github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Security Solution] Fixes deleteSignalsIndex method used for FTR tests (#155926)

Browse source
This commit is contained in:
Davis Plumlee 2023-05-23 15:47:37 -04:00 committed by GitHub
parent 12401b2216
commit 0deffa4503
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
88 changed files with 263 additions and 204 deletions
Download patch file Download diff file Expand all files Collapse all files

4
x-pack/test/cases_api_integration/security_and_spaces/tests/common/cases/delete_cases.ts
View file

@ -66,7 +66,7 @@ import { User } from '../../../../common/lib/authentication/types';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
} from '../../../../../detection_engine_api_integration/utils';
// eslint-disable-next-line import/no-default-export
@ -250,7 +250,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
});

4
x-pack/test/cases_api_integration/security_and_spaces/tests/common/cases/patch_cases.ts
View file

@ -40,7 +40,7 @@ import {
} from '../../../../common/lib/api';
import {
createSignalsIndex,
deleteSignalsIndex,
deleteAllAlerts,
deleteAllRules,
getRuleForSignalTesting,
waitForRuleSuccess,
@ -794,7 +794,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
});

4
x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/delete_comment.ts
View file

@ -15,7 +15,7 @@ import {
} from '../../../../common/lib/alerts';
import {
createSignalsIndex,
deleteSignalsIndex,
deleteAllAlerts,
deleteAllRules,
} from '../../../../../detection_engine_api_integration/utils';
import { FtrProviderContext } from '../../../../common/ftr_provider_context';
@ -131,7 +131,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
});

4
x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/delete_comments.ts
View file

@ -15,7 +15,7 @@ import {
} from '../../../../common/lib/alerts';
import {
createSignalsIndex,
deleteSignalsIndex,
deleteAllAlerts,
deleteAllRules,
} from '../../../../../detection_engine_api_integration/utils';
import { FtrProviderContext } from '../../../../common/ftr_provider_context';
@ -133,7 +133,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
});

4
x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/post_comment.ts
View file

@ -45,7 +45,7 @@ import {
} from '../../../../common/lib/api';
import {
createSignalsIndex,
deleteSignalsIndex,
deleteAllAlerts,
deleteAllRules,
} from '../../../../../detection_engine_api_integration/utils';
import {
@ -435,7 +435,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
});

4
x-pack/test/cases_api_integration/security_and_spaces/tests/common/internal/bulk_create_attachments.ts
View file

@ -45,7 +45,7 @@ import {
} from '../../../../common/lib/api';
import {
createSignalsIndex,
deleteSignalsIndex,
deleteAllAlerts,
deleteAllRules,
} from '../../../../../detection_engine_api_integration/utils';
import {
@ -704,7 +704,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
});

5
x-pack/test/detection_engine_api_integration/basic/tests/create_rules.ts
View file

@ -13,7 +13,6 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
getSimpleRule,
getSimpleRuleOutput,
getSimpleRuleOutputWithoutRuleId,
@ -21,6 +20,7 @@ import {
removeServerGeneratedProperties,
removeServerGeneratedPropertiesIncludingRuleId,
getSimpleMlRule,
deleteAllAlerts,
} from '../../utils';
// eslint-disable-next-line import/no-default-export
@ -28,6 +28,7 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('create_rules', () => {
describe('creating rules', () => {
@ -44,7 +45,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/basic/tests/create_rules_bulk.ts
View file

@ -12,7 +12,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleOutput,
getSimpleRuleOutputWithoutRuleId,
@ -26,6 +26,7 @@ export default ({ getService }: FtrProviderContext): void => {
const esArchiver = getService('esArchiver');
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('create_rules_bulk', () => {
describe('creating rules in bulk', () => {
@ -42,7 +43,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/basic/tests/delete_rules.ts
View file

@ -13,7 +13,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleOutput,
getSimpleRuleOutputWithoutRuleId,
@ -26,6 +26,7 @@ import {
export default ({ getService }: FtrProviderContext): void => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('delete_rules', () => {
describe('deleting rules', () => {
@ -34,7 +35,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

7
x-pack/test/detection_engine_api_integration/basic/tests/delete_rules_bulk.ts
View file

@ -13,7 +13,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleOutput,
getSimpleRuleOutputWithoutRuleId,
@ -26,6 +26,7 @@ import {
export default ({ getService }: FtrProviderContext): void => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('delete_rules_bulk', () => {
describe('deleting rules bulk using DELETE', () => {
@ -34,7 +35,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});
@ -146,7 +147,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/basic/tests/export_rules.ts
View file

@ -14,7 +14,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleOutput,
removeServerGeneratedProperties,
@ -24,6 +24,7 @@ import {
export default ({ getService }: FtrProviderContext): void => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('export_rules', () => {
describe('exporting rules', () => {
@ -32,7 +33,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/basic/tests/find_rules.ts
View file

@ -13,7 +13,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getComplexRule,
getComplexRuleOutput,
getSimpleRule,
@ -25,6 +25,7 @@ import {
export default ({ getService }: FtrProviderContext): void => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('find_rules', () => {
beforeEach(async () => {
@ -32,7 +33,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/basic/tests/import_rules.ts
View file

