task/mac-eventing-form #62999
Merged
task/mac-eventing-form #62999
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
parkiino
added
v8.0.0
release_note:skip
|
Pinging @elastic/endpoint-management (Team:Endpoint Management) |
|
Pinging @elastic/endpoint-app-team (Feature:Endpoint) |
parkiino
force-pushed
the
task/malware-eventing
branch
from
82012f8 to
3d9e34c
Compare
…to task/malware-eventing
…to task/malware-eventing
parkiino
commented
Apr 10, 2020
| @@ -105,6 +105,32 @@ export const selectedWindowsEventing = (state: PolicyDetailsState): number => { | |||
| return 0; | |||
| }; | |||
|
|
|||
| /** Returns an object of all the mac eventing configurations */ | |||
| export const macEventing = (state: PolicyDetailsState) => { | |||
There was a problem hiding this comment.
probs going to remove this guy.
parkiino
commented
Apr 10, 2020
| @@ -42,6 +42,10 @@ export const generatePolicy = (): PolicyConfig => { | |||
| mac: { | |||
| events: { | |||
| process: true, | |||
| // TODO, is this right? | |||
There was a problem hiding this comment.
uhhh gotta take away these TODOs
aisantos
suggested changes
Apr 10, 2020
| @@ -72,7 +72,8 @@ describe('policy details: ', () => { | |||
| }); | |||
|
|
|||
| it('windows process eventing is enabled', async () => { | |||
| expect(windowsEventing(getState())!.process).toEqual(true); | |||
| const config = policyConfig(getState()); | |||
| expect(config!.windows.events.process).toEqual(true); | |||
| }); | |||
There was a problem hiding this comment.
@parkiino - Looks good! Will we also be adding a test here for the network eventing for Windows. This PR says mac eventing, are we also going to add tests for Mac here? Or did you want me to execute those manually for now until we can automate them?
There was a problem hiding this comment.
i can add a test for mac as well
aisantos
reviewed
Apr 10, 2020
| }); | ||
|
|
||
| it('windows process eventing is enabled', () => { | ||
| const config = policyConfig(getState()); |
There was a problem hiding this comment.
@parkiino - can we update the it to say "mac" process instead of windows?
There was a problem hiding this comment.
@parkiino - also the eventing options in the AC are different from the mocks and implementation. Let's chat at stand up to see which ones we need to write tests for.
paul-tavares
approved these changes
Apr 10, 2020
| }; | ||
| /** malware mode can be off, detect, prevent or prevent and notify user */ | ||
| malware: MalwareFields; | ||
| windows: UIPolicyConfig['windows'] & { |
There was a problem hiding this comment.
curious to know why this was needed
There was a problem hiding this comment.
I was trying random stuff. Don't think the change is needed
| mac: MacPolicyConfig; | ||
| linux: LinuxPolicyConfig; | ||
| } | ||
| /* eslint-disable @typescript-eslint/consistent-type-definitions */ |
There was a problem hiding this comment.
Why disable this here?
There was a problem hiding this comment.
not needed. was just trying random stuff because typescript was beating us up
kevinlog
reviewed
Apr 10, 2020
| /** | ||
| * Returns value from `configuration` | ||
| */ | ||
| export const getIn = (a: UIPolicyConfig) => <Key extends keyof UIPolicyConfig>(key: Key) => < |
There was a problem hiding this comment.
this works to keep us type compliant when we have different combinations of keys?
There was a problem hiding this comment.
yeah this was to make sure the types were still getting passed through correctly
kevinlog
reviewed
Apr 10, 2020
| @@ -203,6 +200,7 @@ export enum OS { | |||
| export enum EventingFields { | |||
There was a problem hiding this comment.
I don't think this is used anymore
There was a problem hiding this comment.
i believe you are right!
kevinlog
approved these changes
Apr 10, 2020
| return state; | ||
| } | ||
| const newState = { ...state, policyItem: { ...state.policyItem } }; | ||
| const newPolicy: any = { ...fullPolicy(state) }; |
There was a problem hiding this comment.
instead of any can't this be PolicyConfig from https://github.com/elastic/kibana/blob/master/x-pack/plugins/endpoint/public/applications/endpoint/types.ts#L120 ?
