github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.0] [Osquery] Fix infinite loop (#124332) (#125615)

Browse source 
* [Osquery] Fix infinite loop (#124332)

Co-authored-by: Patryk Kopycinski <contact@patrykkopycinski.com>
(cherry picked from commit 1f4a7d4d72)

# Conflicts:
#	x-pack/plugins/osquery/public/packs/queries/query_flyout.tsx
#	x-pack/test/osquery_cypress/artifact_manager.ts

* Update index.tsx

* fix

* fix

Co-authored-by: Tomasz Ciecierski <tomasz.ciecierski@elastic.co>
This commit is contained in:
Patryk Kopyciński 2022-02-15 21:18:30 +01:00 committed by GitHub
parent 3e0003b496
commit 6d001e4d58
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 251 additions and 119 deletions
Download patch file Download diff file Expand all files Collapse all files

19
x-pack/plugins/osquery/cypress/fixtures/saved_objects/ecs_mapping_1.ndjson Normal file
View file

@ -0,0 +1,19 @@
{
"attributes": {
"created_at": "2022-02-03T07:43:10.311Z",
"created_by": "elastic",
"description": "fdsfsd",
"ecs_mapping": [],
"id": "NOMAPPING",
"interval": 3600,
"query": "select * from uptime;",
"updated_at": "2022-02-03T08:22:01.662Z",
"updated_by": "elastic"
},
"coreMigrationVersion": "8.0.0",
"id": "ef31d680-84c4-11ec-991b-07bb2d53cda5",
"references": [],
"type": "osquery-saved-query",
"updated_at": "2022-02-03T08:22:01.668Z",
"version": "WzE3ODk5LDFd"
}

26
x-pack/plugins/osquery/cypress/fixtures/saved_objects/ecs_mapping_2.ndjson Normal file
View file

@ -0,0 +1,26 @@
{
"attributes": {
"created_at": "2022-02-03T08:22:26.355Z",
"created_by": "elastic",
"description": "",
"ecs_mapping": [
{
"key": "client.geo.continent_name",
"value": {
"field": "seconds"
}
}
],
"id": "ONE_MAPPING_CHANGED",
"interval": 3600,
"query": "select * from uptime;",
"updated_at": "2022-02-03T08:24:52.429Z",
"updated_by": "elastic"
},
"coreMigrationVersion": "8.0.0",
"id": "6b819f40-84ca-11ec-991b-07bb2d53cda5",
"references": [],
"type": "osquery-saved-query",
"updated_at": "2022-02-03T08:24:52.436Z",
"version": "WzE3OTAwLDFd"
}

37
x-pack/plugins/osquery/cypress/fixtures/saved_objects/ecs_mapping_3.ndjson Normal file
View file

@ -0,0 +1,37 @@
{
"attributes": {
"created_at": "2022-02-03T08:22:54.372Z",
"created_by": "elastic",
"ecs_mapping": [
{
"key": "labels",
"value": {
"field": "days"
}
},
{
"key": "tags",
"value": {
"field": "seconds"
}
},
{
"key": "client.address",
"value": {
"field": "total_seconds"
}
}
],
"id": "MULTIPLE_MAPPINGS",
"interval": "3600",
"query": "select * from uptime; ",
"updated_at": "2022-02-03T08:22:54.372Z",
"updated_by": "elastic"
},
"coreMigrationVersion": "8.0.0",
"id": "7c348640-84ca-11ec-991b-07bb2d53cda5",
"references": [],
"type": "osquery-saved-query",
"updated_at": "2022-02-03T08:22:54.375Z",
"version": "WzE3OTAxLDFd"
}

10
x-pack/plugins/osquery/cypress/integration/superuser/delete_all_ecs_mappings.spec.ts
View file

