EMT-287: update schema with elastic agent id (#62252)

EMT-287: update schema with elastic agent id

x-pack/plugins/endpoint/common/generate_data.ts

@@ -83,6 +83,11 @@ const OTHER_EVENT_CATEGORIES: EventInfo[] = [
 ];
 
 interface HostInfo {
+  elastic: {
+    agent: {
+      id: string;
+    };
+  };
   agent: {
     version: string;
     id: string;
@@ -116,6 +121,11 @@ export class EndpointDocGenerator {
         version: this.randomVersion(),
         id: this.seededUUIDv4(),
       },
+      elastic: {
+        agent: {
+          id: this.seededUUIDv4(),
+        },
+      },
       host: {
         id: this.seededUUIDv4(),
         hostname: this.randomHostname(),

x-pack/plugins/endpoint/common/types.ts

@@ -257,6 +257,11 @@ export type HostMetadata = Immutable<{
   event: {
     created: number;
   };
+  elastic: {
+    agent: {
+      id: string;
+    };
+  };
   endpoint: {
     policy: {
       id: string;

x-pack/plugins/endpoint/server/test_data/all_metadata_data.json

@@ -23,6 +23,11 @@
           "event" : {
             "created" : "2020-01-23T21:56:55.336Z"
           },
+          "elastic": {
+            "agent": {
+              "id": "56a75650-3c8a-4e4f-ac17-6dd729c650e2"
+            }
+          },
           "endpoint" : {
             "policy" : {
               "id" : "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
@@ -73,6 +78,11 @@
                     "event" : {
                       "created" : "2020-01-23T21:56:55.336Z"
                     },
+                    "elastic": {
+                      "agent": {
+                        "id": "56a75650-3c8a-4e4f-ac17-6dd729c650e2"
+                      }
+                    },
                     "endpoint" : {
                       "policy" : {
                         "id" : "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
@@ -115,6 +125,11 @@
           "event" : {
             "created" : "2020-01-23T21:56:55.336Z"
           },
+          "elastic": {
+            "agent": {
+              "id": "c2d84d8f-d355-40de-8b54-5d318d4d1312"
+            }
+          },
           "endpoint" : {
             "policy" : {
               "id" : "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
@@ -165,6 +180,11 @@
                     "event" : {
                       "created" : "2020-01-23T21:56:55.336Z"
                     },
+                    "elastic": {
+                      "agent": {
+                        "id": "c2d84d8f-d355-40de-8b54-5d318d4d1312"
+                      }
+                    },
                     "endpoint" : {
                       "policy" : {
                         "id" : "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"

x-pack/test/api_integration/apis/endpoint/metadata.ts

@@ -192,6 +192,27 @@ export default function({ getService }: FtrProviderContext) {
         expect(body.request_page_index).to.eql(0);
       });
 
+      it('metadata api should return the endpoint based on the elastic agent id', async () => {
+        const targetEndpointId = 'fc0ff548-feba-41b6-8367-65e8790d0eaf';
+        const targetElasticAgentId = '023fa40c-411d-4188-a941-4147bfadd095';
+        const { body } = await supertest
+          .post('/api/endpoint/metadata')
+          .set('kbn-xsrf', 'xxx')
+          .send({
+            filter: `elastic.agent.id:${targetElasticAgentId}`,
+          })
+          .expect(200);
+        expect(body.total).to.eql(1);
+        const resultHostId: string = body.hosts[0].host.id;
+        const resultElasticAgentId: string = body.hosts[0].elastic.agent.id;
+        expect(resultHostId).to.eql(targetEndpointId);
+        expect(resultElasticAgentId).to.eql(targetElasticAgentId);
+        expect(body.hosts[0].event.created).to.eql(1579881969541);
+        expect(body.hosts.length).to.eql(1);
+        expect(body.request_page_size).to.eql(10);
+        expect(body.request_page_index).to.eql(0);
+      });
+
       it('metadata api should return all hosts when filter is empty string', async () => {
         const { body } = await supertest
           .post('/api/endpoint/metadata')

