[Security Solution] Fixes multi-line diff algorithm performance in the upgrade/_review endpoint
#199388
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dplumlee
added
bug
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
xcrzx
reviewed
Nov 8, 2024
..._engine/prebuilt_rules/logic/diff/calculation/algorithms/multi_line_string_diff_algorithm.ts
Outdated
Show resolved
Hide resolved
...ne/prebuilt_rules/logic/diff/calculation/algorithms/multi_line_string_diff_algorithm.test.ts
Outdated
Show resolved
Hide resolved
xcrzx
approved these changes
Nov 11, 2024
There was a problem hiding this comment.
I tested the fix locally, no performance issues spotted 👍
I also checked the behavior of the merger. Changing the separator to a newline character doesn't seem to affect its output in any way. I tested several outcomes, both with and without conflicts, and the results looked good.
banderror
added
the
impact:critical
|
@elasticmachine merge upstream |
|
Pushed a new commit with some refactoring of the tests which includes:
|
banderror
approved these changes
Nov 13, 2024
There was a problem hiding this comment.
Closely reviewed the changes and refactored the tests a bit to improve readability. This test coverage looks pretty solid to me and I also trust the manual testing done by @xcrzx, so I'll skip it.
Thank you @dplumlee, let's merge if/when it passes CI 🚀
|
Starting backport for target branches: 8.16, 8.x https://github.com/elastic/kibana/actions/runs/11825693151 |
💚 Build Succeeded
Metrics [docs]
History
cc @dplumlee |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Nov 13, 2024
…e `upgrade/_review` endpoint (elastic#199388) **Fixes elastic#199290 ## Summary The current multi-line string algorithm uses a very inefficient regex to split and analyze string fields, and exponentially increases in time complexity when the strings are long. This PR substitutes a much simpler comparison regex for far better efficiency as shown in the table below. ### Performance between different regex options using sample prebuilt rule setup guide string | | `/(\S+\|\s+)/g` (original) | `/(\s+)/g` | `/(\n)/g` | `/(\r\n\|\n\|\r)/g` | |-----------------------|---------------|----------|---------|-------------------| | Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` | | FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` | | FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | | ### Performance between different regex options using intentionally long strings (25k characters) | | `/(\S+\|\s+)/g` | `/(\r\n\|\n\|\r)/g` | |----------------------|-----------------------|---------------------| | Unit test speed | `1049414ms` (17 min) | `58ms` | | FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` | ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels) - [ ] This will appear in the **Release Notes** and follow the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Georgii Gorbachev <[email protected]> (cherry picked from commit 4f6d357)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Nov 13, 2024
…e `upgrade/_review` endpoint (elastic#199388) **Fixes elastic#199290 ## Summary The current multi-line string algorithm uses a very inefficient regex to split and analyze string fields, and exponentially increases in time complexity when the strings are long. This PR substitutes a much simpler comparison regex for far better efficiency as shown in the table below. ### Performance between different regex options using sample prebuilt rule setup guide string | | `/(\S+\|\s+)/g` (original) | `/(\s+)/g` | `/(\n)/g` | `/(\r\n\|\n\|\r)/g` | |-----------------------|---------------|----------|---------|-------------------| | Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` | | FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` | | FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | | ### Performance between different regex options using intentionally long strings (25k characters) | | `/(\S+\|\s+)/g` | `/(\r\n\|\n\|\r)/g` | |----------------------|-----------------------|---------------------| | Unit test speed | `1049414ms` (17 min) | `58ms` | | FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` | ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels) - [ ] This will appear in the **Release Notes** and follow the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Georgii Gorbachev <[email protected]> (cherry picked from commit 4f6d357)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Nov 13, 2024