@ -28,20 +28,16 @@ describe('SuperUser - Delete ECS Mappings', () => {
cy.react('CustomItemAction', {
props: { index: 1, item: { attributes: { id: SAVED_QUERY_ID } } },
}).click();
cy.contains('Custom key/value pairs. e.g. {"application":"foo-bar","env":"production"}').should(
'exist'
);
cy.contains('Custom key/value pairs.').should('exist');
cy.contains('Hours of uptime').should('exist');
cy.react('EuiButtonIcon', { props: { id: 'labels-trash' } }).click();
cy.react('EuiButton').contains('Update query').click();
cy.wait(1000);
cy.wait(5000);
cy.react('CustomItemAction', {
props: { index: 1, item: { attributes: { id: SAVED_QUERY_ID } } },
}).click();
cy.contains('Custom key/value pairs. e.g. {"application":"foo-bar","env":"production"}').should(
'not.exist'
);
cy.contains('Custom key/value pairs').should('not.exist');
cy.contains('Hours of uptime').should('not.exist');
});
});

68
x-pack/plugins/osquery/cypress/integration/superuser/packs.spec.ts
View file

@ -26,6 +26,9 @@ describe('SuperUser - Packs', () => {
describe('Create and edit a pack', () => {
before(() => {
runKbnArchiverScript(ArchiverMethod.LOAD, 'saved_query');
runKbnArchiverScript(ArchiverMethod.LOAD, 'ecs_mapping_1');
runKbnArchiverScript(ArchiverMethod.LOAD, 'ecs_mapping_2');
runKbnArchiverScript(ArchiverMethod.LOAD, 'ecs_mapping_3');
});
beforeEach(() => {
login();
@ -34,6 +37,9 @@ describe('SuperUser - Packs', () => {
after(() => {
runKbnArchiverScript(ArchiverMethod.UNLOAD, 'saved_query');
runKbnArchiverScript(ArchiverMethod.UNLOAD, 'ecs_mapping_1');
runKbnArchiverScript(ArchiverMethod.UNLOAD, 'ecs_mapping_2');
runKbnArchiverScript(ArchiverMethod.UNLOAD, 'ecs_mapping_3');
});
it('should add a pack from a saved query', () => {
@ -145,6 +151,46 @@ describe('SuperUser - Packs', () => {
cy.contains(/^No items found/);
});
it('enable changing saved queries and ecs_mappings', () => {
preparePack(PACK_NAME, SAVED_QUERY_ID);
cy.contains(/^Edit$/).click();
findAndClickButton('Add query');
cy.react('EuiComboBox', { props: { placeholder: 'Search for saved queries' } })
.click()
.type('Multiple {downArrow} {enter}');
cy.contains('Custom key/value pairs');
cy.contains('Days of uptime');
cy.contains('List of keywords used to tag each');
cy.contains('Seconds of uptime');
cy.contains('Client network address.');
cy.contains('Total uptime seconds');
cy.react('EuiComboBox', { props: { placeholder: 'Search for saved queries' } })
.click()
.type('NOMAPPING {downArrow} {enter}');
cy.contains('Custom key/value pairs').should('not.exist');
cy.contains('Days of uptime').should('not.exist');
cy.contains('List of keywords used to tag each').should('not.exist');
cy.contains('Seconds of uptime').should('not.exist');
cy.contains('Client network address.').should('not.exist');
cy.contains('Total uptime seconds').should('not.exist');
cy.react('EuiComboBox', { props: { placeholder: 'Search for saved queries' } })
.click()
.type('ONE_MAPPING {downArrow} {enter}');
cy.contains('Name of the continent');
cy.contains('Seconds of uptime');
findAndClickButton('Save');
cy.react('CustomItemAction', {
props: { index: 0, item: { id: 'ONE_MAPPING_CHANGED' } },
}).click();
cy.contains('Name of the continent');
cy.contains('Seconds of uptime');
});
it('to click delete button', () => {
preparePack(PACK_NAME, SAVED_QUERY_ID);
findAndClickButton('Edit');
@ -155,7 +201,7 @@ describe('SuperUser - Packs', () => {
beforeEach(() => {
login();
});
const AGENT_NAME = 'PackTest';
const AGENT_NAME = 'PackTest2';
const REMOVING_PACK = 'removing-pack';
it('add integration', () => {
cy.visit(FLEET_AGENT_POLICIES);
@ -164,7 +210,7 @@ describe('SuperUser - Packs', () => {
cy.get('.euiFlyoutFooter').contains('Create agent policy').click();
cy.contains(`Agent policy '${AGENT_NAME}' created`);
cy.visit(FLEET_AGENT_POLICIES);
cy.contains('Default Fleet Server policy').click();
cy.contains(AGENT_NAME).click();
cy.contains('Add integration').click();
cy.contains(integration).click();
addIntegration(AGENT_NAME);
@ -193,25 +239,9 @@ describe('SuperUser - Packs', () => {
navigateTo('app/osquery/packs');
cy.contains(REMOVING_PACK).click();
cy.contains(`${REMOVING_PACK} details`);
cy.wait(1000);
findAndClickButton('Edit');
cy.react('EuiComboBoxInput', { props: { value: '' } }).should('exist');
});
});
describe.skip('Remove queries from pack', () => {
const TEST_PACK = 'Test-pack';
before(() => {
runKbnArchiverScript(ArchiverMethod.LOAD, 'hardware_monitoring');
});
beforeEach(() => {
login();
navigateTo('/app/osquery');
});
after(() => {
runKbnArchiverScript(ArchiverMethod.UNLOAD, 'hardware_monitoring');
});
it('should remove ALL queries', () => {
preparePack(TEST_PACK, SAVED_QUERY_ID);
});
});
});

