github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

[SecuritySolution] Remove duplicated serverless tests (#188855)

Browse source 
## Summary

1. Apply https://github.com/elastic/kibana/pull/185870 for Security
Solution Explore and Investigation tests.
2. Remove duplicated tests.
3. Investigation/timeline/serverless tests are skipped atm.

How to run the api integration tests (Use Investigation Timeline ESS as
an example)
```
cd x-pack

node scripts/functional_tests_server.js --config ./test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts

// After server is started, open another terminal

cd x-pack

node ../scripts/functional_test_runner --config=test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts
```

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
Angela Chuang 2024-08-06 12:59:50 +01:00 committed by GitHub
parent 0eea85e869
commit 644e8187f7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
63 changed files with 244 additions and 1826 deletions
Download patch file Download diff file Expand all files Collapse all files

2
test/common/services/bsearch.ts
View file

@ -39,7 +39,7 @@ const getSpaceUrlPrefix = (spaceId?: string): string => {
/**
* Options for the send method
*/
interface SendOptions {
export interface SendOptions {
supertest: SuperTest.Agent;
options: object;
strategy: string;

8
x-pack/test/security_solution_api_integration/config/services/security_solution_ess_utils.ts
View file

@ -7,18 +7,20 @@
import { format as formatUrl } from 'url';
import supertest from 'supertest';
import { FtrProviderContext } from '../../ftr_provider_context';
import { SecuritySolutionUtils } from './types';
import { FtrProviderContextWithSpaces } from '../../ftr_provider_context_with_spaces';
import { SecuritySolutionESSUtilsInterface } from './types';
export function SecuritySolutionESSUtils({
getService,
}: FtrProviderContext): SecuritySolutionUtils {
}: FtrProviderContextWithSpaces): SecuritySolutionESSUtilsInterface {
const config = getService('config');
const bsearch = getService('bsearch');
const supertestWithoutAuth = getService('supertest');
return {
getUsername: (_role?: string) =>
Promise.resolve(config.get('servers.kibana.username') as string),
createBsearch: (_role?: string) => Promise.resolve(bsearch),
createSuperTest: async (role?: string, password: string = 'changeme') => {
if (!role) {
return supertestWithoutAuth;

14
x-pack/test/security_solution_api_integration/config/services/security_solution_serverless_bsearch_creator.ts Normal file
View file

@ -0,0 +1,14 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { FtrProviderContext } from '../../ftr_provider_context';
export async function SecuritySolutionServerlessBsearchCreator({ getService }: FtrProviderContext) {
const { createBsearch } = getService('securitySolutionUtils');
return await createBsearch('admin');
}

50
x-pack/test/security_solution_api_integration/config/services/security_solution_serverless_utils.ts
View file

@ -7,18 +7,22 @@
import supertest from 'supertest';
import { format as formatUrl } from 'url';
import { IEsSearchResponse } from '@kbn/search-types';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../ftr_provider_context';
import { SecuritySolutionUtils } from './types';
import type { SendOptions } from '@kbn/test-suites-src/common/services/bsearch';
import type { SendOptions as SecureBsearchSendOptions } from '@kbn/test-suites-serverless/shared/services/bsearch_secure';
import type { FtrProviderContext } from '../../ftr_provider_context';
import type { SecuritySolutionUtilsInterface } from './types';
export function SecuritySolutionServerlessUtils({
getService,
}: FtrProviderContext): SecuritySolutionUtils {
}: FtrProviderContext): SecuritySolutionUtilsInterface {
const svlUserManager = getService('svlUserManager');
const lifecycle = getService('lifecycle');
const svlCommonApi = getService('svlCommonApi');
const config = getService('config');
const log = getService('log');
const SecureBsearch = getService('secureBsearch');
const rolesCredentials = new Map<string, RoleCredentials>();
const commonRequestHeader = svlCommonApi.getCommonRequestHeader();
@ -47,6 +51,15 @@ export function SecuritySolutionServerlessUtils({
});
});
const createSuperTest = async (role = 'admin') => {
cleanCredentials(role);
const credentials = await svlUserManager.createM2mApiKeyWithRoleScope(role);
rolesCredentials.set(role, credentials);
const agentWithCommonHeaders = supertest.agent(kbnUrl).set(commonRequestHeader);
return agentWithCommonHeaders.set(credentials.apiKeyHeader);
};
return {
getUsername: async (role = 'admin') => {
const { username } = await svlUserManager.getUserData(role);
@ -56,13 +69,32 @@ export function SecuritySolutionServerlessUtils({
/**
* Only one API key for each role can be active at a time.
*/
createSuperTest: async (role = 'admin') => {
cleanCredentials(role);
const credentials = await svlUserManager.createM2mApiKeyWithRoleScope(role);
rolesCredentials.set(role, credentials);
createSuperTest,
const agentWithCommonHeaders = supertest.agent(kbnUrl).set(commonRequestHeader);
return agentWithCommonHeaders.set(credentials.apiKeyHeader);
createBsearch: async (role = 'admin') => {
const apiKeyHeader = rolesCredentials.get(role)?.apiKeyHeader;
if (!apiKeyHeader) {
log.error(`API key for role [${role}] is not available, SecureBsearch cannot be created`);
}
const send = <T extends IEsSearchResponse>(sendOptions: SendOptions): Promise<T> => {
const { supertest: _, ...rest } = sendOptions;
const serverlessSendOptions: SecureBsearchSendOptions = {
...rest,
// We need super test WITHOUT auth to make the request here, as we are setting the auth header in bsearch `apiKeyHeader`
supertestWithoutAuth: supertest.agent(kbnUrl),
apiKeyHeader: apiKeyHeader ?? { Authorization: '' },
internalOrigin: 'Kibana',
};
log.debug(
`Sending request to SecureBsearch with options: ${JSON.stringify(serverlessSendOptions)}`
);
return SecureBsearch.send(serverlessSendOptions);
};
return { ...SecureBsearch, send };
},
};
}

17
x-pack/test/security_solution_api_integration/config/services/types.ts
View file

@ -6,8 +6,23 @@
*/
import TestAgent from 'supertest/lib/agent';
import type { IEsSearchResponse } from '@kbn/search-types';
export interface SecuritySolutionUtils {
import type { BsearchSecureService } from '@kbn/test-suites-serverless/shared/services/bsearch_secure';
import type { BsearchService, SendOptions } from '@kbn/test-suites-src/common/services/bsearch';
export interface SecuritySolutionServerlessBsearch extends Omit<BsearchSecureService, 'send'> {
send: <T extends IEsSearchResponse>(options: SendOptions) => Promise<T>;
}
export interface SecuritySolutionUtilsInterface {
getUsername: (role?: string) => Promise<string>;
createSuperTest: (role?: string) => Promise<TestAgent<any>>;
createBsearch: (role?: string) => Promise<SecuritySolutionServerlessBsearch>;
}
export interface SecuritySolutionESSUtilsInterface {
getUsername: (role?: string) => Promise<string>;
createBsearch: (role?: string) => Promise<BsearchService>;
createSuperTest: (role?: string, password?: string) => Promise<TestAgent<any>>;
}

2
x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/ess.config.ts
View file

@ -14,7 +14,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
return {
...functionalConfig.getAll(),
testFiles: [require.resolve('../ess')],
testFiles: [require.resolve('../tests')],
junit: {
reportName: 'Explore - Hosts Integration Tests - ESS Env - Trial License',
},