There was a problem hiding this comment.
for some reason typecheck complains on lines 99-102 because it doesn't like how windows has a different number of events (process, network) than mac and linux (process, network and file). so any resolves that for now
dplumlee
reviewed
Apr 10, 2020
| }; | ||
| /** malware mode can be off, detect, prevent or prevent and notify user */ | ||
| malware: MalwareFields; | ||
| windows: UIPolicyConfig['windows'] & { | ||
| logging: { |
There was a problem hiding this comment.
i see you use this same format 3 times here, could be a candidate to abstract
{
logging: {
stdout: string;
file: string;
}
advanced: PolicyConfigAdvancedOptions;
}
| linux: LinuxPolicyConfig; | ||
| } | ||
| /* eslint-disable @typescript-eslint/consistent-type-definitions */ | ||
| export type UIPolicyConfig = { |
There was a problem hiding this comment.
do you ever use these fields all together and not just selecting one type from the UIPolicyConfig (e.g. UIPolicyConfig['linux'])? What's the benefit of doing it this way as opposed to just having 3 separate types?
There was a problem hiding this comment.
yes as of now, there is one form that changes malware protections for both windows and mac. so it grabs the entire policyconfig and returns back the changed malware protection for both mac and windows. There will probably be other protections like this in the future
aisantos
approved these changes
Apr 10, 2020
💚 Build SucceededHistory
To update your PR or re-run it, just comment with: |
parkiino
added a commit
that referenced
this pull request
Apr 14, 2020
adds mac events form for endpoint policy details (#62999) Co-authored-by: oatkiller <[email protected]> Co-authored-by: Elastic Machine <[email protected]>
majagrubic
pushed a commit
to majagrubic/kibana
that referenced
this pull request
Apr 16, 2020
adds mac events form for endpoint policy details Co-authored-by: oatkiller <[email protected]>
majagrubic
pushed a commit
that referenced
this pull request
Apr 22, 2020
* Attempt at deangularization, nr.2 * Remove padding in fullscreen * Fixing failing functional test * Fixing remaining functional test * Fixing typescript errors * Fixing filter bar not being visible in fullscreen * Fixing filter bar not being visible in fullscreen * Rebasing against master * Fixing a small leftover * Fix order of functions * Fixing linting error * Changing noPadding to a custom class * Use filterManagers to handle filters * Rename class * Attempt at deangularization, nr.2 * Remove padding in fullscreen * Fixing failing functional test * Fixing remaining functional test * Fixing typescript errors * Fixing filter bar not being visible in fullscreen * Fixing filter bar not being visible in fullscreen * Rebasing against master * Fixing a small leftover * Fix order of functions * Fixing linting error * [APM] Agent config select box doesn't work on IE (#63236) * adding value property to select options * fixing test * Use globe icon for "ext" span type on service map (#63205) Both "external" and "ext" can be returned and should have the same icon. * Move shared vislib components into Charts plugin (#62957) * Closes #56310 Move shared vislib components into Charts plugin * Fixed imports in tests * Changed i18n IDs to match charts namespace * Renamed ColorSchemaVislibParams to ColorSchemaParams, added enums and got rid of useValidation function * Renamed ColorSchemaVislibParams to ColorSchemaParams and got rid of useValidation function * Fixed merge conflict * Replaced enums with objects again * Make uptime alert flyout test a little more resilient (#62702) * [SIEM] [Cases] Unit tests for case UI components (#63005) * Endpoint: Remove unused `lib` module (#63248) * [Lens] Fix error in query from generated suggestion (#63018) * [Lens] Fix error in query from generated suggestion * Update from review comments * Fix test Co-authored-by: Elastic Machine <[email protected]> * Resolver/node svg 2 html (#62958) * Remove some SVG in Resolver nodes and replace with HTML * [Reporting] convert all server unit tests to TypeScript (#62873) * [Reporting] convert all server unit tests to TypeScript * fix ts * revert unrelated change * [SIEM] Link ML Rule card CTA to license_management (#63210) * Link ML Rule card CTA to license_management Taking the user directly to the license management page within kibana (where they could immediately start a trial subscription) is much more actionable than taking them to the subscriptions marketing page. * Revert translation key change Neither of these is totally accurate, and there've already been translations written for the old one. * Correctly type ILM's optional dependencies as optional (#63255) And guard against their absence. * [Telemetry] use prod keys (#63263) * update chromedriver dependency to 81.0.0 (#63266) * task/mac-eventing-form (#62999) adds mac events form for endpoint policy details Co-authored-by: oatkiller <[email protected]> * bc6 rule import april 9 (#63152) * bc6 rule import april 9 Increased the lookback of the