github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.x] [Entity Store] Aligning mappings with ECS (#199001) (#199283)

Browse source 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Entity Store] Aligning mappings with ECS
(#199001)](https://github.com/elastic/kibana/pull/199001)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Tiago Vila
Verde","email":"tiago.vilaverde@elastic.co"},"sourceCommit":{"committedDate":"2024-11-07T10:06:59Z","message":"[Entity
Store] Aligning mappings with ECS (#199001)\n\n## Summary\r\n\r\nThis PR
corrects some of the mappings set in the component template to\r\nfollow
ECS guidelines.\r\n\r\n#### How to test\r\n\r\nInitialise an entity
engine via devtools:\r\n```\r\nPOST
kbn:/api/entity_store/engines/host/init\r\n{}\r\n```\r\n\r\nCheck the
mappings with:\r\n```\r\nGET
.entities.v1.latest.security_<entityType>_default/_mapping\r\n```","sha":"3fff48a2cad951cfc531e0f61e9939ae4436a77b","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Entity
Analytics","v8.16.0","backport:version","v8.17.0"],"title":"[Entity
Store] Aligning mappings with
ECS","number":199001,"url":"https://github.com/elastic/kibana/pull/199001","mergeCommit":{"message":"[Entity
Store] Aligning mappings with ECS (#199001)\n\n## Summary\r\n\r\nThis PR
corrects some of the mappings set in the component template to\r\nfollow
ECS guidelines.\r\n\r\n#### How to test\r\n\r\nInitialise an entity
engine via devtools:\r\n```\r\nPOST
kbn:/api/entity_store/engines/host/init\r\n{}\r\n```\r\n\r\nCheck the
mappings with:\r\n```\r\nGET
.entities.v1.latest.security_<entityType>_default/_mapping\r\n```","sha":"3fff48a2cad951cfc531e0f61e9939ae4436a77b"}},"sourceBranch":"main","suggestedTargetBranches":["8.16","8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199001","number":199001,"mergeCommit":{"message":"[Entity
Store] Aligning mappings with ECS (#199001)\n\n## Summary\r\n\r\nThis PR
corrects some of the mappings set in the component template to\r\nfollow
ECS guidelines.\r\n\r\n#### How to test\r\n\r\nInitialise an entity
engine via devtools:\r\n```\r\nPOST
kbn:/api/entity_store/engines/host/init\r\n{}\r\n```\r\n\r\nCheck the
mappings with:\r\n```\r\nGET
.entities.v1.latest.security_<entityType>_default/_mapping\r\n```","sha":"3fff48a2cad951cfc531e0f61e9939ae4436a77b"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Tiago Vila Verde <tiago.vilaverde@elastic.co>
This commit is contained in:
Kibana Machine 2024-11-07 23:10:38 +11:00 committed by GitHub
parent ce0e63b2b9
commit 27c3d9a6dc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 60 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

2
x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/entities_list.test.tsx
View file

@ -109,7 +109,7 @@ describe('EntitiesList', () => {
fireEvent.click(columnHeader);
expect(mockUseEntitiesListQuery).toHaveBeenCalledWith(
expect.objectContaining({
sortField: 'entity.name.text',
sortField: 'entity.name',
sortOrder: 'asc',
})
);

2
x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_columns.tsx
View file

@ -79,7 +79,7 @@ export const useEntitiesListColumns = (): EntitiesListColumns => {
width: '5%',
},
{
field: 'entity.name.text',
field: 'entity.name',
name: (
<FormattedMessage
id="xpack.securitySolution.entityAnalytics.entityStore.entitiesList.nameColumn.title"

4
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/constants.ts
View file

@ -15,10 +15,10 @@ export const BASE_ENTITY_INDEX_MAPPING: MappingProperties = {
type: 'keyword',
},
'entity.name': {
type: 'text',
type: 'keyword',
fields: {
text: {
type: 'keyword',
type: 'match_only_text',
},
},
},

12
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/entity_types/host.ts
View file

@ -18,7 +18,17 @@ export const getHostUnitedDefinition: UnitedDefinitionBuilder = (fieldHistoryLen
collect({ field: 'host.domain' }),
collect({ field: 'host.hostname' }),
collect({ field: 'host.id' }),
collect({ field: 'host.os.name' }),
collect({
field: 'host.os.name',
mapping: {
type: 'keyword',
fields: {
text: {
type: 'match_only_text',
},
},
},
}),
collect({ field: 'host.os.type' }),
collect({
field: 'host.ip',

12
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/entity_types/user.ts
View file

@ -16,7 +16,17 @@ export const getUserUnitedDefinition: UnitedDefinitionBuilder = (fieldHistoryLen
fields: [
collect({ field: 'user.domain' }),
collect({ field: 'user.email' }),
collect({ field: 'user.full_name' }),
collect({
field: 'user.full_name',
mapping: {
type: 'keyword',
fields: {
text: {
type: 'match_only_text',
},
},
},
}),
collect({ field: 'user.hash' }),
collect({ field: 'user.id' }),
collect({ field: 'user.roles' }),

28
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/get_united_definition.test.ts
View file

@ -32,10 +32,10 @@ describe('getUnitedEntityDefinition', () => {
"entity.name": Object {
"fields": Object {
"text": Object {
"type": "keyword",
"type": "match_only_text",
},
},
"type": "text",
"type": "keyword",
},
"entity.source": Object {
"type": "keyword",
@ -59,9 +59,19 @@ describe('getUnitedEntityDefinition', () => {
"type": "keyword",
},
"host.name": Object {
"fields": Object {
"text": Object {
"type": "match_only_text",
},
},
"type": "keyword",
},
"host.os.name": Object {
"fields": Object {
"text": Object {
"type": "match_only_text",
},
},
"type": "keyword",
},
"host.os.type": Object {
@ -335,10 +345,10 @@ describe('getUnitedEntityDefinition', () => {
"entity.name": Object {
"fields": Object {
"text": Object {
"type": "keyword",
"type": "match_only_text",
},
},
"type": "text",
"type": "keyword",
},
"entity.source": Object {
"type": "keyword",
@ -350,6 +360,11 @@ describe('getUnitedEntityDefinition', () => {
"type": "keyword",
},
"user.full_name": Object {
"fields": Object {
"text": Object {
"type": "match_only_text",
},
},
"type": "keyword",
},
"user.hash": Object {
@ -359,6 +374,11 @@ describe('getUnitedEntityDefinition', () => {
"type": "keyword",
},
"user.name": Object {
"fields": Object {
"text": Object {
"type": "match_only_text",
},
},
"type": "keyword",
},
"user.risk.calculated_level": Object {

10
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/united_entity_definition.ts
View file

@ -94,6 +94,11 @@ export class UnitedEntityDefinition {
...BASE_ENTITY_INDEX_MAPPING,
[identityField]: {
type: 'keyword',
fields: {
text: {
type: 'match_only_text',
},
},
},
};
@ -107,6 +112,11 @@ export class UnitedEntityDefinition {
properties[identityField] = {
type: 'keyword',
fields: {
text: {
type: 'match_only_text',
},
},
};
return {