From 55235c61e5a75e6cb2dc4c65c265a59873957e6b Mon Sep 17 00:00:00 2001 From: Frank Hassanabad Date: Fri, 15 Oct 2021 18:37:00 -0600 Subject: [PATCH 01/50] [Security Solutions] Fixes the newer notification system throttle resets and enabling immediate execution on first detection of a signal (#114214) ## Summary Fixes: * Resets happening by adding the throttle to the else switches and error catching. We have to call throttle on every rule execution or we will cause a reset. * Fixes a case where we were not firing the signal immediately by pushing down the alerts detected. This can cause a reset or a delay of MTTD. * Adds unit tests for the conditions * Changes some of the logic to clean things up. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --- ...dule_throttle_notification_actions.test.ts | 422 +++++++++++++++++- .../schedule_throttle_notification_actions.ts | 97 +++- .../notifications/utils.test.ts | 388 +++++++++++++++- .../detection_engine/notifications/utils.ts | 53 +++ .../create_security_rule_type_wrapper.ts | 45 +- .../signals/signal_rule_alert_type.test.ts | 27 +- .../signals/signal_rule_alert_type.ts | 45 +- 7 files changed, 1035 insertions(+), 42 deletions(-) diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/schedule_throttle_notification_actions.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/schedule_throttle_notification_actions.test.ts index 2e5e331b71b0094..81f229c636bd87c 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/schedule_throttle_notification_actions.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/schedule_throttle_notification_actions.test.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { elasticsearchServiceMock } from 'src/core/server/mocks'; +import { elasticsearchServiceMock, loggingSystemMock } from 'src/core/server/mocks'; import { alertsMock } from '../../../../../alerting/server/mocks'; import { scheduleThrottledNotificationActions } from './schedule_throttle_notification_actions'; import { @@ -19,8 +19,10 @@ jest.mock('./schedule_notification_actions', () => ({ describe('schedule_throttle_notification_actions', () => { let notificationRuleParams: NotificationRuleTypeParams; + let logger: ReturnType; beforeEach(() => { + logger = loggingSystemMock.createLogger(); (scheduleNotificationActions as jest.Mock).mockReset(); notificationRuleParams = { author: ['123'], @@ -82,6 +84,38 @@ describe('schedule_throttle_notification_actions', () => { ), alertInstance: alertsMock.createAlertInstanceFactory(), notificationRuleParams, + logger, + signals: [], + }); + + expect(scheduleNotificationActions as jest.Mock).toHaveBeenCalled(); + }); + + it('should call "scheduleNotificationActions" if the signals length is 1 or greater', async () => { + await scheduleThrottledNotificationActions({ + throttle: '1d', + startedAt: new Date('2021-08-24T19:19:22.094Z'), + id: '123', + kibanaSiemAppUrl: 'http://www.example.com', + outputIndex: 'output-123', + ruleId: 'rule-123', + esClient: elasticsearchServiceMock.createElasticsearchClient( + elasticsearchServiceMock.createSuccessTransportRequestPromise({ + hits: { + hits: [], + total: 0, + }, + }) + ), + alertInstance: alertsMock.createAlertInstanceFactory(), + notificationRuleParams, + logger, + signals: [ + { + _id: '123', + index: '123', + }, + ], }); expect(scheduleNotificationActions as jest.Mock).toHaveBeenCalled(); @@ -105,6 +139,8 @@ describe('schedule_throttle_notification_actions', () => { ), alertInstance: alertsMock.createAlertInstanceFactory(), notificationRuleParams, + logger, + signals: [], }); expect(scheduleNotificationActions as jest.Mock).not.toHaveBeenCalled(); @@ -132,6 +168,8 @@ describe('schedule_throttle_notification_actions', () => { ), alertInstance: alertsMock.createAlertInstanceFactory(), notificationRuleParams, + logger, + signals: [], }); expect(scheduleNotificationActions as jest.Mock).not.toHaveBeenCalled(); @@ -161,6 +199,8 @@ describe('schedule_throttle_notification_actions', () => { ), alertInstance: alertsMock.createAlertInstanceFactory(), notificationRuleParams, + logger, + signals: [], }); expect((scheduleNotificationActions as jest.Mock).mock.calls[0][0].resultsLink).toMatch( @@ -174,4 +214,384 @@ describe('schedule_throttle_notification_actions', () => { }) ); }); + + it('should log debug information when passing through in expected format and no error messages', async () => { + await scheduleThrottledNotificationActions({ + throttle: '1d', + startedAt: new Date('2021-08-24T19:19:22.094Z'), + id: '123', + kibanaSiemAppUrl: 'http://www.example.com', + outputIndex: 'output-123', + ruleId: 'rule-123', + esClient: elasticsearchServiceMock.createElasticsearchClient( + elasticsearchServiceMock.createSuccessTransportRequestPromise({ + hits: { + hits: [ + { + _source: {}, + }, + ], + total: 1, + }, + }) + ), + alertInstance: alertsMock.createAlertInstanceFactory(), + notificationRuleParams, + logger, + signals: [], + }); + // We only test the first part since it has date math using math + expect(logger.debug.mock.calls[0][0]).toMatch( + /The notification throttle resultsLink created is/ + ); + expect(logger.debug.mock.calls[1][0]).toEqual( + 'The notification throttle query result size before deconflicting duplicates is: 1. The notification throttle passed in signals size before deconflicting duplicates is: 0. The deconflicted size and size of the signals sent into throttle notification is: 1. The signals count from results size is: 1. The final signals count being sent to the notification is: 1.' + ); + // error should not have been called in this case. + expect(logger.error).not.toHaveBeenCalled(); + }); + + it('should log error information if "throttle" is an invalid string', async () => { + await scheduleThrottledNotificationActions({ + throttle: 'invalid', + startedAt: new Date('2021-08-24T19:19:22.094Z'), + id: '123', + kibanaSiemAppUrl: 'http://www.example.com', + outputIndex: 'output-123', + ruleId: 'rule-123', + esClient: elasticsearchServiceMock.createElasticsearchClient( + elasticsearchServiceMock.createSuccessTransportRequestPromise({ + hits: { + hits: [ + { + _source: {}, + }, + ], + total: 1, + }, + }) + ), + alertInstance: alertsMock.createAlertInstanceFactory(), + notificationRuleParams, + logger, + signals: [], + }); + + expect(logger.error).toHaveBeenCalledWith( + 'The notification throttle "from" and/or "to" range values could not be constructed as valid. Tried to construct the values of "from": now-invalid "to": 2021-08-24T19:19:22.094Z. This will cause a reset of the notification throttle. Expect either missing alert notifications or alert notifications happening earlier than expected.' + ); + }); + + it('should count correctly if it does a deconflict', async () => { + await scheduleThrottledNotificationActions({ + throttle: '1d', + startedAt: new Date('2021-08-24T19:19:22.094Z'), + id: '123', + kibanaSiemAppUrl: 'http://www.example.com', + outputIndex: 'output-123', + ruleId: 'rule-123', + esClient: elasticsearchServiceMock.createElasticsearchClient( + elasticsearchServiceMock.createSuccessTransportRequestPromise({ + hits: { + hits: [ + { + _index: 'index-123', + _id: 'id-123', + _source: { + test: 123, + }, + }, + { + _index: 'index-456', + _id: 'id-456', + _source: { + test: 456, + }, + }, + ], + total: 2, + }, + }) + ), + alertInstance: alertsMock.createAlertInstanceFactory(), + notificationRuleParams, + logger, + signals: [ + { + _index: 'index-456', + _id: 'id-456', + test: 456, + }, + ], + }); + expect(scheduleNotificationActions).toHaveBeenCalledWith( + expect.objectContaining({ + signalsCount: 2, + signals: [ + { + _id: 'id-456', + _index: 'index-456', + test: 456, + }, + { + _id: 'id-123', + _index: 'index-123', + test: 123, + }, + ], + ruleParams: notificationRuleParams, + }) + ); + }); + + it('should count correctly if it does not do a deconflict', async () => { + await scheduleThrottledNotificationActions({ + throttle: '1d', + startedAt: new Date('2021-08-24T19:19:22.094Z'), + id: '123', + kibanaSiemAppUrl: 'http://www.example.com', + outputIndex: 'output-123', + ruleId: 'rule-123', + esClient: elasticsearchServiceMock.createElasticsearchClient( + elasticsearchServiceMock.createSuccessTransportRequestPromise({ + hits: { + hits: [ + { + _index: 'index-123', + _id: 'id-123', + _source: { + test: 123, + }, + }, + { + _index: 'index-456', + _id: 'id-456', + _source: { + test: 456, + }, + }, + ], + total: 2, + }, + }) + ), + alertInstance: alertsMock.createAlertInstanceFactory(), + notificationRuleParams, + logger, + signals: [ + { + _index: 'index-789', + _id: 'id-789', + test: 456, + }, + ], + }); + expect(scheduleNotificationActions).toHaveBeenCalledWith( + expect.objectContaining({ + signalsCount: 3, + signals: [ + { + _id: 'id-789', + _index: 'index-789', + test: 456, + }, + { + _id: 'id-123', + _index: 'index-123', + test: 123, + }, + { + _id: 'id-456', + _index: 'index-456', + test: 456, + }, + ], + ruleParams: notificationRuleParams, + }) + ); + }); + + it('should count total hit with extra total elements', async () => { + await scheduleThrottledNotificationActions({ + throttle: '1d', + startedAt: new Date('2021-08-24T19:19:22.094Z'), + id: '123', + kibanaSiemAppUrl: 'http://www.example.com', + outputIndex: 'output-123', + ruleId: 'rule-123', + esClient: elasticsearchServiceMock.createElasticsearchClient( + elasticsearchServiceMock.createSuccessTransportRequestPromise({ + hits: { + hits: [ + { + _index: 'index-123', + _id: 'id-123', + _source: { + test: 123, + }, + }, + ], + total: 20, // total can be different from the actual return values so we have to ensure we count these. + }, + }) + ), + alertInstance: alertsMock.createAlertInstanceFactory(), + notificationRuleParams, + logger, + signals: [ + { + _index: 'index-789', + _id: 'id-789', + test: 456, + }, + ], + }); + expect(scheduleNotificationActions).toHaveBeenCalledWith( + expect.objectContaining({ + signalsCount: 21, + signals: [ + { + _id: 'id-789', + _index: 'index-789', + test: 456, + }, + { + _id: 'id-123', + _index: 'index-123', + test: 123, + }, + ], + ruleParams: notificationRuleParams, + }) + ); + }); + + it('should count correctly if it does a deconflict and the total has extra values', async () => { + await scheduleThrottledNotificationActions({ + throttle: '1d', + startedAt: new Date('2021-08-24T19:19:22.094Z'), + id: '123', + kibanaSiemAppUrl: 'http://www.example.com', + outputIndex: 'output-123', + ruleId: 'rule-123', + esClient: elasticsearchServiceMock.createElasticsearchClient( + elasticsearchServiceMock.createSuccessTransportRequestPromise({ + hits: { + hits: [ + { + _index: 'index-123', + _id: 'id-123', + _source: { + test: 123, + }, + }, + { + _index: 'index-456', + _id: 'id-456', + _source: { + test: 456, + }, + }, + ], + total: 20, // total can be different from the actual return values so we have to ensure we count these. + }, + }) + ), + alertInstance: alertsMock.createAlertInstanceFactory(), + notificationRuleParams, + logger, + signals: [ + { + _index: 'index-456', + _id: 'id-456', + test: 456, + }, + ], + }); + expect(scheduleNotificationActions).toHaveBeenCalledWith( + expect.objectContaining({ + signalsCount: 20, + signals: [ + { + _id: 'id-456', + _index: 'index-456', + test: 456, + }, + { + _id: 'id-123', + _index: 'index-123', + test: 123, + }, + ], + ruleParams: notificationRuleParams, + }) + ); + }); + + it('should add extra count element if it has signals added', async () => { + await scheduleThrottledNotificationActions({ + throttle: '1d', + startedAt: new Date('2021-08-24T19:19:22.094Z'), + id: '123', + kibanaSiemAppUrl: 'http://www.example.com', + outputIndex: 'output-123', + ruleId: 'rule-123', + esClient: elasticsearchServiceMock.createElasticsearchClient( + elasticsearchServiceMock.createSuccessTransportRequestPromise({ + hits: { + hits: [ + { + _index: 'index-123', + _id: 'id-123', + _source: { + test: 123, + }, + }, + { + _index: 'index-456', + _id: 'id-456', + _source: { + test: 456, + }, + }, + ], + total: 20, // total can be different from the actual return values so we have to ensure we count these. + }, + }) + ), + alertInstance: alertsMock.createAlertInstanceFactory(), + notificationRuleParams, + logger, + signals: [ + { + _index: 'index-789', + _id: 'id-789', + test: 789, + }, + ], + }); + expect(scheduleNotificationActions).toHaveBeenCalledWith( + expect.objectContaining({ + signalsCount: 21, // should be 1 more than the total since we pushed in an extra signal + signals: [ + { + _id: 'id-789', + _index: 'index-789', + test: 789, + }, + { + _id: 'id-123', + _index: 'index-123', + test: 123, + }, + { + _id: 'id-456', + _index: 'index-456', + test: 456, + }, + ], + ruleParams: notificationRuleParams, + }) + ); + }); }); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/schedule_throttle_notification_actions.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/schedule_throttle_notification_actions.ts index 5dd583d47b403bf..5bf18496e637548 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/schedule_throttle_notification_actions.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/schedule_throttle_notification_actions.ts @@ -5,11 +5,11 @@ * 2.0. */ -import { ElasticsearchClient, SavedObject } from 'src/core/server'; +import { ElasticsearchClient, SavedObject, Logger } from 'src/core/server'; import { parseScheduleDates } from '@kbn/securitysolution-io-ts-utils'; import { AlertInstance } from '../../../../../alerting/server'; import { RuleParams } from '../schemas/rule_schemas'; -import { getNotificationResultsLink } from '../notifications/utils'; +import { deconflictSignalsAndResults, getNotificationResultsLink } from '../notifications/utils'; import { DEFAULT_RULE_NOTIFICATION_QUERY_SIZE } from '../../../../common/constants'; import { getSignals } from '../notifications/get_signals'; import { @@ -18,8 +18,25 @@ import { } from './schedule_notification_actions'; import { AlertAttributes } from '../signals/types'; +interface ScheduleThrottledNotificationActionsOptions { + id: SavedObject['id']; + startedAt: Date; + throttle: AlertAttributes['throttle']; + kibanaSiemAppUrl: string | undefined; + outputIndex: RuleParams['outputIndex']; + ruleId: RuleParams['ruleId']; + esClient: ElasticsearchClient; + alertInstance: AlertInstance; + notificationRuleParams: NotificationRuleTypeParams; + signals: unknown[]; + logger: Logger; +} + /** * Schedules a throttled notification action for executor rules. + * NOTE: It's important that since this is throttled that you call this in _ALL_ cases including error conditions or results being empty or not a success. + * If you do not call this within your rule executor then this will cause a "reset" and will stop "throttling" and the next call will cause an immediate action + * to be sent through the system. * @param throttle The throttle which is the alerting saved object throttle * @param startedAt When the executor started at * @param id The id the alert which caused the notifications @@ -40,17 +57,9 @@ export const scheduleThrottledNotificationActions = async ({ esClient, alertInstance, notificationRuleParams, -}: { - id: SavedObject['id']; - startedAt: Date; - throttle: AlertAttributes['throttle']; - kibanaSiemAppUrl: string | undefined; - outputIndex: RuleParams['outputIndex']; - ruleId: RuleParams['ruleId']; - esClient: ElasticsearchClient; - alertInstance: AlertInstance; - notificationRuleParams: NotificationRuleTypeParams; -}): Promise => { + signals, + logger, +}: ScheduleThrottledNotificationActionsOptions): Promise => { const fromInMs = parseScheduleDates(`now-${throttle}`); const toInMs = parseScheduleDates(startedAt.toISOString()); @@ -62,6 +71,22 @@ export const scheduleThrottledNotificationActions = async ({ kibanaSiemAppUrl, }); + logger.debug( + [ + `The notification throttle resultsLink created is: ${resultsLink}.`, + ' Notification throttle is querying the results using', + ` "from:" ${fromInMs.valueOf()}`, + ' "to":', + ` ${toInMs.valueOf()}`, + ' "size":', + ` ${DEFAULT_RULE_NOTIFICATION_QUERY_SIZE}`, + ' "index":', + ` ${outputIndex}`, + ' "ruleId":', + ` ${ruleId}`, + ].join('') + ); + const results = await getSignals({ from: `${fromInMs.valueOf()}`, to: `${toInMs.valueOf()}`, @@ -71,18 +96,56 @@ export const scheduleThrottledNotificationActions = async ({ esClient, }); - const signalsCount = + // This will give us counts up to the max of 10k from tracking total hits. + const signalsCountFromResults = typeof results.hits.total === 'number' ? results.hits.total : results.hits.total.value; - const signals = results.hits.hits.map((hit) => hit._source); - if (results.hits.hits.length !== 0) { + const resultsFlattened = results.hits.hits.map((hit) => { + return { + _id: hit._id, + _index: hit._index, + ...hit._source, + }; + }); + + const deconflicted = deconflictSignalsAndResults({ + logger, + signals, + querySignals: resultsFlattened, + }); + + // Difference of how many deconflicted results we have to subtract from our signals count. + const deconflictedDiff = resultsFlattened.length + signals.length - deconflicted.length; + + // Subtract any deconflicted differences from the total count. + const signalsCount = signalsCountFromResults + signals.length - deconflictedDiff; + logger.debug( + [ + `The notification throttle query result size before deconflicting duplicates is: ${resultsFlattened.length}.`, + ` The notification throttle passed in signals size before deconflicting duplicates is: ${signals.length}.`, + ` The deconflicted size and size of the signals sent into throttle notification is: ${deconflicted.length}.`, + ` The signals count from results size is: ${signalsCountFromResults}.`, + ` The final signals count being sent to the notification is: ${signalsCount}.`, + ].join('') + ); + + if (deconflicted.length !== 0) { scheduleNotificationActions({ alertInstance, signalsCount, - signals, + signals: deconflicted, resultsLink, ruleParams: notificationRuleParams, }); } + } else { + logger.error( + [ + 'The notification throttle "from" and/or "to" range values could not be constructed as valid. Tried to construct the values of', + ` "from": now-${throttle}`, + ` "to": ${startedAt.toISOString()}.`, + ' This will cause a reset of the notification throttle. Expect either missing alert notifications or alert notifications happening earlier than expected.', + ].join('') + ); } }; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.test.ts index 5a667616a9a3957..2da7a0398bd3fac 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.test.ts @@ -5,18 +5,384 @@ * 2.0. */ -import { getNotificationResultsLink } from './utils'; +import { SearchHit } from '@elastic/elasticsearch/api/types'; +import { loggingSystemMock } from 'src/core/server/mocks'; +import { SignalSource } from '../signals/types'; +import { deconflictSignalsAndResults, getNotificationResultsLink } from './utils'; describe('utils', () => { - it('getNotificationResultsLink', () => { - const resultLink = getNotificationResultsLink({ - kibanaSiemAppUrl: 'http://localhost:5601/app/security', - id: 'notification-id', - from: '00000', - to: '1111', - }); - expect(resultLink).toEqual( - `http://localhost:5601/app/security/detections/rules/id/notification-id?timerange=(global:(linkTo:!(timeline),timerange:(from:00000,kind:absolute,to:1111)),timeline:(linkTo:!(global),timerange:(from:00000,kind:absolute,to:1111)))` - ); + let logger = loggingSystemMock.create().get('security_solution'); + + beforeEach(() => { + logger = loggingSystemMock.create().get('security_solution'); + }); + + describe('getNotificationResultsLink', () => { + test('it returns expected link', () => { + const resultLink = getNotificationResultsLink({ + kibanaSiemAppUrl: 'http://localhost:5601/app/security', + id: 'notification-id', + from: '00000', + to: '1111', + }); + expect(resultLink).toEqual( + `http://localhost:5601/app/security/detections/rules/id/notification-id?timerange=(global:(linkTo:!(timeline),timerange:(from:00000,kind:absolute,to:1111)),timeline:(linkTo:!(global),timerange:(from:00000,kind:absolute,to:1111)))` + ); + }); + }); + + describe('deconflictSignalsAndResults', () => { + type FuncReturn = ReturnType; + + test('given no signals and no query results it returns an empty array', () => { + expect( + deconflictSignalsAndResults({ logger, querySignals: [], signals: [] }) + ).toEqual([]); + }); + + test('given an empty signal and a single query result it returns the query result in the array', () => { + const querySignals: Array> = [ + { + _id: 'id-123', + _index: 'index-123', + _source: { + test: '123', + }, + }, + ]; + expect( + deconflictSignalsAndResults({ logger, querySignals, signals: [] }) + ).toEqual(querySignals); + }); + + test('given a single signal and an empty query result it returns the query result in the array', () => { + const signals: Array> = [ + { + _id: 'id-123', + _index: 'index-123', + _source: { + test: '123', + }, + }, + ]; + expect( + deconflictSignalsAndResults({ logger, querySignals: [], signals }) + ).toEqual(signals); + }); + + test('given a signal and a different query result it returns both combined together', () => { + const querySignals: Array> = [ + { + _id: 'id-123', + _index: 'index-123', + _source: { + test: '123', + }, + }, + ]; + const signals: Array> = [ + { + _id: 'id-789', + _index: 'index-456', + _source: { + test: '456', + }, + }, + ]; + expect(deconflictSignalsAndResults({ logger, querySignals, signals })).toEqual([ + ...signals, + ...querySignals, + ]); + }); + + test('given a duplicate in querySignals it returns both combined together without the duplicate', () => { + const querySignals: Array> = [ + { + _id: 'id-123', + _index: 'index-123', // This should only show up once and not be duplicated twice + _source: { + test: '123', + }, + }, + { + _index: 'index-890', + _id: 'id-890', + _source: { + test: '890', + }, + }, + ]; + const signals: Array> = [ + { + _id: 'id-123', // This should only show up once and not be duplicated twice + _index: 'index-123', + _source: { + test: '123', + }, + }, + { + _id: 'id-789', + _index: 'index-456', + _source: { + test: '456', + }, + }, + ]; + expect(deconflictSignalsAndResults({ logger, querySignals, signals })).toEqual([ + { + _id: 'id-123', + _index: 'index-123', + _source: { + test: '123', + }, + }, + { + _id: 'id-789', + _index: 'index-456', + _source: { + test: '456', + }, + }, + { + _id: 'id-890', + _index: 'index-890', + _source: { + test: '890', + }, + }, + ]); + }); + + test('given a duplicate in signals it returns both combined together without the duplicate', () => { + const signals: Array> = [ + { + _id: 'id-123', + _index: 'index-123', // This should only show up once and not be duplicated twice + _source: { + test: '123', + }, + }, + { + _index: 'index-890', + _id: 'id-890', + _source: { + test: '890', + }, + }, + ]; + const querySignals: Array> = [ + { + _id: 'id-123', // This should only show up once and not be duplicated twice + _index: 'index-123', + _source: { + test: '123', + }, + }, + { + _id: 'id-789', + _index: 'index-456', + _source: { + test: '456', + }, + }, + ]; + expect(deconflictSignalsAndResults({ logger, querySignals, signals })).toEqual([ + { + _id: 'id-123', + _index: 'index-123', + _source: { test: '123' }, + }, + { + _id: 'id-890', + _index: 'index-890', + _source: { test: '890' }, + }, + { + _id: 'id-789', + _index: 'index-456', + _source: { test: '456' }, + }, + ]); + }); + + test('does not give a duplicate in signals if they are only different by their index', () => { + const signals: Array> = [ + { + _id: 'id-123', + _index: 'index-123-a', // This is only different by index + _source: { + test: '123', + }, + }, + { + _index: 'index-890', + _id: 'id-890', + _source: { + test: '890', + }, + }, + ]; + const querySignals: Array> = [ + { + _id: 'id-123', // This is only different by index + _index: 'index-123-b', + _source: { + test: '123', + }, + }, + { + _id: 'id-789', + _index: 'index-456', + _source: { + test: '456', + }, + }, + ]; + expect(deconflictSignalsAndResults({ logger, querySignals, signals })).toEqual([ + ...signals, + ...querySignals, + ]); + }); + + test('it logs a debug statement when it sees a duplicate and returns nothing if both are identical', () => { + const querySignals: Array> = [ + { + _id: 'id-123', + _index: 'index-123', + _source: { + test: '123', + }, + }, + ]; + const signals: Array> = [ + { + _id: 'id-123', + _index: 'index-123', + _source: { + test: '456', + }, + }, + ]; + expect(deconflictSignalsAndResults({ logger, querySignals, signals })).toEqual([ + { + _id: 'id-123', + _index: 'index-123', + _source: { + test: '456', + }, + }, + ]); + expect(logger.debug).toHaveBeenCalledWith( + 'Notification throttle removing duplicate signal and query result found of "_id": id-123, "_index": index-123' + ); + }); + + test('it logs an error statement if it sees a signal missing an "_id" for an uncommon reason and returns both documents', () => { + const querySignals: Array> = [ + { + _id: 'id-123', + _index: 'index-123', + _source: { + test: '123', + }, + }, + ]; + const signals: unknown[] = [ + { + _index: 'index-123', + _source: { + test: '456', + }, + }, + ]; + expect(deconflictSignalsAndResults({ logger, querySignals, signals })).toEqual([ + ...signals, + ...querySignals, + ]); + expect(logger.error).toHaveBeenCalledWith( + 'Notification throttle cannot determine if we can de-conflict as either the passed in signal or the results query has a null value for either "_id" or "_index". Expect possible duplications in your alerting actions. Passed in signals "_id": undefined. Passed in signals "_index": index-123. Passed in query "result._id": id-123. Passed in query "result._index": index-123.' + ); + }); + + test('it logs an error statement if it sees a signal missing a "_index" for an uncommon reason and returns both documents', () => { + const querySignals: Array> = [ + { + _id: 'id-123', + _index: 'index-123', + _source: { + test: '123', + }, + }, + ]; + const signals: unknown[] = [ + { + _id: 'id-123', + _source: { + test: '456', + }, + }, + ]; + expect(deconflictSignalsAndResults({ logger, querySignals, signals })).toEqual([ + ...signals, + ...querySignals, + ]); + expect(logger.error).toHaveBeenCalledWith( + 'Notification throttle cannot determine if we can de-conflict as either the passed in signal or the results query has a null value for either "_id" or "_index". Expect possible duplications in your alerting actions. Passed in signals "_id": id-123. Passed in signals "_index": undefined. Passed in query "result._id": id-123. Passed in query "result._index": index-123.' + ); + }); + + test('it logs an error statement if it sees a querySignals missing an "_id" for an uncommon reason and returns both documents', () => { + const querySignals: Array> = [ + { + _index: 'index-123', + _source: { + test: '123', + }, + }, + ] as unknown[] as Array>; + const signals: unknown[] = [ + { + _id: 'id-123', + _index: 'index-123', + _source: { + test: '456', + }, + }, + ]; + expect(deconflictSignalsAndResults({ logger, querySignals, signals })).toEqual([ + ...signals, + ...querySignals, + ]); + expect(logger.error).toHaveBeenCalledWith( + 'Notification throttle cannot determine if we can de-conflict as either the passed in signal or the results query has a null value for either "_id" or "_index". Expect possible duplications in your alerting actions. Passed in signals "_id": id-123. Passed in signals "_index": index-123. Passed in query "result._id": undefined. Passed in query "result._index": index-123.' + ); + }); + + test('it logs an error statement if it sees a querySignals missing a "_index" for an uncommon reason and returns both documents', () => { + const querySignals: Array> = [ + { + _id: 'id-123', + _source: { + test: '123', + }, + }, + ] as unknown[] as Array>; + const signals: unknown[] = [ + { + _id: 'id-123', + _index: 'index-123', + _source: { + test: '456', + }, + }, + ]; + expect(deconflictSignalsAndResults({ logger, querySignals, signals })).toEqual([ + ...signals, + ...querySignals, + ]); + expect(logger.error).toHaveBeenCalledWith( + 'Notification throttle cannot determine if we can de-conflict as either the passed in signal or the results query has a null value for either "_id" or "_index". Expect possible duplications in your alerting actions. Passed in signals "_id": id-123. Passed in signals "_index": index-123. Passed in query "result._id": id-123. Passed in query "result._index": undefined.' + ); + }); }); }); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.ts index 4c4bac7da6a62ac..c8fc6febe4d0f8f 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.ts @@ -5,7 +5,9 @@ * 2.0. */ +import { Logger } from 'src/core/server'; import { APP_PATH } from '../../../../common/constants'; +import { SignalSearchResponse } from '../signals/types'; export const getNotificationResultsLink = ({ kibanaSiemAppUrl = APP_PATH, @@ -22,3 +24,54 @@ export const getNotificationResultsLink = ({ return `${kibanaSiemAppUrl}/detections/rules/id/${id}?timerange=(global:(linkTo:!(timeline),timerange:(from:${from},kind:absolute,to:${to})),timeline:(linkTo:!(global),timerange:(from:${from},kind:absolute,to:${to})))`; }; + +interface DeconflictOptions { + signals: unknown[]; + querySignals: SignalSearchResponse['hits']['hits']; + logger: Logger; +} + +/** + * Given a signals array of unknown that at least has a '_id' and '_index' this will deconflict it with a results. + * @param signals The signals array to deconflict with results + * @param results The results to deconflict with the signals + * @param logger The logger to log results + */ +export const deconflictSignalsAndResults = ({ + signals, + querySignals, + logger, +}: DeconflictOptions): unknown[] => { + const querySignalsFiltered = querySignals.filter((result) => { + return !signals.find((signal) => { + const { _id, _index } = signal as { _id?: string; _index?: string }; + if (_id == null || _index == null || result._id == null || result._index == null) { + logger.error( + [ + 'Notification throttle cannot determine if we can de-conflict as either the passed in signal or the results query has a null value for either "_id" or "_index".', + ' Expect possible duplications in your alerting actions.', + ` Passed in signals "_id": ${_id}.`, + ` Passed in signals "_index": ${_index}.`, + ` Passed in query "result._id": ${result._id}.`, + ` Passed in query "result._index": ${result._index}.`, + ].join('') + ); + return false; + } else { + if (result._id === _id && result._index === _index) { + logger.debug( + [ + 'Notification throttle removing duplicate signal and query result found of', + ` "_id": ${_id},`, + ` "_index": ${_index}`, + ].join('') + ); + return true; + } else { + return false; + } + } + }); + }); + return [...signals, ...querySignalsFiltered]; +}; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/create_security_rule_type_wrapper.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/create_security_rule_type_wrapper.ts index 77981d92b2ba7d5..0ad416e86e31a7d 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/create_security_rule_type_wrapper.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/create_security_rule_type_wrapper.ts @@ -111,6 +111,12 @@ export const createSecurityRuleTypeWrapper: CreateSecurityRuleTypeWrapper = let result = createResultObject(state); + const notificationRuleParams: NotificationRuleTypeParams = { + ...params, + name: name as string, + id: ruleSO.id as string, + } as unknown as NotificationRuleTypeParams; + // check if rule has permissions to access given index pattern // move this collection of lines into a function in utils // so that we can use it in create rules route, bulk, etc. @@ -296,12 +302,6 @@ export const createSecurityRuleTypeWrapper: CreateSecurityRuleTypeWrapper = const createdSignalsCount = result.createdSignals.length; if (actions.length) { - const notificationRuleParams: NotificationRuleTypeParams = { - ...params, - name: name as string, - id: ruleSO.id as string, - } as unknown as NotificationRuleTypeParams; - const fromInMs = parseScheduleDates(`now-${interval}`)?.format('x'); const toInMs = parseScheduleDates('now')?.format('x'); const resultsLink = getNotificationResultsLink({ @@ -328,6 +328,8 @@ export const createSecurityRuleTypeWrapper: CreateSecurityRuleTypeWrapper = ruleId, esClient: services.scopedClusterClient.asCurrentUser, notificationRuleParams, + signals: result.createdSignals, + logger, }); } else if (createdSignalsCount) { const alertInstance = services.alertInstanceFactory(alertId); @@ -372,6 +374,21 @@ export const createSecurityRuleTypeWrapper: CreateSecurityRuleTypeWrapper = ) ); } else { + // NOTE: Since this is throttled we have to call it even on an error condition, otherwise it will "reset" the throttle and fire early + await scheduleThrottledNotificationActions({ + alertInstance: services.alertInstanceFactory(alertId), + throttle: ruleSO.attributes.throttle, + startedAt, + id: ruleSO.id, + kibanaSiemAppUrl: (meta as { kibana_siem_app_url?: string } | undefined) + ?.kibana_siem_app_url, + outputIndex: ruleDataClient.indexName, + ruleId, + esClient: services.scopedClusterClient.asCurrentUser, + notificationRuleParams, + signals: result.createdSignals, + logger, + }); const errorMessage = buildRuleMessage( 'Bulk Indexing of signals failed:', truncateMessageList(result.errors).join() @@ -389,6 +406,22 @@ export const createSecurityRuleTypeWrapper: CreateSecurityRuleTypeWrapper = }); } } catch (error) { + // NOTE: Since this is throttled we have to call it even on an error condition, otherwise it will "reset" the throttle and fire early + await scheduleThrottledNotificationActions({ + alertInstance: services.alertInstanceFactory(alertId), + throttle: ruleSO.attributes.throttle, + startedAt, + id: ruleSO.id, + kibanaSiemAppUrl: (meta as { kibana_siem_app_url?: string } | undefined) + ?.kibana_siem_app_url, + outputIndex: ruleDataClient.indexName, + ruleId, + esClient: services.scopedClusterClient.asCurrentUser, + notificationRuleParams, + signals: result.createdSignals, + logger, + }); + const errorMessage = error.message ?? '(no error message given)'; const message = buildRuleMessage( 'An error occurred during rule execution:', diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts index c2923b566175e38..88b276358a705ff 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts @@ -35,6 +35,7 @@ import { allowedExperimentalValues } from '../../../../common/experimental_featu import { scheduleNotificationActions } from '../notifications/schedule_notification_actions'; import { ruleExecutionLogClientMock } from '../rule_execution_log/__mocks__/rule_execution_log_client'; import { RuleExecutionStatus } from '../../../../common/detection_engine/schemas/common/schemas'; +import { scheduleThrottledNotificationActions } from '../notifications/schedule_throttle_notification_actions'; import { eventLogServiceMock } from '../../../../../event_log/server/mocks'; import { createMockConfig } from '../routes/__mocks__'; @@ -58,7 +59,7 @@ jest.mock('@kbn/securitysolution-io-ts-utils', () => { parseScheduleDates: jest.fn(), }; }); - +jest.mock('../notifications/schedule_throttle_notification_actions'); const mockRuleExecutionLogClient = ruleExecutionLogClientMock.create(); jest.mock('../rule_execution_log/rule_execution_log_client', () => ({ @@ -200,6 +201,7 @@ describe('signal_rule_alert_type', () => { }); mockRuleExecutionLogClient.logStatusChange.mockClear(); + (scheduleThrottledNotificationActions as jest.Mock).mockClear(); }); describe('executor', () => { @@ -520,5 +522,28 @@ describe('signal_rule_alert_type', () => { }) ); }); + + it('should call scheduleThrottledNotificationActions if result is false to prevent the throttle from being reset', async () => { + const result: SearchAfterAndBulkCreateReturnType = { + success: false, + warning: false, + searchAfterTimes: [], + bulkCreateTimes: [], + lastLookBackDate: null, + createdSignalsCount: 0, + createdSignals: [], + warningMessages: [], + errors: ['Error that bubbled up.'], + }; + (queryExecutor as jest.Mock).mockResolvedValue(result); + await alert.executor(payload); + expect(scheduleThrottledNotificationActions).toHaveBeenCalledTimes(1); + }); + + it('should call scheduleThrottledNotificationActions if an error was thrown to prevent the throttle from being reset', async () => { + (queryExecutor as jest.Mock).mockRejectedValue({}); + await alert.executor(payload); + expect(scheduleThrottledNotificationActions).toHaveBeenCalledTimes(1); + }); }); }); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.ts index 2094264cbf15f8d..4e98bee83aeb500 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/signal_rule_alert_type.ts @@ -172,6 +172,12 @@ export const signalRulesAlertType = ({ newStatus: RuleExecutionStatus['going to run'], }); + const notificationRuleParams: NotificationRuleTypeParams = { + ...params, + name, + id: savedObject.id, + }; + // check if rule has permissions to access given index pattern // move this collection of lines into a function in utils // so that we can use it in create rules route, bulk, etc. @@ -396,12 +402,6 @@ export const signalRulesAlertType = ({ if (result.success) { if (actions.length) { - const notificationRuleParams: NotificationRuleTypeParams = { - ...params, - name, - id: savedObject.id, - }; - const fromInMs = parseScheduleDates(`now-${interval}`)?.format('x'); const toInMs = parseScheduleDates('now')?.format('x'); const resultsLink = getNotificationResultsLink({ @@ -426,8 +426,10 @@ export const signalRulesAlertType = ({ ?.kibana_siem_app_url, outputIndex, ruleId, + signals: result.createdSignals, esClient: services.scopedClusterClient.asCurrentUser, notificationRuleParams, + logger, }); } else if (result.createdSignalsCount) { const alertInstance = services.alertInstanceFactory(alertId); @@ -471,6 +473,22 @@ export const signalRulesAlertType = ({ ) ); } else { + // NOTE: Since this is throttled we have to call it even on an error condition, otherwise it will "reset" the throttle and fire early + await scheduleThrottledNotificationActions({ + alertInstance: services.alertInstanceFactory(alertId), + throttle: savedObject.attributes.throttle, + startedAt, + id: savedObject.id, + kibanaSiemAppUrl: (meta as { kibana_siem_app_url?: string } | undefined) + ?.kibana_siem_app_url, + outputIndex, + ruleId, + signals: result.createdSignals, + esClient: services.scopedClusterClient.asCurrentUser, + notificationRuleParams, + logger, + }); + const errorMessage = buildRuleMessage( 'Bulk Indexing of signals failed:', truncateMessageList(result.errors).join() @@ -488,6 +506,21 @@ export const signalRulesAlertType = ({ }); } } catch (error) { + // NOTE: Since this is throttled we have to call it even on an error condition, otherwise it will "reset" the throttle and fire early + await scheduleThrottledNotificationActions({ + alertInstance: services.alertInstanceFactory(alertId), + throttle: savedObject.attributes.throttle, + startedAt, + id: savedObject.id, + kibanaSiemAppUrl: (meta as { kibana_siem_app_url?: string } | undefined) + ?.kibana_siem_app_url, + outputIndex, + ruleId, + signals: result.createdSignals, + esClient: services.scopedClusterClient.asCurrentUser, + notificationRuleParams, + logger, + }); const errorMessage = error.message ?? '(no error message given)'; const message = buildRuleMessage( 'An error occurred during rule execution:', From 95e412b4a139b8fc4a92a2669e34a54810a37aae Mon Sep 17 00:00:00 2001 From: Frank Hassanabad Date: Fri, 15 Oct 2021 18:37:36 -0600 Subject: [PATCH 02/50] Fixes migration bug where I was deleting attributes (#115098) ## Summary During the work here: https://github.com/elastic/kibana/pull/113577 I accidentally have introduced a bug where on migration I was deleting the attributes of `ruleThrottle` and `alertThrottle` because I was not using splat correctly. Added unit and e2e tests to fix this. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --- .../rule_actions/legacy_migrations.test.ts | 4 ++++ .../rule_actions/legacy_migrations.ts | 2 +- .../security_and_spaces/tests/migrations.ts | 21 +++++++++++++++++++ 3 files changed, 26 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_actions/legacy_migrations.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_actions/legacy_migrations.test.ts index 8414aa93c798446..7dd05c5122a61c1 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_actions/legacy_migrations.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_actions/legacy_migrations.test.ts @@ -20,6 +20,8 @@ describe('legacy_migrations', () => { test('it migrates both a "ruleAlertId" and a actions array with 1 element into the references array', () => { const doc = { attributes: { + ruleThrottle: '1d', + alertThrottle: '1d', ruleAlertId: '123', actions: [ { @@ -37,6 +39,8 @@ describe('legacy_migrations', () => { ) ).toEqual({ attributes: { + ruleThrottle: '1d', + alertThrottle: '1d', actions: [ { actionRef: 'action_0', diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_actions/legacy_migrations.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_actions/legacy_migrations.ts index 8a52d3a13f0654d..aa85898e94a3320 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_actions/legacy_migrations.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_actions/legacy_migrations.ts @@ -245,7 +245,7 @@ export const legacyMigrateRuleAlertId = ( return { ...doc, attributes: { - ...attributesWithoutRuleAlertId.attributes, + ...attributesWithoutRuleAlertId, actions: actionsWithRef, }, references: [...existingReferences, ...alertReferences, ...actionsReferences], diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts index d25fb5bfa5899fc..4c0f21df8c0ffee 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts @@ -65,6 +65,27 @@ export default ({ getService }: FtrProviderContext): void => { undefined ); }); + + it('migrates legacy siem-detection-engine-rule-actions and retains "ruleThrottle" and "alertThrottle" as the same attributes as before', async () => { + const response = await es.get<{ + 'siem-detection-engine-rule-actions': { + ruleThrottle: string; + alertThrottle: string; + }; + }>({ + index: '.kibana', + id: 'siem-detection-engine-rule-actions:fce024a0-0452-11ec-9b15-d13d79d162f3', + }); + expect(response.statusCode).to.eql(200); + + // "alertThrottle" and "ruleThrottle" should still exist + expect(response.body._source?.['siem-detection-engine-rule-actions'].alertThrottle).to.eql( + '7d' + ); + expect(response.body._source?.['siem-detection-engine-rule-actions'].ruleThrottle).to.eql( + '7d' + ); + }); }); }); }; From bf17898753cc05b778870e09d075a2bd1be95109 Mon Sep 17 00:00:00 2001 From: Frank Hassanabad Date: Fri, 15 Oct 2021 18:38:00 -0600 Subject: [PATCH 03/50] one line remove assert (#115127) ## Summary Removes one liner non-null-assert. Instead of this line: ```ts if (rule != null && spacesApi && outcome === 'conflict') { ``` We just check using the `?` operator and type narrowing to remove the possibility of an error ```ts if (rule?.alias_target_id != null && spacesApi && rule.outcome === 'conflict') { ``` The `rule?.alias_target_id != null` ensures that both `rule` and `alias_target_id` are not `null/undefined` --- .../pages/detection_engine/rules/details/index.tsx | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx index 7167b07c7da5d43..774b9463bed6954 100644 --- a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx +++ b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx @@ -300,10 +300,8 @@ const RuleDetailsPageComponent: React.FC = ({ }, [rule, spacesApi]); const getLegacyUrlConflictCallout = useMemo(() => { - const outcome = rule?.outcome; - if (rule != null && spacesApi && outcome === 'conflict') { - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion - const aliasTargetId = rule?.alias_target_id!; // This is always defined if outcome === 'conflict' + if (rule?.alias_target_id != null && spacesApi && rule.outcome === 'conflict') { + const aliasTargetId = rule.alias_target_id; // We have resolved to one rule, but there is another one with a legacy URL associated with this page. Display a // callout with a warning for the user, and provide a way for them to navigate to the other rule. const otherRulePath = `rules/id/${aliasTargetId}${window.location.search}${window.location.hash}`; From d98bf0c2452f711f8c180e618dec4c47be6e5ffc Mon Sep 17 00:00:00 2001 From: Jonathan Budzenski Date: Fri, 15 Oct 2021 20:21:41 -0500 Subject: [PATCH 04/50] skip flaky suite. #115130 --- .../functional/apps/monitoring/elasticsearch/node_detail.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/test/functional/apps/monitoring/elasticsearch/node_detail.js b/x-pack/test/functional/apps/monitoring/elasticsearch/node_detail.js index 6b1658dd9ed0ed4..07fda7a143a9911 100644 --- a/x-pack/test/functional/apps/monitoring/elasticsearch/node_detail.js +++ b/x-pack/test/functional/apps/monitoring/elasticsearch/node_detail.js @@ -14,7 +14,8 @@ export default function ({ getService, getPageObjects }) { const nodesList = getService('monitoringElasticsearchNodes'); const nodeDetail = getService('monitoringElasticsearchNodeDetail'); - describe('Elasticsearch node detail', () => { + // FLAKY https://github.com/elastic/kibana/issues/115130 + describe.skip('Elasticsearch node detail', () => { describe('Active Nodes', () => { const { setup, tearDown } = getLifecycleMethods(getService, getPageObjects); From 16320cc249d5fd4df3255cbe8b2b499bfdd52d5a Mon Sep 17 00:00:00 2001 From: Andrew Goldstein Date: Sat, 16 Oct 2021 12:44:19 -0600 Subject: [PATCH 05/50] [Security Solution] Restores Alerts table local storage persistence and the Remove Column action (#114742) ## [Security Solution] Restores Alerts table local storage persistence and the Remove Column action This PR implements the following changes summarized below to address , as proposed [here](https://github.com/elastic/kibana/issues/113090#issuecomment-935143690): - Configures the `Columns` popover to be consistent with `Discover` - Changes the `Hide column` action to `Remove column`, to be consistent with `Discover` - Persists updates to the `Columns` popover order in `local storage` - Restores the feature to persist column widths in `local storage` ### Configures the `Columns` popover to be consistent with `Discover` - We now pass `false` to the `allowHide` [EuiDataGrid API](https://elastic.github.io/eui/#/tabular-content/data-grid): ![allow_hide](https://user-images.githubusercontent.com/4459398/136114714-02f25b97-86af-47e5-9adc-1177d5a2c715.png) This makes all `EuiDataGrid`-based views in the Security Solution consistent with `Discover`'s use of the `EuiDataGrid` `Columns` popover. In `7.15`, the `Columns` popover includes the _hide column_ toggle, as shown in the screenshot below: ![alerts_columns_popover_7_15](https://user-images.githubusercontent.com/4459398/136112441-455ddbeb-dea3-4837-81ad-32d6c82c11fe.png) _Above: The `Columns` popover in the `7.15` `Alerts` table_ The `Columns` popover in `Discover`'s `EuiDataGrid`-based table does not display the hide column toggle, as shown the screenshot below: ![columns_popover_discover](https://user-images.githubusercontent.com/4459398/136112856-7e42c822-2260-4759-ac78-5bea63a171c7.png) _Above: The `EuiDataGrid` `Columns` popover in `Discover`, in `master`_ Passing `false` to the `allowHide` [EuiDataGrid API](https://elastic.github.io/eui/#/tabular-content/data-grid) API makes the `Columns` popover in all `EuiDataGrid`-based views in the Security Solution consistent with `Discover`, as illustrated by the screenshot below: ![alerts_columns_popover_no_hide](https://user-images.githubusercontent.com/4459398/136112980-d4219fbd-1443-4612-8cdb-b97bee8b97ef.png) _Above: The `Columns` popover is now consistent with `Discover`_ ## Changes the `Hide column` action to `Remove column`, to be consistent with `Discover` - The `Hide column` action shown in the `7.15` alerts table is changed to `Remove column`, making it consistent with `Discover`'s use of `EuiDataGrid` In `7.15`, the `Alerts` table has a `Hide column` action, as shown in the screenshot below: ![hide_column](https://user-images.githubusercontent.com/4459398/136115681-9e0da144-a981-4352-8092-9368d74cd153.png) _Above: The `Hide Column` action in the `7.15` `Alerts` table_ In `7.15`, clicking the `Hide Column` action shown in the screenshot above hides the column, but does not remove it. In `7.15`, columns may only be removed by un-checking them in the `Fields` browser, or by un-toggling them in the Alerts / Events details popover. Both of those methods require multiple clicks, and require uses to re-find the field in the modal or popover before it may be toggled for removal. In `Discover`, users don't hide columns. In `Discover`, users directly remove columns by clicking the `Remove column` action, shown in the screenshot below: ![discover_remove_column](https://user-images.githubusercontent.com/4459398/136114295-f018a561-f9ee-4ce4-a9c6-0fcd7f71e67b.png) _Above: The `Remove column` action in `Discover`'s use of `EuiDataGrid` in `master`_ All `EuiDataGrid`-based views in the Security Solution were made consistent with `Discover` by replacing the `Hide column` action with `Remove column`, per the screenshot below: ![remove_column_after](https://user-images.githubusercontent.com/4459398/137047582-3c4d6cb0-ac12-4c50-9c34-0c4ef5536550.png) _Above: The `Remove column` action in the Alerts table_ Note: the `Remove column` action shown above appears as the last item in the popover because it's specified via the `EuiDataGrid` `EuiDataGridColumnActions` > `additonal` API, which appends additonal actions to the end of popover, after the built-in actions: ![additional](https://user-images.githubusercontent.com/4459398/137047825-625002b3-5cd6-4b3e-87da-e76dbaf2a827.png) ## Persists updates to the `Columns` popover order in `local storage` - Persist column order updates to `local storage` when users update the order of columns via the `Columns` popover The following PR restored partial support for persisting columns across page refreshes via `local storage`, but the Redux store was not updated when users sort columns via the `Columns` popover, an shown in the animated gif below: ![ordering_via_columns](https://user-images.githubusercontent.com/4459398/136119497-65f76f49-091c-4a45-b8d3-1e5ef80ccbb2.gif) _Above: Ordering via the `Columns` popover is not persisted to `local storage` in `7.15`_ This PR utilizes the `setVisibleColumns` [EuiDataGrid API](https://elastic.github.io/eui/#/tabular-content/data-grid) API as a callback to update Redux when the columns are sorted, which will in-turn update `local storage` to persist the new order across page refreshes: ![setVisibleColumns](https://user-images.githubusercontent.com/4459398/136117249-628bb147-a860-4ccf-811a-0e57a99296fb.png) ## Restores the feature to persist column widths in `local storage` In previous releases, resized column widths were peristed in `local storage` to persist across page refreshes, as documented in : ``` { "detections-page":{ "id":"detections-page", "activeTab":"query", "prevActiveTab":"query", "columns":[ { "category":"base", "columnHeaderType":"not-filtered", "description":"Date/time when the event originated. This is the date/time extracted from the event, typically representing when the event was generated by the source. If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline. Required field for all events.", "example":"2016-05-23T08:05:34.853Z", "id":"@timestamp", "type":"date", "aggregatable":true, "width":190 }, { "category":"cloud", "columnHeaderType":"not-filtered", "description":"The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.", "example":"666777888999", "id":"cloud.account.id", "type":"string", "aggregatable":true, "width":180 }, { "category":"cloud", "columnHeaderType":"not-filtered", "description":"Availability zone in which this host is running.", "example":"us-east-1c", "id":"cloud.availability_zone", "type":"string", "aggregatable":true, "width":180 }, // ... } ], // ... } } ``` _Above: column widths were persisted to `local storage` in previous release, (going at least back to `7.12`)_ In this PR, we utilize the `onColumnResize` [EuiDataGrid API](https://elastic.github.io/eui/#/tabular-content/data-grid) API as a callback to update Redux when the columns are sorted via the `Columns` popover. Updating Redux will in-turn update `local storage`, so resized columns widths will persist across page refreshes: ![onColumnResize](https://user-images.githubusercontent.com/4459398/136120062-3b0bebce-9c44-47fc-9956-48fe07a30f83.png) ### Other changes The Alerts page `Trend` chart and table were updated to include the following additional `Stack by` fields (CC @paulewing): ``` process.name file.name hash.sha256 ``` per the before / after screenshots below: ![alerts-trend-before](https://user-images.githubusercontent.com/4459398/137045011-7da4530b-0259-4fd4-b903-9eee6c26d02f.png) _Above: The Alerts `Trend` Stack by fields in `7.15` (before)_ ![alerts-trend-after](https://user-images.githubusercontent.com/4459398/137045023-d0ae987c-a474-4123-a05b-a6ad2fc52922.png) _Above: The Alerts `Trend` `Stack by` fields (after the addition of the `process.name`, `file.name`, and `hash.sha256` fields)_ CC: @monina-n @paulewing --- .../components/alerts_kpis/common/config.ts | 3 + .../components/alerts_kpis/common/types.ts | 5 +- .../timelines/store/timeline/actions.ts | 2 + .../timeline/epic_local_storage.test.tsx | 33 +++++ .../store/timeline/epic_local_storage.ts | 4 + .../body/column_headers/column_header.tsx | 4 +- .../body/column_headers/helpers.test.tsx | 1 + .../t_grid/body/column_headers/helpers.tsx | 1 + .../body/column_headers/translations.ts | 4 - .../components/t_grid/body/index.test.tsx | 55 +++++++++ .../public/components/t_grid/body/index.tsx | 52 ++++++-- .../timelines/public/store/t_grid/actions.ts | 11 ++ .../public/store/t_grid/helpers.test.tsx | 115 +++++++++++++++++- .../timelines/public/store/t_grid/helpers.ts | 58 +++++++++ .../timelines/public/store/t_grid/reducer.ts | 21 ++++ .../translations/translations/ja-JP.json | 1 - .../translations/translations/zh-CN.json | 1 - 17 files changed, 352 insertions(+), 19 deletions(-) diff --git a/x-pack/plugins/security_solution/public/detections/components/alerts_kpis/common/config.ts b/x-pack/plugins/security_solution/public/detections/components/alerts_kpis/common/config.ts index cb5a23e71197420..a835628fae6cf02 100644 --- a/x-pack/plugins/security_solution/public/detections/components/alerts_kpis/common/config.ts +++ b/x-pack/plugins/security_solution/public/detections/components/alerts_kpis/common/config.ts @@ -19,6 +19,9 @@ export const alertsStackByOptions: AlertsStackByOption[] = [ { text: 'signal.rule.name', value: 'signal.rule.name' }, { text: 'source.ip', value: 'source.ip' }, { text: 'user.name', value: 'user.name' }, + { text: 'process.name', value: 'process.name' }, + { text: 'file.name', value: 'file.name' }, + { text: 'hash.sha256', value: 'hash.sha256' }, ]; export const DEFAULT_STACK_BY_FIELD = 'signal.rule.name'; diff --git a/x-pack/plugins/security_solution/public/detections/components/alerts_kpis/common/types.ts b/x-pack/plugins/security_solution/public/detections/components/alerts_kpis/common/types.ts index 833c05bfc7a79bb..f561c3f6faa2179 100644 --- a/x-pack/plugins/security_solution/public/detections/components/alerts_kpis/common/types.ts +++ b/x-pack/plugins/security_solution/public/detections/components/alerts_kpis/common/types.ts @@ -21,4 +21,7 @@ export type AlertsStackByField = | 'signal.rule.type' | 'signal.rule.name' | 'source.ip' - | 'user.name'; + | 'user.name' + | 'process.name' + | 'file.name' + | 'hash.sha256'; diff --git a/x-pack/plugins/security_solution/public/timelines/store/timeline/actions.ts b/x-pack/plugins/security_solution/public/timelines/store/timeline/actions.ts index 3750bc22ddc698b..95ad6c5d44ca358 100644 --- a/x-pack/plugins/security_solution/public/timelines/store/timeline/actions.ts +++ b/x-pack/plugins/security_solution/public/timelines/store/timeline/actions.ts @@ -37,7 +37,9 @@ export const { setSelected, setTGridSelectAll, toggleDetailPanel, + updateColumnOrder, updateColumns, + updateColumnWidth, updateIsLoading, updateItemsPerPage, updateItemsPerPageOptions, diff --git a/x-pack/plugins/security_solution/public/timelines/store/timeline/epic_local_storage.test.tsx b/x-pack/plugins/security_solution/public/timelines/store/timeline/epic_local_storage.test.tsx index 01bc589393d2e0c..131f255b5a7a7b0 100644 --- a/x-pack/plugins/security_solution/public/timelines/store/timeline/epic_local_storage.test.tsx +++ b/x-pack/plugins/security_solution/public/timelines/store/timeline/epic_local_storage.test.tsx @@ -25,7 +25,9 @@ import { removeColumn, upsertColumn, applyDeltaToColumnWidth, + updateColumnOrder, updateColumns, + updateColumnWidth, updateItemsPerPage, updateSort, } from './actions'; @@ -168,4 +170,35 @@ describe('epicLocalStorage', () => { ); await waitFor(() => expect(addTimelineInStorageMock).toHaveBeenCalled()); }); + + it('persists updates to the column order to local storage', async () => { + shallow( + + + + ); + store.dispatch( + updateColumnOrder({ + columnIds: ['event.severity', '@timestamp', 'event.category'], + id: 'test', + }) + ); + await waitFor(() => expect(addTimelineInStorageMock).toHaveBeenCalled()); + }); + + it('persists updates to the column width to local storage', async () => { + shallow( + + + + ); + store.dispatch( + updateColumnWidth({ + columnId: 'event.severity', + id: 'test', + width: 123, + }) + ); + await waitFor(() => expect(addTimelineInStorageMock).toHaveBeenCalled()); + }); }); diff --git a/x-pack/plugins/security_solution/public/timelines/store/timeline/epic_local_storage.ts b/x-pack/plugins/security_solution/public/timelines/store/timeline/epic_local_storage.ts index 9a889e9ec1af855..6c4ebf91b7adf7d 100644 --- a/x-pack/plugins/security_solution/public/timelines/store/timeline/epic_local_storage.ts +++ b/x-pack/plugins/security_solution/public/timelines/store/timeline/epic_local_storage.ts @@ -19,6 +19,8 @@ import { applyDeltaToColumnWidth, setExcludedRowRendererIds, updateColumns, + updateColumnOrder, + updateColumnWidth, updateItemsPerPage, updateSort, } from './actions'; @@ -30,6 +32,8 @@ const timelineActionTypes = [ upsertColumn.type, applyDeltaToColumnWidth.type, updateColumns.type, + updateColumnOrder.type, + updateColumnWidth.type, updateItemsPerPage.type, updateSort.type, setExcludedRowRendererIds.type, diff --git a/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/column_header.tsx b/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/column_header.tsx index 033292711c5aff7..4e6db10cc8bce70 100644 --- a/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/column_header.tsx +++ b/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/column_header.tsx @@ -161,8 +161,8 @@ const ColumnHeaderComponent: React.FC = ({ id: 0, items: [ { - icon: , - name: i18n.HIDE_COLUMN, + icon: , + name: i18n.REMOVE_COLUMN, onClick: () => { dispatch(tGridActions.removeColumn({ id: timelineId, columnId: header.id })); handleClosePopOverTrigger(); diff --git a/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/helpers.test.tsx b/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/helpers.test.tsx index 2e684b9eda9892b..47fcb8c8e150957 100644 --- a/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/helpers.test.tsx +++ b/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/helpers.test.tsx @@ -98,6 +98,7 @@ describe('helpers', () => { describe('getColumnHeaders', () => { // additional properties used by `EuiDataGrid`: const actions = { + showHide: false, showSortAsc: true, showSortDesc: true, }; diff --git a/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/helpers.tsx b/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/helpers.tsx index c658000e6d33119..66ec3ec1c399fe1 100644 --- a/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/helpers.tsx +++ b/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/helpers.tsx @@ -27,6 +27,7 @@ import { allowSorting } from '../helpers'; const defaultActions: EuiDataGridColumnActions = { showSortAsc: true, showSortDesc: true, + showHide: false, }; const getAllBrowserFields = (browserFields: BrowserFields): Array> => diff --git a/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/translations.ts b/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/translations.ts index 2d4fbcbd54cfa27..202eef8d675b82d 100644 --- a/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/translations.ts +++ b/x-pack/plugins/timelines/public/components/t_grid/body/column_headers/translations.ts @@ -23,10 +23,6 @@ export const FULL_SCREEN = i18n.translate('xpack.timelines.timeline.fullScreenBu defaultMessage: 'Full screen', }); -export const HIDE_COLUMN = i18n.translate('xpack.timelines.timeline.hideColumnLabel', { - defaultMessage: 'Hide column', -}); - export const SORT_AZ = i18n.translate('xpack.timelines.timeline.sortAZLabel', { defaultMessage: 'Sort A-Z', }); diff --git a/x-pack/plugins/timelines/public/components/t_grid/body/index.test.tsx b/x-pack/plugins/timelines/public/components/t_grid/body/index.test.tsx index 50764af3c7f2fc3..5a7ae6e407b0b84 100644 --- a/x-pack/plugins/timelines/public/components/t_grid/body/index.test.tsx +++ b/x-pack/plugins/timelines/public/components/t_grid/body/index.test.tsx @@ -6,9 +6,11 @@ */ import React from 'react'; +import { fireEvent, render, screen } from '@testing-library/react'; import { BodyComponent, StatefulBodyProps } from '.'; import { Sort } from './sort'; +import { REMOVE_COLUMN } from './column_headers/translations'; import { Direction } from '../../../../common/search_strategy'; import { useMountAppended } from '../../utils/use_mount_appended'; import { defaultHeaders, mockBrowserFields, mockTimelineData, TestProviders } from '../../../mock'; @@ -273,4 +275,57 @@ describe('Body', () => { .find((c) => c.id === 'signal.rule.risk_score')?.cellActions ).toBeUndefined(); }); + + test('it does NOT render switches for hiding columns in the `EuiDataGrid` `Columns` popover', async () => { + render( + + + + ); + + // Click the `EuidDataGrid` `Columns` button to open the popover: + fireEvent.click(screen.getByTestId('dataGridColumnSelectorButton')); + + // `EuiDataGrid` renders switches for hiding in the `Columns` popover when `showColumnSelector.allowHide` is `true` + const switches = await screen.queryAllByRole('switch'); + + expect(switches.length).toBe(0); // no switches are rendered, because `allowHide` is `false` + }); + + test('it dispatches the `REMOVE_COLUMN` action when a user clicks `Remove column` in the column header popover', async () => { + render( + + + + ); + + // click the `@timestamp` column header to display the popover + fireEvent.click(screen.getByText('@timestamp')); + + // click the `Remove column` action in the popover + fireEvent.click(await screen.getByText(REMOVE_COLUMN)); + + expect(mockDispatch).toBeCalledWith({ + payload: { columnId: '@timestamp', id: 'timeline-test' }, + type: 'x-pack/timelines/t-grid/REMOVE_COLUMN', + }); + }); + + test('it dispatches the `UPDATE_COLUMN_WIDTH` action when a user resizes a column', async () => { + render( + + + + ); + + // simulate resizing the column + fireEvent.mouseDown(screen.getAllByTestId('dataGridColumnResizer')[0]); + fireEvent.mouseMove(screen.getAllByTestId('dataGridColumnResizer')[0]); + fireEvent.mouseUp(screen.getAllByTestId('dataGridColumnResizer')[0]); + + expect(mockDispatch).toBeCalledWith({ + payload: { columnId: '@timestamp', id: 'timeline-test', width: NaN }, + type: 'x-pack/timelines/t-grid/UPDATE_COLUMN_WIDTH', + }); + }); }); diff --git a/x-pack/plugins/timelines/public/components/t_grid/body/index.tsx b/x-pack/plugins/timelines/public/components/t_grid/body/index.tsx index 619571a0c8e81e4..9e43c16fd5e6ff1 100644 --- a/x-pack/plugins/timelines/public/components/t_grid/body/index.tsx +++ b/x-pack/plugins/timelines/public/components/t_grid/body/index.tsx @@ -75,6 +75,7 @@ import { ViewSelection } from '../event_rendered_view/selector'; import { EventRenderedView } from '../event_rendered_view'; import { useDataGridHeightHack } from './height_hack'; import { Filter } from '../../../../../../../src/plugins/data/public'; +import { REMOVE_COLUMN } from './column_headers/translations'; const StatefulAlertStatusBulkActions = lazy( () => import('../toolbar/bulk_actions/alert_status_bulk_actions') @@ -497,7 +498,7 @@ export const BodyComponent = React.memo( showFullScreenSelector: false, } : { - showColumnSelector: { allowHide: true, allowReorder: true }, + showColumnSelector: { allowHide: false, allowReorder: true }, showSortSelector: true, showFullScreenSelector: true, }), @@ -559,13 +560,32 @@ export const BodyComponent = React.memo( [columnHeaders, dispatch, id, loadPage] ); - const [visibleColumns, setVisibleColumns] = useState(() => - columnHeaders.map(({ id: cid }) => cid) - ); // initializes to the full set of columns + const visibleColumns = useMemo(() => columnHeaders.map(({ id: cid }) => cid), [columnHeaders]); // the full set of columns - useEffect(() => { - setVisibleColumns(columnHeaders.map(({ id: cid }) => cid)); - }, [columnHeaders]); + const onColumnResize = useCallback( + ({ columnId, width }: { columnId: string; width: number }) => { + dispatch( + tGridActions.updateColumnWidth({ + columnId, + id, + width, + }) + ); + }, + [dispatch, id] + ); + + const onSetVisibleColumns = useCallback( + (newVisibleColumns: string[]) => { + dispatch( + tGridActions.updateColumnOrder({ + columnIds: newVisibleColumns, + id, + }) + ); + }, + [dispatch, id] + ); const setEventsLoading = useCallback( ({ eventIds, isLoading: loading }) => { @@ -654,6 +674,19 @@ export const BodyComponent = React.memo( return { ...header, + actions: { + ...header.actions, + additional: [ + { + iconType: 'cross', + label: REMOVE_COLUMN, + onClick: () => { + dispatch(tGridActions.removeColumn({ id, columnId: header.id })); + }, + size: 'xs', + }, + ], + }, ...(hasCellActions(header.id) ? { cellActions: @@ -663,7 +696,7 @@ export const BodyComponent = React.memo( : {}), }; }), - [columnHeaders, defaultCellActions, browserFields, data, pageSize, id] + [columnHeaders, defaultCellActions, browserFields, data, pageSize, id, dispatch] ); const renderTGridCellValue = useMemo(() => { @@ -761,7 +794,7 @@ export const BodyComponent = React.memo( data-test-subj="body-data-grid" aria-label={i18n.TGRID_BODY_ARIA_LABEL} columns={columnsWithCellActions} - columnVisibility={{ visibleColumns, setVisibleColumns }} + columnVisibility={{ visibleColumns, setVisibleColumns: onSetVisibleColumns }} gridStyle={gridStyle} leadingControlColumns={leadingTGridControlColumns} trailingControlColumns={trailingTGridControlColumns} @@ -769,6 +802,7 @@ export const BodyComponent = React.memo( rowCount={totalItems} renderCellValue={renderTGridCellValue} sorting={{ columns: sortingColumns, onSort }} + onColumnResize={onColumnResize} pagination={{ pageIndex: activePage, pageSize, diff --git a/x-pack/plugins/timelines/public/store/t_grid/actions.ts b/x-pack/plugins/timelines/public/store/t_grid/actions.ts index a039a236fb1864b..feab12b616c783f 100644 --- a/x-pack/plugins/timelines/public/store/t_grid/actions.ts +++ b/x-pack/plugins/timelines/public/store/t_grid/actions.ts @@ -32,6 +32,17 @@ export const applyDeltaToColumnWidth = actionCreator<{ delta: number; }>('APPLY_DELTA_TO_COLUMN_WIDTH'); +export const updateColumnOrder = actionCreator<{ + columnIds: string[]; + id: string; +}>('UPDATE_COLUMN_ORDER'); + +export const updateColumnWidth = actionCreator<{ + columnId: string; + id: string; + width: number; +}>('UPDATE_COLUMN_WIDTH'); + export type ToggleDetailPanel = TimelineExpandedDetailType & { tabType?: TimelineTabs; timelineId: string; diff --git a/x-pack/plugins/timelines/public/store/t_grid/helpers.test.tsx b/x-pack/plugins/timelines/public/store/t_grid/helpers.test.tsx index 121e5bda78ed8ee..1e1fbe290a11566 100644 --- a/x-pack/plugins/timelines/public/store/t_grid/helpers.test.tsx +++ b/x-pack/plugins/timelines/public/store/t_grid/helpers.test.tsx @@ -7,7 +7,11 @@ import { SortColumnTimeline } from '../../../common'; import { tGridDefaults } from './defaults'; -import { setInitializeTgridSettings } from './helpers'; +import { + setInitializeTgridSettings, + updateTGridColumnOrder, + updateTGridColumnWidth, +} from './helpers'; import { mockGlobalState } from '../../mock/global_state'; import { TGridModelSettings } from '.'; @@ -57,3 +61,112 @@ describe('setInitializeTgridSettings', () => { expect(result).toBe(timelineById); }); }); + +describe('updateTGridColumnOrder', () => { + test('it returns the columns in the new expected order', () => { + const originalIdOrder = defaultTimelineById.test.columns.map((x) => x.id); // ['@timestamp', 'event.severity', 'event.category', '...'] + + // the new order swaps the positions of the first and second columns: + const newIdOrder = [originalIdOrder[1], originalIdOrder[0], ...originalIdOrder.slice(2)]; // ['event.severity', '@timestamp', 'event.category', '...'] + + expect( + updateTGridColumnOrder({ + columnIds: newIdOrder, + id: 'test', + timelineById: defaultTimelineById, + }) + ).toEqual({ + ...defaultTimelineById, + test: { + ...defaultTimelineById.test, + columns: [ + defaultTimelineById.test.columns[1], // event.severity + defaultTimelineById.test.columns[0], // @timestamp + ...defaultTimelineById.test.columns.slice(2), // all remaining columns + ], + }, + }); + }); + + test('it omits unknown column IDs when re-ordering columns', () => { + const originalIdOrder = defaultTimelineById.test.columns.map((x) => x.id); // ['@timestamp', 'event.severity', 'event.category', '...'] + const unknownColumId = 'does.not.exist'; + const newIdOrder = [originalIdOrder[0], unknownColumId, ...originalIdOrder.slice(1)]; // ['@timestamp', 'does.not.exist', 'event.severity', 'event.category', '...'] + + expect( + updateTGridColumnOrder({ + columnIds: newIdOrder, + id: 'test', + timelineById: defaultTimelineById, + }) + ).toEqual({ + ...defaultTimelineById, + test: { + ...defaultTimelineById.test, + }, + }); + }); + + test('it returns an empty collection of columns if none of the new column IDs are found', () => { + const newIdOrder = ['this.id.does.NOT.exist', 'this.id.also.does.NOT.exist']; // all unknown IDs + + expect( + updateTGridColumnOrder({ + columnIds: newIdOrder, + id: 'test', + timelineById: defaultTimelineById, + }) + ).toEqual({ + ...defaultTimelineById, + test: { + ...defaultTimelineById.test, + columns: [], // <-- empty, because none of the new column IDs match the old IDs + }, + }); + }); +}); + +describe('updateTGridColumnWidth', () => { + test("it updates (only) the specified column's width", () => { + const columnId = '@timestamp'; + const width = 1234; + + const expectedUpdatedColumn = { + ...defaultTimelineById.test.columns[0], // @timestamp + initialWidth: width, + }; + + expect( + updateTGridColumnWidth({ + columnId, + id: 'test', + timelineById: defaultTimelineById, + width, + }) + ).toEqual({ + ...defaultTimelineById, + test: { + ...defaultTimelineById.test, + columns: [expectedUpdatedColumn, ...defaultTimelineById.test.columns.slice(1)], + }, + }); + }); + + test('it is a noop if the the specified column is unknown', () => { + const unknownColumId = 'does.not.exist'; + + expect( + updateTGridColumnWidth({ + columnId: unknownColumId, + id: 'test', + timelineById: defaultTimelineById, + width: 90210, + }) + ).toEqual({ + ...defaultTimelineById, + test: { + ...defaultTimelineById.test, + }, + }); + }); +}); diff --git a/x-pack/plugins/timelines/public/store/t_grid/helpers.ts b/x-pack/plugins/timelines/public/store/t_grid/helpers.ts index f7b0d86f88621c6..34de86d32a9b2c0 100644 --- a/x-pack/plugins/timelines/public/store/t_grid/helpers.ts +++ b/x-pack/plugins/timelines/public/store/t_grid/helpers.ts @@ -8,6 +8,7 @@ import { omit, union } from 'lodash/fp'; import { isEmpty } from 'lodash'; +import { EuiDataGridColumn } from '@elastic/eui'; import type { ToggleDetailPanel } from './actions'; import { TGridPersistInput, TimelineById, TimelineId } from './types'; import type { TGridModel, TGridModelSettings } from './model'; @@ -232,6 +233,63 @@ export const applyDeltaToTimelineColumnWidth = ({ }; }; +type Columns = Array< + Pick & ColumnHeaderOptions +>; + +export const updateTGridColumnOrder = ({ + columnIds, + id, + timelineById, +}: { + columnIds: string[]; + id: string; + timelineById: TimelineById; +}): TimelineById => { + const timeline = timelineById[id]; + + const columns = columnIds.reduce((acc, cid) => { + const columnIndex = timeline.columns.findIndex((c) => c.id === cid); + + return columnIndex !== -1 ? [...acc, timeline.columns[columnIndex]] : acc; + }, []); + + return { + ...timelineById, + [id]: { + ...timeline, + columns, + }, + }; +}; + +export const updateTGridColumnWidth = ({ + columnId, + id, + timelineById, + width, +}: { + columnId: string; + id: string; + timelineById: TimelineById; + width: number; +}): TimelineById => { + const timeline = timelineById[id]; + + const columns = timeline.columns.map((x) => ({ + ...x, + initialWidth: x.id === columnId ? width : x.initialWidth, + })); + + return { + ...timelineById, + [id]: { + ...timeline, + columns, + }, + }; +}; + interface UpdateTimelineColumnsParams { id: string; columns: ColumnHeaderOptions[]; diff --git a/x-pack/plugins/timelines/public/store/t_grid/reducer.ts b/x-pack/plugins/timelines/public/store/t_grid/reducer.ts index d29240d5658db6b..d3af1dc4e9b3020 100644 --- a/x-pack/plugins/timelines/public/store/t_grid/reducer.ts +++ b/x-pack/plugins/timelines/public/store/t_grid/reducer.ts @@ -23,7 +23,9 @@ import { setSelected, setTimelineUpdatedAt, toggleDetailPanel, + updateColumnOrder, updateColumns, + updateColumnWidth, updateIsLoading, updateItemsPerPage, updateItemsPerPageOptions, @@ -40,6 +42,8 @@ import { setDeletedTimelineEvents, setLoadingTimelineEvents, setSelectedTimelineEvents, + updateTGridColumnOrder, + updateTGridColumnWidth, updateTimelineColumns, updateTimelineItemsPerPage, updateTimelinePerPageOptions, @@ -91,6 +95,23 @@ export const tGridReducer = reducerWithInitialState(initialTGridState) timelineById: state.timelineById, }), })) + .case(updateColumnOrder, (state, { id, columnIds }) => ({ + ...state, + timelineById: updateTGridColumnOrder({ + columnIds, + id, + timelineById: state.timelineById, + }), + })) + .case(updateColumnWidth, (state, { id, columnId, width }) => ({ + ...state, + timelineById: updateTGridColumnWidth({ + columnId, + id, + timelineById: state.timelineById, + width, + }), + })) .case(removeColumn, (state, { id, columnId }) => ({ ...state, timelineById: removeTimelineColumn({ diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 6a97078082117ee..d67126fdad4bb95 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -24458,7 +24458,6 @@ "xpack.timelines.timeline.fieldTooltip": "フィールド", "xpack.timelines.timeline.flyout.pane.removeColumnButtonLabel": "列を削除", "xpack.timelines.timeline.fullScreenButton": "全画面", - "xpack.timelines.timeline.hideColumnLabel": "列を非表示", "xpack.timelines.timeline.openedAlertFailedToastMessage": "アラートを開けませんでした", "xpack.timelines.timeline.openSelectedTitle": "選択した項目を開く", "xpack.timelines.timeline.properties.timelineToggleButtonAriaLabel": "タイムライン {title} を{isOpen, select, false {開く} true {閉じる} other {切り替える}}", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 6e09814d015cc1f..598a5c24bdee268 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -24874,7 +24874,6 @@ "xpack.timelines.timeline.fieldTooltip": "字段", "xpack.timelines.timeline.flyout.pane.removeColumnButtonLabel": "移除列", "xpack.timelines.timeline.fullScreenButton": "全屏", - "xpack.timelines.timeline.hideColumnLabel": "隐藏列", "xpack.timelines.timeline.openedAlertFailedToastMessage": "无法打开告警", "xpack.timelines.timeline.openedAlertSuccessToastMessage": "已成功打开 {totalAlerts} 个{totalAlerts, plural, other {告警}}。", "xpack.timelines.timeline.openSelectedTitle": "打开所选", From 7d66002da28a0b24b25dd5d6ac7adf88b13e179f Mon Sep 17 00:00:00 2001 From: Jonathan Budzenski Date: Sat, 16 Oct 2021 16:21:58 -0500 Subject: [PATCH 06/50] Bump node to 16.11.1 (#110684) * Bump node to ^16 * fix comment * use jest timers * bump mock-fs * Fix core type errors * Unskipping tests that work on my machine * skip new unhandled promise rejection * Fix Nodejs v16 regression due to https://github.com/nodejs/node/issues/38924 * Fix failing concurrent connections collector test * Fix types after merge from master * update servicenow test * Skip unhandledRejection tests * Skip tests with unhandled promise rejection * Fix discover jest failures * bump node to 16.11.1 * revert timeout increase * skip unhandled promise rejection * rm jest import * skip unhandled promise rejection Co-authored-by: Rudolf Meijering Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Tim Roes --- .ci/Dockerfile | 4 +-- .node-version | 2 +- .nvmrc | 2 +- WORKSPACE.bazel | 12 +++---- config/node.options | 3 ++ package.json | 10 +++--- .../kbn-dev-utils/src/proc_runner/proc.ts | 4 +-- packages/kbn-i18n/BUILD.bazel | 1 + packages/kbn-test/src/jest/run.ts | 14 ++++++++ src/core/server/bootstrap.ts | 2 +- .../environment/environment_service.test.ts | 3 +- .../integration_tests/tracing.test.ts | 2 +- src/core/server/http/http_server.test.ts | 4 +-- src/core/server/http/router/request.ts | 6 ++-- .../http/router/validator/validator.test.ts | 2 +- .../rolling_file_appender.test.ts | 4 +-- .../event_loop_delays_monitor.ts | 4 +-- .../server_collector.test.ts | 4 +++ src/core/server/status/plugins_status.ts | 2 +- src/core/server/status/status_service.ts | 6 ++-- .../build/tasks/patch_native_modules_task.ts | 16 ++++----- .../embeddable/grid/dashboard_grid.test.tsx | 15 ++++++--- .../viewport/dashboard_viewport.test.tsx | 19 +++++++---- .../view_saved_search_action.test.ts | 8 +++++ .../public/services/telemetry_sender.test.ts | 15 +++------ ...ualization_saved_object_migrations.test.ts | 2 +- src/setup_node_env/exit_on_warning.js | 16 +++++++++ .../apm/ftr_e2e/cypress/tasks/es_archiver.ts | 6 ++-- .../document_creation_logic.test.ts | 2 +- .../server/services/epm/registry/requests.ts | 1 - .../home/indices_tab.test.ts | 3 +- .../common/decrypt_job_headers.test.ts | 2 +- .../export_types/csv/execute_job.test.ts | 4 ++- .../public/common/mock/utils.ts | 7 ++-- .../search_exceptions.test.tsx | 1 + .../endpoint_hosts/store/middleware.test.ts | 3 +- .../policy_trusted_apps_layout.test.tsx | 3 +- .../stack_alerts/server/plugin.test.ts | 3 +- .../plugins/uptime/e2e/tasks/es_archiver.ts | 6 ++-- .../fleet_package/custom_fields.test.tsx | 3 +- .../monitor_list_drawer.test.tsx | 1 - .../actions/builtin_action_types/jira.ts | 27 ++------------- .../actions/builtin_action_types/resilient.ts | 27 ++------------- .../builtin_action_types/servicenow_itsm.ts | 27 ++------------- .../builtin_action_types/servicenow_sir.ts | 27 ++------------- .../actions/builtin_action_types/swimlane.ts | 27 ++------------- yarn.lock | 33 ++++++++----------- 47 files changed, 164 insertions(+), 231 deletions(-) diff --git a/.ci/Dockerfile b/.ci/Dockerfile index d3ea74ca38969c8..29ed08c84b23ec3 100644 --- a/.ci/Dockerfile +++ b/.ci/Dockerfile @@ -1,7 +1,7 @@ # NOTE: This Dockerfile is ONLY used to run certain tasks in CI. It is not used to run Kibana or as a distributable. # If you're looking for the Kibana Docker image distributable, please see: src/dev/build/tasks/os_packages/docker_generator/templates/dockerfile.template.ts -ARG NODE_VERSION=14.17.6 +ARG NODE_VERSION=16.11.1 FROM node:${NODE_VERSION} AS base @@ -10,7 +10,7 @@ RUN apt-get update && \ libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 \ libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 \ libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 \ - libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget openjdk-8-jre && \ + libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget openjdk-11-jre && \ rm -rf /var/lib/apt/lists/* RUN curl -sSL https://dl.google.com/linux/linux_signing_key.pub | apt-key add - \ diff --git a/.node-version b/.node-version index 5595ae1aa9e4c9f..141e9a2a2cef03f 100644 --- a/.node-version +++ b/.node-version @@ -1 +1 @@ -14.17.6 +16.11.1 diff --git a/.nvmrc b/.nvmrc index 5595ae1aa9e4c9f..141e9a2a2cef03f 100644 --- a/.nvmrc +++ b/.nvmrc @@ -1 +1 @@ -14.17.6 +16.11.1 diff --git a/WORKSPACE.bazel b/WORKSPACE.bazel index 3ae3f202a3bfd1d..287b376037abebc 100644 --- a/WORKSPACE.bazel +++ b/WORKSPACE.bazel @@ -27,13 +27,13 @@ check_rules_nodejs_version(minimum_version_string = "3.8.0") # we can update that rule. node_repositories( node_repositories = { - "14.17.6-darwin_amd64": ("node-v14.17.6-darwin-x64.tar.gz", "node-v14.17.6-darwin-x64", "e3e4c02240d74fb1dc8a514daa62e5de04f7eaee0bcbca06a366ece73a52ad88"), - "14.17.6-linux_arm64": ("node-v14.17.6-linux-arm64.tar.xz", "node-v14.17.6-linux-arm64", "9c4f3a651e03cd9b5bddd33a80e8be6a6eb15e518513e410bb0852a658699156"), - "14.17.6-linux_s390x": ("node-v14.17.6-linux-s390x.tar.xz", "node-v14.17.6-linux-s390x", "3677f35b97608056013b5368f86eecdb044bdccc1b3976c1d4448736c37b6a0c"), - "14.17.6-linux_amd64": ("node-v14.17.6-linux-x64.tar.xz", "node-v14.17.6-linux-x64", "3bbe4faf356738d88b45be222bf5e858330541ff16bd0d4cfad36540c331461b"), - "14.17.6-windows_amd64": ("node-v14.17.6-win-x64.zip", "node-v14.17.6-win-x64", "b83e9ce542fda7fc519cec6eb24a2575a84862ea4227dedc171a8e0b5b614ac0"), + "16.11.1-darwin_amd64": ("node-v16.11.1-darwin-x64.tar.gz", "node-v16.11.1-darwin-x64", "ba54b8ed504bd934d03eb860fefe991419b4209824280d4274f6a911588b5e45"), + "16.11.1-linux_arm64": ("node-v16.11.1-linux-arm64.tar.xz", "node-v16.11.1-linux-arm64", "083fc51f0ea26de9041aaf9821874651a9fd3b20d1cf57071ce6b523a0436f17"), + "16.11.1-linux_s390x": ("node-v16.11.1-linux-s390x.tar.xz", "node-v16.11.1-linux-s390x", "855b5c83c2ccb05273d50bb04376335c68d47df57f3187cdebe1f22b972d2825"), + "16.11.1-linux_amd64": ("node-v16.11.1-linux-x64.tar.xz", "node-v16.11.1-linux-x64", "493bcc9b660eff983a6de65a0f032eb2717f57207edf74c745bcb86e360310b3"), + "16.11.1-windows_amd64": ("node-v16.11.1-win-x64.zip", "node-v16.11.1-win-x64", "4d3c179b82d42e66e321c3948a4e332ed78592917a69d38b86e3a242d7e62fb7"), }, - node_version = "14.17.6", + node_version = "16.11.1", node_urls = [ "https://nodejs.org/dist/v{version}/{filename}", ], diff --git a/config/node.options b/config/node.options index 2927d1b57671658..2585745249706bd 100644 --- a/config/node.options +++ b/config/node.options @@ -4,3 +4,6 @@ ## max size of old space in megabytes #--max-old-space-size=4096 + +## do not terminate process on unhandled promise rejection + --unhandled-rejections=warn diff --git a/package.json b/package.json index 9341ecd0bae35ae..3254077fd508307 100644 --- a/package.json +++ b/package.json @@ -69,7 +69,7 @@ "url": "https://github.com/elastic/kibana.git" }, "resolutions": { - "**/@types/node": "14.14.44", + "**/@types/node": "16.10.2", "**/chokidar": "^3.4.3", "**/deepmerge": "^4.2.2", "**/fast-deep-equal": "^3.1.1", @@ -87,7 +87,7 @@ "**/underscore": "^1.13.1" }, "engines": { - "node": "14.17.6", + "node": "16.11.1", "yarn": "^1.21.1" }, "dependencies": { @@ -565,12 +565,12 @@ "@types/minimatch": "^2.0.29", "@types/minimist": "^1.2.1", "@types/mocha": "^8.2.0", - "@types/mock-fs": "^4.10.0", + "@types/mock-fs": "^4.13.1", "@types/moment-timezone": "^0.5.12", "@types/mustache": "^0.8.31", "@types/ncp": "^2.0.1", "@types/nock": "^10.0.3", - "@types/node": "14.14.44", + "@types/node": "16.10.2", "@types/node-fetch": "^2.5.7", "@types/node-forge": "^0.10.5", "@types/nodemailer": "^6.4.0", @@ -758,7 +758,7 @@ "mocha-junit-reporter": "^2.0.0", "mochawesome": "^6.2.1", "mochawesome-merge": "^4.2.0", - "mock-fs": "^4.12.0", + "mock-fs": "^5.1.1", "mock-http-server": "1.3.0", "ms-chromium-edge-driver": "^0.4.2", "multimatch": "^4.0.0", diff --git a/packages/kbn-dev-utils/src/proc_runner/proc.ts b/packages/kbn-dev-utils/src/proc_runner/proc.ts index e04a189baf5cdb0..c9a520de6eb4d11 100644 --- a/packages/kbn-dev-utils/src/proc_runner/proc.ts +++ b/packages/kbn-dev-utils/src/proc_runner/proc.ts @@ -131,7 +131,7 @@ export function startProc(name: string, options: ProcOptions, log: ToolingLog) { await withTimeout( async () => { log.debug(`Sending "${signal}" to proc "${name}"`); - await treeKillAsync(childProcess.pid, signal); + await treeKillAsync(childProcess.pid!, signal); await outcomePromise; }, STOP_TIMEOUT, @@ -139,7 +139,7 @@ export function startProc(name: string, options: ProcOptions, log: ToolingLog) { log.warning( `Proc "${name}" was sent "${signal}" didn't emit the "exit" or "error" events after ${STOP_TIMEOUT} ms, sending SIGKILL` ); - await treeKillAsync(childProcess.pid, 'SIGKILL'); + await treeKillAsync(childProcess.pid!, 'SIGKILL'); } ); diff --git a/packages/kbn-i18n/BUILD.bazel b/packages/kbn-i18n/BUILD.bazel index 256262bb8783bde..8ea6c3dd192f46f 100644 --- a/packages/kbn-i18n/BUILD.bazel +++ b/packages/kbn-i18n/BUILD.bazel @@ -48,6 +48,7 @@ TYPES_DEPS = [ "@npm//tslib", "@npm//@types/intl-relativeformat", "@npm//@types/jest", + "@npm//@types/node", "@npm//@types/prop-types", "@npm//@types/react", "@npm//@types/react-intl", diff --git a/packages/kbn-test/src/jest/run.ts b/packages/kbn-test/src/jest/run.ts index 07610a3eb84c61e..4a5dd4e9281bafb 100644 --- a/packages/kbn-test/src/jest/run.ts +++ b/packages/kbn-test/src/jest/run.ts @@ -28,6 +28,20 @@ import { map } from 'lodash'; // yarn test:jest src/core/public/core_system.test.ts // :kibana/src/core/server/saved_objects yarn test:jest +// Patch node 16 types to be compatible with jest 26 +// https://github.com/facebook/jest/issues/11640#issuecomment-893867514 +/* eslint-disable */ +declare global { + namespace NodeJS { + interface Global {} + interface InspectOptions {} + + interface ConsoleConstructor + extends console.ConsoleConstructor {} + } +} +/* eslint-enable */ + export function runJest(configName = 'jest.config.js') { const argv = buildArgv(process.argv); diff --git a/src/core/server/bootstrap.ts b/src/core/server/bootstrap.ts index 5131defc9346166..6190665fc78e4cb 100644 --- a/src/core/server/bootstrap.ts +++ b/src/core/server/bootstrap.ts @@ -51,7 +51,7 @@ export async function bootstrap({ configs, cliArgs, applyConfigOverrides }: Boot // This is only used by the LogRotator service // in order to be able to reload the log configuration // under the cluster mode - process.on('message', (msg) => { + process.on('message', (msg: any) => { if (!msg || msg.reloadConfiguration !== true) { return; } diff --git a/src/core/server/environment/environment_service.test.ts b/src/core/server/environment/environment_service.test.ts index 4b074482248b456..0817fad35f882ee 100644 --- a/src/core/server/environment/environment_service.test.ts +++ b/src/core/server/environment/environment_service.test.ts @@ -136,7 +136,8 @@ describe('UuidService', () => { }); }); - describe('unhandledRejection warnings', () => { + // TODO: From Nodejs v16 emitting an unhandledRejection will kill the process + describe.skip('unhandledRejection warnings', () => { it('logs warn for an unhandeld promise rejected with an Error', async () => { await service.preboot(); diff --git a/src/core/server/execution_context/integration_tests/tracing.test.ts b/src/core/server/execution_context/integration_tests/tracing.test.ts index c8dccc2ae9c42eb..7a54315204a6bae 100644 --- a/src/core/server/execution_context/integration_tests/tracing.test.ts +++ b/src/core/server/execution_context/integration_tests/tracing.test.ts @@ -45,7 +45,7 @@ describe('trace', () => { }, }); await root.preboot(); - }, 30000); + }, 60000); afterEach(async () => { await root.shutdown(); diff --git a/src/core/server/http/http_server.test.ts b/src/core/server/http/http_server.test.ts index ffbd91c645382cc..8585b564090e5d9 100644 --- a/src/core/server/http/http_server.test.ts +++ b/src/core/server/http/http_server.test.ts @@ -7,7 +7,7 @@ */ import { Server } from 'http'; -import { rmdir, mkdtemp, readFile, writeFile } from 'fs/promises'; +import { rm, mkdtemp, readFile, writeFile } from 'fs/promises'; import supertest from 'supertest'; import { omit } from 'lodash'; import { join } from 'path'; @@ -1419,7 +1419,7 @@ describe('setup contract', () => { afterAll(async () => { if (tempDir) { - await rmdir(tempDir, { recursive: true }); + await rm(tempDir, { recursive: true }); } }); diff --git a/src/core/server/http/router/request.ts b/src/core/server/http/router/request.ts index d16158bb0fb0850..89511c00a8f3262 100644 --- a/src/core/server/http/router/request.ts +++ b/src/core/server/http/router/request.ts @@ -221,10 +221,8 @@ export class KibanaRequest< } private getEvents(request: Request): KibanaRequestEvents { - const finish$ = merge( - fromEvent(request.raw.res, 'finish'), // Response has been sent - fromEvent(request.raw.req, 'close') // connection was closed - ).pipe(shareReplay(1), first()); + // the response is completed, or its underlying connection was terminated prematurely + const finish$ = fromEvent(request.raw.res, 'close').pipe(shareReplay(1), first()); const aborted$ = fromEvent(request.raw.req, 'aborted').pipe(first(), takeUntil(finish$)); const completed$ = merge(finish$, aborted$).pipe(shareReplay(1), first()); diff --git a/src/core/server/http/router/validator/validator.test.ts b/src/core/server/http/router/validator/validator.test.ts index cb4fb5fd24e319b..b516d723edadc0d 100644 --- a/src/core/server/http/router/validator/validator.test.ts +++ b/src/core/server/http/router/validator/validator.test.ts @@ -48,7 +48,7 @@ describe('Router validator', () => { expect(() => validator.getParams({})).toThrowError('[foo]: Not a string'); expect(() => validator.getParams(undefined)).toThrowError( - `Cannot read property 'foo' of undefined` + `Cannot read properties of undefined (reading 'foo')` ); expect(() => validator.getParams({}, 'myField')).toThrowError('[myField.foo]: Not a string'); diff --git a/src/core/server/logging/integration_tests/rolling_file_appender.test.ts b/src/core/server/logging/integration_tests/rolling_file_appender.test.ts index dc6a01b80e95113..04b2f543d338073 100644 --- a/src/core/server/logging/integration_tests/rolling_file_appender.test.ts +++ b/src/core/server/logging/integration_tests/rolling_file_appender.test.ts @@ -7,7 +7,7 @@ */ import { join } from 'path'; -import { rmdir, mkdtemp, readFile, readdir } from 'fs/promises'; +import { rm, mkdtemp, readFile, readdir } from 'fs/promises'; import moment from 'moment-timezone'; import * as kbnTestServer from '../../../test_helpers/kbn_server'; import { getNextRollingTime } from '../appenders/rolling_file/policies/time_interval/get_next_rolling_time'; @@ -48,7 +48,7 @@ describe('RollingFileAppender', () => { afterEach(async () => { if (testDir) { - await rmdir(testDir, { recursive: true }); + await rm(testDir, { recursive: true }); } if (root) { diff --git a/src/core/server/metrics/event_loop_delays/event_loop_delays_monitor.ts b/src/core/server/metrics/event_loop_delays/event_loop_delays_monitor.ts index 3dff847f83c9b42..0f3035c14a923ed 100644 --- a/src/core/server/metrics/event_loop_delays/event_loop_delays_monitor.ts +++ b/src/core/server/metrics/event_loop_delays/event_loop_delays_monitor.ts @@ -6,12 +6,12 @@ * Side Public License, v 1. */ -import type { EventLoopDelayMonitor } from 'perf_hooks'; +import type { IntervalHistogram as PerfIntervalHistogram } from 'perf_hooks'; import { monitorEventLoopDelay } from 'perf_hooks'; import type { IntervalHistogram } from '../types'; export class EventLoopDelaysMonitor { - private readonly loopMonitor: EventLoopDelayMonitor; + private readonly loopMonitor: PerfIntervalHistogram; private fromTimestamp: Date; /** diff --git a/src/core/server/metrics/integration_tests/server_collector.test.ts b/src/core/server/metrics/integration_tests/server_collector.test.ts index 93589648ca0ae4c..a16e0f2217add56 100644 --- a/src/core/server/metrics/integration_tests/server_collector.test.ts +++ b/src/core/server/metrics/integration_tests/server_collector.test.ts @@ -15,6 +15,7 @@ import { HttpService, IRouter } from '../../http'; import { contextServiceMock } from '../../context/context_service.mock'; import { executionContextServiceMock } from '../../execution_context/execution_context_service.mock'; import { ServerMetricsCollector } from '../collectors/server'; +import { setTimeout as setTimeoutPromise } from 'timers/promises'; const requestWaitDelay = 25; @@ -195,6 +196,9 @@ describe('ServerMetricsCollector', () => { waitSubject.next('go'); await Promise.all([res1, res2]); + // Give the event-loop one more cycle to allow concurrent connections to be + // up to date before collecting + await setTimeoutPromise(0); metrics = await collector.collect(); expect(metrics.concurrent_connections).toEqual(0); }); diff --git a/src/core/server/status/plugins_status.ts b/src/core/server/status/plugins_status.ts index 7ef3ddb31d978b8..719535133e7ab54 100644 --- a/src/core/server/status/plugins_status.ts +++ b/src/core/server/status/plugins_status.ts @@ -128,7 +128,7 @@ export class PluginsStatusService { return combineLatest(pluginStatuses).pipe( map((statuses) => Object.fromEntries(statuses)), - distinctUntilChanged(isDeepStrictEqual) + distinctUntilChanged>(isDeepStrictEqual) ); }) ); diff --git a/src/core/server/status/status_service.ts b/src/core/server/status/status_service.ts index a0ac5b392efe165..29cc01da3f63d90 100644 --- a/src/core/server/status/status_service.ts +++ b/src/core/server/status/status_service.ts @@ -84,7 +84,7 @@ export class StatusService implements CoreService { }); return summary; }), - distinctUntilChanged(isDeepStrictEqual), + distinctUntilChanged>(isDeepStrictEqual), shareReplay(1) ); @@ -100,7 +100,7 @@ export class StatusService implements CoreService { }); return coreOverall; }), - distinctUntilChanged(isDeepStrictEqual), + distinctUntilChanged>(isDeepStrictEqual), shareReplay(1) ); @@ -186,7 +186,7 @@ export class StatusService implements CoreService { elasticsearch: elasticsearchStatus, savedObjects: savedObjectsStatus, })), - distinctUntilChanged(isDeepStrictEqual), + distinctUntilChanged(isDeepStrictEqual), shareReplay(1) ); } diff --git a/src/dev/build/tasks/patch_native_modules_task.ts b/src/dev/build/tasks/patch_native_modules_task.ts index 5a2f179edeccb72..bb2b9cc96b67783 100644 --- a/src/dev/build/tasks/patch_native_modules_task.ts +++ b/src/dev/build/tasks/patch_native_modules_task.ts @@ -36,12 +36,12 @@ const packages: Package[] = [ extractMethod: 'gunzip', archives: { 'darwin-x64': { - url: 'https://github.com/uhop/node-re2/releases/download/1.16.0/darwin-x64-83.gz', - sha256: 'ef49febcba972b488727ce329ea9d2b57590bb44001ed494f2aa1397c0ebc32b', + url: 'https://github.com/uhop/node-re2/releases/download/1.16.0/darwin-x64-93.gz', + sha256: 'a267c6202d86d08170eb4a833acf81d83660ce33e8981fcd5b7f6e0310961d56', }, 'linux-x64': { - url: 'https://github.com/uhop/node-re2/releases/download/1.16.0/linux-x64-83.gz', - sha256: '160217dd83eb7093b758e905ce09cb45182864c7df858bf2525a68924a23c509', + url: 'https://github.com/uhop/node-re2/releases/download/1.16.0/linux-x64-93.gz', + sha256: 'e0ca5d6527fe7ec0fe98b6960c47b66a5bb2823c3bebb3bf4ed4d58eed3d23c5', }, // ARM build is currently done manually as Github Actions used in upstream project @@ -55,12 +55,12 @@ const packages: Package[] = [ // * gzip -c build/Release/re2.node > linux-arm64-83.gz // * upload to kibana-ci-proxy-cache bucket 'linux-arm64': { - url: 'https://storage.googleapis.com/kibana-ci-proxy-cache/node-re2/uhop/node-re2/releases/download/1.16.0/linux-arm64-83.gz', - sha256: '114505c60dbf57ad30556937ac5f49213c6676ad79d92706b96949d3a63f53b4', + url: 'https://storage.googleapis.com/kibana-ci-proxy-cache/node-re2/uhop/node-re2/releases/download/1.16.0/linux-arm64-93.gz', + sha256: '7a786e0b75985e5aafdefa9af55cad8e85e69a3326f16d8c63d21d6b5b3bff1b', }, 'win32-x64': { - url: 'https://github.com/uhop/node-re2/releases/download/1.16.0/win32-x64-83.gz', - sha256: '92ad420a6bfcedeb58dadf807a2f2901b05251d1edd3950051699929eda23073', + url: 'https://github.com/uhop/node-re2/releases/download/1.16.0/win32-x64-93.gz', + sha256: '37245ceb59a086b5e7e9de8746a3cdf148c383be9ae2580f92baea90d0d39947', }, }, }, diff --git a/src/plugins/dashboard/public/application/embeddable/grid/dashboard_grid.test.tsx b/src/plugins/dashboard/public/application/embeddable/grid/dashboard_grid.test.tsx index 991033b9a0d6a5f..52f04bcead6653a 100644 --- a/src/plugins/dashboard/public/application/embeddable/grid/dashboard_grid.test.tsx +++ b/src/plugins/dashboard/public/application/embeddable/grid/dashboard_grid.test.tsx @@ -95,7 +95,8 @@ afterAll(() => { sizeMe.noPlaceholders = false; }); -test('renders DashboardGrid', () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +test.skip('renders DashboardGrid', () => { const { props, options } = prepare(); const component = mountWithIntl( @@ -108,7 +109,8 @@ test('renders DashboardGrid', () => { expect(panelElements.length).toBe(2); }); -test('renders DashboardGrid with no visualizations', () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +test.skip('renders DashboardGrid with no visualizations', () => { const { props, options } = prepare(); const component = mountWithIntl( @@ -123,7 +125,8 @@ test('renders DashboardGrid with no visualizations', () => { expect(component.find('EmbeddableChildPanel').length).toBe(0); }); -test('DashboardGrid removes panel when removed from container', () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +test.skip('DashboardGrid removes panel when removed from container', () => { const { props, options } = prepare(); const component = mountWithIntl( @@ -142,7 +145,8 @@ test('DashboardGrid removes panel when removed from container', () => { expect(panelElements.length).toBe(1); }); -test('DashboardGrid renders expanded panel', () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +test.skip('DashboardGrid renders expanded panel', () => { const { props, options } = prepare(); const component = mountWithIntl( @@ -170,7 +174,8 @@ test('DashboardGrid renders expanded panel', () => { ).toBeUndefined(); }); -test('DashboardGrid unmount unsubscribes', async (done) => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +test.skip('DashboardGrid unmount unsubscribes', async (done) => { const { props, options } = prepare(); const component = mountWithIntl( diff --git a/src/plugins/dashboard/public/application/embeddable/viewport/dashboard_viewport.test.tsx b/src/plugins/dashboard/public/application/embeddable/viewport/dashboard_viewport.test.tsx index 4397705691314af..7a920685bcaae93 100644 --- a/src/plugins/dashboard/public/application/embeddable/viewport/dashboard_viewport.test.tsx +++ b/src/plugins/dashboard/public/application/embeddable/viewport/dashboard_viewport.test.tsx @@ -92,8 +92,8 @@ function getProps(props?: Partial): { options, }; } - -test('renders DashboardViewport', () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +test.skip('renders DashboardViewport', () => { const { props, options } = getProps(); const component = mount( @@ -108,7 +108,8 @@ test('renders DashboardViewport', () => { expect(panels.length).toBe(2); }); -test('renders DashboardViewport with no visualizations', () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +test.skip('renders DashboardViewport with no visualizations', () => { const { props, options } = getProps(); props.container.updateInput({ panels: {} }); const component = mount( @@ -126,7 +127,8 @@ test('renders DashboardViewport with no visualizations', () => { component.unmount(); }); -test('renders DashboardEmptyScreen', () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +test.skip('renders DashboardEmptyScreen', () => { const { props, options } = getProps(); props.container.updateInput({ panels: {} }); const component = mount( @@ -144,7 +146,8 @@ test('renders DashboardEmptyScreen', () => { component.unmount(); }); -test('renders exit full screen button when in full screen mode', async () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +test.skip('renders exit full screen button when in full screen mode', async () => { const { props, options } = getProps(); props.container.updateInput({ isFullScreenMode: true }); const component = mount( @@ -172,7 +175,8 @@ test('renders exit full screen button when in full screen mode', async () => { component.unmount(); }); -test('renders exit full screen button when in full screen mode and empty screen', async () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +test.skip('renders exit full screen button when in full screen mode and empty screen', async () => { const { props, options } = getProps(); props.container.updateInput({ panels: {}, isFullScreenMode: true }); const component = mount( @@ -199,7 +203,8 @@ test('renders exit full screen button when in full screen mode and empty screen' component.unmount(); }); -test('DashboardViewport unmount unsubscribes', async (done) => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +test.skip('DashboardViewport unmount unsubscribes', async (done) => { const { props, options } = getProps(); const component = mount( diff --git a/src/plugins/discover/public/application/embeddable/view_saved_search_action.test.ts b/src/plugins/discover/public/application/embeddable/view_saved_search_action.test.ts index 5796dacaa83d8b7..990be8927766acb 100644 --- a/src/plugins/discover/public/application/embeddable/view_saved_search_action.test.ts +++ b/src/plugins/discover/public/application/embeddable/view_saved_search_action.test.ts @@ -11,11 +11,14 @@ import { ContactCardEmbeddable } from 'src/plugins/embeddable/public/lib/test_sa import { ViewSavedSearchAction } from './view_saved_search_action'; import { SavedSearchEmbeddable } from './saved_search_embeddable'; import { createStartContractMock } from '../../__mocks__/start_contract'; +import { uiSettingsServiceMock } from '../../../../../core/public/mocks'; import { savedSearchMock } from '../../__mocks__/saved_search'; import { discoverServiceMock } from '../../__mocks__/services'; import { IndexPattern } from 'src/plugins/data/common'; import { createFilterManagerMock } from 'src/plugins/data/public/query/filter_manager/filter_manager.mock'; import { ViewMode } from 'src/plugins/embeddable/public'; +import { setServices } from '../../kibana_services'; +import type { DiscoverServices } from '../../build_services'; const applicationMock = createStartContractMock(); const savedSearch = savedSearchMock; @@ -45,6 +48,11 @@ const embeddableConfig = { }; describe('view saved search action', () => { + beforeEach(() => { + setServices({ + uiSettings: uiSettingsServiceMock.createStartContract(), + } as unknown as DiscoverServices); + }); it('is compatible when embeddable is of type saved search, in view mode && appropriate permissions are set', async () => { const action = new ViewSavedSearchAction(applicationMock); const embeddable = new SavedSearchEmbeddable( diff --git a/src/plugins/telemetry/public/services/telemetry_sender.test.ts b/src/plugins/telemetry/public/services/telemetry_sender.test.ts index 6459f15fc60f741..50738b11e508d47 100644 --- a/src/plugins/telemetry/public/services/telemetry_sender.test.ts +++ b/src/plugins/telemetry/public/services/telemetry_sender.test.ts @@ -260,22 +260,15 @@ describe('TelemetrySender', () => { }); }); describe('startChecking', () => { - let originalSetInterval: typeof window['setInterval']; - let mockSetInterval: jest.Mock; - - beforeAll(() => { - originalSetInterval = window.setInterval; - }); - - beforeEach(() => (window.setInterval = mockSetInterval = jest.fn())); - afterAll(() => (window.setInterval = originalSetInterval)); + beforeEach(() => jest.useFakeTimers()); + afterAll(() => jest.useRealTimers()); it('calls sendIfDue every 60000 ms', () => { const telemetryService = mockTelemetryService(); const telemetrySender = new TelemetrySender(telemetryService); telemetrySender.startChecking(); - expect(mockSetInterval).toBeCalledTimes(1); - expect(mockSetInterval).toBeCalledWith(telemetrySender['sendIfDue'], 60000); + expect(setInterval).toBeCalledTimes(1); + expect(setInterval).toBeCalledWith(telemetrySender['sendIfDue'], 60000); }); }); }); diff --git a/src/plugins/visualizations/server/migrations/visualization_saved_object_migrations.test.ts b/src/plugins/visualizations/server/migrations/visualization_saved_object_migrations.test.ts index 1ef9018f3472b6f..1f6fbfeb47e597f 100644 --- a/src/plugins/visualizations/server/migrations/visualization_saved_object_migrations.test.ts +++ b/src/plugins/visualizations/server/migrations/visualization_saved_object_migrations.test.ts @@ -981,7 +981,7 @@ describe('migration visualization', () => { `); expect(logMsgArr).toMatchInlineSnapshot(` Array [ - "Exception @ migrateGaugeVerticalSplitToAlignment! TypeError: Cannot read property 'gauge' of undefined", + "Exception @ migrateGaugeVerticalSplitToAlignment! TypeError: Cannot read properties of undefined (reading 'gauge')", "Exception @ migrateGaugeVerticalSplitToAlignment! Payload: {\\"type\\":\\"gauge\\"}", ] `); diff --git a/src/setup_node_env/exit_on_warning.js b/src/setup_node_env/exit_on_warning.js index e9c96f2c49bb46a..998dd02a6bff0c8 100644 --- a/src/setup_node_env/exit_on_warning.js +++ b/src/setup_node_env/exit_on_warning.js @@ -29,6 +29,22 @@ var IGNORE_WARNINGS = [ file: '/node_modules/supertest/node_modules/superagent/lib/node/index.js', line: 418, }, + // TODO @elastic/es-clients + // 'Use of deprecated folder mapping "./" in the "exports" field module resolution of the package + // at node_modules/@elastic/elasticsearch/package.json.' + // This is a breaking change in Node 12, which elasticsearch-js supports. + // https://github.com/elastic/elasticsearch-js/issues/1465 + // https://nodejs.org/api/deprecations.html#DEP0148 + { + name: 'DeprecationWarning', + code: 'DEP0148', + }, + // In future versions of Node.js, fs.rmdir(path, { recursive: true }) will be removed. + // Remove after https://github.com/elastic/synthetics/pull/390 + { + name: 'DeprecationWarning', + code: 'DEP0147', + }, { // TODO: @elastic/es-clients - The new client will attempt a Product check and it will `process.emitWarning` // that the security features are blocking such check. diff --git a/x-pack/plugins/apm/ftr_e2e/cypress/tasks/es_archiver.ts b/x-pack/plugins/apm/ftr_e2e/cypress/tasks/es_archiver.ts index 5e4dd9f8657ffa0..a2ff99c5c377efb 100644 --- a/x-pack/plugins/apm/ftr_e2e/cypress/tasks/es_archiver.ts +++ b/x-pack/plugins/apm/ftr_e2e/cypress/tasks/es_archiver.ts @@ -17,7 +17,7 @@ export const esArchiverLoad = (folder: string) => { const path = Path.join(ES_ARCHIVE_DIR, folder); execSync( `node ../../../../scripts/es_archiver load "${path}" --config ../../../test/functional/config.js`, - { env: { ...process.env, NODE_TLS_REJECT_UNAUTHORIZED } } + { env: { ...process.env, NODE_TLS_REJECT_UNAUTHORIZED }, stdio: 'inherit' } ); }; @@ -25,13 +25,13 @@ export const esArchiverUnload = (folder: string) => { const path = Path.join(ES_ARCHIVE_DIR, folder); execSync( `node ../../../../scripts/es_archiver unload "${path}" --config ../../../test/functional/config.js`, - { env: { ...process.env, NODE_TLS_REJECT_UNAUTHORIZED } } + { env: { ...process.env, NODE_TLS_REJECT_UNAUTHORIZED }, stdio: 'inherit' } ); }; export const esArchiverResetKibana = () => { execSync( `node ../../../../scripts/es_archiver empty-kibana-index --config ../../../test/functional/config.js`, - { env: { ...process.env, NODE_TLS_REJECT_UNAUTHORIZED } } + { env: { ...process.env, NODE_TLS_REJECT_UNAUTHORIZED }, stdio: 'inherit' } ); }; diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_logic.test.ts b/x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_logic.test.ts index cf1b45d468260db..753871765896a10 100644 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_logic.test.ts +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_logic.test.ts @@ -493,7 +493,7 @@ describe('DocumentCreationLogic', () => { await nextTick(); expect(DocumentCreationLogic.actions.setErrors).toHaveBeenCalledWith( - "Cannot read property 'total' of undefined" + "Cannot read properties of undefined (reading 'total')" ); }); diff --git a/x-pack/plugins/fleet/server/services/epm/registry/requests.ts b/x-pack/plugins/fleet/server/services/epm/registry/requests.ts index 40943aa0cffff59..ed6df5f6459ec30 100644 --- a/x-pack/plugins/fleet/server/services/epm/registry/requests.ts +++ b/x-pack/plugins/fleet/server/services/epm/registry/requests.ts @@ -97,7 +97,6 @@ export function getFetchOptions(targetUrl: string): RequestInit | undefined { logger.debug(`Using ${proxyUrl} as proxy for ${targetUrl}`); return { - // @ts-expect-error The types exposed by 'HttpsProxyAgent' isn't up to date with 'Agent' agent: getProxyAgent({ proxyUrl, targetUrl }), }; } diff --git a/x-pack/plugins/index_management/__jest__/client_integration/home/indices_tab.test.ts b/x-pack/plugins/index_management/__jest__/client_integration/home/indices_tab.test.ts index ae6089d8020fc08..e23c1a59eb135a6 100644 --- a/x-pack/plugins/index_management/__jest__/client_integration/home/indices_tab.test.ts +++ b/x-pack/plugins/index_management/__jest__/client_integration/home/indices_tab.test.ts @@ -22,7 +22,8 @@ import { stubWebWorker } from '@kbn/test/jest'; import { createMemoryHistory } from 'history'; stubWebWorker(); -describe('', () => { +// unhandled promise rejection https://github.com/elastic/kibana/issues/112699 +describe.skip('', () => { const { server, httpRequestsMockHelpers } = setupEnvironment(); let testBed: IndicesTestBed; diff --git a/x-pack/plugins/reporting/server/export_types/common/decrypt_job_headers.test.ts b/x-pack/plugins/reporting/server/export_types/common/decrypt_job_headers.test.ts index 4303de6a3ef5653..b5258d91485f70d 100644 --- a/x-pack/plugins/reporting/server/export_types/common/decrypt_job_headers.test.ts +++ b/x-pack/plugins/reporting/server/export_types/common/decrypt_job_headers.test.ts @@ -25,7 +25,7 @@ describe('headers', () => { logger ); await expect(getDecryptedHeaders()).rejects.toMatchInlineSnapshot( - `[Error: Failed to decrypt report job data. Please ensure that xpack.reporting.encryptionKey is set and re-generate this report. Error: Invalid IV length]` + `[Error: Failed to decrypt report job data. Please ensure that xpack.reporting.encryptionKey is set and re-generate this report. TypeError: Invalid initialization vector]` ); }); diff --git a/x-pack/plugins/reporting/server/export_types/csv/execute_job.test.ts b/x-pack/plugins/reporting/server/export_types/csv/execute_job.test.ts index e5d0ed26137196e..cb103812c7f2aa0 100644 --- a/x-pack/plugins/reporting/server/export_types/csv/execute_job.test.ts +++ b/x-pack/plugins/reporting/server/export_types/csv/execute_job.test.ts @@ -302,7 +302,9 @@ describe('CSV Execute Job', function () { }); await expect( runTask('job123', jobParams, cancellationToken, stream) - ).rejects.toMatchInlineSnapshot(`[TypeError: Cannot read property 'indexOf' of undefined]`); + ).rejects.toMatchInlineSnapshot( + `[TypeError: Cannot read properties of undefined (reading 'indexOf')]` + ); expect(mockEsClient.clearScroll).toHaveBeenCalledWith( expect.objectContaining({ body: { scroll_id: lastScrollId } }) diff --git a/x-pack/plugins/security_solution/public/common/mock/utils.ts b/x-pack/plugins/security_solution/public/common/mock/utils.ts index b1851fd055b3377..0bafdc4fad1e8e8 100644 --- a/x-pack/plugins/security_solution/public/common/mock/utils.ts +++ b/x-pack/plugins/security_solution/public/common/mock/utils.ts @@ -21,11 +21,12 @@ import { mockGlobalState } from './global_state'; import { TimelineState } from '../../timelines/store/timeline/types'; import { defaultHeaders } from '../../timelines/components/timeline/body/column_headers/default_headers'; -interface Global extends NodeJS.Global { +type GlobalThis = typeof globalThis; +interface Global extends GlobalThis { // eslint-disable-next-line @typescript-eslint/no-explicit-any - window?: any; + window: any; // eslint-disable-next-line @typescript-eslint/no-explicit-any - document?: any; + document: any; } export const globalNode: Global = global; diff --git a/x-pack/plugins/security_solution/public/management/components/search_exceptions/search_exceptions.test.tsx b/x-pack/plugins/security_solution/public/management/components/search_exceptions/search_exceptions.test.tsx index 084978d35d03abc..d7db249475df73b 100644 --- a/x-pack/plugins/security_solution/public/management/components/search_exceptions/search_exceptions.test.tsx +++ b/x-pack/plugins/security_solution/public/management/components/search_exceptions/search_exceptions.test.tsx @@ -20,6 +20,7 @@ jest.mock('../../../common/components/user_privileges/use_endpoint_privileges'); let onSearchMock: jest.Mock; const mockUseEndpointPrivileges = useEndpointPrivileges as jest.Mock; +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 describe('Search exceptions', () => { let appTestContext: AppContextTestRender; let renderResult: ReturnType; diff --git a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.test.ts b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.test.ts index 15d0684a2864b12..43fa4e104067fee 100644 --- a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.test.ts +++ b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.test.ts @@ -61,7 +61,8 @@ jest.mock('../../../../common/lib/kibana'); type EndpointListStore = Store, Immutable>; -describe('endpoint list middleware', () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +describe.skip('endpoint list middleware', () => { const getKibanaServicesMock = KibanaServices.get as jest.Mock; let fakeCoreStart: jest.Mocked; let depsStart: DepsStartMock; diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.test.