mirror of
https://github.com/elastic/kibana.git
synced 2025-04-24 17:59:23 -04:00
add host tests
This commit is contained in:
kubasobon
parent
5ce6ce575f
commit
4ef84684a7
1 changed files with 106 additions and 6 deletions
|
|
@ -28,7 +28,7 @@ export default function (providerContext: FtrProviderContext) {
|
|||
const dataView = dataViewRouteHelpersFactory(supertest);
|
||||
const utils = EntityStoreUtils(providerContext.getService);
|
||||
|
||||
describe('Host transform logic', () => {
|
||||
describe('@ess Host transform logic', () => {
|
||||
describe('Entity Store is not installed by default', () => {
|
||||
it("Should return 200 and status 'not_installed'", async () => {
|
||||
const { body } = await supertest.get('/api/entity_store/status').expect(200);
|
||||
|
|
@ -46,7 +46,14 @@ export default function (providerContext: FtrProviderContext) {
|
|||
await dataView.create('security-solution');
|
||||
// Create a test index matching transform's pattern to store test documents
|
||||
await es.indices.createDataStream({ name: DATASTREAM_NAME });
|
||||
});
|
||||
|
||||
after(async () => {
|
||||
await es.indices.deleteDataStream({ name: DATASTREAM_NAME });
|
||||
await dataView.delete('security-solution');
|
||||
});
|
||||
|
||||
beforeEach(async () => {
|
||||
// Now we can enable the Entity Store...
|
||||
const response = await supertest
|
||||
.post('/api/entity_store/enable')
|
||||
|
|
@ -66,11 +73,6 @@ export default function (providerContext: FtrProviderContext) {
|
|||
});
|
||||
});
|
||||
|
||||
after(async () => {
|
||||
await es.indices.deleteDataStream({ name: DATASTREAM_NAME });
|
||||
await dataView.delete('security-solution');
|
||||
});
|
||||
|
||||
afterEach(async () => {
|
||||
await utils.cleanEngines();
|
||||
});
|
||||
|
|
@ -151,10 +153,108 @@ export default function (providerContext: FtrProviderContext) {
|
|||
}
|
||||
);
|
||||
});
|
||||
|
||||
|
||||
it('Should successfully collect all expected fields', async () => {
|
||||
const HOST_NAME: string = 'host-transform-test-ip';
|
||||
const DOMAIN: string[] = ['example.com', 'sub.example.com'];
|
||||
const HOST_HOSTNAME: string[] = ['example.com', 'example.com'];
|
||||
const IDs: string[] = ['alpha', 'beta'];
|
||||
const OS_NAMES: string = ['ubuntu', 'macos'];
|
||||
const OS_TYPES: string = ['linux', 'darwin'];
|
||||
const MAC: string = ['abc', 'def'];
|
||||
const ARCH: string = ['x86-64', 'arm64'];
|
||||
const IPs: string[] = ['1.1.1.1', '2.2.2.2'];
|
||||
const { count, transforms } = await es.transform.getTransformStats({
|
||||
transform_id: HOST_TRANSFORM_ID,
|
||||
});
|
||||
expect(count).to.eql(1);
|
||||
let transform = transforms[0];
|
||||
expect(transform.id).to.eql(HOST_TRANSFORM_ID);
|
||||
const triggerCount: number = transform.stats.trigger_count;
|
||||
const docsProcessed: number = transform.stats.documents_processed;
|
||||
|
||||
// Create two documents with the same host.name, different IPs
|
||||
for (let i = 0; i < 2; i++) {
|
||||
const { result } = await es.index(
|
||||
buildHostTransformDocument(HOST_NAME, {
|
||||
domain: DOMAIN[i],
|
||||
hostname: HOST_HOSTNAME[i],
|
||||
id: IDs[i],
|
||||
os: {
|
||||
name: OS_NAMES[i],
|
||||
type: OS_TYPES[i],
|
||||
},
|
||||
mac: MAC[i],
|
||||
architecture: ARCH[i],
|
||||
ip: IPs[i],
|
||||
}),
|
||||
);
|
||||
expect(result).to.eql('created');
|
||||
}
|
||||
|
||||
// Trigger the transform manually
|
||||
const { acknowledged } = await es.transform.scheduleNowTransform({
|
||||
transform_id: HOST_TRANSFORM_ID,
|
||||
});
|
||||
expect(acknowledged).to.be(true);
|
||||
|
||||
await retry.waitForWithTimeout('Transform to run again', TIMEOUT_MS, async () => {
|
||||
const response = await es.transform.getTransformStats({
|
||||
transform_id: HOST_TRANSFORM_ID,
|
||||
});
|
||||
transform = response.transforms[0];
|
||||
expect(transform.stats.trigger_count).to.greaterThan(triggerCount);
|
||||
expect(transform.stats.documents_processed).to.greaterThan(docsProcessed);
|
||||
return true;
|
||||
});
|
||||
|
||||
await retry.waitForWithTimeout(
|
||||
'Document to be processed and transformed',
|
||||
TIMEOUT_MS,
|
||||
async () => {
|
||||
const result = await es.search({
|
||||
index: INDEX_NAME,
|
||||
query: {
|
||||
term: {
|
||||
'host.name': HOST_NAME,
|
||||
},
|
||||
},
|
||||
});
|
||||
const total = result.hits.total as SearchTotalHits;
|
||||
expect(total.value).to.eql(1);
|
||||
const hit = result.hits.hits[0] as SearchHit<Ecs>;
|
||||
expect(hit._source).ok();
|
||||
|
||||
expect(hit._source?.host?.name).to.eql(HOST_NAME);
|
||||
expectFieldToEqualValues(hit._source?.host?.domain, DOMAIN);
|
||||
expectFieldToEqualValues(hit._source?.host?.domain, DOMAIN);
|
||||
expectFieldToEqualValues(hit._source?.host?.hostname, ['example.com']);
|
||||
expectFieldToEqualValues(hit._source?.host?.id, IDs);
|
||||
expectFieldToEqualValues(hit._source?.host?.os?.name, OS_NAMES);
|
||||
expectFieldToEqualValues(hit._source?.host?.os?.type, OS_TYPES);
|
||||
expectFieldToEqualValues(hit._source?.host?.ip, IPs);
|
||||
expectFieldToEqualValues(hit._source?.host?.mac, MAC);
|
||||
expectFieldToEqualValues(hit._source?.host?.architecture, ARCH);
|
||||
|
||||
return true;
|
||||
}
|
||||
);
|
||||
});
|
||||
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
function expectFieldToEqualValues(field: string[], values: string[]) {
|
||||
expect(field.length).to.eql(values.length)
|
||||
const sortedField: string[] = field.sort((a, b) => a > b ? 1 : -1);
|
||||
const sortedValues: string[] = values.sort((a, b) => a > b ? 1 : -1);
|
||||
for (let i = 0; i < sortedField.length; i++) {
|
||||
expect(sortedField[i]).to.eql(sortedValues[i]);
|
||||
}
|
||||
}
|
||||
|
||||
function buildHostTransformDocument(name: string, host: EcsHost): IndexRequest {
|
||||
host.name = name;
|
||||
// Get timestamp without the millisecond part
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue