From e76c19b0316a85915c0355e0eb3c8106317384ad Mon Sep 17 00:00:00 2001 From: "Christiane (Tina) Heiligers" Date: Mon, 4 Jan 2021 14:17:56 -0700 Subject: [PATCH] Migrates security solution usage collector es client from legacy to new (#86853) Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../server/usage/collector.ts | 4 +-- .../usage/detections/detections.test.ts | 30 +++++------------ .../usage/detections/detections_helpers.ts | 32 +++++++++++++++---- .../server/usage/detections/index.ts | 6 ++-- 4 files changed, 38 insertions(+), 34 deletions(-) diff --git a/x-pack/plugins/security_solution/server/usage/collector.ts b/x-pack/plugins/security_solution/server/usage/collector.ts index f4c5462267920..0d44ab42d8044 100644 --- a/x-pack/plugins/security_solution/server/usage/collector.ts +++ b/x-pack/plugins/security_solution/server/usage/collector.ts @@ -78,12 +78,12 @@ export const registerCollector: RegisterCollector = ({ }, }, isReady: () => kibanaIndex.length > 0, - fetch: async ({ callCluster }: CollectorFetchContext): Promise => { + fetch: async ({ esClient }: CollectorFetchContext): Promise => { const savedObjectsClient = await getInternalSavedObjectsClient(core); const [detections, endpoints] = await Promise.allSettled([ fetchDetectionsUsage( kibanaIndex, - callCluster, + esClient, ml, (savedObjectsClient as unknown) as SavedObjectsClientContract ), diff --git a/x-pack/plugins/security_solution/server/usage/detections/detections.test.ts b/x-pack/plugins/security_solution/server/usage/detections/detections.test.ts index 0d2d610c53cdc..f60f863414b2f 100644 --- a/x-pack/plugins/security_solution/server/usage/detections/detections.test.ts +++ b/x-pack/plugins/security_solution/server/usage/detections/detections.test.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { LegacyAPICaller, SavedObjectsClientContract } from '../../../../../../src/core/server'; +import { ElasticsearchClient, SavedObjectsClientContract } from '../../../../../../src/core/server'; import { elasticsearchServiceMock } from '../../../../../../src/core/server/mocks'; import { mlServicesMock } from '../../lib/machine_learning/mocks'; import { @@ -16,22 +16,17 @@ import { fetchDetectionsUsage } from './index'; describe('Detections Usage', () => { describe('fetchDetectionsUsage()', () => { - let callClusterMock: jest.Mocked; + let esClientMock: jest.Mocked; let savedObjectsClientMock: jest.Mocked; let mlMock: ReturnType; beforeEach(() => { - callClusterMock = elasticsearchServiceMock.createLegacyClusterClient().callAsInternalUser; + esClientMock = elasticsearchServiceMock.createClusterClient().asInternalUser; mlMock = mlServicesMock.create(); }); it('returns zeroed counts if both calls are empty', async () => { - const result = await fetchDetectionsUsage( - '', - callClusterMock, - mlMock, - savedObjectsClientMock - ); + const result = await fetchDetectionsUsage('', esClientMock, mlMock, savedObjectsClientMock); expect(result).toEqual({ detection_rules: { @@ -58,13 +53,9 @@ describe('Detections Usage', () => { }); it('tallies rules data given rules results', async () => { - (callClusterMock as jest.Mock).mockResolvedValue(getMockRulesResponse()); - const result = await fetchDetectionsUsage( - '', - callClusterMock, - mlMock, - savedObjectsClientMock - ); + (esClientMock.search as jest.Mock).mockResolvedValue({ body: getMockRulesResponse() }); + + const result = await fetchDetectionsUsage('', esClientMock, mlMock, savedObjectsClientMock); expect(result).toEqual( expect.objectContaining({ @@ -92,12 +83,7 @@ describe('Detections Usage', () => { jobsSummary: mockJobSummary, }); - const result = await fetchDetectionsUsage( - '', - callClusterMock, - mlMock, - savedObjectsClientMock - ); + const result = await fetchDetectionsUsage('', esClientMock, mlMock, savedObjectsClientMock); expect(result).toEqual( expect.objectContaining({ diff --git a/x-pack/plugins/security_solution/server/usage/detections/detections_helpers.ts b/x-pack/plugins/security_solution/server/usage/detections/detections_helpers.ts index 1a0e821ba47bc..804ea878108f3 100644 --- a/x-pack/plugins/security_solution/server/usage/detections/detections_helpers.ts +++ b/x-pack/plugins/security_solution/server/usage/detections/detections_helpers.ts @@ -4,12 +4,11 @@ * you may not use this file except in compliance with the Elastic License. */ -import { SearchParams } from 'elasticsearch'; - import { - LegacyAPICaller, + ElasticsearchClient, SavedObjectsClientContract, KibanaRequest, + SearchResponse, } from '../../../../../../src/core/server'; import { MlPluginSetup } from '../../../../ml/server'; import { SIGNALS_ID, INTERNAL_IMMUTABLE_KEY } from '../../../common/constants'; @@ -22,6 +21,26 @@ interface DetectionsMetric { isEnabled: boolean; } +interface RuleSearchBody { + query: { + bool: { + filter: { + term: { [key: string]: string }; + }; + }; + }; +} +interface RuleSearchParams { + body: RuleSearchBody; + filterPath: string[]; + ignoreUnavailable: boolean; + index: string; + size: number; +} +interface RuleSearchResult { + alert: { enabled: boolean; tags: string[] }; +} + const isElasticRule = (tags: string[]) => tags.includes(`${INTERNAL_IMMUTABLE_KEY}:true`); /** @@ -135,10 +154,10 @@ const updateMlJobsUsage = (jobMetric: DetectionsMetric, usage: MlJobsUsage): MlJ export const getRulesUsage = async ( index: string, - callCluster: LegacyAPICaller + esClient: ElasticsearchClient ): Promise => { let rulesUsage: DetectionRulesUsage = initialRulesUsage; - const ruleSearchOptions: SearchParams = { + const ruleSearchOptions: RuleSearchParams = { body: { query: { bool: { filter: { term: { 'alert.alertTypeId': SIGNALS_ID } } } } }, filterPath: ['hits.hits._source.alert.enabled', 'hits.hits._source.alert.tags'], ignoreUnavailable: true, @@ -147,8 +166,7 @@ export const getRulesUsage = async ( }; try { - const ruleResults = await callCluster<{ alert: { enabled: boolean; tags: string[] } }>( - 'search', + const { body: ruleResults } = await esClient.search>( ruleSearchOptions ); diff --git a/x-pack/plugins/security_solution/server/usage/detections/index.ts b/x-pack/plugins/security_solution/server/usage/detections/index.ts index 1f43d3186f2fd..63e28f3c66009 100644 --- a/x-pack/plugins/security_solution/server/usage/detections/index.ts +++ b/x-pack/plugins/security_solution/server/usage/detections/index.ts @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { LegacyAPICaller, SavedObjectsClientContract } from '../../../../../../src/core/server'; +import { ElasticsearchClient, SavedObjectsClientContract } from '../../../../../../src/core/server'; import { getMlJobsUsage, getRulesUsage, @@ -40,12 +40,12 @@ export const defaultDetectionsUsage = { export const fetchDetectionsUsage = async ( kibanaIndex: string, - callCluster: LegacyAPICaller, + esClient: ElasticsearchClient, ml: MlPluginSetup | undefined, savedObjectClient: SavedObjectsClientContract ): Promise => { const [rulesUsage, mlJobsUsage] = await Promise.allSettled([ - getRulesUsage(kibanaIndex, callCluster), + getRulesUsage(kibanaIndex, esClient), getMlJobsUsage(ml, savedObjectClient), ]);