2
x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/serverless.config.ts
View file

@ -16,7 +16,7 @@ export default createTestConfig({
{ product_line: 'cloud', product_tier: 'complete' },
])}`,
],
testFiles: [require.resolve('../serverless')],
testFiles: [require.resolve('../tests')],
junit: {
reportName: 'Explore - Hosts Integration Tests - Serverless Env - Complete Tier',
},

59
x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/serverless/host_details.ts
View file

@ -1,59 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import {
HostDetailsStrategyResponse,
HostsQueries,
} from '@kbn/security-solution-plugin/common/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
import { hostDetailsFilebeatExpectedResult } from '../mocks/host_details';
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const secureBsearch = getService('secureBsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
describe('Host Details', () => {
describe('With filebeat', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/filebeat/default');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
const FROM = '2000-01-01T00:00:00.000Z';
const TO = '3000-01-01T00:00:00.000Z';
it('Make sure that we get HostDetails data', async () => {
const { hostDetails } = await secureBsearch.send<HostDetailsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: HostsQueries.details,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
defaultIndex: ['filebeat-*'],
hostName: 'raspberrypi',
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(hostDetails).to.eql(hostDetailsFilebeatExpectedResult.hostDetails);
});
});
});
}

188
x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/serverless/hosts.ts
View file

@ -1,188 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import {
HostsQueries,
Direction,
HostsFields,
HostsStrategyResponse,
HostDetailsStrategyResponse,
FirstLastSeenQuery,
FirstLastSeenStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
const FROM = '2000-01-01T00:00:00.000Z';
const TO = '3000-01-01T00:00:00.000Z';
// typical values that have to change after an update from "scripts/es_archiver"
const HOST_NAME = 'Ubuntu';
const TOTAL_COUNT = 7;
const EDGE_LENGTH = 1;
const CURSOR_ID = '2ab45fc1c41e4c84bbd02202a7e5761f';
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const secureBsearch = getService('secureBsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
describe('hosts', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
it('Make sure that we get Hosts Table data', async () => {
const hosts = await secureBsearch.send<HostsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: HostsQueries.hosts,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
defaultIndex: ['auditbeat-*'],
sort: {
field: HostsFields.lastSeen,
direction: Direction.asc,
},
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 3,
querySize: 1,
},
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(hosts.edges.length).to.be(EDGE_LENGTH);
expect(hosts.totalCount).to.be(TOTAL_COUNT);
expect(hosts.pageInfo.fakeTotalCount).to.equal(3);
});
it('Make sure that pagination is working in Hosts Table query', async () => {
const hosts = await secureBsearch.send<HostsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: HostsQueries.hosts,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
sort: {
field: HostsFields.lastSeen,
direction: Direction.asc,
},
defaultIndex: ['auditbeat-*'],
pagination: {
activePage: 2,
cursorStart: 1,
fakePossibleCount: 5,
querySize: 2,
},
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(hosts.edges.length).to.be(EDGE_LENGTH);
expect(hosts.totalCount).to.be(TOTAL_COUNT);
expect(hosts.edges[0].node.host?.os?.name).to.eql([HOST_NAME]);
});
it('Make sure that we get Host details data', async () => {
const { hostDetails } = await secureBsearch.send<HostDetailsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: HostsQueries.details,
hostName: 'zeek-sensor-san-francisco',
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
defaultIndex: ['auditbeat-*'],
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(hostDetails).to.eql({
_id: 'zeek-sensor-san-francisco',
host: {
architecture: ['x86_64'],
id: [CURSOR_ID],
name: ['zeek-sensor-san-francisco'],
os: {
family: ['debian'],
name: [HOST_NAME],
platform: ['ubuntu'],
version: ['18.04.2 LTS (Bionic Beaver)'],
},
},
cloud: {
instance: {
id: ['132972452'],
},
provider: ['digitalocean'],
region: ['sfo2'],
},
});
});
it('Make sure that we get First Seen for a Host', async () => {
const firstLastSeenHost = await secureBsearch.send<FirstLastSeenStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: FirstLastSeenQuery,
defaultIndex: ['auditbeat-*'],
field: 'host.name',
value: 'zeek-sensor-san-francisco',
order: 'asc',
},
strategy: 'securitySolutionSearchStrategy',
});
expect(firstLastSeenHost.firstSeen).to.eql('2019-02-19T19:36:23.561Z');
});
it('Make sure that we get Last Seen for a Host', async () => {
const firstLastSeenHost = await secureBsearch.send<FirstLastSeenStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: FirstLastSeenQuery,
defaultIndex: ['auditbeat-*'],
field: 'host.name',
value: 'zeek-sensor-san-francisco',
order: 'desc',
},
strategy: 'securitySolutionSearchStrategy',
});
expect(firstLastSeenHost.lastSeen).to.eql('2019-02-19T20:42:33.561Z');
});
});
}

16
x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/serverless/index.ts
View file

@ -1,16 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
export default function ({ loadTestFile, getService }: FtrProviderContextWithSpaces) {
describe('@serverless SecuritySolution Explore Hosts', () => {
loadTestFile(require.resolve('./hosts'));
loadTestFile(require.resolve('./host_details'));
loadTestFile(require.resolve('./uncommon_processes'));
});
}

154
x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/serverless/uncommon_processes.ts
View file

@ -1,154 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import {
HostsQueries,
HostsUncommonProcessesStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
const FROM = '2019-01-01T00:00:00.000Z';
const TO = '3000-01-01T00:00:00.000Z';
// typical values that have to change after an update from "scripts/es_archiver"
const TOTAL_COUNT = 3;
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const secureBsearch = getService('secureBsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
describe('hosts', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/uncommon_processes');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/uncommon_processes');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
it('should return an edge of length 1 when given a pagination of length 1', async () => {
const response = await secureBsearch.send<HostsUncommonProcessesStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: HostsQueries.uncommonProcesses,
sourceId: 'default',
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 3,
querySize: 1,
},
defaultIndex: ['auditbeat-uncommon-processes'],
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(response.edges.length).to.be(1);
});
describe('when given a pagination of length 2', () => {
it('should return an edge of length 2 ', async () => {
const response = await secureBsearch.send<HostsUncommonProcessesStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: HostsQueries.uncommonProcesses,
sourceId: 'default',
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 3,
querySize: 2,
},
defaultIndex: ['auditbeat-uncommon-processes'],
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(response.edges.length).to.be(2);
});
});
describe('when given a pagination of length 1', () => {
let response: HostsUncommonProcessesStrategyResponse | null = null;
before(async () => {
response = await secureBsearch.send<HostsUncommonProcessesStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: HostsQueries.uncommonProcesses,
sourceId: 'default',
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 3,
querySize: 1,
},
defaultIndex: ['auditbeat-uncommon-processes'],
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
});
it('should return an edge of length 1 ', () => {
expect(response?.edges.length).to.be(1);
});
it('should return a total count of elements', () => {
expect(response?.totalCount).to.be(TOTAL_COUNT);
});
it('should return a single data set with pagination of 1', () => {
const expected = {
_id: 'HCFxB2kBR346wHgnL4ik',
instances: 1,
process: {
name: ['kworker/u2:0'],
},
user: {
id: ['0'],
name: ['root'],
},
hosts: [
{
id: ['zeek-sensor-san-francisco'],
name: ['zeek-sensor-san-francisco'],
},
],
};
expect(response?.edges[0].node).to.eql(expected);
});
});
});
}