… in the `upgrade/_review` endpoint (#199388) (#200096) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint (#199388)](#199388) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Davis Plumlee","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-13T20:59:15Z","message":"[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint (#199388)\n\n**Fixes https://github.com/elastic/kibana/issues/199290**\r\n\r\n## Summary\r\n\r\nThe current multi-line string algorithm uses a very inefficient regex to\r\nsplit and analyze string fields, and exponentially increases in time\r\ncomplexity when the strings are long. This PR substitutes a much simpler\r\ncomparison regex for far better efficiency as shown in the table below.\r\n\r\n### Performance between different regex options using sample prebuilt\r\nrule setup guide string\r\n\r\n| | `/(\\S+\\|\\s+)/g` (original) | `/(\\s+)/g` | `/(\\n)/g` |\r\n`/(\\r\\n\\|\\n\\|\\r)/g` |\r\n\r\n|-----------------------|---------------|----------|---------|-------------------|\r\n| Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` |\r\n| FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` |\r\n| FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | |\r\n\r\n\r\n### Performance between different regex options using intentionally long\r\nstrings (25k characters)\r\n\r\n| | `/(\\S+\\|\\s+)/g` | `/(\\r\\n\\|\\n\\|\\r)/g` |\r\n|----------------------|-----------------------|---------------------|\r\n| Unit test speed | `1049414ms` (17 min) | `58ms` |\r\n| FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` |\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <[email protected]>\r\nCo-authored-by: Georgii Gorbachev <[email protected]>","sha":"4f6d3570c59d30951368f601b2b59ab3b7a1ae4c","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","impact:critical","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v8.17.0","v8.16.1"],"title":"[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint","number":199388,"url":"https://github.com/elastic/kibana/pull/199388","mergeCommit":{"message":"[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint (#199388)\n\n**Fixes https://github.com/elastic/kibana/issues/199290**\r\n\r\n## Summary\r\n\r\nThe current multi-line string algorithm uses a very inefficient regex to\r\nsplit and analyze string fields, and exponentially increases in time\r\ncomplexity when the strings are long. This PR substitutes a much simpler\r\ncomparison regex for far better efficiency as shown in the table below.\r\n\r\n### Performance between different regex options using sample prebuilt\r\nrule setup guide string\r\n\r\n| | `/(\\S+\\|\\s+)/g` (original) | `/(\\s+)/g` | `/(\\n)/g` |\r\n`/(\\r\\n\\|\\n\\|\\r)/g` |\r\n\r\n|-----------------------|---------------|----------|---------|-------------------|\r\n| Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` |\r\n| FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` |\r\n| FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | |\r\n\r\n\r\n### Performance between different regex options using intentionally long\r\nstrings (25k characters)\r\n\r\n| | `/(\\S+\\|\\s+)/g` | `/(\\r\\n\\|\\n\\|\\r)/g` |\r\n|----------------------|-----------------------|---------------------|\r\n| Unit test speed | `1049414ms` (17 min) | `58ms` |\r\n| FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` |\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <[email protected]>\r\nCo-authored-by: Georgii Gorbachev <[email protected]>","sha":"4f6d3570c59d30951368f601b2b59ab3b7a1ae4c"}},"sourceBranch":"main","suggestedTargetBranches":["8.x","8.16"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199388","number":199388,"mergeCommit":{"message":"[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint (#199388)\n\n**Fixes https://github.com/elastic/kibana/issues/199290**\r\n\r\n## Summary\r\n\r\nThe current multi-line string algorithm uses a very inefficient regex to\r\nsplit and analyze string fields, and exponentially increases in time\r\ncomplexity when the strings are long. This PR substitutes a much simpler\r\ncomparison regex for far better efficiency as shown in the table below.\r\n\r\n### Performance between different regex options using sample prebuilt\r\nrule setup guide string\r\n\r\n| | `/(\\S+\\|\\s+)/g` (original) | `/(\\s+)/g` | `/(\\n)/g` |\r\n`/(\\r\\n\\|\\n\\|\\r)/g` |\r\n\r\n|-----------------------|---------------|----------|---------|-------------------|\r\n| Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` |\r\n| FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` |\r\n| FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | |\r\n\r\n\r\n### Performance between different regex options using intentionally long\r\nstrings (25k characters)\r\n\r\n| | `/(\\S+\\|\\s+)/g` | `/(\\r\\n\\|\\n\\|\\r)/g` |\r\n|----------------------|-----------------------|---------------------|\r\n| Unit test speed | `1049414ms` (17 min) | `58ms` |\r\n| FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` |\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <[email protected]>\r\nCo-authored-by: Georgii Gorbachev <[email protected]>","sha":"4f6d3570c59d30951368f601b2b59ab3b7a1ae4c"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.16","label":"v8.16.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Davis Plumlee <[email protected]>
kibanamachine
added a commit
that referenced
this pull request
Nov 13, 2024