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.test.tsx index 8ae0d9d45c23685..d46775d38834b87 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.test.tsx @@ -42,7 +42,8 @@ let coreStart: AppContextTestRender['coreStart']; let http: typeof coreStart.http; const generator = new EndpointDocGenerator(); -describe('Policy trusted apps layout', () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +describe.skip('Policy trusted apps layout', () => { beforeEach(() => { mockedContext = createAppRootMockRenderer(); http = mockedContext.coreStart.http; diff --git a/x-pack/plugins/stack_alerts/server/plugin.test.ts b/x-pack/plugins/stack_alerts/server/plugin.test.ts index b9263553173d243..b2bf076eaf49d04 100644 --- a/x-pack/plugins/stack_alerts/server/plugin.test.ts +++ b/x-pack/plugins/stack_alerts/server/plugin.test.ts @@ -11,7 +11,8 @@ import { alertsMock } from '../../alerting/server/mocks'; import { featuresPluginMock } from '../../features/server/mocks'; import { BUILT_IN_ALERTS_FEATURE } from './feature'; -describe('AlertingBuiltins Plugin', () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +describe.skip('AlertingBuiltins Plugin', () => { describe('setup()', () => { let context: ReturnType; let plugin: AlertingBuiltinsPlugin; diff --git a/x-pack/plugins/uptime/e2e/tasks/es_archiver.ts b/x-pack/plugins/uptime/e2e/tasks/es_archiver.ts index ce82be18dff7f7e..dac5672bdf649a9 100644 --- a/x-pack/plugins/uptime/e2e/tasks/es_archiver.ts +++ b/x-pack/plugins/uptime/e2e/tasks/es_archiver.ts @@ -17,7 +17,7 @@ export const esArchiverLoad = (folder: string) => { const path = Path.join(ES_ARCHIVE_DIR, folder); execSync( `node ../../../../scripts/es_archiver load "${path}" --config ../../../test/functional/config.js`, - { env: { ...process.env, NODE_TLS_REJECT_UNAUTHORIZED } } + { env: { ...process.env, NODE_TLS_REJECT_UNAUTHORIZED }, stdio: 'inherit' } ); }; @@ -25,13 +25,13 @@ export const esArchiverUnload = (folder: string) => { const path = Path.join(ES_ARCHIVE_DIR, folder); execSync( `node ../../../../scripts/es_archiver unload "${path}" --config ../../../test/functional/config.js`, - { env: { ...process.env, NODE_TLS_REJECT_UNAUTHORIZED } } + { env: { ...process.env, NODE_TLS_REJECT_UNAUTHORIZED }, stdio: 'inherit' } ); }; export const esArchiverResetKibana = () => { execSync( `node ../../../../scripts/es_archiver empty-kibana-index --config ../../../test/functional/config.js`, - { env: { ...process.env, NODE_TLS_REJECT_UNAUTHORIZED } } + { env: { ...process.env, NODE_TLS_REJECT_UNAUTHORIZED }, stdio: 'inherit' } ); }; diff --git a/x-pack/plugins/uptime/public/components/fleet_package/custom_fields.test.tsx b/x-pack/plugins/uptime/public/components/fleet_package/custom_fields.test.tsx index f16e72837b343bf..26ee26cc8ed7f24 100644 --- a/x-pack/plugins/uptime/public/components/fleet_package/custom_fields.test.tsx +++ b/x-pack/plugins/uptime/public/components/fleet_package/custom_fields.test.tsx @@ -50,7 +50,8 @@ const defaultValidation = centralValidation[DataStream.HTTP]; const defaultHTTPConfig = defaultConfig[DataStream.HTTP]; const defaultTCPConfig = defaultConfig[DataStream.TCP]; -describe('', () => { +// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 +describe.skip('', () => { const WrappedComponent = ({ validate = defaultValidation, typeEditable = false, diff --git a/x-pack/plugins/uptime/public/components/overview/monitor_list/monitor_list_drawer/monitor_list_drawer.test.tsx b/x-pack/plugins/uptime/public/components/overview/monitor_list/monitor_list_drawer/monitor_list_drawer.test.tsx index d044ad4e6a3a280..240697af470b097 100644 --- a/x-pack/plugins/uptime/public/components/overview/monitor_list/monitor_list_drawer/monitor_list_drawer.test.tsx +++ b/x-pack/plugins/uptime/public/components/overview/monitor_list/monitor_list_drawer/monitor_list_drawer.test.tsx @@ -5,7 +5,6 @@ * 2.0. */ -import 'jest'; import React from 'react'; import { MonitorListDrawerComponent } from './monitor_list_drawer'; import { MonitorDetails, MonitorSummary, makePing } from '../../../../../common/runtime_types'; diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/jira.ts b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/jira.ts index 7d69e80dae58499..7e8272b0a8afa5f 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/jira.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/jira.ts @@ -232,31 +232,8 @@ export default function jiraTest({ getService }: FtrProviderContext) { expect(resp.body.connector_id).to.eql(simulatedActionId); expect(resp.body.status).to.eql('error'); expect(resp.body.retry).to.eql(false); - // Node.js 12 oddity: - // - // The first time after the server is booted, the error message will be: - // - // undefined is not iterable (cannot read property Symbol(Symbol.iterator)) - // - // After this, the error will be: - // - // Cannot destructure property 'value' of 'undefined' as it is undefined. - // - // The error seems to come from the exact same place in the code based on the - // exact same circomstances: - // - // https://github.com/elastic/kibana/blob/b0a223ebcbac7e404e8ae6da23b2cc6a4b509ff1/packages/kbn-config-schema/src/types/literal_type.ts#L28 - // - // What triggers the error is that the `handleError` function expects its 2nd - // argument to be an object containing a `valids` property of type array. - // - // In this test the object does not contain a `valids` property, so hence the - // error. - // - // Why the error message isn't the same in all scenarios is unknown to me and - // could be a bug in V8. - expect(resp.body.message).to.match( - /^error validating action params: (undefined is not iterable \(cannot read property Symbol\(Symbol.iterator\)\)|Cannot destructure property 'value' of 'undefined' as it is undefined\.)$/ + expect(resp.body.message).to.be( + `error validating action params: Cannot destructure property 'Symbol(Symbol.iterator)' of 'undefined' as it is undefined.` ); }); }); diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/resilient.ts b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/resilient.ts index 00989b35fd4e2cc..4421c984b4aed30 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/resilient.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/resilient.ts @@ -234,31 +234,8 @@ export default function resilientTest({ getService }: FtrProviderContext) { expect(resp.body.connector_id).to.eql(simulatedActionId); expect(resp.body.status).to.eql('error'); expect(resp.body.retry).to.eql(false); - // Node.js 12 oddity: - // - // The first time after the server is booted, the error message will be: - // - // undefined is not iterable (cannot read property Symbol(Symbol.iterator)) - // - // After this, the error will be: - // - // Cannot destructure property 'value' of 'undefined' as it is undefined. - // - // The error seems to come from the exact same place in the code based on the - // exact same circomstances: - // - // https://github.com/elastic/kibana/blob/b0a223ebcbac7e404e8ae6da23b2cc6a4b509ff1/packages/kbn-config-schema/src/types/literal_type.ts#L28 - // - // What triggers the error is that the `handleError` function expects its 2nd - // argument to be an object containing a `valids` property of type array. - // - // In this test the object does not contain a `valids` property, so hence the - // error. - // - // Why the error message isn't the same in all scenarios is unknown to me and - // could be a bug in V8. - expect(resp.body.message).to.match( - /^error validating action params: (undefined is not iterable \(cannot read property Symbol\(Symbol.iterator\)\)|Cannot destructure property 'value' of 'undefined' as it is undefined\.)$/ + expect(resp.body.message).to.be( + `error validating action params: Cannot destructure property 'Symbol(Symbol.iterator)' of 'undefined' as it is undefined.` ); }); }); diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/servicenow_itsm.ts b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/servicenow_itsm.ts index fe1ebdf8d28a9c1..5ff166397514526 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/servicenow_itsm.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/servicenow_itsm.ts @@ -242,31 +242,8 @@ export default function serviceNowITSMTest({ getService }: FtrProviderContext) { expect(resp.body.connector_id).to.eql(simulatedActionId); expect(resp.body.status).to.eql('error'); expect(resp.body.retry).to.eql(false); - // Node.js 12 oddity: - // - // The first time after the server is booted, the error message will be: - // - // undefined is not iterable (cannot read property Symbol(Symbol.iterator)) - // - // After this, the error will be: - // - // Cannot destructure property 'value' of 'undefined' as it is undefined. - // - // The error seems to come from the exact same place in the code based on the - // exact same circumstances: - // - // https://github.com/elastic/kibana/blob/b0a223ebcbac7e404e8ae6da23b2cc6a4b509ff1/packages/kbn-config-schema/src/types/literal_type.ts#L28 - // - // What triggers the error is that the `handleError` function expects its 2nd - // argument to be an object containing a `valids` property of type array. - // - // In this test the object does not contain a `valids` property, so hence the - // error. - // - // Why the error message isn't the same in all scenarios is unknown to me and - // could be a bug in V8. - expect(resp.body.message).to.match( - /^error validating action params: (undefined is not iterable \(cannot read property Symbol\(Symbol.iterator\)\)|Cannot destructure property 'value' of 'undefined' as it is undefined\.)$/ + expect(resp.body.message).to.be( + `error validating action params: Cannot destructure property 'Symbol(Symbol.iterator)' of 'undefined' as it is undefined.` ); }); }); diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/servicenow_sir.ts b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/servicenow_sir.ts index eee3425b6a61f36..bc4ec43fb4c7b1c 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/servicenow_sir.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/servicenow_sir.ts @@ -246,31 +246,8 @@ export default function serviceNowSIRTest({ getService }: FtrProviderContext) { expect(resp.body.connector_id).to.eql(simulatedActionId); expect(resp.body.status).to.eql('error'); expect(resp.body.retry).to.eql(false); - // Node.js 12 oddity: - // - // The first time after the server is booted, the error message will be: - // - // undefined is not iterable (cannot read property Symbol(Symbol.iterator)) - // - // After this, the error will be: - // - // Cannot destructure property 'value' of 'undefined' as it is undefined. - // - // The error seems to come from the exact same place in the code based on the - // exact same circumstances: - // - // https://github.com/elastic/kibana/blob/b0a223ebcbac7e404e8ae6da23b2cc6a4b509ff1/packages/kbn-config-schema/src/types/literal_type.ts#L28 - // - // What triggers the error is that the `handleError` function expects its 2nd - // argument to be an object containing a `valids` property of type array. - // - // In this test the object does not contain a `valids` property, so hence the - // error. - // - // Why the error message isn't the same in all scenarios is unknown to me and - // could be a bug in V8. - expect(resp.body.message).to.match( - /^error validating action params: (undefined is not iterable \(cannot read property Symbol\(Symbol.iterator\)\)|Cannot destructure property 'value' of 'undefined' as it is undefined\.)$/ + expect(resp.body.message).to.be( + `error validating action params: Cannot destructure property 'Symbol(Symbol.iterator)' of 'undefined' as it is undefined.` ); }); }); diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/swimlane.ts b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/swimlane.ts index eae630593b4dfc3..93d3a6c9e003f16 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/swimlane.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/swimlane.ts @@ -323,31 +323,8 @@ export default function swimlaneTest({ getService }: FtrProviderContext) { expect(resp.body.connector_id).to.eql(simulatedActionId); expect(resp.body.status).to.eql('error'); expect(resp.body.retry).to.eql(false); - // Node.js 12 oddity: - // - // The first time after the server is booted, the error message will be: - // - // undefined is not iterable (cannot read property Symbol(Symbol.iterator)) - // - // After this, the error will be: - // - // Cannot destructure property 'value' of 'undefined' as it is undefined. - // - // The error seems to come from the exact same place in the code based on the - // exact same circomstances: - // - // https://github.com/elastic/kibana/blob/b0a223ebcbac7e404e8ae6da23b2cc6a4b509ff1/packages/kbn-config-schema/src/types/literal_type.ts#L28 - // - // What triggers the error is that the `handleError` function expects its 2nd - // argument to be an object containing a `valids` property of type array. - // - // In this test the object does not contain a `valids` property, so hence the - // error. - // - // Why the error message isn't the same in all scenarios is unknown to me and - // could be a bug in V8. - expect(resp.body.message).to.match( - /^error validating action params: (undefined is not iterable \(cannot read property Symbol\(Symbol.iterator\)\)|Cannot destructure property 'value' of 'undefined' as it is undefined\.)$/ + expect(resp.body.message).to.be( + `error validating action params: undefined is not iterable (cannot read property Symbol(Symbol.iterator))` ); }); }); diff --git a/yarn.lock b/yarn.lock index f0e1921b774413f..9cba714293ff99d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6582,10 +6582,10 @@ resolved "https://registry.yarnpkg.com/@types/mocha/-/mocha-8.2.0.tgz#3eb56d13a1de1d347ecb1957c6860c911704bc44" integrity sha512-/Sge3BymXo4lKc31C8OINJgXLaw+7vL1/L1pGiBNpGrBiT8FQiaFpSYV0uhTaG4y78vcMBTMFsWaHDvuD+xGzQ== -"@types/mock-fs@^4.10.0": - version "4.10.0" - resolved "https://registry.yarnpkg.com/@types/mock-fs/-/mock-fs-4.10.0.tgz#460061b186993d76856f669d5317cda8a007c24b" - integrity sha512-FQ5alSzmHMmliqcL36JqIA4Yyn9jyJKvRSGV3mvPh108VFatX7naJDzSG4fnFQNZFq9dIx0Dzoe6ddflMB2Xkg== +"@types/mock-fs@^4.13.1": + version "4.13.1" + resolved "https://registry.yarnpkg.com/@types/mock-fs/-/mock-fs-4.13.1.tgz#9201554ceb23671badbfa8ac3f1fa9e0706305be" + integrity sha512-m6nFAJ3lBSnqbvDZioawRvpLXSaPyn52Srf7OfzjubYbYX8MTUdIgDxQl0wEapm4m/pNYSd9TXocpQ0TvZFlYA== dependencies: "@types/node" "*" @@ -6637,10 +6637,10 @@ dependencies: "@types/node" "*" -"@types/node@*", "@types/node@14.14.44", "@types/node@8.10.54", "@types/node@>= 8", "@types/node@>=8.9.0", "@types/node@^10.1.0", "@types/node@^14.14.31": - version "14.14.44" - resolved "https://registry.yarnpkg.com/@types/node/-/node-14.14.44.tgz#df7503e6002847b834371c004b372529f3f85215" - integrity sha512-+gaugz6Oce6ZInfI/tK4Pq5wIIkJMEJUu92RB3Eu93mtj4wjjjz9EB5mLp5s1pSsLXdC/CPut/xF20ZzAQJbTA== +"@types/node@*", "@types/node@16.10.2", "@types/node@8.10.54", "@types/node@>= 8", "@types/node@>=8.9.0", "@types/node@^10.1.0", "@types/node@^14.14.31": + version "16.10.2" + resolved "https://registry.yarnpkg.com/@types/node/-/node-16.10.2.tgz#5764ca9aa94470adb4e1185fe2e9f19458992b2e" + integrity sha512-zCclL4/rx+W5SQTzFs9wyvvyCwoK9QtBpratqz2IYJ3O8Umrn0m3nsTv0wQBk9sRGpvUe9CwPDrQFB10f1FIjQ== "@types/nodemailer@^6.4.0": version "6.4.0" @@ -7708,14 +7708,7 @@ agent-base@5: resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-5.1.1.tgz#e8fb3f242959db44d63be665db7a8e739537a32c" integrity sha512-TMeqbNl2fMW0nMjTEPOwe3J/PRFP4vqeoNuQMG0HlMrtm5QxKqdvAkZ1pRBQ/ulIyDD5Yq0nJ7YbdD8ey0TO3g== -agent-base@6: - version "6.0.0" - resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.0.tgz#5d0101f19bbfaed39980b22ae866de153b93f09a" - integrity sha512-j1Q7cSCqN+AwrmDd+pzgqc0/NpC655x2bUf5ZjRIO77DcNBFmh+OgRNzF6OKdCC9RSCb19fGd99+bhXFdkRNqw== - dependencies: - debug "4" - -agent-base@^6.0.2: +agent-base@6, agent-base@^6.0.2: version "6.0.2" resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.2.tgz#49fff58577cfee3f37176feab4c22e00f86d7f77" integrity sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ== @@ -20576,10 +20569,10 @@ mochawesome@^6.2.1: strip-ansi "^6.0.0" uuid "^7.0.3" -mock-fs@^4.12.0: - version "4.12.0" - resolved "https://registry.yarnpkg.com/mock-fs/-/mock-fs-4.12.0.tgz#a5d50b12d2d75e5bec9dac3b67ffe3c41d31ade4" - integrity sha512-/P/HtrlvBxY4o/PzXY9cCNBrdylDNxg7gnrv2sMNxj+UJ2m8jSpl0/A6fuJeNAWr99ZvGWH8XCbE0vmnM5KupQ== +mock-fs@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/mock-fs/-/mock-fs-5.1.1.tgz#d4c95e916abf400664197079d7e399d133bb6048" + integrity sha512-p/8oZ3qvfKGPw+4wdVCyjDxa6wn2tP0TCf3WXC1UyUBAevezPn1TtOoxtMYVbZu/S/iExg+Ghed1busItj2CEw== mock-http-server@1.3.0: version "1.3.0" From 845bcf85c1555c9a2f599992efd0f6b509035b98 Mon Sep 17 00:00:00 2001 From: Jonathan Budzenski Date: Sat, 16 Oct 2021 20:43:07 -0500 Subject: [PATCH 07/50] skip flaky test. #113892 --- .../artifact_entry_card/artifact_entry_card.test.tsx | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.test.tsx b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.test.tsx index bde1961dd782d44..50500a789fd4e15 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.test.tsx +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.test.tsx @@ -63,7 +63,8 @@ describe.each([ ); }); - it('should display dates in expected format', () => { + // FLAKY https://github.com/elastic/kibana/issues/113892 + it.skip('should display dates in expected format', () => { render(); expect(renderResult.getByTestId('testCard-header-updated').textContent).toEqual( From 06e66ca284483866232a551faf1c007a5f49bba8 Mon Sep 17 00:00:00 2001 From: Jonathan Budzenski Date: Sat, 16 Oct 2021 22:32:21 -0500 Subject: [PATCH 08/50] skip flaky tests. #89052, #113418, #115304 --- .../tests/exception_operators_data_types/ip_array.ts | 3 ++- .../tests/exception_operators_data_types/keyword_array.ts | 3 ++- .../tests/exception_operators_data_types/text_array.ts | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/ip_array.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/ip_array.ts index 9c169c1c3420721..d5e9050ed9d410e 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/ip_array.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/ip_array.ts @@ -486,7 +486,8 @@ export default ({ getService }: FtrProviderContext) => { expect(ips).to.eql([[], ['127.0.0.8', '127.0.0.9', '127.0.0.10']]); }); - it('will return 1 result if we have a list that includes all ips', async () => { + // FLAKY https://github.com/elastic/kibana/issues/89052 + it.skip('will return 1 result if we have a list that includes all ips', async () => { await importFile( supertest, 'ip', diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/keyword_array.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/keyword_array.ts index 2a2c8df30981ff0..94c8ab6f4664f6a 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/keyword_array.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/keyword_array.ts @@ -496,7 +496,8 @@ export default ({ getService }: FtrProviderContext) => { expect(hits).to.eql([[], ['word eight', 'word nine', 'word ten']]); }); - it('will return only the empty array for results if we have a list that includes all keyword', async () => { + // FLAKY https://github.com/elastic/kibana/issues/115304 + it.skip('will return only the empty array for results if we have a list that includes all keyword', async () => { await importFile( supertest, 'keyword', diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/text_array.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/text_array.ts index b152b44867a09d4..2ee7ebfc18be0a0 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/text_array.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/text_array.ts @@ -494,7 +494,8 @@ export default ({ getService }: FtrProviderContext) => { expect(hits).to.eql([[], ['word eight', 'word nine', 'word ten']]); }); - it('will return only the empty array for results if we have a list that includes all text', async () => { + // FLAKY https://github.com/elastic/kibana/issues/113418 + it.skip('will return only the empty array for results if we have a list that includes all text', async () => { await importFile( supertest, 'text', From fd3379d0692b911937fda62ccb82f1e9a7900c33 Mon Sep 17 00:00:00 2001 From: Jonathan Budzenski Date: Sun, 17 Oct 2021 09:47:08 -0500 Subject: [PATCH 09/50] skip flaky suite. #107057 --- .../apps/discover/_indexpattern_without_timefield.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/functional/apps/discover/_indexpattern_without_timefield.ts b/test/functional/apps/discover/_indexpattern_without_timefield.ts index 81fb4f92ab730a7..42291691f3f5fcb 100644 --- a/test/functional/apps/discover/_indexpattern_without_timefield.ts +++ b/test/functional/apps/discover/_indexpattern_without_timefield.ts @@ -17,7 +17,8 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { const testSubjects = getService('testSubjects'); const PageObjects = getPageObjects(['common', 'timePicker', 'discover']); - describe('indexpattern without timefield', () => { + // FLAKY https://github.com/elastic/kibana/issues/107057 + describe.skip('indexpattern without timefield', () => { before(async () => { await security.testUser.setRoles(['kibana_admin', 'kibana_timefield']); await esArchiver.loadIfNeeded( From 94aa791a49e2d809ec0cbdfebe8c439ec923a912 Mon Sep 17 00:00:00 2001 From: Luke Elmers Date: Sun, 17 Oct 2021 09:54:30 -0600 Subject: [PATCH 10/50] [Breaking] Remove deprecated `enabled` settings from plugins. (#113495) --- docs/dev-tools/console/console.asciidoc | 10 -- docs/migration/migrate_8_0.asciidoc | 11 +- docs/settings/apm-settings.asciidoc | 4 - docs/settings/dev-settings.asciidoc | 34 ------ docs/settings/fleet-settings.asciidoc | 3 - .../general-infra-logs-ui-settings.asciidoc | 4 - docs/settings/graph-settings.asciidoc | 12 -- docs/settings/ml-settings.asciidoc | 26 ----- docs/settings/monitoring-settings.asciidoc | 7 -- docs/settings/settings-xkb.asciidoc | 3 - docs/settings/url-drilldown-settings.asciidoc | 4 - docs/setup/settings.asciidoc | 23 +--- docs/user/plugins.asciidoc | 17 --- .../kbn-config/src/config_service.test.ts | 110 +++++++----------- packages/kbn-config/src/config_service.ts | 57 +++------ packages/kbn-config/src/deprecation/types.ts | 4 +- .../server/plugins/plugins_service.test.ts | 62 ++++++---- .../resources/base/bin/kibana-docker | 16 --- test/functional/config.js | 2 - x-pack/plugins/apm/server/index.ts | 9 +- x-pack/plugins/cases/server/config.ts | 1 - x-pack/plugins/cases/server/index.ts | 3 +- x-pack/plugins/cases/server/plugin.ts | 11 -- x-pack/plugins/cloud/server/config.ts | 2 - .../server/config.test.ts | 5 - .../encrypted_saved_objects/server/config.ts | 1 - .../encrypted_saved_objects/server/index.ts | 1 - .../__mocks__/routerDependencies.mock.ts | 1 - .../plugins/enterprise_search/server/index.ts | 2 - x-pack/plugins/fleet/server/index.ts | 4 +- x-pack/plugins/graph/config.ts | 1 - x-pack/plugins/graph/server/index.ts | 1 - x-pack/plugins/infra/server/plugin.ts | 2 - x-pack/plugins/lens/config.ts | 14 --- x-pack/plugins/lens/server/index.ts | 9 +- x-pack/plugins/lists/server/config.mock.ts | 1 - x-pack/plugins/lists/server/config.ts | 1 - x-pack/plugins/lists/server/index.ts | 1 - .../server/services/lists/list_client.mock.ts | 1 - x-pack/plugins/logstash/server/index.ts | 10 +- x-pack/plugins/maps/config.ts | 2 - x-pack/plugins/maps/server/index.ts | 4 +- x-pack/plugins/maps/server/plugin.ts | 9 -- .../plugins/metrics_entities/server/config.ts | 14 --- .../plugins/metrics_entities/server/index.ts | 7 +- x-pack/plugins/monitoring/public/plugin.ts | 2 +- .../plugins/monitoring/server/config.test.ts | 1 - x-pack/plugins/monitoring/server/config.ts | 1 - .../plugins/monitoring/server/deprecations.ts | 2 - x-pack/plugins/monitoring/server/index.ts | 1 - x-pack/plugins/observability/server/index.ts | 2 - x-pack/plugins/osquery/public/plugin.ts | 24 ---- x-pack/plugins/osquery/server/config.ts | 1 - x-pack/plugins/osquery/server/index.ts | 2 - x-pack/plugins/osquery/server/plugin.ts | 4 - x-pack/plugins/rule_registry/server/config.ts | 6 +- .../saved_objects_tagging/server/config.ts | 2 - .../security_solution/server/config.ts | 1 - .../plugins/security_solution/server/index.ts | 3 +- .../routes/__mocks__/index.ts | 1 - x-pack/plugins/timelines/public/index.ts | 6 +- x-pack/plugins/timelines/public/plugin.ts | 12 +- x-pack/plugins/timelines/server/config.ts | 14 --- x-pack/plugins/timelines/server/index.ts | 10 +- x-pack/scripts/functional_tests.js | 1 - .../common/fixtures/plugins/aad/kibana.json | 1 - .../plugins/actions_simulators/kibana.json | 1 - .../fixtures/plugins/alerts/kibana.json | 1 - .../plugins/alerts_restricted/kibana.json | 1 - .../plugins/task_manager_fixture/kibana.json | 1 - x-pack/test/api_integration/config.ts | 1 - .../case_api_integration/common/config.ts | 3 - .../plugins/cases_client_user/kibana.json | 1 - .../plugins/observability/kibana.json | 1 - .../plugins/security_solution/kibana.json | 1 - .../basic/config.ts | 1 - .../common/config.ts | 9 +- .../security_and_spaces/config.ts | 1 - x-pack/test/fleet_functional/config.ts | 5 +- .../fixtures/plugins/alerts/kibana.json | 1 - .../test/functional_vis_wizard/apps/index.ts | 16 --- .../apps/visualization_wizard.ts | 35 ------ x-pack/test/functional_vis_wizard/config.ts | 29 ----- .../ftr_provider_context.d.ts | 13 --- .../fixtures/plugins/alerts/kibana.json | 1 - .../plugins/event_log/kibana.json | 1 - .../plugins/sample_task_plugin/kibana.json | 1 - .../task_manager_performance/kibana.json | 1 - x-pack/test/plugin_functional/config.ts | 1 - .../test/saved_objects_field_count/config.ts | 9 +- 90 files changed, 132 insertions(+), 626 deletions(-) delete mode 100644 docs/settings/dev-settings.asciidoc delete mode 100644 docs/settings/graph-settings.asciidoc delete mode 100644 docs/settings/ml-settings.asciidoc delete mode 100644 x-pack/plugins/lens/config.ts delete mode 100644 x-pack/plugins/metrics_entities/server/config.ts delete mode 100644 x-pack/plugins/timelines/server/config.ts delete mode 100644 x-pack/test/functional_vis_wizard/apps/index.ts delete mode 100644 x-pack/test/functional_vis_wizard/apps/visualization_wizard.ts delete mode 100644 x-pack/test/functional_vis_wizard/config.ts delete mode 100644 x-pack/test/functional_vis_wizard/ftr_provider_context.d.ts diff --git a/docs/dev-tools/console/console.asciidoc b/docs/dev-tools/console/console.asciidoc index f29ddb1a600dbc2..48fe936dd2db5ea 100644 --- a/docs/dev-tools/console/console.asciidoc +++ b/docs/dev-tools/console/console.asciidoc @@ -129,13 +129,3 @@ image::dev-tools/console/images/console-settings.png["Console Settings", width=6 For a list of available keyboard shortcuts, click *Help*. - -[float] -[[console-settings]] -=== Disable Console - -deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] -If you don’t want to use *Console*, you can disable it by setting `console.enabled` -to `false` in your `kibana.yml` configuration file. Changing this setting -causes the server to regenerate assets on the next startup, -which might cause a delay before pages start being served. diff --git a/docs/migration/migrate_8_0.asciidoc b/docs/migration/migrate_8_0.asciidoc index dc6754fba1ffc95..f5f8a95ad24de3c 100644 --- a/docs/migration/migrate_8_0.asciidoc +++ b/docs/migration/migrate_8_0.asciidoc @@ -17,6 +17,7 @@ See also <> and <>. //NOTE: The notable-breaking-changes tagged regions are re-used in the //Installation and Upgrade Guide +// tag::notable-breaking-changes[] [float] [[breaking_80_index_pattern_changes]] === Index pattern changes @@ -30,18 +31,24 @@ to function as expected. Support for these index patterns has been removed in 8. *Impact:* You must migrate your time_based index patterns to a wildcard pattern, for example, `logstash-*`. - [float] [[breaking_80_setting_changes]] === Settings changes -// tag::notable-breaking-changes[] [float] ==== Multitenancy by changing `kibana.index` is no longer supported *Details:* `kibana.index`, `xpack.reporting.index` and `xpack.task_manager.index` can no longer be specified. *Impact:* Users who relied on changing these settings to achieve multitenancy should use *Spaces*, cross-cluster replication, or cross-cluster search instead. To migrate to *Spaces*, users are encouraged to use saved object management to export their saved objects from a tenant into the default tenant in a space. Improvements are planned to improve on this workflow. See https://github.com/elastic/kibana/issues/82020 for more details. +[float] +==== Disabling most plugins with the `{plugin_name}.enabled` setting is no longer supported +*Details:* The ability for most plugins to be disabled using the `{plugin_name}.enabled` config option has been removed. + +*Impact:* Some plugins, such as `telemetry`, `newsfeed`, `reporting`, and the various `vis_type` plugins will continue to support this setting, however the rest of the plugins that ship with Kibana will not. By default, any newly created plugins will not support this configuration unless it is explicitly added to the plugin's `configSchema`. + +If you are currently using one of these settings in your Kibana config, please remove it before upgrading to 8.0. If you were using these settings to control user access to certain Kibana applications, we recommend leveraging Feature Controls instead. + [float] ==== Legacy browsers are now rejected by default *Details:* `csp.strict` is now enabled by default, so Kibana will fail to load for older, legacy browsers that do not enforce basic Content Security Policy protections - notably Internet Explorer 11. diff --git a/docs/settings/apm-settings.asciidoc b/docs/settings/apm-settings.asciidoc index fc20685885df7bf..ac6f813ba3a8603 100644 --- a/docs/settings/apm-settings.asciidoc +++ b/docs/settings/apm-settings.asciidoc @@ -40,10 +40,6 @@ Changing these settings may disable features of the APM App. [cols="2*<"] |=== -| `xpack.apm.enabled` {ess-icon} - | deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] - Set to `false` to disable the APM app. Defaults to `true`. - | `xpack.apm.maxServiceEnvironments` {ess-icon} | Maximum number of unique service environments recognized by the UI. Defaults to `100`. diff --git a/docs/settings/dev-settings.asciidoc b/docs/settings/dev-settings.asciidoc deleted file mode 100644 index bcf4420cdadca28..000000000000000 --- a/docs/settings/dev-settings.asciidoc +++ /dev/null @@ -1,34 +0,0 @@ -[role="xpack"] -[[dev-settings-kb]] -=== Development tools settings in {kib} -++++ -Development tools settings -++++ - -You do not need to configure any settings to use the development tools in {kib}. -They are enabled by default. - -[float] -[[grok-settings]] -==== Grok Debugger settings - -`xpack.grokdebugger.enabled` {ess-icon}:: -deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] -Set to `true` to enable the <>. Defaults to `true`. - - -[float] -[[profiler-settings]] -==== {searchprofiler} settings - -`xpack.searchprofiler.enabled`:: -deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] -Set to `true` to enable the <>. Defaults to `true`. - -[float] -[[painless_lab-settings]] -==== Painless Lab settings - -`xpack.painless_lab.enabled`:: -deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] -When set to `true`, enables the <>. Defaults to `true`. diff --git a/docs/settings/fleet-settings.asciidoc b/docs/settings/fleet-settings.asciidoc index f6f5b4a79fb6d18..f0dfeb619bb3864 100644 --- a/docs/settings/fleet-settings.asciidoc +++ b/docs/settings/fleet-settings.asciidoc @@ -20,9 +20,6 @@ See the {fleet-guide}/index.html[{fleet}] docs for more information. [cols="2*<"] |=== -| `xpack.fleet.enabled` {ess-icon} - | deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] - Set to `true` (default) to enable {fleet}. | `xpack.fleet.agents.enabled` {ess-icon} | Set to `true` (default) to enable {fleet}. |=== diff --git a/docs/settings/general-infra-logs-ui-settings.asciidoc b/docs/settings/general-infra-logs-ui-settings.asciidoc index 1e6dcf012206b91..d56c38f120170a1 100644 --- a/docs/settings/general-infra-logs-ui-settings.asciidoc +++ b/docs/settings/general-infra-logs-ui-settings.asciidoc @@ -1,8 +1,4 @@ -`xpack.infra.enabled`:: -deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] -Set to `false` to disable the Logs and Metrics app plugin {kib}. Defaults to `true`. - `xpack.infra.sources.default.logAlias`:: Index pattern for matching indices that contain log data. Defaults to `filebeat-*,kibana_sample_data_logs*`. To match multiple wildcard patterns, use a comma to separate the names, with no space after the comma. For example, `logstash-app1-*,default-logs-*`. diff --git a/docs/settings/graph-settings.asciidoc b/docs/settings/graph-settings.asciidoc deleted file mode 100644 index 793a8aae73158d7..000000000000000 --- a/docs/settings/graph-settings.asciidoc +++ /dev/null @@ -1,12 +0,0 @@ -[role="xpack"] -[[graph-settings-kb]] -=== Graph settings in {kib} -++++ -Graph settings -++++ - -You do not need to configure any settings to use the {graph-features}. - -`xpack.graph.enabled` {ess-icon}:: -deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] -Set to `false` to disable the {graph-features}. diff --git a/docs/settings/ml-settings.asciidoc b/docs/settings/ml-settings.asciidoc deleted file mode 100644 index e67876c76df0dba..000000000000000 --- a/docs/settings/ml-settings.asciidoc +++ /dev/null @@ -1,26 +0,0 @@ -[role="xpack"] -[[ml-settings-kb]] -=== Machine learning settings in {kib} -++++ -Machine learning settings -++++ - -You do not need to configure any settings to use {kib} {ml-features}. They are -enabled by default. - -[[general-ml-settings-kb]] -==== General {ml} settings - -`xpack.ml.enabled` {ess-icon}:: -deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] -Set to `true` (default) to enable {kib} {ml-features}. + -+ -If set to `false` in `kibana.yml`, the {ml} icon is hidden in this {kib} -instance. If `xpack.ml.enabled` is set to `true` in `elasticsearch.yml`, however, -you can still use the {ml} APIs. To disable {ml} entirely, refer to -{ref}/ml-settings.html[{es} {ml} settings]. - -[[advanced-ml-settings-kb]] -==== Advanced {ml} settings - -Refer to <>. diff --git a/docs/settings/monitoring-settings.asciidoc b/docs/settings/monitoring-settings.asciidoc index 03c11007c64c427..d8bc26b7b39877e 100644 --- a/docs/settings/monitoring-settings.asciidoc +++ b/docs/settings/monitoring-settings.asciidoc @@ -31,13 +31,6 @@ For more information, see [cols="2*<"] |=== -| `monitoring.enabled` - | deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] - Set to `true` (default) to enable the {monitor-features} in {kib}. Unlike the - <> setting, when this setting is `false`, the - monitoring back-end does not run and {kib} stats are not sent to the monitoring - cluster. - | `monitoring.ui.ccs.enabled` | Set to `true` (default) to enable {ref}/modules-cross-cluster-search.html[cross-cluster search] of your monitoring data. The {ref}/modules-remote-clusters.html#remote-cluster-settings[`remote_cluster_client`] role must exist on each node. diff --git a/docs/settings/settings-xkb.asciidoc b/docs/settings/settings-xkb.asciidoc index 1bd38578750d7f8..64f97525ed7478a 100644 --- a/docs/settings/settings-xkb.asciidoc +++ b/docs/settings/settings-xkb.asciidoc @@ -13,11 +13,8 @@ For more {kib} configuration settings, see <>. include::alert-action-settings.asciidoc[] include::apm-settings.asciidoc[] include::banners-settings.asciidoc[] -include::dev-settings.asciidoc[] -include::graph-settings.asciidoc[] include::infrastructure-ui-settings.asciidoc[] include::logs-ui-settings.asciidoc[] -include::ml-settings.asciidoc[] include::reporting-settings.asciidoc[] include::spaces-settings.asciidoc[] include::task-manager-settings.asciidoc[] diff --git a/docs/settings/url-drilldown-settings.asciidoc b/docs/settings/url-drilldown-settings.asciidoc index ca414d4f650e997..702829ec34dccaa 100644 --- a/docs/settings/url-drilldown-settings.asciidoc +++ b/docs/settings/url-drilldown-settings.asciidoc @@ -8,10 +8,6 @@ Configure the URL drilldown settings in your `kibana.yml` configuration file. [cols="2*<"] |=== -| [[url-drilldown-enabled]] `url_drilldown.enabled` - | deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] - When `true`, enables URL drilldowns on your {kib} instance. - | [[external-URL-policy]] `externalUrl.policy` | Configures the external URL policies. URL drilldowns respect the global *External URL* service, which you can use to deny or allow external URLs. By default all external URLs are allowed. diff --git a/docs/setup/settings.asciidoc b/docs/setup/settings.asciidoc index 48bf5fe2cd7b374..16fa8eb7342045e 100644 --- a/docs/setup/settings.asciidoc +++ b/docs/setup/settings.asciidoc @@ -20,11 +20,12 @@ configuration using `${MY_ENV_VAR}` syntax. [cols="2*<"] |=== -| `console.enabled:` - | deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] -Toggling this causes the server to regenerate assets on the next startup, -which may cause a delay before pages start being served. -Set to `false` to disable Console. *Default: `true`* +| `csp.rules:` + | deprecated:[7.14.0,"In 8.0 and later, this setting will no longer be supported."] +A https://w3c.github.io/webappsec-csp/[Content Security Policy] template +that disables certain unnecessary and potentially insecure capabilities in +the browser. It is strongly recommended that you keep the default CSP rules +that ship with {kib}. | `csp.script_src:` | Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src[Content Security Policy `script-src` directive]. @@ -688,15 +689,6 @@ sources and images. When false, Vega can only get data from {es}. *Default: `fal `exploreDataInChart.enabled` | Enables you to view the underlying documents in a data series from a dashboard panel. *Default: `false`* -| `xpack.license_management.enabled` - | deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] -Set this value to false to disable the License Management UI. -*Default: `true`* - -| `xpack.rollup.enabled:` - | deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported."] -Set this value to false to disable the Rollup UI. *Default: true* - | `i18n.locale` {ess-icon} | Set this value to change the {kib} interface language. Valid locales are: `en`, `zh-CN`, `ja-JP`. *Default: `en`* @@ -706,14 +698,11 @@ Valid locales are: `en`, `zh-CN`, `ja-JP`. *Default: `en`* include::{kib-repo-dir}/settings/alert-action-settings.asciidoc[] include::{kib-repo-dir}/settings/apm-settings.asciidoc[] include::{kib-repo-dir}/settings/banners-settings.asciidoc[] -include::{kib-repo-dir}/settings/dev-settings.asciidoc[] -include::{kib-repo-dir}/settings/graph-settings.asciidoc[] include::{kib-repo-dir}/settings/fleet-settings.asciidoc[] include::{kib-repo-dir}/settings/i18n-settings.asciidoc[] include::{kib-repo-dir}/settings/logging-settings.asciidoc[] include::{kib-repo-dir}/settings/logs-ui-settings.asciidoc[] include::{kib-repo-dir}/settings/infrastructure-ui-settings.asciidoc[] -include::{kib-repo-dir}/settings/ml-settings.asciidoc[] include::{kib-repo-dir}/settings/monitoring-settings.asciidoc[] include::{kib-repo-dir}/settings/reporting-settings.asciidoc[] include::secure-settings.asciidoc[] diff --git a/docs/user/plugins.asciidoc b/docs/user/plugins.asciidoc index c604526d6c9331a..36f7ce8eb49ed8a 100644 --- a/docs/user/plugins.asciidoc +++ b/docs/user/plugins.asciidoc @@ -145,23 +145,6 @@ You can also remove a plugin manually by deleting the plugin's subdirectory unde NOTE: Removing a plugin will result in an "optimize" run which will delay the next start of {kib}. -[float] -[[disable-plugin]] -== Disable plugins - -deprecated:[7.16.0,"In 8.0 and later, this setting will only be supported for a subset of plugins that have opted in to the behavior."] - -Use the following command to disable a plugin: - -[source,shell] ------------ -./bin/kibana --.enabled=false <1> ------------ - -NOTE: Disabling or enabling a plugin will result in an "optimize" run which will delay the start of {kib}. - -<1> You can find a plugin's plugin ID as the value of the `name` property in the plugin's `kibana.json` file. - [float] [[configure-plugin-manager]] == Configure the plugin manager diff --git a/packages/kbn-config/src/config_service.test.ts b/packages/kbn-config/src/config_service.test.ts index 4a8164b1006268f..03744792258c2e5 100644 --- a/packages/kbn-config/src/config_service.test.ts +++ b/packages/kbn-config/src/config_service.test.ts @@ -261,42 +261,6 @@ test('correctly passes context', async () => { expect(await value$.pipe(first()).toPromise()).toMatchSnapshot(); }); -test('handles enabled path, but only marks the enabled path as used', async () => { - const initialConfig = { - pid: { - enabled: true, - file: '/some/file.pid', - }, - }; - - const rawConfigProvider = rawConfigServiceMock.create({ rawConfig: initialConfig }); - const configService = new ConfigService(rawConfigProvider, defaultEnv, logger); - - const isEnabled = await configService.isEnabledAtPath('pid'); - expect(isEnabled).toBe(true); - - const unusedPaths = await configService.getUnusedPaths(); - expect(unusedPaths).toEqual(['pid.file']); -}); - -test('handles enabled path when path is array', async () => { - const initialConfig = { - pid: { - enabled: true, - file: '/some/file.pid', - }, - }; - - const rawConfigProvider = rawConfigServiceMock.create({ rawConfig: initialConfig }); - const configService = new ConfigService(rawConfigProvider, defaultEnv, logger); - - const isEnabled = await configService.isEnabledAtPath(['pid']); - expect(isEnabled).toBe(true); - - const unusedPaths = await configService.getUnusedPaths(); - expect(unusedPaths).toEqual(['pid.file']); -}); - test('handles disabled path and marks config as used', async () => { const initialConfig = { pid: { @@ -308,6 +272,14 @@ test('handles disabled path and marks config as used', async () => { const rawConfigProvider = rawConfigServiceMock.create({ rawConfig: initialConfig }); const configService = new ConfigService(rawConfigProvider, defaultEnv, logger); + configService.setSchema( + 'pid', + schema.object({ + enabled: schema.boolean({ defaultValue: false }), + file: schema.string(), + }) + ); + const isEnabled = await configService.isEnabledAtPath('pid'); expect(isEnabled).toBe(false); @@ -338,7 +310,7 @@ test('does not throw if schema does not define "enabled" schema', async () => { expect(value.enabled).toBe(undefined); }); -test('treats config as enabled if config path is not present in config', async () => { +test('treats config as enabled if config path is not present in schema', async () => { const initialConfig = {}; const rawConfigProvider = rawConfigServiceMock.create({ rawConfig: initialConfig }); @@ -351,50 +323,58 @@ test('treats config as enabled if config path is not present in config', async ( expect(unusedPaths).toEqual([]); }); -test('read "enabled" even if its schema is not present', async () => { +test('throws if reading "enabled" when it is not present in the schema', async () => { const initialConfig = { foo: { - enabled: true, + enabled: false, }, }; const rawConfigProvider = rawConfigServiceMock.create({ rawConfig: initialConfig }); const configService = new ConfigService(rawConfigProvider, defaultEnv, logger); - const isEnabled = await configService.isEnabledAtPath('foo'); - expect(isEnabled).toBe(true); + configService.setSchema( + 'foo', + schema.object({ + bar: schema.maybe(schema.string()), + }) + ); + + expect( + async () => await configService.isEnabledAtPath('foo') + ).rejects.toThrowErrorMatchingInlineSnapshot( + `"[config validation of [foo].enabled]: definition for this key is missing"` + ); }); -test('logs deprecation if schema is not present and "enabled" is used', async () => { +test('throws if reading "enabled" when no schema exists', async () => { const initialConfig = { foo: { - enabled: true, + enabled: false, }, }; const rawConfigProvider = rawConfigServiceMock.create({ rawConfig: initialConfig }); const configService = new ConfigService(rawConfigProvider, defaultEnv, logger); - await configService.isEnabledAtPath('foo'); - expect(configService.getHandledDeprecatedConfigs()).toMatchInlineSnapshot(` - Array [ - Array [ - "foo", - Array [ - Object { - "configPath": "foo.enabled", - "correctiveActions": Object { - "manualSteps": Array [ - "Remove \\"foo.enabled\\" from the Kibana config file, CLI flag, or environment variable (in Docker only) before upgrading to 8.0.0.", - ], - }, - "message": "Configuring \\"foo.enabled\\" is deprecated and will be removed in 8.0.0.", - "title": "Setting \\"foo.enabled\\" is deprecated", - }, - ], - ], - ] - `); + expect( + async () => await configService.isEnabledAtPath('foo') + ).rejects.toThrowErrorMatchingInlineSnapshot(`"No validation schema has been defined for [foo]"`); +}); + +test('throws if reading any config value when no schema exists', async () => { + const initialConfig = { + foo: { + whatever: 'hi', + }, + }; + + const rawConfigProvider = rawConfigServiceMock.create({ rawConfig: initialConfig }); + const configService = new ConfigService(rawConfigProvider, defaultEnv, logger); + + expect( + async () => await configService.isEnabledAtPath('foo') + ).rejects.toThrowErrorMatchingInlineSnapshot(`"No validation schema has been defined for [foo]"`); }); test('allows plugins to specify "enabled" flag via validation schema', async () => { @@ -425,7 +405,7 @@ test('allows plugins to specify "enabled" flag via validation schema', async () expect(await configService.isEnabledAtPath('baz')).toBe(true); }); -test('does not throw during validation is every schema is valid', async () => { +test('does not throw during validation if every schema is valid', async () => { const rawConfig = getRawConfigProvider({ stringKey: 'foo', numberKey: 42 }); const configService = new ConfigService(rawConfig, defaultEnv, logger); @@ -435,7 +415,7 @@ test('does not throw during validation is every schema is valid', async () => { await expect(configService.validate()).resolves.toBeUndefined(); }); -test('throws during validation is any schema is invalid', async () => { +test('throws during validation if any schema is invalid', async () => { const rawConfig = getRawConfigProvider({ stringKey: 123, numberKey: 42 }); const configService = new ConfigService(rawConfig, defaultEnv, logger); diff --git a/packages/kbn-config/src/config_service.ts b/packages/kbn-config/src/config_service.ts index 458acac95349708..08e16a9d2f44b82 100644 --- a/packages/kbn-config/src/config_service.ts +++ b/packages/kbn-config/src/config_service.ts @@ -168,51 +168,29 @@ export class ConfigService { public async isEnabledAtPath(path: ConfigPath) { const namespace = pathToString(path); + const hasSchema = this.schemas.has(namespace); - const validatedConfig = this.schemas.has(namespace) - ? await this.atPath<{ enabled?: boolean }>(path).pipe(first()).toPromise() - : undefined; - - const enabledPath = createPluginEnabledPath(path); const config = await this.config$.pipe(first()).toPromise(); - - // if plugin hasn't got a config schema, we try to read "enabled" directly - const isEnabled = validatedConfig?.enabled ?? config.get(enabledPath); - - // if we implicitly added an `enabled` config to a plugin without a schema, - // we log a deprecation warning, as this will not be supported in 8.0 - if (validatedConfig?.enabled === undefined && isEnabled !== undefined) { - const deprecationPath = pathToString(enabledPath); - const deprecatedConfigDetails: DeprecatedConfigDetails = { - configPath: deprecationPath, - title: `Setting "${deprecationPath}" is deprecated`, - message: `Configuring "${deprecationPath}" is deprecated and will be removed in 8.0.0.`, - correctiveActions: { - manualSteps: [ - `Remove "${deprecationPath}" from the Kibana config file, CLI flag, or environment variable (in Docker only) before upgrading to 8.0.0.