@ -12,7 +12,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleAsNdjson,
getSimpleRuleOutput,
@ -24,6 +24,7 @@ import {
export default ({ getService }: FtrProviderContext): void => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('import_rules', () => {
describe('importing rules with an index', () => {
@ -32,7 +33,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/basic/tests/install_prepackaged_timelines.ts
View file

@ -13,7 +13,7 @@ import {
createSignalsIndex,
deleteAllRules,
deleteAllTimelines,
deleteSignalsIndex,
deleteAllAlerts,
waitFor,
} from '../../utils';
@ -30,7 +30,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllTimelines(es);
});

5
x-pack/test/detection_engine_api_integration/basic/tests/open_close_signals.ts
View file

@ -17,7 +17,6 @@ import { DetectionAlert } from '@kbn/security-solution-plugin/common/detection_e
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteSignalsIndex,
setSignalStatus,
getQuerySignalIds,
deleteAllRules,
@ -26,6 +25,7 @@ import {
getSignalsByIds,
waitForRuleSuccess,
getRuleForSignalTesting,
deleteAllAlerts,
} from '../../utils';
// eslint-disable-next-line import/no-default-export
@ -33,6 +33,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('open_close_signals', () => {
describe('tests with auditbeat data', () => {
@ -50,7 +51,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/basic/tests/patch_rules.ts
View file

@ -12,19 +12,20 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
getSimpleRule,
getSimpleRuleOutput,
removeServerGeneratedProperties,
removeServerGeneratedPropertiesIncludingRuleId,
getSimpleRuleOutputWithoutRuleId,
createRule,
deleteAllAlerts,
} from '../../utils';
// eslint-disable-next-line import/no-default-export
export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('patch_rules', () => {
describe('patch rules', () => {
@ -33,7 +34,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/basic/tests/patch_rules_bulk.ts
View file

@ -12,19 +12,20 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
getSimpleRule,
getSimpleRuleOutput,
removeServerGeneratedProperties,
getSimpleRuleOutputWithoutRuleId,
removeServerGeneratedPropertiesIncludingRuleId,
createRule,
deleteAllAlerts,
} from '../../utils';
// eslint-disable-next-line import/no-default-export
export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('patch_rules_bulk', () => {
describe('patch rules bulk', () => {
@ -33,7 +34,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

13
x-pack/test/detection_engine_api_integration/basic/tests/query_signals.ts
View file

@ -12,13 +12,14 @@ import {
ALERTS_AS_DATA_FIND_URL,
} from '@kbn/security-solution-plugin/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import { getSignalStatus, createSignalsIndex, deleteSignalsIndex } from '../../utils';
import { getSignalStatus, createSignalsIndex, deleteAllAlerts } from '../../utils';
// eslint-disable-next-line import/no-default-export
export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('query_signals_route and find_alerts_route', () => {
describe('validation checks', () => {
@ -43,7 +44,7 @@ export default ({ getService }: FtrProviderContext) => {
},
});
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
});
@ -54,7 +55,7 @@ export default ({ getService }: FtrProviderContext) => {
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/endpoint/resolver/signals');
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
it('should be able to filter old signals on host.os.name.caseless using runtime field', async () => {
@ -97,7 +98,7 @@ export default ({ getService }: FtrProviderContext) => {
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/endpoint/resolver/signals');
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
it('should be able to filter using a runtime field defined in the request', async () => {
@ -148,7 +149,7 @@ export default ({ getService }: FtrProviderContext) => {
},
});
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
it('should not give errors when executing security solution histogram aggs', async () => {
@ -213,7 +214,7 @@ export default ({ getService }: FtrProviderContext) => {
})
.expect(200);
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
});
});

5
x-pack/test/detection_engine_api_integration/basic/tests/read_rules.ts
View file

@ -13,7 +13,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleOutput,
getSimpleRuleOutputWithoutRuleId,
@ -26,6 +26,7 @@ import {
export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('read_rules', () => {
describe('reading rules', () => {
@ -34,7 +35,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/basic/tests/update_rules.ts
View file

@ -12,7 +12,6 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
getSimpleRuleOutput,
removeServerGeneratedProperties,
removeServerGeneratedPropertiesIncludingRuleId,
@ -21,12 +20,14 @@ import {
getSimpleMlRuleUpdate,
createRule,
getSimpleRule,
deleteAllAlerts,
} from '../../utils';
// eslint-disable-next-line import/no-default-export
export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('update_rules', () => {
describe('update rules', () => {
@ -35,7 +36,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/basic/tests/update_rules_bulk.ts
View file

@ -15,7 +15,6 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
getSimpleRuleOutput,
removeServerGeneratedProperties,
getSimpleRuleOutputWithoutRuleId,
@ -23,12 +22,14 @@ import {
getSimpleRuleUpdate,
createRule,
getSimpleRule,
deleteAllAlerts,
} from '../../utils';
// eslint-disable-next-line import/no-default-export
export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('update_rules_bulk', () => {
describe('update rules bulk', () => {
@ -37,7 +38,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/add_actions.ts
View file

