github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.x] Feature/remove asset criticality flag (#196270) (#196461)

Browse source 
# Backport

This will backport the following commits from `main` to `8.x`:
- [Feature/remove asset criticality flag
(#196270)](https://github.com/elastic/kibana/pull/196270)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Charlotte Alexandra
Wilson","email":"CAWilson94@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-16T00:29:35Z","message":"Feature/remove
asset criticality flag (#196270)\n\n## Summary\r\n\r\nIt removes the
asset criticality advanced setting, which enables the\r\nfeature by
default for all users.\r\n\r\nDeleted settings:\r\n![Screenshot
2024-10-15 at 14
54\r\n48](https://github.com/user-attachments/assets/103c3f04-fd7e-45cf-ac74-93e1eef341fa)\r\n\r\n###
How to test it?\r\n* Start Kibana with security data\r\n* Inside
security solution / manage, you should be able to find the\r\nAsset
Criticality page\r\n![Screenshot 2024-10-15 at 14
57\r\n14](https://github.com/user-attachments/assets/7ddcee91-ad76-4d8f-b14a-bacc4ba31172)\r\n*
You should see the asset critically section when opening an
entity\r\nflyout (explore or host page) <img
width=\"400\"\r\nsrc=\"https://github.com/user-attachments/assets/3a9ee545-566c-4687-af16-f31bd93bdc20\"\r\n/>\r\n*
The risk score should be updated if you update an entity's
asset\r\ncriticality.\r\n\r\n\r\n\r\n### Checklist\r\n\r\n- [x] Any text
added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: machadoum
<pablo.nevesmachado@elastic.co>\r\nCo-authored-by: jaredburgettelastic
<jared.burgett@elastic.co>\r\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"5ae7a61d935e3c1778ee830a5c1ee5055abf44a0","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["v9.0.0","release_note:feature","backport:prev-minor","Theme:
entity_analytics","Feature:Entity Analytics","Team:Entity
Analytics"],"title":"Feature/remove asset criticality
flag","number":196270,"url":"https://github.com/elastic/kibana/pull/196270","mergeCommit":{"message":"Feature/remove
asset criticality flag (#196270)\n\n## Summary\r\n\r\nIt removes the
asset criticality advanced setting, which enables the\r\nfeature by
default for all users.\r\n\r\nDeleted settings:\r\n![Screenshot
2024-10-15 at 14
54\r\n48](https://github.com/user-attachments/assets/103c3f04-fd7e-45cf-ac74-93e1eef341fa)\r\n\r\n###
How to test it?\r\n* Start Kibana with security data\r\n* Inside
security solution / manage, you should be able to find the\r\nAsset
Criticality page\r\n![Screenshot 2024-10-15 at 14
57\r\n14](https://github.com/user-attachments/assets/7ddcee91-ad76-4d8f-b14a-bacc4ba31172)\r\n*
You should see the asset critically section when opening an
entity\r\nflyout (explore or host page) <img
width=\"400\"\r\nsrc=\"https://github.com/user-attachments/assets/3a9ee545-566c-4687-af16-f31bd93bdc20\"\r\n/>\r\n*
The risk score should be updated if you update an entity's
asset\r\ncriticality.\r\n\r\n\r\n\r\n### Checklist\r\n\r\n- [x] Any text
added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: machadoum
<pablo.nevesmachado@elastic.co>\r\nCo-authored-by: jaredburgettelastic
<jared.burgett@elastic.co>\r\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"5ae7a61d935e3c1778ee830a5c1ee5055abf44a0"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196270","number":196270,"mergeCommit":{"message":"Feature/remove
asset criticality flag (#196270)\n\n## Summary\r\n\r\nIt removes the
asset criticality advanced setting, which enables the\r\nfeature by
default for all users.\r\n\r\nDeleted settings:\r\n![Screenshot
2024-10-15 at 14
54\r\n48](https://github.com/user-attachments/assets/103c3f04-fd7e-45cf-ac74-93e1eef341fa)\r\n\r\n###
How to test it?\r\n* Start Kibana with security data\r\n* Inside
security solution / manage, you should be able to find the\r\nAsset
Criticality page\r\n![Screenshot 2024-10-15 at 14
57\r\n14](https://github.com/user-attachments/assets/7ddcee91-ad76-4d8f-b14a-bacc4ba31172)\r\n*
You should see the asset critically section when opening an
entity\r\nflyout (explore or host page) <img
width=\"400\"\r\nsrc=\"https://github.com/user-attachments/assets/3a9ee545-566c-4687-af16-f31bd93bdc20\"\r\n/>\r\n*
The risk score should be updated if you update an entity's
asset\r\ncriticality.\r\n\r\n\r\n\r\n### Checklist\r\n\r\n- [x] Any text
added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: machadoum
<pablo.nevesmachado@elastic.co>\r\nCo-authored-by: jaredburgettelastic
<jared.burgett@elastic.co>\r\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"5ae7a61d935e3c1778ee830a5c1ee5055abf44a0"}}]}]
BACKPORT-->

Co-authored-by: Charlotte Alexandra Wilson <CAWilson94@users.noreply.github.com>
This commit is contained in:
Kibana Machine 2024-10-16 13:16:02 +11:00 committed by GitHub
parent 0c1333301d
commit b4fc47aba9
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
53 changed files with 106 additions and 528 deletions
Download patch file Download diff file Expand all files Collapse all files

1
packages/serverless/settings/security_project/index.ts
View file

@ -23,5 +23,4 @@ export const SECURITY_PROJECT_SETTINGS = [
settings.SECURITY_SOLUTION_NEWS_FEED_URL_ID,
settings.SECURITY_SOLUTION_ENABLE_NEWS_FEED_ID,
settings.SECURITY_SOLUTION_DEFAULT_ALERT_TAGS_KEY,
settings.SECURITY_SOLUTION_ENABLE_ASSET_CRITICALITY_SETTING,
];

3
x-pack/plugins/security_solution/common/constants.ts
View file

@ -196,9 +196,6 @@ export const EXTENDED_RULE_EXECUTION_LOGGING_ENABLED_SETTING =
export const EXTENDED_RULE_EXECUTION_LOGGING_MIN_LEVEL_SETTING =
'securitySolution:extendedRuleExecutionLoggingMinLevel' as const;
/** This Kibana Advanced Setting allows users to enable/disable the Asset Criticality feature */
export const ENABLE_ASSET_CRITICALITY_SETTING = 'securitySolution:enableAssetCriticality' as const;
/** This Kibana Advanced Setting allows users to exclude selected data tiers from search during rule execution */
export const EXCLUDED_DATA_TIERS_FOR_RULE_EXECUTION =
'securitySolution:excludedDataTiersForRuleExecution' as const;

9
x-pack/plugins/security_solution/public/entity_analytics/components/asset_criticality/use_asset_criticality.test.ts
View file

@ -60,15 +60,6 @@ describe('useAssetCriticality', () => {
expect(mockFetchAssetCriticalityPrivileges).toHaveBeenCalled();
});
it('does not call privileges API when UI Settings is disabled', async () => {
mockUseHasSecurityCapability.mockReturnValue(true);
mockUseUiSettings.mockReturnValue([false]);
await renderQuery(() => useAssetCriticalityPrivileges('test_entity_name'), 'isSuccess');
expect(mockFetchAssetCriticalityPrivileges).not.toHaveBeenCalled();
});
});
describe('useAssetCriticalityData', () => {

10
x-pack/plugins/security_solution/public/entity_analytics/components/asset_criticality/use_asset_criticality.ts
View file

@ -7,11 +7,9 @@
import type { UseMutationResult, UseQueryResult } from '@tanstack/react-query';
import { useMutation, useQuery, useQueryClient } from '@tanstack/react-query';
import { useUiSetting$ } from '@kbn/kibana-react-plugin/public';
import type { SecurityAppError } from '@kbn/securitysolution-t-grid';
import type { EntityAnalyticsPrivileges } from '../../../../common/api/entity_analytics';
import type { CriticalityLevelWithUnassigned } from '../../../../common/entity_analytics/asset_criticality/types';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '../../../../common/constants';
import { useHasSecurityCapability } from '../../../helper_hooks';
import type { AssetCriticalityRecord } from '../../../../common/api/entity_analytics/asset_criticality';
import type { AssetCriticality, DeleteAssetCriticalityResponse } from '../../api/api';
@ -34,12 +32,12 @@ export const useAssetCriticalityPrivileges = (
): UseQueryResult<EntityAnalyticsPrivileges, SecurityAppError> => {
const { fetchAssetCriticalityPrivileges } = useEntityAnalyticsRoutes();
const hasEntityAnalyticsCapability = useHasSecurityCapability('entity-analytics');
const [isAssetCriticalityEnabled] = useUiSetting$<boolean>(ENABLE_ASSET_CRITICALITY_SETTING);
const isEnabled = isAssetCriticalityEnabled && hasEntityAnalyticsCapability;
return useQuery({
queryKey: [ASSET_CRITICALITY_KEY, PRIVILEGES_KEY, queryKey, isEnabled],
queryFn: isEnabled ? fetchAssetCriticalityPrivileges : () => nonAuthorizedResponse,
queryKey: [ASSET_CRITICALITY_KEY, PRIVILEGES_KEY, queryKey, hasEntityAnalyticsCapability],
queryFn: hasEntityAnalyticsCapability
? fetchAssetCriticalityPrivileges
: () => nonAuthorizedResponse,
});
};

