-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Endpoint]: Use common event model for determining if event is v0 or v1 #60667
[Endpoint]: Use common event model for determining if event is v0 or v1 #60667
Conversation
Pinging @elastic/endpoint-data-visibility-team (Team:Endpoint Data Visibility) |
Pinging @elastic/endpoint-app-team (Feature:Endpoint) |
|
||
export function extractEventID(event: ResolverEvent) { | ||
if (isLegacyData(event)) { | ||
if (isLegacyEvent(event)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
classic Resolver switcheroo 👍
💚 Build SucceededTo update your PR or re-run it, just comment with: |
…o alerting/tls-warning * 'alerting/tls-warning' of github.com:gmmorris/kibana: (32 commits) [ML] Listing all categorization wizard checks (elastic#60502) [Upgrade Assistant] First iteration of batch reindex docs (elastic#59887) [SIEM] Export timeline (elastic#58368) [SIEM] Add support for actions and throttle in Rules (elastic#59641) Fix ace a11y listener (elastic#60639) Add addInfo toast to core notifications service (elastic#60574) fix test description (elastic#60638) [SIEM] Cypress screenshots upload to google cloud (elastic#60556) [canvas/shareable_runtime] sync sass loaders with kbn/optimizer (elastic#60653) [SIEM] Fixes Modification of ML Rules (elastic#60662) [SIEM] [Case] Bulk status update, add comment avatar, id => title in breadcrumbs (elastic#60410) [Alerting] add functional tests for index threshold alertType (elastic#60597) [Ingest]EMT-248: add post action request handler and resources (elastic#60581) Return incident's url (elastic#60617) [Endpoint] TEST: GET alert details - boundary test for first alert retrieval (elastic#60320) [ML] Transforms: Fix pivot preview table mapping. (elastic#60609) [Endpoint] Log random seed for sample data CLI to console (elastic#60646) Use common event model for determining if event is v0 or v1 (elastic#60667) Disables PR Project Assigner workflow [Reporting] Allow reports to be deleted in Management > Kibana > Reporting (elastic#60077) ...
Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync. |
Summary
The resolver api was using a method for differentiating between v0 and v1 events that was not correct, which caused the api to 500 when a resolver tree had children. This changes the api to use the common event model, which makes the api function correctly.
Checklist