a8a7574c66
## Summary This PR adds the ability to upload a CSV file with privileged users from the Entity Analytics pages ## Changes ### Backend - Added (or completed) the upload CSV route: `/api/entity_analytics/monitoring/users/_csv` - Added shared utilities for batching with Node streams - Added bulk processing actions for the upload - Parsing users from CSV - Soft delete for omitted users - Batch upsert via the bulk API - Added a check for installing all required privmon resources ### Frontend - File uploader components - File validation logic - Updated EA privmon page to account for the new flow - Added managing users panels - open upload flow (same as asset criticality) ## Screen recording https://github.com/user-attachments/assets/7956f1cf-49e0-4430-8c23-7d6178a15342 ## How to test #### Prerequisite Make sure you have a CSV file with usernames Check [here](https://gist.github.com/tiansivive/0be2f09e1bb380fdde6609a131e929ed) for a little helper script Create a few copies where some of the users are deleted, in order to test soft delete 1. Start up kibana and ES 2. Navigate to Security > Entity Analytics > Privilege User Monitoring 3. Select the `File` option to add data 4. Add one of the CSV files to the open modal and upload 5. Repeat but now upload one of files with the omitted users Alternatively, testing only the backend only is possible by directly hitting the API wit curl ``` curl -u elastic:changeme \ -X POST "http://localhost:5601/api/entity_analytics/monitoring/users/_csv" \ -H "kbn-xsrf: true" \ -F "file=@test.csv;type=text/csv" ``` #### Verifying Easiest way is to use the dev tools to `_search` the privmon users index with: ``` GET .entity_analytics.monitoring.users-default/_search ``` Look for number of hits and/or use `query` to search for omitted users. ## Remaining work - [x] API integration tests - [ ] Batching logic unit tests - [ ] E2E tests? --------- Co-authored-by: machadoum <pablo.nevesmachado@elastic.co> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| examples | ||
| linters | ||
| output | ||
| overlays | ||
| scripts | ||
| bundle.json | ||
| bundle.serverless.json | ||
| kibana.info.serverless.yaml | ||
| kibana.info.yaml | ||
| makefile | ||
| package-lock.json | ||
| package.json | ||
| README.md | ||
Kibana API reference documentation
Documentation about our OpenAPI bundling workflow and configuration. See Kibana's hosted stateful and serverless docs.
Workflow
The final goal of this workflow is to produce an OpenAPI bundle containing all Kibana's public APIs.
Step 0
OAS from Kibana's APIs are continuously extracted and captured in bundle.json and bundle.serverless.json as fully formed OAS documentation. See node scripts/capture_oas_snapshot --help for more info.
These bundles form the basis of our OpenAPI bundles to which we append and layer extra information before publishing.
Step 1
Append pre-existing bundles not extracted from code using kbn-openapi-bundler to produce the final resulting bundles.
To add more files into the final bundle, edit the appropriate oas_docs/scripts/merge*.js files.
Step 2
Apply any final overalys to the document that might include examples or final tweaks (see the "Scripts" section for more details).
Scripts
The oas_docs/scripts folder contains scripts that point to the source domain-specific OpenAPI bundles and specify additional parameters for producing the final output bundle. Currently, there are the following scripts:
-
merge_ess_oas.jsscript produces production an output bundle for ESS -
merge_serverless_oas.jsscript produces production an output bundle for Serverless
Output Kibana OpenAPI bundles
The oas_docs/output folder contains the final resulting Kibana OpenAPI bundles
kibana.yamlproduction ready ESS OpenAPI bundlekibana.serverless.yamlproduction ready Serverless OpenAPI bundle
Bundling commands
Besides the scripts in the oas_docs/scripts folder, there is an oas_docs/makefile to simplify the workflow. Use make help to see available commands.