8
x-pack/plugins/security_solution/public/entity_analytics/components/entity_details_flyout/tabs/risk_inputs/risk_inputs_tab.tsx
View file

@ -10,7 +10,6 @@ import { EuiSpacer, EuiInMemoryTable, EuiTitle, EuiCallOut } from '@elastic/eui'
import type { ReactNode } from 'react';
import React, { useMemo, useState } from 'react';
import { FormattedMessage } from '@kbn/i18n-react';
import { useUiSetting$ } from '@kbn/kibana-react-plugin/public';
import { ALERT_RULE_NAME } from '@kbn/rule-data-utils';
import { get } from 'lodash/fp';
@ -24,7 +23,6 @@ import type {
UseRiskContributingAlertsResult,
} from '../../../../hooks/use_risk_contributing_alerts';
import { useRiskContributingAlerts } from '../../../../hooks/use_risk_contributing_alerts';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '../../../../../../common/constants';
import { PreferenceFormattedDate } from '../../../../../common/components/formatted_date';
import { useRiskScore } from '../../../../api/hooks/use_risk_score';
@ -177,8 +175,6 @@ export const RiskInputsTab = ({ entityType, entityName, scopeId }: RiskInputsTab
[isPreviewEnabled, scopeId]
);
const [isAssetCriticalityEnabled] = useUiSetting$<boolean>(ENABLE_ASSET_CRITICALITY_SETTING);
if (riskScoreError) {
return (
<EuiCallOut
@ -229,9 +225,7 @@ export const RiskInputsTab = ({ entityType, entityName, scopeId }: RiskInputsTab
return (
<>
{isAssetCriticalityEnabled && (
<ContextsSection loading={loadingRiskScore} riskScore={riskScore} />
)}
<ContextsSection loading={loadingRiskScore} riskScore={riskScore} />
<EuiSpacer size="m" />
{riskInputsAlertSection}
</>

60
x-pack/plugins/security_solution/public/entity_analytics/components/risk_summary_flyout/common.tsx
View file

@ -24,9 +24,7 @@ interface EntityData {
risk: RiskStats;
}
export const buildColumns: (showFooter: boolean) => Array<EuiBasicTableColumn<TableItem>> = (
showFooter
) => [
export const buildColumns: () => Array<EuiBasicTableColumn<TableItem>> = () => [
{
field: 'category',
name: (
@ -38,12 +36,12 @@ export const buildColumns: (showFooter: boolean) => Array<EuiBasicTableColumn<Ta
truncateText: false,
mobileOptions: { show: true },
sortable: true,
footer: showFooter ? (
footer: (
<FormattedMessage
id="xpack.securitySolution.flyout.entityDetails.categoryColumnFooterLabel"
defaultMessage="Result"
/>
) : undefined,
),
},
{
field: 'score',
@ -59,12 +57,11 @@ export const buildColumns: (showFooter: boolean) => Array<EuiBasicTableColumn<Ta
dataType: 'number',
align: 'right',
render: formatRiskScore,
footer: (props) =>
showFooter ? (
<span data-test-subj="risk-summary-result-score">
{formatRiskScore(sumBy((i) => i.score, props.items))}
</span>
) : undefined,
footer: (props) => (
<span data-test-subj="risk-summary-result-score">
{formatRiskScore(sumBy((i) => i.score, props.items))}
</span>
),
},
{
field: 'count',
@ -79,19 +76,15 @@ export const buildColumns: (showFooter: boolean) => Array<EuiBasicTableColumn<Ta
sortable: true,
dataType: 'number',
align: 'right',
footer: (props) =>
showFooter ? (
<span data-test-subj="risk-summary-result-count">
{sumBy((i) => i.count ?? 0, props.items)}
</span>
) : undefined,
footer: (props) => (
<span data-test-subj="risk-summary-result-count">
{sumBy((i) => i.count ?? 0, props.items)}
</span>
),
},
];
export const getItems: (
entityData: EntityData | undefined,
isAssetCriticalityEnabled: boolean
) => TableItem[] = (entityData, isAssetCriticalityEnabled) => {
export const getItems: (entityData: EntityData | undefined) => TableItem[] = (entityData) => {
return [
{
category: i18n.translate('xpack.securitySolution.flyout.entityDetails.alertsGroupLabel', {
@ -100,20 +93,17 @@ export const getItems: (
score: entityData?.risk.category_1_score ?? 0,
count: entityData?.risk.category_1_count ?? 0,
},
...(isAssetCriticalityEnabled
? [
{
category: i18n.translate(
'xpack.securitySolution.flyout.entityDetails.assetCriticalityGroupLabel',
{
defaultMessage: 'Asset Criticality',
}
),
score: entityData?.risk.category_2_score ?? 0,
count: undefined,
},
]
: []),
{
category: i18n.translate(
'xpack.securitySolution.flyout.entityDetails.assetCriticalityGroupLabel',
{
defaultMessage: 'Asset Criticality',
}
),
score: entityData?.risk.category_2_score ?? 0,
count: undefined,
},
];
};

41
x-pack/plugins/security_solution/public/entity_analytics/components/risk_summary_flyout/risk_summary.test.tsx
View file

@ -27,53 +27,12 @@ jest.mock('../../../common/components/visualization_actions/visualization_embedd
mockVisualizationEmbeddable(props),
}));
const mockUseUiSetting = jest.fn().mockReturnValue([false]);
jest.mock('@kbn/kibana-react-plugin/public', () => {
const original = jest.requireActual('@kbn/kibana-react-plugin/public');
return {
...original,
useUiSetting$: () => mockUseUiSetting(),
};
});
describe('FlyoutRiskSummary', () => {
beforeEach(() => {
mockVisualizationEmbeddable.mockClear();
});
it('renders risk summary table with alerts only', () => {
const { getByTestId, queryByTestId } = render(
<TestProviders>
<FlyoutRiskSummary
riskScoreData={mockHostRiskScoreState}
queryId={'testQuery'}
openDetailsPanel={() => {}}
recalculatingScore={false}
/>
</TestProviders>
);
expect(getByTestId('risk-summary-table')).toBeInTheDocument();
// Alerts
expect(getByTestId('risk-summary-table')).toHaveTextContent(
`${mockHostRiskScoreState.data?.[0].host.risk.category_1_count}`
);
// Context
expect(getByTestId('risk-summary-table')).not.toHaveTextContent(
`${mockHostRiskScoreState.data?.[0].host.risk.category_2_count}`
);
// Result row doesn't exist if alerts are the only category
expect(queryByTestId('risk-summary-result-count')).not.toBeInTheDocument();
expect(queryByTestId('risk-summary-result-score')).not.toBeInTheDocument();
});
it('renders risk summary table with context and totals', () => {
mockUseUiSetting.mockReturnValue([true]);
const { getByTestId } = render(
<TestProviders>
<FlyoutRiskSummary

15
x-pack/plugins/security_solution/public/entity_analytics/components/risk_summary_flyout/risk_summary.tsx
View file

@ -23,8 +23,7 @@ import { euiThemeVars } from '@kbn/ui-theme';
import dateMath from '@kbn/datemath';
import { i18n } from '@kbn/i18n';
import { ExpandablePanel } from '@kbn/security-solution-common';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '../../../../common/constants';
import { useKibana, useUiSetting$ } from '../../../common/lib/kibana/kibana_react';
import { useKibana } from '../../../common/lib/kibana/kibana_react';
import { EntityDetailsLeftPanelTab } from '../../../flyout/entity_details/shared/components/left_panel/left_panel_header';
@ -82,17 +81,9 @@ const FlyoutRiskSummaryComponent = <T extends RiskScoreEntity>({
const xsFontSize = useEuiFontSize('xxs').fontSize;
const [isAssetCriticalityEnabled] = useUiSetting$<boolean>(ENABLE_ASSET_CRITICALITY_SETTING);
const columns = useMemo(() => buildColumns(), []);
const columns = useMemo(
() => buildColumns(isAssetCriticalityEnabled),
[isAssetCriticalityEnabled]
);
const rows = useMemo(
() => getItems(entityData, isAssetCriticalityEnabled),
[entityData, isAssetCriticalityEnabled]
);
const rows = useMemo(() => getItems(entityData), [entityData]);
const onToggle = useCallback(
(isOpen: boolean) => {

10
x-pack/plugins/security_solution/public/entity_analytics/pages/entity_store_management_page.tsx
View file

