Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SIEM][Detection Engine] Adds an error aggregator by error reason and a way to filter them #63513

Merged
merged 4 commits into from
Apr 16, 2020
Merged

[SIEM][Detection Engine] Adds an error aggregator by error reason and a way to filter them #63513

merged 4 commits into from
Apr 16, 2020

Conversation

FrankHassanabad
Copy link
Contributor

@FrankHassanabad FrankHassanabad commented Apr 14, 2020
edited
Loading

Summary

Changes the error handling for when responses are returning with errors from the backend. We were aggregating on error status codes, but this will aggregate on the error reason per rule run and report those instead.

  • Adds a utility function
  • Adds unit tests for the utility function
  • Adds TypeScript Types for the utility function
  • Adds sample helpers for the mocks for testing

Checklist

@FrankHassanabad FrankHassanabad requested a review from a team as a code owner April 14, 2020 19:25
@FrankHassanabad FrankHassanabad self-assigned this Apr 14, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/siem (Team:SIEM)

@FrankHassanabad FrankHassanabad mentioned this pull request Apr 14, 2020
Closed
1 task
rylnd
rylnd approved these changes Apr 14, 2020
View reviewed changes
Copy link
Contributor

@rylnd rylnd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This code has a few edge cases but there's a quick fix for them. Up to you if/how you want to address that!

This will result in much better info for the client! :shipit:

x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.ts Outdated Show resolved Hide resolved
x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/utils.ts Outdated Show resolved Hide resolved
x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/utils.ts Show resolved Hide resolved
dhurley14
dhurley14 approved these changes Apr 15, 2020
View reviewed changes
Copy link
Contributor

@dhurley14 dhurley14 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@FrankHassanabad FrankHassanabad merged commit 721e4fa into elastic:master Apr 16, 2020
@FrankHassanabad FrankHassanabad deleted the add-better-error-reporting branch April 16, 2020 14:04
@FrankHassanabad FrankHassanabad mentioned this pull request Apr 16, 2020
Merged
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dhurley14 dhurley14 dhurley14 approved these changes

@rylnd rylnd rylnd approved these changes

Assignees

@FrankHassanabad FrankHassanabad

Labels
release_note:enhancement Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.8.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@FrankHassanabad @elasticmachine @kibanamachine @rylnd @dhurley14 @MindyRS