3
x-pack/plugins/osquery/public/live_queries/form/index.tsx
View file

@ -86,6 +86,7 @@ const LiveQueryFormComponent: React.FC<LiveQueryFormProps> = ({
const { data, isLoading, mutateAsync, isError, isSuccess } = useMutation(
(payload: Record<string, unknown>) =>
// eslint-disable-next-line @typescript-eslint/no-explicit-any
http.post<any>('/internal/osquery/action', {
body: JSON.stringify(payload),
}),
@ -226,6 +227,8 @@ const LiveQueryFormComponent: React.FC<LiveQueryFormProps> = ({
if (!isEmpty(savedQuery.ecs_mapping)) {
setFieldValue('ecs_mapping', savedQuery.ecs_mapping);
setAdvancedContentState('open');
} else {
setFieldValue('ecs_mapping', {});
}
} else {
setFieldValue('savedQueryId', null);

51
x-pack/plugins/osquery/public/packs/queries/ecs_mapping_editor_field.tsx
View file

@ -586,33 +586,36 @@ export const ECSMappingEditorForm = forwardRef<ECSMappingEditorFormRef, ECSMappi
const editForm = !!defaultValue;
const multipleValuesField = useRef(false);
const currentFormData = useRef(defaultValue);
const formSchema = {
key: {
type: FIELD_TYPES.COMBO_BOX,
fieldsToValidateOnChange: ['result.value'],
validations: [
{
validator: getEcsFieldValidator(editForm),
},
],
},
result: {
type: {
defaultValue: OSQUERY_COLUMN_VALUE_TYPE_OPTIONS[0].value,
const formSchema = useMemo(
() => ({
key: {
type: FIELD_TYPES.COMBO_BOX,
fieldsToValidateOnChange: ['result.value'],
},
value: {
type: FIELD_TYPES.COMBO_BOX,
fieldsToValidateOnChange: ['key'],
validations: [
{
validator: getOsqueryResultFieldValidator(osquerySchemaOptions, editForm),
validator: getEcsFieldValidator(editForm),
},
],
},
},
};
result: {
type: {
defaultValue: OSQUERY_COLUMN_VALUE_TYPE_OPTIONS[0].value,
type: FIELD_TYPES.COMBO_BOX,
fieldsToValidateOnChange: ['result.value'],
},
value: {
type: FIELD_TYPES.COMBO_BOX,
fieldsToValidateOnChange: ['key'],
validations: [
{
validator: getOsqueryResultFieldValidator(osquerySchemaOptions, editForm),
},
],
},
},
}),
[editForm, osquerySchemaOptions]
);
const { form } = useForm({
// @ts-expect-error update types
@ -1009,6 +1012,14 @@ export const ECSMappingEditorField = React.memo(
});
}, [query]);
useEffect(() => {
Object.keys(formRefs.current).forEach((key) => {
if (!value[key]) {
delete formRefs.current[key];
}
});
}, [value]);
const handleAddRow = useCallback(
(newRow) => {
if (newRow?.key && newRow?.value) {