@ -31,8 +31,7 @@ import { FormattedMessage } from '@kbn/i18n-react';
import { useEntityEngineStatus } from '../components/entity_store/hooks/use_entity_engine_status';
import { useIsExperimentalFeatureEnabled } from '../../common/hooks/use_experimental_features';
import { ASSET_CRITICALITY_INDEX_PATTERN } from '../../../common/entity_analytics/asset_criticality';
import { useUiSetting$, useKibana } from '../../common/lib/kibana';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '../../../common/constants';
import { useKibana } from '../../common/lib/kibana';
import { AssetCriticalityFileUploader } from '../components/asset_criticality_file_uploader/asset_criticality_file_uploader';
import { useAssetCriticalityPrivileges } from '../components/asset_criticality/use_asset_criticality';
import { useHasSecurityCapability } from '../../helper_hooks';
@ -50,7 +49,6 @@ const entityStoreInstallingStatuses = ['installing', 'loading'];
export const EntityStoreManagementPage = () => {
const hasEntityAnalyticsCapability = useHasSecurityCapability('entity-analytics');
const isEntityStoreFeatureFlagDisabled = useIsExperimentalFeatureEnabled('entityStoreDisabled');
const [isAssetCriticalityEnabled] = useUiSetting$<boolean>(ENABLE_ASSET_CRITICALITY_SETTING);
const {
data: assetCriticalityPrivileges,
error: assetCriticalityPrivilegesError,
@ -110,10 +108,7 @@ export const EntityStoreManagementPage = () => {
const errorMessage = assetCriticalityPrivilegesError?.body.message ?? (
<FormattedMessage
id="xpack.securitySolution.entityAnalytics.assetCriticalityUploadPage.advancedSettingDisabledMessage"
defaultMessage='Please enable "{ENABLE_ASSET_CRITICALITY_SETTING}" in advanced settings to access this functionality.'
values={{
ENABLE_ASSET_CRITICALITY_SETTING,
}}
defaultMessage="The don't have privileges to access Asset Criticality feature. Contact your administrator for further assistance."
/>
);
@ -218,7 +213,6 @@ export const EntityStoreManagementPage = () => {
const FileUploadSection: React.FC = () => {
if (
!hasEntityAnalyticsCapability ||
!isAssetCriticalityEnabled ||
assetCriticalityPrivilegesError?.body.status_code === 403
) {
return <AssetCriticalityIssueCallout />;

37
x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/columns.tsx
View file

@ -27,8 +27,7 @@ import { ENTITY_RISK_LEVEL } from '../../../../entity_analytics/components/risk_
export const getHostsColumns = (
showRiskColumn: boolean,
dispatchSeverityUpdate: (s: RiskSeverity) => void,
isAssetCriticalityEnabled: boolean
dispatchSeverityUpdate: (s: RiskSeverity) => void
): HostsTableColumns => {
const columns: HostsTableColumns = [
{
@ -166,24 +165,22 @@ export const getHostsColumns = (
});
}
if (isAssetCriticalityEnabled) {
columns.push({
field: 'node.criticality',
name: i18n.ASSET_CRITICALITY,
truncateText: false,
mobileOptions: { show: true },
sortable: false,
render: (assetCriticality: CriticalityLevelWithUnassigned) => {
if (!assetCriticality) return getEmptyTagValue();
return (
<AssetCriticalityBadge
criticalityLevel={assetCriticality}
css={{ verticalAlign: 'middle' }}
/>
);
},
});
}
columns.push({
field: 'node.criticality',
name: i18n.ASSET_CRITICALITY,
truncateText: false,
mobileOptions: { show: true },
sortable: false,
render: (assetCriticality: CriticalityLevelWithUnassigned) => {
if (!assetCriticality) return getEmptyTagValue();
return (
<AssetCriticalityBadge
criticalityLevel={assetCriticality}
css={{ verticalAlign: 'middle' }}
/>
);
},
});
return columns;
};

25
x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/index.test.tsx
View file

@ -180,31 +180,6 @@ describe('Hosts Table', () => {
expect(queryByTestId('tableHeaderCell_node.criticality_5')).toBeInTheDocument();
});
test('it does not render "Asset Criticality" column when Asset Criticality is not enabled in Kibana settings', () => {
mockUseMlCapabilities.mockReturnValue({ isPlatinumOrTrialLicense: true });
mockUseHasSecurityCapability.mockReturnValue(true);
mockUseUiSetting.mockReturnValue([false]);
const { queryByTestId } = render(
<TestProviders store={store}>
<HostsTable
id="hostsQuery"
isInspect={false}
loading={false}
data={mockData}
totalCount={0}
fakeTotalCount={-1}
setQuerySkip={jest.fn()}
showMorePagesIndicator={false}
loadPage={loadPage}
type={hostsModel.HostsType.page}
/>
</TestProviders>
);
expect(queryByTestId('tableHeaderCell_node.criticality_5')).not.toBeInTheDocument();
});
describe('Sorting on Table', () => {
let wrapper: ReturnType<typeof mount>;

18
x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/index.tsx
View file

@ -9,7 +9,6 @@ import React, { useMemo, useCallback } from 'react';
import { useDispatch } from 'react-redux';
import type { HostEcs, OsEcs } from '@kbn/securitysolution-ecs';
import { useUiSetting$ } from '@kbn/kibana-react-plugin/public';
import type { CriticalityLevelWithUnassigned } from '../../../../../common/entity_analytics/asset_criticality/types';
import { HostsFields } from '../../../../../common/api/search_strategy/hosts/model/sort';
import type {
@ -30,10 +29,7 @@ import type {
HostsSortField,
} from '../../../../../common/search_strategy/security_solution/hosts';
import type { Direction, RiskSeverity } from '../../../../../common/search_strategy';
import {
ENABLE_ASSET_CRITICALITY_SETTING,
SecurityPageName,
} from '../../../../../common/constants';
import { SecurityPageName } from '../../../../../common/constants';
import { HostsTableType } from '../../store/model';
import { useNavigateTo } from '../../../../common/lib/kibana/hooks';
import { useMlCapabilities } from '../../../../common/components/ml/hooks/use_ml_capabilities';
@ -160,21 +156,13 @@ const HostsTableComponent: React.FC<HostsTableProps> = ({
[dispatch, navigateTo, type]
);
const [isAssetCriticalityEnabled] = useUiSetting$<boolean>(ENABLE_ASSET_CRITICALITY_SETTING);
const hostsColumns = useMemo(
() =>
getHostsColumns(
isPlatinumOrTrialLicense && hasEntityAnalyticsCapability,
dispatchSeverityUpdate,
isAssetCriticalityEnabled
dispatchSeverityUpdate
),
[
dispatchSeverityUpdate,
isPlatinumOrTrialLicense,
hasEntityAnalyticsCapability,
isAssetCriticalityEnabled,
]
[dispatchSeverityUpdate, isPlatinumOrTrialLicense, hasEntityAnalyticsCapability]
);
const sorting = useMemo(() => getSorting(sortField, direction), [sortField, direction]);

6
x-pack/plugins/security_solution/public/explore/users/components/all_users/index.test.tsx
View file

@ -50,7 +50,7 @@ describe('Users Table Component', () => {
);
expect(getByTestId('table-allUsers-loading-false')).toBeInTheDocument();
expect(getAllByRole('columnheader').length).toBe(3);
expect(getAllByRole('columnheader').length).toBe(4);
expect(getByText(userName)).toBeInTheDocument();
});
@ -108,7 +108,7 @@ describe('Users Table Component', () => {
</TestProviders>
);
expect(getAllByRole('columnheader').length).toBe(4);
expect(getAllByRole('columnheader').length).toBe(5);
expect(getByText('Critical')).toBeInTheDocument();
});
@ -142,7 +142,7 @@ describe('Users Table Component', () => {
</TestProviders>
);
expect(getAllByRole('columnheader').length).toBe(3);
expect(getAllByRole('columnheader').length).toBe(4);
expect(queryByText('Critical')).not.toBeInTheDocument();
});
});

46
x-pack/plugins/security_solution/public/explore/users/components/all_users/index.tsx
View file

@ -9,7 +9,6 @@ import React, { useCallback, useMemo } from 'react';
import { useDispatch } from 'react-redux';
import { EuiLink, EuiText } from '@elastic/eui';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '../../../../../common/constants';
import { AssetCriticalityBadge } from '../../../../entity_analytics/components/asset_criticality';
import type { CriticalityLevelWithUnassigned } from '../../../../../common/entity_analytics/asset_criticality/types';
import { FormattedRelativePreferenceDate } from '../../../../common/components/formatted_date';
@ -40,7 +39,7 @@ import { useMlCapabilities } from '../../../../common/components/ml/hooks/use_ml
import { VIEW_USERS_BY_SEVERITY } from '../../../../entity_analytics/components/user_risk_score_table/translations';
import { SecurityPageName } from '../../../../app/types';
import { UsersTableType } from '../../store/model';
import { useNavigateTo, useUiSetting$ } from '../../../../common/lib/kibana';
import { useNavigateTo } from '../../../../common/lib/kibana';
const tableType = usersModel.UsersTableType.allUsers;
@ -78,8 +77,7 @@ const rowItems: ItemsPerRow[] = [
const getUsersColumns = (
showRiskColumn: boolean,
dispatchSeverityUpdate: (s: RiskSeverity) => void,
isAssetCriticalityEnabled: boolean
dispatchSeverityUpdate: (s: RiskSeverity) => void
): UsersTableColumns => {
const columns: UsersTableColumns = [
{
@ -148,24 +146,22 @@ const getUsersColumns = (
});
}
if (isAssetCriticalityEnabled) {
columns.push({
field: 'criticality',
name: i18n.ASSET_CRITICALITY,
truncateText: false,
mobileOptions: { show: true },
sortable: false,
render: (assetCriticality: CriticalityLevelWithUnassigned) => {
if (!assetCriticality) return getEmptyTagValue();
return (
<AssetCriticalityBadge
criticalityLevel={assetCriticality}
css={{ verticalAlign: 'middle' }}
/>
);
},
});
}
columns.push({
field: 'criticality',
name: i18n.ASSET_CRITICALITY,
truncateText: false,
mobileOptions: { show: true },
sortable: false,
render: (assetCriticality: CriticalityLevelWithUnassigned) => {
if (!assetCriticality) return getEmptyTagValue();
return (
<AssetCriticalityBadge
criticalityLevel={assetCriticality}
css={{ verticalAlign: 'middle' }}
/>
);
},
});
return columns;
};
@ -246,11 +242,9 @@ const UsersTableComponent: React.FC<UsersTableProps> = ({
[dispatch, navigateTo]
);
const [isAssetCriticalityEnabled] = useUiSetting$<boolean>(ENABLE_ASSET_CRITICALITY_SETTING);
const columns = useMemo(
() =>
getUsersColumns(isPlatinumOrTrialLicense, dispatchSeverityUpdate, isAssetCriticalityEnabled),
[isPlatinumOrTrialLicense, dispatchSeverityUpdate, isAssetCriticalityEnabled]
() => getUsersColumns(isPlatinumOrTrialLicense, dispatchSeverityUpdate),
[isPlatinumOrTrialLicense, dispatchSeverityUpdate]
);
return (

