Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EMT-287: update schema with elastic agent id #62252

Merged
merged 1 commit into from
Apr 2, 2020
Merged

EMT-287: update schema with elastic agent id #62252

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions x-pack/plugins/endpoint/common/generate_data.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,11 @@ const OTHER_EVENT_CATEGORIES: EventInfo[] = [
];

interface HostInfo {
elastic: {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Outside of the scope of this PR, but wanted to mention it:
It feels like the types/interfaces defined here and duplicated in types.ts should be combined so that they come from one single source.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Outside of the scope of this PR, but wanted to mention it:
It feels like the types/interfaces defined here and duplicated in types.ts should be combined so that they come from one single source.

Well, some of these code was changed without my notice. In my view they are two different application that knows about each other and the use cases are different. For now it is fine to leave it separate but makes for some maintenance work.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah this type can be refactored with the types in types.ts soon, doesn't need to be in this PR though.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see the challenge now @marshallmain 😄. Unrelated to this PR, I just added a new generator method to the EndpointDocGenerator and attempted to reference a method/type from endpoint/public/ from this file and got an ESLint error. Some of our stuff inside of the /public/ folder may need to first be moved to this top-level location.

agent: {
id: string;
};
};
agent: {
version: string;
id: string;
Expand Down Expand Up @@ -116,6 +121,11 @@ export class EndpointDocGenerator {
version: this.randomVersion(),
id: this.seededUUIDv4(),
},
elastic: {
agent: {
id: this.seededUUIDv4(),
},
},
host: {
id: this.seededUUIDv4(),
hostname: this.randomHostname(),
Expand Down
5 changes: 5 additions & 0 deletions x-pack/plugins/endpoint/common/types.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -257,6 +257,11 @@ export type HostMetadata = Immutable<{
event: {
created: number;
};
elastic: {
agent: {
id: string;
};
};
endpoint: {
policy: {
id: string;
Expand Down
20 changes: 20 additions & 0 deletions x-pack/plugins/endpoint/server/test_data/all_metadata_data.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,11 @@
"event" : {
"created" : "2020-01-23T21:56:55.336Z"
},
"elastic": {
"agent": {
"id": "56a75650-3c8a-4e4f-ac17-6dd729c650e2"
}
},
"endpoint" : {
"policy" : {
"id" : "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
Expand Down Expand Up @@ -73,6 +78,11 @@
"event" : {
"created" : "2020-01-23T21:56:55.336Z"
},
"elastic": {
"agent": {
"id": "56a75650-3c8a-4e4f-ac17-6dd729c650e2"
}
},
"endpoint" : {
"policy" : {
"id" : "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
Expand Down Expand Up @@ -115,6 +125,11 @@
"event" : {
"created" : "2020-01-23T21:56:55.336Z"
},
"elastic": {
"agent": {
"id": "c2d84d8f-d355-40de-8b54-5d318d4d1312"
}
},
"endpoint" : {
"policy" : {
"id" : "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
Expand Down Expand Up @@ -165,6 +180,11 @@
"event" : {
"created" : "2020-01-23T21:56:55.336Z"
},
"elastic": {
"agent": {
"id": "c2d84d8f-d355-40de-8b54-5d318d4d1312"
}
},
"endpoint" : {
"policy" : {
"id" : "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
Expand Down
21 changes: 21 additions & 0 deletions x-pack/test/api_integration/apis/endpoint/metadata.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,27 @@ export default function({ getService }: FtrProviderContext) {
expect(body.request_page_index).to.eql(0);
});

it('metadata api should return the endpoint based on the elastic agent id', async () => {
const targetEndpointId = 'fc0ff548-feba-41b6-8367-65e8790d0eaf';
const targetElasticAgentId = '023fa40c-411d-4188-a941-4147bfadd095';
const { body } = await supertest
.post('/api/endpoint/metadata')
.set('kbn-xsrf', 'xxx')
.send({
filter: `elastic.agent.id:${targetElasticAgentId}`,
})
.expect(200);
expect(body.total).to.eql(1);
const resultHostId: string = body.hosts[0].host.id;
const resultElasticAgentId: string = body.hosts[0].elastic.agent.id;
expect(resultHostId).to.eql(targetEndpointId);
expect(resultElasticAgentId).to.eql(targetElasticAgentId);
expect(body.hosts[0].event.created).to.eql(1579881969541);
expect(body.hosts.length).to.eql(1);
expect(body.request_page_size).to.eql(10);
expect(body.request_page_index).to.eql(0);
});