39
x-pack/plugins/osquery/public/packs/queries/query_flyout.tsx
View file

@ -76,36 +76,35 @@ const QueryFlyoutComponent: React.FC<QueryFlyoutProps> = ({
const handleSetQueryValue = useCallback(
(savedQuery) => {
if (!savedQuery) {
return reset();
}
reset();
setFieldValue('id', savedQuery.id);
setFieldValue('query', savedQuery.query);
if (savedQuery) {
setFieldValue('id', savedQuery.id);
setFieldValue('query', savedQuery.query);
if (savedQuery.description) {
setFieldValue('description', savedQuery.description);
}
if (savedQuery.description) {
setFieldValue('description', savedQuery.description);
}
if (savedQuery.interval) {
setFieldValue('interval', savedQuery.interval);
}
if (savedQuery.interval) {
setFieldValue('interval', savedQuery.interval);
}
if (savedQuery.platform) {
setFieldValue('platform', savedQuery.platform);
}
if (savedQuery.platform) {
setFieldValue('platform', savedQuery.platform);
}
if (savedQuery.version) {
setFieldValue('version', [savedQuery.version]);
}
if (savedQuery.version) {
setFieldValue('version', [savedQuery.version]);
}
if (savedQuery.ecs_mapping) {
setFieldValue('ecs_mapping', savedQuery.ecs_mapping);
if (savedQuery.ecs_mapping) {
setFieldValue('ecs_mapping', savedQuery.ecs_mapping);
}
}
},
[setFieldValue, reset]
);
/* Avoids accidental closing of the flyout when the user clicks outside of the flyout */
const maskProps = useMemo(() => ({ onClick: () => ({}) }), []);

26
x-pack/plugins/osquery/server/plugin.ts
View file

@ -6,12 +6,6 @@
*/
import { i18n } from '@kbn/i18n';
import {
ASSETS_SAVED_OBJECT_TYPE,
PACKAGE_POLICY_SAVED_OBJECT_TYPE,
AGENT_POLICY_SAVED_OBJECT_TYPE,
PACKAGES_SAVED_OBJECT_TYPE,
} from '../../fleet/common';
import {
PluginInitializerContext,
CoreSetup,
@ -51,12 +45,8 @@ const registerFeatures = (features: SetupPlugins['features']) => {
app: [PLUGIN_ID, 'kibana'],
catalogue: [PLUGIN_ID],
savedObject: {
all: [
PACKAGE_POLICY_SAVED_OBJECT_TYPE,
ASSETS_SAVED_OBJECT_TYPE,
AGENT_POLICY_SAVED_OBJECT_TYPE,
],
read: [PACKAGES_SAVED_OBJECT_TYPE],
all: [],
read: [],
},
ui: ['write'],
},
@ -66,11 +56,7 @@ const registerFeatures = (features: SetupPlugins['features']) => {
catalogue: [PLUGIN_ID],
savedObject: {
all: [],
read: [
PACKAGE_POLICY_SAVED_OBJECT_TYPE,
PACKAGES_SAVED_OBJECT_TYPE,
AGENT_POLICY_SAVED_OBJECT_TYPE,
],
read: [],
},
ui: ['read'],
},
@ -176,11 +162,7 @@ const registerFeatures = (features: SetupPlugins['features']) => {
includeIn: 'all',
name: 'All',
savedObject: {
all: [
PACKAGE_POLICY_SAVED_OBJECT_TYPE,
ASSETS_SAVED_OBJECT_TYPE,
packSavedObjectType,
],
all: [packSavedObjectType],
read: [],
},
ui: ['writePacks', 'readPacks'],

