github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Entity Analytics] [Entity Store] Add basic e2e tests and + tidy API route names (#193161)

Browse source 
## Summary

Adds basic end to end tests for the engine CRUD routes.

I also noticed there was some inconsistency in the naming of the API
routes which I have fixed.

---------

Co-authored-by: machadoum <pablo.nevesmachado@elastic.co>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Tiago Vila Verde <tiago.vilaverde@elastic.co>
This commit is contained in:
Mark Hopkin 2024-09-24 09:31:32 +01:00 committed by GitHub
parent b78b633797
commit 0b4f8774dd
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
33 changed files with 562 additions and 290 deletions
Download patch file Download diff file Expand all files Collapse all files

40
oas_docs/output/kibana.serverless.staging.yaml
View file

@ -8169,7 +8169,7 @@ paths:
- Security Solution Endpoint Management API
/api/entity_store/engines:
get:
operationId: ListEntityStoreEngines
operationId: ListEntityEngines
responses:
'200':
content:
@ -8185,14 +8185,14 @@ paths:
#/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor
type: array
description: Successful response
summary: List the Entity Store engines
summary: List the Entity Engines
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}:
delete:
operationId: DeleteEntityStore
operationId: DeleteEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -8215,13 +8215,13 @@ paths:
deleted:
type: boolean
description: Successful response
summary: Delete the Entity Store engine
summary: Delete the Entity Engine
tags:
- Security Solution Entity Analytics API
get:
operationId: GetEntityStoreEngine
operationId: GetEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -8236,14 +8236,14 @@ paths:
$ref: >-
#/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor
description: Successful response
summary: Get the Entity Store engine
summary: Get an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/init:
post:
operationId: InitEntityStore
operationId: InitEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -8271,14 +8271,14 @@ paths:
$ref: >-
#/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor
description: Successful response
summary: Initialize the Entity Store
summary: Initialize an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/start:
post:
operationId: StartEntityStore
operationId: StartEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -8295,14 +8295,14 @@ paths:
started:
type: boolean
description: Successful response
summary: Start the Entity Store engine
summary: Start an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/stats:
post:
operationId: GetEntityStoreStats
operationId: GetEntityEngineStats
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -8334,14 +8334,14 @@ paths:
$ref: >-
#/components/schemas/Security_Solution_Entity_Analytics_API_EntityType
description: Successful response
summary: Get the Entity Store engine stats
summary: Get Entity Engine stats
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/stop:
post:
operationId: StopEntityStore
operationId: StopEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -8358,7 +8358,7 @@ paths:
stopped:
type: boolean
description: Successful response
summary: Stop the Entity Store engine
summary: Stop an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/entities/list:

40
oas_docs/output/kibana.staging.yaml
View file

@ -11616,7 +11616,7 @@ paths:
- Security Solution Endpoint Management API
/api/entity_store/engines:
get:
operationId: ListEntityStoreEngines
operationId: ListEntityEngines
responses:
'200':
content:
@ -11632,14 +11632,14 @@ paths:
#/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor
type: array
description: Successful response
summary: List the Entity Store engines
summary: List the Entity Engines
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}:
delete:
operationId: DeleteEntityStore
operationId: DeleteEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -11662,13 +11662,13 @@ paths:
deleted:
type: boolean
description: Successful response
summary: Delete the Entity Store engine
summary: Delete the Entity Engine
tags:
- Security Solution Entity Analytics API
get:
operationId: GetEntityStoreEngine
operationId: GetEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -11683,14 +11683,14 @@ paths:
$ref: >-
#/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor
description: Successful response
summary: Get the Entity Store engine
summary: Get an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/init:
post:
operationId: InitEntityStore
operationId: InitEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -11718,14 +11718,14 @@ paths:
$ref: >-
#/components/schemas/Security_Solution_Entity_Analytics_API_EngineDescriptor
description: Successful response
summary: Initialize the Entity Store
summary: Initialize an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/start:
post:
operationId: StartEntityStore
operationId: StartEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -11742,14 +11742,14 @@ paths:
started:
type: boolean
description: Successful response
summary: Start the Entity Store engine
summary: Start an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/stats:
post:
operationId: GetEntityStoreStats
operationId: GetEntityEngineStats
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -11781,14 +11781,14 @@ paths:
$ref: >-
#/components/schemas/Security_Solution_Entity_Analytics_API_EntityType
description: Successful response
summary: Get the Entity Store engine stats
summary: Get Entity Engine stats
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/stop:
post:
operationId: StopEntityStore
operationId: StopEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -11805,7 +11805,7 @@ paths:
stopped:
type: boolean
description: Successful response
summary: Stop the Entity Store engine
summary: Stop an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/entities/list:

20
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/delete.gen.ts
View file

@ -10,7 +10,7 @@
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Delete the entity store engine
* title: Delete an Entity Engine
* version: 2023-10-31
*/
@ -19,25 +19,25 @@ import { BooleanFromString } from '@kbn/zod-helpers';
import { EntityType } from '../common.gen';
export type DeleteEntityStoreRequestQuery = z.infer<typeof DeleteEntityStoreRequestQuery>;
export const DeleteEntityStoreRequestQuery = z.object({
export type DeleteEntityEngineRequestQuery = z.infer<typeof DeleteEntityEngineRequestQuery>;
export const DeleteEntityEngineRequestQuery = z.object({
/**
* Control flag to also delete the entity data.
*/
data: BooleanFromString.optional(),
});
export type DeleteEntityStoreRequestQueryInput = z.input<typeof DeleteEntityStoreRequestQuery>;
export type DeleteEntityEngineRequestQueryInput = z.input<typeof DeleteEntityEngineRequestQuery>;
export type DeleteEntityStoreRequestParams = z.infer<typeof DeleteEntityStoreRequestParams>;
export const DeleteEntityStoreRequestParams = z.object({
export type DeleteEntityEngineRequestParams = z.infer<typeof DeleteEntityEngineRequestParams>;
export const DeleteEntityEngineRequestParams = z.object({
/**
* The entity type of the store (either 'user' or 'host').
* The entity type of the engine (either 'user' or 'host').
*/
entityType: EntityType,
});
export type DeleteEntityStoreRequestParamsInput = z.input<typeof DeleteEntityStoreRequestParams>;
export type DeleteEntityEngineRequestParamsInput = z.input<typeof DeleteEntityEngineRequestParams>;
export type DeleteEntityStoreResponse = z.infer<typeof DeleteEntityStoreResponse>;
export const DeleteEntityStoreResponse = z.object({
export type DeleteEntityEngineResponse = z.infer<typeof DeleteEntityEngineResponse>;
export const DeleteEntityEngineResponse = z.object({
deleted: z.boolean().optional(),
});

8
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/delete.schema.yaml
View file

@ -1,22 +1,22 @@
openapi: 3.0.0
info:
title: Delete the entity store engine
title: Delete an Entity Engine
version: '2023-10-31'
paths:
/api/entity_store/engines/{entityType}:
delete:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: DeleteEntityStore
summary: Delete the Entity Store engine
operationId: DeleteEntityEngine
summary: Delete the Entity Engine
parameters:
- name: entityType
in: path
required: true
schema:
$ref: '../common.schema.yaml#/components/schemas/EntityType'
description: The entity type of the store (either 'user' or 'host').
description: The entity type of the engine (either 'user' or 'host').
- name: data
in: query