ML rules * re-import with LF chars Co-authored-by: Elastic Machine <[email protected]> * Added UI for pre-configured connectors. (#63074) * Added UI for pre-configured connectors. * fixed due to comments * Fixed jest tests * Fixed due to comments and added some functional tests * test fix * Fixed failed checks * Fixed functional tests failing * TaskManager tasks scheduled without attempting to run (#62078) * TaskManager tasks scheduled without attempting to run * Removing unused import Co-authored-by: Elastic Machine <[email protected]> * Changed alerting wrong param name for help xpack.encrypted_saved_objects.encryptionKey to xpack.encryptedSavedObjects.encryptionKey (#63307) * fix ScopedHistory.createHref to prepend location with scoped history basePath (#62407) * fix createHref to prepend with scoped history basePath + add option to exclude it. * fix prependBasePath behavior * fix test plugins urls * add pathname to endpoint url builder methods * Revert "add pathname to endpoint url builder methods" This reverts commit 7604932 * adapt createHref instead of prependBasePath * use object options for createHref * update generated doc * fixing custom link popover size and hiding scroll (#63240) * Changing noPadding to a custom class * Use filterManagers to handle filters * Rename class * Applying some changes * Reverting search_bar code changes * Removing some stuff that was causing functional tests to fail * Removing refresh dashboard container which was causing errors during navigation * Do not destroy dashboardContainer * Adding updateSavedQueryId method Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Cauê Marcondes <[email protected]> Co-authored-by: Nathan L Smith <[email protected]> Co-authored-by: DianaDerevyankina <[email protected]> Co-authored-by: Brian Seeders <[email protected]> Co-authored-by: Steph Milovic <[email protected]> Co-authored-by: Robert Austin <[email protected]> Co-authored-by: Wylie Conlon <[email protected]> Co-authored-by: Brent Kimmel <[email protected]> Co-authored-by: Tim Sullivan <[email protected]> Co-authored-by: Ryland Herrick <[email protected]> Co-authored-by: CJ Cenizal <[email protected]> Co-authored-by: Ahmad Bamieh <[email protected]> Co-authored-by: Dmitry Lemeshko <[email protected]> Co-authored-by: Candace Park <[email protected]> Co-authored-by: The SpaceCake Project <[email protected]> Co-authored-by: Yuliia Naumenko <[email protected]> Co-authored-by: Brandon Kobel <[email protected]> Co-authored-by: Pierre Gayvallet <[email protected]>
majagrubic
pushed a commit
to majagrubic/kibana
that referenced
this pull request
Apr 22, 2020
* Attempt at deangularization, nr.2 * Remove padding in fullscreen * Fixing failing functional test * Fixing remaining functional test * Fixing typescript errors * Fixing filter bar not being visible in fullscreen * Fixing filter bar not being visible in fullscreen * Rebasing against master * Fixing a small leftover * Fix order of functions * Fixing linting error * Changing noPadding to a custom class * Use filterManagers to handle filters * Rename class * Attempt at deangularization, nr.2 * Remove padding in fullscreen * Fixing failing functional test * Fixing remaining functional test * Fixing typescript errors * Fixing filter bar not being visible in fullscreen * Fixing filter bar not being visible in fullscreen * Rebasing against master * Fixing a small leftover * Fix order of functions * Fixing linting error * [APM] Agent config select box doesn't work on IE (elastic#63236) * adding value property to select options * fixing test * Use globe icon for "ext" span type on service map (elastic#63205) Both "external" and "ext" can be returned and should have the same icon. * Move shared vislib components into Charts plugin (elastic#62957) * Closes elastic#56310 Move shared vislib components into Charts plugin * Fixed imports in tests * Changed i18n IDs to match charts namespace * Renamed ColorSchemaVislibParams to ColorSchemaParams, added enums and got rid of useValidation function * Renamed ColorSchemaVislibParams to ColorSchemaParams and got rid of useValidation function * Fixed merge conflict * Replaced enums with objects again * Make uptime alert flyout test a little more resilient (elastic#62702) * [SIEM] [Cases] Unit tests for case UI components (elastic#63005) * Endpoint: Remove unused `lib` module (elastic#63248) * [Lens] Fix error in query from generated suggestion (elastic#63018) * [Lens] Fix error in query from generated suggestion * Update from review comments * Fix test Co-authored-by: Elastic Machine <[email protected]> * Resolver/node svg 2 html (elastic#62958) * Remove some SVG in Resolver nodes and replace with HTML * [Reporting] convert all server unit tests to TypeScript (elastic#62873) * [Reporting] convert all server unit tests to TypeScript * fix ts * revert unrelated change * [SIEM] Link ML Rule card CTA to license_management (elastic#63210) * Link ML Rule card CTA to license_management Taking the user directly to the license management