23
x-pack/plugins/osquery/server/routes/fleet_wrapper/get_agent_policies.ts
View file

@ -17,6 +17,7 @@ import {
import { OSQUERY_INTEGRATION_NAME, PLUGIN_ID } from '../../../common';
import { IRouter } from '../../../../../../src/core/server';
import { OsqueryAppContext } from '../../lib/osquery_app_context_services';
import { getInternalSavedObjectsClient } from '../../usage/collector';
export const getAgentPoliciesRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => {
router.get(
@ -29,21 +30,29 @@ export const getAgentPoliciesRoute = (router: IRouter, osqueryContext: OsqueryAp
options: { tags: [`access:${PLUGIN_ID}-read`] },
},
async (context, request, response) => {
const soClient = context.core.savedObjects.client;
const internalSavedObjectsClient = await getInternalSavedObjectsClient(
osqueryContext.getStartServices
);
const agentService = osqueryContext.service.getAgentService();
const agentPolicyService = osqueryContext.service.getAgentPolicyService();
const packagePolicyService = osqueryContext.service.getPackagePolicyService();
const { items: packagePolicies } = (await packagePolicyService?.list(soClient, {
kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name:${OSQUERY_INTEGRATION_NAME}`,
perPage: 1000,
page: 1,
})) ?? { items: [] as PackagePolicy[] };
const { items: packagePolicies } = (await packagePolicyService?.list(
internalSavedObjectsClient,
{
kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name:${OSQUERY_INTEGRATION_NAME}`,
perPage: 1000,
page: 1,
}
)) ?? { items: [] as PackagePolicy[] };
const supportedPackagePolicyIds = filter(packagePolicies, (packagePolicy) =>
satisfies(packagePolicy.package?.version ?? '', '>=0.6.0')
);
const agentPolicyIds = uniq(map(supportedPackagePolicyIds, 'policy_id'));
const agentPolicies = await agentPolicyService?.getByIds(soClient, agentPolicyIds);
const agentPolicies = await agentPolicyService?.getByIds(
internalSavedObjectsClient,
agentPolicyIds
);
if (agentPolicies?.length) {
await bluebird.map(

8
x-pack/plugins/osquery/server/routes/fleet_wrapper/get_agent_policy.ts
View file

@ -9,6 +9,7 @@ import { schema } from '@kbn/config-schema';
import { PLUGIN_ID } from '../../../common';
import { IRouter } from '../../../../../../src/core/server';
import { OsqueryAppContext } from '../../lib/osquery_app_context_services';
import { getInternalSavedObjectsClient } from '../../usage/collector';
export const getAgentPolicyRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => {
router.get(
@ -22,11 +23,12 @@ export const getAgentPolicyRoute = (router: IRouter, osqueryContext: OsqueryAppC
options: { tags: [`access:${PLUGIN_ID}-read`] },
},
async (context, request, response) => {
const soClient = context.core.savedObjects.client;
const internalSavedObjectsClient = await getInternalSavedObjectsClient(
osqueryContext.getStartServices
);
const packageInfo = await osqueryContext.service
.getAgentPolicyService()
?.get(soClient, request.params.id);
?.get(internalSavedObjectsClient, request.params.id);
return response.ok({ body: { item: packageInfo } });
}

6
x-pack/plugins/osquery/server/routes/fleet_wrapper/get_package_policies.ts
View file

@ -10,6 +10,7 @@ import { PLUGIN_ID, OSQUERY_INTEGRATION_NAME } from '../../../common';
import { IRouter } from '../../../../../../src/core/server';
import { PACKAGE_POLICY_SAVED_OBJECT_TYPE } from '../../../../fleet/common';
import { OsqueryAppContext } from '../../lib/osquery_app_context_services';
import { getInternalSavedObjectsClient } from '../../usage/collector';
export const getPackagePoliciesRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => {
router.get(
@ -21,9 +22,12 @@ export const getPackagePoliciesRoute = (router: IRouter, osqueryContext: Osquery
options: { tags: [`access:${PLUGIN_ID}-read`] },
},
async (context, request, response) => {
const internalSavedObjectsClient = await getInternalSavedObjectsClient(
osqueryContext.getStartServices
);
const kuery = `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.attributes.package.name: ${OSQUERY_INTEGRATION_NAME}`;
const packagePolicyService = osqueryContext.service.getPackagePolicyService();
const policies = await packagePolicyService?.list(context.core.savedObjects.client, {
const policies = await packagePolicyService?.list(internalSavedObjectsClient, {
kuery,
});

