Skip to content

Commit

Permalink
Migrates security solution usage collector es client from legacy to n…
Browse files Browse the repository at this point in the history
…ew (#86853)

Co-authored-by: Kibana Machine <[email protected]>
  • Loading branch information
TinaHeiligers and kibanamachine committed Jan 4, 2021
1 parent f5b0ac1 commit e76c19b
Show file tree
Hide file tree
Showing 4 changed files with 38 additions and 34 deletions.
4 changes: 2 additions & 2 deletions x-pack/plugins/security_solution/server/usage/collector.ts
Original file line number Diff line number Diff line change
Expand Up @@ -78,12 +78,12 @@ export const registerCollector: RegisterCollector = ({
},
},
isReady: () => kibanaIndex.length > 0,
fetch: async ({ callCluster }: CollectorFetchContext): Promise<UsageData> => {
fetch: async ({ esClient }: CollectorFetchContext): Promise<UsageData> => {
const savedObjectsClient = await getInternalSavedObjectsClient(core);
const [detections, endpoints] = await Promise.allSettled([
fetchDetectionsUsage(
kibanaIndex,
callCluster,
esClient,
ml,
(savedObjectsClient as unknown) as SavedObjectsClientContract
),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/

import { LegacyAPICaller, SavedObjectsClientContract } from '../../../../../../src/core/server';
import { ElasticsearchClient, SavedObjectsClientContract } from '../../../../../../src/core/server';
import { elasticsearchServiceMock } from '../../../../../../src/core/server/mocks';
import { mlServicesMock } from '../../lib/machine_learning/mocks';
import {
Expand All @@ -16,22 +16,17 @@ import { fetchDetectionsUsage } from './index';

describe('Detections Usage', () => {
describe('fetchDetectionsUsage()', () => {
let callClusterMock: jest.Mocked<LegacyAPICaller>;
let esClientMock: jest.Mocked<ElasticsearchClient>;
let savedObjectsClientMock: jest.Mocked<SavedObjectsClientContract>;
let mlMock: ReturnType<typeof mlServicesMock.create>;

beforeEach(() => {
callClusterMock = elasticsearchServiceMock.createLegacyClusterClient().callAsInternalUser;
esClientMock = elasticsearchServiceMock.createClusterClient().asInternalUser;
mlMock = mlServicesMock.create();
});

it('returns zeroed counts if both calls are empty', async () => {
const result = await fetchDetectionsUsage(
'',
callClusterMock,
mlMock,
savedObjectsClientMock
);
const result = await fetchDetectionsUsage('', esClientMock, mlMock, savedObjectsClientMock);

expect(result).toEqual({
detection_rules: {
Expand All @@ -58,13 +53,9 @@ describe('Detections Usage', () => {
});

it('tallies rules data given rules results', async () => {
(callClusterMock as jest.Mock).mockResolvedValue(getMockRulesResponse());
const result = await fetchDetectionsUsage(
'',
callClusterMock,
mlMock,
savedObjectsClientMock
);
(esClientMock.search as jest.Mock).mockResolvedValue({ body: getMockRulesResponse() });

const result = await fetchDetectionsUsage('', esClientMock, mlMock, savedObjectsClientMock);

expect(result).toEqual(
expect.objectContaining({
Expand Down Expand Up @@ -92,12 +83,7 @@ describe('Detections Usage', () => {
jobsSummary: mockJobSummary,
});

const result = await fetchDetectionsUsage(
'',
callClusterMock,
mlMock,
savedObjectsClientMock
);
const result = await fetchDetectionsUsage('', esClientMock, mlMock, savedObjectsClientMock);

expect(result).toEqual(
expect.objectContaining({
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,11 @@
* you may not use this file except in compliance with the Elastic License.
*/

import { SearchParams } from 'elasticsearch';

import {
LegacyAPICaller,
ElasticsearchClient,
SavedObjectsClientContract,
KibanaRequest,
SearchResponse,
} from '../../../../../../src/core/server';
import { MlPluginSetup } from '../../../../ml/server';
import { SIGNALS_ID, INTERNAL_IMMUTABLE_KEY } from '../../../common/constants';
Expand All @@ -22,6 +21,26 @@ interface DetectionsMetric {
isEnabled: boolean;
}

interface RuleSearchBody {
query: {
bool: {
filter: {
term: { [key: string]: string };
};
};
};
}
interface RuleSearchParams {
body: RuleSearchBody;
filterPath: string[];
ignoreUnavailable: boolean;
index: string;
size: number;
}
interface RuleSearchResult {
alert: { enabled: boolean; tags: string[] };
}

const isElasticRule = (tags: string[]) => tags.includes(`${INTERNAL_IMMUTABLE_KEY}:true`);

/**
Expand Down Expand Up @@ -135,10 +154,10 @@ const updateMlJobsUsage = (jobMetric: DetectionsMetric, usage: MlJobsUsage): MlJ

export const getRulesUsage = async (
index: string,
callCluster: LegacyAPICaller
esClient: ElasticsearchClient
): Promise<DetectionRulesUsage> => {
let rulesUsage: DetectionRulesUsage = initialRulesUsage;
const ruleSearchOptions: SearchParams = {
const ruleSearchOptions: RuleSearchParams = {
body: { query: { bool: { filter: { term: { 'alert.alertTypeId': SIGNALS_ID } } } } },
filterPath: ['hits.hits._source.alert.enabled', 'hits.hits._source.alert.tags'],
ignoreUnavailable: true,
Expand All @@ -147,8 +166,7 @@ export const getRulesUsage = async (
};

try {
const ruleResults = await callCluster<{ alert: { enabled: boolean; tags: string[] } }>(
'search',
const { body: ruleResults } = await esClient.search<SearchResponse<RuleSearchResult>>(
ruleSearchOptions
);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/

import { LegacyAPICaller, SavedObjectsClientContract } from '../../../../../../src/core/server';
import { ElasticsearchClient, SavedObjectsClientContract } from '../../../../../../src/core/server';
import {
getMlJobsUsage,
getRulesUsage,
Expand Down Expand Up @@ -40,12 +40,12 @@ export const defaultDetectionsUsage = {

export const fetchDetectionsUsage = async (
kibanaIndex: string,
callCluster: LegacyAPICaller,
esClient: ElasticsearchClient,
ml: MlPluginSetup | undefined,
savedObjectClient: SavedObjectsClientContract
): Promise<DetectionsUsage> => {
const [rulesUsage, mlJobsUsage] = await Promise.allSettled([
getRulesUsage(kibanaIndex, callCluster),
getRulesUsage(kibanaIndex, esClient),
getMlJobsUsage(ml, savedObjectClient),
]);

Expand Down

0 comments on commit e76c19b

Please sign in to comment.