-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EMT-401: add policy data to metadata and fix tests #68582
EMT-401: add policy data to metadata and fix tests #68582
Conversation
Pinging @elastic/endpoint-app-team (Feature:Endpoint) |
@elasticmachine merge upstream |
@nnamdifrankie should this be tagged as v7.9.0 instead of v7.8.0? |
@elasticmachine merge upstream |
@elasticmachine merge upstream |
…difrankie/kibana into EMT-401_add_policy_data_to_metadata
@elasticmachine merge upstream |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to address the alert type mismatch with the schema.
@@ -271,7 +277,12 @@ export class EndpointDocGenerator { | |||
* Creates new random policy id for the host to simulate new policy application | |||
*/ | |||
public updatePolicyId() { | |||
this.commonInfo.endpoint.policy.id = this.randomChoice(POLICIES).id; | |||
this.commonInfo.endpoint.policy.applied.id = this.randomChoice(POLICIES).id; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: Maybe change the name of this function since it's updating more than just the policy id right?
@@ -253,7 +253,11 @@ export type AlertEvent = Immutable<{ | |||
}; | |||
endpoint: { | |||
policy: { | |||
id: string; | |||
applied: { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm I don't think alerts will have this structure. The mapping for alerts looks like:
endpoint:
fields:
policy:
fields:
id: {}
artifact: {}
based on here: https://github.com/elastic/endpoint-package/blob/master/custom_subsets/elastic_endpoint/events/malware_event.yaml#L26
Do we need to update the mapping?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@@ -27,7 +27,6 @@ import { | |||
} from '../../../../common/endpoint/types'; | |||
import { SearchResponse } from 'elasticsearch'; | |||
import { registerEndpointRoutes } from './index'; | |||
import * as data from '../../test_data/all_metadata_data.json'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice! 👍
@@ -17,7 +17,11 @@ | |||
}, | |||
"endpoint": { | |||
"policy": { | |||
"id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" | |||
"applied": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't need to do it in this PR but we should probably gzip this file too.
…difrankie/kibana into EMT-401_add_policy_data_to_metadata
💚 Build SucceededHistory
To update your PR or re-run it, just comment with: |
elastic#68582) [SECURITY SOLUTION] EMT-401: add policy data to metadata and fix tests
* master: (91 commits) [Search][BUG] Call wrong search strategy recursively in async search (elastic#69116) [Observability] Create context container to enable Observability plugin registry function (elastic#68642) Rename space id for disabled index pattern test (elastic#68990) skip flaky suite (elastic#63339) Resolver Light Theme And Kibana Integration (elastic#67859) [kbn/dev-utils] expose public tooling_log module (elastic#68868) index pattern(s) take dependencies as object (elastic#69055) include ci-stats metrics in pr comment (elastic#68563) Bump webpack packages (elastic#68716) [Uptime] Fixed metric query broken because of missing mapping (elastic#68999) Added cloud as an optional dependency (elastic#69050) Fixed all external links (elastic#68614) [DOCS] Reorganizes doc nav to match new Kibana nav (elastic#69069) [Endpoint] Using the stats provided by the backend for resolver UI (elastic#68577) [DOCS] Removees 8.0 from Upgrade Assistant docs (elastic#69067) [ML] Fix cloud deployment ID check (elastic#68695) [DOCS] Move metrics app content to metrics monitoring guide (elastic#69033) Add ingest manager topic to docs (elastic#68980) [SECURITY SOLUTION] EMT-401: add policy data to metadata and fix tests (elastic#68582) [DOCS] Fixes POST request for saved objects (elastic#69036) ...
* master: (60 commits) Re-enable mistakenly skipped tests. (elastic#69123) [Search][BUG] Call wrong search strategy recursively in async search (elastic#69116) [Observability] Create context container to enable Observability plugin registry function (elastic#68642) Rename space id for disabled index pattern test (elastic#68990) skip flaky suite (elastic#63339) Resolver Light Theme And Kibana Integration (elastic#67859) [kbn/dev-utils] expose public tooling_log module (elastic#68868) index pattern(s) take dependencies as object (elastic#69055) include ci-stats metrics in pr comment (elastic#68563) Bump webpack packages (elastic#68716) [Uptime] Fixed metric query broken because of missing mapping (elastic#68999) Added cloud as an optional dependency (elastic#69050) Fixed all external links (elastic#68614) [DOCS] Reorganizes doc nav to match new Kibana nav (elastic#69069) [Endpoint] Using the stats provided by the backend for resolver UI (elastic#68577) [DOCS] Removees 8.0 from Upgrade Assistant docs (elastic#69067) [ML] Fix cloud deployment ID check (elastic#68695) [DOCS] Move metrics app content to metrics monitoring guide (elastic#69033) Add ingest manager topic to docs (elastic#68980) [SECURITY SOLUTION] EMT-401: add policy data to metadata and fix tests (elastic#68582) ...
Summary
Issue:
https://github.com/elastic/endpoint-app-team/issues/401
Checklist