16
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/get.gen.ts
View file

@ -10,7 +10,7 @@
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Get Entity Store engine
* title: Get Entity Engine
* version: 2023-10-31
*/
@ -18,16 +18,14 @@ import { z } from '@kbn/zod';
import { EntityType, EngineDescriptor } from '../common.gen';
export type GetEntityStoreEngineRequestParams = z.infer<typeof GetEntityStoreEngineRequestParams>;
export const GetEntityStoreEngineRequestParams = z.object({
export type GetEntityEngineRequestParams = z.infer<typeof GetEntityEngineRequestParams>;
export const GetEntityEngineRequestParams = z.object({
/**
* The entity type of the store (either 'user' or 'host').
* The entity type of the engine (either 'user' or 'host').
*/
entityType: EntityType,
});
export type GetEntityStoreEngineRequestParamsInput = z.input<
typeof GetEntityStoreEngineRequestParams
>;
export type GetEntityEngineRequestParamsInput = z.input<typeof GetEntityEngineRequestParams>;
export type GetEntityStoreEngineResponse = z.infer<typeof GetEntityStoreEngineResponse>;
export const GetEntityStoreEngineResponse = EngineDescriptor;
export type GetEntityEngineResponse = z.infer<typeof GetEntityEngineResponse>;
export const GetEntityEngineResponse = EngineDescriptor;

8
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/get.schema.yaml
View file

@ -1,21 +1,21 @@
openapi: 3.0.0
info:
title: Get Entity Store engine
title: Get Entity Engine
version: '2023-10-31'
paths:
/api/entity_store/engines/{entityType}:
get:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: GetEntityStoreEngine
summary: Get the Entity Store engine
operationId: GetEntityEngine
summary: Get an Entity Engine
parameters:
- name: entityType
in: path
required: true
schema:
$ref: '../common.schema.yaml#/components/schemas/EntityType'
description: The entity type of the store (either 'user' or 'host').
description: The entity type of the engine (either 'user' or 'host').
responses:
'200':
description: Successful response

20
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/init.gen.ts
View file

@ -10,7 +10,7 @@
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Init Entity Store types
* title: Init Entity Engine
* version: 2023-10-31
*/
@ -18,21 +18,21 @@ import { z } from '@kbn/zod';
import { EntityType, IndexPattern, EngineDescriptor } from '../common.gen';
export type InitEntityStoreRequestParams = z.infer<typeof InitEntityStoreRequestParams>;
export const InitEntityStoreRequestParams = z.object({
export type InitEntityEngineRequestParams = z.infer<typeof InitEntityEngineRequestParams>;
export const InitEntityEngineRequestParams = z.object({
/**
* The entity type of the store (either 'user' or 'host').
* The entity type of the engine (either 'user' or 'host').
*/
entityType: EntityType,
});
export type InitEntityStoreRequestParamsInput = z.input<typeof InitEntityStoreRequestParams>;
export type InitEntityEngineRequestParamsInput = z.input<typeof InitEntityEngineRequestParams>;
export type InitEntityStoreRequestBody = z.infer<typeof InitEntityStoreRequestBody>;
export const InitEntityStoreRequestBody = z.object({
export type InitEntityEngineRequestBody = z.infer<typeof InitEntityEngineRequestBody>;
export const InitEntityEngineRequestBody = z.object({
indexPattern: IndexPattern.optional(),
filter: z.string().optional(),
});
export type InitEntityStoreRequestBodyInput = z.input<typeof InitEntityStoreRequestBody>;
export type InitEntityEngineRequestBodyInput = z.input<typeof InitEntityEngineRequestBody>;
export type InitEntityStoreResponse = z.infer<typeof InitEntityStoreResponse>;
export const InitEntityStoreResponse = EngineDescriptor;
export type InitEntityEngineResponse = z.infer<typeof InitEntityEngineResponse>;
export const InitEntityEngineResponse = EngineDescriptor;

8
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/init.schema.yaml
View file

@ -1,22 +1,22 @@
openapi: 3.0.0
info:
title: Init Entity Store types
title: Init Entity Engine
version: '2023-10-31'
paths:
/api/entity_store/engines/{entityType}/init:
post:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: InitEntityStore
summary: Initialize the Entity Store
operationId: InitEntityEngine
summary: Initialize an Entity Engine
parameters:
- name: entityType
in: path
required: true
schema:
$ref: '../common.schema.yaml#/components/schemas/EntityType'
description: The entity type of the store (either 'user' or 'host').
description: The entity type of the engine (either 'user' or 'host').
requestBody:
description: Schema for the engine initialization
required: true

6
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/list.gen.ts
View file

@ -10,7 +10,7 @@
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: List Entity Store engines
* title: List Entity Engines
* version: 2023-10-31
*/
@ -18,8 +18,8 @@ import { z } from '@kbn/zod';
import { EngineDescriptor } from '../common.gen';
export type ListEntityStoreEnginesResponse = z.infer<typeof ListEntityStoreEnginesResponse>;
export const ListEntityStoreEnginesResponse = z.object({
export type ListEntityEnginesResponse = z.infer<typeof ListEntityEnginesResponse>;
export const ListEntityEnginesResponse = z.object({
count: z.number().int().optional(),
engines: z.array(EngineDescriptor).optional(),
});

6
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/list.schema.yaml
View file

@ -1,14 +1,14 @@
openapi: 3.0.0
info:
title: List Entity Store engines
title: List Entity Engines
version: '2023-10-31'
paths:
/api/entity_store/engines:
get:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: ListEntityStoreEngines
summary: List the Entity Store engines
operationId: ListEntityEngines
summary: List the Entity Engines
responses:
'200':
description: Successful response

14
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/start.gen.ts
View file

@ -10,7 +10,7 @@
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Start the entity store engine
* title: Start an Entity Engine
* version: 2023-10-31
*/
@ -18,16 +18,16 @@ import { z } from '@kbn/zod';
import { EntityType } from '../common.gen';
export type StartEntityStoreRequestParams = z.infer<typeof StartEntityStoreRequestParams>;
export const StartEntityStoreRequestParams = z.object({
export type StartEntityEngineRequestParams = z.infer<typeof StartEntityEngineRequestParams>;
export const StartEntityEngineRequestParams = z.object({
/**
* The entity type of the store (either 'user' or 'host').
* The entity type of the engine (either 'user' or 'host').
*/
entityType: EntityType,
});
export type StartEntityStoreRequestParamsInput = z.input<typeof StartEntityStoreRequestParams>;
export type StartEntityEngineRequestParamsInput = z.input<typeof StartEntityEngineRequestParams>;
export type StartEntityStoreResponse = z.infer<typeof StartEntityStoreResponse>;
export const StartEntityStoreResponse = z.object({
export type StartEntityEngineResponse = z.infer<typeof StartEntityEngineResponse>;
export const StartEntityEngineResponse = z.object({
started: z.boolean().optional(),
});

8
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/start.schema.yaml
View file

@ -1,22 +1,22 @@
openapi: 3.0.0
info:
title: Start the entity store engine
title: Start an Entity Engine
version: '2023-10-31'
paths:
/api/entity_store/engines/{entityType}/start:
post:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: StartEntityStore
summary: Start the Entity Store engine
operationId: StartEntityEngine
summary: Start an Entity Engine
parameters:
- name: entityType
in: path
required: true
schema:
$ref: '../common.schema.yaml#/components/schemas/EntityType'
description: The entity type of the store (either 'user' or 'host').
description: The entity type of the engine (either 'user' or 'host').
responses:
'200':
description: Successful response