15
x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/ess/host_details.ts → x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/host_details.ts
View file

@ -10,19 +10,24 @@ import {
HostDetailsStrategyResponse,
HostsQueries,
} from '@kbn/security-solution-plugin/common/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
import { hostDetailsFilebeatExpectedResult } from '../mocks/host_details';
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const bsearch = getService('bsearch');
const supertest = getService('supertest');
const utils = getService('securitySolutionUtils');
describe('Host Details', () => {
let supertest: TestAgent;
let bsearch: BsearchService;
describe('With filebeat', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default')
);
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/filebeat/default')
);

15
x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/ess/hosts.ts → x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/hosts.ts
View file

@ -15,6 +15,8 @@ import {
FirstLastSeenQuery,
FirstLastSeenStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
@ -29,11 +31,16 @@ const CURSOR_ID = '2ab45fc1c41e4c84bbd02202a7e5761f';
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const supertest = getService('supertest');
const bsearch = getService('bsearch');
const utils = getService('securitySolutionUtils');
describe('hosts', () => {
before(async () => await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts'));
describe('hosts', async () => {
let supertest: TestAgent;
let bsearch: BsearchService;
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts')

2
x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/ess/index.ts → x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/index.ts
View file

@ -8,7 +8,7 @@
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
export default function ({ loadTestFile }: FtrProviderContextWithSpaces) {
describe('@ess SecuritySolution Explore Hosts', () => {
describe('@ess @serverless SecuritySolution Explore Hosts', () => {
loadTestFile(require.resolve('./hosts'));
loadTestFile(require.resolve('./host_details'));
loadTestFile(require.resolve('./uncommon_processes'));

9
x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/ess/uncommon_processes.ts → x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/tests/uncommon_processes.ts
View file

@ -11,6 +11,8 @@ import {
HostsQueries,
HostsUncommonProcessesStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
const FROM = '2000-01-01T00:00:00.000Z';
@ -21,11 +23,14 @@ const TOTAL_COUNT = 3;
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const bsearch = getService('bsearch');
const supertest = getService('supertest');
const utils = getService('securitySolutionUtils');
describe('hosts', () => {
let supertest: TestAgent;
let bsearch: BsearchService;
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/uncommon_processes');
});
after(async () => {

2
x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/ess.config.ts
View file

@ -14,7 +14,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
return {
...functionalConfig.getAll(),
testFiles: [require.resolve('../ess')],
testFiles: [require.resolve('../tests')],
junit: {
reportName: 'Explore - Network Integration Tests - ESS Env - Trial License',
},

2
x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/serverless.config.ts
View file

@ -16,7 +16,7 @@ export default createTestConfig({
{ product_line: 'cloud', product_tier: 'complete' },
])}`,
],
testFiles: [require.resolve('../serverless')],
testFiles: [require.resolve('../tests')],
junit: {
reportName: 'Explore - Network Integration Tests - Serverless Env - Complete Tier',
},

17
x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/serverless/index.ts
View file

@ -1,17 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { FtrProviderContext } from '../../../../../ftr_provider_context';
export default function ({ loadTestFile }: FtrProviderContext) {
describe('@serverless SecuritySolution Explore Network', () => {
loadTestFile(require.resolve('./network_details'));
loadTestFile(require.resolve('./network_dns'));
loadTestFile(require.resolve('./network_top_n_flow'));
loadTestFile(require.resolve('./tls'));
});
}

83
x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/serverless/network_details.ts
View file

@ -1,83 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import {
NetworkDetailsStrategyResponse,
NetworkQueries,
} from '@kbn/security-solution-plugin/common/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const secureBsearch = getService('secureBsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
describe('Network details', () => {
describe('With filebeat', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/filebeat/default');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
it('Make sure that we get Network details data', async () => {
const body = await secureBsearch.send<NetworkDetailsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
ip: '151.205.0.17',
defaultIndex: ['filebeat-*'],
factoryQueryType: NetworkQueries.details,
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(body.networkDetails.source?.geo.continent_name).to.eql(['North America']);
expect(body.networkDetails.source?.geo.location?.lat!).to.eql([37.751]);
expect(body.networkDetails.host?.os?.platform).to.eql(['raspbian']);
});
});
describe('With packetbeat', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/default');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/packetbeat/default');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
it('Make sure that we get Network details data', async () => {
const body = await secureBsearch.send<NetworkDetailsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
ip: '185.53.91.88',
defaultIndex: ['packetbeat-*'],
factoryQueryType: NetworkQueries.details,
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(body.networkDetails.host?.id).to.eql(['2ce8b1e7d69e4a1d9c6bcddc473da9d9']);
expect(body.networkDetails.host?.name).to.eql(['zeek-sensor-amsterdam']);
expect(body.networkDetails.host?.os?.platform!).to.eql(['ubuntu']);
});
});
});
}

109
x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/serverless/network_dns.ts
View file

@ -1,109 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import {
NetworkQueries,
NetworkDnsEdges,
Direction,
NetworkDnsFields,
NetworkDnsStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const secureBsearch = getService('secureBsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
describe('Network DNS', () => {
describe('With packetbeat', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/dns');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/packetbeat/dns');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
const FROM = '2000-01-01T00:00:00.000Z';
const TO = '3000-01-01T00:00:00.000Z';
it('Make sure that we get Dns data and sorting by uniqueDomains ascending', async () => {
const networkDns = await secureBsearch.send<NetworkDnsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
defaultIndex: ['packetbeat-*'],
factoryQueryType: NetworkQueries.dns,
filterQuery:
'{"bool":{"must":[],"filter":[{"match_all":{}}],"should":[],"must_not":[]}}',
isPtrIncluded: false,
pagination: { activePage: 0, cursorStart: 0, fakePossibleCount: 30, querySize: 10 },
sort: { field: NetworkDnsFields.uniqueDomains, direction: Direction.asc },
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
},
strategy: 'securitySolutionSearchStrategy',
});
expect(networkDns.edges.length).to.be(10);
expect(networkDns.totalCount).to.be(44);
expect(networkDns.edges.map((i: NetworkDnsEdges) => i.node.dnsName).join(',')).to.be(
'aaplimg.com,adgrx.com,akadns.net,akamaiedge.net,amazonaws.com,cbsistatic.com,cdn-apple.com,connman.net,d1oxlq5h9kq8q5.cloudfront.net,d3epxf4t8a32oh.cloudfront.net'
);
expect(networkDns.pageInfo.fakeTotalCount).to.equal(30);
});
it('Make sure that we get Dns data and sorting by uniqueDomains descending', async () => {
const networkDns = await secureBsearch.send<NetworkDnsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
ip: '151.205.0.17',
defaultIndex: ['packetbeat-*'],
factoryQueryType: NetworkQueries.dns,
inspect: false,
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 30,
querySize: 10,
},
sort: { field: NetworkDnsFields.uniqueDomains, direction: Direction.desc },
stackByField: 'dns.question.registered_domain',
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
},
strategy: 'securitySolutionSearchStrategy',
});
expect(networkDns.edges.length).to.be(10);
expect(networkDns.totalCount).to.be(44);
expect(networkDns.edges.map((i: NetworkDnsEdges) => i.node.dnsName).join(',')).to.be(
'nflxvideo.net,apple.com,netflix.com,samsungcloudsolution.com,samsungqbe.com,samsungelectronics.com,internetat.tv,samsungcloudsolution.net,samsungosp.com,cbsnews.com'
);
expect(networkDns.pageInfo.fakeTotalCount).to.equal(30);
});
});
});
}

186
x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/serverless/network_top_n_flow.ts
View file

@ -1,186 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import {
NetworkQueries,
NetworkTopNFlowEdges,
Direction,
FlowTargetSourceDest,
NetworkTopTablesFields,
NetworkTopNFlowStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
const EDGE_LENGTH = 10;
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const secureBsearch = getService('secureBsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
describe('Network Top N Flow', () => {
describe('With filebeat', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/filebeat/default');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
const FROM = '2019-02-09T01:57:24.870Z';
const TO = '2019-02-12T01:57:24.870Z';
it('should get Source NetworkTopNFlow data with bytes_in descending sort', async () => {
const networkTopNFlow = await secureBsearch.send<NetworkTopNFlowStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
defaultIndex: ['filebeat-*'],
factoryQueryType: NetworkQueries.topNFlow,
flowTarget: FlowTargetSourceDest.source,
sort: { field: NetworkTopTablesFields.bytes_in, direction: Direction.desc },
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 0,
querySize: 10,
},
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(networkTopNFlow.edges.length).to.be(EDGE_LENGTH);
expect(
networkTopNFlow.edges.map((i: NetworkTopNFlowEdges) => i.node.source!.ip).join(',')
).to.be(
'10.100.7.196,10.100.7.199,10.100.7.197,10.100.7.198,3.82.33.170,17.249.172.100,10.100.4.1,8.248.209.244,8.248.211.247,8.248.213.244'
);
expect(networkTopNFlow.edges[0].node.destination).to.be(undefined);
expect(networkTopNFlow.edges[0].node.source!.flows).to.be(498);
expect(networkTopNFlow.edges[0].node.source!.destination_ips).to.be(132);
});
it('should get Source NetworkTopNFlow data with bytes_in ascending sort ', async () => {
const networkTopNFlow = await secureBsearch.send<NetworkTopNFlowStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
defaultIndex: ['filebeat-*'],
factoryQueryType: NetworkQueries.topNFlow,
filterQuery:
'{"bool":{"must":[],"filter":[{"match_all":{}}],"should":[],"must_not":[]}}',
flowTarget: FlowTargetSourceDest.source,
sort: { field: NetworkTopTablesFields.bytes_in, direction: Direction.asc },
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 0,
querySize: 10,
},
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(networkTopNFlow.edges.length).to.be(EDGE_LENGTH);
expect(
networkTopNFlow.edges.map((i: NetworkTopNFlowEdges) => i.node.source!.ip).join(',')
).to.be(
'8.248.209.244,8.248.211.247,8.248.213.244,8.248.223.246,8.250.107.245,8.250.121.236,8.250.125.244,8.253.38.231,8.253.157.112,8.253.157.240'
);
expect(networkTopNFlow.edges[0].node.destination).to.be(undefined);
expect(networkTopNFlow.edges[0].node.source!.flows).to.be(12);
expect(networkTopNFlow.edges[0].node.source!.destination_ips).to.be(1);
});
it('should get Destination NetworkTopNFlow data', async () => {
const networkTopNFlow = await secureBsearch.send<NetworkTopNFlowStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
defaultIndex: ['filebeat-*'],
factoryQueryType: 'topNFlow',
filterQuery:
'{"bool":{"must":[],"filter":[{"match_all":{}}],"should":[],"must_not":[]}}',
sort: { field: NetworkTopTablesFields.bytes_in, direction: Direction.desc },
flowTarget: FlowTargetSourceDest.destination,
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 0,
querySize: 10,
},
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(networkTopNFlow.edges.length).to.be(EDGE_LENGTH);
expect(networkTopNFlow.edges[0].node.destination!.flows).to.be(19);
expect(networkTopNFlow.edges[0].node.destination!.source_ips).to.be(1);
expect(networkTopNFlow.edges[0].node.source).to.be(undefined);
});
it('should paginate NetworkTopNFlow query', async () => {
const networkTopNFlow = await secureBsearch.send<NetworkTopNFlowStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
defaultIndex: ['filebeat-*'],
factoryQueryType: 'topNFlow',
filterQuery:
'{"bool":{"must":[],"filter":[{"match_all":{}}],"should":[],"must_not":[]}}',
sort: { field: NetworkTopTablesFields.bytes_in, direction: Direction.desc },
flowTarget: FlowTargetSourceDest.source,
pagination: {
activePage: 1,
cursorStart: 10,
fakePossibleCount: 0,
querySize: 20,
},
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(networkTopNFlow.edges.length).to.be(EDGE_LENGTH);
expect(networkTopNFlow.edges[0].node.source!.ip).to.be('8.248.223.246');
});
});
});
}

239
x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/serverless/tls.ts
View file