21
x-pack/plugins/osquery/server/routes/pack/create_pack_route.ts
View file

@ -20,6 +20,7 @@ import { OSQUERY_INTEGRATION_NAME } from '../../../common';
import { PLUGIN_ID } from '../../../common';
import { packSavedObjectType } from '../../../common/types';
import { convertPackQueriesToSO } from './utils';
import { getInternalSavedObjectsClient } from '../../usage/collector';
export const createPackRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => {
router.post(
@ -61,6 +62,9 @@ export const createPackRoute = (router: IRouter, osqueryContext: OsqueryAppConte
async (context, request, response) => {
const esClient = context.core.elasticsearch.client.asCurrentUser;
const savedObjectsClient = context.core.savedObjects.client;
const internalSavedObjectsClient = await getInternalSavedObjectsClient(
osqueryContext.getStartServices
);
const agentPolicyService = osqueryContext.service.getAgentPolicyService();
const packagePolicyService = osqueryContext.service.getPackagePolicyService();
@ -78,14 +82,17 @@ export const createPackRoute = (router: IRouter, osqueryContext: OsqueryAppConte
return response.conflict({ body: `Pack with name "${name}" already exists.` });
}
const { items: packagePolicies } = (await packagePolicyService?.list(savedObjectsClient, {
kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name:${OSQUERY_INTEGRATION_NAME}`,
perPage: 1000,
page: 1,
})) ?? { items: [] };
const { items: packagePolicies } = (await packagePolicyService?.list(
internalSavedObjectsClient,
{
kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name:${OSQUERY_INTEGRATION_NAME}`,
perPage: 1000,
page: 1,
}
)) ?? { items: [] };
const agentPolicies = policy_ids
? mapKeys(await agentPolicyService?.getByIds(savedObjectsClient, policy_ids), 'id')
? mapKeys(await agentPolicyService?.getByIds(internalSavedObjectsClient, policy_ids), 'id')
: {};
const references = policy_ids
@ -120,7 +127,7 @@ export const createPackRoute = (router: IRouter, osqueryContext: OsqueryAppConte
const packagePolicy = find(packagePolicies, ['policy_id', agentPolicyId]);
if (packagePolicy) {
return packagePolicyService?.update(
savedObjectsClient,
internalSavedObjectsClient,
esClient,
packagePolicy.id,
produce<PackagePolicy>(packagePolicy, (draft) => {