@ -12,13 +12,13 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
removeServerGeneratedProperties,
getWebHookAction,
getRuleWithWebHookAction,
getSimpleRuleOutputWithWebHookAction,
waitForRuleSuccess,
createRule,
deleteAllAlerts,
} from '../../utils';
// eslint-disable-next-line import/no-default-export
@ -26,6 +26,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('add_actions', () => {
describe('adding actions', () => {
@ -42,7 +43,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/aliases.ts
View file

@ -12,7 +12,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -24,6 +24,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
interface HostAlias {
name: string;
@ -43,7 +44,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/check_privileges.ts
View file

@ -12,12 +12,12 @@ import { ThresholdRuleCreateProps } from '@kbn/security-solution-plugin/common/d
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteSignalsIndex,
deleteAllRules,
waitForRulePartialFailure,
getRuleForSignalTesting,
createRuleWithAuth,
getThresholdRuleForSignalTesting,
deleteAllAlerts,
} from '../../utils';
import { createUserAndRole, deleteUserAndRole } from '../../../common/services/security_solution';
@ -27,6 +27,7 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const log = getService('log');
const es = getService('es');
describe('check_privileges', () => {
before(async () => {
@ -38,7 +39,7 @@ export default ({ getService }: FtrProviderContext) => {
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
await esArchiver.unload('x-pack/test/functional/es_archives/security_solution/alias');
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
beforeEach(async () => {

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/create_index.ts
View file

@ -14,7 +14,7 @@ import {
import { SIGNALS_FIELD_ALIASES_VERSION } from '@kbn/security-solution-plugin/server/lib/detection_engine/routes/index/get_signals_template';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import { deleteSignalsIndex } from '../../utils';
import { deleteAllAlerts } from '../../utils';
// eslint-disable-next-line import/no-default-export
export default ({ getService }: FtrProviderContext) => {
@ -25,7 +25,7 @@ export default ({ getService }: FtrProviderContext) => {
describe('create_index', () => {
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
describe('elastic admin', () => {

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/create_rule_exceptions.ts
View file

@ -21,9 +21,9 @@ import {
createRule,
getSimpleRule,
createSignalsIndex,
deleteSignalsIndex,
deleteAllRules,
createExceptionList,
deleteAllAlerts,
} from '../../utils';
import {
deleteAllExceptions,
@ -48,6 +48,7 @@ const getRuleExceptionItemMock = (): CreateRuleExceptionListItemSchema => ({
export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('create_rule_exception_route', () => {
before(async () => {
@ -56,7 +57,7 @@ export default ({ getService }: FtrProviderContext) => {
after(async () => {
await deleteAllExceptions(supertest, log);
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

7
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/create_rules.ts
View file

@ -21,7 +21,6 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
getSimpleRule,
getSimpleRuleOutput,
getSimpleRuleOutputWithoutRuleId,
@ -38,6 +37,7 @@ import {
getThresholdRuleForSignalTesting,
waitForRulePartialFailure,
createRule,
deleteAllAlerts,
} from '../../utils';
import { createUserAndRole, deleteUserAndRole } from '../../../common/services/security_solution';
import {
@ -53,6 +53,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const log = getService('log');
const es = getService('es');
describe('create_rules', () => {
describe('creating rules', () => {
@ -69,7 +70,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});
@ -515,7 +516,7 @@ export default ({ getService }: FtrProviderContext) => {
);
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.unload(
'x-pack/test/functional/es_archives/security_solution/timestamp_override'

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/create_rules_bulk.ts
View file

@ -21,7 +21,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSimpleRule,
getSimpleRuleOutput,
@ -43,6 +43,7 @@ export default ({ getService }: FtrProviderContext): void => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('create_rules_bulk', () => {
describe('deprecations', () => {
@ -77,7 +78,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/delete_rules.ts
View file

@ -15,7 +15,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleOutput,
getSimpleRuleOutputWithoutRuleId,
@ -40,7 +40,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

6
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/delete_rules_bulk.ts
View file

@ -15,7 +15,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleOutput,
getSimpleRuleOutputWithoutRuleId,
@ -56,7 +56,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});
@ -168,7 +168,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/export_rules.ts
View file

@ -15,7 +15,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleOutput,
getWebHookAction,
@ -27,6 +27,7 @@ import {
export default ({ getService }: FtrProviderContext): void => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('export_rules', () => {
describe('exporting rules', () => {
@ -35,7 +36,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/find_rule_exception_references.ts
View file

@ -25,7 +25,7 @@ import {
createRule,
getSimpleRule,
createSignalsIndex,
deleteSignalsIndex,
deleteAllAlerts,
deleteAllRules,
createExceptionList,
} from '../../utils';
@ -35,6 +35,7 @@ import { deleteAllExceptions } from '../../../lists_api_integration/utils';
export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('find_rule_exception_references', () => {
before(async () => {
@ -42,7 +43,7 @@ export default ({ getService }: FtrProviderContext) => {
});
after(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/find_rules.ts
View file

@ -13,7 +13,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getComplexRule,
getComplexRuleOutput,
getSimpleRule,
@ -26,6 +26,7 @@ import {
export default ({ getService }: FtrProviderContext): void => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('find_rules', () => {
beforeEach(async () => {
@ -33,7 +34,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group1/update_actions.ts
View file

@ -14,7 +14,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
removeServerGeneratedProperties,
getRuleWithWebHookAction,
getSimpleRuleOutputWithWebHookAction,
@ -58,7 +58,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/create_signals_migrations.ts
View file

@ -19,7 +19,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteMigrations,
deleteSignalsIndex,
deleteAllAlerts,
getIndexNameFromLoad,
waitForIndexToPopulate,
} from '../../utils';
@ -77,7 +77,7 @@ export default ({ getService }: FtrProviderContext): void => {
kbnClient,
ids: createdMigrations.filter((m) => m?.migration_id).map((m) => m.migration_id),
});
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
it('returns the information necessary to finalize the migration', async () => {

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/delete_signals_migrations.ts
View file

@ -14,7 +14,7 @@ import {
} from '@kbn/security-solution-plugin/common/constants';
import { ROLES } from '@kbn/security-solution-plugin/common/test';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import { createSignalsIndex, deleteSignalsIndex, getIndexNameFromLoad, waitFor } from '../../utils';
import { createSignalsIndex, deleteAllAlerts, getIndexNameFromLoad, waitFor } from '../../utils';
import { createUserAndRole } from '../../../common/services/security_solution';
interface CreateResponse {
@ -79,7 +79,7 @@ export default ({ getService }: FtrProviderContext): void => {
afterEach(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/signals/outdated_signals_index');
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
it('returns the deleted migration SavedObjects', async () => {

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/finalize_signals_migrations.ts
View file

@ -17,7 +17,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteMigrations,
deleteSignalsIndex,
deleteAllAlerts,
getIndexNameFromLoad,
waitFor,
} from '../../utils';
@ -47,6 +47,7 @@ export default ({ getService }: FtrProviderContext): void => {
const supertest = getService('supertest');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const log = getService('log');
const es = getService('es');
const getSignalsMigrationStatus = async (query: any) => {
const { body } = await supertest
@ -102,7 +103,7 @@ export default ({ getService }: FtrProviderContext): void => {
kbnClient,
ids: createdMigrations.filter((m) => m?.migration_id).map((m) => m.migration_id),
});
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
it('replaces the original index alias with the migrated one', async () => {

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/get_rule_execution_results.ts
View file

@ -19,7 +19,7 @@ import {
createSignalsIndex,
deleteAllRules,
deleteAllEventLogExecutionEvents,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
indexEventLogExecutionEvents,
waitForEventLogExecuteComplete,
@ -49,7 +49,7 @@ export default ({ getService }: FtrProviderContext) => {
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
await esArchiver.unload('x-pack/test/functional/es_archives/security_solution/alias');
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
beforeEach(async () => {

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/get_signals_migration_status.ts
View file

@ -10,7 +10,7 @@ import expect from '@kbn/expect';
import { DETECTION_ENGINE_SIGNALS_MIGRATION_STATUS_URL } from '@kbn/security-solution-plugin/common/constants';
import { ROLES } from '@kbn/security-solution-plugin/common/test';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import { createSignalsIndex, deleteSignalsIndex, getIndexNameFromLoad } from '../../utils';
import { createSignalsIndex, deleteAllAlerts, getIndexNameFromLoad } from '../../utils';
import { createUserAndRole, deleteUserAndRole } from '../../../common/services/security_solution';
// eslint-disable-next-line import/no-default-export
@ -19,6 +19,7 @@ export default ({ getService }: FtrProviderContext): void => {
const supertest = getService('supertest');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const log = getService('log');
const es = getService('es');
const getSignalsMigrationStatus = async (query: any) => {
const { body } = await supertest
@ -44,7 +45,7 @@ export default ({ getService }: FtrProviderContext): void => {
afterEach(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/signals/legacy_signals_index');
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
it('returns no indexes if no signals exist in the specified range', async () => {

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/ignore_fields.ts
View file

@ -12,7 +12,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getEqlRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -51,6 +51,7 @@ export default ({ getService }: FtrProviderContext): void => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/security_solution/ignore_fields');
@ -65,7 +66,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/import_export_rules.ts
View file

@ -18,7 +18,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
} from '../../utils';
import { deleteAllExceptions } from '../../../lists_api_integration/utils';
@ -32,6 +32,7 @@ export default ({ getService }: FtrProviderContext): void => {
const supertest = getService('supertest');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const log = getService('log');
const es = getService('es');
describe('import_export_rules_flow', () => {
beforeEach(async () => {
@ -42,7 +43,7 @@ export default ({ getService }: FtrProviderContext): void => {
afterEach(async () => {
await deleteUserAndRole(getService, ROLES.soc_manager);
await deleteAllExceptions(supertest, log);
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

6
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/import_rules.ts
View file

@ -21,7 +21,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleAsNdjson,
getSimpleRuleOutput,
@ -198,7 +198,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});
it('should successfully import rules without actions when user has no actions privileges', async () => {
@ -485,7 +485,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

7
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/open_close_signals.ts
View file