@ -1,239 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import {
NetworkQueries,
Direction,
NetworkTlsFields,
FlowTarget,
NetworkTlsStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
const FROM = '2000-01-01T00:00:00.000Z';
const TO = '3000-01-01T00:00:00.000Z';
const SOURCE_IP = '10.128.0.35';
const DESTINATION_IP = '74.125.129.95';
const expectedResult = {
_id: '16989191B1A93ECECD5FE9E63EBD4B5C3B606D26',
subjects: ['CN=edgecert.googleapis.com,O=Google LLC,L=Mountain View,ST=California,C=US'],
issuers: ['CN=GTS CA 1O1,O=Google Trust Services,C=US'],
ja3: ['bd12d76eb0b6787e6a78a14d2ff96c2b'],
notAfter: ['2020-05-06T11:52:15.000Z'],
};
const expectedOverviewDestinationResult = {
edges: [
{
cursor: {
tiebreaker: null,
value: 'EB4E81DD7C55BA9715652ECF5647FB8877E55A8F',
},
node: {
_id: 'EB4E81DD7C55BA9715652ECF5647FB8877E55A8F',
subjects: [
'CN=*.cdn.mozilla.net,OU=Cloud Services,O=Mozilla Corporation,L=Mountain View,ST=California,C=US',
],
issuers: ['CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US'],
ja3: ['b20b44b18b853ef29ab773e921b03422'],
notAfter: ['2020-12-09T12:00:00.000Z'],
},
},
],
pageInfo: {
activePage: 0,
fakeTotalCount: 3,
showMorePagesIndicator: false,
},
totalCount: 3,
};
const expectedOverviewSourceResult = {
edges: [
{
cursor: {
tiebreaker: null,
value: 'EB4E81DD7C55BA9715652ECF5647FB8877E55A8F',
},
node: {
_id: 'EB4E81DD7C55BA9715652ECF5647FB8877E55A8F',
subjects: [
'CN=*.cdn.mozilla.net,OU=Cloud Services,O=Mozilla Corporation,L=Mountain View,ST=California,C=US',
],
issuers: ['CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US'],
ja3: ['b20b44b18b853ef29ab773e921b03422'],
notAfter: ['2020-12-09T12:00:00.000Z'],
},
},
],
pageInfo: {
activePage: 0,
fakeTotalCount: 3,
showMorePagesIndicator: false,
},
totalCount: 3,
};
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const secureBsearch = getService('secureBsearch');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
describe('Tls Test with Packetbeat', () => {
describe('Tls Test', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/tls');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/packetbeat/tls');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
it('Ensure data is returned for FlowTarget.Source', async () => {
const tls = await secureBsearch.send<NetworkTlsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: NetworkQueries.tls,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
ip: SOURCE_IP,
flowTarget: FlowTarget.source,
sort: { field: NetworkTlsFields._id, direction: Direction.desc },
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 30,
querySize: 10,
},
defaultIndex: ['packetbeat-*'],
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(tls.edges.length).to.be(1);
expect(tls.totalCount).to.be(1);
expect(tls.edges[0].node).to.eql(expectedResult);
});
it('Ensure data is returned for FlowTarget.Destination', async () => {
const tls = await secureBsearch.send<NetworkTlsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: NetworkQueries.tls,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
ip: DESTINATION_IP,
flowTarget: FlowTarget.destination,
sort: { field: NetworkTlsFields._id, direction: Direction.desc },
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 30,
querySize: 10,
},
defaultIndex: ['packetbeat-*'],
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(tls.edges.length).to.be(1);
expect(tls.totalCount).to.be(1);
expect(tls.edges[0].node).to.eql(expectedResult);
});
});
describe('Tls Overview Test', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/tls');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/packetbeat/tls');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
it('Ensure data is returned for FlowTarget.Source', async () => {
const tls = await secureBsearch.send<NetworkTlsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: NetworkQueries.tls,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
ip: '',
flowTarget: FlowTarget.source,
sort: { field: NetworkTlsFields._id, direction: Direction.desc },
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 30,
querySize: 10,
},
defaultIndex: ['packetbeat-*'],
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(tls.pageInfo).to.eql(expectedOverviewSourceResult.pageInfo);
expect(tls.edges[0]).to.eql(expectedOverviewSourceResult.edges[0]);
});
it('Ensure data is returned for FlowTarget.Destination', async () => {
const tls = await secureBsearch.send<NetworkTlsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: NetworkQueries.tls,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
ip: '',
flowTarget: FlowTarget.destination,
sort: { field: NetworkTlsFields._id, direction: Direction.desc },
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 30,
querySize: 10,
},
defaultIndex: ['packetbeat-*'],
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(tls.pageInfo).to.eql(expectedOverviewDestinationResult.pageInfo);
expect(tls.edges[0]).to.eql(expectedOverviewDestinationResult.edges[0]);
});
});
});
}

2
x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/ess/index.ts → x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/index.ts
View file

@ -8,7 +8,7 @@
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
export default function ({ loadTestFile }: FtrProviderContextWithSpaces) {
describe('@ess SecuritySolution Explore Network', () => {
describe('@ess @serverless SecuritySolution Explore Network', () => {
loadTestFile(require.resolve('./network_details'));
loadTestFile(require.resolve('./network_dns'));
loadTestFile(require.resolve('./network_top_n_flow'));

23
x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/ess/network_details.ts → x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_details.ts
View file

@ -10,19 +10,24 @@ import {
NetworkDetailsStrategyResponse,
NetworkQueries,
} from '@kbn/security-solution-plugin/common/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const bsearch = getService('bsearch');
const supertest = getService('supertest');
const utils = getService('securitySolutionUtils');
describe('Network details', () => {
let supertest: TestAgent;
let bsearch: BsearchService;
describe('With filebeat', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default')
);
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/filebeat/default')
);
@ -46,9 +51,11 @@ export default function ({ getService }: FtrProviderContextWithSpaces) {
});
describe('With packetbeat', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/default')
);
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/default');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/packetbeat/default')
);

16
x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/ess/network_dns.ts → x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_dns.ts
View file

@ -13,19 +13,23 @@ import {
NetworkDnsFields,
NetworkDnsStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const bsearch = getService('bsearch');
const supertest = getService('supertest');
const utils = getService('securitySolutionUtils');
describe('Network DNS', () => {
let supertest: TestAgent;
let bsearch: BsearchService;
describe('With packetbeat', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/dns')
);
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/dns');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/packetbeat/dns')
);

15
x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/ess/network_top_n_flow.ts → x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/network_top_n_flow.ts
View file

@ -14,6 +14,8 @@ import {
NetworkTopTablesFields,
NetworkTopNFlowStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
@ -21,14 +23,17 @@ const EDGE_LENGTH = 10;
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const bsearch = getService('bsearch');
const supertest = getService('supertest');
const utils = getService('securitySolutionUtils');
describe('Network Top N Flow', () => {
let supertest: TestAgent;
let bsearch: BsearchService;
describe('With filebeat', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default')
);
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/filebeat/default')
);

23
x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/ess/tls.ts → x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/tests/tls.ts
View file

@ -13,6 +13,8 @@ import {
FlowTarget,
NetworkTlsStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
@ -83,14 +85,17 @@ const expectedOverviewSourceResult = {
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const supertest = getService('supertest');
const bsearch = getService('bsearch');
const utils = getService('securitySolutionUtils');
describe('Tls Test with Packetbeat', () => {
let supertest: TestAgent;
let bsearch: BsearchService;
describe('Tls Test', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/tls')
);
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/tls');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/packetbeat/tls')
);
@ -155,9 +160,11 @@ export default function ({ getService }: FtrProviderContextWithSpaces) {
});
describe('Tls Overview Test', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/tls')
);
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/tls');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/packetbeat/tls')
);

2
x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/ess.config.ts
View file

@ -14,7 +14,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
return {
...functionalConfig.getAll(),
testFiles: [require.resolve('../ess')],
testFiles: [require.resolve('../tests')],
junit: {
reportName: 'Explore - Overview Integration Tests - ESS Env - Trial License',
},

2
x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/serverless.config.ts
View file

@ -16,7 +16,7 @@ export default createTestConfig({
{ product_line: 'cloud', product_tier: 'complete' },
])}`,
],
testFiles: [require.resolve('../serverless')],
testFiles: [require.resolve('../tests')],
junit: {
reportName: 'Explore - Overview Integration Tests - Serverless Env - Complete Tier',
},

15
x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/serverless/index.ts
View file

@ -1,15 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { FtrProviderContext } from '../../../../../ftr_provider_context';
export default function ({ loadTestFile, getService }: FtrProviderContext) {
describe('@serverless SecuritySolution Explore Overview', () => {
loadTestFile(require.resolve('./overview_host'));
loadTestFile(require.resolve('./overview_network'));
});
}

76
x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/serverless/overview_host.ts
View file

@ -1,76 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import {
HostsQueries,
HostsOverviewStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const secureBsearch = getService('secureBsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
describe('Overview Host', () => {
describe('With auditbeat', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/overview');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/overview');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
const FROM = '2000-01-01T00:00:00.000Z';
const TO = '3000-01-01T00:00:00.000Z';
const expectedResult = {
auditbeatAuditd: 2194,
auditbeatFIM: 4,
auditbeatLogin: 2810,
auditbeatPackage: 3,
auditbeatProcess: 7,
auditbeatUser: 6,
endgameDns: 1,
endgameFile: 2,
endgameImageLoad: 1,
endgameNetwork: 4,
endgameProcess: 2,
endgameRegistry: 1,
endgameSecurity: 4,
filebeatSystemModule: 0,
winlogbeatSecurity: 0,
winlogbeatMWSysmonOperational: 0,
};
it('Make sure that we get OverviewHost data', async () => {
const { overviewHost } = await secureBsearch.send<HostsOverviewStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
defaultIndex: ['auditbeat-*'],
factoryQueryType: HostsQueries.overview,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(overviewHost).to.eql(expectedResult);
});
});
});
}

