Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EMT-401: add policy data to metadata and fix tests #68582

Merged
merged 13 commits into from
Jun 12, 2020
Merged

EMT-401: add policy data to metadata and fix tests #68582

merged 13 commits into from
Jun 12, 2020

Conversation

nnamdifrankie
Copy link
Contributor

@nnamdifrankie nnamdifrankie commented Jun 8, 2020
edited
Loading

Summary

Issue:
https://github.com/elastic/endpoint-app-team/issues/401

  • update HostMetadata type to include policy data.
  • update generator to generate new data.
  • update policy response type.
  • update tests to use generator, remove static sample data.
  • added api test to confirm that we can filter by policy status.

Checklist

@nnamdifrankie nnamdifrankie added v8.0.0 release_note:skip Skip the PR/issue when compiling release notes v7.8.0 labels Jun 8, 2020
@nnamdifrankie nnamdifrankie marked this pull request as ready for review June 9, 2020 14:07
@nnamdifrankie nnamdifrankie requested review from a team as code owners June 9, 2020 14:07
@oatkiller oatkiller added the Feature:Endpoint Elastic Endpoint feature label Jun 9, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/endpoint-app-team (Feature:Endpoint)

@nnamdifrankie
Copy link
Contributor Author

@elasticmachine merge upstream

@charlie-pichette
Copy link
Contributor

@nnamdifrankie should this be tagged as v7.9.0 instead of v7.8.0?

@nnamdifrankie
Copy link
Contributor Author

@elasticmachine merge upstream

@nnamdifrankie
Copy link
Contributor Author

@elasticmachine merge upstream

@nnamdifrankie
Copy link
Contributor Author

@elasticmachine merge upstream

jonathan-buttner
jonathan-buttner requested changes Jun 12, 2020
View reviewed changes
Copy link
Contributor

@jonathan-buttner jonathan-buttner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we need to address the alert type mismatch with the schema.

x-pack/plugins/security_solution/common/endpoint/generate_data.ts Outdated
@@ -271,7 +277,12 @@ export class EndpointDocGenerator {
* Creates new random policy id for the host to simulate new policy application
*/
public updatePolicyId() {
this.commonInfo.endpoint.policy.id = this.randomChoice(POLICIES).id;
this.commonInfo.endpoint.policy.applied.id = this.randomChoice(POLICIES).id;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: Maybe change the name of this function since it's updating more than just the policy id right?

x-pack/plugins/security_solution/common/endpoint/types.ts
@@ -253,7 +253,11 @@ export type AlertEvent = Immutable<{
};
endpoint: {
policy: {
id: string;
applied: {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm I don't think alerts will have this structure. The mapping for alerts looks like:

endpoint:
  fields:
    policy: 
      fields:
        id: {}
    artifact: {}

based on here: https://github.com/elastic/endpoint-package/blob/master/custom_subsets/elastic_endpoint/events/malware_event.yaml#L26

Do we need to update the mapping?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

elastic/endpoint-package#10

x-pack/plugins/security_solution/server/endpoint/routes/metadata/metadata.test.ts
@@ -27,7 +27,6 @@ import {
} from '../../../../common/endpoint/types';
import { SearchResponse } from 'elasticsearch';
import { registerEndpointRoutes } from './index';
import * as data from '../../test_data/all_metadata_data.json';
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! 👍

x-pack/test/functional/es_archives/endpoint/metadata/api_feature/data.json
@@ -17,7 +17,11 @@
},
"endpoint": {
"policy": {
"id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A"
"applied": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't need to do it in this PR but we should probably gzip this file too.