`, - ], - }, - }; - this.deprecationLog.warn(deprecatedConfigDetails.message); - this.markDeprecatedConfigAsHandled(namespace, deprecatedConfigDetails); + if (!hasSchema && config.has(path)) { + // Throw if there is no schema, but a config exists at the path. + throw new Error(`No validation schema has been defined for [${namespace}]`); } - // not declared. consider that plugin is enabled by default - if (isEnabled === undefined) { - return true; - } + const validatedConfig = hasSchema + ? await this.atPath<{ enabled?: boolean }>(path).pipe(first()).toPromise() + : undefined; - if (isEnabled === false) { - // If the plugin is _not_ enabled, we mark the entire plugin path as - // handled, as it's expected that it won't be used. + const isDisabled = validatedConfig?.enabled === false; + if (isDisabled) { + // If the plugin is explicitly disabled, we mark the entire plugin + // path as handled, as it's expected that it won't be used. this.markAsHandled(path); return false; } - // If plugin enabled we mark the enabled path as handled, as we for example - // can have plugins that don't have _any_ config except for this field, and - // therefore have no reason to try to get the config. - this.markAsHandled(enabledPath); + // If the schema exists and the config is explicitly set to true, + // _or_ if the `enabled` config is undefined, then we treat the + // plugin as enabled. return true; } @@ -286,13 +264,6 @@ export class ConfigService { } } -const createPluginEnabledPath = (configPath: string | string[]) => { - if (Array.isArray(configPath)) { - return configPath.concat('enabled'); - } - return `${configPath}.enabled`; -}; - const pathToString = (path: ConfigPath) => (Array.isArray(path) ? path.join('.') : path); /** diff --git a/packages/kbn-config/src/deprecation/types.ts b/packages/kbn-config/src/deprecation/types.ts index f5bb240f5cc43dc..7b1eb4a0ea6c1ad 100644 --- a/packages/kbn-config/src/deprecation/types.ts +++ b/packages/kbn-config/src/deprecation/types.ts @@ -106,7 +106,7 @@ export interface ConfigDeprecationCommand { * * @example * ```typescript - * const provider: ConfigDeprecationProvider = ({ rename, unused }) => [ + * const provider: ConfigDeprecationProvider = ({ deprecate, rename, unused }) => [ * deprecate('deprecatedKey', '8.0.0'), * rename('oldKey', 'newKey'), * unused('deprecatedKey'), @@ -164,7 +164,7 @@ export interface ConfigDeprecationFactory { * @example * Log a deprecation warning indicating 'myplugin.deprecatedKey' should be removed by `8.0.0` * ```typescript - * const provider: ConfigDeprecationProvider = ({ deprecate }) => [ + * const provider: ConfigDeprecationProvider = ({ deprecateFromRoot }) => [ * deprecateFromRoot('deprecatedKey', '8.0.0'), * ] * ``` diff --git a/src/core/server/plugins/plugins_service.test.ts b/src/core/server/plugins/plugins_service.test.ts index d45e7f9bf0bd063..0c077d732c67b1d 100644 --- a/src/core/server/plugins/plugins_service.test.ts +++ b/src/core/server/plugins/plugins_service.test.ts @@ -1066,32 +1066,46 @@ describe('PluginsService', () => { describe('plugin initialization', () => { beforeEach(() => { + const prebootPlugins = [ + createPlugin('plugin-1-preboot', { + type: PluginType.preboot, + path: 'path-1-preboot', + version: 'version-1', + }), + createPlugin('plugin-2-preboot', { + type: PluginType.preboot, + path: 'path-2-preboot', + version: 'version-2', + }), + ]; + const standardPlugins = [ + createPlugin('plugin-1-standard', { + path: 'path-1-standard', + version: 'version-1', + }), + createPlugin('plugin-2-standard', { + path: 'path-2-standard', + version: 'version-2', + }), + ]; + + for (const plugin of [...prebootPlugins, ...standardPlugins]) { + jest.doMock( + join(plugin.path, 'server'), + () => ({ + config: { + schema: schema.object({ + enabled: schema.maybe(schema.boolean({ defaultValue: true })), + }), + }, + }), + { virtual: true } + ); + } + mockDiscover.mockReturnValue({ error$: from([]), - plugin$: from([ - createPlugin('plugin-1-preboot', { - type: PluginType.preboot, - path: 'path-1-preboot', - version: 'version-1', - configPath: 'plugin1_preboot', - }), - createPlugin('plugin-1-standard', { - path: 'path-1-standard', - version: 'version-1', - configPath: 'plugin1_standard', - }), - createPlugin('plugin-2-preboot', { - type: PluginType.preboot, - path: 'path-2-preboot', - version: 'version-2', - configPath: 'plugin2_preboot', - }), - createPlugin('plugin-2-standard', { - path: 'path-2-standard', - version: 'version-2', - configPath: 'plugin2_standard', - }), - ]), + plugin$: from([...prebootPlugins, ...standardPlugins]), }); prebootMockPluginSystem.uiPlugins.mockReturnValue(new Map()); diff --git a/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker b/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker index 02d4046ca1a2262..1827f9b9e8e7965 100755 --- a/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker +++ b/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker @@ -23,7 +23,6 @@ kibana_vars=( apm_oss.sourcemapIndices apm_oss.spanIndices apm_oss.transactionIndices - console.enabled console.proxyConfig console.proxyFilter csp.strict @@ -66,7 +65,6 @@ kibana_vars=( elasticsearch.username enterpriseSearch.accessCheckTimeout enterpriseSearch.accessCheckTimeoutWarning - enterpriseSearch.enabled enterpriseSearch.host externalUrl.policy i18n.locale @@ -102,7 +100,6 @@ kibana_vars=( migrations.scrollDuration migrations.skip monitoring.cluster_alerts.email_notifications.email_address - monitoring.enabled monitoring.kibana.collection.enabled monitoring.kibana.collection.interval monitoring.ui.container.elasticsearch.enabled @@ -184,7 +181,6 @@ kibana_vars=( tilemap.options.minZoom tilemap.options.subdomains tilemap.url - url_drilldown.enabled vega.enableExternalUrls vis_type_vega.enableExternalUrls xpack.actions.allowedHosts @@ -209,7 +205,6 @@ kibana_vars=( xpack.alerts.healthCheck.interval xpack.alerts.invalidateApiKeysTask.interval xpack.alerts.invalidateApiKeysTask.removalDelay - xpack.apm.enabled xpack.apm.indices.error xpack.apm.indices.metric xpack.apm.indices.onboarding @@ -229,7 +224,6 @@ kibana_vars=( xpack.banners.placement xpack.banners.textColor xpack.banners.textContent - xpack.canvas.enabled xpack.code.disk.thresholdEnabled xpack.code.disk.watermarkLow xpack.code.indexRepoFrequencyMs @@ -261,14 +255,10 @@ kibana_vars=( xpack.fleet.agents.fleet_server.hosts xpack.fleet.agents.kibana.host xpack.fleet.agents.tlsCheckDisabled - xpack.fleet.enabled xpack.fleet.packages xpack.fleet.registryUrl xpack.graph.canEditDrillDownUrls - xpack.graph.enabled xpack.graph.savePolicy - xpack.grokdebugger.enabled - xpack.infra.enabled xpack.infra.query.partitionFactor xpack.infra.query.partitionSize xpack.infra.sources.default.fields.container @@ -281,13 +271,9 @@ kibana_vars=( xpack.infra.sources.default.metricAlias xpack.ingestManager.fleet.tlsCheckDisabled xpack.ingestManager.registryUrl - xpack.license_management.enabled - xpack.maps.enabled - xpack.ml.enabled xpack.observability.annotations.index xpack.observability.unsafe.alertingExperience.enabled xpack.observability.unsafe.cases.enabled - xpack.painless_lab.enabled xpack.reporting.capture.browser.autoDownload xpack.reporting.capture.browser.chromium.disableSandbox xpack.reporting.capture.browser.chromium.inspect @@ -333,9 +319,7 @@ kibana_vars=( xpack.reporting.queue.timeout xpack.reporting.roles.allow xpack.reporting.roles.enabled - xpack.rollup.enabled xpack.ruleRegistry.write.enabled - xpack.searchprofiler.enabled xpack.security.audit.appender.fileName xpack.security.audit.appender.layout.highlight xpack.security.audit.appender.layout.pattern diff --git a/test/functional/config.js b/test/functional/config.js index 97b3d85a8e243b7..e0195c4dadc8d50 100644 --- a/test/functional/config.js +++ b/test/functional/config.js @@ -46,9 +46,7 @@ export default async function ({ readConfigFile }) { // to be re-enabled once kibana/issues/102552 is completed '--xpack.security.enabled=false', - '--monitoring.enabled=false', '--xpack.reporting.enabled=false', - '--enterpriseSearch.enabled=false', ], }, diff --git a/x-pack/plugins/apm/server/index.ts b/x-pack/plugins/apm/server/index.ts index abf9b3f5fb77433..1ed54be0271dd2c 100644 --- a/x-pack/plugins/apm/server/index.ts +++ b/x-pack/plugins/apm/server/index.ts @@ -17,7 +17,6 @@ import { APMPlugin } from './plugin'; // All options should be documented in the APM configuration settings: https://github.com/elastic/kibana/blob/master/docs/settings/apm-settings.asciidoc // and be included on cloud allow list unless there are specific reasons not to const configSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), serviceMapEnabled: schema.boolean({ defaultValue: true }), serviceMapFingerprintBucketSize: schema.number({ defaultValue: 100 }), serviceMapTraceIdBucketSize: schema.number({ defaultValue: 65 }), @@ -60,13 +59,7 @@ const configSchema = schema.object({ // plugin config export const config: PluginConfigDescriptor = { - deprecations: ({ - deprecate, - renameFromRoot, - deprecateFromRoot, - unusedFromRoot, - }) => [ - deprecate('enabled', '8.0.0'), + deprecations: ({ renameFromRoot, deprecateFromRoot, unusedFromRoot }) => [ renameFromRoot( 'apm_oss.transactionIndices', 'xpack.apm.indices.transaction' diff --git a/x-pack/plugins/cases/server/config.ts b/x-pack/plugins/cases/server/config.ts index 7a81c47937a6c5b..bbda9fa7a32aed4 100644 --- a/x-pack/plugins/cases/server/config.ts +++ b/x-pack/plugins/cases/server/config.ts @@ -8,7 +8,6 @@ import { schema, TypeOf } from '@kbn/config-schema'; export const ConfigSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), markdownPlugins: schema.object({ lens: schema.boolean({ defaultValue: true }), }), diff --git a/x-pack/plugins/cases/server/index.ts b/x-pack/plugins/cases/server/index.ts index ad76724eb49f7cb..5e433b46b80e5a1 100644 --- a/x-pack/plugins/cases/server/index.ts +++ b/x-pack/plugins/cases/server/index.ts @@ -15,8 +15,7 @@ export const config: PluginConfigDescriptor = { exposeToBrowser: { markdownPlugins: true, }, - deprecations: ({ deprecate, renameFromRoot }) => [ - deprecate('enabled', '8.0.0'), + deprecations: ({ renameFromRoot }) => [ renameFromRoot('xpack.case.enabled', 'xpack.cases.enabled'), ], }; diff --git a/x-pack/plugins/cases/server/plugin.ts b/x-pack/plugins/cases/server/plugin.ts index c04e495889a7402..bef8d45bd86f668 100644 --- a/x-pack/plugins/cases/server/plugin.ts +++ b/x-pack/plugins/cases/server/plugin.ts @@ -15,7 +15,6 @@ import { } from '../../actions/server'; import { APP_ID, ENABLE_CASE_CONNECTOR } from '../common'; -import { ConfigType } from './config'; import { initCaseApi } from './routes/api'; import { createCaseCommentSavedObjectType, @@ -34,10 +33,6 @@ import { SpacesPluginStart } from '../../spaces/server'; import { PluginStartContract as FeaturesPluginStart } from '../../features/server'; import { LensServerPluginSetup } from '../../lens/server'; -function createConfig(context: PluginInitializerContext) { - return context.config.get(); -} - export interface PluginsSetup { security?: SecurityPluginSetup; actions: ActionsPluginSetup; @@ -76,12 +71,6 @@ export class CasePlugin { } public setup(core: CoreSetup, plugins: PluginsSetup) { - const config = createConfig(this.initializerContext); - - if (!config.enabled) { - return; - } - this.securityPluginSetup = plugins.security; this.lensEmbeddableFactory = plugins.lens.lensEmbeddableFactory; diff --git a/x-pack/plugins/cloud/server/config.ts b/x-pack/plugins/cloud/server/config.ts index 2cc413178c3ae2a..109987cd72d449f 100644 --- a/x-pack/plugins/cloud/server/config.ts +++ b/x-pack/plugins/cloud/server/config.ts @@ -29,7 +29,6 @@ const fullStoryConfigSchema = schema.object({ }); const configSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), id: schema.maybe(schema.string()), apm: schema.maybe(apmConfigSchema), cname: schema.maybe(schema.string()), @@ -52,6 +51,5 @@ export const config: PluginConfigDescriptor = { organization_url: true, full_story: true, }, - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], schema: configSchema, }; diff --git a/x-pack/plugins/encrypted_saved_objects/server/config.test.ts b/x-pack/plugins/encrypted_saved_objects/server/config.test.ts index 1cc5f7974cb136c..ea22446d289aefe 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/config.test.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/config.test.ts @@ -11,7 +11,6 @@ describe('config schema', () => { it('generates proper defaults', () => { expect(ConfigSchema.validate({})).toMatchInlineSnapshot(` Object { - "enabled": true, "encryptionKey": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "keyRotation": Object { "decryptionOnlyKeys": Array [], @@ -21,7 +20,6 @@ describe('config schema', () => { expect(ConfigSchema.validate({}, { dist: false })).toMatchInlineSnapshot(` Object { - "enabled": true, "encryptionKey": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "keyRotation": Object { "decryptionOnlyKeys": Array [], @@ -32,7 +30,6 @@ describe('config schema', () => { expect(ConfigSchema.validate({ encryptionKey: 'z'.repeat(32) }, { dist: true })) .toMatchInlineSnapshot(` Object { - "enabled": true, "encryptionKey": "zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz", "keyRotation": Object { "decryptionOnlyKeys": Array [], @@ -42,7 +39,6 @@ describe('config schema', () => { expect(ConfigSchema.validate({}, { dist: true })).toMatchInlineSnapshot(` Object { - "enabled": true, "keyRotation": Object { "decryptionOnlyKeys": Array [], }, @@ -61,7 +57,6 @@ describe('config schema', () => { ) ).toMatchInlineSnapshot(` Object { - "enabled": true, "encryptionKey": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "keyRotation": Object { "decryptionOnlyKeys": Array [ diff --git a/x-pack/plugins/encrypted_saved_objects/server/config.ts b/x-pack/plugins/encrypted_saved_objects/server/config.ts index fc86336d44836c5..2cf7c12f95d55cb 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/config.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/config.ts @@ -12,7 +12,6 @@ export type ConfigType = TypeOf; export const ConfigSchema = schema.object( { - enabled: schema.boolean({ defaultValue: true }), encryptionKey: schema.conditional( schema.contextRef('dist'), true, diff --git a/x-pack/plugins/encrypted_saved_objects/server/index.ts b/x-pack/plugins/encrypted_saved_objects/server/index.ts index b765f1fcaf6fa91..d462f06939f6b38 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/index.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/index.ts @@ -17,7 +17,6 @@ export type { IsMigrationNeededPredicate } from './create_migration'; export const config: PluginConfigDescriptor = { schema: ConfigSchema, - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], }; export const plugin = (initializerContext: PluginInitializerContext) => new EncryptedSavedObjectsPlugin(initializerContext); diff --git a/x-pack/plugins/enterprise_search/server/__mocks__/routerDependencies.mock.ts b/x-pack/plugins/enterprise_search/server/__mocks__/routerDependencies.mock.ts index 08be1a134ae0244..1bd47c94a84b7f1 100644 --- a/x-pack/plugins/enterprise_search/server/__mocks__/routerDependencies.mock.ts +++ b/x-pack/plugins/enterprise_search/server/__mocks__/routerDependencies.mock.ts @@ -19,7 +19,6 @@ export const mockRequestHandler = { }; export const mockConfig = { - enabled: true, host: 'http://localhost:3002', accessCheckTimeout: 5000, accessCheckTimeoutWarning: 300, diff --git a/x-pack/plugins/enterprise_search/server/index.ts b/x-pack/plugins/enterprise_search/server/index.ts index dae584a883bd77a..6d8a16fd6844a39 100644 --- a/x-pack/plugins/enterprise_search/server/index.ts +++ b/x-pack/plugins/enterprise_search/server/index.ts @@ -16,7 +16,6 @@ export const plugin = (initializerContext: PluginInitializerContext) => { export const configSchema = schema.object({ host: schema.maybe(schema.string()), - enabled: schema.boolean({ defaultValue: true }), accessCheckTimeout: schema.number({ defaultValue: 5000 }), accessCheckTimeoutWarning: schema.number({ defaultValue: 300 }), ssl: schema.object({ @@ -37,5 +36,4 @@ export const config: PluginConfigDescriptor = { exposeToBrowser: { host: true, }, - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], }; diff --git a/x-pack/plugins/fleet/server/index.ts b/x-pack/plugins/fleet/server/index.ts index cc754b87686e664..9ce361503ddf3dc 100644 --- a/x-pack/plugins/fleet/server/index.ts +++ b/x-pack/plugins/fleet/server/index.ts @@ -43,8 +43,7 @@ export const config: PluginConfigDescriptor = { epm: true, agents: true, }, - deprecations: ({ deprecate, renameFromRoot, unused, unusedFromRoot }) => [ - deprecate('enabled', '8.0.0'), + deprecations: ({ renameFromRoot, unused, unusedFromRoot }) => [ // Fleet plugin was named ingestManager before renameFromRoot('xpack.ingestManager.enabled', 'xpack.fleet.enabled'), renameFromRoot('xpack.ingestManager.registryUrl', 'xpack.fleet.registryUrl'), @@ -103,7 +102,6 @@ export const config: PluginConfigDescriptor = { }, ], schema: schema.object({ - enabled: schema.boolean({ defaultValue: true }), registryUrl: schema.maybe(schema.uri({ scheme: ['http', 'https'] })), registryProxyUrl: schema.maybe(schema.uri({ scheme: ['http', 'https'] })), agents: schema.object({ diff --git a/x-pack/plugins/graph/config.ts b/x-pack/plugins/graph/config.ts index d1a84246172b7f0..44cd9cb32e26360 100644 --- a/x-pack/plugins/graph/config.ts +++ b/x-pack/plugins/graph/config.ts @@ -8,7 +8,6 @@ import { schema, TypeOf } from '@kbn/config-schema'; export const configSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), savePolicy: schema.oneOf( [ schema.literal('none'), diff --git a/x-pack/plugins/graph/server/index.ts b/x-pack/plugins/graph/server/index.ts index 528e122da9a4d98..10ddca631a898e3 100644 --- a/x-pack/plugins/graph/server/index.ts +++ b/x-pack/plugins/graph/server/index.ts @@ -18,5 +18,4 @@ export const config: PluginConfigDescriptor = { savePolicy: true, }, schema: configSchema, - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], }; diff --git a/x-pack/plugins/infra/server/plugin.ts b/x-pack/plugins/infra/server/plugin.ts index b77b81cf41ee154..d1ea60dd23dfc49 100644 --- a/x-pack/plugins/infra/server/plugin.ts +++ b/x-pack/plugins/infra/server/plugin.ts @@ -43,7 +43,6 @@ import { RulesService } from './services/rules'; export const config: PluginConfigDescriptor = { schema: schema.object({ - enabled: schema.boolean({ defaultValue: true }), inventory: schema.object({ compositeSize: schema.number({ defaultValue: 2000 }), }), @@ -68,7 +67,6 @@ export const config: PluginConfigDescriptor = { }) ), }), - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], }; export type InfraConfig = TypeOf; diff --git a/x-pack/plugins/lens/config.ts b/x-pack/plugins/lens/config.ts deleted file mode 100644 index 56e97d1be7b8039..000000000000000 --- a/x-pack/plugins/lens/config.ts +++ /dev/null @@ -1,14 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { schema, TypeOf } from '@kbn/config-schema'; - -export const configSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), -}); - -export type ConfigSchema = TypeOf; diff --git a/x-pack/plugins/lens/server/index.ts b/x-pack/plugins/lens/server/index.ts index e2117506e9b72a3..a87cd3b2d5fadde 100644 --- a/x-pack/plugins/lens/server/index.ts +++ b/x-pack/plugins/lens/server/index.ts @@ -8,19 +8,12 @@ // TODO: https://github.com/elastic/kibana/issues/110891 /* eslint-disable @kbn/eslint/no_export_all */ -import { PluginInitializerContext, PluginConfigDescriptor } from 'kibana/server'; +import { PluginInitializerContext } from 'kibana/server'; import { LensServerPlugin } from './plugin'; export type { LensServerPluginSetup } from './plugin'; export * from './plugin'; export * from './migrations/types'; -import { configSchema, ConfigSchema } from '../config'; - -export const config: PluginConfigDescriptor = { - schema: configSchema, - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], -}; - export const plugin = (initializerContext: PluginInitializerContext) => new LensServerPlugin(initializerContext); diff --git a/x-pack/plugins/lists/server/config.mock.ts b/x-pack/plugins/lists/server/config.mock.ts index e7c4a4ecee4abc0..98d59ef1c2a4d1f 100644 --- a/x-pack/plugins/lists/server/config.mock.ts +++ b/x-pack/plugins/lists/server/config.mock.ts @@ -21,7 +21,6 @@ export const getConfigMock = (): Partial => ({ }); export const getConfigMockDecoded = (): ConfigType => ({ - enabled: true, importBufferSize: IMPORT_BUFFER_SIZE, importTimeout: IMPORT_TIMEOUT, listIndex: LIST_INDEX, diff --git a/x-pack/plugins/lists/server/config.ts b/x-pack/plugins/lists/server/config.ts index c19639944b1b64d..0bb070da05137a5 100644 --- a/x-pack/plugins/lists/server/config.ts +++ b/x-pack/plugins/lists/server/config.ts @@ -8,7 +8,6 @@ import { TypeOf, schema } from '@kbn/config-schema'; export const ConfigSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), importBufferSize: schema.number({ defaultValue: 1000, min: 1 }), importTimeout: schema.duration({ defaultValue: '5m', diff --git a/x-pack/plugins/lists/server/index.ts b/x-pack/plugins/lists/server/index.ts index 7e1283927aa8600..772a8cbe7ec35a0 100644 --- a/x-pack/plugins/lists/server/index.ts +++ b/x-pack/plugins/lists/server/index.ts @@ -20,7 +20,6 @@ export { ExceptionListClient } from './services/exception_lists/exception_list_c export type { ListPluginSetup, ListsApiRequestHandlerContext } from './types'; export const config: PluginConfigDescriptor = { - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], schema: ConfigSchema, }; export const plugin = (initializerContext: PluginInitializerContext): ListPlugin => diff --git a/x-pack/plugins/lists/server/services/lists/list_client.mock.ts b/x-pack/plugins/lists/server/services/lists/list_client.mock.ts index 08c14534ac345cb..f33e6bcbb11437c 100644 --- a/x-pack/plugins/lists/server/services/lists/list_client.mock.ts +++ b/x-pack/plugins/lists/server/services/lists/list_client.mock.ts @@ -66,7 +66,6 @@ export class ListClientMock extends ListClient { export const getListClientMock = (): ListClient => { const mock = new ListClientMock({ config: { - enabled: true, importBufferSize: IMPORT_BUFFER_SIZE, importTimeout: IMPORT_TIMEOUT, listIndex: LIST_INDEX, diff --git a/x-pack/plugins/logstash/server/index.ts b/x-pack/plugins/logstash/server/index.ts index 33f3777297f63d3..2d2ad27bb2fd186 100644 --- a/x-pack/plugins/logstash/server/index.ts +++ b/x-pack/plugins/logstash/server/index.ts @@ -5,15 +5,7 @@ * 2.0. */ -import { schema } from '@kbn/config-schema'; -import { PluginInitializerContext, PluginConfigDescriptor } from 'src/core/server'; +import { PluginInitializerContext } from 'src/core/server'; import { LogstashPlugin } from './plugin'; export const plugin = (context: PluginInitializerContext) => new LogstashPlugin(context); - -export const config: PluginConfigDescriptor = { - schema: schema.object({ - enabled: schema.boolean({ defaultValue: true }), - }), - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], -}; diff --git a/x-pack/plugins/maps/config.ts b/x-pack/plugins/maps/config.ts index 3dcae8f94e84483..10e7ee75fcecf3a 100644 --- a/x-pack/plugins/maps/config.ts +++ b/x-pack/plugins/maps/config.ts @@ -8,13 +8,11 @@ import { schema, TypeOf } from '@kbn/config-schema'; export interface MapsConfigType { - enabled: boolean; showMapsInspectorAdapter: boolean; preserveDrawingBuffer: boolean; } export const configSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), // flag used in functional testing showMapsInspectorAdapter: schema.boolean({ defaultValue: false }), // flag used in functional testing diff --git a/x-pack/plugins/maps/server/index.ts b/x-pack/plugins/maps/server/index.ts index bfb8745c4ba6f0b..e00951610bbeda5 100644 --- a/x-pack/plugins/maps/server/index.ts +++ b/x-pack/plugins/maps/server/index.ts @@ -17,13 +17,11 @@ export const config: PluginConfigDescriptor = { // exposeToBrowser specifies kibana.yml settings to expose to the browser // the value `true` in this context signals configuration is exposed to browser exposeToBrowser: { - enabled: true, showMapsInspectorAdapter: true, preserveDrawingBuffer: true, }, schema: configSchema, - deprecations: ({ deprecate }) => [ - deprecate('enabled', '8.0.0'), + deprecations: () => [ ( completeConfig: Record, rootPath: string, diff --git a/x-pack/plugins/maps/server/plugin.ts b/x-pack/plugins/maps/server/plugin.ts index 88e3dd6096654b6..8768580089f3170 100644 --- a/x-pack/plugins/maps/server/plugin.ts +++ b/x-pack/plugins/maps/server/plugin.ts @@ -138,15 +138,6 @@ export class MapsPlugin implements Plugin { const { usageCollection, home, licensing, features, mapsEms } = plugins; const mapsEmsConfig = mapsEms.config; const config$ = this._initializerContext.config.create(); - const currentConfig = this._initializerContext.config.get(); - - // @ts-ignore - const mapsEnabled = currentConfig.enabled; - // TODO: Consider dynamic way to disable maps app on config change - if (!mapsEnabled) { - this._logger.warn('Maps app disabled by configuration'); - return; - } let isEnterprisePlus = false; let lastLicenseId: string | undefined; diff --git a/x-pack/plugins/metrics_entities/server/config.ts b/x-pack/plugins/metrics_entities/server/config.ts deleted file mode 100644 index 31be25661180396..000000000000000 --- a/x-pack/plugins/metrics_entities/server/config.ts +++ /dev/null @@ -1,14 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { TypeOf, schema } from '@kbn/config-schema'; - -export const ConfigSchema = schema.object({ - enabled: schema.boolean({ defaultValue: false }), -}); - -export type ConfigType = TypeOf; diff --git a/x-pack/plugins/metrics_entities/server/index.ts b/x-pack/plugins/metrics_entities/server/index.ts index c8f9d81347bdb5d..e61dc8b7dc642ea 100644 --- a/x-pack/plugins/metrics_entities/server/index.ts +++ b/x-pack/plugins/metrics_entities/server/index.ts @@ -5,18 +5,13 @@ * 2.0. */ -import { PluginConfigDescriptor, PluginInitializerContext } from '../../../../src/core/server'; +import { PluginInitializerContext } from '../../../../src/core/server'; -import { ConfigSchema } from './config'; import { MetricsEntitiesPlugin } from './plugin'; // This exports static code and TypeScript types, // as well as, Kibana Platform `plugin()` initializer. -export const config: PluginConfigDescriptor = { - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], - schema: ConfigSchema, -}; export const plugin = (initializerContext: PluginInitializerContext): MetricsEntitiesPlugin => { return new MetricsEntitiesPlugin(initializerContext); }; diff --git a/x-pack/plugins/monitoring/public/plugin.ts b/x-pack/plugins/monitoring/public/plugin.ts index 0792d083b3da5b1..82e49fec5a8d47a 100644 --- a/x-pack/plugins/monitoring/public/plugin.ts +++ b/x-pack/plugins/monitoring/public/plugin.ts @@ -57,7 +57,7 @@ export class MonitoringPlugin }); const monitoring = this.initializerContext.config.get(); - if (!monitoring.ui.enabled || !monitoring.enabled) { + if (!monitoring.ui.enabled) { return false; } diff --git a/x-pack/plugins/monitoring/server/config.test.ts b/x-pack/plugins/monitoring/server/config.test.ts index f4604903e006839..8dd1866c274c9f1 100644 --- a/x-pack/plugins/monitoring/server/config.test.ts +++ b/x-pack/plugins/monitoring/server/config.test.ts @@ -40,7 +40,6 @@ describe('config schema', () => { }, "enabled": true, }, - "enabled": true, "kibana": Object { "collection": Object { "enabled": true, diff --git a/x-pack/plugins/monitoring/server/config.ts b/x-pack/plugins/monitoring/server/config.ts index ddbfd480a9f4eef..7b66b35d658ccd3 100644 --- a/x-pack/plugins/monitoring/server/config.ts +++ b/x-pack/plugins/monitoring/server/config.ts @@ -22,7 +22,6 @@ export const monitoringElasticsearchConfigSchema = elasticsearchConfigSchema.ext }); export const configSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), ui: schema.object({ enabled: schema.boolean({ defaultValue: true }), debug_mode: schema.boolean({ defaultValue: false }), diff --git a/x-pack/plugins/monitoring/server/deprecations.ts b/x-pack/plugins/monitoring/server/deprecations.ts index 3072e024450d094..7c3d3e3baf58a0a 100644 --- a/x-pack/plugins/monitoring/server/deprecations.ts +++ b/x-pack/plugins/monitoring/server/deprecations.ts @@ -18,12 +18,10 @@ import { CLUSTER_ALERTS_ADDRESS_CONFIG_KEY } from '../common/constants'; * @return {Array} array of rename operations and callback function for rename logging */ export const deprecations = ({ - deprecate, rename, renameFromRoot, }: ConfigDeprecationFactory): ConfigDeprecation[] => { return [ - deprecate('enabled', '8.0.0'), // This order matters. The "blanket rename" needs to happen at the end renameFromRoot('xpack.monitoring.max_bucket_size', 'monitoring.ui.max_bucket_size'), renameFromRoot('xpack.monitoring.min_interval_seconds', 'monitoring.ui.min_interval_seconds'), diff --git a/x-pack/plugins/monitoring/server/index.ts b/x-pack/plugins/monitoring/server/index.ts index 97e572d15327c48..63cc61e5039170b 100644 --- a/x-pack/plugins/monitoring/server/index.ts +++ b/x-pack/plugins/monitoring/server/index.ts @@ -20,7 +20,6 @@ export const config: PluginConfigDescriptor> = { schema: configSchema, deprecations, exposeToBrowser: { - enabled: true, ui: true, kibana: true, }, diff --git a/x-pack/plugins/observability/server/index.ts b/x-pack/plugins/observability/server/index.ts index 53c3ecb23546c64..1e811e0a5278cb0 100644 --- a/x-pack/plugins/observability/server/index.ts +++ b/x-pack/plugins/observability/server/index.ts @@ -24,7 +24,6 @@ export const config: PluginConfigDescriptor = { unsafe: true, }, schema: schema.object({ - enabled: schema.boolean({ defaultValue: true }), annotations: schema.object({ enabled: schema.boolean({ defaultValue: true }), index: schema.string({ defaultValue: 'observability-annotations' }), @@ -34,7 +33,6 @@ export const config: PluginConfigDescriptor = { cases: schema.object({ enabled: schema.boolean({ defaultValue: false }) }), }), }), - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], }; export type ObservabilityConfig = TypeOf; diff --git a/x-pack/plugins/osquery/public/plugin.ts b/x-pack/plugins/osquery/public/plugin.ts index 8555997d617872e..86a1f89f738b6b2 100644 --- a/x-pack/plugins/osquery/public/plugin.ts +++ b/x-pack/plugins/osquery/public/plugin.ts @@ -37,18 +37,6 @@ export class OsqueryPlugin implements Plugin(); - - if (!config.enabled) { - return {}; - } - const storage = this.storage; const kibanaVersion = this.kibanaVersion; // Register an application into the side navigation menu @@ -78,18 +66,6 @@ export class OsqueryPlugin implements Plugin(); - - if (!config.enabled) { - return {}; - } - if (plugins.fleet) { const { registerExtension } = plugins.fleet; diff --git a/x-pack/plugins/osquery/server/config.ts b/x-pack/plugins/osquery/server/config.ts index 3ec9213ae6d6041..1fd4b5dbe5ac2dc 100644 --- a/x-pack/plugins/osquery/server/config.ts +++ b/x-pack/plugins/osquery/server/config.ts @@ -8,7 +8,6 @@ import { TypeOf, schema } from '@kbn/config-schema'; export const ConfigSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), actionEnabled: schema.boolean({ defaultValue: false }), savedQueries: schema.boolean({ defaultValue: true }), packs: schema.boolean({ defaultValue: false }), diff --git a/x-pack/plugins/osquery/server/index.ts b/x-pack/plugins/osquery/server/index.ts index 385515c28509349..5deec805cc28240 100644 --- a/x-pack/plugins/osquery/server/index.ts +++ b/x-pack/plugins/osquery/server/index.ts @@ -10,10 +10,8 @@ import { OsqueryPlugin } from './plugin'; import { ConfigSchema, ConfigType } from './config'; export const config: PluginConfigDescriptor = { - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], schema: ConfigSchema, exposeToBrowser: { - enabled: true, actionEnabled: true, savedQueries: true, packs: true, diff --git a/x-pack/plugins/osquery/server/plugin.ts b/x-pack/plugins/osquery/server/plugin.ts index ff8483fdb385a61..420fc429f97f461 100644 --- a/x-pack/plugins/osquery/server/plugin.ts +++ b/x-pack/plugins/osquery/server/plugin.ts @@ -205,10 +205,6 @@ export class OsqueryPlugin implements Plugin [ - deprecate('enabled', '8.0.0'), - unused('unsafe.indexUpgrade.enabled'), - ], + deprecations: ({ deprecate, unused }) => [unused('unsafe.indexUpgrade.enabled')], schema: schema.object({ - enabled: schema.boolean({ defaultValue: true }), write: schema.object({ enabled: schema.boolean({ defaultValue: false }), }), diff --git a/x-pack/plugins/saved_objects_tagging/server/config.ts b/x-pack/plugins/saved_objects_tagging/server/config.ts index 183779aa6f229e9..9d676576a03c34a 100644 --- a/x-pack/plugins/saved_objects_tagging/server/config.ts +++ b/x-pack/plugins/saved_objects_tagging/server/config.ts @@ -9,14 +9,12 @@ import { schema, TypeOf } from '@kbn/config-schema'; import { PluginConfigDescriptor } from 'kibana/server'; const configSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), cache_refresh_interval: schema.duration({ defaultValue: '15m' }), }); export type SavedObjectsTaggingConfigType = TypeOf; export const config: PluginConfigDescriptor = { - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], schema: configSchema, exposeToBrowser: { cache_refresh_interval: true, diff --git a/x-pack/plugins/security_solution/server/config.ts b/x-pack/plugins/security_solution/server/config.ts index bc5b43c6d25fd1b..e0b8ad883f4a251 100644 --- a/x-pack/plugins/security_solution/server/config.ts +++ b/x-pack/plugins/security_solution/server/config.ts @@ -17,7 +17,6 @@ import { UnderlyingLogClient } from './lib/detection_engine/rule_execution_log/t const allowedExperimentalValues = getExperimentalAllowedValues(); export const configSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), maxRuleImportExportSize: schema.number({ defaultValue: 10000 }), maxRuleImportPayloadBytes: schema.number({ defaultValue: 10485760 }), maxTimelineImportExportSize: schema.number({ defaultValue: 10000 }), diff --git a/x-pack/plugins/security_solution/server/index.ts b/x-pack/plugins/security_solution/server/index.ts index b72a21c0da643a8..7e3da726f6ebe46 100644 --- a/x-pack/plugins/security_solution/server/index.ts +++ b/x-pack/plugins/security_solution/server/index.ts @@ -20,8 +20,7 @@ export const config: PluginConfigDescriptor = { enableExperimental: true, }, schema: configSchema, - deprecations: ({ deprecate, renameFromRoot }) => [ - deprecate('enabled', '8.0.0'), + deprecations: ({ renameFromRoot }) => [ renameFromRoot('xpack.siem.enabled', 'xpack.securitySolution.enabled'), renameFromRoot( 'xpack.siem.maxRuleImportExportSize', diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/index.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/index.ts index 2f401d27813acc0..8417115fb1896b4 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/index.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/index.ts @@ -16,7 +16,6 @@ import { UnderlyingLogClient } from '../../rule_execution_log/types'; export { requestMock, requestContextMock, responseMock, serverMock }; export const createMockConfig = (): ConfigType => ({ - enabled: true, [SIGNALS_INDEX_KEY]: DEFAULT_SIGNALS_INDEX, maxRuleImportExportSize: 10000, maxRuleImportPayloadBytes: 10485760, diff --git a/x-pack/plugins/timelines/public/index.ts b/x-pack/plugins/timelines/public/index.ts index 800f1958f9c94a2..70f7185e9c486d8 100644 --- a/x-pack/plugins/timelines/public/index.ts +++ b/x-pack/plugins/timelines/public/index.ts @@ -10,8 +10,6 @@ import { createContext } from 'react'; -import { PluginInitializerContext } from '../../../../src/core/public'; - import { TimelinesPlugin } from './plugin'; import type { StatefulEventContextType } from './types'; export * as tGridActions from './store/t_grid/actions'; @@ -63,8 +61,8 @@ export { StatefulFieldsBrowser } from './components/t_grid/toolbar/fields_browse export { useStatusBulkActionItems } from './hooks/use_status_bulk_action_items'; // This exports static code and TypeScript types, // as well as, Kibana Platform `plugin()` initializer. -export function plugin(initializerContext: PluginInitializerContext) { - return new TimelinesPlugin(initializerContext); +export function plugin() { + return new TimelinesPlugin(); } export const StatefulEventContext = createContext(null); diff --git a/x-pack/plugins/timelines/public/plugin.ts b/x-pack/plugins/timelines/public/plugin.ts index acb7b26d0cf849e..2151ff0bc5e9ba8 100644 --- a/x-pack/plugins/timelines/public/plugin.ts +++ b/x-pack/plugins/timelines/public/plugin.ts @@ -8,12 +8,7 @@ import { Store } from 'redux'; import { Storage } from '../../../../src/plugins/kibana_utils/public'; -import type { - CoreSetup, - Plugin, - PluginInitializerContext, - CoreStart, -} from '../../../../src/core/public'; +import type { CoreSetup, Plugin, CoreStart } from '../../../../src/core/public'; import type { LastUpdatedAtProps, LoadingPanelProps, FieldBrowserProps } from './components'; import { getLastUpdatedLazy, @@ -32,17 +27,12 @@ import { useAddToTimeline, useAddToTimelineSensor } from './hooks/use_add_to_tim import { getHoverActions } from './components/hover_actions'; export class TimelinesPlugin implements Plugin { - constructor(private readonly initializerContext: PluginInitializerContext) {} private _store: Store | undefined; private _storage = new Storage(localStorage); public setup(core: CoreSetup) {} public start(core: CoreStart, { data }: TimelinesStartPlugins): TimelinesUIStart { - const config = this.initializerContext.config.get<{ enabled: boolean }>(); - if (!config.enabled) { - return {} as TimelinesUIStart; - } return { getHoverActions: () => { return getHoverActions(this._store); diff --git a/x-pack/plugins/timelines/server/config.ts b/x-pack/plugins/timelines/server/config.ts deleted file mode 100644 index 958c67333387361..000000000000000 --- a/x-pack/plugins/timelines/server/config.ts +++ /dev/null @@ -1,14 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { TypeOf, schema } from '@kbn/config-schema'; - -export const ConfigSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), -}); - -export type ConfigType = TypeOf; diff --git a/x-pack/plugins/timelines/server/index.ts b/x-pack/plugins/timelines/server/index.ts index 229a257d8f549e0..ef18226a0e60c7a 100644 --- a/x-pack/plugins/timelines/server/index.ts +++ b/x-pack/plugins/timelines/server/index.ts @@ -5,17 +5,9 @@ * 2.0. */ -import { PluginInitializerContext, PluginConfigDescriptor } from '../../../../src/core/server'; +import { PluginInitializerContext } from '../../../../src/core/server'; import { TimelinesPlugin } from './plugin'; -import { ConfigSchema, ConfigType } from './config'; -export const config: PluginConfigDescriptor = { - deprecations: ({ deprecate }) => [deprecate('enabled', '8.0.0')], - schema: ConfigSchema, - exposeToBrowser: { - enabled: true, - }, -}; export function plugin(initializerContext: PluginInitializerContext) { return new TimelinesPlugin(initializerContext); } diff --git a/x-pack/scripts/functional_tests.js b/x-pack/scripts/functional_tests.js index f7b978c2b58bd24..6cb80d6d4b74d61 100644 --- a/x-pack/scripts/functional_tests.js +++ b/x-pack/scripts/functional_tests.js @@ -21,7 +21,6 @@ const alwaysImportedTests = [ require.resolve('../test/functional_embedded/config.ts'), require.resolve('../test/functional_cors/config.ts'), require.resolve('../test/functional_enterprise_search/without_host_configured.config.ts'), - require.resolve('../test/functional_vis_wizard/config.ts'), require.resolve('../test/saved_object_tagging/functional/config.ts'), require.resolve('../test/usage_collection/config.ts'), require.resolve('../test/fleet_functional/config.ts'), diff --git a/x-pack/test/alerting_api_integration/common/fixtures/plugins/aad/kibana.json b/x-pack/test/alerting_api_integration/common/fixtures/plugins/aad/kibana.json index 016ba8eee281ce2..7dea652f7f9bb70 100644 --- a/x-pack/test/alerting_api_integration/common/fixtures/plugins/aad/kibana.json +++ b/x-pack/test/alerting_api_integration/common/fixtures/plugins/aad/kibana.json @@ -6,7 +6,6 @@ }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["taskManager", "encryptedSavedObjects"], "optionalPlugins": ["spaces"], "server": true, diff --git a/x-pack/test/alerting_api_integration/common/fixtures/plugins/actions_simulators/kibana.json b/x-pack/test/alerting_api_integration/common/fixtures/plugins/actions_simulators/kibana.json index db7372d66b79347..5a76689f96d380c 100644 --- a/x-pack/test/alerting_api_integration/common/fixtures/plugins/actions_simulators/kibana.json +++ b/x-pack/test/alerting_api_integration/common/fixtures/plugins/actions_simulators/kibana.json @@ -6,7 +6,6 @@ }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["actions", "features", "encryptedSavedObjects"], "server": true, "ui": false diff --git a/x-pack/test/alerting_api_integration/common/fixtures/plugins/alerts/kibana.json b/x-pack/test/alerting_api_integration/common/fixtures/plugins/alerts/kibana.json index 63777d0c2662984..22ccd552762f5ca 100644 --- a/x-pack/test/alerting_api_integration/common/fixtures/plugins/alerts/kibana.json +++ b/x-pack/test/alerting_api_integration/common/fixtures/plugins/alerts/kibana.json @@ -6,7 +6,6 @@ }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["taskManager", "features", "actions", "alerting", "encryptedSavedObjects"], "optionalPlugins": ["security", "spaces"], "server": true, diff --git a/x-pack/test/alerting_api_integration/common/fixtures/plugins/alerts_restricted/kibana.json b/x-pack/test/alerting_api_integration/common/fixtures/plugins/alerts_restricted/kibana.json index f12f8c3c205aaa5..206acd533b26625 100644 --- a/x-pack/test/alerting_api_integration/common/fixtures/plugins/alerts_restricted/kibana.json +++ b/x-pack/test/alerting_api_integration/common/fixtures/plugins/alerts_restricted/kibana.json @@ -6,7 +6,6 @@ }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["taskManager", "features", "actions", "alerting"], "optionalPlugins": ["spaces"], "server": true, diff --git a/x-pack/test/alerting_api_integration/common/fixtures/plugins/task_manager_fixture/kibana.json b/x-pack/test/alerting_api_integration/common/fixtures/plugins/task_manager_fixture/kibana.json index 6d21226db4994cd..8adfa8d57e72b93 100644 --- a/x-pack/test/alerting_api_integration/common/fixtures/plugins/task_manager_fixture/kibana.json +++ b/x-pack/test/alerting_api_integration/common/fixtures/plugins/task_manager_fixture/kibana.json @@ -6,7 +6,6 @@ }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["taskManager"], "server": true, "ui": false diff --git a/x-pack/test/api_integration/config.ts b/x-pack/test/api_integration/config.ts index 9721a1827caf32c..3690f661c621c82 100644 --- a/x-pack/test/api_integration/config.ts +++ b/x-pack/test/api_integration/config.ts @@ -28,7 +28,6 @@ export async function getApiIntegrationConfig({ readConfigFile }: FtrConfigProvi '--map.proxyElasticMapsServiceInMaps=true', '--xpack.security.session.idleTimeout=3600000', // 1 hour '--telemetry.optIn=true', - '--xpack.fleet.enabled=true', '--xpack.fleet.agents.pollingRequestTimeout=5000', // 5 seconds '--xpack.data_enhanced.search.sessions.enabled=true', // enable WIP send to background UI '--xpack.data_enhanced.search.sessions.notTouchedTimeout=15s', // shorten notTouchedTimeout for quicker testing diff --git a/x-pack/test/case_api_integration/common/config.ts b/x-pack/test/case_api_integration/common/config.ts index e6fda129eaa1615..2658472a7b84dd7 100644 --- a/x-pack/test/case_api_integration/common/config.ts +++ b/x-pack/test/case_api_integration/common/config.ts @@ -93,8 +93,6 @@ export function createTestConfig(name: string, options: CreateTestConfigOptions) .isDirectory() ); - const casesConfig = ['--xpack.cases.enabled=true']; - return { testFiles: testFiles ? testFiles : [require.resolve('../tests/common')], servers, @@ -117,7 +115,6 @@ export function createTestConfig(name: string, options: CreateTestConfigOptions) ...xPackApiIntegrationTestsConfig.get('kbnTestServer'), serverArgs: [ ...xPackApiIntegrationTestsConfig.get('kbnTestServer.serverArgs'), - ...casesConfig, `--xpack.actions.allowedHosts=${JSON.stringify(['localhost', 'some.non.existent.com'])}`, `--xpack.actions.enabledActionTypes=${JSON.stringify(enabledActionTypes)}`, '--xpack.eventLog.logEntries=true', diff --git a/x-pack/test/case_api_integration/common/fixtures/plugins/cases_client_user/kibana.json b/x-pack/test/case_api_integration/common/fixtures/plugins/cases_client_user/kibana.json index 22312e27bb1d3e4..c8ccea36bd6c3ea 100644 --- a/x-pack/test/case_api_integration/common/fixtures/plugins/cases_client_user/kibana.json +++ b/x-pack/test/case_api_integration/common/fixtures/plugins/cases_client_user/kibana.json @@ -6,7 +6,6 @@ }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["features", "cases"], "optionalPlugins": ["security", "spaces"], "server": true, diff --git a/x-pack/test/case_api_integration/common/fixtures/plugins/observability/kibana.json b/x-pack/test/case_api_integration/common/fixtures/plugins/observability/kibana.json index afc0cd39734e305..783a9b60e22a67e 100644 --- a/x-pack/test/case_api_integration/common/fixtures/plugins/observability/kibana.json +++ b/x-pack/test/case_api_integration/common/fixtures/plugins/observability/kibana.json @@ -6,7 +6,6 @@ }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["features", "cases"], "optionalPlugins": ["security", "spaces"], "server": true, diff --git a/x-pack/test/case_api_integration/common/fixtures/plugins/security_solution/kibana.json b/x-pack/test/case_api_integration/common/fixtures/plugins/security_solution/kibana.json index 8368ed83efaa1ae..a0d33c9ec09e888 100644 --- a/x-pack/test/case_api_integration/common/fixtures/plugins/security_solution/kibana.json +++ b/x-pack/test/case_api_integration/common/fixtures/plugins/security_solution/kibana.json @@ -6,7 +6,6 @@ }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["features", "cases"], "optionalPlugins": ["security", "spaces"], "server": true, diff --git a/x-pack/test/detection_engine_api_integration/basic/config.ts b/x-pack/test/detection_engine_api_integration/basic/config.ts index ead53d3fef129b1..0c5c7d1649f84d9 100644 --- a/x-pack/test/detection_engine_api_integration/basic/config.ts +++ b/x-pack/test/detection_engine_api_integration/basic/config.ts @@ -9,7 +9,6 @@ import { createTestConfig } from '../common/config'; // eslint-disable-next-line import/no-default-export export default createTestConfig('basic', { - disabledPlugins: [], license: 'basic', ssl: true, }); diff --git a/x-pack/test/detection_engine_api_integration/common/config.ts b/x-pack/test/detection_engine_api_integration/common/config.ts index eee1f0be5ba3773..4fdb23d010ea2e0 100644 --- a/x-pack/test/detection_engine_api_integration/common/config.ts +++ b/x-pack/test/detection_engine_api_integration/common/config.ts @@ -11,7 +11,6 @@ import { services } from './services'; interface CreateTestConfigOptions { license: string; - disabledPlugins?: string[]; ssl?: boolean; } @@ -33,7 +32,7 @@ const enabledActionTypes = [ ]; export function createTestConfig(name: string, options: CreateTestConfigOptions) { - const { license = 'trial', disabledPlugins = [], ssl = false } = options; + const { license = 'trial', ssl = false } = options; return async ({ readConfigFile }: FtrConfigProviderContext) => { const xPackApiIntegrationTestsConfig = await readConfigFile( @@ -58,10 +57,7 @@ export function createTestConfig(name: string, options: CreateTestConfigOptions) ...xPackApiIntegrationTestsConfig.get('esTestCluster'), license, ssl, - serverArgs: [ - `xpack.license.self_generated.type=${license}`, - `xpack.security.enabled=${!disabledPlugins.includes('security')}`, - ], + serverArgs: [`xpack.license.self_generated.type=${license}`], }, kbnTestServer: { ...xPackApiIntegrationTestsConfig.get('kbnTestServer'), @@ -74,7 +70,6 @@ export function createTestConfig(name: string, options: CreateTestConfigOptions) 'testing_ignored.constant', '/testing_regex*/', ])}`, // See tests within the file "ignore_fields.ts" which use these values in "alertIgnoreFields" - ...disabledPlugins.map((key) => `--xpack.${key}.enabled=false`), ...(ssl ? [ `--elasticsearch.hosts=${servers.elasticsearch.protocol}://${servers.elasticsearch.hostname}:${servers.elasticsearch.port}`, diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/config.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/config.ts index 8b7e43945c8a21c..78203525b887abc 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/config.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/config.ts @@ -9,7 +9,6 @@ import { createTestConfig } from '../common/config'; // eslint-disable-next-line import/no-default-export export default createTestConfig('security_and_spaces', { - disabledPlugins: [], license: 'trial', ssl: true, }); diff --git a/x-pack/test/fleet_functional/config.ts b/x-pack/test/fleet_functional/config.ts index b68fd08b7890f39..27fc522f03a36f3 100644 --- a/x-pack/test/fleet_functional/config.ts +++ b/x-pack/test/fleet_functional/config.ts @@ -29,10 +29,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { }, kbnTestServer: { ...xpackFunctionalConfig.get('kbnTestServer'), - serverArgs: [ - ...xpackFunctionalConfig.get('kbnTestServer.serverArgs'), - '--xpack.fleet.enabled=true', - ], + serverArgs: [...xpackFunctionalConfig.get('kbnTestServer.serverArgs')], }, layout: { fixedHeaderHeight: 200, diff --git a/x-pack/test/functional_execution_context/fixtures/plugins/alerts/kibana.json b/x-pack/test/functional_execution_context/fixtures/plugins/alerts/kibana.json index 7a51160f2004157..0537e12718dc577 100644 --- a/x-pack/test/functional_execution_context/fixtures/plugins/alerts/kibana.json +++ b/x-pack/test/functional_execution_context/fixtures/plugins/alerts/kibana.json @@ -6,7 +6,6 @@ }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["features", "alerting"], "server": true, "ui": false diff --git a/x-pack/test/functional_vis_wizard/apps/index.ts b/x-pack/test/functional_vis_wizard/apps/index.ts deleted file mode 100644 index b5073206d863e14..000000000000000 --- a/x-pack/test/functional_vis_wizard/apps/index.ts +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../ftr_provider_context'; - -export default function ({ loadTestFile }: FtrProviderContext) { - describe('Visualization Wizard', function () { - this.tags('ciGroup4'); - - loadTestFile(require.resolve('./visualization_wizard')); - }); -} diff --git a/x-pack/test/functional_vis_wizard/apps/visualization_wizard.ts b/x-pack/test/functional_vis_wizard/apps/visualization_wizard.ts deleted file mode 100644 index 2dc7533468db45c..000000000000000 --- a/x-pack/test/functional_vis_wizard/apps/visualization_wizard.ts +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../ftr_provider_context'; - -export default function ({ getService, getPageObjects }: FtrProviderContext) { - const esArchiver = getService('esArchiver'); - const PageObjects = getPageObjects(['visualize']); - - describe('lens and maps disabled', function () { - before(async function () { - await esArchiver.loadIfNeeded('x-pack/test/functional/es_archives/logstash_functional'); - await esArchiver.loadIfNeeded('x-pack/test/functional/es_archives/visualize/default'); - }); - - after(async function () { - await esArchiver.unload('x-pack/test/functional/es_archives/logstash_functional'); - await esArchiver.unload('x-pack/test/functional/es_archives/visualize/default'); - }); - - it('should not display lens and maps cards', async function () { - await PageObjects.visualize.navigateToNewVisualization(); - const expectedChartTypes = ['Custom visualization', 'TSVB']; - - // find all the chart types and make sure that maps and lens cards are not there - const chartTypes = (await PageObjects.visualize.getPromotedVisTypes()).sort(); - expect(chartTypes).to.eql(expectedChartTypes); - }); - }); -} diff --git a/x-pack/test/functional_vis_wizard/config.ts b/x-pack/test/functional_vis_wizard/config.ts deleted file mode 100644 index 523b59b6ccd1c51..000000000000000 --- a/x-pack/test/functional_vis_wizard/config.ts +++ /dev/null @@ -1,29 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrConfigProviderContext } from '@kbn/test'; - -export default async function ({ readConfigFile }: FtrConfigProviderContext) { - const xPackFunctionalConfig = await readConfigFile(require.resolve('../functional/config')); - - return { - // default to the xpack functional config - ...xPackFunctionalConfig.getAll(), - testFiles: [require.resolve('./apps')], - junit: { - reportName: 'X-Pack Visualization Wizard Tests with Lens and Maps disabled', - }, - kbnTestServer: { - ...xPackFunctionalConfig.get('kbnTestServer'), - serverArgs: [ - ...xPackFunctionalConfig.get('kbnTestServer.serverArgs'), - '--xpack.lens.enabled=false', - '--xpack.maps.enabled=false', - ], - }, - }; -} diff --git a/x-pack/test/functional_vis_wizard/ftr_provider_context.d.ts b/x-pack/test/functional_vis_wizard/ftr_provider_context.d.ts deleted file mode 100644 index ab1e99922280805..000000000000000 --- a/x-pack/test/functional_vis_wizard/ftr_provider_context.d.ts +++ /dev/null @@ -1,13 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { GenericFtrProviderContext } from '@kbn/test'; -import { pageObjects } from '../functional/page_objects'; -import { services } from '../functional/services'; - -export type FtrProviderContext = GenericFtrProviderContext; -export { pageObjects }; diff --git a/x-pack/test/functional_with_es_ssl/fixtures/plugins/alerts/kibana.json b/x-pack/test/functional_with_es_ssl/fixtures/plugins/alerts/kibana.json index 717fe9966be39c1..8c798aa3fbe0a9b 100644 --- a/x-pack/test/functional_with_es_ssl/fixtures/plugins/alerts/kibana.json +++ b/x-pack/test/functional_with_es_ssl/fixtures/plugins/alerts/kibana.json @@ -3,7 +3,6 @@ "owner": { "name": "Alerting Services", "githubTeam": "kibana-alerting-services" }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["alerting", "triggersActionsUi", "features"], "server": true, "ui": true diff --git a/x-pack/test/plugin_api_integration/plugins/event_log/kibana.json b/x-pack/test/plugin_api_integration/plugins/event_log/kibana.json index 7ba061701011242..42cfa0f766e3ec3 100644 --- a/x-pack/test/plugin_api_integration/plugins/event_log/kibana.json +++ b/x-pack/test/plugin_api_integration/plugins/event_log/kibana.json @@ -6,7 +6,6 @@ }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["eventLog"], "server": true, "ui": false diff --git a/x-pack/test/plugin_api_integration/plugins/sample_task_plugin/kibana.json b/x-pack/test/plugin_api_integration/plugins/sample_task_plugin/kibana.json index 7a9fd345739a0b3..0171004f1c7b50b 100644 --- a/x-pack/test/plugin_api_integration/plugins/sample_task_plugin/kibana.json +++ b/x-pack/test/plugin_api_integration/plugins/sample_task_plugin/kibana.json @@ -6,7 +6,6 @@ }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["taskManager"], "server": true, "ui": false diff --git a/x-pack/test/plugin_api_perf/plugins/task_manager_performance/kibana.json b/x-pack/test/plugin_api_perf/plugins/task_manager_performance/kibana.json index 1cc106fd95b36c6..995427773ad92fc 100644 --- a/x-pack/test/plugin_api_perf/plugins/task_manager_performance/kibana.json +++ b/x-pack/test/plugin_api_perf/plugins/task_manager_performance/kibana.json @@ -3,7 +3,6 @@ "owner": { "name": "Alerting Services", "githubTeam": "kibana-alerting-services" }, "version": "1.0.0", "kibanaVersion": "kibana", - "configPath": ["xpack"], "requiredPlugins": ["taskManager"], "server": true, "ui": false diff --git a/x-pack/test/plugin_functional/config.ts b/x-pack/test/plugin_functional/config.ts index 7033836285e3cf4..8f3c5be04a8bc34 100644 --- a/x-pack/test/plugin_functional/config.ts +++ b/x-pack/test/plugin_functional/config.ts @@ -48,7 +48,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { KIBANA_ROOT, 'test/plugin_functional/plugins/core_provider_plugin' )}`, - '--xpack.timelines.enabled=true', ...plugins.map((pluginDir) => `--plugin-path=${resolve(__dirname, 'plugins', pluginDir)}`), ], }, diff --git a/x-pack/test/saved_objects_field_count/config.ts b/x-pack/test/saved_objects_field_count/config.ts index 8144bac35ec7b9f..7967b6c4f3b9c8f 100644 --- a/x-pack/test/saved_objects_field_count/config.ts +++ b/x-pack/test/saved_objects_field_count/config.ts @@ -26,14 +26,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { kbnTestServer: { ...kibanaCommonTestsConfig.get('kbnTestServer'), - serverArgs: [ - ...kibanaCommonTestsConfig.get('kbnTestServer.serverArgs'), - // Enable plugins that are disabled by default to include their metrics - // TODO: Find a way to automatically enable all discovered plugins - '--xpack.fleet.enabled=true', - '--xpack.lists.enabled=true', - '--xpack.securitySolution.enabled=true', - ], + serverArgs: [...kibanaCommonTestsConfig.get('kbnTestServer.serverArgs')], }, }; } From 63a615f1f1e1f4f6d34291eaffc08b04643e97bf Mon Sep 17 00:00:00 2001 From: Jonathan Budzenski Date: Sun, 17 Oct 2021 14:45:48 -0500 Subject: [PATCH 11/50] skip flaky tests. #115308, #115313 --- .../tests/exception_operators_data_types/keyword_array.ts | 3 ++- .../tests/exception_operators_data_types/text_array.ts | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/keyword_array.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/keyword_array.ts index 94c8ab6f4664f6a..e852558aaa6a834 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/keyword_array.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/keyword_array.ts @@ -328,7 +328,8 @@ export default ({ getService }: FtrProviderContext) => { }); describe('"exists" operator', () => { - it('will return 1 results if matching against keyword for the empty array', async () => { + // FLAKY https://github.com/elastic/kibana/issues/115308 + it.skip('will return 1 results if matching against keyword for the empty array', async () => { const rule = getRuleForSignalTesting(['keyword_as_array']); const { id } = await createRuleWithExceptionEntries(supertest, rule, [ [ diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/text_array.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/text_array.ts index 2ee7ebfc18be0a0..f0a5fe7c1ffb1be 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/text_array.