@ -18,7 +18,7 @@ import { DetectionAlert } from '@kbn/security-solution-plugin/common/detection_e
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteSignalsIndex,
deleteAllAlerts,
setSignalStatus,
getSignalStatusEmptyResponse,
getQuerySignalIds,
@ -37,6 +37,7 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const log = getService('log');
const es = getService('es');
describe('open_close_signals', () => {
describe('validation checks', () => {
@ -66,7 +67,7 @@ export default ({ getService }: FtrProviderContext) => {
expect(body).to.eql(getSignalStatusEmptyResponse());
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
});
describe('tests with auditbeat data', () => {
@ -84,7 +85,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/patch_rules.ts
View file

@ -19,7 +19,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleOutput,
removeServerGeneratedProperties,
@ -52,7 +52,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/patch_rules_bulk.ts
View file

@ -14,7 +14,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleOutput,
removeServerGeneratedProperties,
@ -58,7 +58,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/perform_bulk_action.ts
View file

@ -26,7 +26,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getLegacyActionSO,
getSimpleMlRule,
getSimpleRule,
@ -81,7 +81,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts');
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/perform_bulk_action_dry_run.ts
View file

@ -18,7 +18,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleMlRule,
getSimpleRule,
installMockPrebuiltRules,
@ -48,7 +48,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/read_rules.ts
View file

@ -13,7 +13,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleOutput,
getSimpleRuleOutputWithoutRuleId,
@ -27,6 +27,7 @@ import {
export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
describe('read_rules', () => {
describe('reading rules', () => {
@ -35,7 +36,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/resolve_read_rules.ts
View file

@ -10,7 +10,7 @@ import expect from '@kbn/expect';
import { ALERTING_CASES_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server';
import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import { createSignalsIndex, deleteAllRules, deleteSignalsIndex } from '../../utils';
import { createSignalsIndex, deleteAllRules, deleteAllAlerts } from '../../utils';
const spaceId = '714-space';
@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.unload(
'x-pack/test/functional/es_archives/security_solution/resolve_read_rules/7_14'

7
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/runtime.ts
View file

@ -13,7 +13,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -25,6 +25,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
interface Runtime {
name: string;
@ -47,7 +48,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});
@ -94,7 +95,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.unload(
'x-pack/test/functional/es_archives/security_solution/runtime_conflicting_fields'

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/throttle.ts
View file

@ -17,7 +17,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getWebHookAction,
getRuleWithWebHookAction,
createRule,
@ -30,6 +30,7 @@ import {
export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const log = getService('log');
const es = getService('es');
/**
*
@ -51,7 +52,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

10
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/timestamps.ts
View file

@ -18,7 +18,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
createRule,
waitForRuleSuccess,
waitForSignalsToBePresent,
@ -54,7 +54,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.unload(
'x-pack/test/functional/es_archives/security_solution/timestamp_in_seconds'
@ -131,7 +131,7 @@ export default ({ getService }: FtrProviderContext) => {
*/
describe('Signals generated from events with timestamp override field', async () => {
beforeEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await createSignalsIndex(supertest, log);
await esArchiver.load(
'x-pack/test/functional/es_archives/security_solution/timestamp_override_1'
@ -148,7 +148,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.unload(
'x-pack/test/functional/es_archives/security_solution/timestamp_override_1'
@ -361,7 +361,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/update_rules.ts
View file

@ -19,7 +19,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRuleOutput,
removeServerGeneratedProperties,
removeServerGeneratedPropertiesIncludingRuleId,
@ -56,7 +56,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/update_rules_bulk.ts
View file

@ -21,7 +21,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRuleOutput,
removeServerGeneratedProperties,
getSimpleRuleUpdate,
@ -74,7 +74,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group2/create_endpoint_exceptions.ts
View file

@ -20,7 +20,7 @@ import {
createRuleWithExceptionEntries,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -72,6 +72,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule exception operators for endpoints', () => {
before(async () => {
@ -94,7 +95,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
await deleteListsIndex(supertest, log);

6
x-pack/test/detection_engine_api_integration/security_and_spaces/group3/create_exceptions.ts
View file

@ -27,7 +27,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleOutput,
removeServerGeneratedProperties,
@ -79,7 +79,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
});
@ -522,7 +522,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group4/telemetry/task_based/all_types.ts
View file

@ -10,7 +10,7 @@ import { FtrProviderContext } from '../../../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSecurityTelemetryStats,
removeTimeFieldsFromTelemetryStats,
} from '../../../../utils';
@ -22,6 +22,7 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const log = getService('log');
const retry = getService('retry');
const es = getService('es');
describe('All task telemetry types generically', async () => {
before(async () => {
@ -37,7 +38,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group4/telemetry/task_based/detection_rules.ts
View file

@ -15,7 +15,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRule,
getRuleForSignalTesting,
installMockPrebuiltRules,
@ -48,7 +48,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group4/telemetry/task_based/security_lists.ts
View file

@ -15,7 +15,7 @@ import { FtrProviderContext } from '../../../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSecurityTelemetryStats,
createExceptionListItem,
createExceptionList,
@ -29,6 +29,7 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const log = getService('log');
const retry = getService('retry');
const es = getService('es');
describe('Security lists task telemetry', async () => {
before(async () => {
@ -46,7 +47,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
});

