-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Endpoint] Sample data generator CLI script #59952
Merged
Merged
Changes from all commits
Commits
Show all changes
22 commits
Select commit
Hold shift + click to select a range
e42ee12
start on cli
marshallmain 0bebe6a
make it work
marshallmain 614b975
cleanup
marshallmain a65fa34
remove failed attempt code
marshallmain 425ff62
update package and tsconfig
marshallmain 2dd9bcd
remove empty file
marshallmain 8df2995
generate resolver events from multiple endpoints
marshallmain 080bd5f
re-add child randomization
marshallmain 4ce88f0
align index names with real plugin
marshallmain 3f61e1b
remove duplication
marshallmain 1170303
better naming
marshallmain 5a840d5
add temporary mapping to sample data generator
marshallmain 4dab2ac
error handling, move tsconfig
marshallmain 692c362
add readme
marshallmain 84940c7
Update README.md
marshallmain 7809aa4
move mapping from common to scripts
marshallmain 56a65ac
make delete index option
marshallmain 9879a78
remove unnecessary map call
marshallmain f965e6b
Merge branch 'master' into generator-cli
elasticmachine b722e9f
fix import style
marshallmain cc8a890
Merge branch 'generator-cli' of github.com:marshallmain/kibana into g…
marshallmain 7c49bfe
Merge branch 'master' into generator-cli
elasticmachine File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
This script makes it easy to create the endpoint metadata, alert, and event documents needed to test Resolver in Kibana. | ||
The default behavior is to create 1 endpoint with 1 alert and a moderate number of events (random, typically on the order of 20). | ||
A seed value can be provided as a string for the random number generator for repeatable behavior, useful for demos etc. | ||
Use the `-d` option if you want to delete and remake the indices, otherwise it will add documents to existing indices. | ||
|
||
The sample data generator script depends on ts-node, install with npm: | ||
|
||
```npm install -g ts-node``` | ||
|
||
Example command sequence to get ES and kibana running with sample data after installing ts-node: | ||
|
||
```yarn es snapshot``` -> starts ES | ||
|
||
```npx yarn start --xpack.endpoint.enabled=true --no-base-path``` -> starts kibana | ||
|
||
```cd ~/path/to/kibana/x-pack/plugins/endpoint``` | ||
|
||
```yarn test:generate --auth elastic:changeme``` -> run the resolver_generator.ts script | ||
|
||
Resolver generator CLI options: | ||
```--help Show help [boolean] | ||
--seed, -s random seed to use for document generator [string] | ||
--node, -n elasticsearch node url | ||
[string] [default: "http://localhost:9200"] | ||
--eventIndex, --ei index to store events in | ||
[string] [default: "events-endpoint-1"] | ||
--metadataIndex, --mi index to store endpoint metadata in | ||
[string] [default: "endpoint-agent-1"] | ||
--auth elasticsearch username and password, separated by | ||
a colon [string] | ||
--ancestors, --anc number of ancestors of origin to create | ||
[number] [default: 3] | ||
--generations, --gen number of child generations to create | ||
[number] [default: 3] | ||
--children, --ch maximum number of children per node | ||
[number] [default: 3] | ||
--relatedEvents, --related number of related events to create for each | ||
process event [number] [default: 5] | ||
--percentWithRelated, --pr percent of process events to add related events to | ||
[number] [default: 30] | ||
--percentTerminated, --pt percent of process events to add termination event | ||
for [number] [default: 30] | ||
--numEndpoints, --ne number of different endpoints to generate alerts | ||
for [number] [default: 1] | ||
--alertsPerEndpoint, --ape number of resolver trees to make for each endpoint | ||
[number] [default: 1]``` | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. You have a markdown formatting issue here. The ``` appears in the readme. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
{ | ||
"extends": "../../../tsconfig.json", | ||
"compilerOptions": { | ||
"target": "es2019", | ||
"resolveJsonModule": true | ||
} | ||
} | ||
|
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could probably have the constructor call this function so the calls aren't duplicated.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea. The compiler complained that the class variables weren't definitely assigned when I called it as it was so I pulled the fields into a new structure. It's now returned by the private function below and assigned in this function and the constructor.