New events resolver #82170
New events resolver #82170
Conversation
IgorGuz2000
added
release_note:fix
Team:Endpoint Data Visibility
|
Pinging @elastic/endpoint-app-team (Feature:Resolver) |
|
Pinging @elastic/endpoint-data-visibility-team (Team:Endpoint Data Visibility) |
MindyRS
added
the
Team: SecuritySolution
| @@ -121,6 +121,8 @@ export function SecurityHostsPageProvider({ getService, getPageObjects }: FtrPro | |||
| for (let i = 0; i < NodeSubmenuItems.length; i++) { | |||
| await (await testSubjects.findAll('resolver:map:node-submenu-item'))[i].click(); | |||
| const Events = await testSubjects.findAll('resolver:map:node-submenu-item'); | |||
| // this sleep is for the AMP enabled run | |||
| await pageObjects.common.sleep(300); | |||
There was a problem hiding this comment.
How much does this sleep add to the duration of every test? Is there a way you can convert this to a wait?
There was a problem hiding this comment.
I try to do the wait and different ways nothing works.
There was a problem hiding this comment.
it just adds 2 sec per test only
There was a problem hiding this comment.
I support a Sleep if we need the tests passing and to unblock the build. Always good to question it and follow up more if we can improve it
| @@ -121,6 +121,8 @@ export function SecurityHostsPageProvider({ getService, getPageObjects }: FtrPro | |||
| for (let i = 0; i < NodeSubmenuItems.length; i++) { | |||
| await (await testSubjects.findAll('resolver:map:node-submenu-item'))[i].click(); | |||
| const Events = await testSubjects.findAll('resolver:map:node-submenu-item'); | |||
| // this sleep is for the AMP enabled run | |||
There was a problem hiding this comment.
Typo here, can you change it to APM in a subsequent PR please
|
That's wise for us to take the time to review all of the ES-Archive datasets we have and see if we can safely combine them to reduce overall size. but I submit we can do that in a separate pr. Progress over perfection. |
|
@elasticmachine merge upstream |
|
@EricDavisX I'm primarily concerned that this new archive being added into the source tree for a single test is enormous. Looking at the uncompressed data, I see over 95000 documents and 10,000,000 lines of text. |
|
@IgorGuz2000 95,000 documents in the archive file seems like a lot for a test checking a single node. Since all the documents are for the same host we should remove the extraneous documents and keep only the ones we need to validate the test. This would also improve the test run time. |
|
This test is testing Alert event and all the data is the related events of this alert. I use Jeff script to pull the data only of one alert and this is what I get. |
|
Can you check what events show up in kibana and what indices you are storing? you should have ~800 events based on But marshall mentioned you are storing ~95k docs |
|
I am not counting all of them |
|
The process tree you're examining has 11k documents? |
💚 Build SucceededMetrics [docs]
History
To update your PR or re-run it, just comment with: |
* master: (39 commits) Fix ilm navigation (elastic#81664) [Lens] Distinct icons for XY and pie chart value labels toolbar (elastic#82927) [data.search.aggs] Throw an error when trying to create an agg type that doesn't exist. (elastic#81509) Index patterns api - load field list on server (elastic#82629) New events resolver (elastic#82170) [App Search] Misc naming tech debt (elastic#82770) load empty_kibana in test to have clean starting point (elastic#82772) Remove data <--> expressions circular dependencies. (elastic#82685) Update 8.0 breaking change template to gather information on how to programmatically detect it. (elastic#82905) Add alerting as codeowners to related documentation folder (elastic#82777) Add captions to user and space grid pages (elastic#82713) add alternate path for x-pack/Cloud test for Lens (elastic#82634) Uses asCurrentUser in getClusterUuid (elastic#82908) [Alerting][Connectors] Add new executor subaction to get 3rd party case fields (elastic#82519) Fix test import objects (elastic#82767) [ML] Add option for anomaly charts for metric detector should plot min, mean or max as appropriate (elastic#81662) Update alert type selection layout to rows instead of grid (elastic#73665) Prevent Kerberos and PKI providers from initiating a new session for unauthenticated XHR/API requests. (elastic#82817) Update grunt and related packages (elastic#79327) Allow the repository to search across all namespaces (elastic#82863) ...
kibanamachine
added
the
backport missing
|
Friendly reminder: Looks like this PR hasn’t been backported yet. |
2 similar comments
|
Friendly reminder: Looks like this PR hasn’t been backported yet. |
|
Friendly reminder: Looks like this PR hasn’t been backported yet. |
* Added Test for event.library * renamed data directry and gzip data file * rename expectedData file * Changes per Charlie request * Changes for the enable_APM-ci branch * Update resolver.ts * Added comment per Charlie request * Update resolver.ts * Added Alert Test for Resolver and fix for the APM enabled Run fail * Added Alert Test for Resolver and fix for the APM enabled Run fail * removed commented out code * Fixing CI fail * Fixing CI fail * Removed Alert Resolver test * aAdding Alert test back * Adding Alert test back * Adding Alert test back * Adding info log for debuging * Adding info log for debuging * Adding info log for debuging * Adding info log for debuging * Adding info log for debuging * Adding info log for debuging * adding one more verification for Data * stripedd Data file Co-authored-by: Kibana Machine <[email protected]>
|
Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync. |
* New events resolver (#82170) * Added Test for event.library * renamed data directry and gzip data file * rename expectedData file * Changes per Charlie request * Changes for the enable_APM-ci branch * Update resolver.ts * Added comment per Charlie request * Update resolver.ts * Added Alert Test for Resolver and fix for the APM enabled Run fail * Added Alert Test for Resolver and fix for the APM enabled Run fail * removed commented out code * Fixing CI fail * Fixing CI fail * Removed Alert Resolver test * aAdding Alert test back * Adding Alert test back * Adding Alert test back * Adding info log for debuging * Adding info log for debuging * Adding info log for debuging * Adding info log for debuging * Adding info log for debuging * Adding info log for debuging * adding one more verification for Data * stripedd Data file Co-authored-by: Kibana Machine <[email protected]> * Update hosts_page.ts * Update resolver.ts * Update resolver.ts * Update hosts_page.ts * Update resolver.ts Co-authored-by: Kibana Machine <[email protected]>
kibanamachine
removed
the
backport missing
Summary
Added Alert Test for Resolver and fix for the APM enabled Run fail
Checklist
Delete any items that are not applicable to this PR.
For maintainers