10
x-pack/test/detection_engine_api_integration/security_and_spaces/group4/telemetry/usage_collector/all_types.ts
View file

@ -8,12 +8,7 @@
import expect from '@kbn/expect';
import { getInitialDetectionMetrics } from '@kbn/security-solution-plugin/server/usage/detections/get_initial_usage';
import type { FtrProviderContext } from '../../../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
getStats,
} from '../../../../utils';
import { createSignalsIndex, deleteAllRules, deleteAllAlerts, getStats } from '../../../../utils';
// eslint-disable-next-line import/no-default-export
export default ({ getService }: FtrProviderContext) => {
@ -21,6 +16,7 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const log = getService('log');
const retry = getService('retry');
const es = getService('es');
describe('Detection rule telemetry', async () => {
before(async () => {
@ -36,7 +32,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group4/telemetry/usage_collector/detection_rule_status.ts
View file

@ -24,7 +24,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getEqlRuleForSignalTesting,
getRuleForSignalTesting,
getSimpleThreatMatch,
@ -62,7 +62,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllEventLogExecutionEvents(es, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/group4/telemetry/usage_collector/detection_rules.ts
View file

@ -21,7 +21,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getEqlRuleForSignalTesting,
getRule,
getRuleForSignalTesting,
@ -62,7 +62,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllEventLogExecutionEvents(es, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group5/keyword_family/const_keyword.ts
View file

@ -17,7 +17,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getEqlRuleForSignalTesting,
getRuleForSignalTesting,
getSignalsById,
@ -31,6 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule detects against a keyword of event.dataset', () => {
before(async () => {
@ -48,7 +49,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group5/keyword_family/keyword.ts
View file

@ -18,7 +18,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getEqlRuleForSignalTesting,
getRuleForSignalTesting,
getSignalsById,
@ -32,6 +32,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule detects against a keyword of event.dataset', () => {
before(async () => {
@ -47,7 +48,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group5/keyword_family/keyword_mixed_with_const.ts
View file

@ -17,7 +17,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getEqlRuleForSignalTesting,
getRuleForSignalTesting,
getSignalsById,
@ -30,6 +30,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule detects against a keyword and constant_keyword of event.dataset', () => {
before(async () => {
@ -49,7 +50,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

15
x-pack/test/detection_engine_api_integration/security_and_spaces/group6/alerts/alerts_compatibility.ts
View file

@ -24,7 +24,7 @@ import {
createRule,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
finalizeSignalsMigration,
getEqlRuleForSignalTesting,
getRuleForSignalTesting,
@ -45,6 +45,7 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const log = getService('log');
const supertest = getService('supertest');
const es = getService('es');
describe('Alerts Compatibility', function () {
describe('CTI', () => {
@ -69,7 +70,7 @@ export default ({ getService }: FtrProviderContext) => {
await esArchiver.unload(
'x-pack/test/functional/es_archives/security_solution/legacy_cti_signals'
);
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});
@ -218,7 +219,7 @@ export default ({ getService }: FtrProviderContext) => {
await esArchiver.unload(
'x-pack/test/functional/es_archives/security_solution/alerts/7.16.0'
);
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});
@ -553,7 +554,7 @@ export default ({ getService }: FtrProviderContext) => {
await esArchiver.unload(
'x-pack/test/functional/es_archives/security_solution/alerts/7.16.0'
);
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});
@ -596,7 +597,7 @@ export default ({ getService }: FtrProviderContext) => {
await esArchiver.unload(
'x-pack/test/functional/es_archives/security_solution/alerts/7.16.0'
);
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});
@ -604,7 +605,6 @@ export default ({ getService }: FtrProviderContext) => {
const rule: EqlRuleCreateProps = {
...getEqlRuleForSignalTesting(['.siem-signals-*']),
query: 'any where agent.name == "security-linux-1.example.dev"',
max_signals: 1000,
};
const { id } = await createRule(supertest, log, rule);
await waitForRuleSuccess({ supertest, log, id });
@ -619,7 +619,6 @@ export default ({ getService }: FtrProviderContext) => {
const rule: EqlRuleCreateProps = {
...getEqlRuleForSignalTesting([`.alerts-security.alerts-default`]),
query: 'any where agent.name == "security-linux-1.example.dev"',
max_signals: 1000,
};
const { id } = await createRule(supertest, log, rule);
await waitForRuleSuccess({ supertest, log, id });
@ -641,7 +640,7 @@ export default ({ getService }: FtrProviderContext) => {
await esArchiver.unload(
'x-pack/test/functional/es_archives/security_solution/alerts/7.16.0'
);
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group7/exception_operators_data_types/date.ts
View file

@ -19,7 +19,7 @@ import {
createRuleWithExceptionEntries,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -31,6 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule exception operators for data type date', () => {
before(async () => {
@ -47,7 +48,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
await deleteListsIndex(supertest, log);

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group7/exception_operators_data_types/double.ts
View file