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@nnamdifrankie nnamdifrankie merged commit c3d784c into elastic:master Jun 12, 2020
@nnamdifrankie nnamdifrankie deleted the EMT-401_add_policy_data_to_metadata branch June 12, 2020 16:45
@nnamdifrankie nnamdifrankie mentioned this pull request Jun 12, 2020
Merged
nnamdifrankie added a commit to nnamdifrankie/kibana that referenced this pull request Jun 12, 2020
@nnamdifrankie
[SECURITY SOLUTION] EMT-401: add policy data to metadata and fix tests (
a5d4083 
elastic#68582)

[SECURITY SOLUTION] EMT-401: add policy data to metadata and fix tests
nnamdifrankie added a commit that referenced this pull request Jun 12, 2020
@nnamdifrankie
[SECURITY SOLUTION] EMT-401: add policy data to metadata and fix tests (
3f5daeb 
#68582) (#69046)

[SECURITY SOLUTION] EMT-401: add policy data to metadata and fix tests
gmmorris added a commit to gmmorris/kibana that referenced this pull request Jun 15, 2020
@gmmorris
Merge branch 'master' into actions/execute-immediate
896b9a5 
* master: (91 commits)
  [Search][BUG] Call wrong search strategy recursively in async search (elastic#69116)
  [Observability] Create context container to enable Observability plugin registry function (elastic#68642)
  Rename space id for disabled index pattern test (elastic#68990)
  skip flaky suite (elastic#63339)
  Resolver Light Theme And Kibana Integration (elastic#67859)
  [kbn/dev-utils] expose public tooling_log module (elastic#68868)
  index pattern(s) take dependencies as object (elastic#69055)
  include ci-stats metrics in pr comment (elastic#68563)
  Bump webpack packages (elastic#68716)
  [Uptime] Fixed metric query broken because of missing mapping (elastic#68999)
  Added cloud as an optional dependency (elastic#69050)
  Fixed all external links (elastic#68614)
  [DOCS] Reorganizes doc nav to match new Kibana nav (elastic#69069)
  [Endpoint] Using the stats provided by the backend for resolver UI (elastic#68577)
  [DOCS] Removees 8.0 from Upgrade Assistant docs (elastic#69067)
  [ML] Fix cloud deployment ID check (elastic#68695)
  [DOCS] Move metrics app content to metrics monitoring guide (elastic#69033)
  Add ingest manager topic to docs (elastic#68980)
  [SECURITY SOLUTION] EMT-401: add policy data to metadata and fix tests (elastic#68582)
  [DOCS] Fixes POST request for saved objects (elastic#69036)
  ...
gmmorris added a commit to gmmorris/kibana that referenced this pull request Jun 15, 2020
@gmmorris
Merge branch 'master' into alerting/consumer-based-rbac
f34d031 
* master: (60 commits)
  Re-enable mistakenly skipped tests. (elastic#69123)
  [Search][BUG] Call wrong search strategy recursively in async search (elastic#69116)
  [Observability] Create context container to enable Observability plugin registry function (elastic#68642)
  Rename space id for disabled index pattern test (elastic#68990)
  skip flaky suite (elastic#63339)
  Resolver Light Theme And Kibana Integration (elastic#67859)
  [kbn/dev-utils] expose public tooling_log module (elastic#68868)
  index pattern(s) take dependencies as object (elastic#69055)
  include ci-stats metrics in pr comment (elastic#68563)
  Bump webpack packages (elastic#68716)
  [Uptime] Fixed metric query broken because of missing mapping (elastic#68999)
  Added cloud as an optional dependency (elastic#69050)
  Fixed all external links (elastic#68614)
  [DOCS] Reorganizes doc nav to match new Kibana nav (elastic#69069)
  [Endpoint] Using the stats provided by the backend for resolver UI (elastic#68577)
  [DOCS] Removees 8.0 from Upgrade Assistant docs (elastic#69067)
  [ML] Fix cloud deployment ID check (elastic#68695)
  [DOCS] Move metrics app content to metrics monitoring guide (elastic#69033)
  Add ingest manager topic to docs (elastic#68980)
  [SECURITY SOLUTION] EMT-401: add policy data to metadata and fix tests (elastic#68582)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonathan-buttner jonathan-buttner jonathan-buttner approved these changes

@kevinlog kevinlog kevinlog approved these changes

Assignees
No one assigned
Labels
Feature:Endpoint Elastic Endpoint feature release_note:skip Skip the PR/issue when compiling release notes v7.9.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@nnamdifrankie @elasticmachine @charlie-pichette @kibanamachine @jonathan-buttner @kevinlog @oatkiller