29
x-pack/plugins/osquery/server/routes/pack/update_pack_route.ts
View file

@ -21,6 +21,7 @@ import { packSavedObjectType } from '../../../common/types';
import { OsqueryAppContext } from '../../lib/osquery_app_context_services';
import { PLUGIN_ID } from '../../../common';
import { convertSOQueriesToPack, convertPackQueriesToSO } from './utils';
import { getInternalSavedObjectsClient } from '../../usage/collector';
export const updatePackRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => {
router.put(
@ -70,6 +71,9 @@ export const updatePackRoute = (router: IRouter, osqueryContext: OsqueryAppConte
async (context, request, response) => {
const esClient = context.core.elasticsearch.client.asCurrentUser;
const savedObjectsClient = context.core.savedObjects.client;
const internalSavedObjectsClient = await getInternalSavedObjectsClient(
osqueryContext.getStartServices
);
const agentPolicyService = osqueryContext.service.getAgentPolicyService();
const packagePolicyService = osqueryContext.service.getPackagePolicyService();
const currentUser = await osqueryContext.security.authc.getCurrentUser(request)?.username;
@ -96,16 +100,19 @@ export const updatePackRoute = (router: IRouter, osqueryContext: OsqueryAppConte
}
}
const { items: packagePolicies } = (await packagePolicyService?.list(savedObjectsClient, {
kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name:${OSQUERY_INTEGRATION_NAME}`,
perPage: 1000,
page: 1,
})) ?? { items: [] };
const { items: packagePolicies } = (await packagePolicyService?.list(
internalSavedObjectsClient,
{
kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name:${OSQUERY_INTEGRATION_NAME}`,
perPage: 1000,
page: 1,
}
)) ?? { items: [] };
const currentPackagePolicies = filter(packagePolicies, (packagePolicy) =>
has(packagePolicy, `inputs[0].config.osquery.value.packs.${currentPackSO.attributes.name}`)
);
const agentPolicies = policy_ids
? mapKeys(await agentPolicyService?.getByIds(savedObjectsClient, policy_ids), 'id')
? mapKeys(await agentPolicyService?.getByIds(internalSavedObjectsClient, policy_ids), 'id')
: {};
const agentPolicyIds = Object.keys(agentPolicies);
@ -161,7 +168,7 @@ export const updatePackRoute = (router: IRouter, osqueryContext: OsqueryAppConte
if (packagePolicy) {
return packagePolicyService?.update(
savedObjectsClient,
internalSavedObjectsClient,
esClient,
packagePolicy.id,
produce<PackagePolicy>(packagePolicy, (draft) => {
@ -189,7 +196,7 @@ export const updatePackRoute = (router: IRouter, osqueryContext: OsqueryAppConte
if (!packagePolicy) return;
return packagePolicyService?.update(
savedObjectsClient,
internalSavedObjectsClient,
esClient,
packagePolicy.id,
produce<PackagePolicy>(packagePolicy, (draft) => {
@ -216,7 +223,7 @@ export const updatePackRoute = (router: IRouter, osqueryContext: OsqueryAppConte
const packagePolicy = find(currentPackagePolicies, ['policy_id', agentPolicyId]);
if (packagePolicy) {
return packagePolicyService?.update(
savedObjectsClient,
internalSavedObjectsClient,
esClient,
packagePolicy.id,
produce<PackagePolicy>(packagePolicy, (draft) => {
@ -238,7 +245,7 @@ export const updatePackRoute = (router: IRouter, osqueryContext: OsqueryAppConte
if (packagePolicy) {
return packagePolicyService?.update(
savedObjectsClient,
internalSavedObjectsClient,
esClient,
packagePolicy.id,
produce<PackagePolicy>(packagePolicy, (draft) => {
@ -270,7 +277,7 @@ export const updatePackRoute = (router: IRouter, osqueryContext: OsqueryAppConte
if (packagePolicy) {
return packagePolicyService?.update(
savedObjectsClient,
internalSavedObjectsClient,
esClient,
packagePolicy.id,
produce<PackagePolicy>(packagePolicy, (draft) => {

4
x-pack/test/osquery_cypress/runner.ts
View file

@ -92,8 +92,8 @@ function startOsqueryCypress(context: FtrProviderContext, cypressCommand: string
// eslint-disable-next-line @typescript-eslint/naming-convention
CYPRESS_configport: config.get('servers.kibana.port'),
CYPRESS_ELASTICSEARCH_URL: Url.format(config.get('servers.elasticsearch')),
CYPRESS_ELASTICSEARCH_USERNAME: config.get('servers.elasticsearch.username'),
CYPRESS_ELASTICSEARCH_PASSWORD: config.get('servers.elasticsearch.password'),
CYPRESS_ELASTICSEARCH_USERNAME: config.get('servers.kibana.username'),
CYPRESS_ELASTICSEARCH_PASSWORD: config.get('servers.kibana.password'),
CYPRESS_KIBANA_URL: Url.format({
protocol: config.get('servers.kibana.protocol'),
hostname: config.get('servers.kibana.hostname'),