@ -19,7 +19,7 @@ import {
createRuleWithExceptionEntries,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -31,6 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule exception operators for data type double', () => {
before(async () => {
@ -51,7 +52,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
await deleteListsIndex(supertest, log);

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group7/exception_operators_data_types/float.ts
View file

@ -19,7 +19,7 @@ import {
createRuleWithExceptionEntries,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -31,6 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule exception operators for data type float', () => {
before(async () => {
@ -49,7 +50,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
await deleteListsIndex(supertest, log);

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group7/exception_operators_data_types/integer.ts
View file

@ -19,7 +19,7 @@ import {
createRuleWithExceptionEntries,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -31,6 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule exception operators for data type integer', () => {
before(async () => {
@ -51,7 +52,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
await deleteListsIndex(supertest, log);

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group8/exception_operators_data_types/keyword.ts
View file

@ -19,7 +19,7 @@ import {
createRuleWithExceptionEntries,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -31,6 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule exception operators for data type keyword', () => {
before(async () => {
@ -47,7 +48,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
await deleteListsIndex(supertest, log);

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group8/exception_operators_data_types/keyword_array.ts
View file

@ -19,7 +19,7 @@ import {
createRuleWithExceptionEntries,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -31,6 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule exception operators for data type keyword', () => {
before(async () => {
@ -49,7 +50,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
await deleteListsIndex(supertest, log);

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group8/exception_operators_data_types/long.ts
View file

@ -19,7 +19,7 @@ import {
createRuleWithExceptionEntries,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -31,6 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule exception operators for data type long', () => {
before(async () => {
@ -49,7 +50,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
await deleteListsIndex(supertest, log);

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group8/exception_operators_data_types/text.ts
View file

@ -20,7 +20,7 @@ import {
createRuleWithExceptionEntries,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -32,6 +32,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule exception operators for data type text', () => {
before(async () => {
@ -50,7 +51,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
await deleteListsIndex(supertest, log);

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group9/exception_operators_data_types/ip.ts
View file

@ -19,7 +19,7 @@ import {
createRuleWithExceptionEntries,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -31,6 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule exception operators for data type ip', () => {
before(async () => {
@ -47,7 +48,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
await deleteListsIndex(supertest, log);

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group9/exception_operators_data_types/ip_array.ts
View file

@ -19,7 +19,7 @@ import {
createRuleWithExceptionEntries,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -31,6 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule exception operators for data type ip', () => {
before(async () => {
@ -47,7 +48,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
await deleteListsIndex(supertest, log);

5
x-pack/test/detection_engine_api_integration/security_and_spaces/group9/exception_operators_data_types/text_array.ts
View file

@ -19,7 +19,7 @@ import {
createRuleWithExceptionEntries,
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getRuleForSignalTesting,
getSignalsById,
waitForRuleSuccess,
@ -31,6 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const esArchiver = getService('esArchiver');
const log = getService('log');
const es = getService('es');
describe('Rule exception operators for data type text', () => {
before(async () => {
@ -47,7 +48,7 @@ export default ({ getService }: FtrProviderContext) => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await deleteAllExceptions(supertest, log);
await deleteListsIndex(supertest, log);

4
x-pack/test/detection_engine_api_integration/security_and_spaces/rule_execution_logic/eql.ts
View file

@ -30,7 +30,7 @@ import { getMaxSignalsWarning } from '@kbn/security-solution-plugin/server/lib/d
import {
createRule,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getEqlRuleForSignalTesting,
getOpenSignals,
getPreviewAlerts,
@ -58,7 +58,7 @@ export default ({ getService }: FtrProviderContext) => {
await esArchiver.unload(
'x-pack/test/functional/es_archives/security_solution/timestamp_override_6'
);
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/rule_execution_logic/machine_learning.ts
View file

@ -35,7 +35,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createRule,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
executeSetupModuleRequest,
forceStartDatafeeds,
getOpenSignals,
@ -78,7 +78,7 @@ export default ({ getService }: FtrProviderContext) => {
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
await esArchiver.unload('x-pack/test/functional/es_archives/security_solution/anomalies');
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/rule_execution_logic/new_terms.ts
View file

@ -19,7 +19,7 @@ import { getMaxSignalsWarning } from '@kbn/security-solution-plugin/server/lib/d
import {
createRule,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getOpenSignals,
getPreviewAlerts,
previewRule,
@ -86,7 +86,7 @@ export default ({ getService }: FtrProviderContext) => {
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
await esArchiver.unload('x-pack/test/functional/es_archives/security_solution/new_terms');
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/rule_execution_logic/non_ecs_fields.ts
View file

@ -8,7 +8,7 @@
import expect from 'expect';
import {
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getPreviewAlerts,
getRuleForSignalTesting,
previewRule,
@ -68,7 +68,7 @@ export default ({ getService }: FtrProviderContext) => {
await esArchiver.unload(
'x-pack/test/functional/es_archives/security_solution/ecs_non_compliant'
);
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/rule_execution_logic/query.ts
View file

