @@ export default function({ getService }: FtrProviderContext) { expect(body.request_page_index).to.eql(30); }); - it('endpoints api should return 400 when pagingProperties is below boundaries.', async () => { + it('metadata api should return 400 when pagingProperties is below boundaries.', async () => { const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send({ paging_properties: [ @@ -103,9 +103,9 @@ export default function({ getService }: FtrProviderContext) { expect(body.message).to.contain('Value is [0] but it must be equal to or greater than [1]'); }); - it('endpoints api should return page based on filters passed.', async () => { + it('metadata api should return page based on filters passed.', async () => { const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send({ filter: 'not host.ip:10.101.149.26' }) .expect(200); @@ -115,10 +115,10 @@ export default function({ getService }: FtrProviderContext) { expect(body.request_page_index).to.eql(0); }); - it('endpoints api should return page based on filters and paging passed.', async () => { + it('metadata api should return page based on filters and paging passed.', async () => { const notIncludedIp = '10.101.149.26'; const { body } = await supertest - .post('/api/endpoint/endpoints') + .post('/api/endpoint/metadata') .set('kbn-xsrf', 'xxx') .send({ paging_properties: [ @@ -142,6 +142,59 @@ export default function({ getService }: FtrProviderContext) { expect(body.request_page_size).to.eql(10); expect(body.request_page_index).to.eql(0); }); + + it('metadata api should return page based on host.os.variant filter.', async () => { + const variantValue = 'Windows Pro'; + const { body } = await supertest + .post('/api/endpoint/metadata') + .set('kbn-xsrf', 'xxx') + .send({ + filter: `host.os.variant.keyword:${variantValue}`, + }) + .expect(200); + expect(body.total).to.eql(2); + const resultOsVariantValue: Set = new Set( + body.endpoints.map((metadata: Record) => metadata.host.os.variant) + ); + expect(Array.from(resultOsVariantValue)).to.eql([variantValue]); + expect(body.endpoints.length).to.eql(2); + expect(body.request_page_size).to.eql(10); + expect(body.request_page_index).to.eql(0); + }); + + it('metadata api should return the latest event for all the events for an endpoint', async () => { + const targetEndpointIp = '10.192.213.130'; + const { body } = await supertest + .post('/api/endpoint/metadata') + .set('kbn-xsrf', 'xxx') + .send({ + filter: `host.ip:${targetEndpointIp}`, + }) + .expect(200); + expect(body.total).to.eql(1); + const resultIp: string = body.endpoints[0].host.ip.filter( + (ip: string) => ip === targetEndpointIp + ); + expect(resultIp).to.eql([targetEndpointIp]); + expect(body.endpoints[0].event.created).to.eql('2020-01-24T16:06:09.541Z'); + expect(body.endpoints.length).to.eql(1); + expect(body.request_page_size).to.eql(10); + expect(body.request_page_index).to.eql(0); + }); + + it('metadata api should return all endpoints when filter is empty string', async () => { + const { body } = await supertest + .post('/api/endpoint/metadata') + .set('kbn-xsrf', 'xxx') + .send({ + filter: '', + }) + .expect(200); + expect(body.total).to.eql(3); + expect(body.endpoints.length).to.eql(3); + expect(body.request_page_size).to.eql(10); + expect(body.request_page_index).to.eql(0); + }); }); }); } diff --git a/x-pack/test/functional/apps/endpoint/management.ts b/x-pack/test/functional/apps/endpoint/management.ts index bac87f34ceb82..500185182f0d8 100644 --- a/x-pack/test/functional/apps/endpoint/management.ts +++ b/x-pack/test/functional/apps/endpoint/management.ts @@ -15,7 +15,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { describe('Endpoint Management List', function() { this.tags('ciGroup7'); before(async () => { - await esArchiver.load('endpoint/endpoints/api_feature'); + await esArchiver.load('endpoint/metadata/api_feature'); await pageObjects.common.navigateToUrlWithBrowserHistory('endpoint', '/management'); }); @@ -41,7 +41,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { }); after(async () => { - await esArchiver.unload('endpoint/endpoints/api_feature'); + await esArchiver.unload('endpoint/metadata/api_feature'); }); }); }; diff --git a/x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/data.json b/x-pack/test/functional/es_archives/endpoint/metadata/api_feature/data.json similarity index 84% rename from x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/data.json rename to x-pack/test/functional/es_archives/endpoint/metadata/api_feature/data.json index b481d56df4d52..6a7911b5be61f 100644 --- a/x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/data.json +++ b/x-pack/test/functional/es_archives/endpoint/metadata/api_feature/data.json @@ -7,7 +7,8 @@ "@timestamp": 