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/text_array.ts @@ -326,7 +326,8 @@ export default ({ getService }: FtrProviderContext) => { }); describe('"exists" operator', () => { - it('will return 1 results if matching against text for the empty array', async () => { + // FLAKY https://github.com/elastic/kibana/issues/115313 + it.skip('will return 1 results if matching against text for the empty array', async () => { const rule = getRuleForSignalTesting(['text_as_array']); const { id } = await createRuleWithExceptionEntries(supertest, rule, [ [ From 84df5697cc7c05f1e510945546ac055dc60c7a88 Mon Sep 17 00:00:00 2001 From: Yuliia Naumenko Date: Sun, 17 Oct 2021 20:07:48 -0700 Subject: [PATCH 12/50] [Alerting] Active alerts do not recover after re-enabling a rule (#111671) * [Alerting] Active alerts do not recover after re-enabling a rule * created reusable lib file for generating event log object * comment fix * fixed tests * fixed tests * fixed typecheck * fixed due to comments * Apply suggestions from code review Co-authored-by: ymao1 * fixed due to comments * fixed due to comments * fixed due to comments * fixed tests * Update disable.ts * Update disable.ts Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: ymao1 --- ...eate_alert_event_log_record_object.test.ts | 210 ++++++++++++++++++ .../create_alert_event_log_record_object.ts | 81 +++++++ x-pack/plugins/alerting/server/plugin.ts | 1 + .../server/rules_client/rules_client.ts | 59 ++++- .../server/rules_client/tests/disable.test.ts | 133 +++++++++++ .../rules_client_conflict_retries.test.ts | 16 ++ .../alerting/server/rules_client_factory.ts | 6 +- .../create_execution_handler.test.ts | 1 - .../task_runner/create_execution_handler.ts | 67 +++--- .../server/task_runner/task_runner.test.ts | 3 - .../server/task_runner/task_runner.ts | 55 ++--- .../spaces_only/tests/alerting/disable.ts | 73 ++++++ 12 files changed, 628 insertions(+), 77 deletions(-) create mode 100644 x-pack/plugins/alerting/server/lib/create_alert_event_log_record_object.test.ts create mode 100644 x-pack/plugins/alerting/server/lib/create_alert_event_log_record_object.ts diff --git a/x-pack/plugins/alerting/server/lib/create_alert_event_log_record_object.test.ts b/x-pack/plugins/alerting/server/lib/create_alert_event_log_record_object.test.ts new file mode 100644 index 000000000000000..0731886bcaeb012 --- /dev/null +++ b/x-pack/plugins/alerting/server/lib/create_alert_event_log_record_object.test.ts @@ -0,0 +1,210 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createAlertEventLogRecordObject } from './create_alert_event_log_record_object'; +import { UntypedNormalizedAlertType } from '../rule_type_registry'; +import { RecoveredActionGroup } from '../types'; + +describe('createAlertEventLogRecordObject', () => { + const ruleType: jest.Mocked = { + id: 'test', + name: 'My test alert', + actionGroups: [{ id: 'default', name: 'Default' }, RecoveredActionGroup], + defaultActionGroupId: 'default', + minimumLicenseRequired: 'basic', + isExportable: true, + recoveryActionGroup: RecoveredActionGroup, + executor: jest.fn(), + producer: 'alerts', + }; + + test('created alert event "execute-start"', async () => { + expect( + createAlertEventLogRecordObject({ + ruleId: '1', + ruleType, + action: 'execute-start', + timestamp: '1970-01-01T00:00:00.000Z', + task: { + scheduled: '1970-01-01T00:00:00.000Z', + scheduleDelay: 0, + }, + savedObjects: [ + { + id: '1', + type: 'alert', + typeId: ruleType.id, + relation: 'primary', + }, + ], + }) + ).toStrictEqual({ + '@timestamp': '1970-01-01T00:00:00.000Z', + event: { + action: 'execute-start', + category: ['alerts'], + kind: 'alert', + }, + kibana: { + saved_objects: [ + { + id: '1', + namespace: undefined, + rel: 'primary', + type: 'alert', + type_id: 'test', + }, + ], + task: { + schedule_delay: 0, + scheduled: '1970-01-01T00:00:00.000Z', + }, + }, + rule: { + category: 'test', + id: '1', + license: 'basic', + ruleset: 'alerts', + }, + }); + }); + + test('created alert event "recovered-instance"', async () => { + expect( + createAlertEventLogRecordObject({ + ruleId: '1', + ruleName: 'test name', + ruleType, + action: 'recovered-instance', + instanceId: 'test1', + group: 'group 1', + message: 'message text here', + namespace: 'default', + subgroup: 'subgroup value', + state: { + start: '1970-01-01T00:00:00.000Z', + end: '1970-01-01T00:05:00.000Z', + duration: 5, + }, + savedObjects: [ + { + id: '1', + type: 'alert', + typeId: ruleType.id, + relation: 'primary', + }, + ], + }) + ).toStrictEqual({ + event: { + action: 'recovered-instance', + category: ['alerts'], + duration: 5, + end: '1970-01-01T00:05:00.000Z', + kind: 'alert', + start: '1970-01-01T00:00:00.000Z', + }, + kibana: { + alerting: { + action_group_id: 'group 1', + action_subgroup: 'subgroup value', + instance_id: 'test1', + }, + saved_objects: [ + { + id: '1', + namespace: 'default', + rel: 'primary', + type: 'alert', + type_id: 'test', + }, + ], + }, + message: 'message text here', + rule: { + category: 'test', + id: '1', + license: 'basic', + ruleset: 'alerts', + name: 'test name', + }, + }); + }); + + test('created alert event "execute-action"', async () => { + expect( + createAlertEventLogRecordObject({ + ruleId: '1', + ruleName: 'test name', + ruleType, + action: 'execute-action', + instanceId: 'test1', + group: 'group 1', + message: 'action execution start', + namespace: 'default', + subgroup: 'subgroup value', + state: { + start: '1970-01-01T00:00:00.000Z', + end: '1970-01-01T00:05:00.000Z', + duration: 5, + }, + savedObjects: [ + { + id: '1', + type: 'alert', + typeId: ruleType.id, + relation: 'primary', + }, + { + id: '2', + type: 'action', + typeId: '.email', + }, + ], + }) + ).toStrictEqual({ + event: { + action: 'execute-action', + category: ['alerts'], + duration: 5, + end: '1970-01-01T00:05:00.000Z', + kind: 'alert', + start: '1970-01-01T00:00:00.000Z', + }, + kibana: { + alerting: { + action_group_id: 'group 1', + action_subgroup: 'subgroup value', + instance_id: 'test1', + }, + saved_objects: [ + { + id: '1', + namespace: 'default', + rel: 'primary', + type: 'alert', + type_id: 'test', + }, + { + id: '2', + namespace: 'default', + type: 'action', + type_id: '.email', + }, + ], + }, + message: 'action execution start', + rule: { + category: 'test', + id: '1', + license: 'basic', + ruleset: 'alerts', + name: 'test name', + }, + }); + }); +}); diff --git a/x-pack/plugins/alerting/server/lib/create_alert_event_log_record_object.ts b/x-pack/plugins/alerting/server/lib/create_alert_event_log_record_object.ts new file mode 100644 index 000000000000000..12300211cb0bb82 --- /dev/null +++ b/x-pack/plugins/alerting/server/lib/create_alert_event_log_record_object.ts @@ -0,0 +1,81 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { AlertInstanceState } from '../types'; +import { IEvent } from '../../../event_log/server'; +import { UntypedNormalizedAlertType } from '../rule_type_registry'; + +export type Event = Exclude; + +interface CreateAlertEventLogRecordParams { + ruleId: string; + ruleType: UntypedNormalizedAlertType; + action: string; + ruleName?: string; + instanceId?: string; + message?: string; + state?: AlertInstanceState; + group?: string; + subgroup?: string; + namespace?: string; + timestamp?: string; + task?: { + scheduled?: string; + scheduleDelay?: number; + }; + savedObjects: Array<{ + type: string; + id: string; + typeId: string; + relation?: string; + }>; +} + +export function createAlertEventLogRecordObject(params: CreateAlertEventLogRecordParams): Event { + const { ruleType, action, state, message, task, ruleId, group, subgroup, namespace } = params; + const alerting = + params.instanceId || group || subgroup + ? { + alerting: { + ...(params.instanceId ? { instance_id: params.instanceId } : {}), + ...(group ? { action_group_id: group } : {}), + ...(subgroup ? { action_subgroup: subgroup } : {}), + }, + } + : undefined; + const event: Event = { + ...(params.timestamp ? { '@timestamp': params.timestamp } : {}), + event: { + action, + kind: 'alert', + category: [ruleType.producer], + ...(state?.start ? { start: state.start as string } : {}), + ...(state?.end ? { end: state.end as string } : {}), + ...(state?.duration !== undefined ? { duration: state.duration as number } : {}), + }, + kibana: { + ...(alerting ? alerting : {}), + saved_objects: params.savedObjects.map((so) => ({ + ...(so.relation ? { rel: so.relation } : {}), + type: so.type, + id: so.id, + type_id: so.typeId, + namespace, + })), + ...(task ? { task: { scheduled: task.scheduled, schedule_delay: task.scheduleDelay } } : {}), + }, + ...(message ? { message } : {}), + rule: { + id: ruleId, + license: ruleType.minimumLicenseRequired, + category: ruleType.id, + ruleset: ruleType.producer, + ...(params.ruleName ? { name: params.ruleName } : {}), + }, + }; + return event; +} diff --git a/x-pack/plugins/alerting/server/plugin.ts b/x-pack/plugins/alerting/server/plugin.ts index b63fa94fbad725f..3623495058eb0f8 100644 --- a/x-pack/plugins/alerting/server/plugin.ts +++ b/x-pack/plugins/alerting/server/plugin.ts @@ -373,6 +373,7 @@ export class AlertingPlugin { eventLog: plugins.eventLog, kibanaVersion: this.kibanaVersion, authorization: alertingAuthorizationClientFactory, + eventLogger: this.eventLogger, }); const getRulesClientWithRequest = (request: KibanaRequest) => { diff --git a/x-pack/plugins/alerting/server/rules_client/rules_client.ts b/x-pack/plugins/alerting/server/rules_client/rules_client.ts index 2492517f4bdc388..bde0c350285824c 100644 --- a/x-pack/plugins/alerting/server/rules_client/rules_client.ts +++ b/x-pack/plugins/alerting/server/rules_client/rules_client.ts @@ -7,7 +7,7 @@ import Semver from 'semver'; import Boom from '@hapi/boom'; -import { omit, isEqual, map, uniq, pick, truncate, trim } from 'lodash'; +import { omit, isEqual, map, uniq, pick, truncate, trim, mapValues } from 'lodash'; import { i18n } from '@kbn/i18n'; import { estypes } from '@elastic/elasticsearch'; import { @@ -38,6 +38,7 @@ import { AlertWithLegacyId, SanitizedAlertWithLegacyId, PartialAlertWithLegacyId, + RawAlertInstance, } from '../types'; import { validateAlertTypeParams, @@ -60,10 +61,14 @@ import { AlertingAuthorizationFilterType, AlertingAuthorizationFilterOpts, } from '../authorization'; -import { IEventLogClient } from '../../../event_log/server'; +import { + IEvent, + IEventLogClient, + IEventLogger, + SAVED_OBJECT_REL_PRIMARY, +} from '../../../event_log/server'; import { parseIsoOrRelativeDate } from '../lib/iso_or_relative_date'; import { alertInstanceSummaryFromEventLog } from '../lib/alert_instance_summary_from_event_log'; -import { IEvent } from '../../../event_log/server'; import { AuditLogger } from '../../../security/server'; import { parseDuration } from '../../common/parse_duration'; import { retryIfConflicts } from '../lib/retry_if_conflicts'; @@ -73,6 +78,9 @@ import { ruleAuditEvent, RuleAuditAction } from './audit_events'; import { KueryNode, nodeBuilder } from '../../../../../src/plugins/data/common'; import { mapSortField } from './lib'; import { getAlertExecutionStatusPending } from '../lib/alert_execution_status'; +import { AlertInstance } from '../alert_instance'; +import { EVENT_LOG_ACTIONS } from '../plugin'; +import { createAlertEventLogRecordObject } from '../lib/create_alert_event_log_record_object'; export interface RegistryAlertTypeWithAuth extends RegistryRuleType { authorizedConsumers: string[]; @@ -101,6 +109,7 @@ export interface ConstructorOptions { getEventLogClient: () => Promise; kibanaVersion: PluginInitializerContext['env']['packageInfo']['version']; auditLogger?: AuditLogger; + eventLogger?: IEventLogger; } export interface MuteOptions extends IndexType { @@ -215,6 +224,7 @@ export class RulesClient { private readonly encryptedSavedObjectsClient: EncryptedSavedObjectsClient; private readonly kibanaVersion!: PluginInitializerContext['env']['packageInfo']['version']; private readonly auditLogger?: AuditLogger; + private readonly eventLogger?: IEventLogger; constructor({ ruleTypeRegistry, @@ -232,6 +242,7 @@ export class RulesClient { getEventLogClient, kibanaVersion, auditLogger, + eventLogger, }: ConstructorOptions) { this.logger = logger; this.getUserName = getUserName; @@ -248,6 +259,7 @@ export class RulesClient { this.getEventLogClient = getEventLogClient; this.kibanaVersion = kibanaVersion; this.auditLogger = auditLogger; + this.eventLogger = eventLogger; } public async create({ @@ -1199,6 +1211,47 @@ export class RulesClient { version = alert.version; } + if (this.eventLogger && attributes.scheduledTaskId) { + const { state } = taskInstanceToAlertTaskInstance( + await this.taskManager.get(attributes.scheduledTaskId), + attributes as unknown as SanitizedAlert + ); + + const recoveredAlertInstances = mapValues, AlertInstance>( + state.alertInstances ?? {}, + (rawAlertInstance) => new AlertInstance(rawAlertInstance) + ); + const recoveredAlertInstanceIds = Object.keys(recoveredAlertInstances); + + for (const instanceId of recoveredAlertInstanceIds) { + const { group: actionGroup, subgroup: actionSubgroup } = + recoveredAlertInstances[instanceId].getLastScheduledActions() ?? {}; + const instanceState = recoveredAlertInstances[instanceId].getState(); + const message = `instance '${instanceId}' has recovered due to the rule was disabled`; + + const event = createAlertEventLogRecordObject({ + ruleId: id, + ruleName: attributes.name, + ruleType: this.ruleTypeRegistry.get(attributes.alertTypeId), + instanceId, + action: EVENT_LOG_ACTIONS.recoveredInstance, + message, + state: instanceState, + group: actionGroup, + subgroup: actionSubgroup, + namespace: this.namespace, + savedObjects: [ + { + id, + type: 'alert', + typeId: attributes.alertTypeId, + relation: SAVED_OBJECT_REL_PRIMARY, + }, + ], + }); + this.eventLogger.logEvent(event); + } + } try { await this.authorization.ensureAuthorized({ ruleTypeId: attributes.alertTypeId, diff --git a/x-pack/plugins/alerting/server/rules_client/tests/disable.test.ts b/x-pack/plugins/alerting/server/rules_client/tests/disable.test.ts index 6b9b2021db68b4e..c518d385dd74776 100644 --- a/x-pack/plugins/alerting/server/rules_client/tests/disable.test.ts +++ b/x-pack/plugins/alerting/server/rules_client/tests/disable.test.ts @@ -18,6 +18,8 @@ import { InvalidatePendingApiKey } from '../../types'; import { httpServerMock } from '../../../../../../src/core/server/mocks'; import { auditServiceMock } from '../../../../security/server/audit/index.mock'; import { getBeforeSetup, setGlobalDate } from './lib'; +import { eventLoggerMock } from '../../../../event_log/server/event_logger.mock'; +import { TaskStatus } from '../../../../task_manager/server'; const taskManager = taskManagerMock.createStart(); const ruleTypeRegistry = ruleTypeRegistryMock.create(); @@ -26,6 +28,7 @@ const encryptedSavedObjects = encryptedSavedObjectsMock.createClient(); const authorization = alertingAuthorizationMock.create(); const actionsAuthorization = actionsAuthorizationMock.create(); const auditLogger = auditServiceMock.create().asScoped(httpServerMock.createKibanaRequest()); +const eventLogger = eventLoggerMock.create(); const kibanaVersion = 'v7.10.0'; const rulesClientParams: jest.Mocked = { @@ -44,10 +47,26 @@ const rulesClientParams: jest.Mocked = { getEventLogClient: jest.fn(), kibanaVersion, auditLogger, + eventLogger, }; beforeEach(() => { getBeforeSetup(rulesClientParams, taskManager, ruleTypeRegistry); + taskManager.get.mockResolvedValue({ + id: 'task-123', + taskType: 'alerting:123', + scheduledAt: new Date(), + attempts: 1, + status: TaskStatus.Idle, + runAt: new Date(), + startedAt: null, + retryAt: null, + state: {}, + params: { + alertId: '1', + }, + ownerId: null, + }); (auditLogger.log as jest.Mock).mockClear(); }); @@ -217,6 +236,120 @@ describe('disable()', () => { ).toBe('123'); }); + test('disables the rule with calling event log to "recover" the alert instances from the task state', async () => { + unsecuredSavedObjectsClient.create.mockResolvedValueOnce({ + id: '1', + type: 'api_key_pending_invalidation', + attributes: { + apiKeyId: '123', + createdAt: '2019-02-12T21:01:22.479Z', + }, + references: [], + }); + const scheduledTaskId = 'task-123'; + taskManager.get.mockResolvedValue({ + id: scheduledTaskId, + taskType: 'alerting:123', + scheduledAt: new Date(), + attempts: 1, + status: TaskStatus.Idle, + runAt: new Date(), + startedAt: null, + retryAt: null, + state: { + alertInstances: { + '1': { + meta: { + lastScheduledActions: { + group: 'default', + subgroup: 'newSubgroup', + date: new Date().toISOString(), + }, + }, + state: { bar: false }, + }, + }, + }, + params: { + alertId: '1', + }, + ownerId: null, + }); + await rulesClient.disable({ id: '1' }); + expect(unsecuredSavedObjectsClient.get).not.toHaveBeenCalled(); + expect(encryptedSavedObjects.getDecryptedAsInternalUser).toHaveBeenCalledWith('alert', '1', { + namespace: 'default', + }); + expect(unsecuredSavedObjectsClient.update).toHaveBeenCalledWith( + 'alert', + '1', + { + consumer: 'myApp', + schedule: { interval: '10s' }, + alertTypeId: 'myType', + enabled: false, + meta: { + versionApiKeyLastmodified: kibanaVersion, + }, + scheduledTaskId: null, + apiKey: null, + apiKeyOwner: null, + updatedAt: '2019-02-12T21:01:22.479Z', + updatedBy: 'elastic', + actions: [ + { + group: 'default', + id: '1', + actionTypeId: '1', + actionRef: '1', + params: { + foo: true, + }, + }, + ], + }, + { + version: '123', + } + ); + expect(taskManager.removeIfExists).toHaveBeenCalledWith('task-123'); + expect( + (unsecuredSavedObjectsClient.create.mock.calls[0][1] as InvalidatePendingApiKey).apiKeyId + ).toBe('123'); + + expect(eventLogger.logEvent).toHaveBeenCalledTimes(1); + expect(eventLogger.logEvent.mock.calls[0][0]).toStrictEqual({ + event: { + action: 'recovered-instance', + category: ['alerts'], + kind: 'alert', + }, + kibana: { + alerting: { + action_group_id: 'default', + action_subgroup: 'newSubgroup', + instance_id: '1', + }, + saved_objects: [ + { + id: '1', + namespace: 'default', + rel: 'primary', + type: 'alert', + type_id: 'myType', + }, + ], + }, + message: "instance '1' has recovered due to the rule was disabled", + rule: { + category: '123', + id: '1', + license: 'basic', + ruleset: 'alerts', + }, + }); + }); + test('falls back when getDecryptedAsInternalUser throws an error', async () => { encryptedSavedObjects.getDecryptedAsInternalUser.mockRejectedValueOnce(new Error('Fail')); unsecuredSavedObjectsClient.create.mockResolvedValueOnce({ diff --git a/x-pack/plugins/alerting/server/rules_client_conflict_retries.test.ts b/x-pack/plugins/alerting/server/rules_client_conflict_retries.test.ts index dfc55efad41c609..0b35f250ba3c6ec 100644 --- a/x-pack/plugins/alerting/server/rules_client_conflict_retries.test.ts +++ b/x-pack/plugins/alerting/server/rules_client_conflict_retries.test.ts @@ -325,6 +325,22 @@ beforeEach(() => { params: {}, }); + taskManager.get.mockResolvedValue({ + id: 'task-123', + taskType: 'alerting:123', + scheduledAt: new Date(), + attempts: 1, + status: TaskStatus.Idle, + runAt: new Date(), + startedAt: null, + retryAt: null, + state: {}, + params: { + alertId: '1', + }, + ownerId: null, + }); + const actionsClient = actionsClientMock.create(); actionsClient.getBulk.mockResolvedValue([]); rulesClientParams.getActionsClient.mockResolvedValue(actionsClient); diff --git a/x-pack/plugins/alerting/server/rules_client_factory.ts b/x-pack/plugins/alerting/server/rules_client_factory.ts index 7961d3761d3efe4..1e9a021a0be512c 100644 --- a/x-pack/plugins/alerting/server/rules_client_factory.ts +++ b/x-pack/plugins/alerting/server/rules_client_factory.ts @@ -17,7 +17,7 @@ import { RuleTypeRegistry, SpaceIdToNamespaceFunction } from './types'; import { SecurityPluginSetup, SecurityPluginStart } from '../../security/server'; import { EncryptedSavedObjectsClient } from '../../encrypted_saved_objects/server'; import { TaskManagerStartContract } from '../../task_manager/server'; -import { IEventLogClientService } from '../../../plugins/event_log/server'; +import { IEventLogClientService, IEventLogger } from '../../../plugins/event_log/server'; import { AlertingAuthorizationClientFactory } from './alerting_authorization_client_factory'; export interface RulesClientFactoryOpts { logger: Logger; @@ -32,6 +32,7 @@ export interface RulesClientFactoryOpts { eventLog: IEventLogClientService; kibanaVersion: PluginInitializerContext['env']['packageInfo']['version']; authorization: AlertingAuthorizationClientFactory; + eventLogger?: IEventLogger; } export class RulesClientFactory { @@ -48,6 +49,7 @@ export class RulesClientFactory { private eventLog!: IEventLogClientService; private kibanaVersion!: PluginInitializerContext['env']['packageInfo']['version']; private authorization!: AlertingAuthorizationClientFactory; + private eventLogger?: IEventLogger; public initialize(options: RulesClientFactoryOpts) { if (this.isInitialized) { @@ -66,6 +68,7 @@ export class RulesClientFactory { this.eventLog = options.eventLog; this.kibanaVersion = options.kibanaVersion; this.authorization = options.authorization; + this.eventLogger = options.eventLogger; } public create(request: KibanaRequest, savedObjects: SavedObjectsServiceStart): RulesClient { @@ -123,6 +126,7 @@ export class RulesClientFactory { async getEventLogClient() { return eventLog.getClient(request); }, + eventLogger: this.eventLogger, }); } } diff --git a/x-pack/plugins/alerting/server/task_runner/create_execution_handler.test.ts b/x-pack/plugins/alerting/server/task_runner/create_execution_handler.test.ts index e3946599aed85b2..244dcb85b13e94e 100644 --- a/x-pack/plugins/alerting/server/task_runner/create_execution_handler.test.ts +++ b/x-pack/plugins/alerting/server/task_runner/create_execution_handler.test.ts @@ -175,7 +175,6 @@ test('enqueues execution per selected action', async () => { "kibana": Object { "alerting": Object { "action_group_id": "default", - "action_subgroup": undefined, "instance_id": "2", }, "saved_objects": Array [ diff --git a/x-pack/plugins/alerting/server/task_runner/create_execution_handler.ts b/x-pack/plugins/alerting/server/task_runner/create_execution_handler.ts index 51301a80b1664b2..652e032a1cbb08a 100644 --- a/x-pack/plugins/alerting/server/task_runner/create_execution_handler.ts +++ b/x-pack/plugins/alerting/server/task_runner/create_execution_handler.ts @@ -10,7 +10,7 @@ import { asSavedObjectExecutionSource, PluginStartContract as ActionsPluginStartContract, } from '../../../actions/server'; -import { IEventLogger, IEvent, SAVED_OBJECT_REL_PRIMARY } from '../../../event_log/server'; +import { IEventLogger, SAVED_OBJECT_REL_PRIMARY } from '../../../event_log/server'; import { EVENT_LOG_ACTIONS } from '../plugin'; import { injectActionParams } from './inject_action_params'; import { @@ -21,8 +21,9 @@ import { AlertInstanceContext, RawAlert, } from '../types'; -import { NormalizedAlertType } from '../rule_type_registry'; +import { NormalizedAlertType, UntypedNormalizedAlertType } from '../rule_type_registry'; import { isEphemeralTaskRejectedDueToCapacityError } from '../../../task_manager/server'; +import { createAlertEventLogRecordObject } from '../lib/create_alert_event_log_record_object'; export interface CreateExecutionHandlerOptions< Params extends AlertTypeParams, @@ -201,43 +202,35 @@ export function createExecutionHandler< await actionsClient.enqueueExecution(enqueueOptions); } - const event: IEvent = { - event: { - action: EVENT_LOG_ACTIONS.executeAction, - kind: 'alert', - category: [alertType.producer], - }, - kibana: { - alerting: { - instance_id: alertInstanceId, - action_group_id: actionGroup, - action_subgroup: actionSubgroup, + const event = createAlertEventLogRecordObject({ + ruleId: alertId, + ruleType: alertType as UntypedNormalizedAlertType, + action: EVENT_LOG_ACTIONS.executeAction, + instanceId: alertInstanceId, + group: actionGroup, + subgroup: actionSubgroup, + ruleName: alertName, + savedObjects: [ + { + type: 'alert', + id: alertId, + typeId: alertType.id, + relation: SAVED_OBJECT_REL_PRIMARY, }, - saved_objects: [ - { - rel: SAVED_OBJECT_REL_PRIMARY, - type: 'alert', - id: alertId, - type_id: alertType.id, - ...namespace, - }, - { type: 'action', id: action.id, type_id: action.actionTypeId, ...namespace }, - ], - }, - rule: { - id: alertId, - license: alertType.minimumLicenseRequired, - category: alertType.id, - ruleset: alertType.producer, - name: alertName, - }, - }; + { + type: 'action', + id: action.id, + typeId: action.actionTypeId, + }, + ], + ...namespace, + message: `alert: ${alertLabel} instanceId: '${alertInstanceId}' scheduled ${ + actionSubgroup + ? `actionGroup(subgroup): '${actionGroup}(${actionSubgroup})'` + : `actionGroup: '${actionGroup}'` + } action: ${actionLabel}`, + }); - event.message = `alert: ${alertLabel} instanceId: '${alertInstanceId}' scheduled ${ - actionSubgroup - ? `actionGroup(subgroup): '${actionGroup}(${actionSubgroup})'` - : `actionGroup: '${actionGroup}'` - } action: ${actionLabel}`; eventLogger.logEvent(event); } }; diff --git a/x-pack/plugins/alerting/server/task_runner/task_runner.test.ts b/x-pack/plugins/alerting/server/task_runner/task_runner.test.ts index c5ccc909eff46bc..07c4d0371c71837 100644 --- a/x-pack/plugins/alerting/server/task_runner/task_runner.test.ts +++ b/x-pack/plugins/alerting/server/task_runner/task_runner.test.ts @@ -1379,7 +1379,6 @@ describe('Task Runner', () => { "kibana": Object { "alerting": Object { "action_group_id": "default", - "action_subgroup": undefined, "instance_id": "1", }, "saved_objects": Array [ @@ -1676,7 +1675,6 @@ describe('Task Runner', () => { "kibana": Object { "alerting": Object { "action_group_id": "recovered", - "action_subgroup": undefined, "instance_id": "2", }, "saved_objects": Array [ @@ -1717,7 +1715,6 @@ describe('Task Runner', () => { "kibana": Object { "alerting": Object { "action_group_id": "default", - "action_subgroup": undefined, "instance_id": "1", }, "saved_objects": Array [ diff --git a/x-pack/plugins/alerting/server/task_runner/task_runner.ts b/x-pack/plugins/alerting/server/task_runner/task_runner.ts index edf9bfe1b4846d3..8b93d3fa172114d 100644 --- a/x-pack/plugins/alerting/server/task_runner/task_runner.ts +++ b/x-pack/plugins/alerting/server/task_runner/task_runner.ts @@ -49,16 +49,18 @@ import { AlertInstanceContext, WithoutReservedActionGroups, } from '../../common'; -import { NormalizedAlertType } from '../rule_type_registry'; +import { NormalizedAlertType, UntypedNormalizedAlertType } from '../rule_type_registry'; import { getEsErrorMessage } from '../lib/errors'; +import { + createAlertEventLogRecordObject, + Event, +} from '../lib/create_alert_event_log_record_object'; const FALLBACK_RETRY_INTERVAL = '5m'; // 1,000,000 nanoseconds in 1 millisecond const Millis2Nanos = 1000 * 1000; -type Event = Exclude; - interface AlertTaskRunResult { state: AlertTaskState; schedule: IntervalSchedule | undefined; @@ -517,37 +519,26 @@ export class TaskRunner< const namespace = this.context.spaceIdToNamespace(spaceId); const eventLogger = this.context.eventLogger; const scheduleDelay = runDate.getTime() - this.taskInstance.runAt.getTime(); - const event: IEvent = { - // explicitly set execute timestamp so it will be before other events - // generated here (new-instance, schedule-action, etc) - '@timestamp': runDateString, - event: { - action: EVENT_LOG_ACTIONS.execute, - kind: 'alert', - category: [this.alertType.producer], + + const event = createAlertEventLogRecordObject({ + timestamp: runDateString, + ruleId: alertId, + ruleType: this.alertType as UntypedNormalizedAlertType, + action: EVENT_LOG_ACTIONS.execute, + namespace, + task: { + scheduled: this.taskInstance.runAt.toISOString(), + scheduleDelay: Millis2Nanos * scheduleDelay, }, - kibana: { - saved_objects: [ - { - rel: SAVED_OBJECT_REL_PRIMARY, - type: 'alert', - id: alertId, - type_id: this.alertType.id, - namespace, - }, - ], - task: { - scheduled: this.taskInstance.runAt.toISOString(), - schedule_delay: Millis2Nanos * scheduleDelay, + savedObjects: [ + { + id: alertId, + type: 'alert', + typeId: this.alertType.id, + relation: SAVED_OBJECT_REL_PRIMARY, }, - }, - rule: { - id: alertId, - license: this.alertType.minimumLicenseRequired, - category: this.alertType.id, - ruleset: this.alertType.producer, - }, - }; + ], + }); eventLogger.startTiming(event); diff --git a/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/disable.ts b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/disable.ts index 7e93cf453929b4d..fa94eed46dc3f26 100644 --- a/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/disable.ts +++ b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/disable.ts @@ -14,12 +14,16 @@ import { getUrlPrefix, getTestAlertData, ObjectRemover, + getEventLog, } from '../../../common/lib'; +import { validateEvent } from './event_log'; // eslint-disable-next-line import/no-default-export export default function createDisableAlertTests({ getService }: FtrProviderContext) { const es = getService('es'); const supertestWithoutAuth = getService('supertestWithoutAuth'); + const retry = getService('retry'); + const supertest = getService('supertest'); describe('disable', () => { const objectRemover = new ObjectRemover(supertestWithoutAuth); @@ -75,6 +79,75 @@ export default function createDisableAlertTests({ getService }: FtrProviderConte }); }); + it('should create recovered-instance events for all alert instances', async () => { + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send({ + enabled: true, + name: 'abc', + tags: ['foo'], + rule_type_id: 'test.cumulative-firing', + consumer: 'alertsFixture', + schedule: { interval: '5s' }, + throttle: '5s', + actions: [], + params: {}, + notify_when: 'onThrottleInterval', + }) + .expect(200); + objectRemover.add(Spaces.space1.id, createdAlert.id, 'rule', 'alerting'); + + // wait for alert to actually execute + await retry.try(async () => { + const response = await supertest.get( + `${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rule/${createdAlert.id}/state` + ); + + expect(response.status).to.eql(200); + expect(response.body).to.key('alerts', 'rule_type_state', 'previous_started_at'); + expect(response.body.rule_type_state.runCount).to.greaterThan(1); + }); + + await alertUtils.getDisableRequest(createdAlert.id); + const ruleId = createdAlert.id; + + // wait for the events we're expecting + const events = await retry.try(async () => { + return await getEventLog({ + getService, + spaceId: Spaces.space1.id, + type: 'alert', + id: ruleId, + provider: 'alerting', + actions: new Map([ + // make sure the counts of the # of events per type are as expected + ['recovered-instance', { equal: 2 }], + ]), + }); + }); + + const event = events[0]; + expect(event).to.be.ok(); + + validateEvent(event, { + spaceId: Spaces.space1.id, + savedObjects: [ + { type: 'alert', id: ruleId, rel: 'primary', type_id: 'test.cumulative-firing' }, + ], + message: "instance 'instance-0' has recovered due to the rule was disabled", + shouldHaveEventEnd: false, + shouldHaveTask: false, + rule: { + id: ruleId, + category: createdAlert.rule_type_id, + license: 'basic', + ruleset: 'alertsFixture', + name: 'abc', + }, + }); + }); + describe('legacy', () => { it('should handle disable alert request appropriately', async () => { const { body: createdAlert } = await supertestWithoutAuth From 672b592b4996af56c9986727df6ae0e186b4fe24 Mon Sep 17 00:00:00 2001 From: Orhan Toy Date: Mon, 18 Oct 2021 09:02:00 +0200 Subject: [PATCH 13/50] [App Search] Allow for query parameter to indicate ingestion mechanism for new engines (#115188) --- .../document_creation_buttons.test.tsx | 19 ++++++++++++ .../document_creation_buttons.tsx | 20 ++++++++++++- .../engine_creation/engine_creation.test.tsx | 13 +++++++++ .../engine_creation/engine_creation.tsx | 18 ++++++++++-- .../engine_creation_logic.test.ts | 12 ++++++++ .../engine_creation/engine_creation_logic.ts | 19 ++++++++---- .../components/engine_creation/utils.test.ts | 28 ++++++++++++++++++ .../components/engine_creation/utils.ts | 29 +++++++++++++++++++ 8 files changed, 149 insertions(+), 9 deletions(-) create mode 100644 x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/utils.test.ts create mode 100644 x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/utils.ts diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_buttons.test.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_buttons.test.tsx index f293a0050eac9f6..cef0a8d05ec6bad 100644 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_buttons.test.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_buttons.test.tsx @@ -5,10 +5,13 @@ * 2.0. */ +import '../../../__mocks__/react_router'; +import '../../../__mocks__/shallow_useeffect.mock'; import { setMockActions } from '../../../__mocks__/kea_logic'; import '../../__mocks__/engine_logic.mock'; import React from 'react'; +import { useLocation } from 'react-router-dom'; import { shallow } from 'enzyme'; @@ -60,4 +63,20 @@ describe('DocumentCreationButtons', () => { expect(wrapper.find(EuiCardTo).prop('to')).toEqual('/engines/some-engine/crawler'); }); + + it('calls openDocumentCreation("file") if ?method=json', () => { + const search = '?method=json'; + (useLocation as jest.Mock).mockImplementationOnce(() => ({ search })); + + shallow(); + expect(actions.openDocumentCreation).toHaveBeenCalledWith('file'); + }); + + it('calls openDocumentCreation("api") if ?method=api', () => { + const search = '?method=api'; + (useLocation as jest.Mock).mockImplementationOnce(() => ({ search })); + + shallow(); + expect(actions.openDocumentCreation).toHaveBeenCalledWith('api'); + }); }); diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_buttons.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_buttons.tsx index 5bc0fffdf196325..8d48460777b4021 100644 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_buttons.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_buttons.tsx @@ -5,8 +5,11 @@ * 2.0. */ -import React from 'react'; +import React, { useEffect } from 'react'; +import { useLocation } from 'react-router-dom'; + +import { Location } from 'history'; import { useActions } from 'kea'; import { @@ -22,6 +25,7 @@ import { import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; +import { parseQueryParams } from '../../../shared/query_params'; import { EuiCardTo } from '../../../shared/react_router_helpers'; import { DOCS_PREFIX, ENGINE_CRAWLER_PATH } from '../../routes'; import { generateEnginePath } from '../engine'; @@ -35,6 +39,20 @@ interface Props { export const DocumentCreationButtons: React.FC = ({ disabled = false }) => { const { openDocumentCreation } = useActions(DocumentCreationLogic); + const { search } = useLocation() as Location; + const { method } = parseQueryParams(search); + + useEffect(() => { + switch (method) { + case 'json': + openDocumentCreation('file'); + break; + case 'api': + openDocumentCreation('api'); + break; + } + }, []); + const crawlerLink = generateEnginePath(ENGINE_CRAWLER_PATH); return ( diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation.test.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation.test.tsx index b91e33d1c8a9278..2316227a27fc7a0 100644 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation.test.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation.test.tsx @@ -5,9 +5,12 @@ * 2.0. */ +import '../../../__mocks__/react_router'; +import '../../../__mocks__/shallow_useeffect.mock'; import { setMockActions, setMockValues } from '../../../__mocks__/kea_logic'; import React from 'react'; +import { useLocation } from 'react-router-dom'; import { shallow } from 'enzyme'; @@ -15,6 +18,7 @@ import { EngineCreation } from './'; describe('EngineCreation', () => { const DEFAULT_VALUES = { + ingestionMethod: '', isLoading: false, name: '', rawName: '', @@ -22,6 +26,7 @@ describe('EngineCreation', () => { }; const MOCK_ACTIONS = { + setIngestionMethod: jest.fn(), setRawName: jest.fn(), setLanguage: jest.fn(), submitEngine: jest.fn(), @@ -38,6 +43,14 @@ describe('EngineCreation', () => { expect(wrapper.find('[data-test-subj="EngineCreation"]')).toHaveLength(1); }); + it('EngineCreationLanguageInput calls setIngestionMethod on mount', () => { + const search = '?method=crawler'; + (useLocation as jest.Mock).mockImplementationOnce(() => ({ search })); + + shallow(); + expect(MOCK_ACTIONS.setIngestionMethod).toHaveBeenCalledWith('crawler'); + }); + it('EngineCreationForm calls submitEngine on form submit', () => { const wrapper = shallow(); const simulatedEvent = { diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation.tsx index 18b8390081467ea..d8a651aa73d7dae 100644 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation.tsx @@ -5,8 +5,11 @@ * 2.0. */ -import React from 'react'; +import React, { useEffect } from 'react'; +import { useLocation } from 'react-router-dom'; + +import { Location } from 'history'; import { useActions, useValues } from 'kea'; import { @@ -22,6 +25,7 @@ import { EuiButton, } from '@elastic/eui'; +import { parseQueryParams } from '../../../shared/query_params'; import { ENGINES_TITLE } from '../engines'; import { AppSearchPageTemplate } from '../layout'; @@ -39,8 +43,18 @@ import { import { EngineCreationLogic } from './engine_creation_logic'; export const EngineCreation: React.FC = () => { + const { search } = useLocation() as Location; + const { method } = parseQueryParams(search); + const { name, rawName, language, isLoading } = useValues(EngineCreationLogic); - const { setLanguage, setRawName, submitEngine } = useActions(EngineCreationLogic); + const { setIngestionMethod, setLanguage, setRawName, submitEngine } = + useActions(EngineCreationLogic); + + useEffect(() => { + if (typeof method === 'string') { + setIngestionMethod(method); + } + }, []); return ( { const { flashSuccessToast, flashAPIErrors } = mockFlashMessageHelpers; const DEFAULT_VALUES = { + ingestionMethod: '', isLoading: false, name: '', rawName: '', @@ -35,6 +36,17 @@ describe('EngineCreationLogic', () => { }); describe('actions', () => { + describe('setIngestionMethod', () => { + it('sets ingestion method to the provided value', () => { + mount(); + EngineCreationLogic.actions.setIngestionMethod('crawler'); + expect(EngineCreationLogic.values).toEqual({ + ...DEFAULT_VALUES, + ingestionMethod: 'crawler', + }); + }); + }); + describe('setLanguage', () => { it('sets language to the provided value', () => { mount(); diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation_logic.ts b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation_logic.ts index 96be98053c56c0f..d62ed6dc33032d7 100644 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation_logic.ts +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation_logic.ts @@ -5,20 +5,19 @@ * 2.0. */ -import { generatePath } from 'react-router-dom'; - import { kea, MakeLogicType } from 'kea'; import { flashAPIErrors, flashSuccessToast } from '../../../shared/flash_messages'; import { HttpLogic } from '../../../shared/http'; import { KibanaLogic } from '../../../shared/kibana'; -import { ENGINE_PATH } from '../../routes'; import { formatApiName } from '../../utils/format_api_name'; import { DEFAULT_LANGUAGE, ENGINE_CREATION_SUCCESS_MESSAGE } from './constants'; +import { getRedirectToAfterEngineCreation } from './utils'; interface EngineCreationActions { onEngineCreationSuccess(): void; + setIngestionMethod(method: string): { method: string }; setLanguage(language: string): { language: string }; setRawName(rawName: string): { rawName: string }; submitEngine(): void; @@ -26,6 +25,7 @@ interface EngineCreationActions { } interface EngineCreationValues { + ingestionMethod: string; isLoading: boolean; language: string; name: string; @@ -36,12 +36,19 @@ export const EngineCreationLogic = kea ({ method }), setLanguage: (language) => ({ language }), setRawName: (rawName) => ({ rawName }), submitEngine: true, onSubmitError: true, }, reducers: { + ingestionMethod: [ + '', + { + setIngestionMethod: (_, { method }) => method, + }, + ], isLoading: [ false, { @@ -81,12 +88,12 @@ export const EngineCreationLogic = kea { - const { name } = values; + const { ingestionMethod, name } = values; const { navigateToUrl } = KibanaLogic.values; - const enginePath = generatePath(ENGINE_PATH, { engineName: name }); + const toUrl = getRedirectToAfterEngineCreation({ ingestionMethod, engineName: name }); flashSuccessToast(ENGINE_CREATION_SUCCESS_MESSAGE(name)); - navigateToUrl(enginePath); + navigateToUrl(toUrl); }, }), }); diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/utils.test.ts b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/utils.test.ts new file mode 100644 index 000000000000000..4c8909a87cf5389 --- /dev/null +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/utils.test.ts @@ -0,0 +1,28 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { getRedirectToAfterEngineCreation } from './utils'; + +describe('getRedirectToAfterEngineCreation', () => { + it('returns crawler path when ingestionMethod is crawler', () => { + const engineName = 'elastic'; + const redirectTo = getRedirectToAfterEngineCreation({ ingestionMethod: 'crawler', engineName }); + expect(redirectTo).toEqual('/engines/elastic/crawler'); + }); + + it('returns engine overview path when there is no ingestionMethod', () => { + const engineName = 'elastic'; + const redirectTo = getRedirectToAfterEngineCreation({ ingestionMethod: '', engineName }); + expect(redirectTo).toEqual('/engines/elastic'); + }); + + it('returns engine overview path with query param when there is ingestionMethod', () => { + const engineName = 'elastic'; + const redirectTo = getRedirectToAfterEngineCreation({ ingestionMethod: 'api', engineName }); + expect(redirectTo).toEqual('/engines/elastic?method=api'); + }); +}); diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/utils.ts b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/utils.ts new file mode 100644 index 000000000000000..1f50a5c31e11a62 --- /dev/null +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/utils.ts @@ -0,0 +1,29 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { generatePath } from 'react-router-dom'; + +import { ENGINE_CRAWLER_PATH, ENGINE_PATH } from '../../routes'; + +export const getRedirectToAfterEngineCreation = ({ + ingestionMethod, + engineName, +}: { + ingestionMethod?: string; + engineName: string; +}): string => { + if (ingestionMethod === 'crawler') { + return generatePath(ENGINE_CRAWLER_PATH, { engineName }); + } + + let enginePath = generatePath(ENGINE_PATH, { engineName }); + if (ingestionMethod) { + enginePath += `?method=${encodeURIComponent(ingestionMethod)}`; + } + + return enginePath; +}; From 411816c1c761fcd3387b1e960c039d87e5d33c28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Kopyci=C5=84ski?= Date: Mon, 18 Oct 2021 09:55:07 +0200 Subject: [PATCH 14/50] [Osquery] Add packs (#107345) --- .eslintrc.js | 4 +- package.json | 2 +- .../type_registrations.test.ts | 1 + x-pack/plugins/fleet/server/plugin.ts | 3 +- x-pack/plugins/fleet/server/services/index.ts | 3 +- .../osquery/common/exact_check.test.ts | 177 -------- x-pack/plugins/osquery/common/exact_check.ts | 94 ---- .../osquery/common/format_errors.test.ts | 179 -------- .../plugins/osquery/common/format_errors.ts | 35 -- x-pack/plugins/osquery/common/index.ts | 5 +- .../osquery/common/schemas/common/schemas.ts | 19 +- .../create_action_request_body_schema.ts | 9 +- .../create_saved_query_request_schema.ts | 14 +- .../common/schemas/types/default_uuid.test.ts | 3 +- .../schemas/types/non_empty_string.test.ts | 3 +- x-pack/plugins/osquery/common/test_utils.ts | 62 --- .../plugins/osquery/cypress/support/index.ts | 4 +- .../osquery/public/actions/actions_table.tsx | 11 +- .../public/actions/use_action_details.ts | 12 +- .../agent_policies/use_agent_policies.ts | 37 +- .../osquery/public/agents/agent_grouper.ts | 16 +- .../osquery/public/agents/agents_table.tsx | 64 ++- .../plugins/osquery/public/agents/helpers.ts | 9 +- .../osquery/public/agents/use_agent_groups.ts | 3 +- .../public/common/hooks/use_breadcrumbs.tsx | 40 +- x-pack/plugins/osquery/public/common/index.ts | 5 +- .../osquery/public/common/page_paths.ts | 28 +- .../public/common/schemas/ecs/v1.11.0.json | 1 - .../public/common/schemas/ecs/v1.12.1.json | 1 + .../public/common/schemas/osquery/v4.9.0.json | 1 - .../public/common/schemas/osquery/v5.0.1.json | 1 + .../osquery/public/common/validations.ts | 2 +- .../plugins/osquery/public/components/app.tsx | 9 +- .../osquery/public/components/empty_state.tsx | 16 +- .../components/manage_integration_link.tsx | 32 +- .../public/components/osquery_schema_link.tsx | 2 +- .../plugins/osquery/public/editor/index.tsx | 2 +- .../public/editor/osquery_highlight_rules.ts | 1 + .../osquery/public/editor/osquery_mode.ts | 1 + .../osquery/public/editor/osquery_tables.ts | 10 +- .../fleet_integration/navigation_buttons.tsx | 20 +- ...managed_policy_create_import_extension.tsx | 185 ++++---- .../public/live_queries/form/index.tsx | 205 ++++++++- .../form/live_query_query_field.tsx | 61 +-- .../osquery/public/live_queries/index.tsx | 42 +- .../public/packs/active_state_switch.tsx | 120 +++++ .../common/add_new_pack_query_flyout.tsx | 30 -- .../public/packs/common/add_pack_query.tsx | 127 ------ .../osquery/public/packs/common/pack_form.tsx | 60 --- .../packs/common/pack_queries_field.tsx | 78 ---- .../packs/common/pack_queries_table.tsx | 140 ------ .../index.tsx => packs/constants.ts} | 2 +- .../osquery/public/packs/edit/index.tsx | 54 --- .../form/confirmation_modal.tsx | 12 +- .../osquery/public/packs/form/index.tsx | 270 ++++++++++++ .../form/pack_uploader.tsx | 0 .../form/policy_id_combobox_field.tsx | 57 ++- .../public/packs/form/queries_field.tsx | 230 ++++++++++ .../form/translations.ts | 0 .../osquery/public/packs/form/utils.ts | 35 ++ x-pack/plugins/osquery/public/packs/index.tsx | 30 +- .../osquery/public/packs/list/index.tsx | 226 ---------- .../packs/list/pack_table_queries_table.tsx | 40 -- .../osquery/public/packs/new/index.tsx | 35 -- .../pack_queries_status_table.tsx} | 333 +++++++------- .../pack_queries_table.tsx} | 67 ++- .../packs_table.tsx} | 77 ++-- .../queries/constants.ts | 3 + .../queries/ecs_mapping_editor_field.tsx | 206 +++++---- .../queries/lazy_ecs_mapping_editor_field.tsx | 0 .../queries/platform_checkbox_group_field.tsx | 6 +- .../queries/platforms/constants.ts | 0 .../queries/platforms/helpers.tsx | 0 .../queries/platforms/index.tsx | 0 .../queries/platforms/logos/linux.svg | 0 .../queries/platforms/logos/macos.svg | 0 .../queries/platforms/logos/windows.svg | 0 .../queries/platforms/platform_icon.tsx | 0 .../queries/platforms/types.ts | 0 .../queries/query_flyout.tsx | 80 +--- .../queries/schema.tsx | 24 +- .../queries/use_pack_query_form.tsx} | 68 ++- .../queries/validations.ts | 17 +- .../scheduled_query_errors_table.tsx | 19 +- .../osquery/public/packs/use_create_pack.ts | 56 +++ .../osquery/public/packs/use_delete_pack.ts | 50 +++ .../use_pack.ts} | 24 +- .../use_pack_query_errors.ts} | 16 +- .../use_pack_query_last_results.ts} | 21 +- .../plugins/osquery/public/packs/use_packs.ts | 34 ++ .../osquery/public/packs/use_update_pack.ts | 60 +++ .../osquery/public/results/results_table.tsx | 73 +++- .../osquery/public/results/translations.ts | 5 +- .../plugins/osquery/public/routes/index.tsx | 8 +- .../public/routes/live_queries/new/index.tsx | 14 +- .../osquery/public/routes/packs/add/index.tsx | 53 +++ .../details/index.tsx | 64 +-- .../public/routes/packs/edit/index.tsx | 141 ++++++ .../index.tsx | 26 +- .../list/index.tsx | 19 +- .../public/routes/saved_queries/edit/form.tsx | 8 +- .../routes/saved_queries/edit/index.tsx | 1 - .../routes/saved_queries/list/index.tsx | 40 +- .../public/routes/saved_queries/new/form.tsx | 10 +- .../public/routes/saved_queries/new/index.tsx | 7 +- .../scheduled_query_groups/add/index.tsx | 69 --- .../scheduled_query_groups/edit/index.tsx | 77 ---- .../saved_queries/form/code_editor_field.tsx | 23 +- .../public/saved_queries/form/index.tsx | 211 ++++++--- .../saved_queries/form/playground_flyout.tsx | 61 +++ .../form/use_saved_query_form.tsx | 42 +- .../saved_queries/saved_queries_dropdown.tsx | 78 ++-- .../saved_queries/saved_query_flyout.tsx | 12 +- .../saved_queries/use_create_saved_query.ts | 47 +- .../saved_queries/use_delete_saved_query.ts | 13 +- .../public/saved_queries/use_saved_queries.ts | 31 +- .../public/saved_queries/use_saved_query.ts | 18 +- .../use_scheduled_query_group.ts | 38 -- .../saved_queries/use_update_saved_query.ts | 53 +-- .../active_state_switch.tsx | 150 ------- .../scheduled_query_groups/form/index.tsx | 411 ------------------ .../form/queries_field.tsx | 334 -------------- .../use_scheduled_query_groups.ts | 41 -- .../plugins/osquery/public/shared_imports.ts | 1 + x-pack/plugins/osquery/server/config.ts | 2 +- .../plugins/osquery/server/create_config.ts | 5 +- .../lib/saved_query/saved_object_mappings.ts | 26 +- x-pack/plugins/osquery/server/plugin.ts | 22 +- .../routes/action/create_action_route.ts | 7 +- .../fleet_wrapper/get_agent_policies.ts | 44 +- x-pack/plugins/osquery/server/routes/index.ts | 14 +- .../server/routes/pack/create_pack_route.ts | 144 ++++-- .../server/routes/pack/delete_pack_route.ts | 56 ++- .../server/routes/pack/find_pack_route.ts | 96 ++-- .../osquery/server/routes/pack/index.ts | 13 +- .../server/routes/pack/read_pack_route.ts | 76 +--- .../server/routes/pack/update_pack_route.ts | 304 +++++++++++-- .../osquery/server/routes/pack/utils.ts | 42 ++ .../saved_query/create_saved_query_route.ts | 47 +- .../saved_query/delete_saved_query_route.ts | 23 +- .../saved_query/find_saved_query_route.ts | 39 +- .../server/routes/saved_query/index.ts | 7 +- .../saved_query/read_saved_query_route.ts | 18 +- .../saved_query/update_saved_query_route.ts | 79 +++- .../create_scheduled_query_route.ts | 38 -- .../delete_scheduled_query_route.ts | 43 -- .../find_scheduled_query_group_route.ts | 38 -- .../routes/scheduled_query_group/index.ts | 23 - .../read_scheduled_query_group_route.ts | 40 -- .../update_scheduled_query_route.ts | 45 -- .../routes/status/create_status_route.ts | 168 +++++++ x-pack/plugins/osquery/server/routes/utils.ts | 26 ++ .../plugins/osquery/server/saved_objects.ts | 5 +- .../osquery/factory/actions/details/index.ts | 4 +- .../server/search_strategy/osquery/index.ts | 14 +- .../build_validation/route_validation.ts | 3 +- .../osquery/server/utils/runtime_types.ts | 12 +- .../server/endpoint/mocks.ts | 1 + .../translations/translations/ja-JP.json | 82 +--- .../translations/translations/zh-CN.json | 83 +--- yarn.lock | 8 +- 161 files changed, 3621 insertions(+), 4396 deletions(-) delete mode 100644 x-pack/plugins/osquery/common/exact_check.test.ts delete mode 100644 x-pack/plugins/osquery/common/exact_check.ts delete mode 100644 x-pack/plugins/osquery/common/format_errors.test.ts delete mode 100644 x-pack/plugins/osquery/common/format_errors.ts delete mode 100644 x-pack/plugins/osquery/common/test_utils.ts delete mode 100644 x-pack/plugins/osquery/public/common/schemas/ecs/v1.11.0.json create mode 100644 x-pack/plugins/osquery/public/common/schemas/ecs/v1.12.1.json delete mode 100644 x-pack/plugins/osquery/public/common/schemas/osquery/v4.9.0.json create mode 100644 x-pack/plugins/osquery/public/common/schemas/osquery/v5.0.1.json create mode 100644 x-pack/plugins/osquery/public/packs/active_state_switch.tsx delete mode 100644 x-pack/plugins/osquery/public/packs/common/add_new_pack_query_flyout.tsx delete mode 100644 x-pack/plugins/osquery/public/packs/common/add_pack_query.tsx delete mode 100644 x-pack/plugins/osquery/public/packs/common/pack_form.tsx delete mode 100644 x-pack/plugins/osquery/public/packs/common/pack_queries_field.tsx delete mode 100644 x-pack/plugins/osquery/public/packs/common/pack_queries_table.tsx rename x-pack/plugins/osquery/public/{scheduled_query_groups/index.tsx => packs/constants.ts} (84%) delete mode 100644 x-pack/plugins/osquery/public/packs/edit/index.tsx rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/form/confirmation_modal.tsx (87%) create mode 100644 x-pack/plugins/osquery/public/packs/form/index.tsx rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/form/pack_uploader.tsx (100%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/form/policy_id_combobox_field.tsx (77%) create mode 100644 x-pack/plugins/osquery/public/packs/form/queries_field.tsx rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/form/translations.ts (100%) create mode 100644 x-pack/plugins/osquery/public/packs/form/utils.ts delete mode 100644 x-pack/plugins/osquery/public/packs/list/index.tsx delete mode 100644 x-pack/plugins/osquery/public/packs/list/pack_table_queries_table.tsx delete mode 100644 x-pack/plugins/osquery/public/packs/new/index.tsx rename x-pack/plugins/osquery/public/{scheduled_query_groups/scheduled_query_group_queries_status_table.tsx => packs/pack_queries_status_table.tsx} (71%) rename x-pack/plugins/osquery/public/{scheduled_query_groups/scheduled_query_group_queries_table.tsx => packs/pack_queries_table.tsx} (66%) rename x-pack/plugins/osquery/public/{scheduled_query_groups/scheduled_query_groups_table.tsx => packs/packs_table.tsx} (52%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/constants.ts (97%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/ecs_mapping_editor_field.tsx (83%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/lazy_ecs_mapping_editor_field.tsx (100%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/platform_checkbox_group_field.tsx (93%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/platforms/constants.ts (100%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/platforms/helpers.tsx (100%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/platforms/index.tsx (100%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/platforms/logos/linux.svg (100%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/platforms/logos/macos.svg (100%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/platforms/logos/windows.svg (100%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/platforms/platform_icon.tsx (100%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/platforms/types.ts (100%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/query_flyout.tsx (68%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/schema.tsx (71%) rename x-pack/plugins/osquery/public/{scheduled_query_groups/queries/use_scheduled_query_group_query_form.tsx => packs/queries/use_pack_query_form.tsx} (60%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/queries/validations.ts (72%) rename x-pack/plugins/osquery/public/{scheduled_query_groups => packs}/scheduled_query_errors_table.tsx (89%) create mode 100644 x-pack/plugins/osquery/public/packs/use_create_pack.ts create mode 100644 x-pack/plugins/osquery/public/packs/use_delete_pack.ts rename x-pack/plugins/osquery/public/{scheduled_query_groups/use_scheduled_query_group.ts => packs/use_pack.ts} (56%) rename x-pack/plugins/osquery/public/{scheduled_query_groups/use_scheduled_query_group_query_errors.ts => packs/use_pack_query_errors.ts} (80%) rename x-pack/plugins/osquery/public/{scheduled_query_groups/use_scheduled_query_group_query_last_results.ts => packs/use_pack_query_last_results.ts} (79%) create mode 100644 x-pack/plugins/osquery/public/packs/use_packs.ts create mode 100644 x-pack/plugins/osquery/public/packs/use_update_pack.ts create mode 100644 x-pack/plugins/osquery/public/routes/packs/add/index.tsx rename x-pack/plugins/osquery/public/routes/{scheduled_query_groups => packs}/details/index.tsx (65%) create mode 100644 x-pack/plugins/osquery/public/routes/packs/edit/index.tsx rename x-pack/plugins/osquery/public/routes/{scheduled_query_groups => packs}/index.tsx (53%) rename x-pack/plugins/osquery/public/routes/{scheduled_query_groups => packs}/list/index.tsx (69%) delete mode 100644 x-pack/plugins/osquery/public/routes/scheduled_query_groups/add/index.tsx delete mode 100644 x-pack/plugins/osquery/public/routes/scheduled_query_groups/edit/index.tsx create mode 100644 x-pack/plugins/osquery/public/saved_queries/form/playground_flyout.tsx delete mode 100644 x-pack/plugins/osquery/public/saved_queries/use_scheduled_query_group.ts delete mode 100644 x-pack/plugins/osquery/public/scheduled_query_groups/active_state_switch.tsx delete mode 100644 x-pack/plugins/osquery/public/scheduled_query_groups/form/index.tsx delete mode 100644 x-pack/plugins/osquery/public/scheduled_query_groups/form/queries_field.tsx delete mode 100644 x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_groups.ts create mode 100644 x-pack/plugins/osquery/server/routes/pack/utils.ts delete mode 100644 x-pack/plugins/osquery/server/routes/scheduled_query_group/create_scheduled_query_route.ts delete mode 100644 x-pack/plugins/osquery/server/routes/scheduled_query_group/delete_scheduled_query_route.ts delete mode 100644 x-pack/plugins/osquery/server/routes/scheduled_query_group/find_scheduled_query_group_route.ts delete mode 100644 x-pack/plugins/osquery/server/routes/scheduled_query_group/index.ts delete mode 100644 x-pack/plugins/osquery/server/routes/scheduled_query_group/read_scheduled_query_group_route.ts delete mode 100644 x-pack/plugins/osquery/server/routes/scheduled_query_group/update_scheduled_query_route.ts create mode 100644 x-pack/plugins/osquery/server/routes/utils.ts diff --git a/.eslintrc.js b/.eslintrc.js index 0c2c78cd1dd7fee..98ce9bb4bad967b 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -1582,8 +1582,8 @@ module.exports = { plugins: ['react', '@typescript-eslint'], files: ['x-pack/plugins/osquery/**/*.