16
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/stats.gen.ts
View file

@ -10,7 +10,7 @@
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Get the entity store engine stats
* title: Get Entity Engine stats
* version: 2023-10-31
*/
@ -18,19 +18,19 @@ import { z } from '@kbn/zod';
import { EntityType, IndexPattern, EngineStatus } from '../common.gen';
export type GetEntityStoreStatsRequestParams = z.infer<typeof GetEntityStoreStatsRequestParams>;
export const GetEntityStoreStatsRequestParams = z.object({
export type GetEntityEngineStatsRequestParams = z.infer<typeof GetEntityEngineStatsRequestParams>;
export const GetEntityEngineStatsRequestParams = z.object({
/**
* The entity type of the store (either 'user' or 'host').
* The entity type of the engine (either 'user' or 'host').
*/
entityType: EntityType,
});
export type GetEntityStoreStatsRequestParamsInput = z.input<
typeof GetEntityStoreStatsRequestParams
export type GetEntityEngineStatsRequestParamsInput = z.input<
typeof GetEntityEngineStatsRequestParams
>;
export type GetEntityStoreStatsResponse = z.infer<typeof GetEntityStoreStatsResponse>;
export const GetEntityStoreStatsResponse = z.object({
export type GetEntityEngineStatsResponse = z.infer<typeof GetEntityEngineStatsResponse>;
export const GetEntityEngineStatsResponse = z.object({
type: EntityType.optional(),
indexPattern: IndexPattern.optional(),
status: EngineStatus.optional(),

8
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/stats.schema.yaml
View file

@ -1,22 +1,22 @@
openapi: 3.0.0
info:
title: Get the entity store engine stats
title: Get Entity Engine stats
version: '2023-10-31'
paths:
/api/entity_store/engines/{entityType}/stats:
post:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: GetEntityStoreStats
summary: Get the Entity Store engine stats
operationId: GetEntityEngineStats
summary: Get Entity Engine stats
parameters:
- name: entityType
in: path
required: true
schema:
$ref: '../common.schema.yaml#/components/schemas/EntityType'
description: The entity type of the store (either 'user' or 'host').
description: The entity type of the engine (either 'user' or 'host').
responses:
'200':
description: Successful response

14
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/stop.gen.ts
View file

@ -10,7 +10,7 @@
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Stop the entity store engine
* title: Stop an Entity Engine
* version: 2023-10-31
*/
@ -18,16 +18,16 @@ import { z } from '@kbn/zod';
import { EntityType } from '../common.gen';
export type StopEntityStoreRequestParams = z.infer<typeof StopEntityStoreRequestParams>;
export const StopEntityStoreRequestParams = z.object({
export type StopEntityEngineRequestParams = z.infer<typeof StopEntityEngineRequestParams>;
export const StopEntityEngineRequestParams = z.object({
/**
* The entity type of the store (either 'user' or 'host').
* The entity type of the engine (either 'user' or 'host').
*/
entityType: EntityType,
});
export type StopEntityStoreRequestParamsInput = z.input<typeof StopEntityStoreRequestParams>;
export type StopEntityEngineRequestParamsInput = z.input<typeof StopEntityEngineRequestParams>;
export type StopEntityStoreResponse = z.infer<typeof StopEntityStoreResponse>;
export const StopEntityStoreResponse = z.object({
export type StopEntityEngineResponse = z.infer<typeof StopEntityEngineResponse>;
export const StopEntityEngineResponse = z.object({
stopped: z.boolean().optional(),
});

8
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/engine/stop.schema.yaml
View file

@ -1,22 +1,22 @@
openapi: 3.0.0
info:
title: Stop the entity store engine
title: Stop an Entity Engine
version: '2023-10-31'
paths:
/api/entity_store/engines/{entityType}/stop:
post:
x-labels: [ess, serverless]
x-codegen-enabled: true
operationId: StopEntityStore
summary: Stop the Entity Store engine
operationId: StopEntityEngine
summary: Stop an Entity Engine
parameters:
- name: entityType
in: path
required: true
schema:
$ref: '../common.schema.yaml#/components/schemas/EntityType'
description: The entity type of the store (either 'user' or 'host').
description: The entity type of the engine (either 'user' or 'host').
responses:
'200':
description: Successful response

