github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.6] [Osquery] Fix issue with packs not running on different than Default space (#146410) (#146429)

Browse source 
# Backport

This will backport the following commits from `main` to `8.6`:
- [[Osquery] Fix issue with packs not running on different than Default
space (#146410)](https://github.com/elastic/kibana/pull/146410)

<!--- Backport version: 8.9.7 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Tomasz
Ciecierski","email":"tomasz.ciecierski@elastic.co"},"sourceCommit":{"committedDate":"2022-11-28T16:21:18Z","message":"[Osquery]
Fix issue with packs not running on different than Default space
(#146410)","sha":"29a4424566d37984efa9898a5f86d9af57934dd5","branchLabelMapping":{"^v8.7.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","Team:Asset
Management","Feature:Osquery","v8.6.0","v8.7.0","v8.5.3"],"number":146410,"url":"https://github.com/elastic/kibana/pull/146410","mergeCommit":{"message":"[Osquery]
Fix issue with packs not running on different than Default space
(#146410)","sha":"29a4424566d37984efa9898a5f86d9af57934dd5"}},"sourceBranch":"main","suggestedTargetBranches":["8.6","8.5"],"targetPullRequestStates":[{"branch":"8.6","label":"v8.6.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.7.0","labelRegex":"^v8.7.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/146410","number":146410,"mergeCommit":{"message":"[Osquery]
Fix issue with packs not running on different than Default space
(#146410)","sha":"29a4424566d37984efa9898a5f86d9af57934dd5"}},{"branch":"8.5","label":"v8.5.3","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Tomasz Ciecierski <tomasz.ciecierski@elastic.co>
Co-authored-by: Patryk Kopyciński <contact@patrykkopycinski.com>
This commit is contained in:
Kibana Machine 2022-11-28 14:11:18 -05:00 committed by GitHub
parent 2f04daef98
commit 8bb5ea2b5e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
x-pack/plugins/osquery/server/handlers/action/create_action_handler.ts
View file

@ -9,6 +9,7 @@ import uuid from 'uuid';
import moment from 'moment';
import { flatten, isEmpty, map, omit, pick, pickBy, some } from 'lodash';
import { AGENT_ACTIONS_INDEX } from '@kbn/fleet-plugin/common';
import type { SavedObjectsClientContract } from '@kbn/core/server';
import { getInternalSavedObjectsClient } from '../../routes/utils';
import { parseAgentSelection } from '../../lib/parse_agent_groups';
import { packSavedObjectType } from '../../../common/types';
@ -27,14 +28,16 @@ interface Metadata {
export const createActionHandler = async (
osqueryContext: OsqueryAppContext,
params: CreateLiveQueryRequestBodySchema,
soClient?: SavedObjectsClientContract,
metadata?: Metadata
) => {
const [coreStartServices] = await osqueryContext.getStartServices();
const esClientInternal = coreStartServices.elasticsearch.client.asInternalUser;
const soClient = coreStartServices.savedObjects.createInternalRepository();
const internalSavedObjectsClient = await getInternalSavedObjectsClient(
osqueryContext.getStartServices
);
const savedObjectsClient = soClient ?? coreStartServices.savedObjects.createInternalRepository();
// eslint-disable-next-line @typescript-eslint/naming-convention
const { agent_all, agent_ids, agent_platforms, agent_policy_ids } = params;
const selectedAgents = await parseAgentSelection(internalSavedObjectsClient, osqueryContext, {
@ -50,7 +53,10 @@ export const createActionHandler = async (
let packSO;
if (params.pack_id) {
packSO = await soClient.get<PackSavedObjectAttributes>(packSavedObjectType, params.pack_id);
packSO = await savedObjectsClient.get<PackSavedObjectAttributes>(
packSavedObjectType,
params.pack_id
);
}
const osqueryAction = {

2
x-pack/plugins/osquery/server/routes/live_query/create_live_query_route.ts
View file

@ -32,6 +32,7 @@ export const createLiveQueryRoute = (router: IRouter, osqueryContext: OsqueryApp
},
async (context, request, response) => {
const [coreStartServices] = await osqueryContext.getStartServices();
const soClient = (await context.core).savedObjects.client;
const {
osquery: { writeLiveQueries, runSavedQueries },
@ -85,6 +86,7 @@ export const createLiveQueryRoute = (router: IRouter, osqueryContext: OsqueryApp
const { response: osqueryAction } = await createActionHandler(
osqueryContext,
request.body,
soClient,
{ currentUser }
);