{js,mjs,ts,tsx}'], rules: { - // 'arrow-body-style': ['error', 'as-needed'], - // 'prefer-arrow-callback': 'error', + 'arrow-body-style': ['error', 'as-needed'], + 'prefer-arrow-callback': 'error', 'no-unused-vars': 'off', 'react/prop-types': 'off', '@typescript-eslint/explicit-module-boundary-types': 'off', diff --git a/package.json b/package.json index 3254077fd508307..47ed5e110b00077 100644 --- a/package.json +++ b/package.json @@ -335,7 +335,7 @@ "react-moment-proptypes": "^1.7.0", "react-monaco-editor": "^0.41.2", "react-popper-tooltip": "^2.10.1", - "react-query": "^3.21.1", + "react-query": "^3.27.0", "react-redux": "^7.2.0", "react-resizable": "^1.7.5", "react-resize-detector": "^4.2.0", diff --git a/src/core/server/saved_objects/migrationsv2/integration_tests/type_registrations.test.ts b/src/core/server/saved_objects/migrationsv2/integration_tests/type_registrations.test.ts index ce4c8078e0c9570..7597657e7706cda 100644 --- a/src/core/server/saved_objects/migrationsv2/integration_tests/type_registrations.test.ts +++ b/src/core/server/saved_objects/migrationsv2/integration_tests/type_registrations.test.ts @@ -70,6 +70,7 @@ const previouslyRegisteredTypes = [ 'ml-module', 'ml-telemetry', 'monitoring-telemetry', + 'osquery-pack', 'osquery-saved-query', 'osquery-usage-metric', 'osquery-manager-usage-metric', diff --git a/x-pack/plugins/fleet/server/plugin.ts b/x-pack/plugins/fleet/server/plugin.ts index 697ea0fa30d692d..aaee24b39685aca 100644 --- a/x-pack/plugins/fleet/server/plugin.ts +++ b/x-pack/plugins/fleet/server/plugin.ts @@ -79,7 +79,7 @@ import { getAgentById, } from './services/agents'; import { registerFleetUsageCollector } from './collectors/register'; -import { getInstallation } from './services/epm/packages'; +import { getInstallation, ensureInstalledPackage } from './services/epm/packages'; import { makeRouterEnforcingSuperuser } from './routes/security'; import { startFleetServerSetup } from './services/fleet_server'; import { FleetArtifactsClient } from './services/artifacts'; @@ -306,6 +306,7 @@ export class FleetPlugin esIndexPatternService: new ESIndexPatternSavedObjectService(), packageService: { getInstallation, + ensureInstalledPackage, }, agentService: { getAgent: getAgentById, diff --git a/x-pack/plugins/fleet/server/services/index.ts b/x-pack/plugins/fleet/server/services/index.ts index ecef04af6b11ec6..0ec8a1452beb188 100644 --- a/x-pack/plugins/fleet/server/services/index.ts +++ b/x-pack/plugins/fleet/server/services/index.ts @@ -15,7 +15,7 @@ import type { GetAgentStatusResponse } from '../../common'; import type { getAgentById, getAgentsByKuery } from './agents'; import type { agentPolicyService } from './agent_policy'; import * as settingsService from './settings'; -import type { getInstallation } from './epm/packages'; +import type { getInstallation, ensureInstalledPackage } from './epm/packages'; export { ESIndexPatternSavedObjectService } from './es_index_pattern'; export { getRegistryUrl } from './epm/registry/registry_url'; @@ -37,6 +37,7 @@ export interface ESIndexPatternService { export interface PackageService { getInstallation: typeof getInstallation; + ensureInstalledPackage: typeof ensureInstalledPackage; } /** diff --git a/x-pack/plugins/osquery/common/exact_check.test.ts b/x-pack/plugins/osquery/common/exact_check.test.ts deleted file mode 100644 index d4a4ad4ce76ce54..000000000000000 --- a/x-pack/plugins/osquery/common/exact_check.test.ts +++ /dev/null @@ -1,177 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import * as t from 'io-ts'; -import { left, right, Either } from 'fp-ts/lib/Either'; -import { pipe } from 'fp-ts/lib/pipeable'; - -import { exactCheck, findDifferencesRecursive } from './exact_check'; -import { foldLeftRight, getPaths } from './test_utils'; - -describe('exact_check', () => { - test('it returns an error if given extra object properties', () => { - const someType = t.exact( - t.type({ - a: t.string, - }) - ); - const payload = { a: 'test', b: 'test' }; - const decoded = someType.decode(payload); - const checked = exactCheck(payload, decoded); - const message = pipe(checked, foldLeftRight); - expect(getPaths(left(message.errors))).toEqual(['invalid keys "b"']); - expect(message.schema).toEqual({}); - }); - - test('it returns an error if the data type is not as expected', () => { - type UnsafeCastForTest = Either< - t.Errors, - { - a: number; - } - >; - - const someType = t.exact( - t.type({ - a: t.string, - }) - ); - - const payload = { a: 1 }; - const decoded = someType.decode(payload); - const checked = exactCheck(payload, decoded as UnsafeCastForTest); - const message = pipe(checked, foldLeftRight); - expect(getPaths(left(message.errors))).toEqual(['Invalid value "1" supplied to "a"']); - expect(message.schema).toEqual({}); - }); - - test('it does NOT return an error if given normal object properties', () => { - const someType = t.exact( - t.type({ - a: t.string, - }) - ); - const payload = { a: 'test' }; - const decoded = someType.decode(payload); - const checked = exactCheck(payload, decoded); - const message = pipe(checked, foldLeftRight); - expect(getPaths(left(message.errors))).toEqual([]); - expect(message.schema).toEqual(payload); - }); - - test('it will return an existing error and not validate', () => { - const payload = { a: 'test' }; - const validationError: t.ValidationError = { - value: 'Some existing error', - context: [], - message: 'some error', - }; - const error: t.Errors = [validationError]; - const leftValue = left(error); - const checked = exactCheck(payload, leftValue); - const message = pipe(checked, foldLeftRight); - expect(getPaths(left(message.errors))).toEqual(['some error']); - expect(message.schema).toEqual({}); - }); - - test('it will work with a regular "right" payload without any decoding', () => { - const payload = { a: 'test' }; - const rightValue = right(payload); - const checked = exactCheck(payload, rightValue); - const message = pipe(checked, foldLeftRight); - expect(getPaths(left(message.errors))).toEqual([]); - expect(message.schema).toEqual({ a: 'test' }); - }); - - test('it will work with decoding a null payload when the schema expects a null', () => { - const someType = t.union([ - t.exact( - t.type({ - a: t.string, - }) - ), - t.null, - ]); - const payload = null; - const decoded = someType.decode(payload); - const checked = exactCheck(payload, decoded); - const message = pipe(checked, foldLeftRight); - expect(getPaths(left(message.errors))).toEqual([]); - expect(message.schema).toEqual(null); - }); - - test('it should find no differences recursively with two empty objects', () => { - const difference = findDifferencesRecursive({}, {}); - expect(difference).toEqual([]); - }); - - test('it should find a single difference with two objects with different keys', () => { - const difference = findDifferencesRecursive({ a: 1 }, { b: 1 }); - expect(difference).toEqual(['a']); - }); - - test('it should find a two differences with two objects with multiple different keys', () => { - const difference = findDifferencesRecursive({ a: 1, c: 1 }, { b: 1 }); - expect(difference).toEqual(['a', 'c']); - }); - - test('it should find no differences with two objects with the same keys', () => { - const difference = findDifferencesRecursive({ a: 1, b: 1 }, { a: 1, b: 1 }); - expect(difference).toEqual([]); - }); - - test('it should find a difference with two deep objects with different same keys', () => { - const difference = findDifferencesRecursive({ a: 1, b: { c: 1 } }, { a: 1, b: { d: 1 } }); - expect(difference).toEqual(['c']); - }); - - test('it should find a difference within an array', () => { - const difference = findDifferencesRecursive({ a: 1, b: [{ c: 1 }] }, { a: 1, b: [{ a: 1 }] }); - expect(difference).toEqual(['c']); - }); - - test('it should find a no difference when using arrays that are identical', () => { - const difference = findDifferencesRecursive({ a: 1, b: [{ c: 1 }] }, { a: 1, b: [{ c: 1 }] }); - expect(difference).toEqual([]); - }); - - test('it should find differences when one has an array and the other does not', () => { - const difference = findDifferencesRecursive({ a: 1, b: [{ c: 1 }] }, { a: 1 }); - expect(difference).toEqual(['b', '[{"c":1}]']); - }); - - test('it should find differences when one has an deep object and the other does not', () => { - const difference = findDifferencesRecursive({ a: 1, b: { c: 1 } }, { a: 1 }); - expect(difference).toEqual(['b', '{"c":1}']); - }); - - test('it should find differences when one has a deep object with multiple levels and the other does not', () => { - const difference = findDifferencesRecursive({ a: 1, b: { c: { d: 1 } } }, { a: 1 }); - expect(difference).toEqual(['b', '{"c":{"d":1}}']); - }); - - test('it tests two deep objects as the same with no key differences', () => { - const difference = findDifferencesRecursive( - { a: 1, b: { c: { d: 1 } } }, - { a: 1, b: { c: { d: 1 } } } - ); - expect(difference).toEqual([]); - }); - - test('it tests two deep objects with just one deep key difference', () => { - const difference = findDifferencesRecursive( - { a: 1, b: { c: { d: 1 } } }, - { a: 1, b: { c: { e: 1 } } } - ); - expect(difference).toEqual(['d']); - }); - - test('it should not find any differences when the original and decoded are both null', () => { - const difference = findDifferencesRecursive(null, null); - expect(difference).toEqual([]); - }); -}); diff --git a/x-pack/plugins/osquery/common/exact_check.ts b/x-pack/plugins/osquery/common/exact_check.ts deleted file mode 100644 index 5334989ea085b68..000000000000000 --- a/x-pack/plugins/osquery/common/exact_check.ts +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import * as t from 'io-ts'; -import { left, Either, fold, right } from 'fp-ts/lib/Either'; -import { pipe } from 'fp-ts/lib/pipeable'; -import { isObject, get } from 'lodash/fp'; - -/** - * Given an original object and a decoded object this will return an error - * if and only if the original object has additional keys that the decoded - * object does not have. If the original decoded already has an error, then - * this will return the error as is and not continue. - * - * NOTE: You MUST use t.exact(...) for this to operate correctly as your schema - * needs to remove additional keys before the compare - * - * You might not need this in the future if the below issue is solved: - * https://github.com/gcanti/io-ts/issues/322 - * - * @param original The original to check if it has additional keys - * @param decoded The decoded either which has either an existing error or the - * decoded object which could have additional keys stripped from it. - * @deprecated Use packages/kbn-securitysolution-io-ts-utils/src/exact_check/index.ts - */ -export const exactCheck = ( - original: unknown, - decoded: Either -): Either => { - const onLeft = (errors: t.Errors): Either => left(errors); - const onRight = (decodedValue: T): Either => { - const differences = findDifferencesRecursive(original, decodedValue); - if (differences.length !== 0) { - const validationError: t.ValidationError = { - value: differences, - context: [], - message: `invalid keys "${differences.join(',')}"`, - }; - const error: t.Errors = [validationError]; - return left(error); - } else { - return right(decodedValue); - } - }; - return pipe(decoded, fold(onLeft, onRight)); -}; - -export const findDifferencesRecursive = (original: unknown, decodedValue: T): string[] => { - if (decodedValue === null && original === null) { - // both the decodedValue and the original are null which indicates that they are equal - // so do not report differences - return []; - } else if (decodedValue == null) { - try { - // It is null and painful when the original contains an object or an array - // the the decoded value does not have. - return [JSON.stringify(original)]; - } catch (err) { - return ['circular reference']; - } - } else if (typeof original !== 'object' || original == null) { - // We are not an object or null so do not report differences - return []; - } else { - const decodedKeys = Object.keys(decodedValue); - const differences = Object.keys(original).flatMap((originalKey) => { - const foundKey = decodedKeys.some((key) => key === originalKey); - const topLevelKey = foundKey ? [] : [originalKey]; - // I use lodash to cheat and get an any (not going to lie ;-)) - const valueObjectOrArrayOriginal = get(originalKey, original); - const valueObjectOrArrayDecoded = get(originalKey, decodedValue); - if (isObject(valueObjectOrArrayOriginal)) { - return [ - ...topLevelKey, - ...findDifferencesRecursive(valueObjectOrArrayOriginal, valueObjectOrArrayDecoded), - ]; - } else if (Array.isArray(valueObjectOrArrayOriginal)) { - return [ - ...topLevelKey, - ...valueObjectOrArrayOriginal.flatMap((arrayElement, index) => - findDifferencesRecursive(arrayElement, get(index, valueObjectOrArrayDecoded)) - ), - ]; - } else { - return topLevelKey; - } - }); - return differences; - } -}; diff --git a/x-pack/plugins/osquery/common/format_errors.test.ts b/x-pack/plugins/osquery/common/format_errors.test.ts deleted file mode 100644 index 9d920de4653c423..000000000000000 --- a/x-pack/plugins/osquery/common/format_errors.test.ts +++ /dev/null @@ -1,179 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import * as t from 'io-ts'; -import { formatErrors } from './format_errors'; - -describe('utils', () => { - test('returns an empty error message string if there are no errors', () => { - const errors: t.Errors = []; - const output = formatErrors(errors); - expect(output).toEqual([]); - }); - - test('returns a single error message if given one', () => { - const validationError: t.ValidationError = { - value: 'Some existing error', - context: [], - message: 'some error', - }; - const errors: t.Errors = [validationError]; - const output = formatErrors(errors); - expect(output).toEqual(['some error']); - }); - - test('returns a two error messages if given two', () => { - const validationError1: t.ValidationError = { - value: 'Some existing error 1', - context: [], - message: 'some error 1', - }; - const validationError2: t.ValidationError = { - value: 'Some existing error 2', - context: [], - message: 'some error 2', - }; - const errors: t.Errors = [validationError1, validationError2]; - const output = formatErrors(errors); - expect(output).toEqual(['some error 1', 'some error 2']); - }); - - test('it filters out duplicate error messages', () => { - const validationError1: t.ValidationError = { - value: 'Some existing error 1', - context: [], - message: 'some error 1', - }; - const validationError2: t.ValidationError = { - value: 'Some existing error 1', - context: [], - message: 'some error 1', - }; - const errors: t.Errors = [validationError1, validationError2]; - const output = formatErrors(errors); - expect(output).toEqual(['some error 1']); - }); - - test('will use message before context if it is set', () => { - const context: t.Context = [{ key: 'some string key' }] as unknown as t.Context; - const validationError1: t.ValidationError = { - value: 'Some existing error 1', - context, - message: 'I should be used first', - }; - const errors: t.Errors = [validationError1]; - const output = formatErrors(errors); - expect(output).toEqual(['I should be used first']); - }); - - test('will use context entry of a single string', () => { - const context: t.Context = [{ key: 'some string key' }] as unknown as t.Context; - const validationError1: t.ValidationError = { - value: 'Some existing error 1', - context, - }; - const errors: t.Errors = [validationError1]; - const output = formatErrors(errors); - expect(output).toEqual(['Invalid value "Some existing error 1" supplied to "some string key"']); - }); - - test('will use two context entries of two strings', () => { - const context: t.Context = [ - { key: 'some string key 1' }, - { key: 'some string key 2' }, - ] as unknown as t.Context; - const validationError1: t.ValidationError = { - value: 'Some existing error 1', - context, - }; - const errors: t.Errors = [validationError1]; - const output = formatErrors(errors); - expect(output).toEqual([ - 'Invalid value "Some existing error 1" supplied to "some string key 1,some string key 2"', - ]); - }); - - test('will filter out and not use any strings of numbers', () => { - const context: t.Context = [{ key: '5' }, { key: 'some string key 2' }] as unknown as t.Context; - const validationError1: t.ValidationError = { - value: 'Some existing error 1', - context, - }; - const errors: t.Errors = [validationError1]; - const output = formatErrors(errors); - expect(output).toEqual([ - 'Invalid value "Some existing error 1" supplied to "some string key 2"', - ]); - }); - - test('will filter out and not use null', () => { - const context: t.Context = [ - { key: null }, - { key: 'some string key 2' }, - ] as unknown as t.Context; - const validationError1: t.ValidationError = { - value: 'Some existing error 1', - context, - }; - const errors: t.Errors = [validationError1]; - const output = formatErrors(errors); - expect(output).toEqual([ - 'Invalid value "Some existing error 1" supplied to "some string key 2"', - ]); - }); - - test('will filter out and not use empty strings', () => { - const context: t.Context = [{ key: '' }, { key: 'some string key 2' }] as unknown as t.Context; - const validationError1: t.ValidationError = { - value: 'Some existing error 1', - context, - }; - const errors: t.Errors = [validationError1]; - const output = formatErrors(errors); - expect(output).toEqual([ - 'Invalid value "Some existing error 1" supplied to "some string key 2"', - ]); - }); - - test('will use a name context if it cannot find a keyContext', () => { - const context: t.Context = [ - { key: '' }, - { key: '', type: { name: 'someName' } }, - ] as unknown as t.Context; - const validationError1: t.ValidationError = { - value: 'Some existing error 1', - context, - }; - const errors: t.Errors = [validationError1]; - const output = formatErrors(errors); - expect(output).toEqual(['Invalid value "Some existing error 1" supplied to "someName"']); - }); - - test('will return an empty string if name does not exist but type does', () => { - const context: t.Context = [{ key: '' }, { key: '', type: {} }] as unknown as t.Context; - const validationError1: t.ValidationError = { - value: 'Some existing error 1', - context, - }; - const errors: t.Errors = [validationError1]; - const output = formatErrors(errors); - expect(output).toEqual(['Invalid value "Some existing error 1" supplied to ""']); - }); - - test('will stringify an error value', () => { - const context: t.Context = [{ key: '' }, { key: 'some string key 2' }] as unknown as t.Context; - const validationError1: t.ValidationError = { - value: { foo: 'some error' }, - context, - }; - const errors: t.Errors = [validationError1]; - const output = formatErrors(errors); - expect(output).toEqual([ - 'Invalid value "{"foo":"some error"}" supplied to "some string key 2"', - ]); - }); -}); diff --git a/x-pack/plugins/osquery/common/format_errors.ts b/x-pack/plugins/osquery/common/format_errors.ts deleted file mode 100644 index 16925699b0fcf6f..000000000000000 --- a/x-pack/plugins/osquery/common/format_errors.ts +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import * as t from 'io-ts'; -import { isObject } from 'lodash/fp'; - -/** - * @deprecated Use packages/kbn-securitysolution-io-ts-utils/src/format_errors/index.ts - */ -export const formatErrors = (errors: t.Errors): string[] => { - const err = errors.map((error) => { - if (error.message != null) { - return error.message; - } else { - const keyContext = error.context - .filter( - (entry) => entry.key != null && !Number.isInteger(+entry.key) && entry.key.trim() !== '' - ) - .map((entry) => entry.key) - .join(','); - - const nameContext = error.context.find((entry) => entry.type?.name?.length > 0); - const suppliedValue = - keyContext !== '' ? keyContext : nameContext != null ? nameContext.type.name : ''; - const value = isObject(error.value) ? JSON.stringify(error.value) : error.value; - return `Invalid value "${value}" supplied to "${suppliedValue}"`; - } - }); - - return [...new Set(err)]; -}; diff --git a/x-pack/plugins/osquery/common/index.ts b/x-pack/plugins/osquery/common/index.ts index 6f1a8c55ad1912c..bec9e75f07ef40d 100644 --- a/x-pack/plugins/osquery/common/index.ts +++ b/x-pack/plugins/osquery/common/index.ts @@ -5,10 +5,7 @@ * 2.0. */ -// TODO: https://github.com/elastic/kibana/issues/110906 -/* eslint-disable @kbn/eslint/no_export_all */ - -export * from './constants'; +export { DEFAULT_DARK_MODE, OSQUERY_INTEGRATION_NAME, BASE_PATH } from './constants'; export const PLUGIN_ID = 'osquery'; export const PLUGIN_NAME = 'Osquery'; diff --git a/x-pack/plugins/osquery/common/schemas/common/schemas.ts b/x-pack/plugins/osquery/common/schemas/common/schemas.ts index 1e52080debb9a90..2ffb6c5feae54d6 100644 --- a/x-pack/plugins/osquery/common/schemas/common/schemas.ts +++ b/x-pack/plugins/osquery/common/schemas/common/schemas.ts @@ -39,11 +39,26 @@ export const queryOrUndefined = t.union([query, t.undefined]); export type QueryOrUndefined = t.TypeOf; export const version = t.string; -export type Version = t.TypeOf; +export type Version = t.TypeOf; export const versionOrUndefined = t.union([version, t.undefined]); export type VersionOrUndefined = t.TypeOf; export const interval = t.string; -export type Interval = t.TypeOf; +export type Interval = t.TypeOf; export const intervalOrUndefined = t.union([interval, t.undefined]); export type IntervalOrUndefined = t.TypeOf; + +export const savedQueryId = t.string; +export type SavedQueryId = t.TypeOf; +export const savedQueryIdOrUndefined = t.union([savedQueryId, t.undefined]); +export type SavedQueryIdOrUndefined = t.TypeOf; + +export const ecsMapping = t.record( + t.string, + t.type({ + field: t.string, + }) +); +export type ECSMapping = t.TypeOf; +export const ecsMappingOrUndefined = t.union([ecsMapping, t.undefined]); +export type ECSMappingOrUndefined = t.TypeOf; diff --git a/x-pack/plugins/osquery/common/schemas/routes/action/create_action_request_body_schema.ts b/x-pack/plugins/osquery/common/schemas/routes/action/create_action_request_body_schema.ts index bcbd528c4e74976..a85471a95a137fb 100644 --- a/x-pack/plugins/osquery/common/schemas/routes/action/create_action_request_body_schema.ts +++ b/x-pack/plugins/osquery/common/schemas/routes/action/create_action_request_body_schema.ts @@ -7,11 +7,18 @@ import * as t from 'io-ts'; -import { query, agentSelection } from '../../common/schemas'; +import { + query, + agentSelection, + ecsMappingOrUndefined, + savedQueryIdOrUndefined, +} from '../../common/schemas'; export const createActionRequestBodySchema = t.type({ agentSelection, query, + saved_query_id: savedQueryIdOrUndefined, + ecs_mapping: ecsMappingOrUndefined, }); export type CreateActionRequestBodySchema = t.OutputOf; diff --git a/x-pack/plugins/osquery/common/schemas/routes/saved_query/create_saved_query_request_schema.ts b/x-pack/plugins/osquery/common/schemas/routes/saved_query/create_saved_query_request_schema.ts index 5aa08d9afde4f11..7cc803f5584c290 100644 --- a/x-pack/plugins/osquery/common/schemas/routes/saved_query/create_saved_query_request_schema.ts +++ b/x-pack/plugins/osquery/common/schemas/routes/saved_query/create_saved_query_request_schema.ts @@ -9,22 +9,24 @@ import * as t from 'io-ts'; import { id, - description, + descriptionOrUndefined, Description, - platform, + platformOrUndefined, query, - version, + versionOrUndefined, interval, + ecsMappingOrUndefined, } from '../../common/schemas'; import { RequiredKeepUndefined } from '../../../types'; export const createSavedQueryRequestSchema = t.type({ id, - description, - platform, + description: descriptionOrUndefined, + platform: platformOrUndefined, query, - version, + version: versionOrUndefined, interval, + ecs_mapping: ecsMappingOrUndefined, }); export type CreateSavedQueryRequestSchema = t.OutputOf; diff --git a/x-pack/plugins/osquery/common/schemas/types/default_uuid.test.ts b/x-pack/plugins/osquery/common/schemas/types/default_uuid.test.ts index 24c5986d5ef2003..b206b4133a811ba 100644 --- a/x-pack/plugins/osquery/common/schemas/types/default_uuid.test.ts +++ b/x-pack/plugins/osquery/common/schemas/types/default_uuid.test.ts @@ -8,8 +8,7 @@ import { DefaultUuid } from './default_uuid'; import { pipe } from 'fp-ts/lib/pipeable'; import { left } from 'fp-ts/lib/Either'; - -import { foldLeftRight, getPaths } from '../../test_utils'; +import { foldLeftRight, getPaths } from '@kbn/securitysolution-io-ts-utils'; describe('default_uuid', () => { test('it should validate a regular string', () => { diff --git a/x-pack/plugins/osquery/common/schemas/types/non_empty_string.test.ts b/x-pack/plugins/osquery/common/schemas/types/non_empty_string.test.ts index e379bcd5b8ea7d4..85919dcc27ee1b3 100644 --- a/x-pack/plugins/osquery/common/schemas/types/non_empty_string.test.ts +++ b/x-pack/plugins/osquery/common/schemas/types/non_empty_string.test.ts @@ -8,8 +8,7 @@ import { NonEmptyString } from './non_empty_string'; import { pipe } from 'fp-ts/lib/pipeable'; import { left } from 'fp-ts/lib/Either'; - -import { foldLeftRight, getPaths } from '../../test_utils'; +import { foldLeftRight, getPaths } from '@kbn/securitysolution-io-ts-utils'; describe('non_empty_string', () => { test('it should validate a regular string', () => { diff --git a/x-pack/plugins/osquery/common/test_utils.ts b/x-pack/plugins/osquery/common/test_utils.ts deleted file mode 100644 index dcf6a2747c3dea4..000000000000000 --- a/x-pack/plugins/osquery/common/test_utils.ts +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import * as t from 'io-ts'; -import { fold } from 'fp-ts/lib/Either'; -import { pipe } from 'fp-ts/lib/pipeable'; - -import { formatErrors } from './format_errors'; - -interface Message { - errors: t.Errors; - schema: T | {}; -} - -/** - * @deprecated Use packages/kbn-securitysolution-io-ts-utils/src/test_utils/index.ts - */ -const onLeft = (errors: t.Errors): Message => { - return { errors, schema: {} }; -}; - -/** - * @deprecated Use packages/kbn-securitysolution-io-ts-utils/src/test_utils/index.ts - */ -const onRight = (schema: T): Message => { - return { - errors: [], - schema, - }; -}; - -/** - * @deprecated Use packages/kbn-securitysolution-io-ts-utils/src/test_utils/index.ts - */ -export const foldLeftRight = fold(onLeft, onRight); - -/** - * Convenience utility to keep the error message handling within tests to be - * very concise. - * @param validation The validation to get the errors from - * @deprecated Use packages/kbn-securitysolution-io-ts-utils/src/test_utils/index.ts - */ -export const getPaths = (validation: t.Validation): string[] => { - return pipe( - validation, - fold( - (errors) => formatErrors(errors), - () => ['no errors'] - ) - ); -}; - -/** - * Convenience utility to remove text appended to links by EUI - * @deprecated Use packages/kbn-securitysolution-io-ts-utils/src/test_utils/index.ts - */ -export const removeExternalLinkText = (str: string): string => - str.replace(/\(opens in a new tab or window\)/g, ''); diff --git a/x-pack/plugins/osquery/cypress/support/index.ts b/x-pack/plugins/osquery/cypress/support/index.ts index 72618c943f4d24d..4fc65f2eac6d051 100644 --- a/x-pack/plugins/osquery/cypress/support/index.ts +++ b/x-pack/plugins/osquery/cypress/support/index.ts @@ -25,6 +25,4 @@ import './commands'; // Alternatively you can use CommonJS syntax: // require('./commands') -Cypress.on('uncaught:exception', () => { - return false; -}); +Cypress.on('uncaught:exception', () => false); diff --git a/x-pack/plugins/osquery/public/actions/actions_table.tsx b/x-pack/plugins/osquery/public/actions/actions_table.tsx index 045c1f67b070da6..6f19979345ddfbe 100644 --- a/x-pack/plugins/osquery/public/actions/actions_table.tsx +++ b/x-pack/plugins/osquery/public/actions/actions_table.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import { isArray } from 'lodash'; +import { isArray, pickBy } from 'lodash'; import { i18n } from '@kbn/i18n'; import { EuiBasicTable, EuiButtonIcon, EuiCodeBlock, formatDate } from '@elastic/eui'; import React, { useState, useCallback, useMemo } from 'react'; @@ -72,9 +72,12 @@ const ActionsTableComponent = () => { const handlePlayClick = useCallback( (item) => push('/live_queries/new', { - form: { - query: item._source?.data?.query, - }, + form: pickBy({ + agentIds: item.fields.agents, + query: item._source.data.query, + ecs_mapping: item._source.data.ecs_mapping, + savedQueryId: item._source.data.saved_query_id, + }), }), [push] ); diff --git a/x-pack/plugins/osquery/public/actions/use_action_details.ts b/x-pack/plugins/osquery/public/actions/use_action_details.ts index 445912b27bc93c2..dfa23247045ef38 100644 --- a/x-pack/plugins/osquery/public/actions/use_action_details.ts +++ b/x-pack/plugins/osquery/public/actions/use_action_details.ts @@ -16,15 +16,11 @@ import { ActionDetailsStrategyResponse, } from '../../common/search_strategy'; import { ESTermQuery } from '../../common/typed_json'; - -import { getInspectResponse, InspectResponse } from './helpers'; import { useErrorToast } from '../common/hooks/use_error_toast'; export interface ActionDetailsArgs { actionDetails: Record; id: string; - inspect: InspectResponse; - isInspected: boolean; } interface UseActionDetails { @@ -53,10 +49,9 @@ export const useActionDetails = ({ actionId, filterQuery, skip = false }: UseAct ) .toPromise(); - return { - ...responseData, - inspect: getInspectResponse(responseData, {} as InspectResponse), - }; + if (!responseData.actionDetails) throw new Error(); + + return responseData; }, { enabled: !skip, @@ -67,6 +62,7 @@ export const useActionDetails = ({ actionId, filterQuery, skip = false }: UseAct defaultMessage: 'Error while fetching action details', }), }), + retryDelay: 1000, } ); }; diff --git a/x-pack/plugins/osquery/public/agent_policies/use_agent_policies.ts b/x-pack/plugins/osquery/public/agent_policies/use_agent_policies.ts index 74061915d3b8667..ea5e5a768f0afd5 100644 --- a/x-pack/plugins/osquery/public/agent_policies/use_agent_policies.ts +++ b/x-pack/plugins/osquery/public/agent_policies/use_agent_policies.ts @@ -5,31 +5,38 @@ * 2.0. */ +import { mapKeys } from 'lodash'; import { useQuery } from 'react-query'; import { i18n } from '@kbn/i18n'; import { useKibana } from '../common/lib/kibana'; -import { GetAgentPoliciesResponse, GetAgentPoliciesResponseItem } from '../../../fleet/common'; +import { GetAgentPoliciesResponseItem } from '../../../fleet/common'; import { useErrorToast } from '../common/hooks/use_error_toast'; export const useAgentPolicies = () => { const { http } = useKibana().services; const setErrorToast = useErrorToast(); - return useQuery( - ['agentPolicies'], - () => http.get('/internal/osquery/fleet_wrapper/agent_policies/'), + return useQuery< + GetAgentPoliciesResponseItem[], + unknown, { - initialData: { items: [], total: 0, page: 1, perPage: 100 }, - keepPreviousData: true, - select: (response) => response.items, - onSuccess: () => setErrorToast(), - onError: (error) => - setErrorToast(error as Error, { - title: i18n.translate('xpack.osquery.agent_policies.fetchError', { - defaultMessage: 'Error while fetching agent policies', - }), - }), + agentPoliciesById: Record; + agentPolicies: GetAgentPoliciesResponseItem[]; } - ); + >(['agentPolicies'], () => http.get('/internal/osquery/fleet_wrapper/agent_policies'), { + initialData: [], + keepPreviousData: true, + select: (response) => ({ + agentPoliciesById: mapKeys(response, 'id'), + agentPolicies: response, + }), + onSuccess: () => setErrorToast(), + onError: (error) => + setErrorToast(error as Error, { + title: i18n.translate('xpack.osquery.agent_policies.fetchError', { + defaultMessage: 'Error while fetching agent policies', + }), + }), + }); }; diff --git a/x-pack/plugins/osquery/public/agents/agent_grouper.ts b/x-pack/plugins/osquery/public/agents/agent_grouper.ts index bc4b4129d3b2b4e..8d234ec8cf905d2 100644 --- a/x-pack/plugins/osquery/public/agents/agent_grouper.ts +++ b/x-pack/plugins/osquery/public/agents/agent_grouper.ts @@ -16,15 +16,13 @@ import { AGENT_GROUP_KEY, Group, GroupOption, GroupedAgent } from './types'; const getColor = generateColorPicker(); -const generateGroup = (label: string, groupType: AGENT_GROUP_KEY) => { - return { - label, - groupType, - color: getColor(groupType), - size: 0, - data: [] as T[], - }; -}; +const generateGroup = (label: string, groupType: AGENT_GROUP_KEY) => ({ + label, + groupType, + color: getColor(groupType), + size: 0, + data: [] as T[], +}); export const generateAgentOption = ( label: string, diff --git a/x-pack/plugins/osquery/public/agents/agents_table.tsx b/x-pack/plugins/osquery/public/agents/agents_table.tsx index f9363a4d0f120d1..c99d5a0454f8260 100644 --- a/x-pack/plugins/osquery/public/agents/agents_table.tsx +++ b/x-pack/plugins/osquery/public/agents/agents_table.tsx @@ -26,6 +26,7 @@ import { generateSelectedAgentsMessage, ALL_AGENTS_LABEL, AGENT_POLICY_LABEL, + AGENT_SELECTION_LABEL, } from './translations'; import { @@ -65,15 +66,16 @@ const AgentsTableComponent: React.FC = ({ agentSelection, onCh loading: groupsLoading, totalCount: totalNumAgents, groups, + isFetched: groupsFetched, } = useAgentGroups(osqueryPolicyData); const grouper = useMemo(() => new AgentGrouper(), []); - const { isLoading: agentsLoading, data: agents } = useAllAgents( - osqueryPolicyData, - debouncedSearchValue, - { - perPage, - } - ); + const { + isLoading: agentsLoading, + data: agents, + isFetched: agentsFetched, + } = useAllAgents(osqueryPolicyData, debouncedSearchValue, { + perPage, + }); // option related const [options, setOptions] = useState([]); @@ -97,7 +99,24 @@ const AgentsTableComponent: React.FC = ({ agentSelection, onCh if (policyOptions) { const defaultOptions = policyOptions.options?.filter((option) => - agentSelection.policiesSelected.includes(option.label) + // @ts-expect-error update types + agentSelection.policiesSelected.includes(option.key) + ); + + if (defaultOptions?.length) { + setSelectedOptions(defaultOptions); + defaultValueInitialized.current = true; + } + } + } + + if (agentSelection.agents.length) { + const agentOptions = find(['label', AGENT_SELECTION_LABEL], options); + + if (agentOptions) { + const defaultOptions = agentOptions.options?.filter((option) => + // @ts-expect-error update types + agentSelection.agents.includes(option.key) ); if (defaultOptions?.length) { @@ -110,15 +129,26 @@ const AgentsTableComponent: React.FC = ({ agentSelection, onCh }, [agentSelection, options, selectedOptions]); useEffect(() => { - // update the groups when groups or agents have changed - grouper.setTotalAgents(totalNumAgents); - grouper.updateGroup(AGENT_GROUP_KEY.Platform, groups.platforms); - grouper.updateGroup(AGENT_GROUP_KEY.Policy, groups.policies); - // @ts-expect-error update types - grouper.updateGroup(AGENT_GROUP_KEY.Agent, agents); - const newOptions = grouper.generateOptions(); - setOptions(newOptions); - }, [groups.platforms, groups.policies, totalNumAgents, groupsLoading, agents, grouper]); + if (agentsFetched && groupsFetched) { + // update the groups when groups or agents have changed + grouper.setTotalAgents(totalNumAgents); + grouper.updateGroup(AGENT_GROUP_KEY.Platform, groups.platforms); + grouper.updateGroup(AGENT_GROUP_KEY.Policy, groups.policies); + // @ts-expect-error update types + grouper.updateGroup(AGENT_GROUP_KEY.Agent, agents); + const newOptions = grouper.generateOptions(); + setOptions(newOptions); + } + }, [ + groups.platforms, + groups.policies, + totalNumAgents, + groupsLoading, + agents, + agentsFetched, + groupsFetched, + grouper, + ]); const onSelection = useCallback( (selection: GroupOption[]) => { diff --git a/x-pack/plugins/osquery/public/agents/helpers.ts b/x-pack/plugins/osquery/public/agents/helpers.ts index df966a01f1de1e0..1b9ac9cedcee2ee 100644 --- a/x-pack/plugins/osquery/public/agents/helpers.ts +++ b/x-pack/plugins/osquery/public/agents/helpers.ts @@ -87,9 +87,10 @@ export const getNumAgentsInGrouping = (selectedGroups: SelectedGroups) => { return sum; }; -export const generateAgentCheck = (selectedGroups: SelectedGroups) => { - return ({ groups }: AgentOptionValue) => { - return Object.keys(groups) +export const generateAgentCheck = + (selectedGroups: SelectedGroups) => + ({ groups }: AgentOptionValue) => + Object.keys(groups) .map((group) => { const selectedGroup = selectedGroups[group]; const agentGroup = groups[group]; @@ -97,8 +98,6 @@ export const generateAgentCheck = (selectedGroups: SelectedGroups) => { return selectedGroup[agentGroup]; }) .every((a) => !a); - }; -}; export const generateAgentSelection = (selection: GroupOption[]) => { const newAgentSelection: AgentSelection = { diff --git a/x-pack/plugins/osquery/public/agents/use_agent_groups.ts b/x-pack/plugins/osquery/public/agents/use_agent_groups.ts index bfa224a23135bf1..4163861166acf89 100644 --- a/x-pack/plugins/osquery/public/agents/use_agent_groups.ts +++ b/x-pack/plugins/osquery/public/agents/use_agent_groups.ts @@ -35,7 +35,7 @@ export const useAgentGroups = ({ osqueryPolicies, osqueryPoliciesLoading }: UseA const [loading, setLoading] = useState(true); const [overlap, setOverlap] = useState(() => ({})); const [totalCount, setTotalCount] = useState(0); - useQuery( + const { isFetched } = useQuery( ['agentGroups'], async () => { const responseData = await data.search @@ -110,6 +110,7 @@ export const useAgentGroups = ({ osqueryPolicies, osqueryPoliciesLoading }: UseA ); return { + isFetched, loading, totalCount, groups: { diff --git a/x-pack/plugins/osquery/public/common/hooks/use_breadcrumbs.tsx b/x-pack/plugins/osquery/public/common/hooks/use_breadcrumbs.tsx index 7b52b330d0148f8..92660943b11707f 100644 --- a/x-pack/plugins/osquery/public/common/hooks/use_breadcrumbs.tsx +++ b/x-pack/plugins/osquery/public/common/hooks/use_breadcrumbs.tsx @@ -101,54 +101,54 @@ const breadcrumbGetters: { text: savedQueryName, }, ], - scheduled_query_groups: () => [ + packs: () => [ BASE_BREADCRUMB, { - text: i18n.translate('xpack.osquery.breadcrumbs.scheduledQueryGroupsPageTitle', { - defaultMessage: 'Scheduled query groups', + text: i18n.translate('xpack.osquery.breadcrumbs.packsPageTitle', { + defaultMessage: 'Packs', }), }, ], - scheduled_query_group_add: () => [ + pack_add: () => [ BASE_BREADCRUMB, { - href: pagePathGetters.scheduled_query_groups(), - text: i18n.translate('xpack.osquery.breadcrumbs.scheduledQueryGroupsPageTitle', { - defaultMessage: 'Scheduled query groups', + href: pagePathGetters.packs(), + text: i18n.translate('xpack.osquery.breadcrumbs.packsPageTitle', { + defaultMessage: 'Packs', }), }, { - text: i18n.translate('xpack.osquery.breadcrumbs.addScheduledQueryGroupsPageTitle', { + text: i18n.translate('xpack.osquery.breadcrumbs.addpacksPageTitle', { defaultMessage: 'Add', }), }, ], - scheduled_query_group_details: ({ scheduledQueryGroupName }) => [ + pack_details: ({ packName }) => [ BASE_BREADCRUMB, { - href: pagePathGetters.scheduled_query_groups(), - text: i18n.translate('xpack.osquery.breadcrumbs.scheduledQueryGroupsPageTitle', { - defaultMessage: 'Scheduled query groups', + href: pagePathGetters.packs(), + text: i18n.translate('xpack.osquery.breadcrumbs.packsPageTitle', { + defaultMessage: 'Packs', }), }, { - text: scheduledQueryGroupName, + text: packName, }, ], - scheduled_query_group_edit: ({ scheduledQueryGroupName, scheduledQueryGroupId }) => [ + pack_edit: ({ packName, packId }) => [ BASE_BREADCRUMB, { - href: pagePathGetters.scheduled_query_groups(), - text: i18n.translate('xpack.osquery.breadcrumbs.scheduledQueryGroupsPageTitle', { - defaultMessage: 'Scheduled query groups', + href: pagePathGetters.packs(), + text: i18n.translate('xpack.osquery.breadcrumbs.packsPageTitle', { + defaultMessage: 'Packs', }), }, { - href: pagePathGetters.scheduled_query_group_details({ scheduledQueryGroupId }), - text: scheduledQueryGroupName, + href: pagePathGetters.pack_details({ packId }), + text: packName, }, { - text: i18n.translate('xpack.osquery.breadcrumbs.editScheduledQueryGroupsPageTitle', { + text: i18n.translate('xpack.osquery.breadcrumbs.editpacksPageTitle', { defaultMessage: 'Edit', }), }, diff --git a/x-pack/plugins/osquery/public/common/index.ts b/x-pack/plugins/osquery/public/common/index.ts index 520c2d2da6d3982..377d7af6d8164e8 100644 --- a/x-pack/plugins/osquery/public/common/index.ts +++ b/x-pack/plugins/osquery/public/common/index.ts @@ -5,7 +5,4 @@ * 2.0. */ -// TODO: https://github.com/elastic/kibana/issues/110906 -/* eslint-disable @kbn/eslint/no_export_all */ - -export * from './helpers'; +export { createFilter } from './helpers'; diff --git a/x-pack/plugins/osquery/public/common/page_paths.ts b/x-pack/plugins/osquery/public/common/page_paths.ts index b1971f9d6ee4124..ac3949ab7c412aa 100644 --- a/x-pack/plugins/osquery/public/common/page_paths.ts +++ b/x-pack/plugins/osquery/public/common/page_paths.ts @@ -10,16 +10,12 @@ export type StaticPage = | 'overview' | 'live_queries' | 'live_query_new' - | 'scheduled_query_groups' - | 'scheduled_query_group_add' + | 'packs' + | 'pack_add' | 'saved_queries' | 'saved_query_new'; -export type DynamicPage = - | 'live_query_details' - | 'scheduled_query_group_details' - | 'scheduled_query_group_edit' - | 'saved_query_edit'; +export type DynamicPage = 'live_query_details' | 'pack_details' | 'pack_edit' | 'saved_query_edit'; export type Page = StaticPage | DynamicPage; @@ -34,10 +30,10 @@ export const PAGE_ROUTING_PATHS = { live_queries: '/live_queries', live_query_new: '/live_queries/new', live_query_details: '/live_queries/:liveQueryId', - scheduled_query_groups: '/scheduled_query_groups', - scheduled_query_group_add: '/scheduled_query_groups/add', - scheduled_query_group_details: '/scheduled_query_groups/:scheduledQueryGroupId', - scheduled_query_group_edit: '/scheduled_query_groups/:scheduledQueryGroupId/edit', + packs: '/packs', + pack_add: '/packs/add', + pack_details: '/packs/:packId', + pack_edit: '/packs/:packId/edit', }; export const pagePathGetters: { @@ -53,10 +49,8 @@ export const pagePathGetters: { saved_queries: () => '/saved_queries', saved_query_new: () => '/saved_queries/new', saved_query_edit: ({ savedQueryId }) => `/saved_queries/${savedQueryId}`, - scheduled_query_groups: () => '/scheduled_query_groups', - scheduled_query_group_add: () => '/scheduled_query_groups/add', - scheduled_query_group_details: ({ scheduledQueryGroupId }) => - `/scheduled_query_groups/${scheduledQueryGroupId}`, - scheduled_query_group_edit: ({ scheduledQueryGroupId }) => - `/scheduled_query_groups/${scheduledQueryGroupId}/edit`, + packs: () => '/packs', + pack_add: () => '/packs/add', + pack_details: ({ packId }) => `/packs/${packId}`, + pack_edit: ({ packId }) => `/packs/${packId}/edit`, }; diff --git a/x-pack/plugins/osquery/public/common/schemas/ecs/v1.11.0.json b/x-pack/plugins/osquery/public/common/schemas/ecs/v1.11.0.json deleted file mode 100644 index 406999901961dd9..000000000000000 --- a/x-pack/plugins/osquery/public/common/schemas/ecs/v1.11.0.json +++ /dev/null @@ -1 +0,0 @@ -[{"field":"labels","type":"object","description":"Custom key/value pairs."},{"field":"message","type":"text","description":"Log message optimized for viewing in a log viewer."},{"field":"tags","type":"keyword","description":"List of keywords used to tag each event."},{"field":"agent.build.original","type":"keyword","description":"Extended build information for the agent."},{"field":"client.address","type":"keyword","description":"Client network address."},{"field":"client.as.number","type":"long","description":"Unique number allocated to the autonomous system."},{"field":"client.as.organization.name","type":"keyword","description":"Organization name."},{"field":"client.as.organization.name.text","type":"text","description":"Organization name."},{"field":"client.bytes","type":"long","description":"Bytes sent from the client to the server."},{"field":"client.domain","type":"keyword","description":"Client domain."},{"field":"client.geo.city_name","type":"keyword","description":"City name."},{"field":"client.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"client.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"client.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"client.geo.country_name","type":"keyword","description":"Country name."},{"field":"client.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"client.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"client.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"client.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"client.geo.region_name","type":"keyword","description":"Region name."},{"field":"client.geo.timezone","type":"keyword","description":"Time zone."},{"field":"client.ip","type":"ip","description":"IP address of the client."},{"field":"client.mac","type":"keyword","description":"MAC address of the client."},{"field":"client.nat.ip","type":"ip","description":"Client NAT ip address"},{"field":"client.nat.port","type":"long","description":"Client NAT port"},{"field":"client.packets","type":"long","description":"Packets sent from the client to the server."},{"field":"client.port","type":"long","description":"Port of the client."},{"field":"client.registered_domain","type":"keyword","description":"The highest registered client domain, stripped of the subdomain."},{"field":"client.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"client.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"client.user.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"client.user.email","type":"keyword","description":"User email address."},{"field":"client.user.full_name","type":"keyword","description":"User's full name, if available."},{"field":"client.user.full_name.text","type":"text","description":"User's full name, if available."},{"field":"client.user.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"client.user.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"client.user.group.name","type":"keyword","description":"Name of the group."},{"field":"client.user.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"client.user.id","type":"keyword","description":"Unique identifier of the user."},{"field":"client.user.name","type":"keyword","description":"Short name or login of the user."},{"field":"client.user.name.text","type":"text","description":"Short name or login of the user."},{"field":"client.user.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"cloud.account.id","type":"keyword","description":"The cloud account or organization id."},{"field":"cloud.account.name","type":"keyword","description":"The cloud account name."},{"field":"cloud.availability_zone","type":"keyword","description":"Availability zone in which this host, resource, or service is located."},{"field":"cloud.instance.id","type":"keyword","description":"Instance ID of the host machine."},{"field":"cloud.instance.name","type":"keyword","description":"Instance name of the host machine."},{"field":"cloud.machine.type","type":"keyword","description":"Machine type of the host machine."},{"field":"cloud.project.id","type":"keyword","description":"The cloud project id."},{"field":"cloud.project.name","type":"keyword","description":"The cloud project name."},{"field":"cloud.provider","type":"keyword","description":"Name of the cloud provider."},{"field":"cloud.region","type":"keyword","description":"Region in which this host, resource, or service is located."},{"field":"cloud.service.name","type":"keyword","description":"The cloud service name."},{"field":"container.id","type":"keyword","description":"Unique container id."},{"field":"container.image.name","type":"keyword","description":"Name of the image the container was built on."},{"field":"container.image.tag","type":"keyword","description":"Container image tags."},{"field":"container.labels","type":"object","description":"Image labels."},{"field":"container.name","type":"keyword","description":"Container name."},{"field":"container.runtime","type":"keyword","description":"Runtime managing this container."},{"field":"data_stream.dataset","type":"constant_keyword","description":"The field can contain anything that makes sense to signify the source of the data."},{"field":"data_stream.namespace","type":"constant_keyword","description":"A user defined namespace. Namespaces are useful to allow grouping of data."},{"field":"data_stream.type","type":"constant_keyword","description":"An overarching type for the data stream."},{"field":"destination.address","type":"keyword","description":"Destination network address."},{"field":"destination.as.number","type":"long","description":"Unique number allocated to the autonomous system."},{"field":"destination.as.organization.name","type":"keyword","description":"Organization name."},{"field":"destination.as.organization.name.text","type":"text","description":"Organization name."},{"field":"destination.bytes","type":"long","description":"Bytes sent from the destination to the source."},{"field":"destination.domain","type":"keyword","description":"Destination domain."},{"field":"destination.geo.city_name","type":"keyword","description":"City name."},{"field":"destination.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"destination.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"destination.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"destination.geo.country_name","type":"keyword","description":"Country name."},{"field":"destination.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"destination.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"destination.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"destination.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"destination.geo.region_name","type":"keyword","description":"Region name."},{"field":"destination.geo.timezone","type":"keyword","description":"Time zone."},{"field":"destination.ip","type":"ip","description":"IP address of the destination."},{"field":"destination.mac","type":"keyword","description":"MAC address of the destination."},{"field":"destination.nat.ip","type":"ip","description":"Destination NAT ip"},{"field":"destination.nat.port","type":"long","description":"Destination NAT Port"},{"field":"destination.packets","type":"long","description":"Packets sent from the destination to the source."},{"field":"destination.port","type":"long","description":"Port of the destination."},{"field":"destination.registered_domain","type":"keyword","description":"The highest registered destination domain, stripped of the subdomain."},{"field":"destination.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"destination.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"destination.user.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"destination.user.email","type":"keyword","description":"User email address."},{"field":"destination.user.full_name","type":"keyword","description":"User's full name, if available."},{"field":"destination.user.full_name.text","type":"text","description":"User's full name, if available."},{"field":"destination.user.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"destination.user.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"destination.user.group.name","type":"keyword","description":"Name of the group."},{"field":"destination.user.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"destination.user.id","type":"keyword","description":"Unique identifier of the user."},{"field":"destination.user.name","type":"keyword","description":"Short name or login of the user."},{"field":"destination.user.name.text","type":"text","description":"Short name or login of the user."},{"field":"destination.user.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"dll.code_signature.exists","type":"boolean","description":"Boolean to capture if a signature is present."},{"field":"dll.code_signature.signing_id","type":"keyword","description":"The identifier used to sign the process."},{"field":"dll.code_signature.status","type":"keyword","description":"Additional information about the certificate status."},{"field":"dll.code_signature.subject_name","type":"keyword","description":"Subject name of the code signer"},{"field":"dll.code_signature.team_id","type":"keyword","description":"The team identifier used to sign the process."