[Endpoint]: Use common event model for determining if event is v0 or v1 #60667
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kqualters-elastic
added
release_note:skip
|
Pinging @elastic/endpoint-data-visibility-team (Team:Endpoint Data Visibility) |
|
Pinging @elastic/endpoint-app-team (Feature:Endpoint) |
kqualters-elastic
changed the title
EricDavisX
reviewed
Mar 19, 2020
|
|
||
| export function extractEventID(event: ResolverEvent) { | ||
| if (isLegacyData(event)) { | ||
| if (isLegacyEvent(event)) { |
There was a problem hiding this comment.
classic Resolver switcheroo 👍
oatkiller
approved these changes
Mar 19, 2020
dplumlee
approved these changes
Mar 19, 2020
james-elastic
approved these changes
Mar 19, 2020
marshallmain
approved these changes
Mar 19, 2020
💚 Build SucceededTo update your PR or re-run it, just comment with: |
kqualters-elastic
added a commit
to kqualters-elastic/kibana
that referenced
this pull request
Mar 19, 2020
kqualters-elastic
added a commit
to kqualters-elastic/kibana
that referenced
this pull request
Mar 20, 2020
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Mar 20, 2020
…o alerting/tls-warning * 'alerting/tls-warning' of github.com:gmmorris/kibana: (32 commits) [ML] Listing all categorization wizard checks (elastic#60502) [Upgrade Assistant] First iteration of batch reindex docs (elastic#59887) [SIEM] Export timeline (elastic#58368) [SIEM] Add support for actions and throttle in Rules (elastic#59641) Fix ace a11y listener (elastic#60639) Add addInfo toast to core notifications service (elastic#60574) fix test description (elastic#60638) [SIEM] Cypress screenshots upload to google cloud (elastic#60556) [canvas/shareable_runtime] sync sass loaders with kbn/optimizer (elastic#60653) [SIEM] Fixes Modification of ML Rules (elastic#60662) [SIEM] [Case] Bulk status update, add comment avatar, id => title in breadcrumbs (elastic#60410) [Alerting] add functional tests for index threshold alertType (elastic#60597) [Ingest]EMT-248: add post action request handler and resources (elastic#60581) Return incident's url (elastic#60617) [Endpoint] TEST: GET alert details - boundary test for first alert retrieval (elastic#60320) [ML] Transforms: Fix pivot preview table mapping. (elastic#60609) [Endpoint] Log random seed for sample data CLI to console (elastic#60646) Use common event model for determining if event is v0 or v1 (elastic#60667) Disables PR Project Assigner workflow [Reporting] Allow reports to be deleted in Management > Kibana > Reporting (elastic#60077) ...
|
Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync. |
kibanamachine
added
the
backport missing
kqualters-elastic
added a commit
that referenced
this pull request
Mar 20, 2020
kibanamachine
removed
the
backport missing
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
The resolver api was using a method for differentiating between v0 and v1 events that was not correct, which caused the api to 500 when a resolver tree had children. This changes the api to use the common event model, which makes the api function correctly.
Checklist