6
x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/utils/enrichments/index.test.ts
View file

@ -15,7 +15,6 @@ import { createAlert } from './__mocks__/alerts';
import { isIndexExist } from './utils/is_index_exist';
import { allowedExperimentalValues } from '../../../../../../common';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '../../../../../../common/constants';
jest.mock('./search_enrichments', () => ({
searchEnrichments: jest.fn(),
@ -190,11 +189,6 @@ describe('enrichEvents', () => {
// enable for asset criticality
mockIsIndexExist.mockImplementation(() => true);
// enable asset criticality settings
alertServices.uiSettingsClient.get.mockImplementation((key) =>
Promise.resolve(key === ENABLE_ASSET_CRITICALITY_SETTING)
);
const enrichedEvents = await enrichEvents({
logger: ruleExecutionLogger,
services: alertServices,

54
x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/utils/enrichments/index.ts
View file

@ -5,7 +5,6 @@
* 2.0.
*/
import { ENABLE_ASSET_CRITICALITY_SETTING } from '../../../../../../common/constants';
import { createHostRiskEnrichments } from './enrichment_by_type/host_risk';
import { createUserRiskEnrichments } from './enrichment_by_type/user_risk';
@ -22,10 +21,7 @@ import type {
} from './types';
import { applyEnrichmentsToEvents } from './utils/transforms';
import { isIndexExist } from './utils/is_index_exist';
import {
getHostRiskIndex,
getUserRiskIndex,
} from '../../../../../../common/search_strategy/security_solution/risk_score/common';
import { getHostRiskIndex, getUserRiskIndex } from '../../../../../../common/search_strategy';
export const enrichEvents: EnrichEventsFunction = async ({
services,
@ -39,10 +35,6 @@ export const enrichEvents: EnrichEventsFunction = async ({
logger.debug('Alert enrichments started');
const isNewRiskScoreModuleAvailable = experimentalFeatures?.riskScoringRoutesEnabled ?? false;
const { uiSettingsClient } = services;
const isAssetCriticalityEnabled = await uiSettingsClient.get<boolean>(
ENABLE_ASSET_CRITICALITY_SETTING
);
let isNewRiskScoreModuleInstalled = false;
if (isNewRiskScoreModuleAvailable) {
@ -87,29 +79,27 @@ export const enrichEvents: EnrichEventsFunction = async ({
);
}
if (isAssetCriticalityEnabled) {
const assetCriticalityIndexExist = await isIndexExist({
services,
index: getAssetCriticalityIndex(spaceId),
});
if (assetCriticalityIndexExist) {
enrichments.push(
createUserAssetCriticalityEnrichments({
services,
logger,
events,
spaceId,
})
);
enrichments.push(
createHostAssetCriticalityEnrichments({
services,
logger,
events,
spaceId,
})
);
}
const assetCriticalityIndexExist = await isIndexExist({
services,
index: getAssetCriticalityIndex(spaceId),
});
if (assetCriticalityIndexExist) {
enrichments.push(
createUserAssetCriticalityEnrichments({
services,
logger,
events,
spaceId,
})
);
enrichments.push(
createHostAssetCriticalityEnrichments({
services,
logger,
events,
spaceId,
})
);
}
const allEnrichmentsResults = await Promise.allSettled(enrichments);

1
x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/asset_criticality_service.mock.ts
View file

@ -9,7 +9,6 @@ import type { AssetCriticalityService } from './asset_criticality_service';
const buildMockAssetCriticalityService = (): jest.Mocked<AssetCriticalityService> => ({
getCriticalitiesByIdentifiers: jest.fn().mockResolvedValue([]),
isEnabled: jest.fn().mockReturnValue(true),
});
export const assetCriticalityServiceMock = {

4
x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/asset_criticality_service.ts
View file

@ -7,7 +7,6 @@
import type { IUiSettingsClient } from '@kbn/core-ui-settings-server';
import { isEmpty } from 'lodash/fp';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '../../../../common/constants';
import type { AssetCriticalityRecord } from '../../../../common/api/entity_analytics';
import type { AssetCriticalityDataClient } from './asset_criticality_data_client';
@ -24,7 +23,6 @@ export interface AssetCriticalityService {
getCriticalitiesByIdentifiers: (
identifiers: CriticalityIdentifier[]
) => Promise<AssetCriticalityRecord[]>;
isEnabled: () => Promise<boolean>;
}
const isCriticalityIdentifierValid = (identifier: CriticalityIdentifier): boolean =>
@ -94,9 +92,7 @@ interface AssetCriticalityServiceFactoryOptions {
export const assetCriticalityServiceFactory = ({
assetCriticalityDataClient,
uiSettingsClient,
}: AssetCriticalityServiceFactoryOptions): AssetCriticalityService => ({
getCriticalitiesByIdentifiers: (identifiers: CriticalityIdentifier[]) =>
getCriticalitiesByIdentifiers({ assetCriticalityDataClient, identifiers }),
isEnabled: () => uiSettingsClient.get<boolean>(ENABLE_ASSET_CRITICALITY_SETTING),
});

3
x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/routes/bulk_upload.ts
View file

@ -17,11 +17,9 @@ import type { ConfigType } from '../../../../config';
import {
ASSET_CRITICALITY_PUBLIC_BULK_UPLOAD_URL,
APP_ID,
ENABLE_ASSET_CRITICALITY_SETTING,
API_VERSIONS,
} from '../../../../../common/constants';
import { checkAndInitAssetCriticalityResources } from '../check_and_init_asset_criticality_resources';
import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled';
import type { EntityAnalyticsRoutesDeps } from '../../types';
import { AssetCriticalityAuditActions } from '../audit';
import { AUDIT_CATEGORY, AUDIT_OUTCOME, AUDIT_TYPE } from '../../audit';
@ -72,7 +70,6 @@ export const assetCriticalityPublicBulkUploadRoute = (
const siemResponse = buildSiemResponse(response);
try {
await assertAdvancedSettingsEnabled(await context.core, ENABLE_ASSET_CRITICALITY_SETTING);
await checkAndInitAssetCriticalityResources(context, logger);
const assetCriticalityClient = securitySolution.getAssetCriticalityDataClient();

3
x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/routes/delete.ts
View file

@ -13,11 +13,9 @@ import { DeleteAssetCriticalityRecordRequestQuery } from '../../../../../common/
import {
ASSET_CRITICALITY_PUBLIC_URL,
APP_ID,
ENABLE_ASSET_CRITICALITY_SETTING,
API_VERSIONS,
} from '../../../../../common/constants';
import { checkAndInitAssetCriticalityResources } from '../check_and_init_asset_criticality_resources';
import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled';
import type { EntityAnalyticsRoutesDeps } from '../../types';
import { AssetCriticalityAuditActions } from '../audit';
import { AUDIT_CATEGORY, AUDIT_OUTCOME, AUDIT_TYPE } from '../../audit';
@ -62,7 +60,6 @@ export const assetCriticalityPublicDeleteRoute = (
const siemResponse = buildSiemResponse(response);
try {
await assertAdvancedSettingsEnabled(await context.core, ENABLE_ASSET_CRITICALITY_SETTING);
await checkAndInitAssetCriticalityResources(context, logger);
const assetCriticalityClient = securitySolution.getAssetCriticalityDataClient();

3
x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/routes/get.ts
View file

@ -15,11 +15,9 @@ import {
import {
ASSET_CRITICALITY_PUBLIC_URL,
APP_ID,
ENABLE_ASSET_CRITICALITY_SETTING,
API_VERSIONS,
} from '../../../../../common/constants';
import { checkAndInitAssetCriticalityResources } from '../check_and_init_asset_criticality_resources';
import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled';
import type { EntityAnalyticsRoutesDeps } from '../../types';
import { AssetCriticalityAuditActions } from '../audit';
import { AUDIT_CATEGORY, AUDIT_OUTCOME, AUDIT_TYPE } from '../../audit';
@ -52,7 +50,6 @@ export const assetCriticalityPublicGetRoute = (
): Promise<IKibanaResponse<GetAssetCriticalityRecordResponse>> => {
const siemResponse = buildSiemResponse(response);
try {
await assertAdvancedSettingsEnabled(await context.core, ENABLE_ASSET_CRITICALITY_SETTING);
await checkAndInitAssetCriticalityResources(context, logger);
const securitySolution = await context.securitySolution;