},{"field":"dll.code_signature.trusted","type":"boolean","description":"Stores the trust status of the certificate chain."},{"field":"dll.code_signature.valid","type":"boolean","description":"Boolean to capture if the digital signature is verified against the binary content."},{"field":"dll.hash.md5","type":"keyword","description":"MD5 hash."},{"field":"dll.hash.sha1","type":"keyword","description":"SHA1 hash."},{"field":"dll.hash.sha256","type":"keyword","description":"SHA256 hash."},{"field":"dll.hash.sha512","type":"keyword","description":"SHA512 hash."},{"field":"dll.hash.ssdeep","type":"keyword","description":"SSDEEP hash."},{"field":"dll.name","type":"keyword","description":"Name of the library."},{"field":"dll.path","type":"keyword","description":"Full file path of the library."},{"field":"dll.pe.architecture","type":"keyword","description":"CPU architecture target for the file."},{"field":"dll.pe.company","type":"keyword","description":"Internal company name of the file, provided at compile-time."},{"field":"dll.pe.description","type":"keyword","description":"Internal description of the file, provided at compile-time."},{"field":"dll.pe.file_version","type":"keyword","description":"Process name."},{"field":"dll.pe.imphash","type":"keyword","description":"A hash of the imports in a PE file."},{"field":"dll.pe.original_file_name","type":"keyword","description":"Internal name of the file, provided at compile-time."},{"field":"dll.pe.product","type":"keyword","description":"Internal product name of the file, provided at compile-time."},{"field":"dns.answers","type":"object","description":"Array of DNS answers."},{"field":"dns.answers.class","type":"keyword","description":"The class of DNS data contained in this resource record."},{"field":"dns.answers.data","type":"keyword","description":"The data describing the resource."},{"field":"dns.answers.name","type":"keyword","description":"The domain name to which this resource record pertains."},{"field":"dns.answers.ttl","type":"long","description":"The time interval in seconds that this resource record may be cached before it should be discarded."},{"field":"dns.answers.type","type":"keyword","description":"The type of data contained in this resource record."},{"field":"dns.header_flags","type":"keyword","description":"Array of DNS header flags."},{"field":"dns.id","type":"keyword","description":"The DNS packet identifier assigned by the program that generated the query. The identifier is copied to the response."},{"field":"dns.op_code","type":"keyword","description":"The DNS operation code that specifies the kind of query in the message."},{"field":"dns.question.class","type":"keyword","description":"The class of records being queried."},{"field":"dns.question.name","type":"keyword","description":"The name being queried."},{"field":"dns.question.registered_domain","type":"keyword","description":"The highest registered domain, stripped of the subdomain."},{"field":"dns.question.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"dns.question.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"dns.question.type","type":"keyword","description":"The type of record being queried."},{"field":"dns.resolved_ip","type":"ip","description":"Array containing all IPs seen in answers.data"},{"field":"dns.response_code","type":"keyword","description":"The DNS response code."},{"field":"dns.type","type":"keyword","description":"The type of DNS event captured, query or answer."},{"field":"error.code","type":"keyword","description":"Error code describing the error."},{"field":"error.id","type":"keyword","description":"Unique identifier for the error."},{"field":"error.message","type":"text","description":"Error message."},{"field":"error.stack_trace","type":"keyword","description":"The stack trace of this error in plain text."},{"field":"error.stack_trace.text","type":"text","description":"The stack trace of this error in plain text."},{"field":"error.type","type":"keyword","description":"The type of the error, for example the class name of the exception."},{"field":"event.action","type":"keyword","description":"The action captured by the event."},{"field":"event.category","type":"keyword","description":"Event category. The second categorization field in the hierarchy."},{"field":"event.code","type":"keyword","description":"Identification code for this event."},{"field":"event.created","type":"date","description":"Time when the event was first read by an agent or by your pipeline."},{"field":"event.dataset","type":"keyword","description":"Name of the dataset."},{"field":"event.duration","type":"long","description":"Duration of the event in nanoseconds."},{"field":"event.end","type":"date","description":"event.end contains the date when the event ended or when the activity was last observed."},{"field":"event.hash","type":"keyword","description":"Hash (perhaps logstash fingerprint) of raw field to be able to demonstrate log integrity."},{"field":"event.id","type":"keyword","description":"Unique ID to describe the event."},{"field":"event.kind","type":"keyword","description":"The kind of the event. The highest categorization field in the hierarchy."},{"field":"event.original","type":"keyword","description":"Raw text message of entire event."},{"field":"event.outcome","type":"keyword","description":"The outcome of the event. The lowest level categorization field in the hierarchy."},{"field":"event.provider","type":"keyword","description":"Source of the event."},{"field":"event.reason","type":"keyword","description":"Reason why this event happened, according to the source"},{"field":"event.reference","type":"keyword","description":"Event reference URL"},{"field":"event.risk_score","type":"float","description":"Risk score or priority of the event (e.g. security solutions). Use your system's original value here."},{"field":"event.risk_score_norm","type":"float","description":"Normalized risk score or priority of the event (0-100)."},{"field":"event.sequence","type":"long","description":"Sequence number of the event."},{"field":"event.severity","type":"long","description":"Numeric severity of the event."},{"field":"event.start","type":"date","description":"event.start contains the date when the event started or when the activity was first observed."},{"field":"event.timezone","type":"keyword","description":"Event time zone."},{"field":"event.type","type":"keyword","description":"Event type. The third categorization field in the hierarchy."},{"field":"event.url","type":"keyword","description":"Event investigation URL"},{"field":"file.accessed","type":"date","description":"Last time the file was accessed."},{"field":"file.attributes","type":"keyword","description":"Array of file attributes."},{"field":"file.code_signature.exists","type":"boolean","description":"Boolean to capture if a signature is present."},{"field":"file.code_signature.signing_id","type":"keyword","description":"The identifier used to sign the process."},{"field":"file.code_signature.status","type":"keyword","description":"Additional information about the certificate status."},{"field":"file.code_signature.subject_name","type":"keyword","description":"Subject name of the code signer"},{"field":"file.code_signature.team_id","type":"keyword","description":"The team identifier used to sign the process."},{"field":"file.code_signature.trusted","type":"boolean","description":"Stores the trust status of the certificate chain."},{"field":"file.code_signature.valid","type":"boolean","description":"Boolean to capture if the digital signature is verified against the binary content."},{"field":"file.created","type":"date","description":"File creation time."},{"field":"file.ctime","type":"date","description":"Last time the file attributes or metadata changed."},{"field":"file.device","type":"keyword","description":"Device that is the source of the file."},{"field":"file.directory","type":"keyword","description":"Directory where the file is located."},{"field":"file.drive_letter","type":"keyword","description":"Drive letter where the file is located."},{"field":"file.elf.architecture","type":"keyword","description":"Machine architecture of the ELF file."},{"field":"file.elf.byte_order","type":"keyword","description":"Byte sequence of ELF file."},{"field":"file.elf.cpu_type","type":"keyword","description":"CPU type of the ELF file."},{"field":"file.elf.creation_date","type":"date","description":"Build or compile date."},{"field":"file.elf.exports","type":"flattened","description":"List of exported element names and types."},{"field":"file.elf.header.abi_version","type":"keyword","description":"Version of the ELF Application Binary Interface (ABI)."},{"field":"file.elf.header.class","type":"keyword","description":"Header class of the ELF file."},{"field":"file.elf.header.data","type":"keyword","description":"Data table of the ELF header."},{"field":"file.elf.header.entrypoint","type":"long","description":"Header entrypoint of the ELF file."},{"field":"file.elf.header.object_version","type":"keyword","description":"0x1\" for original ELF files."},{"field":"file.elf.header.os_abi","type":"keyword","description":"Application Binary Interface (ABI) of the Linux OS."},{"field":"file.elf.header.type","type":"keyword","description":"Header type of the ELF file."},{"field":"file.elf.header.version","type":"keyword","description":"Version of the ELF header."},{"field":"file.elf.imports","type":"flattened","description":"List of imported element names and types."},{"field":"file.elf.sections","type":"nested","description":"Section information of the ELF file."},{"field":"file.elf.sections.chi2","type":"long","description":"Chi-square probability distribution of the section."},{"field":"file.elf.sections.entropy","type":"long","description":"Shannon entropy calculation from the section."},{"field":"file.elf.sections.flags","type":"keyword","description":"ELF Section List flags."},{"field":"file.elf.sections.name","type":"keyword","description":"ELF Section List name."},{"field":"file.elf.sections.physical_offset","type":"keyword","description":"ELF Section List offset."},{"field":"file.elf.sections.physical_size","type":"long","description":"ELF Section List physical size."},{"field":"file.elf.sections.type","type":"keyword","description":"ELF Section List type."},{"field":"file.elf.sections.virtual_address","type":"long","description":"ELF Section List virtual address."},{"field":"file.elf.sections.virtual_size","type":"long","description":"ELF Section List virtual size."},{"field":"file.elf.segments","type":"nested","description":"ELF object segment list."},{"field":"file.elf.segments.sections","type":"keyword","description":"ELF object segment sections."},{"field":"file.elf.segments.type","type":"keyword","description":"ELF object segment type."},{"field":"file.elf.shared_libraries","type":"keyword","description":"List of shared libraries used by this ELF object."},{"field":"file.elf.telfhash","type":"keyword","description":"telfhash hash for ELF file."},{"field":"file.extension","type":"keyword","description":"File extension, excluding the leading dot."},{"field":"file.gid","type":"keyword","description":"Primary group ID (GID) of the file."},{"field":"file.group","type":"keyword","description":"Primary group name of the file."},{"field":"file.hash.md5","type":"keyword","description":"MD5 hash."},{"field":"file.hash.sha1","type":"keyword","description":"SHA1 hash."},{"field":"file.hash.sha256","type":"keyword","description":"SHA256 hash."},{"field":"file.hash.sha512","type":"keyword","description":"SHA512 hash."},{"field":"file.hash.ssdeep","type":"keyword","description":"SSDEEP hash."},{"field":"file.inode","type":"keyword","description":"Inode representing the file in the filesystem."},{"field":"file.mime_type","type":"keyword","description":"Media type of file, document, or arrangement of bytes."},{"field":"file.mode","type":"keyword","description":"Mode of the file in octal representation."},{"field":"file.mtime","type":"date","description":"Last time the file content was modified."},{"field":"file.name","type":"keyword","description":"Name of the file including the extension, without the directory."},{"field":"file.owner","type":"keyword","description":"File owner's username."},{"field":"file.path","type":"keyword","description":"Full path to the file, including the file name."},{"field":"file.path.text","type":"text","description":"Full path to the file, including the file name."},{"field":"file.pe.architecture","type":"keyword","description":"CPU architecture target for the file."},{"field":"file.pe.company","type":"keyword","description":"Internal company name of the file, provided at compile-time."},{"field":"file.pe.description","type":"keyword","description":"Internal description of the file, provided at compile-time."},{"field":"file.pe.file_version","type":"keyword","description":"Process name."},{"field":"file.pe.imphash","type":"keyword","description":"A hash of the imports in a PE file."},{"field":"file.pe.original_file_name","type":"keyword","description":"Internal name of the file, provided at compile-time."},{"field":"file.pe.product","type":"keyword","description":"Internal product name of the file, provided at compile-time."},{"field":"file.size","type":"long","description":"File size in bytes."},{"field":"file.target_path","type":"keyword","description":"Target path for symlinks."},{"field":"file.target_path.text","type":"text","description":"Target path for symlinks."},{"field":"file.type","type":"keyword","description":"File type (file, dir, or symlink)."},{"field":"file.uid","type":"keyword","description":"The user ID (UID) or security identifier (SID) of the file owner."},{"field":"file.x509.alternative_names","type":"keyword","description":"List of subject alternative names (SAN)."},{"field":"file.x509.issuer.common_name","type":"keyword","description":"List of common name (CN) of issuing certificate authority."},{"field":"file.x509.issuer.country","type":"keyword","description":"List of country (C) codes"},{"field":"file.x509.issuer.distinguished_name","type":"keyword","description":"Distinguished name (DN) of issuing certificate authority."},{"field":"file.x509.issuer.locality","type":"keyword","description":"List of locality names (L)"},{"field":"file.x509.issuer.organization","type":"keyword","description":"List of organizations (O) of issuing certificate authority."},{"field":"file.x509.issuer.organizational_unit","type":"keyword","description":"List of organizational units (OU) of issuing certificate authority."},{"field":"file.x509.issuer.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"file.x509.not_after","type":"date","description":"Time at which the certificate is no longer considered valid."},{"field":"file.x509.not_before","type":"date","description":"Time at which the certificate is first considered valid."},{"field":"file.x509.public_key_algorithm","type":"keyword","description":"Algorithm used to generate the public key."},{"field":"file.x509.public_key_curve","type":"keyword","description":"The curve used by the elliptic curve public key algorithm. This is algorithm specific."},{"field":"file.x509.public_key_exponent","type":"long","description":"Exponent used to derive the public key. This is algorithm specific."},{"field":"file.x509.public_key_size","type":"long","description":"The size of the public key space in bits."},{"field":"file.x509.serial_number","type":"keyword","description":"Unique serial number issued by the certificate authority."},{"field":"file.x509.signature_algorithm","type":"keyword","description":"Identifier for certificate signature algorithm."},{"field":"file.x509.subject.common_name","type":"keyword","description":"List of common names (CN) of subject."},{"field":"file.x509.subject.country","type":"keyword","description":"List of country (C) code"},{"field":"file.x509.subject.distinguished_name","type":"keyword","description":"Distinguished name (DN) of the certificate subject entity."},{"field":"file.x509.subject.locality","type":"keyword","description":"List of locality names (L)"},{"field":"file.x509.subject.organization","type":"keyword","description":"List of organizations (O) of subject."},{"field":"file.x509.subject.organizational_unit","type":"keyword","description":"List of organizational units (OU) of subject."},{"field":"file.x509.subject.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"file.x509.version_number","type":"keyword","description":"Version of x509 format."},{"field":"group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"group.name","type":"keyword","description":"Name of the group."},{"field":"host.cpu.usage","type":"scaled_float","description":"Percent CPU used, between 0 and 1."},{"field":"host.disk.read.bytes","type":"long","description":"The number of bytes read by all disks."},{"field":"host.disk.write.bytes","type":"long","description":"The number of bytes written on all disks."},{"field":"host.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"host.geo.city_name","type":"keyword","description":"City name."},{"field":"host.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"host.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"host.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"host.geo.country_name","type":"keyword","description":"Country name."},{"field":"host.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"host.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"host.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"host.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"host.geo.region_name","type":"keyword","description":"Region name."},{"field":"host.geo.timezone","type":"keyword","description":"Time zone."},{"field":"host.name","type":"keyword","description":"Name of the host."},{"field":"host.network.egress.bytes","type":"long","description":"The number of bytes sent on all network interfaces."},{"field":"host.network.egress.packets","type":"long","description":"The number of packets sent on all network interfaces."},{"field":"host.network.ingress.bytes","type":"long","description":"The number of bytes received on all network interfaces."},{"field":"host.network.ingress.packets","type":"long","description":"The number of packets received on all network interfaces."},{"field":"host.os.full","type":"keyword","description":"Operating system name, including the version or code name."},{"field":"host.os.full.text","type":"text","description":"Operating system name, including the version or code name."},{"field":"host.os.name.text","type":"text","description":"Operating system name, without the version."},{"field":"host.os.platform","type":"keyword","description":"Operating system platform (such centos, ubuntu, windows)."},{"field":"host.type","type":"keyword","description":"Type of host."},{"field":"host.uptime","type":"long","description":"Seconds the host has been up."},{"field":"host.user.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"host.user.email","type":"keyword","description":"User email address."},{"field":"host.user.full_name","type":"keyword","description":"User's full name, if available."},{"field":"host.user.full_name.text","type":"text","description":"User's full name, if available."},{"field":"host.user.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"host.user.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"host.user.group.name","type":"keyword","description":"Name of the group."},{"field":"host.user.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"host.user.id","type":"keyword","description":"Unique identifier of the user."},{"field":"host.user.name","type":"keyword","description":"Short name or login of the user."},{"field":"host.user.name.text","type":"text","description":"Short name or login of the user."},{"field":"host.user.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"http.request.body.bytes","type":"long","description":"Size in bytes of the request body."},{"field":"http.request.body.content","type":"keyword","description":"The full HTTP request body."},{"field":"http.request.body.content.text","type":"text","description":"The full HTTP request body."},{"field":"http.request.bytes","type":"long","description":"Total size in bytes of the request (body and headers)."},{"field":"http.request.id","type":"keyword","description":"HTTP request ID."},{"field":"http.request.method","type":"keyword","description":"HTTP request method."},{"field":"http.request.mime_type","type":"keyword","description":"Mime type of the body of the request."},{"field":"http.request.referrer","type":"keyword","description":"Referrer for this HTTP request."},{"field":"http.response.body.bytes","type":"long","description":"Size in bytes of the response body."},{"field":"http.response.body.content","type":"keyword","description":"The full HTTP response body."},{"field":"http.response.body.content.text","type":"text","description":"The full HTTP response body."},{"field":"http.response.bytes","type":"long","description":"Total size in bytes of the response (body and headers)."},{"field":"http.response.mime_type","type":"keyword","description":"Mime type of the body of the response."},{"field":"http.response.status_code","type":"long","description":"HTTP response status code."},{"field":"http.version","type":"keyword","description":"HTTP version."},{"field":"log.file.path","type":"keyword","description":"Full path to the log file this event came from."},{"field":"log.level","type":"keyword","description":"Log level of the log event."},{"field":"log.logger","type":"keyword","description":"Name of the logger."},{"field":"log.origin.file.line","type":"integer","description":"The line number of the file which originated the log event."},{"field":"log.origin.file.name","type":"keyword","description":"The code file which originated the log event."},{"field":"log.origin.function","type":"keyword","description":"The function which originated the log event."},{"field":"log.original","type":"keyword","description":"Deprecated original log message with light interpretation only (encoding, newlines)."},{"field":"log.syslog","type":"object","description":"Syslog metadata"},{"field":"log.syslog.facility.code","type":"long","description":"Syslog numeric facility of the event."},{"field":"log.syslog.facility.name","type":"keyword","description":"Syslog text-based facility of the event."},{"field":"log.syslog.priority","type":"long","description":"Syslog priority of the event."},{"field":"log.syslog.severity.code","type":"long","description":"Syslog numeric severity of the event."},{"field":"log.syslog.severity.name","type":"keyword","description":"Syslog text-based severity of the event."},{"field":"network.application","type":"keyword","description":"Application level protocol name."},{"field":"network.bytes","type":"long","description":"Total bytes transferred in both directions."},{"field":"network.community_id","type":"keyword","description":"A hash of source and destination IPs and ports."},{"field":"network.direction","type":"keyword","description":"Direction of the network traffic."},{"field":"network.forwarded_ip","type":"ip","description":"Host IP address when the source IP address is the proxy."},{"field":"network.iana_number","type":"keyword","description":"IANA Protocol Number."},{"field":"network.inner","type":"object","description":"Inner VLAN tag information"},{"field":"network.inner.vlan.id","type":"keyword","description":"VLAN ID as reported by the observer."},{"field":"network.inner.vlan.name","type":"keyword","description":"Optional VLAN name as reported by the observer."},{"field":"network.name","type":"keyword","description":"Name given by operators to sections of their network."},{"field":"network.packets","type":"long","description":"Total packets transferred in both directions."},{"field":"network.protocol","type":"keyword","description":"L7 Network protocol name."},{"field":"network.transport","type":"keyword","description":"Protocol Name corresponding to the field `iana_number`."},{"field":"network.type","type":"keyword","description":"In the OSI Model this would be the Network Layer. ipv4, ipv6, ipsec, pim, etc"},{"field":"network.vlan.id","type":"keyword","description":"VLAN ID as reported by the observer."},{"field":"network.vlan.name","type":"keyword","description":"Optional VLAN name as reported by the observer."},{"field":"observer.egress","type":"object","description":"Object field for egress information"},{"field":"observer.egress.interface.alias","type":"keyword","description":"Interface alias"},{"field":"observer.egress.interface.id","type":"keyword","description":"Interface ID"},{"field":"observer.egress.interface.name","type":"keyword","description":"Interface name"},{"field":"observer.egress.vlan.id","type":"keyword","description":"VLAN ID as reported by the observer."},{"field":"observer.egress.vlan.name","type":"keyword","description":"Optional VLAN name as reported by the observer."},{"field":"observer.egress.zone","type":"keyword","description":"Observer Egress zone"},{"field":"observer.geo.city_name","type":"keyword","description":"City name."},{"field":"observer.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"observer.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"observer.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"observer.geo.country_name","type":"keyword","description":"Country name."},{"field":"observer.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"observer.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"observer.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"observer.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"observer.geo.region_name","type":"keyword","description":"Region name."},{"field":"observer.geo.timezone","type":"keyword","description":"Time zone."},{"field":"observer.hostname","type":"keyword","description":"Hostname of the observer."},{"field":"observer.ingress","type":"object","description":"Object field for ingress information"},{"field":"observer.ingress.interface.alias","type":"keyword","description":"Interface alias"},{"field":"observer.ingress.interface.id","type":"keyword","description":"Interface ID"},{"field":"observer.ingress.interface.name","type":"keyword","description":"Interface name"},{"field":"observer.ingress.vlan.id","type":"keyword","description":"VLAN ID as reported by the observer."},{"field":"observer.ingress.vlan.name","type":"keyword","description":"Optional VLAN name as reported by the observer."},{"field":"observer.ingress.zone","type":"keyword","description":"Observer ingress zone"},{"field":"observer.ip","type":"ip","description":"IP addresses of the observer."},{"field":"observer.mac","type":"keyword","description":"MAC addresses of the observer."},{"field":"observer.name","type":"keyword","description":"Custom name of the observer."},{"field":"observer.os.family","type":"keyword","description":"OS family (such as redhat, debian, freebsd, windows)."},{"field":"observer.os.full","type":"keyword","description":"Operating system name, including the version or code name."},{"field":"observer.os.full.text","type":"text","description":"Operating system name, including the version or code name."},{"field":"observer.os.kernel","type":"keyword","description":"Operating system kernel version as a raw string."},{"field":"observer.os.name","type":"keyword","description":"Operating system name, without the version."},{"field":"observer.os.name.text","type":"text","description":"Operating system name, without the version."},{"field":"observer.os.platform","type":"keyword","description":"Operating system platform (such centos, ubuntu, windows)."},{"field":"observer.os.type","type":"keyword","description":"Which commercial OS family (one of: linux, macos, unix or windows)."},{"field":"observer.os.version","type":"keyword","description":"Operating system version as a raw string."},{"field":"observer.product","type":"keyword","description":"The product name of the observer."},{"field":"observer.serial_number","type":"keyword","description":"Observer serial number."},{"field":"observer.type","type":"keyword","description":"The type of the observer the data is coming from."},{"field":"observer.vendor","type":"keyword","description":"Vendor name of the observer."},{"field":"observer.version","type":"keyword","description":"Observer version."},{"field":"orchestrator.api_version","type":"keyword","description":"API version being used to carry out the action"},{"field":"orchestrator.cluster.name","type":"keyword","description":"Name of the cluster."},{"field":"orchestrator.cluster.url","type":"keyword","description":"URL of the API used to manage the cluster."},{"field":"orchestrator.cluster.version","type":"keyword","description":"The version of the cluster."},{"field":"orchestrator.namespace","type":"keyword","description":"Namespace in which the action is taking place."},{"field":"orchestrator.organization","type":"keyword","description":"Organization affected by the event (for multi-tenant orchestrator setups)."},{"field":"orchestrator.resource.name","type":"keyword","description":"Name of the resource being acted upon."},{"field":"orchestrator.resource.type","type":"keyword","description":"Type of resource being acted upon."},{"field":"orchestrator.type","type":"keyword","description":"Orchestrator cluster type (e.g. kubernetes, nomad or cloudfoundry)."},{"field":"organization.id","type":"keyword","description":"Unique identifier for the organization."},{"field":"organization.name","type":"keyword","description":"Organization name."},{"field":"organization.name.text","type":"text","description":"Organization name."},{"field":"package.architecture","type":"keyword","description":"Package architecture."},{"field":"package.build_version","type":"keyword","description":"Build version information"},{"field":"package.checksum","type":"keyword","description":"Checksum of the installed package for verification."},{"field":"package.description","type":"keyword","description":"Description of the package."},{"field":"package.install_scope","type":"keyword","description":"Indicating how the package was installed, e.g. user-local, global."},{"field":"package.installed","type":"date","description":"Time when package was installed."},{"field":"package.license","type":"keyword","description":"Package license"},{"field":"package.name","type":"keyword","description":"Package name"},{"field":"package.path","type":"keyword","description":"Path where the package is installed."},{"field":"package.reference","type":"keyword","description":"Package home page or reference URL"},{"field":"package.size","type":"long","description":"Package size in bytes."},{"field":"package.type","type":"keyword","description":"Package type"},{"field":"package.version","type":"keyword","description":"Package version"},{"field":"process.args","type":"keyword","description":"Array of process arguments."},{"field":"process.args_count","type":"long","description":"Length of the process.args array."},{"field":"process.code_signature.exists","type":"boolean","description":"Boolean to capture if a signature is present."},{"field":"process.code_signature.signing_id","type":"keyword","description":"The identifier used to sign the process."},{"field":"process.code_signature.status","type":"keyword","description":"Additional information about the certificate status."},{"field":"process.code_signature.subject_name","type":"keyword","description":"Subject name of the code signer"},{"field":"process.code_signature.team_id","type":"keyword","description":"The team identifier used to sign the process."},{"field":"process.code_signature.trusted","type":"boolean","description":"Stores the trust status of the certificate chain."},{"field":"process.code_signature.valid","type":"boolean","description":"Boolean to capture if the digital signature is verified against the binary content."},{"field":"process.command_line","type":"keyword","description":"Full command line that started the process."},{"field":"process.command_line.text","type":"text","description":"Full command line that started the process."},{"field":"process.elf.architecture","type":"keyword","description":"Machine architecture of the ELF file."},{"field":"process.elf.byte_order","type":"keyword","description":"Byte sequence of ELF file."},{"field":"process.elf.cpu_type","type":"keyword","description":"CPU type of the ELF file."},{"field":"process.elf.creation_date","type":"date","description":"Build or compile date."},{"field":"process.elf.exports","type":"flattened","description":"List of exported element names and types."},{"field":"process.elf.header.abi_version","type":"keyword","description":"Version of the ELF Application Binary Interface (ABI)."},{"field":"process.elf.header.class","type":"keyword","description":"Header class of the ELF file."},{"field":"process.elf.header.data","type":"keyword","description":"Data table of the ELF header."},{"field":"process.elf.header.entrypoint","type":"long","description":"Header entrypoint of the ELF file."},{"field":"process.elf.header.object_version","type":"keyword","description":"0x1\" for original ELF files."},{"field":"process.elf.header.os_abi","type":"keyword","description":"Application Binary Interface (ABI) of the Linux OS."},{"field":"process.elf.header.type","type":"keyword","description":"Header type of the ELF file."},{"field":"process.elf.header.version","type":"keyword","description":"Version of the ELF header."},{"field":"process.elf.imports","type":"flattened","description":"List of imported element names and types."},{"field":"process.elf.sections","type":"nested","description":"Section information of the ELF file."},{"field":"process.elf.sections.chi2","type":"long","description":"Chi-square probability distribution of the section."},{"field":"process.elf.sections.entropy","type":"long","description":"Shannon entropy calculation from the section."},{"field":"process.elf.sections.flags","type":"keyword","description":"ELF Section List flags."},{"field":"process.elf.sections.name","type":"keyword","description":"ELF Section List name."},{"field":"process.elf.sections.physical_offset","type":"keyword","description":"ELF Section List offset."},{"field":"process.elf.sections.physical_size","type":"long","description":"ELF Section List physical size."},{"field":"process.elf.sections.type","type":"keyword","description":"ELF Section List type."},{"field":"process.elf.sections.virtual_address","type":"long","description":"ELF Section List virtual address."},{"field":"process.elf.sections.virtual_size","type":"long","description":"ELF Section List virtual size."},{"field":"process.elf.segments","type":"nested","description":"ELF object segment list."},{"field":"process.elf.segments.sections","type":"keyword","description":"ELF object segment sections."},{"field":"process.elf.segments.type","type":"keyword","description":"ELF object segment type."},{"field":"process.elf.shared_libraries","type":"keyword","description":"List of shared libraries used by this ELF object."},{"field":"process.elf.telfhash","type":"keyword","description":"telfhash hash for ELF file."},{"field":"process.entity_id","type":"keyword","description":"Unique identifier for the process."},{"field":"process.executable","type":"keyword","description":"Absolute path to the process executable."},{"field":"process.executable.text","type":"text","description":"Absolute path to the process executable."},{"field":"process.exit_code","type":"long","description":"The exit code of the process."},{"field":"process.hash.md5","type":"keyword","description":"MD5 hash."},{"field":"process.hash.sha1","type":"keyword","description":"SHA1 hash."},{"field":"process.hash.sha256","type":"keyword","description":"SHA256 hash."},{"field":"process.hash.sha512","type":"keyword","description":"SHA512 hash."},{"field":"process.hash.ssdeep","type":"keyword","description":"SSDEEP hash."},{"field":"process.name","type":"keyword","description":"Process name."},{"field":"process.name.text","type":"text","description":"Process name."},{"field":"process.parent.args","type":"keyword","description":"Array of process arguments."},{"field":"process.parent.args_count","type":"long","description":"Length of the process.args array."},{"field":"process.parent.code_signature.exists","type":"boolean","description":"Boolean to capture if a signature is present."},{"field":"process.parent.code_signature.signing_id","type":"keyword","description":"The identifier used to sign the process."},{"field":"process.parent.code_signature.status","type":"keyword","description":"Additional information about the certificate status."},{"field":"process.parent.code_signature.subject_name","type":"keyword","description":"Subject name of the code signer"},{"field":"process.parent.code_signature.team_id","type":"keyword","description":"The team identifier used to sign the process."},{"field":"process.parent.code_signature.trusted","type":"boolean","description":"Stores the trust status of the certificate chain."},{"field":"process.parent.code_signature.valid","type":"boolean","description":"Boolean to capture if the digital signature is verified against the binary content."},{"field":"process.parent.command_line","type":"keyword","description":"Full command line that started the process."},{"field":"process.parent.command_line.text","type":"text","description":"Full command line that started the process."},{"field":"process.parent.elf.architecture","type":"keyword","description":"Machine architecture of the ELF file."},{"field":"process.parent.elf.byte_order","type":"keyword","description":"Byte sequence of ELF file."},{"field":"process.parent.elf.cpu_type","type":"keyword","description":"CPU type of the ELF file."},{"field":"process.parent.elf.creation_date","type":"date","description":"Build or compile date."},{"field":"process.parent.elf.exports","type":"flattened","description":"List of exported element names and types."},{"field":"process.parent.elf.header.abi_version","type":"keyword","description":"Version of the ELF Application Binary Interface (ABI)."},{"field":"process.parent.elf.header.class","type":"keyword","description":"Header class of the ELF file."},{"field":"process.parent.elf.header.data","type":"keyword","description":"Data table of the ELF header."},{"field":"process.parent.elf.header.entrypoint","type":"long","description":"Header entrypoint of the ELF file."},{"field":"process.parent.elf.header.object_version","type":"keyword","description":"0x1\" for original ELF files."},{"field":"process.parent.elf.header.os_abi","type":"keyword","description":"Application Binary Interface (ABI) of the Linux OS."},{"field":"process.parent.elf.header.type","type":"keyword","description":"Header type of the ELF file."},{"field":"process.parent.elf.header.version","type":"keyword","description":"Version of the ELF header."},{"field":"process.parent.elf.imports","type":"flattened","description":"List of imported element names and types."},{"field":"process.parent.elf.sections","type":"nested","description":"Section information of the ELF file."},{"field":"process.parent.elf.sections.chi2","type":"long","description":"Chi-square probability distribution of the section."},{"field":"process.parent.elf.sections.entropy","type":"long","description":"Shannon entropy calculation from the section."},{"field":"process.parent.elf.sections.flags","type":"keyword","description":"ELF Section List flags."},{"field":"process.parent.elf.sections.name","type":"keyword","description":"ELF Section List name."},{"field":"process.parent.elf.sections.physical_offset","type":"keyword","description":"ELF Section List offset."},{"field":"process.parent.elf.sections.physical_size","type":"long","description":"ELF Section List physical size."},{"field":"process.parent.elf.sections.type","type":"keyword","description":"ELF Section List type."},{"field":"process.parent.elf.sections.virtual_address","type":"long","description":"ELF Section List virtual address."},{"field":"process.parent.elf.sections.virtual_size","type":"long","description":"ELF Section List virtual size."},{"field":"process.parent.elf.segments","type":"nested","description":"ELF object segment list."},{"field":"process.parent.elf.segments.sections","type":"keyword","description":"ELF object segment sections."},{"field":"process.parent.elf.segments.type","type":"keyword","description":"ELF object segment type."},{"field":"process.parent.elf.shared_libraries","type":"keyword","description":"List of shared libraries used by this ELF object."},{"field":"process.parent.elf.telfhash","type":"keyword","description":"telfhash hash for ELF file."},{"field":"process.parent.entity_id","type":"keyword","description":"Unique identifier for the process."},{"field":"process.parent.executable","type":"keyword","description":"Absolute path to the process executable."},{"field":"process.parent.executable.text","type":"text","description":"Absolute path to the process executable."},{"field":"process.parent.exit_code","type":"long","description":"The exit code of the process."},{"field":"process.parent.hash.md5","type":"keyword","description":"MD5 hash."},{"field":"process.parent.hash.sha1","type":"keyword","description":"SHA1 hash."},{"field":"process.parent.hash.sha256","type":"keyword","description":"SHA256 hash."},{"field":"process.parent.hash.sha512","type":"keyword","description":"SHA512 hash."},{"field":"process.parent.hash.ssdeep","type":"keyword","description":"SSDEEP hash."},{"field":"process.parent.name","type":"keyword","description":"Process name."},{"field":"process.parent.name.text","type":"text","description":"Process name."},{"field":"process.parent.pe.architecture","type":"keyword","description":"CPU architecture target for the file."},{"field":"process.parent.pe.company","type":"keyword","description":"Internal company name of the file, provided at compile-time."},{"field":"process.parent.pe.description","type":"keyword","description":"Internal description of the file, provided at compile-time."},{"field":"process.parent.pe.file_version","type":"keyword","description":"Process name."},{"field":"process.parent.pe.imphash","type":"keyword","description":"A hash of the imports in a PE file."},{"field":"process.parent.pe.original_file_name","type":"keyword","description":"Internal name of the file, provided at compile-time."},{"field":"process.parent.pe.product","type":"keyword","description":"Internal product name of the file, provided at compile-time."},{"field":"process.parent.pgid","type":"long","description":"Identifier of the group of processes the process belongs to."},{"field":"process.parent.pid","type":"long","description":"Process id."},{"field":"process.parent.ppid","type":"long","description":"Parent process' pid."},{"field":"process.parent.start","type":"date","description":"The time the process started."},{"field":"process.parent.thread.id","type":"long","description":"Thread ID."},{"field":"process.parent.thread.name","type":"keyword","description":"Thread name."},{"field":"process.parent.title","type":"keyword","description":"Process title."},{"field":"process.parent.title.text","type":"text","description":"Process title."},{"field":"process.parent.uptime","type":"long","description":"Seconds the process has been up."},{"field":"process.parent.working_directory","type":"keyword","description":"The working directory of the process."},{"field":"process.parent.working_directory.text","type":"text","description":"The working directory of the process."},{"field":"process.pe.architecture","type":"keyword","description":"CPU architecture target for the file."},{"field":"process.pe.company","type":"keyword","description":"Internal company name of the file, provided at compile-time."},{"field":"process.pe.description","type":"keyword","description":"Internal description of the file, provided at compile-time."},{"field":"process.pe.file_version","type":"keyword","description":"Process name."},{"field":"process.pe.imphash","type":"keyword","description":"A hash of the imports in a PE file."},{"field":"process.pe.original_file_name","type":"keyword","description":"Internal name of the file, provided at compile-time."},{"field":"process.pe.product","type":"keyword","description":"Internal product name of the file, provided at compile-time."},{"field":"process.pgid","type":"long","description":"Identifier of the group of processes the process belongs to."},{"field":"process.pid","type":"long","description":"Process id."},{"field":"process.ppid","type":"long","description":"Parent process' pid."},{"field":"process.start","type":"date","description":"The time the process started."},{"field":"process.thread.id","type":"long","description":"Thread ID."},{"field":"process.thread.name","type":"keyword","description":"Thread name."},{"field":"process.title","type":"keyword","description":"Process title."},{"field":"process.title.text","type":"text","description":"Process title."},{"field":"process.uptime","type":"long","description":"Seconds the process has been up."},{"field":"process.working_directory","type":"keyword","description":"The working directory of the process."},{"field":"process.working_directory.text","type":"text","description":"The working directory of the process."},{"field":"registry.data.bytes","type":"keyword","description":"Original bytes written with base64 encoding."},{"field":"registry.data.strings","type":"keyword","description":"List of strings representing what was written to the registry."},{"field":"registry.data.type","type":"keyword","description":"Standard registry type for encoding contents"},{"field":"registry.hive","type":"keyword","description":"Abbreviated name for the hive."},{"field":"registry.key","type":"keyword","description":"Hive-relative path of keys."},{"field":"registry.path","type":"keyword","description":"Full path, including hive, key and value"},{"field":"registry.value","type":"keyword","description":"Name of the value written."},{"field":"related.hash","type":"keyword","description":"All the hashes seen on your event."},{"field":"related.hosts","type":"keyword","description":"All the host identifiers seen on your event."},{"field":"related.ip","type":"ip","description":"All of the IPs seen on your event."},{"field":"related.user","type":"keyword","description":"All the user names or other user identifiers seen on the event."},{"field":"rule.author","type":"keyword","description":"Rule author"},{"field":"rule.category","type":"keyword","description":"Rule category"},{"field":"rule.description","type":"keyword","description":"Rule description"},{"field":"rule.id","type":"keyword","description":"Rule ID"},{"field":"rule.license","type":"keyword","description":"Rule license"},{"field":"rule.name","type":"keyword","description":"Rule name"},{"field":"rule.reference","type":"keyword","description":"Rule reference URL"},{"field":"rule.ruleset","type":"keyword","description":"Rule ruleset"},{"field":"rule.uuid","type":"keyword","description":"Rule UUID"},{"field":"rule.version","type":"keyword","description":"Rule version"},{"field":"server.address","type":"keyword","description":"Server network address."},{"field":"server.as.number","type":"long","description":"Unique number allocated to the autonomous system."},{"field":"server.as.organization.name","type":"keyword","description":"Organization name."},{"field":"server.as.organization.name.text","type":"text","description":"Organization name."},{"field":"server.bytes","type":"long","description":"Bytes sent from the server to the client."},{"field":"server.domain","type":"keyword","description":"Server domain."},{"field":"server.geo.city_name","type":"keyword","description":"City name."},{"field":"server.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"server.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"server.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"server.geo.country_name","type":"keyword","description":"Country name."},{"field":"server.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"server.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"server.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"server.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"server.geo.region_name","type":"keyword","description":"Region name."},{"field":"server.geo.timezone","type":"keyword","description":"Time zone."},{"field":"server.ip","type":"ip","description":"IP address of the server."},{"field":"server.mac","type":"keyword","description":"MAC address of the server."},{"field":"server.nat.ip","type":"ip","description":"Server NAT ip"},{"field":"server.nat.port","type":"long","description":"Server NAT port"},{"field":"server.packets","type":"long","description":"Packets sent from the server to the client."},{"field":"server.port","type":"long","description":"Port of the server."},{"field":"server.registered_domain","type":"keyword","description":"The highest registered server domain, stripped of the subdomain."},{"field":"server.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"server.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"server.user.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"server.user.email","type":"keyword","description":"User email address."},{"field":"server.user.full_name","type":"keyword","description":"User's full name, if available."},{"field":"server.user.full_name.text","type":"text","description":"User's full name, if available."},{"field":"server.user.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"server.user.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"server.user.group.name","type":"keyword","description":"Name of the group."},{"field":"server.user.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"server.user.id","type":"keyword","description":"Unique identifier of the user."},{"field":"server.user.name","type":"keyword","description":"Short name or login of the user."},{"field":"server.user.name.text","type":"text","description":"Short name or login of the user."},{"field":"server.user.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"service.ephemeral_id","type":"keyword","description":"Ephemeral identifier of this service."},{"field":"service.id","type":"keyword","description":"Unique identifier of the running service."},{"field":"service.name","type":"keyword","description":"Name of the service."},{"field":"service.node.name","type":"keyword","description":"Name of the service node."},{"field":"service.state","type":"keyword","description":"Current state of the service."},{"field":"service.type","type":"keyword","description":"The type of the service."},{"field":"service.version","type":"keyword","description":"Version of the service."},{"field":"source.address","type":"keyword","description":"Source network address."},{"field":"source.as.number","type":"long","description":"Unique number allocated to the autonomous system."},{"field":"source.as.organization.name","type":"keyword","description":"Organization name."},{"field":"source.as.organization.name.text","type":"text","description":"Organization name."},{"field":"source.bytes","type":"long","description":"Bytes sent from the source to the destination."},{"field":"source.domain","type":"keyword","description":"Source domain."},{"field":"source.geo.city_name","type":"keyword","description":"City name."},{"field":"source.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"source.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"source.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"source.geo.country_name","type":"keyword","description":"Country name."},{"field":"source.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"source.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"source.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"source.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"source.geo.region_name","type":"keyword","description":"Region name."},{"field":"source.geo.timezone","type":"keyword","description":"Time zone."},{"field":"source.ip","type":"ip","description":"IP address of the source."},{"field":"source.mac","type":"keyword","description":"MAC address of the source."},{"field":"source.nat.ip","type":"ip","description":"Source NAT ip"},{"field":"source.nat.port","type":"long","description":"Source NAT port"},{"field":"source.packets","type":"long","description":"Packets sent from the source to the destination."},{"field":"source.port","type":"long","description":"Port of the source."},{"field":"source.registered_domain","type":"keyword","description":"The highest registered source domain, stripped of the subdomain."},{"field":"source.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"source.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"source.user.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"source.user.email","type":"keyword","description":"User email address."},{"field":"source.user.full_name","type":"keyword","description":"User's full name, if available."},{"field":"source.user.full_name.text","type":"text","description":"User's full name, if available."},{"field":"source.user.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"source.user.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"source.user.group.name","type":"keyword","description":"Name of the group."},{"field":"source.user.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"source.user.id","type":"keyword","description":"Unique identifier of the user."},{"field":"source.user.name","type":"keyword","description":"Short name or login of the user."},{"field":"source.user.name.text","type":"text","description":"Short name or login of the user."},{"field":"source.user.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"span.id","type":"keyword","description":"Unique identifier of the span within the scope of its trace."},{"field":"threat.enrichments","type":"nested","description":"List of objects containing indicators enriching the event."},{"field":"threat.enrichments.indicator","type":"object","description":"Object containing indicators enriching the event."},{"field":"threat.enrichments.indicator.as.number","type":"long","description":"Unique number allocated to the autonomous system."},{"field":"threat.enrichments.indicator.as.organization.name","type":"keyword","description":"Organization name."},{"field":"threat.enrichments.indicator.as.organization.name.text","type":"text","description":"Organization name."},{"field":"threat.enrichments.indicator.confidence","type":"keyword","description":"Indicator confidence rating"},{"field":"threat.enrichments.indicator.description","type":"keyword","description":"Indicator description"},{"field":"threat.enrichments.indicator.email.address","type":"keyword","description":"Indicator email address"},{"field":"threat.enrichments.indicator.file.accessed","type":"date","description":"Last time the file was accessed."