x-pack/test/functional/es_archives/endpoint/metadata/api_feature/data.json

@@ -10,6 +10,11 @@
         "version": "6.6.1",
         "name" : "Elastic Endpoint"
       },
+      "elastic": {
+        "agent": {
+          "id": "11488bae-880b-4e7b-8d28-aac2aa9de816"
+        }
+      },
       "endpoint": {
         "policy": {
           "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
@@ -54,6 +59,11 @@
         "version": "6.0.0",
         "name" : "Elastic Endpoint"
       },
+      "elastic": {
+        "agent": {
+          "id": "92ac1ce0-e1f7-409e-8af6-f17e97b1fc71"
+        }
+      },
       "endpoint": {
         "policy": {
           "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
@@ -97,6 +107,11 @@
         "version": "6.8.0",
         "name" : "Elastic Endpoint"
       },
+      "elastic": {
+        "agent": {
+          "id": "023fa40c-411d-4188-a941-4147bfadd095"
+        }
+      },
       "endpoint": {
         "policy": {
           "id": "00000000-0000-0000-0000-000000000000"
@@ -138,6 +153,11 @@
         "version": "6.6.1",
         "name" : "Elastic Endpoint"
       },
+      "elastic": {
+        "agent": {
+          "id": "11488bae-880b-4e7b-8d28-aac2aa9de816"
+        }
+      },
       "endpoint": {
         "policy": {
           "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
@@ -182,6 +202,11 @@
         "version": "6.0.0",
         "name" : "Elastic Endpoint"
       },
+      "elastic": {
+        "agent": {
+          "id": "92ac1ce0-e1f7-409e-8af6-f17e97b1fc71"
+        }
+      },
       "endpoint": {
         "policy": {
           "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
@@ -224,6 +249,11 @@
         "version": "6.8.0",
         "name" : "Elastic Endpoint"
       },
+      "elastic": {
+        "agent": {
+          "id": "023fa40c-411d-4188-a941-4147bfadd095"
+        }
+      },
       "endpoint": {
         "policy": {
           "id": "00000000-0000-0000-0000-000000000000"
@@ -266,6 +296,11 @@
         "version": "6.6.1",
         "name" : "Elastic Endpoint"
       },
+      "elastic": {
+        "agent": {
+          "id": "11488bae-880b-4e7b-8d28-aac2aa9de816"
+        }
+      },
       "endpoint": {
         "policy": {
           "id": "00000000-0000-0000-0000-000000000000"
@@ -309,6 +344,11 @@
         "version": "6.0.0",
         "name" : "Elastic Endpoint"
       },
+      "elastic": {
+        "agent": {
+          "id": "92ac1ce0-e1f7-409e-8af6-f17e97b1fc71"
+        }
+      },
       "endpoint": {
         "policy": {
           "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
@@ -351,6 +391,11 @@
         "version": "6.8.0",
         "name" : "Elastic Endpoint"
       },
+      "elastic": {
+        "agent": {
+          "id": "023fa40c-411d-4188-a941-4147bfadd095"
+        }
+      },
       "endpoint": {
         "policy": {
           "id": "00000000-0000-0000-0000-000000000000"
@@ -379,4 +424,4 @@
       }
     }
   }
-}
+}

x-pack/test/functional/es_archives/endpoint/metadata/api_feature/mappings.json

@@ -9,6 +9,23 @@
         "@timestamp": {
           "type": "long"
         },
+        "elastic": {
+          "properties": {
+            "agent": {
+              "properties": {
+                "id": {
+                  "fields": {
+                    "keyword": {
+                      "ignore_above": 256,
+                      "type": "keyword"
+                    }
+                  },
+                  "type": "text"
+                }
+              }
+            }
+          }
+        },
         "agent": {
           "properties": {
             "id": {
@@ -153,4 +170,4 @@
       }
     }
   }
-}
+}