Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SIEM] [Detection Engine] Changes find_statuses route HTTP method from GET to POST #63508

Merged
merged 4 commits into from
Apr 16, 2020
Merged

[SIEM] [Detection Engine] Changes find_statuses route HTTP method from GET to POST #63508

merged 4 commits into from
Apr 16, 2020

Conversation

dhurley14
Copy link
Contributor

Summary

This PR fixes #63481 . The URL query string was growing too large after around 200-ish rule ids and hapi could not parse that many items, so we changed the http method from GET to POST with a body.

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@dhurley14 dhurley14 self-assigned this Apr 14, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/siem (Team:SIEM)

@dhurley14 dhurley14 marked this pull request as ready for review April 14, 2020 18:54
@dhurley14 dhurley14 requested a review from a team as a code owner April 14, 2020 18:54
@FrankHassanabad
Copy link
Contributor

Update the script of:

x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/find_rules_statuses_by_ids.sh

Optional but adding a backend e2e test for this would be really helpful to just at least test that this endpoint responds with a 200. For bodies and stuff to be consistent you can still test them but might have to post the rule as "enabled: false" first.

At least one backend test would be a really nice complement but optional at this point since there's unit tests.

FrankHassanabad
FrankHassanabad approved these changes Apr 14, 2020
View reviewed changes
Copy link
Contributor

@FrankHassanabad FrankHassanabad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the fast turn around time! 👍

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@dhurley14 dhurley14 merged commit ebcb502 into elastic:master Apr 16, 2020
@dhurley14 dhurley14 deleted the fix-find-statuses-urls branch April 16, 2020 14:52
@dhurley14 dhurley14 mentioned this pull request Apr 16, 2020
Merged
dhurley14 added a commit to dhurley14/kibana that referenced this pull request Apr 16, 2020
@dhurley14
[SIEM] [Detection Engine] Changes find_statuses route HTTP met… (elas…
d04c6f8 
…tic#63508)

* changes http method for find_statuses route from GET to POST

* fix test string formatting

* update sample shell script for find statuses route

* adds e2e test for find statuses
@dhurley14 dhurley14 mentioned this pull request Apr 17, 2020
Closed
@dhurley14 dhurley14 mentioned this pull request May 19, 2020
Merged
dhurley14 added a commit to dhurley14/kibana that referenced this pull request May 19, 2020
@dhurley14
[SIEM] [Detection Engine] Changes find_statuses route HTTP met… (elas…
fd9f65f 
…tic#63508)

* changes http method for find_statuses route from GET to POST

* fix test string formatting

* update sample shell script for find statuses route

* adds e2e test for find statuses
dhurley14 added a commit that referenced this pull request May 20, 2020
@dhurley14
[7.7] [SIEM] [Detection Engine] Changes find_statuses route HTTP met… (
931fdb3 
…#63508) (#66944)
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FrankHassanabad FrankHassanabad FrankHassanabad approved these changes

Assignees

@dhurley14 dhurley14

Labels
release_note:fix review Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.7.1 v7.8.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[SIEM] [Detection Engine] Find statuses endpoint can't parse URL
5 participants
@dhurley14 @elasticmachine @FrankHassanabad @kibanamachine @MindyRS