github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 09:19:04 -04:00
Code Issues Projects Releases Packages Wiki Activity

[SIEM] fix bug that fails to match index patterns with leading wildcard (#49735) (#49787)

Browse source
This commit is contained in:
Steph Milovic 2019-10-30 15:32:36 -06:00 committed by GitHub
parent 45559b5c8a
commit 1d0c5546c5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

15
x-pack/legacy/plugins/siem/server/utils/beat_schema/index.test.ts
View file

@ -6,7 +6,7 @@
import { cloneDeep, isArray } from 'lodash/fp';
import { convertSchemaToAssociativeArray, getIndexSchemaDoc } from '.';
import { convertSchemaToAssociativeArray, getIndexSchemaDoc, getIndexAlias } from '.';
import { auditbeatSchema, filebeatSchema, packetbeatSchema } from './8.0.0';
import { Schema } from './type';
@ -657,4 +657,17 @@ describe('Schema Beat', () => {
]);
});
});
describe('getIndexAlias', () => {
test('getIndexAlias handles values with leading wildcard', () => {
const leadingWildcardIndex = '*-auditbeat-*';
const result = getIndexAlias([leadingWildcardIndex], leadingWildcardIndex);
expect(result).toBe(leadingWildcardIndex);
});
test('getIndexAlias no match returns "unknown" string', () => {
const index = 'auditbeat-*';
const result = getIndexAlias([index], 'hello');
expect(result).toBe('unknown');
});
});
});

2
x-pack/legacy/plugins/siem/server/utils/beat_schema/index.ts
View file

@ -77,7 +77,7 @@ const convertFieldsToAssociativeArray = (
: {};
export const getIndexAlias = (defaultIndex: string[], indexName: string): string => {
const found = defaultIndex.find(index => indexName.match(index) != null);
const found = defaultIndex.find(index => `\\${indexName}`.match(`\\${index}`) != null);
if (found != null) {
return found;
} else {