160
x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/serverless/overview_network.ts
View file

@ -1,160 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import {
NetworkOverviewStrategyResponse,
NetworkQueries,
} from '@kbn/security-solution-plugin/common/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const secureBsearch = getService('secureBsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
describe('Overview Network', () => {
describe('With filebeat', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/filebeat/default');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
const FROM = '2000-01-01T00:00:00.000Z';
const TO = '3000-01-01T00:00:00.000Z';
const expectedResult = {
auditbeatSocket: 0,
filebeatCisco: 0,
filebeatNetflow: 1273,
filebeatPanw: 0,
filebeatSuricata: 4547,
filebeatZeek: 0,
packetbeatDNS: 0,
packetbeatFlow: 0,
packetbeatTLS: 0,
};
it('Make sure that we get OverviewNetwork data', async () => {
const { overviewNetwork } = await secureBsearch.send<NetworkOverviewStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
defaultIndex: ['filebeat-*'],
factoryQueryType: NetworkQueries.overview,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(overviewNetwork).to.eql(expectedResult);
});
});
describe('With packetbeat', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/overview');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/packetbeat/overview');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
const FROM = '2000-01-01T00:00:00.000Z';
const TO = '3000-01-01T00:00:00.000Z';
const expectedResult = {
auditbeatSocket: 0,
filebeatCisco: 0,
filebeatNetflow: 0,
filebeatPanw: 0,
filebeatSuricata: 0,
filebeatZeek: 0,
packetbeatDNS: 44,
packetbeatFlow: 588,
packetbeatTLS: 0,
};
it('Make sure that we get OverviewNetwork data', async () => {
const { overviewNetwork } = await secureBsearch.send<NetworkOverviewStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
defaultIndex: ['packetbeat-*'],
factoryQueryType: NetworkQueries.overview,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(overviewNetwork).to.eql(expectedResult);
});
});
describe('With auditbeat', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/overview');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/overview');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
const FROM = '2000-01-01T00:00:00.000Z';
const TO = '3000-01-01T00:00:00.000Z';
const expectedResult = {
auditbeatSocket: 45,
filebeatCisco: 0,
filebeatNetflow: 0,
filebeatPanw: 0,
filebeatSuricata: 0,
filebeatZeek: 0,
packetbeatDNS: 0,
packetbeatFlow: 0,
packetbeatTLS: 0,
};
it('Make sure that we get OverviewNetwork data', async () => {
const { overviewNetwork } = await secureBsearch.send<NetworkOverviewStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
defaultIndex: ['auditbeat-*'],
factoryQueryType: NetworkQueries.overview,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(overviewNetwork).to.eql(expectedResult);
});
});
});
}

2
x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/ess/index.ts → x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/index.ts
View file

@ -8,7 +8,7 @@
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
export default function ({ loadTestFile }: FtrProviderContextWithSpaces) {
describe('@ess SecuritySolution Explore Overview', () => {
describe('@ess @serverless SecuritySolution Explore Overview', () => {
loadTestFile(require.resolve('./overview_host'));
loadTestFile(require.resolve('./overview_network'));
});

15
x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/ess/overview_host.ts → x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/overview_host.ts
View file

@ -11,18 +11,23 @@ import {
HostsQueries,
HostsOverviewStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const bsearch = getService('bsearch');
const supertest = getService('supertest');
const utils = getService('securitySolutionUtils');
describe('Overview Host', () => {
let supertest: TestAgent;
let bsearch: BsearchService;
describe('With auditbeat', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/overview')
);
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/overview');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/overview')
);

31
x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/ess/overview_network.ts → x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/tests/overview_network.ts
View file

@ -10,18 +10,23 @@ import {
NetworkOverviewStrategyResponse,
NetworkQueries,
} from '@kbn/security-solution-plugin/common/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const bsearch = getService('bsearch');
const supertest = getService('supertest');
const utils = getService('securitySolutionUtils');
describe('Overview Network', () => {
let supertest: TestAgent;
let bsearch: BsearchService;
describe('With filebeat', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default')
);
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/filebeat/default')
);
@ -61,9 +66,11 @@ export default function ({ getService }: FtrProviderContextWithSpaces) {
});
describe('With packetbeat', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/overview')
);
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/packetbeat/overview');
});
after(
async () =>
await esArchiver.unload('x-pack/test/functional/es_archives/packetbeat/overview')
@ -103,9 +110,11 @@ export default function ({ getService }: FtrProviderContextWithSpaces) {
});
describe('With auditbeat', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/overview')
);
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/overview');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/overview')
);

2
x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/ess.config.ts
View file

@ -14,7 +14,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
return {
...functionalConfig.getAll(),
testFiles: [require.resolve('../ess')],
testFiles: [require.resolve('../tests')],
junit: {
reportName: 'Explore - Users Integration Tests - ESS Env - Trial License',
},

2
x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/serverless.config.ts
View file

@ -16,7 +16,7 @@ export default createTestConfig({
{ product_line: 'cloud', product_tier: 'complete' },
])}`,
],
testFiles: [require.resolve('../serverless')],
testFiles: [require.resolve('../tests')],
junit: {
reportName: 'Explore - Users Integration Tests - Serverless Env - Complete Tier',
},

115
x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/serverless/authentications.ts
View file

@ -1,115 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import {
AuthStackByField,
Direction,
UserAuthenticationsStrategyResponse,
UsersQueries,
} from '@kbn/security-solution-plugin/common/search_strategy';
import type { UserAuthenticationsRequestOptions } from '@kbn/security-solution-plugin/common/api/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
const FROM = '2000-01-01T00:00:00.000Z';
const TO = '3000-01-01T00:00:00.000Z';
// typical values that have to change after an update from "scripts/es_archiver"
const HOST_NAME = 'zeek-newyork-sha-aa8df15';
const LAST_SUCCESS_SOURCE_IP = '8.42.77.171';
const TOTAL_COUNT = 3;
const EDGE_LENGTH = 1;
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const secureBsearch = getService('secureBsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
describe('authentications', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
it('Make sure that we get Authentication data', async () => {
const requestOptions: UserAuthenticationsRequestOptions = {
factoryQueryType: UsersQueries.authentications,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 3,
querySize: 1,
},
defaultIndex: ['auditbeat-*'],
stackByField: AuthStackByField.userName,
sort: { field: 'timestamp', direction: Direction.asc },
filterQuery: '',
};
const authentications = await secureBsearch.send<UserAuthenticationsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: requestOptions,
strategy: 'securitySolutionSearchStrategy',
});
expect(authentications.edges.length).to.be(EDGE_LENGTH);
expect(authentications.totalCount).to.be(TOTAL_COUNT);
expect(authentications.pageInfo.fakeTotalCount).to.equal(3);
});
it('Make sure that pagination is working in Authentications query', async () => {
const requestOptions: UserAuthenticationsRequestOptions = {
factoryQueryType: UsersQueries.authentications,
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
pagination: {
activePage: 2,
cursorStart: 1,
fakePossibleCount: 5,
querySize: 2,
},
defaultIndex: ['auditbeat-*'],
stackByField: AuthStackByField.userName,
sort: { field: 'timestamp', direction: Direction.asc },
filterQuery: '',
};
const authentications = await secureBsearch.send<UserAuthenticationsStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: requestOptions,
strategy: 'securitySolutionSearchStrategy',
});
expect(authentications.edges.length).to.be(EDGE_LENGTH);
expect(authentications.totalCount).to.be(TOTAL_COUNT);
expect(authentications.edges[0].node.lastSuccess?.source?.ip).to.eql([
LAST_SUCCESS_SOURCE_IP,
]);
expect(authentications.edges[0].node.lastSuccess?.host?.name).to.eql([HOST_NAME]);
});
});
}