3
x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/routes/list.ts
View file

@ -11,13 +11,11 @@ import { buildRouteValidationWithZod } from '@kbn/zod-helpers';
import {
ASSET_CRITICALITY_PUBLIC_LIST_URL,
APP_ID,
ENABLE_ASSET_CRITICALITY_SETTING,
API_VERSIONS,
} from '../../../../../common/constants';
import { checkAndInitAssetCriticalityResources } from '../check_and_init_asset_criticality_resources';
import type { FindAssetCriticalityRecordsResponse } from '../../../../../common/api/entity_analytics/asset_criticality';
import { FindAssetCriticalityRecordsRequestQuery } from '../../../../../common/api/entity_analytics/asset_criticality';
import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled';
import type { EntityAnalyticsRoutesDeps } from '../../types';
import { AssetCriticalityAuditActions } from '../audit';
import { AUDIT_CATEGORY, AUDIT_OUTCOME, AUDIT_TYPE } from '../../audit';
@ -50,7 +48,6 @@ export const assetCriticalityPublicListRoute = (
): Promise<IKibanaResponse<FindAssetCriticalityRecordsResponse>> => {
const siemResponse = buildSiemResponse(response);
try {
await assertAdvancedSettingsEnabled(await context.core, ENABLE_ASSET_CRITICALITY_SETTING);
await checkAndInitAssetCriticalityResources(context, logger);
const securitySolution = await context.securitySolution;
const assetCriticalityClient = securitySolution.getAssetCriticalityDataClient();

4
x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/routes/privileges.ts
View file

@ -11,12 +11,10 @@ import type { AssetCriticalityGetPrivilegesResponse } from '../../../../../commo
import {
ASSET_CRITICALITY_INTERNAL_PRIVILEGES_URL,
APP_ID,
ENABLE_ASSET_CRITICALITY_SETTING,
API_VERSIONS,
} from '../../../../../common/constants';
import { checkAndInitAssetCriticalityResources } from '../check_and_init_asset_criticality_resources';
import { getUserAssetCriticalityPrivileges } from '../get_user_asset_criticality_privileges';
import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled';
import type { EntityAnalyticsRoutesDeps } from '../../types';
import { AssetCriticalityAuditActions } from '../audit';
import { AUDIT_CATEGORY, AUDIT_OUTCOME, AUDIT_TYPE } from '../../audit';
@ -46,8 +44,6 @@ export const assetCriticalityInternalPrivilegesRoute = (
): Promise<IKibanaResponse<AssetCriticalityGetPrivilegesResponse>> => {
const siemResponse = buildSiemResponse(response);
try {
await assertAdvancedSettingsEnabled(await context.core, ENABLE_ASSET_CRITICALITY_SETTING);
await checkAndInitAssetCriticalityResources(context, logger);
const [_, { security }] = await getStartServices();

3
x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/routes/status.ts
View file

@ -11,12 +11,10 @@ import type { GetAssetCriticalityStatusResponse } from '../../../../../common/ap
import {
ASSET_CRITICALITY_INTERNAL_STATUS_URL,
APP_ID,
ENABLE_ASSET_CRITICALITY_SETTING,
API_VERSIONS,
} from '../../../../../common/constants';
import { AUDIT_CATEGORY, AUDIT_OUTCOME, AUDIT_TYPE } from '../../audit';
import type { EntityAnalyticsRoutesDeps } from '../../types';
import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled';
import { AssetCriticalityAuditActions } from '../audit';
import { checkAndInitAssetCriticalityResources } from '../check_and_init_asset_criticality_resources';
@ -41,7 +39,6 @@ export const assetCriticalityInternalStatusRoute = (
): Promise<IKibanaResponse<GetAssetCriticalityStatusResponse>> => {
const siemResponse = buildSiemResponse(response);
try {
await assertAdvancedSettingsEnabled(await context.core, ENABLE_ASSET_CRITICALITY_SETTING);
await checkAndInitAssetCriticalityResources(context, logger);
const securitySolution = await context.securitySolution;

3
x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/routes/upload_csv.ts
View file

@ -16,13 +16,11 @@ import type { HapiReadableStream } from '../../../../types';
import {
ASSET_CRITICALITY_PUBLIC_CSV_UPLOAD_URL,
APP_ID,
ENABLE_ASSET_CRITICALITY_SETTING,
API_VERSIONS,
} from '../../../../../common/constants';
import { checkAndInitAssetCriticalityResources } from '../check_and_init_asset_criticality_resources';
import { transformCSVToUpsertRecords } from '../transform_csv_to_upsert_records';
import { createAssetCriticalityProcessedFileEvent } from '../../../telemetry/event_based/events';
import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled';
import type { EntityAnalyticsRoutesDeps } from '../../types';
import { AssetCriticalityAuditActions } from '../audit';
import { AUDIT_CATEGORY, AUDIT_OUTCOME, AUDIT_TYPE } from '../../audit';
@ -82,7 +80,6 @@ export const assetCriticalityPublicCSVUploadRoute = (
const telemetry = coreStart.analytics;
try {
await assertAdvancedSettingsEnabled(await context.core, ENABLE_ASSET_CRITICALITY_SETTING);
await checkAndInitAssetCriticalityResources(context, logger);
const assetCriticalityClient = securitySolution.getAssetCriticalityDataClient();
const fileStream = request.body.file as HapiReadableStream;

3
x-pack/plugins/security_solution/server/lib/entity_analytics/asset_criticality/routes/upsert.ts
View file

@ -16,14 +16,12 @@ import {
import {
ASSET_CRITICALITY_PUBLIC_URL,
APP_ID,
ENABLE_ASSET_CRITICALITY_SETTING,
API_VERSIONS,
} from '../../../../../common/constants';
import { checkAndInitAssetCriticalityResources } from '../check_and_init_asset_criticality_resources';
import type { EntityAnalyticsRoutesDeps } from '../../types';
import { AssetCriticalityAuditActions } from '../audit';
import { AUDIT_CATEGORY, AUDIT_OUTCOME, AUDIT_TYPE } from '../../audit';
import { assertAdvancedSettingsEnabled } from '../../utils/assert_advanced_setting_enabled';
export const assetCriticalityPublicUpsertRoute = (
router: EntityAnalyticsRoutesDeps['router'],
@ -53,7 +51,6 @@ export const assetCriticalityPublicUpsertRoute = (
): Promise<IKibanaResponse<CreateAssetCriticalityRecordResponse>> => {
const siemResponse = buildSiemResponse(response);
try {
await assertAdvancedSettingsEnabled(await context.core, ENABLE_ASSET_CRITICALITY_SETTING);
await checkAndInitAssetCriticalityResources(context, logger);
const securitySolution = await context.securitySolution;

7
x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/calculate_risk_scores.ts
View file

@ -175,13 +175,6 @@ const processScores = async ({
return [];
}
const isAssetCriticalityEnabled = await assetCriticalityService.isEnabled();
if (!isAssetCriticalityEnabled) {
return buckets.map((bucket) =>
formatForResponse({ bucket, now, identifierField, includeNewFields: false })
);
}
const identifiers = buckets.map((bucket) => ({
id_field: identifierField,
id_value: bucket.key[identifierField],

19
x-pack/plugins/security_solution/server/ui_settings.ts
View file

@ -40,7 +40,6 @@ import {
DEFAULT_ALERT_TAGS_VALUE,
EXCLUDE_COLD_AND_FROZEN_TIERS_IN_ANALYZER,
EXCLUDED_DATA_TIERS_FOR_RULE_EXECUTION,
ENABLE_ASSET_CRITICALITY_SETTING,
ENABLE_VISUALIZATIONS_IN_FLYOUT_SETTING,
} from '../common/constants';
import type { ExperimentalFeatures } from '../common/experimental_features';
@ -180,24 +179,6 @@ export const initUiSettings = (
requiresPageReload: true,
schema: schema.boolean(),
},
[ENABLE_ASSET_CRITICALITY_SETTING]: {
name: i18n.translate('xpack.securitySolution.uiSettings.enableAssetCriticalityTitle', {
defaultMessage: 'Asset Criticality',
}),
value: false,
description: i18n.translate(
'xpack.securitySolution.uiSettings.enableAssetCriticalityDescription',
{
defaultMessage:
'<p>Enables asset criticality assignment workflows and its contributions to entity risk </p>',
values: { p: (chunks) => `<p>${chunks}</p>` },
}
),
type: 'boolean',
category: [APP_ID],
requiresPageReload: true,
schema: schema.boolean(),
},
[EXCLUDE_COLD_AND_FROZEN_TIERS_IN_ANALYZER]: {
name: i18n.translate(
'xpack.securitySolution.uiSettings.excludeColdAndFrozenTiersInAnalyzer',