…e in the `upgrade/_review` endpoint (#199388) (#200095) # Backport This will backport the following commits from `main` to `8.16`: - [[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint (#199388)](#199388) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Davis Plumlee","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-13T20:59:15Z","message":"[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint (#199388)\n\n**Fixes https://github.com/elastic/kibana/issues/199290**\r\n\r\n## Summary\r\n\r\nThe current multi-line string algorithm uses a very inefficient regex to\r\nsplit and analyze string fields, and exponentially increases in time\r\ncomplexity when the strings are long. This PR substitutes a much simpler\r\ncomparison regex for far better efficiency as shown in the table below.\r\n\r\n### Performance between different regex options using sample prebuilt\r\nrule setup guide string\r\n\r\n| | `/(\\S+\\|\\s+)/g` (original) | `/(\\s+)/g` | `/(\\n)/g` |\r\n`/(\\r\\n\\|\\n\\|\\r)/g` |\r\n\r\n|-----------------------|---------------|----------|---------|-------------------|\r\n| Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` |\r\n| FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` |\r\n| FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | |\r\n\r\n\r\n### Performance between different regex options using intentionally long\r\nstrings (25k characters)\r\n\r\n| | `/(\\S+\\|\\s+)/g` | `/(\\r\\n\\|\\n\\|\\r)/g` |\r\n|----------------------|-----------------------|---------------------|\r\n| Unit test speed | `1049414ms` (17 min) | `58ms` |\r\n| FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` |\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <[email protected]>\r\nCo-authored-by: Georgii Gorbachev <[email protected]>","sha":"4f6d3570c59d30951368f601b2b59ab3b7a1ae4c","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","impact:critical","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v8.17.0","v8.16.1"],"title":"[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint","number":199388,"url":"https://github.com/elastic/kibana/pull/199388","mergeCommit":{"message":"[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint (#199388)\n\n**Fixes https://github.com/elastic/kibana/issues/199290**\r\n\r\n## Summary\r\n\r\nThe current multi-line string algorithm uses a very inefficient regex to\r\nsplit and analyze string fields, and exponentially increases in time\r\ncomplexity when the strings are long. This PR substitutes a much simpler\r\ncomparison regex for far better efficiency as shown in the table below.\r\n\r\n### Performance between different regex options using sample prebuilt\r\nrule setup guide string\r\n\r\n| | `/(\\S+\\|\\s+)/g` (original) | `/(\\s+)/g` | `/(\\n)/g` |\r\n`/(\\r\\n\\|\\n\\|\\r)/g` |\r\n\r\n|-----------------------|---------------|----------|---------|-------------------|\r\n| Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` |\r\n| FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` |\r\n| FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | |\r\n\r\n\r\n### Performance between different regex options using intentionally long\r\nstrings (25k characters)\r\n\r\n| | `/(\\S+\\|\\s+)/g` | `/(\\r\\n\\|\\n\\|\\r)/g` |\r\n|----------------------|-----------------------|---------------------|\r\n| Unit test speed | `1049414ms` (17 min) | `58ms` |\r\n| FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` |\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <[email protected]>\r\nCo-authored-by: Georgii Gorbachev <[email protected]>","sha":"4f6d3570c59d30951368f601b2b59ab3b7a1ae4c"}},"sourceBranch":"main","suggestedTargetBranches":["8.x","8.16"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199388","number":199388,"mergeCommit":{"message":"[Security Solution] Fixes multi-line diff algorithm performance in the `upgrade/_review` endpoint (#199388)\n\n**Fixes https://github.com/elastic/kibana/issues/199290**\r\n\r\n## Summary\r\n\r\nThe current multi-line string algorithm uses a very inefficient regex to\r\nsplit and analyze string fields, and exponentially increases in time\r\ncomplexity when the strings are long. This PR substitutes a much simpler\r\ncomparison regex for far better efficiency as shown in the table below.\r\n\r\n### Performance between different regex options using sample prebuilt\r\nrule setup guide string\r\n\r\n| | `/(\\S+\\|\\s+)/g` (original) | `/(\\s+)/g` | `/(\\n)/g` |\r\n`/(\\r\\n\\|\\n\\|\\r)/g` |\r\n\r\n|-----------------------|---------------|----------|---------|-------------------|\r\n| Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` |\r\n| FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` |\r\n| FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | |\r\n\r\n\r\n### Performance between different regex options using intentionally long\r\nstrings (25k characters)\r\n\r\n| | `/(\\S+\\|\\s+)/g` | `/(\\r\\n\\|\\n\\|\\r)/g` |\r\n|----------------------|-----------------------|---------------------|\r\n| Unit test speed | `1049414ms` (17 min) | `58ms` |\r\n| FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` |\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <[email protected]>\r\nCo-authored-by: Georgii Gorbachev <[email protected]>","sha":"4f6d3570c59d30951368f601b2b59ab3b7a1ae4c"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.16","label":"v8.16.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Davis Plumlee <[email protected]>
CAWilson94
pushed a commit
to CAWilson94/kibana
that referenced
this pull request
Nov 18, 2024
…e `upgrade/_review` endpoint (elastic#199388) **Fixes elastic#199290 ## Summary The current multi-line string algorithm uses a very inefficient regex to split and analyze string fields, and exponentially increases in time complexity when the strings are long. This PR substitutes a much simpler comparison regex for far better efficiency as shown in the table below. ### Performance between different regex options using sample prebuilt rule setup guide string | | `/(\S+\|\s+)/g` (original) | `/(\s+)/g` | `/(\n)/g` | `/(\r\n\|\n\|\r)/g` | |-----------------------|---------------|----------|---------|-------------------| | Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` | | FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` | | FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | | ### Performance between different regex options using intentionally long strings (25k characters) | | `/(\S+\|\s+)/g` | `/(\r\n\|\n\|\r)/g` | |----------------------|-----------------------|---------------------| | Unit test speed | `1049414ms` (17 min) | `58ms` | | FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` | ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels) - [ ] This will appear in the **Release Notes** and follow the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Georgii Gorbachev <[email protected]>
CAWilson94
pushed a commit
to CAWilson94/kibana
that referenced
this pull request
Nov 18, 2024
…e `upgrade/_review` endpoint (elastic#199388) **Fixes elastic#199290 ## Summary The current multi-line string algorithm uses a very inefficient regex to split and analyze string fields, and exponentially increases in time complexity when the strings are long. This PR substitutes a much simpler comparison regex for far better efficiency as shown in the table below. ### Performance between different regex options using sample prebuilt rule setup guide string | | `/(\S+\|\s+)/g` (original) | `/(\s+)/g` | `/(\n)/g` | `/(\r\n\|\n\|\r)/g` | |-----------------------|---------------|----------|---------|-------------------| | Unit test speed | `986ms` | `96ms` | `1ms` | `2ms` | | FTR test with 1 rule | `3.0s` | `2.8s` | `2.0s` | `2.0s` | | FTR test with 5 rules | `11.6s` | `6.8s` | `6.1s` | | ### Performance between different regex options using intentionally long strings (25k characters) | | `/(\S+\|\s+)/g` | `/(\r\n\|\n\|\r)/g` | |----------------------|-----------------------|---------------------| | Unit test speed | `1049414ms` (17 min) | `58ms` | | FTR test with 1 rule | `>360000ms` (Timeout) | `2.1 s` | ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels) - [ ] This will appear in the **Release Notes** and follow the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Georgii Gorbachev <[email protected]>
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Nov 20, 2024
…tic#201019) **Fixes: elastic#201014 **Related to:** elastic#199388 ## Summary This PR increases the threshold (time limit) value for the test by 2x from 500 ms to 1000 ms. Hope it should be enough to eliminate flakiness on CI. (cherry picked from commit c9e7820)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Nov 20, 2024
…tic#201019) **Fixes: elastic#201014 **Related to:** elastic#199388 ## Summary This PR increases the threshold (time limit) value for the test by 2x from 500 ms to 1000 ms. Hope it should be enough to eliminate flakiness on CI. (cherry picked from commit c9e7820)
TattdCodeMonkey
pushed a commit
to TattdCodeMonkey/kibana
that referenced
this pull request
Nov 21, 2024
…tic#201019) **Fixes: elastic#201014 **Related to:** elastic#199388 ## Summary This PR increases the threshold (time limit) value for the test by 2x from 500 ms to 1000 ms. Hope it should be enough to eliminate flakiness on CI.
paulinashakirova
pushed a commit
to paulinashakirova/kibana
that referenced
this pull request
Nov 26, 2024
…tic#201019) **Fixes: elastic#201014 **Related to:** elastic#199388 ## Summary This PR increases the threshold (time limit) value for the test by 2x from 500 ms to 1000 ms. Hope it should be enough to eliminate flakiness on CI.
CAWilson94
pushed a commit
to CAWilson94/kibana
that referenced
this pull request
Dec 12, 2024
…tic#201019) **Fixes: elastic#201014 **Related to:** elastic#199388 ## Summary This PR increases the threshold (time limit) value for the test by 2x from 500 ms to 1000 ms. Hope it should be enough to eliminate flakiness on CI.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #199290
Summary
The current multi-line string algorithm uses a very inefficient regex to split and analyze string fields, and exponentially increases in time complexity when the strings are long. This PR substitutes a much simpler comparison regex for far better efficiency as shown in the table below.
Performance between different regex options using sample prebuilt rule setup guide string
/(\S+|\s+)/g(original)/(\s+)/g/(\n)/g/(\r\n|\n|\r)/g986ms96ms1ms2ms3.0s2.8s2.0s2.0s11.6s6.8s6.1sPerformance between different regex options using intentionally long strings (25k characters)
/(\S+|\s+)/g/(\r\n|\n|\r)/g1049414ms(17 min)58ms>360000ms(Timeout)2.1 sChecklist
Delete any items that are not applicable to this PR.
For maintainers