100
x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts
View file

@ -244,31 +244,31 @@ import type {
UploadAssetCriticalityRecordsResponse,
} from './entity_analytics/asset_criticality/upload_asset_criticality_csv.gen';
import type {
DeleteEntityStoreRequestQueryInput,
DeleteEntityStoreRequestParamsInput,
DeleteEntityStoreResponse,
DeleteEntityEngineRequestQueryInput,
DeleteEntityEngineRequestParamsInput,
DeleteEntityEngineResponse,
} from './entity_analytics/entity_store/engine/delete.gen';
import type {
GetEntityStoreEngineRequestParamsInput,
GetEntityStoreEngineResponse,
GetEntityEngineRequestParamsInput,
GetEntityEngineResponse,
} from './entity_analytics/entity_store/engine/get.gen';
import type {
InitEntityStoreRequestParamsInput,
InitEntityStoreRequestBodyInput,
InitEntityStoreResponse,
InitEntityEngineRequestParamsInput,
InitEntityEngineRequestBodyInput,
InitEntityEngineResponse,
} from './entity_analytics/entity_store/engine/init.gen';
import type { ListEntityStoreEnginesResponse } from './entity_analytics/entity_store/engine/list.gen';
import type { ListEntityEnginesResponse } from './entity_analytics/entity_store/engine/list.gen';
import type {
StartEntityStoreRequestParamsInput,
StartEntityStoreResponse,
StartEntityEngineRequestParamsInput,
StartEntityEngineResponse,
} from './entity_analytics/entity_store/engine/start.gen';
import type {
GetEntityStoreStatsRequestParamsInput,
GetEntityStoreStatsResponse,
GetEntityEngineStatsRequestParamsInput,
GetEntityEngineStatsResponse,
} from './entity_analytics/entity_store/engine/stats.gen';
import type {
StopEntityStoreRequestParamsInput,
StopEntityStoreResponse,
StopEntityEngineRequestParamsInput,
StopEntityEngineResponse,
} from './entity_analytics/entity_store/engine/stop.gen';
import type {
ListEntitiesRequestQueryInput,
@ -666,10 +666,10 @@ If a record already exists for the specified entity, that record is overwritten
})
.catch(catchAxiosErrorFormatAndThrow);
}
async deleteEntityStore(props: DeleteEntityStoreProps) {
this.log.info(`${new Date().toISOString()} Calling API DeleteEntityStore`);
async deleteEntityEngine(props: DeleteEntityEngineProps) {
this.log.info(`${new Date().toISOString()} Calling API DeleteEntityEngine`);
return this.kbnClient
.request<DeleteEntityStoreResponse>({
.request<DeleteEntityEngineResponse>({
path: replaceParams('/api/entity_store/engines/{entityType}', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
@ -1227,10 +1227,10 @@ finalize it.
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getEntityStoreEngine(props: GetEntityStoreEngineProps) {
this.log.info(`${new Date().toISOString()} Calling API GetEntityStoreEngine`);
async getEntityEngine(props: GetEntityEngineProps) {
this.log.info(`${new Date().toISOString()} Calling API GetEntityEngine`);
return this.kbnClient
.request<GetEntityStoreEngineResponse>({
.request<GetEntityEngineResponse>({
path: replaceParams('/api/entity_store/engines/{entityType}', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
@ -1239,10 +1239,10 @@ finalize it.
})
.catch(catchAxiosErrorFormatAndThrow);
}
async getEntityStoreStats(props: GetEntityStoreStatsProps) {
this.log.info(`${new Date().toISOString()} Calling API GetEntityStoreStats`);
async getEntityEngineStats(props: GetEntityEngineStatsProps) {
this.log.info(`${new Date().toISOString()} Calling API GetEntityEngineStats`);
return this.kbnClient
.request<GetEntityStoreStatsResponse>({
.request<GetEntityEngineStatsResponse>({
path: replaceParams('/api/entity_store/engines/{entityType}/stats', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
@ -1416,10 +1416,10 @@ finalize it.
})
.catch(catchAxiosErrorFormatAndThrow);
}
async initEntityStore(props: InitEntityStoreProps) {
this.log.info(`${new Date().toISOString()} Calling API InitEntityStore`);
async initEntityEngine(props: InitEntityEngineProps) {
this.log.info(`${new Date().toISOString()} Calling API InitEntityEngine`);
return this.kbnClient
.request<InitEntityStoreResponse>({
.request<InitEntityEngineResponse>({
path: replaceParams('/api/entity_store/engines/{entityType}/init', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
@ -1505,10 +1505,10 @@ finalize it.
})
.catch(catchAxiosErrorFormatAndThrow);
}
async listEntityStoreEngines() {
this.log.info(`${new Date().toISOString()} Calling API ListEntityStoreEngines`);
async listEntityEngines() {
this.log.info(`${new Date().toISOString()} Calling API ListEntityEngines`);
return this.kbnClient
.request<ListEntityStoreEnginesResponse>({
.request<ListEntityEnginesResponse>({
path: '/api/entity_store/engines',
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
@ -1862,10 +1862,10 @@ detection engine rules.
})
.catch(catchAxiosErrorFormatAndThrow);
}
async startEntityStore(props: StartEntityStoreProps) {
this.log.info(`${new Date().toISOString()} Calling API StartEntityStore`);
async startEntityEngine(props: StartEntityEngineProps) {
this.log.info(`${new Date().toISOString()} Calling API StartEntityEngine`);
return this.kbnClient
.request<StartEntityStoreResponse>({
.request<StartEntityEngineResponse>({
path: replaceParams('/api/entity_store/engines/{entityType}/start', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
@ -1874,10 +1874,10 @@ detection engine rules.
})
.catch(catchAxiosErrorFormatAndThrow);
}
async stopEntityStore(props: StopEntityStoreProps) {
this.log.info(`${new Date().toISOString()} Calling API StopEntityStore`);
async stopEntityEngine(props: StopEntityEngineProps) {
this.log.info(`${new Date().toISOString()} Calling API StopEntityEngine`);
return this.kbnClient
.request<StopEntityStoreResponse>({
.request<StopEntityEngineResponse>({
path: replaceParams('/api/entity_store/engines/{entityType}/stop', props.params),
headers: {
[ELASTIC_HTTP_VERSION_HEADER]: '2023-10-31',
@ -1996,9 +1996,9 @@ export interface CreateUpdateProtectionUpdatesNoteProps {
export interface DeleteAssetCriticalityRecordProps {
query: DeleteAssetCriticalityRecordRequestQueryInput;
}
export interface DeleteEntityStoreProps {
query: DeleteEntityStoreRequestQueryInput;
params: DeleteEntityStoreRequestParamsInput;
export interface DeleteEntityEngineProps {
query: DeleteEntityEngineRequestQueryInput;
params: DeleteEntityEngineRequestParamsInput;
}
export interface DeleteNoteProps {
body: DeleteNoteRequestBodyInput;
@ -2093,11 +2093,11 @@ export interface GetEndpointSuggestionsProps {
params: GetEndpointSuggestionsRequestParamsInput;
body: GetEndpointSuggestionsRequestBodyInput;
}
export interface GetEntityStoreEngineProps {
params: GetEntityStoreEngineRequestParamsInput;
export interface GetEntityEngineProps {
params: GetEntityEngineRequestParamsInput;
}
export interface GetEntityStoreStatsProps {
params: GetEntityStoreStatsRequestParamsInput;
export interface GetEntityEngineStatsProps {
params: GetEntityEngineStatsRequestParamsInput;
}
export interface GetNotesProps {
query: GetNotesRequestQueryInput;
@ -2129,9 +2129,9 @@ export interface ImportRulesProps {
export interface ImportTimelinesProps {
body: ImportTimelinesRequestBodyInput;
}
export interface InitEntityStoreProps {
params: InitEntityStoreRequestParamsInput;
body: InitEntityStoreRequestBodyInput;
export interface InitEntityEngineProps {
params: InitEntityEngineRequestParamsInput;
body: InitEntityEngineRequestBodyInput;
}
export interface InstallPrepackedTimelinesProps {
body: InstallPrepackedTimelinesRequestBodyInput;
@ -2189,11 +2189,11 @@ export interface SetAlertsStatusProps {
export interface SetAlertTagsProps {
body: SetAlertTagsRequestBodyInput;
}
export interface StartEntityStoreProps {
params: StartEntityStoreRequestParamsInput;
export interface StartEntityEngineProps {
params: StartEntityEngineRequestParamsInput;
}
export interface StopEntityStoreProps {
params: StopEntityStoreRequestParamsInput;
export interface StopEntityEngineProps {
params: StopEntityEngineRequestParamsInput;
}
export interface SuggestUserProfilesProps {
query: SuggestUserProfilesRequestQueryInput;

40
x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml
View file

@ -269,7 +269,7 @@ paths:
- Security Solution Entity Analytics API
/api/entity_store/engines:
get:
operationId: ListEntityStoreEngines
operationId: ListEntityEngines
responses:
'200':
content:
@ -284,14 +284,14 @@ paths:
$ref: '#/components/schemas/EngineDescriptor'
type: array
description: Successful response
summary: List the Entity Store engines
summary: List the Entity Engines
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}:
delete:
operationId: DeleteEntityStore
operationId: DeleteEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -313,13 +313,13 @@ paths:
deleted:
type: boolean
description: Successful response
summary: Delete the Entity Store engine
summary: Delete the Entity Engine
tags:
- Security Solution Entity Analytics API
get:
operationId: GetEntityStoreEngine
operationId: GetEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -332,14 +332,14 @@ paths:
schema:
$ref: '#/components/schemas/EngineDescriptor'
description: Successful response
summary: Get the Entity Store engine
summary: Get an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/init:
post:
operationId: InitEntityStore
operationId: InitEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -364,14 +364,14 @@ paths:
schema:
$ref: '#/components/schemas/EngineDescriptor'
description: Successful response
summary: Initialize the Entity Store
summary: Initialize an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/start:
post:
operationId: StartEntityStore
operationId: StartEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -387,14 +387,14 @@ paths:
started:
type: boolean
description: Successful response
summary: Start the Entity Store engine
summary: Start an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/stats:
post:
operationId: GetEntityStoreStats
operationId: GetEntityEngineStats
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -422,14 +422,14 @@ paths:
type:
$ref: '#/components/schemas/EntityType'
description: Successful response
summary: Get the Entity Store engine stats
summary: Get Entity Engine stats
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/stop:
post:
operationId: StopEntityStore
operationId: StopEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -445,7 +445,7 @@ paths:
stopped:
type: boolean
description: Successful response
summary: Stop the Entity Store engine
summary: Stop an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/entities/list:

40
x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml
View file

@ -269,7 +269,7 @@ paths:
- Security Solution Entity Analytics API
/api/entity_store/engines:
get:
operationId: ListEntityStoreEngines
operationId: ListEntityEngines
responses:
'200':
content:
@ -284,14 +284,14 @@ paths:
$ref: '#/components/schemas/EngineDescriptor'
type: array
description: Successful response
summary: List the Entity Store engines
summary: List the Entity Engines
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}:
delete:
operationId: DeleteEntityStore
operationId: DeleteEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -313,13 +313,13 @@ paths:
deleted:
type: boolean
description: Successful response
summary: Delete the Entity Store engine
summary: Delete the Entity Engine
tags:
- Security Solution Entity Analytics API
get:
operationId: GetEntityStoreEngine
operationId: GetEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -332,14 +332,14 @@ paths:
schema:
$ref: '#/components/schemas/EngineDescriptor'
description: Successful response
summary: Get the Entity Store engine
summary: Get an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/init:
post:
operationId: InitEntityStore
operationId: InitEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -364,14 +364,14 @@ paths:
schema:
$ref: '#/components/schemas/EngineDescriptor'
description: Successful response
summary: Initialize the Entity Store
summary: Initialize an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/start:
post:
operationId: StartEntityStore
operationId: StartEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -387,14 +387,14 @@ paths:
started:
type: boolean
description: Successful response
summary: Start the Entity Store engine
summary: Start an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/stats:
post:
operationId: GetEntityStoreStats
operationId: GetEntityEngineStats
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -422,14 +422,14 @@ paths:
type:
$ref: '#/components/schemas/EntityType'
description: Successful response
summary: Get the Entity Store engine stats
summary: Get Entity Engine stats
tags:
- Security Solution Entity Analytics API
/api/entity_store/engines/{entityType}/stop:
post:
operationId: StopEntityStore
operationId: StopEntityEngine
parameters:
- description: The entity type of the store (either 'user' or 'host').
- description: The entity type of the engine (either 'user' or 'host').
in: path
name: entityType
required: true
@ -445,7 +445,7 @@ paths:
stopped:
type: boolean
description: Successful response
summary: Stop the Entity Store engine
summary: Stop an Entity Engine
tags:
- Security Solution Entity Analytics API
/api/entity_store/entities/list:

1
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/definition.ts
View file

@ -39,6 +39,7 @@ export const buildUserEntityDefinition = (space: string): EntityDefinition =>
entityDefinitionSchema.parse({
id: buildEntityDefinitionId('user', space),
name: 'EA User Store',
type: 'user',
indexPatterns: ENTITY_STORE_DEFAULT_SOURCE_INDICES,
identityFields: ['user.name'],
displayNameTemplate: '{{user.name}}',

8
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/entity_store_data_client.ts
View file

@ -12,8 +12,8 @@ import type { SortOrder } from '@elastic/elasticsearch/lib/api/types';
import type { Entity } from '../../../../common/api/entity_analytics/entity_store/entities/common.gen';
import { createQueryFilterClauses } from '../../../utils/build_query';
import type {
InitEntityStoreRequestBody,
InitEntityStoreResponse,
InitEntityEngineRequestBody,
InitEntityEngineResponse,
} from '../../../../common/api/entity_analytics/entity_store/engine/init.gen';
import type {
@ -53,8 +53,8 @@ export class EntityStoreDataClient {
public async init(
entityType: EntityType,
{ indexPattern = '', filter = '' }: InitEntityStoreRequestBody
): Promise<InitEntityStoreResponse> {
{ indexPattern = '', filter = '' }: InitEntityEngineRequestBody
): Promise<InitEntityEngineResponse> {
const definition = getEntityDefinition(entityType, this.options.namespace);
this.options.logger.info(`Initializing entity store for ${entityType}`);

14
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/delete.ts
View file

@ -10,10 +10,10 @@ import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import type { DeleteEntityStoreResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/delete.gen';
import type { DeleteEntityEngineResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/delete.gen';
import {
DeleteEntityStoreRequestQuery,
DeleteEntityStoreRequestParams,
DeleteEntityEngineRequestQuery,
DeleteEntityEngineRequestParams,
} from '../../../../../common/api/entity_analytics/entity_store/engine/delete.gen';
import { API_VERSIONS, APP_ID } from '../../../../../common/constants';
import type { EntityAnalyticsRoutesDeps } from '../../types';
@ -35,13 +35,13 @@ export const deleteEntityEngineRoute = (
version: API_VERSIONS.public.v1,
validate: {
request: {
query: buildRouteValidationWithZod(DeleteEntityStoreRequestQuery),
params: buildRouteValidationWithZod(DeleteEntityStoreRequestParams),
query: buildRouteValidationWithZod(DeleteEntityEngineRequestQuery),
params: buildRouteValidationWithZod(DeleteEntityEngineRequestParams),
},
},
},
async (context, request, response): Promise<IKibanaResponse<DeleteEntityStoreResponse>> => {
async (context, request, response): Promise<IKibanaResponse<DeleteEntityEngineResponse>> => {
const siemResponse = buildSiemResponse(response);
try {
@ -52,7 +52,7 @@ export const deleteEntityEngineRoute = (
return response.ok({ body });
} catch (e) {
logger.error('Error in DeleteEntityStore:', e);
logger.error('Error in DeleteEntityEngine:', e);
const error = transformError(e);
return siemResponse.error({
statusCode: error.statusCode,

14
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/get.ts
View file

@ -10,8 +10,8 @@ import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import type { GetEntityStoreEngineResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/get.gen';
import { GetEntityStoreEngineRequestParams } from '../../../../../common/api/entity_analytics/entity_store/engine/get.gen';
import type { GetEntityEngineResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/get.gen';
import { GetEntityEngineRequestParams } from '../../../../../common/api/entity_analytics/entity_store/engine/get.gen';
import { API_VERSIONS, APP_ID } from '../../../../../common/constants';
import type { EntityAnalyticsRoutesDeps } from '../../types';
@ -32,16 +32,12 @@ export const getEntityEngineRoute = (
version: API_VERSIONS.public.v1,
validate: {
request: {
params: buildRouteValidationWithZod(GetEntityStoreEngineRequestParams),
params: buildRouteValidationWithZod(GetEntityEngineRequestParams),
},
},
},
async (
context,
request,
response
): Promise<IKibanaResponse<GetEntityStoreEngineResponse>> => {
async (context, request, response): Promise<IKibanaResponse<GetEntityEngineResponse>> => {
const siemResponse = buildSiemResponse(response);
try {
@ -50,7 +46,7 @@ export const getEntityEngineRoute = (
return response.ok({ body });
} catch (e) {
logger.error('Error in GetEntityStoreEngine:', e);
logger.error('Error in GetEntityEngine:', e);
const error = transformError(e);
return siemResponse.error({
statusCode: error.statusCode,