it('metadata api should return all hosts when filter is empty string', async () => {
const { body } = await supertest
.post('/api/endpoint/metadata')
Expand Down
47 changes: 46 additions & 1 deletion x-pack/test/functional/es_archives/endpoint/metadata/api_feature/data.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,11 @@
"version": "6.6.1",
"name" : "Elastic Endpoint"
},
"elastic": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question: did you update this es_archive manually? or did you use some sort of a tool that just add "stuff" to it?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question: did you update this es_archive manually? or did you use some sort of a tool that just add "stuff" to it?

Yes we have to make incremental changes to the data because the changes are relative, e.g. in this case all events for a particular endpoint should have the same elastic.agent.id. And we have to be backward compatible with other tests too.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So I assume you updated the file manually?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I updated manually.

"agent": {
"id": "11488bae-880b-4e7b-8d28-aac2aa9de816"
}
},
"endpoint": {
"policy": {
"id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
Expand Down Expand Up @@ -54,6 +59,11 @@
"version": "6.0.0",
"name" : "Elastic Endpoint"
},
"elastic": {
"agent": {
"id": "92ac1ce0-e1f7-409e-8af6-f17e97b1fc71"
}
},
"endpoint": {
"policy": {
"id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
Expand Down Expand Up @@ -97,6 +107,11 @@
"version": "6.8.0",
"name" : "Elastic Endpoint"
},
"elastic": {
"agent": {
"id": "023fa40c-411d-4188-a941-4147bfadd095"
}
},
"endpoint": {
"policy": {
"id": "00000000-0000-0000-0000-000000000000"
Expand Down Expand Up @@ -138,6 +153,11 @@
"version": "6.6.1",
"name" : "Elastic Endpoint"
},
"elastic": {
"agent": {
"id": "11488bae-880b-4e7b-8d28-aac2aa9de816"
}
},
"endpoint": {
"policy": {
"id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
Expand Down Expand Up @@ -182,6 +202,11 @@
"version": "6.0.0",
"name" : "Elastic Endpoint"
},
"elastic": {
"agent": {
"id": "92ac1ce0-e1f7-409e-8af6-f17e97b1fc71"
}
},
"endpoint": {
"policy": {
"id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
Expand Down Expand Up @@ -224,6 +249,11 @@
"version": "6.8.0",
"name" : "Elastic Endpoint"
},
"elastic": {
"agent": {
"id": "023fa40c-411d-4188-a941-4147bfadd095"
}
},
"endpoint": {
"policy": {
"id": "00000000-0000-0000-0000-000000000000"
Expand Down Expand Up @@ -266,6 +296,11 @@
"version": "6.6.1",
"name" : "Elastic Endpoint"
},
"elastic": {
"agent": {
"id": "11488bae-880b-4e7b-8d28-aac2aa9de816"
}
},
"endpoint": {
"policy": {
"id": "00000000-0000-0000-0000-000000000000"
Expand Down Expand Up @@ -309,6 +344,11 @@
"version": "6.0.0",
"name" : "Elastic Endpoint"
},
"elastic": {
"agent": {
"id": "92ac1ce0-e1f7-409e-8af6-f17e97b1fc71"
}
},
"endpoint": {
"policy": {
"id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
Expand Down Expand Up @@ -351,6 +391,11 @@
"version": "6.8.0",
"name" : "Elastic Endpoint"
},
"elastic": {
"agent": {
"id": "023fa40c-411d-4188-a941-4147bfadd095"
}
},
"endpoint": {
"policy": {
"id": "00000000-0000-0000-0000-000000000000"
Expand Down Expand Up @@ -379,4 +424,4 @@
}
}
}
}
}
19 changes: 18 additions & 1 deletion x-pack/test/functional/es_archives/endpoint/metadata/api_feature/mappings.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,23 @@
"@timestamp": {
"type": "long"
},
"elastic": {
"properties": {
"agent": {
"properties": {
"id": {
"fields": {
"keyword": {
"ignore_above": 256,
"type": "keyword"
}
},
"type": "text"
}
}
}
}
},
"agent": {
"properties": {
"id": {
Expand Down Expand Up @@ -153,4 +170,4 @@
}
}
}
}
}