2
x-pack/plugins/translations/translations/fr-FR.json
View file

@ -40599,8 +40599,6 @@
"xpack.securitySolution.uiSettings.defaultThreatIndexLabel": "Index de menaces",
"xpack.securitySolution.uiSettings.defaultTimeRangeDescription": "<p>Période de temps par défaut dans le filtre de temps Security.</p>",
"xpack.securitySolution.uiSettings.defaultTimeRangeLabel": "Période du filtre de temps",
"xpack.securitySolution.uiSettings.enableAssetCriticalityDescription": "<p>Permet des flux de travail pour l'affectation de l'état critique des actifs et ses contributions au risque de l'entité </p>",
"xpack.securitySolution.uiSettings.enableAssetCriticalityTitle": "Criticité des ressources",
"xpack.securitySolution.uiSettings.enableCcsReadWarningLabel": "Avertissement lié aux privilèges de la règle CCS",
"xpack.securitySolution.uiSettings.enableCcsWarningDescription": "<p>Active les avertissements de vérification des privilèges dans les règles relatives aux index CCS</p>",
"xpack.securitySolution.uiSettings.enableNewsFeedDescription": "<p>Active le fil d'actualités</p>",

2
x-pack/plugins/translations/translations/ja-JP.json
View file

@ -40345,8 +40345,6 @@
"xpack.securitySolution.uiSettings.defaultThreatIndexLabel": "脅威インデックス",
"xpack.securitySolution.uiSettings.defaultTimeRangeDescription": "<p>セキュリティ時間フィルダーのデフォルトの期間です。</p>",
"xpack.securitySolution.uiSettings.defaultTimeRangeLabel": "時間フィルターの期間",
"xpack.securitySolution.uiSettings.enableAssetCriticalityDescription": "<p>アセット重要度割り当てワークフローとエンティティリスクへの寄与を有効化します </p>",
"xpack.securitySolution.uiSettings.enableAssetCriticalityTitle": "アセット重要度",
"xpack.securitySolution.uiSettings.enableCcsReadWarningLabel": "CCSルール権限警告",
"xpack.securitySolution.uiSettings.enableCcsWarningDescription": "<p>CCSインデックスのルールで権限チェック警告を有効にします</p>",
"xpack.securitySolution.uiSettings.enableNewsFeedDescription": "<p>ニュースフィードを有効にします</p>",

2
x-pack/plugins/translations/translations/zh-CN.json
View file

@ -40390,8 +40390,6 @@
"xpack.securitySolution.uiSettings.defaultThreatIndexLabel": "威胁索引",
"xpack.securitySolution.uiSettings.defaultTimeRangeDescription": "<p>Security 时间筛选中的默认时段。</p>",
"xpack.securitySolution.uiSettings.defaultTimeRangeLabel": "时间筛选时段",
"xpack.securitySolution.uiSettings.enableAssetCriticalityDescription": "<p>启用资产关键度分配工作流及其对实体风险的贡献率 </p>",
"xpack.securitySolution.uiSettings.enableAssetCriticalityTitle": "资产关键度",
"xpack.securitySolution.uiSettings.enableCcsReadWarningLabel": "CCS 规则权限警告",
"xpack.securitySolution.uiSettings.enableCcsWarningDescription": "<p>在规则中为 CCS 索引启用权限检查警告</p>",
"xpack.securitySolution.uiSettings.enableNewsFeedDescription": "<p>启用新闻源</p>",

5
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/custom_query.ts
View file

@ -45,7 +45,6 @@ import {
DETECTION_ENGINE_RULES_BULK_ACTION,
DETECTION_ENGINE_RULES_URL,
DETECTION_ENGINE_SIGNALS_STATUS_URL as DETECTION_ENGINE_ALERTS_STATUS_URL,
ENABLE_ASSET_CRITICALITY_SETTING,
} from '@kbn/security-solution-plugin/common/constants';
import { getMaxSignalsWarning as getMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils';
import { deleteAllExceptions } from '../../../../../lists_and_exception_lists/utils';
@ -95,7 +94,6 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const es = getService('es');
const log = getService('log');
const kibanaServer = getService('kibanaServer');
const esDeleteAllIndices = getService('esDeleteAllIndices');
// TODO: add a new service for loading archiver files similar to "getService('es')"
const config = getService('config');
@ -334,9 +332,6 @@ export default ({ getService }: FtrProviderContext) => {
describe('with asset criticality', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

9
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/eql.ts
View file

@ -35,10 +35,7 @@ import {
ALERT_GROUP_ID,
} from '@kbn/security-solution-plugin/common/field_maps/field_names';
import { getMaxSignalsWarning as getMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils';
import {
DETECTION_ENGINE_RULES_URL,
ENABLE_ASSET_CRITICALITY_SETTING,
} from '@kbn/security-solution-plugin/common/constants';
import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants';
import {
getEqlRuleForAlertTesting,
getAlerts,
@ -72,7 +69,6 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const es = getService('es');
const log = getService('log');
const kibanaServer = getService('kibanaServer');
const retry = getService('retry');
// TODO: add a new service for loading archiver files similar to "getService('es')"
@ -774,9 +770,6 @@ export default ({ getService }: FtrProviderContext) => {
describe('with asset criticality', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

10
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/eql_alert_suppression.ts
View file

@ -19,10 +19,7 @@ import {
TIMESTAMP,
ALERT_START,
} from '@kbn/rule-data-utils';
import {
DETECTION_ENGINE_SIGNALS_STATUS_URL as DETECTION_ENGINE_ALERTS_STATUS_URL,
ENABLE_ASSET_CRITICALITY_SETTING,
} from '@kbn/security-solution-plugin/common/constants';
import { DETECTION_ENGINE_SIGNALS_STATUS_URL as DETECTION_ENGINE_ALERTS_STATUS_URL } from '@kbn/security-solution-plugin/common/constants';
import { getSuppressionMaxSignalsWarning as getSuppressionMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils';
import { RuleExecutionStatusEnum } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring';
import { ALERT_ORIGINAL_TIME } from '@kbn/security-solution-plugin/common/field_maps/field_names';
@ -1702,14 +1699,9 @@ export default ({ getService }: FtrProviderContext) => {
});
describe('alert enrichment', () => {
const kibanaServer = getService('kibanaServer');
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/entity/risks');
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

5
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/esql.ts
View file

@ -14,7 +14,6 @@ import { getCreateEsqlRulesSchemaMock } from '@kbn/security-solution-plugin/comm
import { RuleExecutionStatusEnum } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring';
import { getMaxSignalsWarning as getMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '@kbn/security-solution-plugin/common/constants';
import {
getPreviewAlerts,
previewRule,
@ -40,7 +39,6 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const es = getService('es');
const log = getService('log');
const kibanaServer = getService('kibanaServer');
const utils = getService('securitySolutionUtils');
const { indexEnhancedDocuments, indexListOfDocuments, indexGeneratedDocuments } =
@ -916,9 +914,6 @@ export default ({ getService }: FtrProviderContext) => {
describe('with asset criticality', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

5
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/esql_suppression.ts
View file

@ -25,7 +25,6 @@ import { ALERT_ORIGINAL_TIME } from '@kbn/security-solution-plugin/common/field_
import { DETECTION_ENGINE_SIGNALS_STATUS_URL as DETECTION_ENGINE_ALERTS_STATUS_URL } from '@kbn/security-solution-plugin/common/constants';
import { getSuppressionMaxSignalsWarning as getSuppressionMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '@kbn/security-solution-plugin/common/constants';
import {
getPreviewAlerts,
previewRule,
@ -48,7 +47,6 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const es = getService('es');
const log = getService('log');
const kibanaServer = getService('kibanaServer');
const { indexEnhancedDocuments, indexListOfDocuments, indexGeneratedDocuments } =
dataGeneratorFactory({
es,
@ -2070,9 +2068,6 @@ export default ({ getService }: FtrProviderContext) => {
describe('with asset criticality', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

5
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/indicator_match.ts
View file

@ -41,7 +41,6 @@ import {
} from '@kbn/security-solution-plugin/common/field_maps/field_names';
import { RuleExecutionStatusEnum } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring';
import { getMaxSignalsWarning as getMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '@kbn/security-solution-plugin/common/constants';
import {
previewRule,
getAlerts,
@ -186,7 +185,6 @@ export default ({ getService }: FtrProviderContext) => {
const supertest = getService('supertest');
const es = getService('es');
const log = getService('log');
const kibanaServer = getService('kibanaServer');
// TODO: add a new service for loading archiver files similar to "getService('es')"
const config = getService('config');
const isServerless = config.get('serverless');
@ -1655,9 +1653,6 @@ export default ({ getService }: FtrProviderContext) => {
describe('with asset criticality', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

5
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/indicator_match_alert_suppression.ts
View file

@ -21,7 +21,6 @@ import {
import { getSuppressionMaxSignalsWarning as getSuppressionMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils';
import { DETECTION_ENGINE_SIGNALS_STATUS_URL as DETECTION_ENGINE_ALERTS_STATUS_URL } from '@kbn/security-solution-plugin/common/constants';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '@kbn/security-solution-plugin/common/constants';
import { ThreatMatchRuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine';
import { RuleExecutionStatusEnum } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring';
@ -44,7 +43,6 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const es = getService('es');
const log = getService('log');
const kibanaServer = getService('kibanaServer');
const {
indexListOfDocuments: indexListOfSourceDocuments,
@ -2568,9 +2566,6 @@ export default ({ getService }: FtrProviderContext) => {
describe('with asset criticality', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