15
x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/serverless/index.ts
View file

@ -1,15 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { FtrProviderContext } from '../../../../../ftr_provider_context';
export default function ({ loadTestFile }: FtrProviderContext) {
describe('@serverless SecuritySolution Explore Users', () => {
loadTestFile(require.resolve('./authentications'));
loadTestFile(require.resolve('./users'));
});
}

79
x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/serverless/users.ts
View file

@ -1,79 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import {
NetworkQueries,
Direction,
NetworkUsersFields,
FlowTarget,
NetworkUsersStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
const FROM = '2000-01-01T00:00:00.000Z';
const TO = '3000-01-01T00:00:00.000Z';
const IP = '0.0.0.0';
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const secureBsearch = getService('secureBsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
describe('Users', () => {
describe('With auditbeat', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/users');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/users');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
it('Ensure data is returned from auditbeat', async () => {
const users = await secureBsearch.send<NetworkUsersStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: NetworkQueries.users,
sourceId: 'default',
timerange: {
interval: '12h',
to: TO,
from: FROM,
},
defaultIndex: ['auditbeat-users'],
ip: IP,
flowTarget: FlowTarget.destination,
sort: { field: NetworkUsersFields.name, direction: Direction.asc },
pagination: {
activePage: 0,
cursorStart: 0,
fakePossibleCount: 30,
querySize: 10,
},
inspect: false,
},
strategy: 'securitySolutionSearchStrategy',
});
expect(users.edges.length).to.be(1);
expect(users.totalCount).to.be(1);
expect(users.edges[0].node.user?.id).to.eql(['0']);
expect(users.edges[0].node.user?.name).to.be('root');
expect(users.edges[0].node.user?.groupId).to.eql(['0']);
expect(users.edges[0].node.user?.groupName).to.eql(['root']);
expect(users.edges[0].node.user?.count).to.be(1);
});
});
});
}

14
x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/ess/authentications.ts → x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/authentications.ts
View file

@ -13,7 +13,9 @@ import {
UsersQueries,
} from '@kbn/security-solution-plugin/common/search_strategy';
import type { UserAuthenticationsRequestOptions } from '@kbn/security-solution-plugin/common/api/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
const FROM = '2000-01-01T00:00:00.000Z';
@ -27,11 +29,17 @@ const EDGE_LENGTH = 1;
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const bsearch = getService('bsearch');
const supertest = getService('supertest');
const utils = getService('securitySolutionUtils');
describe('authentications', () => {
before(async () => await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts'));
let supertest: TestAgent;
let bsearch: BsearchService;
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts')

0
x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/ess/index.ts → x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/index.ts
View file

15
x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/ess/users.ts → x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/tests/users.ts
View file

@ -13,6 +13,8 @@ import {
FlowTarget,
NetworkUsersStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
@ -22,14 +24,17 @@ const IP = '0.0.0.0';
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const bsearch = getService('bsearch');
const supertest = getService('supertest');
const utils = getService('securitySolutionUtils');
describe('Users', () => {
let supertest: TestAgent;
let bsearch: BsearchService;
describe('With auditbeat', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/users')
);
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/users');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/users')
);

2
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.basic.config.ts
View file

@ -20,7 +20,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
`--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`,
],
},
testFiles: [require.resolve('../ess/basic')],
testFiles: [require.resolve('../tests/basic')],
junit: {
reportName: 'Timeline Integration Tests - ESS Env - Basic License',
},

2
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.trial.config.ts
View file

@ -20,7 +20,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
`--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`,
],
},
testFiles: [require.resolve('../ess/trial')],
testFiles: [require.resolve('../tests/trial')],
junit: {
reportName: 'Timeline Integration Tests - ESS Env - Trial License',
},

0
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/ess/basic/events.ts → x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/events.ts
View file

0
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/ess/basic/import_timelines.ts → x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/import_timelines.ts
View file

0
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/ess/basic/index.ts → x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/index.ts
View file

0
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/ess/basic/install_prepackaged_timelines.ts → x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/install_prepackaged_timelines.ts
View file

0
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/ess/trial/events.ts → x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/events.ts
View file

0
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/ess/trial/index.ts → x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/index.ts
View file

2
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts
View file

@ -20,7 +20,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
`--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`,
],
},
testFiles: [require.resolve('../ess')],
testFiles: [require.resolve('../tests')],
junit: {
reportName: 'Timeline Integration Tests - ESS Env - Trial License',
},

2
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts
View file

@ -16,7 +16,7 @@ export default createTestConfig({
{ product_line: 'cloud', product_tier: 'complete' },
])}`,
],
testFiles: [require.resolve('../serverless')],
testFiles: [require.resolve('../tests')],
junit: {
reportName: 'Timeline Integration Tests - Serverless Env - Complete Tier',
},

112
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/serverless/events.ts
View file

@ -1,112 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import { JsonObject } from '@kbn/utility-types';
import {
Direction,
TimelineEventsQueries,
TimelineEventsAllStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
import { getFieldsToRequest, getFilterValue } from '../../../../utils';
const TO = '3000-01-01T00:00:00.000Z';
const FROM = '2000-01-01T00:00:00.000Z';
// typical values that have to change after an update from "scripts/es_archiver"
const DATA_COUNT = 7;
const HOST_NAME = 'suricata-sensor-amsterdam';
const TOTAL_COUNT = 96;
const EDGE_LENGTH = 25;
const ACTIVE_PAGE = 0;
const PAGE_SIZE = 25;
const LIMITED_PAGE_SIZE = 2;
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const secureBsearch = getService('secureBsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
const getPostBody = (): JsonObject => ({
defaultIndex: ['auditbeat-*'],
factoryQueryType: TimelineEventsQueries.all,
entityType: 'events',
fieldRequested: getFieldsToRequest(),
fields: [],
filterQuery: getFilterValue(HOST_NAME, FROM, TO),
pagination: {
activePage: 0,
querySize: 25,
},
language: 'kuery',
sort: [
{
field: '@timestamp',
direction: Direction.desc,
esTypes: ['date'],
},
],
timerange: {
from: FROM,
to: TO,
interval: '12h',
},
});
describe('Timeline', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
it('returns Timeline data', async () => {
const timeline = await secureBsearch.send<TimelineEventsAllStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
...getPostBody(),
},
strategy: 'timelineSearchStrategy',
});
expect(timeline.edges.length).to.be(EDGE_LENGTH);
expect(timeline.edges[0].node.data.length).to.be(DATA_COUNT);
expect(timeline.totalCount).to.be(TOTAL_COUNT);
expect(timeline.pageInfo.activePage).to.equal(ACTIVE_PAGE);
expect(timeline.pageInfo.querySize).to.equal(PAGE_SIZE);
});
it('returns paginated Timeline query', async () => {
const timeline = await secureBsearch.send<TimelineEventsAllStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
...getPostBody(),
pagination: {
activePage: 0,
querySize: LIMITED_PAGE_SIZE,
},
},
strategy: 'timelineSearchStrategy',
});
expect(timeline.edges.length).to.be(LIMITED_PAGE_SIZE);
expect(timeline.edges[0].node.data.length).to.be(DATA_COUNT);
expect(timeline.totalCount).to.be(TOTAL_COUNT);
expect(timeline.edges[0].node.data.length).to.be(DATA_COUNT);
expect(timeline.edges[0]!.node.ecs.host!.name).to.eql([HOST_NAME]);
});
});
}