16
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/init.ts
View file

@ -10,10 +10,10 @@ import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import type { InitEntityStoreResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/init.gen';
import type { InitEntityEngineResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/init.gen';
import {
InitEntityStoreRequestBody,
InitEntityStoreRequestParams,
InitEntityEngineRequestBody,
InitEntityEngineRequestParams,
} from '../../../../../common/api/entity_analytics/entity_store/engine/init.gen';
import { API_VERSIONS, APP_ID } from '../../../../../common/constants';
import type { EntityAnalyticsRoutesDeps } from '../../types';
@ -35,25 +35,25 @@ export const initEntityEngineRoute = (
version: API_VERSIONS.public.v1,
validate: {
request: {
params: buildRouteValidationWithZod(InitEntityStoreRequestParams),
body: buildRouteValidationWithZod(InitEntityStoreRequestBody),
params: buildRouteValidationWithZod(InitEntityEngineRequestParams),
body: buildRouteValidationWithZod(InitEntityEngineRequestBody),
},
},
},
async (context, request, response): Promise<IKibanaResponse<InitEntityStoreResponse>> => {
async (context, request, response): Promise<IKibanaResponse<InitEntityEngineResponse>> => {
const siemResponse = buildSiemResponse(response);
try {
const secSol = await context.securitySolution;
const body: InitEntityStoreResponse = await secSol
const body: InitEntityEngineResponse = await secSol
.getEntityStoreDataClient()
.init(request.params.entityType, request.body);
return response.ok({ body });
} catch (e) {
logger.error('Error in InitEntityStore:', e);
logger.error('Error in InitEntityEngine:', e);
const error = transformError(e);
return siemResponse.error({
statusCode: error.statusCode,

10
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/list.ts
View file

@ -9,7 +9,7 @@ import type { IKibanaResponse, Logger } from '@kbn/core/server';
import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import type { ListEntityStoreEnginesResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/list.gen';
import type { ListEntityEnginesResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/list.gen';
import { API_VERSIONS, APP_ID } from '../../../../../common/constants';
import type { EntityAnalyticsRoutesDeps } from '../../types';
@ -32,11 +32,7 @@ export const listEntityEnginesRoute = (
validate: {},
},
async (
context,
request,
response
): Promise<IKibanaResponse<ListEntityStoreEnginesResponse>> => {
async (context, request, response): Promise<IKibanaResponse<ListEntityEnginesResponse>> => {
const siemResponse = buildSiemResponse(response);
try {
@ -45,7 +41,7 @@ export const listEntityEnginesRoute = (
return response.ok({ body });
} catch (e) {
logger.error('Error in ListEntityStoreEngines:', e);
logger.error('Error in ListEntityEngines:', e);
const error = transformError(e);
return siemResponse.error({
statusCode: error.statusCode,

10
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/start.ts
View file

@ -10,8 +10,8 @@ import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import type { StartEntityStoreResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/start.gen';
import { StartEntityStoreRequestParams } from '../../../../../common/api/entity_analytics/entity_store/engine/start.gen';
import type { StartEntityEngineResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/start.gen';
import { StartEntityEngineRequestParams } from '../../../../../common/api/entity_analytics/entity_store/engine/start.gen';
import { API_VERSIONS, APP_ID } from '../../../../../common/constants';
import type { EntityAnalyticsRoutesDeps } from '../../types';
import { ENGINE_STATUS } from '../constants';
@ -33,12 +33,12 @@ export const startEntityEngineRoute = (
version: API_VERSIONS.public.v1,
validate: {
request: {
params: buildRouteValidationWithZod(StartEntityStoreRequestParams),
params: buildRouteValidationWithZod(StartEntityEngineRequestParams),
},
},
},
async (context, request, response): Promise<IKibanaResponse<StartEntityStoreResponse>> => {
async (context, request, response): Promise<IKibanaResponse<StartEntityEngineResponse>> => {
const siemResponse = buildSiemResponse(response);
try {
@ -47,7 +47,7 @@ export const startEntityEngineRoute = (
return response.ok({ body: { started: engine.status === ENGINE_STATUS.STARTED } });
} catch (e) {
logger.error('Error in StartEntityStore:', e);
logger.error('Error in StartEntityEngine:', e);
const error = transformError(e);
return siemResponse.error({
statusCode: error.statusCode,

14
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/stats.ts
View file

@ -10,8 +10,8 @@ import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import type { GetEntityStoreStatsResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/stats.gen';
import { GetEntityStoreStatsRequestParams } from '../../../../../common/api/entity_analytics/entity_store/engine/stats.gen';
import type { GetEntityEngineStatsResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/stats.gen';
import { GetEntityEngineStatsRequestParams } from '../../../../../common/api/entity_analytics/entity_store/engine/stats.gen';
import { API_VERSIONS, APP_ID } from '../../../../../common/constants';
import type { EntityAnalyticsRoutesDeps } from '../../types';
@ -32,12 +32,16 @@ export const getEntityEngineStatsRoute = (
version: API_VERSIONS.public.v1,
validate: {
request: {
params: buildRouteValidationWithZod(GetEntityStoreStatsRequestParams),
params: buildRouteValidationWithZod(GetEntityEngineStatsRequestParams),
},
},
},
async (context, request, response): Promise<IKibanaResponse<GetEntityStoreStatsResponse>> => {
async (
context,
request,
response
): Promise<IKibanaResponse<GetEntityEngineStatsResponse>> => {
const siemResponse = buildSiemResponse(response);
try {
@ -46,7 +50,7 @@ export const getEntityEngineStatsRoute = (
// return response.ok({ body });
} catch (e) {
logger.error('Error in GetEntityStoreStats:', e);
logger.error('Error in GetEntityEngineStats:', e);
const error = transformError(e);
return siemResponse.error({
statusCode: error.statusCode,

10
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/stop.ts
View file

@ -10,8 +10,8 @@ import { buildSiemResponse } from '@kbn/lists-plugin/server/routes/utils';
import { transformError } from '@kbn/securitysolution-es-utils';
import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import type { StopEntityStoreResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/stop.gen';
import { StopEntityStoreRequestParams } from '../../../../../common/api/entity_analytics/entity_store/engine/stop.gen';
import type { StopEntityEngineResponse } from '../../../../../common/api/entity_analytics/entity_store/engine/stop.gen';
import { StopEntityEngineRequestParams } from '../../../../../common/api/entity_analytics/entity_store/engine/stop.gen';
import { API_VERSIONS, APP_ID } from '../../../../../common/constants';
import type { EntityAnalyticsRoutesDeps } from '../../types';
import { ENGINE_STATUS } from '../constants';
@ -33,12 +33,12 @@ export const stopEntityEngineRoute = (
version: API_VERSIONS.public.v1,
validate: {
request: {
params: buildRouteValidationWithZod(StopEntityStoreRequestParams),
params: buildRouteValidationWithZod(StopEntityEngineRequestParams),
},
},
},
async (context, request, response): Promise<IKibanaResponse<StopEntityStoreResponse>> => {
async (context, request, response): Promise<IKibanaResponse<StopEntityEngineResponse>> => {
const siemResponse = buildSiemResponse(response);
try {
@ -47,7 +47,7 @@ export const stopEntityEngineRoute = (
return response.ok({ body: { stopped: engine.status === ENGINE_STATUS.STOPPED } });
} catch (e) {
logger.error('Error in StopEntityStore:', e);
logger.error('Error in StopEntityEngine:', e);
const error = transformError(e);
return siemResponse.error({
statusCode: error.statusCode,