9
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning.ts
View file

@ -29,10 +29,7 @@ import {
} from '@kbn/security-solution-plugin/common/field_maps/field_names';
import { getMaxSignalsWarning as getMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils';
import { expect } from 'expect';
import {
DETECTION_ENGINE_RULES_URL,
ENABLE_ASSET_CRITICALITY_SETTING,
} from '@kbn/security-solution-plugin/common/constants';
import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants';
import {
createListsIndex,
deleteAllExceptions,
@ -63,7 +60,6 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const es = getService('es');
const log = getService('log');
const kibanaServer = getService('kibanaServer');
// TODO: add a new service for loading archiver files similar to "getService('es')"
const config = getService('config');
const request = supertestLib(url.format(config.get('servers.kibana')));
@ -331,9 +327,6 @@ export default ({ getService }: FtrProviderContext) => {
describe('with asset criticality', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

10
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning_alert_suppression.ts
View file

@ -22,10 +22,7 @@ import {
TIMESTAMP,
} from '@kbn/rule-data-utils';
import { ALERT_ORIGINAL_TIME } from '@kbn/security-solution-plugin/common/field_maps/field_names';
import {
DETECTION_ENGINE_SIGNALS_STATUS_URL as DETECTION_ENGINE_ALERTS_STATUS_URL,
ENABLE_ASSET_CRITICALITY_SETTING,
} from '@kbn/security-solution-plugin/common/constants';
import { DETECTION_ENGINE_SIGNALS_STATUS_URL as DETECTION_ENGINE_ALERTS_STATUS_URL } from '@kbn/security-solution-plugin/common/constants';
import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder';
import { FtrProviderContext } from '../../../../../../ftr_provider_context';
import {
@ -1102,14 +1099,9 @@ export default ({ getService }: FtrProviderContext) => {
});
describe('with enrichments', () => {
const kibanaServer = getService('kibanaServer');
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/entity/risks');
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

6
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/new_terms.ts
View file

@ -14,7 +14,7 @@ import { orderBy } from 'lodash';
import { getCreateNewTermsRulesSchemaMock } from '@kbn/security-solution-plugin/common/api/detection_engine/model/rule_schema/mocks';
import { getMaxSignalsWarning as getMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '@kbn/security-solution-plugin/common/constants';
import {
getAlerts,
getPreviewAlerts,
@ -43,7 +43,6 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const es = getService('es');
const log = getService('log');
const kibanaServer = getService('kibanaServer');
const { indexEnhancedDocuments } = dataGeneratorFactory({
es,
index: 'new_terms',
@ -1067,9 +1066,6 @@ export default ({ getService }: FtrProviderContext) => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/security_solution/ecs_compliant');
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

5
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/new_terms_alert_suppression.ts
View file

@ -18,7 +18,6 @@ import {
TIMESTAMP,
ALERT_START,
} from '@kbn/rule-data-utils';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '@kbn/security-solution-plugin/common/constants';
import { getSuppressionMaxSignalsWarning as getSuppressionMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils';
import { getCreateNewTermsRulesSchemaMock } from '@kbn/security-solution-plugin/common/api/detection_engine/model/rule_schema/mocks';
import { NewTermsRuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine';
@ -2250,15 +2249,11 @@ export default ({ getService }: FtrProviderContext) => {
const isServerless = config.get('serverless');
const dataPathBuilder = new EsArchivePathBuilder(isServerless);
const path = dataPathBuilder.getPath('auditbeat/hosts');
const kibanaServer = getService('kibanaServer');
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/entity/risks');
await esArchiver.load(path);
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

5
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold.ts
View file

@ -27,7 +27,6 @@ import {
ALERT_THRESHOLD_RESULT,
} from '@kbn/security-solution-plugin/common/field_maps/field_names';
import { getMaxSignalsWarning as getMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '@kbn/security-solution-plugin/common/constants';
import {
createRule,
deleteAllRules,
@ -51,7 +50,6 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const es = getService('es');
const log = getService('log');
const kibanaServer = getService('kibanaServer');
// TODO: add a new service for loading archiver files similar to "getService('es')"
const config = getService('config');
const isServerless = config.get('serverless');
@ -447,9 +445,6 @@ export default ({ getService }: FtrProviderContext) => {
describe('with asset criticality', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

5
x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold_alert_suppression.ts
View file

@ -21,7 +21,6 @@ import { DETECTION_ENGINE_SIGNALS_STATUS_URL as DETECTION_ENGINE_ALERTS_STATUS_U
import { ThresholdRuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine';
import { RuleExecutionStatusEnum } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '@kbn/security-solution-plugin/common/constants';
import { ALERT_ORIGINAL_TIME } from '@kbn/security-solution-plugin/common/field_maps/field_names';
import { AlertSuppression } from '@kbn/security-solution-plugin/common/api/detection_engine/model/rule_schema';
@ -44,7 +43,6 @@ export default ({ getService }: FtrProviderContext) => {
const esArchiver = getService('esArchiver');
const es = getService('es');
const log = getService('log');
const kibanaServer = getService('kibanaServer');
// TODO: add a new service for loading archiver files similar to "getService('es')"
const config = getService('config');
const isServerless = config.get('serverless');
@ -994,9 +992,6 @@ export default ({ getService }: FtrProviderContext) => {
describe('with asset criticality', () => {
before(async () => {
await esArchiver.load('x-pack/test/functional/es_archives/asset_criticality');
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
});
after(async () => {

55
x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality.ts
View file

@ -19,8 +19,6 @@ import {
assetCriticalityRouteHelpersFactory,
getAssetCriticalityDoc,
getAssetCriticalityIndex,
enableAssetCriticalityAdvancedSetting,
disableAssetCriticalityAdvancedSetting,
createAssetCriticalityRecords,
riskEngineRouteHelpersFactory,
} from '../../utils';
@ -28,7 +26,6 @@ import { FtrProviderContext } from '../../../../ftr_provider_context';
export default ({ getService }: FtrProviderContext) => {
const es = getService('es');
const kibanaServer = getService('kibanaServer');
const log = getService('log');
const supertest = getService('supertest');
const assetCriticalityRoutes = assetCriticalityRouteHelpersFactory(supertest);
@ -41,14 +38,6 @@ export default ({ getService }: FtrProviderContext) => {
await cleanAssetCriticality({ log, es });
});
after(async () => {
await disableAssetCriticalityAdvancedSetting(kibanaServer, log);
});
beforeEach(async () => {
await enableAssetCriticalityAdvancedSetting(kibanaServer, log);
});
afterEach(async () => {
await riskEngineRoutes.cleanUp();
await cleanAssetCriticality({ log, es });
@ -181,20 +170,6 @@ export default ({ getService }: FtrProviderContext) => {
expectStatusCode: 400,
});
});
it('should return 403 if the advanced setting is disabled', async () => {
await disableAssetCriticalityAdvancedSetting(kibanaServer, log);
const validAssetCriticality = {
id_field: 'host.name',
id_value: 'host-01',
criticality_level: 'high_impact',
};
await assetCriticalityRoutes.upsert(validAssetCriticality, {
expectStatusCode: 403,
});
});
});
describe('get', () => {
@ -220,14 +195,6 @@ export default ({ getService }: FtrProviderContext) => {
expectStatusCode: 400,
});
});
it('should return 403 if the advanced setting is disabled', async () => {
await disableAssetCriticalityAdvancedSetting(kibanaServer, log);
await assetCriticalityRoutes.get('host.name', 'doesnt-matter', {
expectStatusCode: 403,
});
});
});
describe('list', () => {
@ -424,20 +391,6 @@ export default ({ getService }: FtrProviderContext) => {
});
});
it('should return a 403 if the advanced setting is disabled', async () => {
await disableAssetCriticalityAdvancedSetting(kibanaServer, log);
const validRecord: CreateAssetCriticalityRecord = {
id_field: 'host.name',
id_value: 'delete-me',
criticality_level: 'high_impact',
};
await assetCriticalityRoutes.bulkUpload([validRecord], {
expectStatusCode: 403,
});
});
it('should correctly upload a valid record for one entity', async () => {
const validRecord: CreateAssetCriticalityRecord = {
id_field: 'host.name',
@ -533,14 +486,6 @@ export default ({ getService }: FtrProviderContext) => {
expect(res.body.deleted).to.eql(false);
expect(res.body.record).to.eql(undefined);
});
it('should return 403 if the advanced setting is disabled', async () => {
await disableAssetCriticalityAdvancedSetting(kibanaServer, log);
await assetCriticalityRoutes.delete('host.name', 'doesnt-matter', {
expectStatusCode: 403,
});
});
});
});
};

15
x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality_csv_upload.ts
View file