1579881969541, "agent": { "id": "963b081e-60d1-482c-befd-a5815fa8290f", - "version": "6.6.1" + "version": "6.6.1", + "name" : "Elastic Endpoint" }, "endpoint": { "policy": { @@ -33,7 +34,8 @@ "os": { "full": "Windows 10", "name": "windows 10.0", - "version": "10.0" + "version": "10.0", + "variant" : "Windows Pro" } } } @@ -49,7 +51,8 @@ "@timestamp": 1579881969541, "agent": { "id": "b3412d6f-b022-4448-8fee-21cc936ea86b", - "version": "6.0.0" + "version": "6.0.0", + "name" : "Elastic Endpoint" }, "endpoint": { "policy": { @@ -74,7 +77,8 @@ "os": { "full": "Windows Server 2016", "name": "windows 10.0", - "version": "10.0" + "version": "10.0", + "variant" : "Windows Server" } } } @@ -90,7 +94,8 @@ "@timestamp": 1579881969541, "agent": { "id": "3838df35-a095-4af4-8fce-0b6d78793f2e", - "version": "6.8.0" + "version": "6.8.0", + "name" : "Elastic Endpoint" }, "endpoint": { "policy": { @@ -105,7 +110,7 @@ "id": "fc0ff548-feba-41b6-8367-65e8790d0eaf", "ip": [ "10.101.149.26", - "10.12.85.216" + "2606:a000:ffc0:39:11ef:37b9:3371:578c" ], "mac": [ "e2-6d-f9-0-46-2e" @@ -113,7 +118,8 @@ "os": { "full": "Windows 10", "name": "windows 10.0", - "version": "10.0" + "version": "10.0", + "variant" : "Windows Pro" } } } @@ -129,7 +135,8 @@ "@timestamp": 1579878369541, "agent": { "id": "963b081e-60d1-482c-befd-a5815fa8290f", - "version": "6.6.1" + "version": "6.6.1", + "name" : "Elastic Endpoint" }, "endpoint": { "policy": { @@ -155,7 +162,8 @@ "os": { "full": "Windows Server 2016", "name": "windows 10.0", - "version": "10.0" + "version": "10.0", + "variant" : "Windows Server 2016" } } } @@ -171,7 +179,8 @@ "@timestamp": 1579878369541, "agent": { "id": "b3412d6f-b022-4448-8fee-21cc936ea86b", - "version": "6.0.0" + "version": "6.0.0", + "name" : "Elastic Endpoint" }, "endpoint": { "policy": { @@ -195,7 +204,8 @@ "os": { "full": "Windows Server 2012", "name": "windows 6.2", - "version": "6.2" + "version": "6.2", + "variant" : "Windows Server 2012" } } } @@ -211,7 +221,8 @@ "@timestamp": 1579878369541, "agent": { "id": "3838df35-a095-4af4-8fce-0b6d78793f2e", - "version": "6.8.0" + "version": "6.8.0", + "name" : "Elastic Endpoint" }, "endpoint": { "policy": { @@ -227,7 +238,7 @@ "id": "fc0ff548-feba-41b6-8367-65e8790d0eaf", "ip": [ "10.101.149.26", - "10.12.85.216" + "2606:a000:ffc0:39:11ef:37b9:3371:578c" ], "mac": [ "e2-6d-f9-0-46-2e" @@ -235,7 +246,8 @@ "os": { "full": "Windows Server 2012", "name": "windows 6.2", - "version": "6.2" + "version": "6.2", + "variant" : "Windows Server 2012" } } } @@ -251,7 +263,8 @@ "@timestamp": 1579874769541, "agent": { "id": "963b081e-60d1-482c-befd-a5815fa8290f", - "version": "6.6.1" + "version": "6.6.1", + "name" : "Elastic Endpoint" }, "endpoint": { "policy": { @@ -276,7 +289,8 @@ "os": { "full": "Windows Server 2012R2", "name": "windows 6.3", - "version": "6.3" + "version": "6.3", + "variant" : "Windows Server 2012 R2" } } } @@ -292,7 +306,8 @@ "@timestamp": 1579874769541, "agent": { "id": "b3412d6f-b022-4448-8fee-21cc936ea86b", - "version": "6.0.0" + "version": "6.0.0", + "name" : "Elastic Endpoint" }, "endpoint": { "policy": { @@ -316,7 +331,8 @@ "os": { "full": "Windows Server 2012R2", "name": "windows 6.3", - "version": "6.3" + "version": "6.3", + "variant" : "Windows Server 2012 R2" } } } @@ -332,7 +348,8 @@ "@timestamp": 1579874769541, "agent": { "id": "3838df35-a095-4af4-8fce-0b6d78793f2e", - "version": "6.8.0" + "version": "6.8.0", + "name" : "Elastic Endpoint" }, "endpoint": { "policy": { @@ -348,7 +365,7 @@ "id": "fc0ff548-feba-41b6-8367-65e8790d0eaf", "ip": [ "10.101.149.26", - "10.12.85.216" + "2606:a000:ffc0:39:11ef:37b9:3371:578c" ], "mac": [ "e2-6d-f9-0-46-2e" @@ -356,9 +373,10 @@ "os": { "full": "Windows Server 2012", "name": "windows 6.2", - "version": "6.2" + "version": "6.2", + "variant" : "Windows Server 2012" } } } } -} \ No newline at end of file +} diff --git a/x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/mappings.json b/x-pack/test/functional/es_archives/endpoint/metadata/api_feature/mappings.json similarity index 87% rename from x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/mappings.json rename to x-pack/test/functional/es_archives/endpoint/metadata/api_feature/mappings.json index 11766c12b8fff..d6647e62b0191 100644 --- a/x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/mappings.json +++ b/x-pack/test/functional/es_archives/endpoint/metadata/api_feature/mappings.json @@ -28,6 +28,15 @@ } }, "type": "text" + }, + "name": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" } } }, @@ -122,6 +131,15 @@ }, "type": "text" }, + "variant": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + }, "version": { "fields": { "keyword": { @@ -144,4 +162,4 @@ } } } -} \ No newline at end of file +}