58
x-pack/test/api_integration/services/security_solution_api.gen.ts
View file

@ -38,8 +38,8 @@ import {
} from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen';
import { DeleteAssetCriticalityRecordRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/delete_asset_criticality.gen';
import {
DeleteEntityStoreRequestQueryInput,
DeleteEntityStoreRequestParamsInput,
DeleteEntityEngineRequestQueryInput,
DeleteEntityEngineRequestParamsInput,
} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/delete.gen';
import { DeleteNoteRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/delete_note/delete_note_route.gen';
import { DeleteRuleRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/delete_rule/delete_rule_route.gen';
@ -80,8 +80,8 @@ import {
GetEndpointSuggestionsRequestParamsInput,
GetEndpointSuggestionsRequestBodyInput,
} from '@kbn/security-solution-plugin/common/api/endpoint/suggestions/get_suggestions.gen';
import { GetEntityStoreEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/get.gen';
import { GetEntityStoreStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/stats.gen';
import { GetEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/get.gen';
import { GetEntityEngineStatsRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/stats.gen';
import { GetNotesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/timeline/get_notes/get_notes_route.gen';
import { GetPolicyResponseRequestQueryInput } from '@kbn/security-solution-plugin/common/api/endpoint/policy/policy_response.gen';
import { GetProtectionUpdatesNoteRequestParamsInput } from '@kbn/security-solution-plugin/common/api/endpoint/protection_updates_note/protection_updates_note.gen';
@ -98,8 +98,8 @@ import { GetTimelinesRequestQueryInput } from '@kbn/security-solution-plugin/com
import { ImportRulesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/import_rules/import_rules_route.gen';
import { ImportTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/import_timelines/import_timelines_route.gen';
import {
InitEntityStoreRequestParamsInput,
InitEntityStoreRequestBodyInput,
InitEntityEngineRequestParamsInput,
InitEntityEngineRequestBodyInput,
} from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/init.gen';
import { InstallPrepackedTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/install_prepackaged_timelines/install_prepackaged_timelines_route.gen';
import { ListEntitiesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/entities/list_entities.gen';
@ -124,8 +124,8 @@ import { SearchAlertsRequestBodyInput } from '@kbn/security-solution-plugin/comm
import { SetAlertAssigneesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_assignees/set_alert_assignees_route.gen';
import { SetAlertsStatusRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals/set_signal_status/set_signals_status_route.gen';
import { SetAlertTagsRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen';
import { StartEntityStoreRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/start.gen';
import { StopEntityStoreRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/stop.gen';
import { StartEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/start.gen';
import { StopEntityEngineRequestParamsInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/engine/stop.gen';
import { SuggestUserProfilesRequestQueryInput } from '@kbn/security-solution-plugin/common/api/detection_engine/users/suggest_user_profiles_route.gen';
import { TriggerRiskScoreCalculationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/risk_engine/entity_calculation_route.gen';
import { UpdateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/update_rule/update_rule_route.gen';
@ -340,7 +340,7 @@ If a record already exists for the specified entity, that record is overwritten
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query(props.query);
},
deleteEntityStore(props: DeleteEntityStoreProps) {
deleteEntityEngine(props: DeleteEntityEngineProps) {
return supertest
.delete(replaceParams('/api/entity_store/engines/{entityType}', props.params))
.set('kbn-xsrf', 'true')
@ -715,14 +715,14 @@ finalize it.
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
getEntityStoreEngine(props: GetEntityStoreEngineProps) {
getEntityEngine(props: GetEntityEngineProps) {
return supertest
.get(replaceParams('/api/entity_store/engines/{entityType}', props.params))
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana');
},
getEntityStoreStats(props: GetEntityStoreStatsProps) {
getEntityEngineStats(props: GetEntityEngineStatsProps) {
return supertest
.post(replaceParams('/api/entity_store/engines/{entityType}/stats', props.params))
.set('kbn-xsrf', 'true')
@ -834,7 +834,7 @@ finalize it.
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
initEntityStore(props: InitEntityStoreProps) {
initEntityEngine(props: InitEntityEngineProps) {
return supertest
.post(replaceParams('/api/entity_store/engines/{entityType}/init', props.params))
.set('kbn-xsrf', 'true')
@ -891,7 +891,7 @@ finalize it.
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.query(props.query);
},
listEntityStoreEngines() {
listEntityEngines() {
return supertest
.get('/api/entity_store/engines')
.set('kbn-xsrf', 'true')
@ -1130,14 +1130,14 @@ detection engine rules.
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
.send(props.body as object);
},
startEntityStore(props: StartEntityStoreProps) {
startEntityEngine(props: StartEntityEngineProps) {
return supertest
.post(replaceParams('/api/entity_store/engines/{entityType}/start', props.params))
.set('kbn-xsrf', 'true')
.set(ELASTIC_HTTP_VERSION_HEADER, '2023-10-31')
.set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana');
},
stopEntityStore(props: StopEntityStoreProps) {
stopEntityEngine(props: StopEntityEngineProps) {
return supertest
.post(replaceParams('/api/entity_store/engines/{entityType}/stop', props.params))
.set('kbn-xsrf', 'true')
@ -1233,9 +1233,9 @@ export interface CreateUpdateProtectionUpdatesNoteProps {
export interface DeleteAssetCriticalityRecordProps {
query: DeleteAssetCriticalityRecordRequestQueryInput;
}
export interface DeleteEntityStoreProps {
query: DeleteEntityStoreRequestQueryInput;
params: DeleteEntityStoreRequestParamsInput;
export interface DeleteEntityEngineProps {
query: DeleteEntityEngineRequestQueryInput;
params: DeleteEntityEngineRequestParamsInput;
}
export interface DeleteNoteProps {
body: DeleteNoteRequestBodyInput;
@ -1330,11 +1330,11 @@ export interface GetEndpointSuggestionsProps {
params: GetEndpointSuggestionsRequestParamsInput;
body: GetEndpointSuggestionsRequestBodyInput;
}
export interface GetEntityStoreEngineProps {
params: GetEntityStoreEngineRequestParamsInput;
export interface GetEntityEngineProps {
params: GetEntityEngineRequestParamsInput;
}
export interface GetEntityStoreStatsProps {
params: GetEntityStoreStatsRequestParamsInput;
export interface GetEntityEngineStatsProps {
params: GetEntityEngineStatsRequestParamsInput;
}
export interface GetNotesProps {
query: GetNotesRequestQueryInput;
@ -1365,9 +1365,9 @@ export interface ImportRulesProps {
export interface ImportTimelinesProps {
body: ImportTimelinesRequestBodyInput;
}
export interface InitEntityStoreProps {
params: InitEntityStoreRequestParamsInput;
body: InitEntityStoreRequestBodyInput;
export interface InitEntityEngineProps {
params: InitEntityEngineRequestParamsInput;
body: InitEntityEngineRequestBodyInput;
}
export interface InstallPrepackedTimelinesProps {
body: InstallPrepackedTimelinesRequestBodyInput;
@ -1422,11 +1422,11 @@ export interface SetAlertsStatusProps {
export interface SetAlertTagsProps {
body: SetAlertTagsRequestBodyInput;
}
export interface StartEntityStoreProps {
params: StartEntityStoreRequestParamsInput;
export interface StartEntityEngineProps {
params: StartEntityEngineRequestParamsInput;
}
export interface StopEntityStoreProps {
params: StopEntityStoreRequestParamsInput;
export interface StopEntityEngineProps {
params: StopEntityEngineRequestParamsInput;
}
export interface SuggestUserProfilesProps {
query: SuggestUserProfilesRequestQueryInput;