page within kibana (where they could immediately start a trial subscription) is much more actionable than taking them to the subscriptions marketing page. * Revert translation key change Neither of these is totally accurate, and there've already been translations written for the old one. * Correctly type ILM's optional dependencies as optional (elastic#63255) And guard against their absence. * [Telemetry] use prod keys (elastic#63263) * update chromedriver dependency to 81.0.0 (elastic#63266) * task/mac-eventing-form (elastic#62999) adds mac events form for endpoint policy details Co-authored-by: oatkiller <[email protected]> * bc6 rule import april 9 (elastic#63152) * bc6 rule import april 9 Increased the lookback of the ML rules * re-import with LF chars Co-authored-by: Elastic Machine <[email protected]> * Added UI for pre-configured connectors. (elastic#63074) * Added UI for pre-configured connectors. * fixed due to comments * Fixed jest tests * Fixed due to comments and added some functional tests * test fix * Fixed failed checks * Fixed functional tests failing * TaskManager tasks scheduled without attempting to run (elastic#62078) * TaskManager tasks scheduled without attempting to run * Removing unused import Co-authored-by: Elastic Machine <[email protected]> * Changed alerting wrong param name for help xpack.encrypted_saved_objects.encryptionKey to xpack.encryptedSavedObjects.encryptionKey (elastic#63307) * fix ScopedHistory.createHref to prepend location with scoped history basePath (elastic#62407) * fix createHref to prepend with scoped history basePath + add option to exclude it. * fix prependBasePath behavior * fix test plugins urls * add pathname to endpoint url builder methods * Revert "add pathname to endpoint url builder methods" This reverts commit 7604932 * adapt createHref instead of prependBasePath * use object options for createHref * update generated doc * fixing custom link popover size and hiding scroll (elastic#63240) * Changing noPadding to a custom class * Use filterManagers to handle filters * Rename class * Applying some changes * Reverting search_bar code changes * Removing some stuff that was causing functional tests to fail * Removing refresh dashboard container which was causing errors during navigation * Do not destroy dashboardContainer * Adding updateSavedQueryId method Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Cauê Marcondes <[email protected]> Co-authored-by: Nathan L Smith <[email protected]> Co-authored-by: DianaDerevyankina <[email protected]> Co-authored-by: Brian Seeders <[email protected]> Co-authored-by: Steph Milovic <[email protected]> Co-authored-by: Robert Austin <[email protected]> Co-authored-by: Wylie Conlon <[email protected]> Co-authored-by: Brent Kimmel <[email protected]> Co-authored-by: Tim Sullivan <[email protected]> Co-authored-by: Ryland Herrick <[email protected]> Co-authored-by: CJ Cenizal <[email protected]> Co-authored-by: Ahmad Bamieh <[email protected]> Co-authored-by: Dmitry Lemeshko <[email protected]> Co-authored-by: Candace Park <[email protected]> Co-authored-by: The SpaceCake Project <[email protected]> Co-authored-by: Yuliia Naumenko <[email protected]> Co-authored-by: Brandon Kobel <[email protected]> Co-authored-by: Pierre Gayvallet <[email protected]>
majagrubic
pushed a commit
that referenced
this pull request
Apr 22, 2020
* Attempt at deangularization, nr.2 * Remove padding in fullscreen * Fixing failing functional test * Fixing remaining functional test * Fixing typescript errors * Fixing filter bar not being visible in fullscreen * Fixing filter bar not being visible in fullscreen * Rebasing against master * Fixing a small leftover * Fix order of functions * Fixing linting error * Changing noPadding to a custom class * Use filterManagers to handle filters * Rename class * Attempt at deangularization, nr.2 * Remove padding in fullscreen * Fixing failing functional test * Fixing remaining functional test * Fixing typescript errors * Fixing filter bar not being visible in fullscreen * Fixing filter bar not being visible in fullscreen * Rebasing against master * Fixing a small leftover * Fix order of functions * Fixing linting error * [APM] Agent config select box doesn't work on IE (#63236) * adding value property to select options * fixing test * Use globe icon for "ext" span type on service map (#63205) Both "external" and "ext" can be returned and should have the same icon. * Move shared vislib components into Charts plugin (#62957) * Closes #56310 Move shared vislib components into Charts plugin * Fixed imports in tests * Changed i18n IDs to match charts namespace * Renamed ColorSchemaVislibParams to ColorSchemaParams, added enums and got rid of useValidation function * Renamed ColorSchemaVislibParams to ColorSchemaParams and got rid of useValidation function * Fixed merge conflict * Replaced enums with objects again * Make uptime alert flyout test a little more resilient (#62702) * [SIEM] [Cases] Unit tests for case UI components (#63005) * Endpoint: Remove unused `lib` module (#63248) * [Lens] Fix error in query from generated suggestion (#63018) * [Lens] Fix error in query from generated suggestion * Update from review comments * Fix test Co-authored-by: Elastic Machine <[email protected]> * Resolver/node svg 2 html (#62958) * Remove some SVG in Resolver nodes and replace with HTML * [Reporting] convert all server unit tests to TypeScript (#62873) * [Reporting] convert all server unit tests to TypeScript * fix ts * revert unrelated change * [SIEM] Link ML Rule card CTA to license_management (#63210) * Link ML Rule card CTA to license_management Taking the user directly to the license management page within kibana (where they could immediately start a trial subscription) is much more actionable than taking them to the subscriptions marketing page. * Revert translation key change Neither of these is totally accurate, and there've already been translations written for the old one. * Correctly type ILM's optional dependencies as optional (#63255) And guard against their absence. * [Telemetry] use prod keys (#63263) * update chromedriver dependency to 81.0.0 (#63266) * task/mac-eventing-form (#62999) adds mac events form for endpoint policy details Co-authored-by: oatkiller <[email protected]> * bc6 rule import april 9 (#63152) * bc6 rule import april 9 Increased the lookback of the ML rules * re-import with LF chars Co-authored-by: Elastic Machine <[email protected]> * Added UI for pre-configured connectors. (#63074) * Added UI for pre-configured connectors. * fixed due to comments * Fixed jest tests * Fixed due to comments and added some functional tests * test fix * Fixed failed checks * Fixed functional tests failing * TaskManager tasks scheduled without attempting to run (#62078) * TaskManager tasks scheduled without attempting to run * Removing unused import Co-authored-by: Elastic Machine <[email protected]> * Changed alerting wrong param name for help xpack.encrypted_saved_objects.encryptionKey to xpack.encryptedSavedObjects.encryptionKey (#63307) * fix ScopedHistory.createHref to prepend location with scoped history basePath (#62407) * fix createHref to prepend with scoped history basePath + add option to exclude it. * fix prependBasePath behavior * fix test plugins urls * add pathname to endpoint url builder methods * Revert "add pathname to endpoint url builder methods" This reverts commit 7604932 * adapt createHref instead of prependBasePath * use object options for createHref * update generated doc * fixing custom link popover size and hiding scroll (#63240) * Changing noPadding to a custom class * Use filterManagers to handle filters * Rename class * Applying some changes * Reverting search_bar code changes * Removing some stuff that was causing functional tests to fail * Removing refresh dashboard container which was causing errors during navigation * Do not destroy dashboardContainer * Adding updateSavedQueryId method Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Cauê Marcondes <[email protected]> Co-authored-by: Nathan L Smith <[email protected]> Co-authored-by: DianaDerevyankina <[email protected]> Co-authored-by: Brian Seeders <[email protected]> Co-authored-by: Steph Milovic <[email protected]> Co-authored-by: Robert Austin <[email protected]> Co-authored-by: Wylie Conlon <[email protected]> Co-authored-by: Brent Kimmel <[email protected]> Co-authored-by: Tim Sullivan <[email protected]> Co-authored-by: Ryland Herrick <[email protected]> Co-authored-by: CJ Cenizal <[email protected]> Co-authored-by: Ahmad Bamieh <[email protected]> Co-authored-by: Dmitry Lemeshko <[email protected]> Co-authored-by: Candace Park <[email protected]> Co-authored-by: The SpaceCake Project <[email protected]> Co-authored-by: Yuliia Naumenko <[email protected]> Co-authored-by: Brandon Kobel <[email protected]> Co-authored-by: Pierre Gayvallet <[email protected]> Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: Cauê Marcondes <[email protected]> Co-authored-by: Nathan L Smith <[email protected]> Co-authored-by: DianaDerevyankina <[email protected]> Co-authored-by: Brian Seeders <[email protected]> Co-authored-by: Steph Milovic <[email protected]> Co-authored-by: Robert Austin <[email protected]> Co-authored-by: Wylie Conlon <[email protected]> Co-authored-by: Brent Kimmel <[email protected]> Co-authored-by: Tim Sullivan <[email protected]> Co-authored-by: Ryland Herrick <[email protected]> Co-authored-by: CJ Cenizal <[email protected]> Co-authored-by: Ahmad Bamieh <[email protected]> Co-authored-by: Dmitry Lemeshko <[email protected]> Co-authored-by: Candace Park <[email protected]> Co-authored-by: The SpaceCake Project <[email protected]> Co-authored-by: Yuliia Naumenko <[email protected]> Co-authored-by: Brandon Kobel <[email protected]> Co-authored-by: Pierre Gayvallet <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
issue: https://github.com/elastic/endpoint-app-team/issues/122
Checklist
Delete any items that are not applicable to this PR.
For maintainers