@ -8,8 +8,6 @@ import expect from 'expect';
import {
assetCriticalityRouteHelpersFactory,
cleanAssetCriticality,
disableAssetCriticalityAdvancedSetting,
enableAssetCriticalityAdvancedSetting,
getAssetCriticalityDoc,
} from '../../utils';
import { FtrProviderContext } from '../../../../ftr_provider_context';
@ -18,7 +16,6 @@ export default ({ getService }: FtrProviderContext) => {
const esClient = getService('es');
const supertest = getService('supertest');
const assetCriticalityRoutes = assetCriticalityRouteHelpersFactory(supertest);
const kibanaServer = getService('kibanaServer');
const log = getService('log');
const expectAssetCriticalityDocMatching = async (expectedDoc: {
id_field: string;
@ -37,10 +34,6 @@ export default ({ getService }: FtrProviderContext) => {
await cleanAssetCriticality({ es: esClient, namespace: 'default', log });
});
beforeEach(async () => {
await enableAssetCriticalityAdvancedSetting(kibanaServer, log);
});
after(async () => {
await cleanAssetCriticality({ es: esClient, namespace: 'default', log });
});
@ -188,13 +181,5 @@ export default ({ getService }: FtrProviderContext) => {
failed: 0,
});
});
it('should return 403 if the advanced setting is disabled', async () => {
await disableAssetCriticalityAdvancedSetting(kibanaServer, log);
await assetCriticalityRoutes.uploadCsv('host,host-1,low_impact', {
expectStatusCode: 403,
});
});
});
};

9
x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/asset_criticality_privileges.ts
View file

@ -6,10 +6,7 @@
*/
import expect from '@kbn/expect';
import { ROLES as SERVERLESS_USERNAMES } from '@kbn/security-solution-plugin/common/test';
import {
assetCriticalityRouteHelpersFactoryNoAuth,
enableAssetCriticalityAdvancedSetting,
} from '../../utils';
import { assetCriticalityRouteHelpersFactoryNoAuth } from '../../utils';
import { FtrProviderContext } from '../../../../ftr_provider_context';
import { usersAndRolesFactory } from '../../utils/users_and_roles';
@ -67,9 +64,6 @@ const USERNAME_TO_ROLES = {
};
export default ({ getService }: FtrProviderContext) => {
const kibanaServer = getService('kibanaServer');
const log = getService('log');
describe('Entity Analytics - Asset Criticality Privileges API', () => {
describe('@ess Asset Criticality Privileges API', () => {
const supertestWithoutAuth = getService('supertestWithoutAuth');
@ -95,7 +89,6 @@ export default ({ getService }: FtrProviderContext) => {
});
before(async () => {
await createPrivilegeTestUsers();
await enableAssetCriticalityAdvancedSetting(kibanaServer, log);
});
describe('Asset Criticality privileges API', () => {

5
x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_entity_calculation.ts
View file

@ -23,7 +23,6 @@ import {
cleanAssetCriticality,
waitForAssetCriticalityToBePresent,
riskEngineRouteHelpersFactory,
enableAssetCriticalityAdvancedSetting,
sanitizeScores,
} from '../../utils';
import { FtrProviderContext } from '../../../../ftr_provider_context';
@ -34,7 +33,6 @@ export default ({ getService }: FtrProviderContext): void => {
const esArchiver = getService('esArchiver');
const es = getService('es');
const log = getService('log');
const kibanaServer = getService('kibanaServer');
const riskEngineRoutes = riskEngineRouteHelpersFactory(supertest);
@ -77,9 +75,6 @@ export default ({ getService }: FtrProviderContext): void => {
describe('@ess @serverless @serverlessQA Risk Scoring Entity Calculation API', function () {
this.tags(['esGate']);
before(async () => {
await enableAssetCriticalityAdvancedSetting(kibanaServer, log);
});
context('with auditbeat data', () => {
const { indexListOfDocuments } = dataGeneratorFactory({

6
x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_preview.ts
View file

@ -23,7 +23,6 @@ import {
cleanAssetCriticality,
createAndSyncRuleAndAlertsFactory,
deleteAllRiskScores,
enableAssetCriticalityAdvancedSetting,
sanitizeScores,
waitForAssetCriticalityToBePresent,
} from '../../utils';
@ -35,7 +34,6 @@ export default ({ getService }: FtrProviderContext): void => {
const esArchiver = getService('esArchiver');
const es = getService('es');
const log = getService('log');
const kibanaServer = getService('kibanaServer');
const createAndSyncRuleAndAlerts = createAndSyncRuleAndAlertsFactory({ supertest, log });
const previewRiskScores = async ({
@ -70,10 +68,6 @@ export default ({ getService }: FtrProviderContext): void => {
};
describe('@ess @serverless Risk Scoring Preview API', () => {
before(async () => {
await enableAssetCriticalityAdvancedSetting(kibanaServer, log);
});
context('with auditbeat data', () => {
const { indexListOfDocuments } = dataGeneratorFactory({
es,

40
x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/asset_criticality.ts
View file

@ -16,7 +16,6 @@ import {
ASSET_CRITICALITY_PUBLIC_LIST_URL,
ASSET_CRITICALITY_INTERNAL_STATUS_URL,
ASSET_CRITICALITY_INTERNAL_PRIVILEGES_URL,
ENABLE_ASSET_CRITICALITY_SETTING,
API_VERSIONS,
ASSET_CRITICALITY_PUBLIC_BULK_UPLOAD_URL,
} from '@kbn/security-solution-plugin/common/constants';
@ -28,51 +27,12 @@ import type {
import type { Client } from '@elastic/elasticsearch';
import type { ToolingLog } from '@kbn/tooling-log';
import querystring from 'querystring';
import { KbnClient } from '@kbn/test';
import { SupertestWithoutAuthProviderType } from '@kbn/ftr-common-functional-services';
import { routeWithNamespace, waitFor } from '../../../../common/utils/security_solution';
export const getAssetCriticalityIndex = (namespace?: string) =>
`.asset-criticality.asset-criticality-${namespace ?? 'default'}`;
export const enableAssetCriticalityAdvancedSetting = async (
kibanaServer: KbnClient,
log: ToolingLog
) => {
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: true,
});
// and wait for the setting to be applied
await waitFor(
async () => {
const setting = await kibanaServer.uiSettings.get(ENABLE_ASSET_CRITICALITY_SETTING);
return setting === true;
},
'disableAssetCriticalityAdvancedSetting',
log
);
};
export const disableAssetCriticalityAdvancedSetting = async (
kibanaServer: KbnClient,
log: ToolingLog
) => {
await kibanaServer.uiSettings.update({
[ENABLE_ASSET_CRITICALITY_SETTING]: false,
});
// and wait for the setting to be applied
await waitFor(
async () => {
const setting = await kibanaServer.uiSettings.get(ENABLE_ASSET_CRITICALITY_SETTING);
return setting === false;
},
'disableAssetCriticalityAdvancedSetting',
log
);
};
export const cleanAssetCriticality = async ({
log,
es,

2
x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/asset_criticality_upload_page.cy.ts
View file

@ -12,7 +12,6 @@ import {
RESULT_STEP,
VALID_LINES_MESSAGE,
} from '../../screens/asset_criticality';
import { enableAssetCriticality } from '../../tasks/api_calls/kibana_advanced_settings';
import { clickAssignButton, uploadAssetCriticalityFile } from '../../tasks/asset_criticality';
import { login } from '../../tasks/login';
import { visit } from '../../tasks/navigation';
@ -26,7 +25,6 @@ describe(
() => {
beforeEach(() => {
login();
enableAssetCriticality();
visit(ENTITY_ANALYTICS_ASSET_CRITICALITY_URL);
});

2
x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/entity_flyout.cy.ts
View file

@ -42,7 +42,6 @@ import {
ENTRA_DOCUMENT_TAB,
OKTA_DOCUMENT_TAB,
} from '../../screens/users/flyout_asset_panel';
import { enableAssetCriticality } from '../../tasks/api_calls/kibana_advanced_settings';
const USER_NAME = 'user1';
const SIEM_KIBANA_HOST_NAME = 'Host-fwarau82er';
@ -66,7 +65,6 @@ describe(
cy.task('esArchiverLoad', { archiveName: 'risk_scores_new_complete_data' });
cy.task('esArchiverLoad', { archiveName: 'query_alert', useCreate: true, docsOnly: true });
cy.task('esArchiverLoad', { archiveName: 'user_managed_data' });
enableAssetCriticality();
mockRiskEngineEnabled();
login();
visitWithTimeRange(ALERTS_URL);

5
x-pack/test/security_solution_cypress/cypress/tasks/api_calls/kibana_advanced_settings.ts
View file

@ -6,7 +6,6 @@
*/
import { SECURITY_SOLUTION_SHOW_RELATED_INTEGRATIONS_ID } from '@kbn/management-settings-ids';
import { ENABLE_ASSET_CRITICALITY_SETTING } from '@kbn/security-solution-plugin/common/constants';
import { rootRequest } from './common';
export const setKibanaSetting = (key: string, value: boolean | number | string) => {
@ -24,7 +23,3 @@ export const enableRelatedIntegrations = () => {
export const disableRelatedIntegrations = () => {
setKibanaSetting(SECURITY_SOLUTION_SHOW_RELATED_INTEGRATIONS_ID, false);
};
export const enableAssetCriticality = () => {
setKibanaSetting(ENABLE_ASSET_CRITICALITY_SETTING, true);
};