242
x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/engine.ts Normal file
View file

@ -0,0 +1,242 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import { EntityType } from '@kbn/security-solution-plugin/common/api/entity_analytics/entity_store/common.gen';
import { FtrProviderContext } from '../../../../ftr_provider_context';
import { cleanEngines } from '../../utils';
export default ({ getService }: FtrProviderContext) => {
const api = getService('securitySolutionApi');
const es = getService('es');
const initEntityEngineForEntityType = async (entityType: EntityType) => {
return api
.initEntityEngine({
params: { entityType },
body: {},
})
.expect(200);
};
const expectTransformExists = async (transformId: string) => {
return expectTransformStatus(transformId, true);
};
const expectTransformNotFound = async (transformId: string, attempts: number = 5) => {
return expectTransformStatus(transformId, false);
};
const expectTransformStatus = async (
transformId: string,
exists: boolean,
attempts: number = 5,
delayMs: number = 2000
) => {
let currentAttempt = 1;
while (currentAttempt <= attempts) {
try {
await es.transform.getTransform({ transform_id: transformId });
if (!exists) {
throw new Error(`Expected transform ${transformId} to not exist, but it does`);
}
return; // Transform exists, exit the loop
} catch (e) {
if (currentAttempt === attempts) {
if (exists) {
throw new Error(`Expected transform ${transformId} to exist, but it does not: ${e}`);
} else {
return; // Transform does not exist, exit the loop
}
}
await new Promise((resolve) => setTimeout(resolve, delayMs));
currentAttempt++;
}
}
};
const expectTransformsExist = async (transformIds: string[]) =>
Promise.all(transformIds.map((id) => expectTransformExists(id)));
describe('@ess @serverless @skipInServerlessMKI Entity Store Engine APIs', () => {
before(async () => {
await cleanEngines({ getService });
});
describe('init', () => {
afterEach(async () => {
await cleanEngines({ getService });
});
it('should have installed the expected user resources', async () => {
await initEntityEngineForEntityType('user');
const expectedTransforms = [
'entities-v1-history-ea_default_user_entity_store',
'entities-v1-latest-ea_default_user_entity_store',
];
await expectTransformsExist(expectedTransforms);
});
it('should have installed the expected host resources', async () => {
await initEntityEngineForEntityType('host');
const expectedTransforms = [
'entities-v1-history-ea_default_host_entity_store',
'entities-v1-latest-ea_default_host_entity_store',
];
await expectTransformsExist(expectedTransforms);
});
});
describe('get and list', () => {
before(async () => {
await Promise.all([
initEntityEngineForEntityType('host'),
initEntityEngineForEntityType('user'),
]);
});
after(async () => {
await cleanEngines({ getService });
});
describe('get', () => {
it('should return the host entity engine', async () => {
const getResponse = await api
.getEntityEngine({
params: { entityType: 'host' },
})
.expect(200);
expect(getResponse.body).to.eql({
status: 'started',
type: 'host',
indexPattern:
'apm-*-transaction*,auditbeat-*,endgame-*,filebeat-*,logs-*,packetbeat-*,traces-apm*,winlogbeat-*,-*elastic-cloud-logs-*',
filter: '',
});
});
it('should return the user entity engine', async () => {
const getResponse = await api
.getEntityEngine({
params: { entityType: 'user' },
})
.expect(200);
expect(getResponse.body).to.eql({
status: 'started',
type: 'user',
indexPattern:
'apm-*-transaction*,auditbeat-*,endgame-*,filebeat-*,logs-*,packetbeat-*,traces-apm*,winlogbeat-*,-*elastic-cloud-logs-*',
filter: '',
});
});
});
describe('list', () => {
it('should return the list of entity engines', async () => {
const { body } = await api.listEntityEngines().expect(200);
// @ts-expect-error body is any
const sortedEngines = body.engines.sort((a, b) => a.type.localeCompare(b.type));
expect(sortedEngines).to.eql([
{
status: 'started',
type: 'host',
indexPattern:
'apm-*-transaction*,auditbeat-*,endgame-*,filebeat-*,logs-*,packetbeat-*,traces-apm*,winlogbeat-*,-*elastic-cloud-logs-*',
filter: '',
},
{
status: 'started',
type: 'user',
indexPattern:
'apm-*-transaction*,auditbeat-*,endgame-*,filebeat-*,logs-*,packetbeat-*,traces-apm*,winlogbeat-*,-*elastic-cloud-logs-*',
filter: '',
},
]);
});
});
});
describe('start and stop', () => {
before(async () => {
await initEntityEngineForEntityType('host');
});
after(async () => {
await cleanEngines({ getService });
});
it('should stop the entity engine', async () => {
await api
.stopEntityEngine({
params: { entityType: 'host' },
})
.expect(200);
const { body } = await api
.getEntityEngine({
params: { entityType: 'host' },
})
.expect(200);
expect(body.status).to.eql('stopped');
});
it('should start the entity engine', async () => {
await api
.startEntityEngine({
params: { entityType: 'host' },
})
.expect(200);
const { body } = await api
.getEntityEngine({
params: { entityType: 'host' },
})
.expect(200);
expect(body.status).to.eql('started');
});
});
describe('delete', () => {
it('should delete the host entity engine', async () => {
await initEntityEngineForEntityType('host');
await api
.deleteEntityEngine({
params: { entityType: 'host' },
query: { data: true },
})
.expect(200);
await expectTransformNotFound('entities-v1-history-ea_host_entity_store');
await expectTransformNotFound('entities-v1-latest-ea_host_entity_store');
});
it('should delete the user entity engine', async () => {
await initEntityEngineForEntityType('user');
await api
.deleteEntityEngine({
params: { entityType: 'user' },
query: { data: true },
})
.expect(200);
await expectTransformNotFound('entities-v1-history-ea_user_entity_store');
await expectTransformNotFound('entities-v1-latest-ea_user_entity_store');
});
});
});
};

1
x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/index.ts
View file

@ -10,5 +10,6 @@ import { FtrProviderContext } from '../../../../ftr_provider_context';
export default function ({ loadTestFile }: FtrProviderContext) {
describe('Entity Analytics - Entity Store', function () {
loadTestFile(require.resolve('./entities_list'));
loadTestFile(require.resolve('./engine'));
});
}

33
x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/entity_store.ts Normal file
View file

@ -0,0 +1,33 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { FtrProviderContext } from '../../../../api_integration/ftr_provider_context';
export const cleanEngines = async ({
getService,
}: {
getService: FtrProviderContext['getService'];
}) => {
const log = getService('log');
const api = getService('securitySolutionApi');
const { body } = await api.listEntityEngines().expect(200);
// @ts-expect-error body is any
const engineTypes = body.engines.map((engine) => engine.type);
log.info(`Cleaning engines: ${engineTypes.join(', ')}`);
try {
await Promise.all(
engineTypes.map((entityType: 'user' | 'host') =>
api.deleteEntityEngine({ params: { entityType }, query: { data: true } })
)
);
} catch (e) {
log.warning(`Error deleting engines: ${e.message}`);
}
};

1
x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/index.ts
View file

@ -8,3 +8,4 @@
export * from './risk_engine';
export * from './get_risk_engine_stats';
export * from './asset_criticality';
export * from './entity_store';