mirror of
https://github.com/elastic/kibana.git
synced 2025-06-27 18:51:07 -04:00
e1a280f602
## Use legacy risk score indices if the new risks engine wasn't
installed
Legacy risk scores indices:
- `ml_user_risk_score_latest_default`
- `ml_host_risk_score_latest_default`
New risk score indices:
- `risk-score.risk-score-latest-default`
Which parts use risk score indices?
- Entity Analytics dashboard
- All host/user risk tab
- Single host/user risk tab
- Alert enrichment UI
- Alert enrichment Backend
All these components can use only one risk score data source at a time,
a new or legacy one.
Previously we started to use the new risk score indices if FF -
`['riskScoringPersistence', 'riskScoringRoutesEnabled'] ` was present
and there was no possibility for the client to see old risk score data
in UI, or use it for alert enrichments
This PR, changes the way, that clients will use legacy risk score
indices until they specifically choose to upgrade the risk engine.
In this video legacy risk transforms are installed, but user risk
transforms are not installed.
16acf38a-5694-4706-9426-cdea58b70a9b
### Cypress tests
I modify those tests in a way that we test that it works still with
legacy risk scores, but also with new risk scores.
Also, add some tests for upgrade workflow.
Also, some risk scores a different in legacy and new indices for the
same entities. So we can show in the tests, that they use different
indices.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
67 lines
2.7 KiB
TypeScript
67 lines
2.7 KiB
TypeScript
/*
|
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
|
* or more contributor license agreements. Licensed under the Elastic License
|
|
* 2.0; you may not use this file except in compliance with the Elastic License
|
|
* 2.0.
|
|
*/
|
|
|
|
import { FtrConfigProviderContext } from '@kbn/test';
|
|
|
|
import { CA_CERT_PATH } from '@kbn/dev-utils';
|
|
|
|
export default async function ({ readConfigFile }: FtrConfigProviderContext) {
|
|
const kibanaCommonTestsConfig = await readConfigFile(
|
|
require.resolve('../../../test/common/config.js')
|
|
);
|
|
const xpackFunctionalTestsConfig = await readConfigFile(
|
|
require.resolve('../functional/config.base.js')
|
|
);
|
|
|
|
return {
|
|
...kibanaCommonTestsConfig.getAll(),
|
|
|
|
esTestCluster: {
|
|
...xpackFunctionalTestsConfig.get('esTestCluster'),
|
|
serverArgs: [
|
|
...xpackFunctionalTestsConfig.get('esTestCluster.serverArgs'),
|
|
// define custom es server here
|
|
// API Keys is enabled at the top level
|
|
'xpack.security.enabled=true',
|
|
],
|
|
},
|
|
|
|
kbnTestServer: {
|
|
...xpackFunctionalTestsConfig.get('kbnTestServer'),
|
|
serverArgs: [
|
|
...xpackFunctionalTestsConfig.get('kbnTestServer.serverArgs'),
|
|
'--usageCollection.uiCounters.enabled=false',
|
|
// define custom kibana server args here
|
|
`--elasticsearch.ssl.certificateAuthorities=${CA_CERT_PATH}`,
|
|
'--xpack.ruleRegistry.write.enabled=true',
|
|
'--xpack.ruleRegistry.write.cache.enabled=false',
|
|
'--xpack.ruleRegistry.unsafe.indexUpgrade.enabled=true',
|
|
// Without below line, default interval for rules is 1m
|
|
// See https://github.com/elastic/kibana/pull/125396 for details
|
|
'--xpack.alerting.rules.minimumScheduleInterval.value=1s',
|
|
'--xpack.ruleRegistry.unsafe.legacyMultiTenancy.enabled=true',
|
|
`--xpack.securitySolution.enableExperimental=${JSON.stringify([
|
|
'alertDetailsPageEnabled',
|
|
'chartEmbeddablesEnabled',
|
|
'discoverInTimeline',
|
|
'riskScoringRoutesEnabled',
|
|
'riskScoringPersistence',
|
|
])}`,
|
|
// mock cloud to enable the guided onboarding tour in e2e tests
|
|
'--xpack.cloud.id=test',
|
|
`--home.disableWelcomeScreen=true`,
|
|
// Specify which version of the detection-rules package to install
|
|
// `--xpack.securitySolution.prebuiltRulesPackageVersion=8.3.1`,
|
|
// Set an inexistent directory as the Fleet bundled packages location
|
|
// in order to force Fleet to reach out to the registry to download the
|
|
// packages listed in fleet_packages.json
|
|
// See: https://elastic.slack.com/archives/CNMNXV4RG/p1683033379063079
|
|
`--xpack.fleet.developer.bundledPackageLocation=./inexistentDir`,
|
|
],
|
|
},
|
|
};
|
|
}
|