15
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/serverless/index.ts
View file

@ -1,15 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { FtrProviderContext } from '../../../../../ftr_provider_context';
export default function ({ loadTestFile }: FtrProviderContext) {
describe('@serverless SecuritySolution Timeline', () => {
loadTestFile(require.resolve('./events'));
loadTestFile(require.resolve('./timeline_details'));
});
}

86
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/serverless/timeline_details.ts
View file

@ -1,86 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import expect from '@kbn/expect';
import { sortBy } from 'lodash';
import {
TimelineEventsQueries,
TimelineEventsDetailsStrategyResponse,
TimelineKpiStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import { RoleCredentials } from '@kbn/test-suites-serverless/shared/services';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
import { timelineDetailsFilebeatExpectedResults as EXPECTED_DATA } from '../mocks/timeline_details';
// typical values that have to change after an update from "scripts/es_archiver"
const INDEX_NAME = 'filebeat-7.0.0-iot-2019.06';
const ID = 'QRhG1WgBqd-n62SwZYDT';
const EXPECTED_KPI_COUNTS = {
destinationIpCount: 154,
hostCount: 1,
processCount: 0,
sourceIpCount: 121,
userCount: 0,
};
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const secureBsearch = getService('secureBsearch');
const supertestWithoutAuth = getService('supertestWithoutAuth');
const svlUserManager = getService('svlUserManager');
let roleAuthc: RoleCredentials;
describe('Timeline Details', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default');
roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin');
});
after(async () => {
await esArchiver.unload('x-pack/test/functional/es_archives/filebeat/default');
await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc);
});
it('Make sure that we get Event Details data', async () => {
const { data: detailsData } = await secureBsearch.send<TimelineEventsDetailsStrategyResponse>(
{
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: TimelineEventsQueries.details,
indexName: INDEX_NAME,
inspect: false,
eventId: ID,
},
strategy: 'timelineSearchStrategy',
}
);
expect(sortBy(detailsData, 'field')).to.eql(sortBy(EXPECTED_DATA, 'field'));
});
it('Make sure that we get kpi data', async () => {
const { destinationIpCount, hostCount, processCount, sourceIpCount, userCount } =
await secureBsearch.send<TimelineKpiStrategyResponse>({
supertestWithoutAuth,
apiKeyHeader: roleAuthc.apiKeyHeader,
internalOrigin: 'Kibana',
options: {
factoryQueryType: TimelineEventsQueries.kpi,
indexName: INDEX_NAME,
inspect: false,
eventId: ID,
},
strategy: 'timelineSearchStrategy',
});
expect({ destinationIpCount, hostCount, processCount, sourceIpCount, userCount }).to.eql(
EXPECTED_KPI_COUNTS
);
});
});
}

10
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/ess/events.ts → x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/events.ts
View file

@ -13,6 +13,8 @@ import {
TimelineEventsQueries,
TimelineEventsAllStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
import { getFieldsToRequest, getFilterValue } from '../../../../utils';
@ -29,8 +31,7 @@ const LIMITED_PAGE_SIZE = 2;
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const bsearch = getService('bsearch');
const supertest = getService('supertest');
const utils = getService('securitySolutionUtils');
const getPostBody = (): JsonObject => ({
defaultIndex: ['auditbeat-*'],
@ -59,7 +60,12 @@ export default function ({ getService }: FtrProviderContextWithSpaces) {
});
describe('Timeline', () => {
let supertest: TestAgent;
let bsearch: BsearchService;
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts');
});
after(async () => {

3
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/ess/index.ts → x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/index.ts
View file

@ -8,7 +8,8 @@
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
export default function ({ loadTestFile }: FtrProviderContextWithSpaces) {
describe('@ess SecuritySolution Timeline', () => {
// Failed in serverless: https://github.com/elastic/kibana/issues/183645
describe('@ess @serverless @skipInServerless SecuritySolution Timeline', () => {
loadTestFile(require.resolve('./events'));
loadTestFile(require.resolve('./timeline_details'));
loadTestFile(require.resolve('./timeline'));

0
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/ess/timeline.ts → x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline.ts
View file

16
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/ess/timeline_details.ts → x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_details.ts
View file

@ -12,7 +12,8 @@ import {
TimelineEventsDetailsStrategyResponse,
TimelineKpiStrategyResponse,
} from '@kbn/security-solution-plugin/common/search_strategy';
import TestAgent from 'supertest/lib/agent';
import { BsearchService } from '@kbn/test-suites-src/common/services/bsearch';
import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces';
import { timelineDetailsFilebeatExpectedResults as EXPECTED_DATA } from '../mocks/timeline_details';
@ -30,13 +31,16 @@ const EXPECTED_KPI_COUNTS = {
export default function ({ getService }: FtrProviderContextWithSpaces) {
const esArchiver = getService('esArchiver');
const supertest = getService('supertest');
const bsearch = getService('bsearch');
const utils = getService('securitySolutionUtils');
describe('Timeline Details', () => {
before(
async () => await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default')
);
let supertest: TestAgent;
let bsearch: BsearchService;
before(async () => {
supertest = await utils.createSuperTest();
bsearch = await utils.createBsearch();
await esArchiver.load('x-pack/test/functional/es_archives/filebeat/default');
});
after(
async () => await esArchiver.unload('x-pack/test/functional/es_archives/filebeat/default')
);

0
x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/ess/timeline_migrations.ts → x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_migrations.ts
View file

3
x-pack/test/security_solution_api_integration/tsconfig.json
View file

@ -8,7 +8,7 @@
"**/*",
"../../../typings/**/*",
"../../../packages/kbn-test/types/ftr_globals/**/*",
],
],
"exclude": [
"target/**/*"
],
@ -47,6 +47,7 @@
"@kbn/utility-types",
"@kbn/timelines-plugin",
"@kbn/dev-cli-runner",
"@kbn/search-types",
"@kbn/security-plugin",
"@kbn/test-suites-src",
]

2
x-pack/test_serverless/shared/services/bsearch_secure.ts
View file

@ -24,7 +24,7 @@ const parseBfetchResponse = (resp: request.Response): Array<Record<string, any>>
.map((item) => JSON.parse(item));
};
interface SendOptions {
export interface SendOptions {
supertestWithoutAuth: SupertestWithoutAuthProviderType;
apiKeyHeader: { Authorization: string };
referer?: string;