@ -44,7 +44,7 @@ import {
createExceptionListItem,
createRule,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getOpenSignals,
getPreviewAlerts,
getRuleForSignalTesting,
@ -92,7 +92,7 @@ export default ({ getService }: FtrProviderContext) => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
await esArchiver.unload('x-pack/test/functional/es_archives/security_solution/alerts/8.1.0');
await esArchiver.unload('x-pack/test/functional/es_archives/signals/severity_risk_overrides');
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es, ['.preview.alerts-security.alerts-*']);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/rule_execution_logic/saved_query.ts
View file

@ -19,7 +19,7 @@ import {
import {
createRule,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getOpenSignals,
getRuleForSignalTesting,
} from '../../utils';
@ -45,7 +45,7 @@ export default ({ getService }: FtrProviderContext) => {
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

4
x-pack/test/detection_engine_api_integration/security_and_spaces/rule_execution_logic/threat_match.ts
View file

@ -39,7 +39,7 @@ import {
previewRule,
getOpenSignals,
getPreviewAlerts,
deleteSignalsIndex,
deleteAllAlerts,
deleteAllRules,
createRule,
} from '../../utils';
@ -155,7 +155,7 @@ export default ({ getService }: FtrProviderContext) => {
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

7
x-pack/test/detection_engine_api_integration/security_and_spaces/tests/import_rules.ts
View file

@ -20,7 +20,7 @@ import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
deleteAllRules,
deleteSignalsIndex,
deleteAllAlerts,
getSimpleRule,
getSimpleRuleAsNdjson,
getSimpleRuleOutput,
@ -98,6 +98,7 @@ export default ({ getService }: FtrProviderContext): void => {
const log = getService('log');
const esArchiver = getService('esArchiver');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const es = getService('es');
describe('import_rules', () => {
describe('importing rules with different roles', () => {
@ -114,7 +115,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});
it('should successfully import rules without actions when user has no actions privileges', async () => {
@ -239,7 +240,7 @@ export default ({ getService }: FtrProviderContext): void => {
});
afterEach(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
});

24
x-pack/test/detection_engine_api_integration/utils/delete_signals_index.ts → x-pack/test/detection_engine_api_integration/utils/delete_all_alerts.ts
View file

@ -7,25 +7,39 @@
import type SuperTest from 'supertest';
import type { ToolingLog } from '@kbn/tooling-log';
import type { Client } from '@elastic/elasticsearch';
import { DETECTION_ENGINE_INDEX_URL } from '@kbn/security-solution-plugin/common/constants';
import { countDownTest } from './count_down_test';
/**
* Deletes the signals index for use inside of afterEach blocks of tests
* @param supertest The supertest client library
* Deletes all alerts from a given index or indices, defaults to `.alerts-security.alerts-*`
* For use inside of afterEach blocks of tests
*/
export const deleteSignalsIndex = async (
export const deleteAllAlerts = async (
supertest: SuperTest.SuperTest<SuperTest.Test>,
log: ToolingLog
log: ToolingLog,
es: Client,
index: Array<'.alerts-security.alerts-*' | '.preview.alerts-security.alerts-*'> = [
'.alerts-security.alerts-*',
]
): Promise<void> => {
await countDownTest(
async () => {
await supertest.delete(DETECTION_ENGINE_INDEX_URL).set('kbn-xsrf', 'true').send();
await es.deleteByQuery({
index,
body: {
query: {
match_all: {},
},
},
refresh: true,
});
return {
passed: true,
};
},
'deleteSignalsIndex',
'deleteAllAlerts',
log
);
};

2
x-pack/test/detection_engine_api_integration/utils/index.ts
View file

@ -21,11 +21,11 @@ export * from './create_signals_index';
export * from './delete_all_rules';
export * from './delete_all_event_log_execution_events';
export * from './delete_all_rule_execution_info';
export * from './delete_all_alerts';
export * from './delete_all_timelines';
export * from './delete_exception_list';
export * from './delete_migrations';
export * from './delete_rule';
export * from './delete_signals_index';
export * from './downgrade_immutable_rule';
export * from './finalize_signals_migration';
export * from './find_immutable_rule_by_id';

5
x-pack/test/rule_registry/security_and_spaces/tests/basic/search_strategy.ts
View file

@ -11,7 +11,7 @@ import { RuleRegistrySearchResponse } from '@kbn/rule-registry-plugin/common/sea
import { QueryRuleCreateProps } from '@kbn/security-solution-plugin/common/detection_engine/rule_schema';
import { FtrProviderContext } from '../../../common/ftr_provider_context';
import {
deleteSignalsIndex,
deleteAllAlerts,
createSignalsIndex,
deleteAllRules,
getRuleForSignalTesting,
@ -40,6 +40,7 @@ export default ({ getService }: FtrProviderContext) => {
const secureBsearch = getService('secureBsearch');
const log = getService('log');
const kbnClient = getService('kibanaServer');
const es = getService('es');
const SPACE1 = 'space1';
@ -129,7 +130,7 @@ export default ({ getService }: FtrProviderContext) => {
});
after(async () => {
await deleteSignalsIndex(supertest, log);
await deleteAllAlerts(supertest, log, es);
await deleteAllRules(supertest, log);
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
await esArchiver.unload('x-pack/test/functional/es_archives/observability/alerts');