},{"field":"threat.enrichments.indicator.file.attributes","type":"keyword","description":"Array of file attributes."},{"field":"threat.enrichments.indicator.file.code_signature.exists","type":"boolean","description":"Boolean to capture if a signature is present."},{"field":"threat.enrichments.indicator.file.code_signature.signing_id","type":"keyword","description":"The identifier used to sign the process."},{"field":"threat.enrichments.indicator.file.code_signature.status","type":"keyword","description":"Additional information about the certificate status."},{"field":"threat.enrichments.indicator.file.code_signature.subject_name","type":"keyword","description":"Subject name of the code signer"},{"field":"threat.enrichments.indicator.file.code_signature.team_id","type":"keyword","description":"The team identifier used to sign the process."},{"field":"threat.enrichments.indicator.file.code_signature.trusted","type":"boolean","description":"Stores the trust status of the certificate chain."},{"field":"threat.enrichments.indicator.file.code_signature.valid","type":"boolean","description":"Boolean to capture if the digital signature is verified against the binary content."},{"field":"threat.enrichments.indicator.file.created","type":"date","description":"File creation time."},{"field":"threat.enrichments.indicator.file.ctime","type":"date","description":"Last time the file attributes or metadata changed."},{"field":"threat.enrichments.indicator.file.device","type":"keyword","description":"Device that is the source of the file."},{"field":"threat.enrichments.indicator.file.directory","type":"keyword","description":"Directory where the file is located."},{"field":"threat.enrichments.indicator.file.drive_letter","type":"keyword","description":"Drive letter where the file is located."},{"field":"threat.enrichments.indicator.file.elf.architecture","type":"keyword","description":"Machine architecture of the ELF file."},{"field":"threat.enrichments.indicator.file.elf.byte_order","type":"keyword","description":"Byte sequence of ELF file."},{"field":"threat.enrichments.indicator.file.elf.cpu_type","type":"keyword","description":"CPU type of the ELF file."},{"field":"threat.enrichments.indicator.file.elf.creation_date","type":"date","description":"Build or compile date."},{"field":"threat.enrichments.indicator.file.elf.exports","type":"flattened","description":"List of exported element names and types."},{"field":"threat.enrichments.indicator.file.elf.header.abi_version","type":"keyword","description":"Version of the ELF Application Binary Interface (ABI)."},{"field":"threat.enrichments.indicator.file.elf.header.class","type":"keyword","description":"Header class of the ELF file."},{"field":"threat.enrichments.indicator.file.elf.header.data","type":"keyword","description":"Data table of the ELF header."},{"field":"threat.enrichments.indicator.file.elf.header.entrypoint","type":"long","description":"Header entrypoint of the ELF file."},{"field":"threat.enrichments.indicator.file.elf.header.object_version","type":"keyword","description":"0x1\" for original ELF files."},{"field":"threat.enrichments.indicator.file.elf.header.os_abi","type":"keyword","description":"Application Binary Interface (ABI) of the Linux OS."},{"field":"threat.enrichments.indicator.file.elf.header.type","type":"keyword","description":"Header type of the ELF file."},{"field":"threat.enrichments.indicator.file.elf.header.version","type":"keyword","description":"Version of the ELF header."},{"field":"threat.enrichments.indicator.file.elf.imports","type":"flattened","description":"List of imported element names and types."},{"field":"threat.enrichments.indicator.file.elf.sections","type":"nested","description":"Section information of the ELF file."},{"field":"threat.enrichments.indicator.file.elf.sections.chi2","type":"long","description":"Chi-square probability distribution of the section."},{"field":"threat.enrichments.indicator.file.elf.sections.entropy","type":"long","description":"Shannon entropy calculation from the section."},{"field":"threat.enrichments.indicator.file.elf.sections.flags","type":"keyword","description":"ELF Section List flags."},{"field":"threat.enrichments.indicator.file.elf.sections.name","type":"keyword","description":"ELF Section List name."},{"field":"threat.enrichments.indicator.file.elf.sections.physical_offset","type":"keyword","description":"ELF Section List offset."},{"field":"threat.enrichments.indicator.file.elf.sections.physical_size","type":"long","description":"ELF Section List physical size."},{"field":"threat.enrichments.indicator.file.elf.sections.type","type":"keyword","description":"ELF Section List type."},{"field":"threat.enrichments.indicator.file.elf.sections.virtual_address","type":"long","description":"ELF Section List virtual address."},{"field":"threat.enrichments.indicator.file.elf.sections.virtual_size","type":"long","description":"ELF Section List virtual size."},{"field":"threat.enrichments.indicator.file.elf.segments","type":"nested","description":"ELF object segment list."},{"field":"threat.enrichments.indicator.file.elf.segments.sections","type":"keyword","description":"ELF object segment sections."},{"field":"threat.enrichments.indicator.file.elf.segments.type","type":"keyword","description":"ELF object segment type."},{"field":"threat.enrichments.indicator.file.elf.shared_libraries","type":"keyword","description":"List of shared libraries used by this ELF object."},{"field":"threat.enrichments.indicator.file.elf.telfhash","type":"keyword","description":"telfhash hash for ELF file."},{"field":"threat.enrichments.indicator.file.extension","type":"keyword","description":"File extension, excluding the leading dot."},{"field":"threat.enrichments.indicator.file.gid","type":"keyword","description":"Primary group ID (GID) of the file."},{"field":"threat.enrichments.indicator.file.group","type":"keyword","description":"Primary group name of the file."},{"field":"threat.enrichments.indicator.file.inode","type":"keyword","description":"Inode representing the file in the filesystem."},{"field":"threat.enrichments.indicator.file.mime_type","type":"keyword","description":"Media type of file, document, or arrangement of bytes."},{"field":"threat.enrichments.indicator.file.mode","type":"keyword","description":"Mode of the file in octal representation."},{"field":"threat.enrichments.indicator.file.mtime","type":"date","description":"Last time the file content was modified."},{"field":"threat.enrichments.indicator.file.name","type":"keyword","description":"Name of the file including the extension, without the directory."},{"field":"threat.enrichments.indicator.file.owner","type":"keyword","description":"File owner's username."},{"field":"threat.enrichments.indicator.file.path","type":"keyword","description":"Full path to the file, including the file name."},{"field":"threat.enrichments.indicator.file.path.text","type":"text","description":"Full path to the file, including the file name."},{"field":"threat.enrichments.indicator.file.size","type":"long","description":"File size in bytes."},{"field":"threat.enrichments.indicator.file.target_path","type":"keyword","description":"Target path for symlinks."},{"field":"threat.enrichments.indicator.file.target_path.text","type":"text","description":"Target path for symlinks."},{"field":"threat.enrichments.indicator.file.type","type":"keyword","description":"File type (file, dir, or symlink)."},{"field":"threat.enrichments.indicator.file.uid","type":"keyword","description":"The user ID (UID) or security identifier (SID) of the file owner."},{"field":"threat.enrichments.indicator.first_seen","type":"date","description":"Date/time indicator was first reported."},{"field":"threat.enrichments.indicator.geo.city_name","type":"keyword","description":"City name."},{"field":"threat.enrichments.indicator.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"threat.enrichments.indicator.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"threat.enrichments.indicator.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"threat.enrichments.indicator.geo.country_name","type":"keyword","description":"Country name."},{"field":"threat.enrichments.indicator.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"threat.enrichments.indicator.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"threat.enrichments.indicator.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"threat.enrichments.indicator.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"threat.enrichments.indicator.geo.region_name","type":"keyword","description":"Region name."},{"field":"threat.enrichments.indicator.geo.timezone","type":"keyword","description":"Time zone."},{"field":"threat.enrichments.indicator.hash.md5","type":"keyword","description":"MD5 hash."},{"field":"threat.enrichments.indicator.hash.sha1","type":"keyword","description":"SHA1 hash."},{"field":"threat.enrichments.indicator.hash.sha256","type":"keyword","description":"SHA256 hash."},{"field":"threat.enrichments.indicator.hash.sha512","type":"keyword","description":"SHA512 hash."},{"field":"threat.enrichments.indicator.hash.ssdeep","type":"keyword","description":"SSDEEP hash."},{"field":"threat.enrichments.indicator.ip","type":"ip","description":"Indicator IP address"},{"field":"threat.enrichments.indicator.last_seen","type":"date","description":"Date/time indicator was last reported."},{"field":"threat.enrichments.indicator.marking.tlp","type":"keyword","description":"Indicator TLP marking"},{"field":"threat.enrichments.indicator.modified_at","type":"date","description":"Date/time indicator was last updated."},{"field":"threat.enrichments.indicator.pe.architecture","type":"keyword","description":"CPU architecture target for the file."},{"field":"threat.enrichments.indicator.pe.company","type":"keyword","description":"Internal company name of the file, provided at compile-time."},{"field":"threat.enrichments.indicator.pe.description","type":"keyword","description":"Internal description of the file, provided at compile-time."},{"field":"threat.enrichments.indicator.pe.file_version","type":"keyword","description":"Process name."},{"field":"threat.enrichments.indicator.pe.imphash","type":"keyword","description":"A hash of the imports in a PE file."},{"field":"threat.enrichments.indicator.pe.original_file_name","type":"keyword","description":"Internal name of the file, provided at compile-time."},{"field":"threat.enrichments.indicator.pe.product","type":"keyword","description":"Internal product name of the file, provided at compile-time."},{"field":"threat.enrichments.indicator.port","type":"long","description":"Indicator port"},{"field":"threat.enrichments.indicator.provider","type":"keyword","description":"Indicator provider"},{"field":"threat.enrichments.indicator.reference","type":"keyword","description":"Indicator reference URL"},{"field":"threat.enrichments.indicator.registry.data.bytes","type":"keyword","description":"Original bytes written with base64 encoding."},{"field":"threat.enrichments.indicator.registry.data.strings","type":"keyword","description":"List of strings representing what was written to the registry."},{"field":"threat.enrichments.indicator.registry.data.type","type":"keyword","description":"Standard registry type for encoding contents"},{"field":"threat.enrichments.indicator.registry.hive","type":"keyword","description":"Abbreviated name for the hive."},{"field":"threat.enrichments.indicator.registry.key","type":"keyword","description":"Hive-relative path of keys."},{"field":"threat.enrichments.indicator.registry.path","type":"keyword","description":"Full path, including hive, key and value"},{"field":"threat.enrichments.indicator.registry.value","type":"keyword","description":"Name of the value written."},{"field":"threat.enrichments.indicator.scanner_stats","type":"long","description":"Scanner statistics"},{"field":"threat.enrichments.indicator.sightings","type":"long","description":"Number of times indicator observed"},{"field":"threat.enrichments.indicator.type","type":"keyword","description":"Type of indicator"},{"field":"threat.enrichments.indicator.url.domain","type":"keyword","description":"Domain of the url."},{"field":"threat.enrichments.indicator.url.extension","type":"keyword","description":"File extension from the request url, excluding the leading dot."},{"field":"threat.enrichments.indicator.url.fragment","type":"keyword","description":"Portion of the url after the `#`."},{"field":"threat.enrichments.indicator.url.full","type":"keyword","description":"Full unparsed URL."},{"field":"threat.enrichments.indicator.url.full.text","type":"text","description":"Full unparsed URL."},{"field":"threat.enrichments.indicator.url.original","type":"keyword","description":"Unmodified original url as seen in the event source."},{"field":"threat.enrichments.indicator.url.original.text","type":"text","description":"Unmodified original url as seen in the event source."},{"field":"threat.enrichments.indicator.url.password","type":"keyword","description":"Password of the request."},{"field":"threat.enrichments.indicator.url.path","type":"keyword","description":"Path of the request, such as \"/search\"."},{"field":"threat.enrichments.indicator.url.port","type":"long","description":"Port of the request, such as 443."},{"field":"threat.enrichments.indicator.url.query","type":"keyword","description":"Query string of the request."},{"field":"threat.enrichments.indicator.url.registered_domain","type":"keyword","description":"The highest registered url domain, stripped of the subdomain."},{"field":"threat.enrichments.indicator.url.scheme","type":"keyword","description":"Scheme of the url."},{"field":"threat.enrichments.indicator.url.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"threat.enrichments.indicator.url.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"threat.enrichments.indicator.url.username","type":"keyword","description":"Username of the request."},{"field":"threat.enrichments.indicator.x509.alternative_names","type":"keyword","description":"List of subject alternative names (SAN)."},{"field":"threat.enrichments.indicator.x509.issuer.common_name","type":"keyword","description":"List of common name (CN) of issuing certificate authority."},{"field":"threat.enrichments.indicator.x509.issuer.country","type":"keyword","description":"List of country (C) codes"},{"field":"threat.enrichments.indicator.x509.issuer.distinguished_name","type":"keyword","description":"Distinguished name (DN) of issuing certificate authority."},{"field":"threat.enrichments.indicator.x509.issuer.locality","type":"keyword","description":"List of locality names (L)"},{"field":"threat.enrichments.indicator.x509.issuer.organization","type":"keyword","description":"List of organizations (O) of issuing certificate authority."},{"field":"threat.enrichments.indicator.x509.issuer.organizational_unit","type":"keyword","description":"List of organizational units (OU) of issuing certificate authority."},{"field":"threat.enrichments.indicator.x509.issuer.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"threat.enrichments.indicator.x509.not_after","type":"date","description":"Time at which the certificate is no longer considered valid."},{"field":"threat.enrichments.indicator.x509.not_before","type":"date","description":"Time at which the certificate is first considered valid."},{"field":"threat.enrichments.indicator.x509.public_key_algorithm","type":"keyword","description":"Algorithm used to generate the public key."},{"field":"threat.enrichments.indicator.x509.public_key_curve","type":"keyword","description":"The curve used by the elliptic curve public key algorithm. This is algorithm specific."},{"field":"threat.enrichments.indicator.x509.public_key_exponent","type":"long","description":"Exponent used to derive the public key. This is algorithm specific."},{"field":"threat.enrichments.indicator.x509.public_key_size","type":"long","description":"The size of the public key space in bits."},{"field":"threat.enrichments.indicator.x509.serial_number","type":"keyword","description":"Unique serial number issued by the certificate authority."},{"field":"threat.enrichments.indicator.x509.signature_algorithm","type":"keyword","description":"Identifier for certificate signature algorithm."},{"field":"threat.enrichments.indicator.x509.subject.common_name","type":"keyword","description":"List of common names (CN) of subject."},{"field":"threat.enrichments.indicator.x509.subject.country","type":"keyword","description":"List of country (C) code"},{"field":"threat.enrichments.indicator.x509.subject.distinguished_name","type":"keyword","description":"Distinguished name (DN) of the certificate subject entity."},{"field":"threat.enrichments.indicator.x509.subject.locality","type":"keyword","description":"List of locality names (L)"},{"field":"threat.enrichments.indicator.x509.subject.organization","type":"keyword","description":"List of organizations (O) of subject."},{"field":"threat.enrichments.indicator.x509.subject.organizational_unit","type":"keyword","description":"List of organizational units (OU) of subject."},{"field":"threat.enrichments.indicator.x509.subject.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"threat.enrichments.indicator.x509.version_number","type":"keyword","description":"Version of x509 format."},{"field":"threat.enrichments.matched.atomic","type":"keyword","description":"Matched indicator value"},{"field":"threat.enrichments.matched.field","type":"keyword","description":"Matched indicator field"},{"field":"threat.enrichments.matched.id","type":"keyword","description":"Matched indicator identifier"},{"field":"threat.enrichments.matched.index","type":"keyword","description":"Matched indicator index"},{"field":"threat.enrichments.matched.type","type":"keyword","description":"Type of indicator match"},{"field":"threat.framework","type":"keyword","description":"Threat classification framework."},{"field":"threat.group.alias","type":"keyword","description":"Alias of the group."},{"field":"threat.group.id","type":"keyword","description":"ID of the group."},{"field":"threat.group.name","type":"keyword","description":"Name of the group."},{"field":"threat.group.reference","type":"keyword","description":"Reference URL of the group."},{"field":"threat.indicator.as.number","type":"long","description":"Unique number allocated to the autonomous system."},{"field":"threat.indicator.as.organization.name","type":"keyword","description":"Organization name."},{"field":"threat.indicator.as.organization.name.text","type":"text","description":"Organization name."},{"field":"threat.indicator.confidence","type":"keyword","description":"Indicator confidence rating"},{"field":"threat.indicator.description","type":"keyword","description":"Indicator description"},{"field":"threat.indicator.email.address","type":"keyword","description":"Indicator email address"},{"field":"threat.indicator.file.accessed","type":"date","description":"Last time the file was accessed."},{"field":"threat.indicator.file.attributes","type":"keyword","description":"Array of file attributes."},{"field":"threat.indicator.file.code_signature.exists","type":"boolean","description":"Boolean to capture if a signature is present."},{"field":"threat.indicator.file.code_signature.signing_id","type":"keyword","description":"The identifier used to sign the process."},{"field":"threat.indicator.file.code_signature.status","type":"keyword","description":"Additional information about the certificate status."},{"field":"threat.indicator.file.code_signature.subject_name","type":"keyword","description":"Subject name of the code signer"},{"field":"threat.indicator.file.code_signature.team_id","type":"keyword","description":"The team identifier used to sign the process."},{"field":"threat.indicator.file.code_signature.trusted","type":"boolean","description":"Stores the trust status of the certificate chain."},{"field":"threat.indicator.file.code_signature.valid","type":"boolean","description":"Boolean to capture if the digital signature is verified against the binary content."},{"field":"threat.indicator.file.created","type":"date","description":"File creation time."},{"field":"threat.indicator.file.ctime","type":"date","description":"Last time the file attributes or metadata changed."},{"field":"threat.indicator.file.device","type":"keyword","description":"Device that is the source of the file."},{"field":"threat.indicator.file.directory","type":"keyword","description":"Directory where the file is located."},{"field":"threat.indicator.file.drive_letter","type":"keyword","description":"Drive letter where the file is located."},{"field":"threat.indicator.file.elf.architecture","type":"keyword","description":"Machine architecture of the ELF file."},{"field":"threat.indicator.file.elf.byte_order","type":"keyword","description":"Byte sequence of ELF file."},{"field":"threat.indicator.file.elf.cpu_type","type":"keyword","description":"CPU type of the ELF file."},{"field":"threat.indicator.file.elf.creation_date","type":"date","description":"Build or compile date."},{"field":"threat.indicator.file.elf.exports","type":"flattened","description":"List of exported element names and types."},{"field":"threat.indicator.file.elf.header.abi_version","type":"keyword","description":"Version of the ELF Application Binary Interface (ABI)."},{"field":"threat.indicator.file.elf.header.class","type":"keyword","description":"Header class of the ELF file."},{"field":"threat.indicator.file.elf.header.data","type":"keyword","description":"Data table of the ELF header."},{"field":"threat.indicator.file.elf.header.entrypoint","type":"long","description":"Header entrypoint of the ELF file."},{"field":"threat.indicator.file.elf.header.object_version","type":"keyword","description":"0x1\" for original ELF files."},{"field":"threat.indicator.file.elf.header.os_abi","type":"keyword","description":"Application Binary Interface (ABI) of the Linux OS."},{"field":"threat.indicator.file.elf.header.type","type":"keyword","description":"Header type of the ELF file."},{"field":"threat.indicator.file.elf.header.version","type":"keyword","description":"Version of the ELF header."},{"field":"threat.indicator.file.elf.imports","type":"flattened","description":"List of imported element names and types."},{"field":"threat.indicator.file.elf.sections","type":"nested","description":"Section information of the ELF file."},{"field":"threat.indicator.file.elf.sections.chi2","type":"long","description":"Chi-square probability distribution of the section."},{"field":"threat.indicator.file.elf.sections.entropy","type":"long","description":"Shannon entropy calculation from the section."},{"field":"threat.indicator.file.elf.sections.flags","type":"keyword","description":"ELF Section List flags."},{"field":"threat.indicator.file.elf.sections.name","type":"keyword","description":"ELF Section List name."},{"field":"threat.indicator.file.elf.sections.physical_offset","type":"keyword","description":"ELF Section List offset."},{"field":"threat.indicator.file.elf.sections.physical_size","type":"long","description":"ELF Section List physical size."},{"field":"threat.indicator.file.elf.sections.type","type":"keyword","description":"ELF Section List type."},{"field":"threat.indicator.file.elf.sections.virtual_address","type":"long","description":"ELF Section List virtual address."},{"field":"threat.indicator.file.elf.sections.virtual_size","type":"long","description":"ELF Section List virtual size."},{"field":"threat.indicator.file.elf.segments","type":"nested","description":"ELF object segment list."},{"field":"threat.indicator.file.elf.segments.sections","type":"keyword","description":"ELF object segment sections."},{"field":"threat.indicator.file.elf.segments.type","type":"keyword","description":"ELF object segment type."},{"field":"threat.indicator.file.elf.shared_libraries","type":"keyword","description":"List of shared libraries used by this ELF object."},{"field":"threat.indicator.file.elf.telfhash","type":"keyword","description":"telfhash hash for ELF file."},{"field":"threat.indicator.file.extension","type":"keyword","description":"File extension, excluding the leading dot."},{"field":"threat.indicator.file.gid","type":"keyword","description":"Primary group ID (GID) of the file."},{"field":"threat.indicator.file.group","type":"keyword","description":"Primary group name of the file."},{"field":"threat.indicator.file.inode","type":"keyword","description":"Inode representing the file in the filesystem."},{"field":"threat.indicator.file.mime_type","type":"keyword","description":"Media type of file, document, or arrangement of bytes."},{"field":"threat.indicator.file.mode","type":"keyword","description":"Mode of the file in octal representation."},{"field":"threat.indicator.file.mtime","type":"date","description":"Last time the file content was modified."},{"field":"threat.indicator.file.name","type":"keyword","description":"Name of the file including the extension, without the directory."},{"field":"threat.indicator.file.owner","type":"keyword","description":"File owner's username."},{"field":"threat.indicator.file.path","type":"keyword","description":"Full path to the file, including the file name."},{"field":"threat.indicator.file.path.text","type":"text","description":"Full path to the file, including the file name."},{"field":"threat.indicator.file.size","type":"long","description":"File size in bytes."},{"field":"threat.indicator.file.target_path","type":"keyword","description":"Target path for symlinks."},{"field":"threat.indicator.file.target_path.text","type":"text","description":"Target path for symlinks."},{"field":"threat.indicator.file.type","type":"keyword","description":"File type (file, dir, or symlink)."},{"field":"threat.indicator.file.uid","type":"keyword","description":"The user ID (UID) or security identifier (SID) of the file owner."},{"field":"threat.indicator.first_seen","type":"date","description":"Date/time indicator was first reported."},{"field":"threat.indicator.geo.city_name","type":"keyword","description":"City name."},{"field":"threat.indicator.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"threat.indicator.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"threat.indicator.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"threat.indicator.geo.country_name","type":"keyword","description":"Country name."},{"field":"threat.indicator.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"threat.indicator.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"threat.indicator.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"threat.indicator.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"threat.indicator.geo.region_name","type":"keyword","description":"Region name."},{"field":"threat.indicator.geo.timezone","type":"keyword","description":"Time zone."},{"field":"threat.indicator.hash.md5","type":"keyword","description":"MD5 hash."},{"field":"threat.indicator.hash.sha1","type":"keyword","description":"SHA1 hash."},{"field":"threat.indicator.hash.sha256","type":"keyword","description":"SHA256 hash."},{"field":"threat.indicator.hash.sha512","type":"keyword","description":"SHA512 hash."},{"field":"threat.indicator.hash.ssdeep","type":"keyword","description":"SSDEEP hash."},{"field":"threat.indicator.ip","type":"ip","description":"Indicator IP address"},{"field":"threat.indicator.last_seen","type":"date","description":"Date/time indicator was last reported."},{"field":"threat.indicator.marking.tlp","type":"keyword","description":"Indicator TLP marking"},{"field":"threat.indicator.modified_at","type":"date","description":"Date/time indicator was last updated."},{"field":"threat.indicator.pe.architecture","type":"keyword","description":"CPU architecture target for the file."},{"field":"threat.indicator.pe.company","type":"keyword","description":"Internal company name of the file, provided at compile-time."},{"field":"threat.indicator.pe.description","type":"keyword","description":"Internal description of the file, provided at compile-time."},{"field":"threat.indicator.pe.file_version","type":"keyword","description":"Process name."},{"field":"threat.indicator.pe.imphash","type":"keyword","description":"A hash of the imports in a PE file."},{"field":"threat.indicator.pe.original_file_name","type":"keyword","description":"Internal name of the file, provided at compile-time."},{"field":"threat.indicator.pe.product","type":"keyword","description":"Internal product name of the file, provided at compile-time."},{"field":"threat.indicator.port","type":"long","description":"Indicator port"},{"field":"threat.indicator.provider","type":"keyword","description":"Indicator provider"},{"field":"threat.indicator.reference","type":"keyword","description":"Indicator reference URL"},{"field":"threat.indicator.registry.data.bytes","type":"keyword","description":"Original bytes written with base64 encoding."},{"field":"threat.indicator.registry.data.strings","type":"keyword","description":"List of strings representing what was written to the registry."},{"field":"threat.indicator.registry.data.type","type":"keyword","description":"Standard registry type for encoding contents"},{"field":"threat.indicator.registry.hive","type":"keyword","description":"Abbreviated name for the hive."},{"field":"threat.indicator.registry.key","type":"keyword","description":"Hive-relative path of keys."},{"field":"threat.indicator.registry.path","type":"keyword","description":"Full path, including hive, key and value"},{"field":"threat.indicator.registry.value","type":"keyword","description":"Name of the value written."},{"field":"threat.indicator.scanner_stats","type":"long","description":"Scanner statistics"},{"field":"threat.indicator.sightings","type":"long","description":"Number of times indicator observed"},{"field":"threat.indicator.type","type":"keyword","description":"Type of indicator"},{"field":"threat.indicator.url.domain","type":"keyword","description":"Domain of the url."},{"field":"threat.indicator.url.extension","type":"keyword","description":"File extension from the request url, excluding the leading dot."},{"field":"threat.indicator.url.fragment","type":"keyword","description":"Portion of the url after the `#`."},{"field":"threat.indicator.url.full","type":"keyword","description":"Full unparsed URL."},{"field":"threat.indicator.url.full.text","type":"text","description":"Full unparsed URL."},{"field":"threat.indicator.url.original","type":"keyword","description":"Unmodified original url as seen in the event source."},{"field":"threat.indicator.url.original.text","type":"text","description":"Unmodified original url as seen in the event source."},{"field":"threat.indicator.url.password","type":"keyword","description":"Password of the request."},{"field":"threat.indicator.url.path","type":"keyword","description":"Path of the request, such as \"/search\"."},{"field":"threat.indicator.url.port","type":"long","description":"Port of the request, such as 443."},{"field":"threat.indicator.url.query","type":"keyword","description":"Query string of the request."},{"field":"threat.indicator.url.registered_domain","type":"keyword","description":"The highest registered url domain, stripped of the subdomain."},{"field":"threat.indicator.url.scheme","type":"keyword","description":"Scheme of the url."},{"field":"threat.indicator.url.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"threat.indicator.url.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"threat.indicator.url.username","type":"keyword","description":"Username of the request."},{"field":"threat.indicator.x509.alternative_names","type":"keyword","description":"List of subject alternative names (SAN)."},{"field":"threat.indicator.x509.issuer.common_name","type":"keyword","description":"List of common name (CN) of issuing certificate authority."},{"field":"threat.indicator.x509.issuer.country","type":"keyword","description":"List of country (C) codes"},{"field":"threat.indicator.x509.issuer.distinguished_name","type":"keyword","description":"Distinguished name (DN) of issuing certificate authority."},{"field":"threat.indicator.x509.issuer.locality","type":"keyword","description":"List of locality names (L)"},{"field":"threat.indicator.x509.issuer.organization","type":"keyword","description":"List of organizations (O) of issuing certificate authority."},{"field":"threat.indicator.x509.issuer.organizational_unit","type":"keyword","description":"List of organizational units (OU) of issuing certificate authority."},{"field":"threat.indicator.x509.issuer.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"threat.indicator.x509.not_after","type":"date","description":"Time at which the certificate is no longer considered valid."},{"field":"threat.indicator.x509.not_before","type":"date","description":"Time at which the certificate is first considered valid."},{"field":"threat.indicator.x509.public_key_algorithm","type":"keyword","description":"Algorithm used to generate the public key."},{"field":"threat.indicator.x509.public_key_curve","type":"keyword","description":"The curve used by the elliptic curve public key algorithm. This is algorithm specific."},{"field":"threat.indicator.x509.public_key_exponent","type":"long","description":"Exponent used to derive the public key. This is algorithm specific."},{"field":"threat.indicator.x509.public_key_size","type":"long","description":"The size of the public key space in bits."},{"field":"threat.indicator.x509.serial_number","type":"keyword","description":"Unique serial number issued by the certificate authority."},{"field":"threat.indicator.x509.signature_algorithm","type":"keyword","description":"Identifier for certificate signature algorithm."},{"field":"threat.indicator.x509.subject.common_name","type":"keyword","description":"List of common names (CN) of subject."},{"field":"threat.indicator.x509.subject.country","type":"keyword","description":"List of country (C) code"},{"field":"threat.indicator.x509.subject.distinguished_name","type":"keyword","description":"Distinguished name (DN) of the certificate subject entity."},{"field":"threat.indicator.x509.subject.locality","type":"keyword","description":"List of locality names (L)"},{"field":"threat.indicator.x509.subject.organization","type":"keyword","description":"List of organizations (O) of subject."},{"field":"threat.indicator.x509.subject.organizational_unit","type":"keyword","description":"List of organizational units (OU) of subject."},{"field":"threat.indicator.x509.subject.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"threat.indicator.x509.version_number","type":"keyword","description":"Version of x509 format."},{"field":"threat.software.id","type":"keyword","description":"ID of the software"},{"field":"threat.software.name","type":"keyword","description":"Name of the software."},{"field":"threat.software.platforms","type":"keyword","description":"Platforms of the software."},{"field":"threat.software.reference","type":"keyword","description":"Software reference URL."},{"field":"threat.software.type","type":"keyword","description":"Software type."},{"field":"threat.tactic.id","type":"keyword","description":"Threat tactic id."},{"field":"threat.tactic.name","type":"keyword","description":"Threat tactic."},{"field":"threat.tactic.reference","type":"keyword","description":"Threat tactic URL reference."},{"field":"threat.technique.id","type":"keyword","description":"Threat technique id."},{"field":"threat.technique.name","type":"keyword","description":"Threat technique name."},{"field":"threat.technique.name.text","type":"text","description":"Threat technique name."},{"field":"threat.technique.reference","type":"keyword","description":"Threat technique URL reference."},{"field":"threat.technique.subtechnique.id","type":"keyword","description":"Threat subtechnique id."},{"field":"threat.technique.subtechnique.name","type":"keyword","description":"Threat subtechnique name."},{"field":"threat.technique.subtechnique.name.text","type":"text","description":"Threat subtechnique name."},{"field":"threat.technique.subtechnique.reference","type":"keyword","description":"Threat subtechnique URL reference."},{"field":"tls.cipher","type":"keyword","description":"String indicating the cipher used during the current connection."},{"field":"tls.client.certificate","type":"keyword","description":"PEM-encoded stand-alone certificate offered by the client."},{"field":"tls.client.certificate_chain","type":"keyword","description":"Array of PEM-encoded certificates that make up the certificate chain offered by the client."},{"field":"tls.client.hash.md5","type":"keyword","description":"Certificate fingerprint using the MD5 digest of DER-encoded version of certificate offered by the client."},{"field":"tls.client.hash.sha1","type":"keyword","description":"Certificate fingerprint using the SHA1 digest of DER-encoded version of certificate offered by the client."},{"field":"tls.client.hash.sha256","type":"keyword","description":"Certificate fingerprint using the SHA256 digest of DER-encoded version of certificate offered by the client."},{"field":"tls.client.issuer","type":"keyword","description":"Distinguished name of subject of the issuer of the x.509 certificate presented by the client."},{"field":"tls.client.ja3","type":"keyword","description":"A hash that identifies clients based on how they perform an SSL/TLS handshake."},{"field":"tls.client.not_after","type":"date","description":"Date/Time indicating when client certificate is no longer considered valid."},{"field":"tls.client.not_before","type":"date","description":"Date/Time indicating when client certificate is first considered valid."},{"field":"tls.client.server_name","type":"keyword","description":"Hostname the client is trying to connect to. Also called the SNI."},{"field":"tls.client.subject","type":"keyword","description":"Distinguished name of subject of the x.509 certificate presented by the client."},{"field":"tls.client.supported_ciphers","type":"keyword","description":"Array of ciphers offered by the client during the client hello."},{"field":"tls.client.x509.alternative_names","type":"keyword","description":"List of subject alternative names (SAN)."},{"field":"tls.client.x509.issuer.common_name","type":"keyword","description":"List of common name (CN) of issuing certificate authority."},{"field":"tls.client.x509.issuer.country","type":"keyword","description":"List of country (C) codes"},{"field":"tls.client.x509.issuer.distinguished_name","type":"keyword","description":"Distinguished name (DN) of issuing certificate authority."},{"field":"tls.client.x509.issuer.locality","type":"keyword","description":"List of locality names (L)"},{"field":"tls.client.x509.issuer.organization","type":"keyword","description":"List of organizations (O) of issuing certificate authority."},{"field":"tls.client.x509.issuer.organizational_unit","type":"keyword","description":"List of organizational units (OU) of issuing certificate authority."},{"field":"tls.client.x509.issuer.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"tls.client.x509.not_after","type":"date","description":"Time at which the certificate is no longer considered valid."},{"field":"tls.client.x509.not_before","type":"date","description":"Time at which the certificate is first considered valid."},{"field":"tls.client.x509.public_key_algorithm","type":"keyword","description":"Algorithm used to generate the public key."},{"field":"tls.client.x509.public_key_curve","type":"keyword","description":"The curve used by the elliptic curve public key algorithm. This is algorithm specific."},{"field":"tls.client.x509.public_key_exponent","type":"long","description":"Exponent used to derive the public key. This is algorithm specific."},{"field":"tls.client.x509.public_key_size","type":"long","description":"The size of the public key space in bits."},{"field":"tls.client.x509.serial_number","type":"keyword","description":"Unique serial number issued by the certificate authority."},{"field":"tls.client.x509.signature_algorithm","type":"keyword","description":"Identifier for certificate signature algorithm."},{"field":"tls.client.x509.subject.common_name","type":"keyword","description":"List of common names (CN) of subject."},{"field":"tls.client.x509.subject.country","type":"keyword","description":"List of country (C) code"},{"field":"tls.client.x509.subject.distinguished_name","type":"keyword","description":"Distinguished name (DN) of the certificate subject entity."},{"field":"tls.client.x509.subject.locality","type":"keyword","description":"List of locality names (L)"},{"field":"tls.client.x509.subject.organization","type":"keyword","description":"List of organizations (O) of subject."},{"field":"tls.client.x509.subject.organizational_unit","type":"keyword","description":"List of organizational units (OU) of subject."},{"field":"tls.client.x509.subject.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"tls.client.x509.version_number","type":"keyword","description":"Version of x509 format."},{"field":"tls.curve","type":"keyword","description":"String indicating the curve used for the given cipher, when applicable."},{"field":"tls.established","type":"boolean","description":"Boolean flag indicating if the TLS negotiation was successful and transitioned to an encrypted tunnel."},{"field":"tls.next_protocol","type":"keyword","description":"String indicating the protocol being tunneled."},{"field":"tls.resumed","type":"boolean","description":"Boolean flag indicating if this TLS connection was resumed from an existing TLS negotiation."},{"field":"tls.server.certificate","type":"keyword","description":"PEM-encoded stand-alone certificate offered by the server."},{"field":"tls.server.certificate_chain","type":"keyword","description":"Array of PEM-encoded certificates that make up the certificate chain offered by the server."},{"field":"tls.server.hash.md5","type":"keyword","description":"Certificate fingerprint using the MD5 digest of DER-encoded version of certificate offered by the server."},{"field":"tls.server.hash.sha1","type":"keyword","description":"Certificate fingerprint using the SHA1 digest of DER-encoded version of certificate offered by the server."},{"field":"tls.server.hash.sha256","type":"keyword","description":"Certificate fingerprint using the SHA256 digest of DER-encoded version of certificate offered by the server."},{"field":"tls.server.issuer","type":"keyword","description":"Subject of the issuer of the x.509 certificate presented by the server."},{"field":"tls.server.ja3s","type":"keyword","description":"A hash that identifies servers based on how they perform an SSL/TLS handshake."},{"field":"tls.server.not_after","type":"date","description":"Timestamp indicating when server certificate is no longer considered valid."},{"field":"tls.server.not_before","type":"date","description":"Timestamp indicating when server certificate is first considered valid."},{"field":"tls.server.subject","type":"keyword","description":"Subject of the x.509 certificate presented by the server."},{"field":"tls.server.x509.alternative_names","type":"keyword","description":"List of subject alternative names (SAN)."},{"field":"tls.server.x509.issuer.common_name","type":"keyword","description":"List of common name (CN) of issuing certificate authority."},{"field":"tls.server.x509.issuer.country","type":"keyword","description":"List of country (C) codes"},{"field":"tls.server.x509.issuer.distinguished_name","type":"keyword","description":"Distinguished name (DN) of issuing certificate authority."},{"field":"tls.server.x509.issuer.locality","type":"keyword","description":"List of locality names (L)"},{"field":"tls.server.x509.issuer.organization","type":"keyword","description":"List of organizations (O) of issuing certificate authority."},{"field":"tls.server.x509.issuer.organizational_unit","type":"keyword","description":"List of organizational units (OU) of issuing certificate authority."},{"field":"tls.server.x509.issuer.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"tls.server.x509.not_after","type":"date","description":"Time at which the certificate is no longer considered valid."},{"field":"tls.server.x509.not_before","type":"date","description":"Time at which the certificate is first considered valid."},{"field":"tls.server.x509.public_key_algorithm","type":"keyword","description":"Algorithm used to generate the public key."},{"field":"tls.server.x509.public_key_curve","type":"keyword","description":"The curve used by the elliptic curve public key algorithm. This is algorithm specific."},{"field":"tls.server.x509.public_key_exponent","type":"long","description":"Exponent used to derive the public key. This is algorithm specific."},{"field":"tls.server.x509.public_key_size","type":"long","description":"The size of the public key space in bits."},{"field":"tls.server.x509.serial_number","type":"keyword","description":"Unique serial number issued by the certificate authority."},{"field":"tls.server.x509.signature_algorithm","type":"keyword","description":"Identifier for certificate signature algorithm."},{"field":"tls.server.x509.subject.common_name","type":"keyword","description":"List of common names (CN) of subject."},{"field":"tls.server.x509.subject.country","type":"keyword","description":"List of country (C) code"},{"field":"tls.server.x509.subject.distinguished_name","type":"keyword","description":"Distinguished name (DN) of the certificate subject entity."},{"field":"tls.server.x509.subject.locality","type":"keyword","description":"List of locality names (L)"},{"field":"tls.server.x509.subject.organization","type":"keyword","description":"List of organizations (O) of subject."},{"field":"tls.server.x509.subject.organizational_unit","type":"keyword","description":"List of organizational units (OU) of subject."},{"field":"tls.server.x509.subject.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"tls.server.x509.version_number","type":"keyword","description":"Version of x509 format."},{"field":"tls.version","type":"keyword","description":"Numeric part of the version parsed from the original string."},{"field":"tls.version_protocol","type":"keyword","description":"Normalized lowercase protocol name parsed from original string."},{"field":"trace.id","type":"keyword","description":"Unique identifier of the trace."},{"field":"transaction.id","type":"keyword","description":"Unique identifier of the transaction within the scope of its trace."},{"field":"url.domain","type":"keyword","description":"Domain of the url."},{"field":"url.extension","type":"keyword","description":"File extension from the request url, excluding the leading dot."},{"field":"url.fragment","type":"keyword","description":"Portion of the url after the `#`."},{"field":"url.full","type":"keyword","description":"Full unparsed URL."},{"field":"url.full.text","type":"text","description":"Full unparsed URL."},{"field":"url.original","type":"keyword","description":"Unmodified original url as seen in the event source."},{"field":"url.original.text","type":"text","description":"Unmodified original url as seen in the event source."},{"field":"url.password","type":"keyword","description":"Password of the request."},{"field":"url.path","type":"keyword","description":"Path of the request, such as \"/search\"."},{"field":"url.port","type":"long","description":"Port of the request, such as 443."},{"field":"url.query","type":"keyword","description":"Query string of the request."},{"field":"url.registered_domain","type":"keyword","description":"The highest registered url domain, stripped of the subdomain."},{"field":"url.scheme","type":"keyword","description":"Scheme of the url."},{"field":"url.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"url.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"url.username","type":"keyword","description":"Username of the request."},{"field":"user.changes.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"user.changes.email","type":"keyword","description":"User email address."},{"field":"user.changes.full_name","type":"keyword","description":"User's full name, if available."},{"field":"user.changes.full_name.text","type":"text","description":"User's full name, if available."},{"field":"user.changes.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"user.changes.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"user.changes.group.name","type":"keyword","description":"Name of the group."},{"field":"user.changes.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"user.changes.id","type":"keyword","description":"Unique identifier of the user."},{"field":"user.changes.name","type":"keyword","description":"Short name or login of the user."},{"field":"user.changes.name.text","type":"text","description":"Short name or login of the user."},{"field":"user.changes.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"user.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"user.effective.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"user.effective.email","type":"keyword","description":"User email address."},{"field":"user.effective.full_name","type":"keyword","description":"User's full name, if available."},{"field":"user.effective.full_name.text","type":"text","description":"User's full name, if available."},{"field":"user.effective.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"user.effective.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"user.effective.group.name","type":"keyword","description":"Name of the group."},{"field":"user.effective.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"user.effective.id","type":"keyword","description":"Unique identifier of the user."},{"field":"user.effective.name","type":"keyword","description":"Short name or login of the user."},{"field":"user.effective.name.text","type":"text","description":"Short name or login of the user."},{"field":"user.effective.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"user.email","type":"keyword","description":"User email address."},{"field":"user.full_name","type":"keyword","description":"User's full name, if available."},{"field":"user.full_name.text","type":"text","description":"User's full name, if available."},{"field":"user.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"user.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"user.group.name","type":"keyword","description":"Name of the group."},{"field":"user.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"user.id","type":"keyword","description":"Unique identifier of the user."},{"field":"user.name","type":"keyword","description":"Short name or login of the user."},{"field":"user.name.text","type":"text","description":"Short name or login of the user."},{"field":"user.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"user.target.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"user.target.email","type":"keyword","description":"User email address."},{"field":"user.target.full_name","type":"keyword","description":"User's full name, if available."},{"field":"user.target.full_name.text","type":"text","description":"User's full name, if available."},{"field":"user.target.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"user.target.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"user.target.group.name","type":"keyword","description":"Name of the group."},{"field":"user.target.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"user.target.id","type":"keyword","description":"Unique identifier of the user."},{"field":"user.target.name","type":"keyword","description":"Short name or login of the user."},{"field":"user.target.name.text","type":"text","description":"Short name or login of the user."},{"field":"user.target.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"user_agent.device.name","type":"keyword","description":"Name of the device."},{"field":"user_agent.name","type":"keyword","description":"Name of the user agent."},{"field":"user_agent.original","type":"keyword","description":"Unparsed user_agent string."},{"field":"user_agent.original.text","type":"text","description":"Unparsed user_agent string."},{"field":"user_agent.os.family","type":"keyword","description":"OS family (such as redhat, debian, freebsd, windows)."},{"field":"user_agent.os.full","type":"keyword","description":"Operating system name, including the version or code name."},{"field":"user_agent.os.full.text","type":"text","description":"Operating system name, including the version or code name."},{"field":"user_agent.os.kernel","type":"keyword","description":"Operating system kernel version as a raw string."},{"field":"user_agent.os.name","type":"keyword","description":"Operating system name, without the version."},{"field":"user_agent.os.name.text","type":"text","description":"Operating system name, without the version."},{"field":"user_agent.os.platform","type":"keyword","description":"Operating system platform (such centos, ubuntu, windows)."},{"field":"user_agent.os.type","type":"keyword","description":"Which commercial OS family (one of: linux, macos, unix or windows)."},{"field":"user_agent.os.version","type":"keyword","description":"Operating system version as a raw string."},{"field":"user_agent.version","type":"keyword","description":"Version of the user agent."},{"field":"vulnerability.category","type":"keyword","description":"Category of a vulnerability."},{"field":"vulnerability.classification","type":"keyword","description":"Classification of the vulnerability."},{"field":"vulnerability.description","type":"keyword","description":"Description of the vulnerability."},{"field":"vulnerability.description.text","type":"text","description":"Description of the vulnerability."},{"field":"vulnerability.enumeration","type":"keyword","description":"Identifier of the vulnerability."},{"field":"vulnerability.id","type":"keyword","description":"ID of the vulnerability."},{"field":"vulnerability.reference","type":"keyword","description":"Reference of the vulnerability."},{"field":"vulnerability.report_id","type":"keyword","description":"Scan identification number."},{"field":"vulnerability.scanner.vendor","type":"keyword","description":"Name of the scanner vendor."},{"field":"vulnerability.score.base","type":"float","description":"Vulnerability Base score."},{"field":"vulnerability.score.environmental","type":"float","description":"Vulnerability Environmental score."},{"field":"vulnerability.score.temporal","type":"float","description":"Vulnerability Temporal score."},{"field":"vulnerability.score.version","type":"keyword","description":"CVSS version."},{"field":"vulnerability.severity","type":"keyword","description":"Severity of the vulnerability."}] \ No newline at end of file diff --git a/x-pack/plugins/osquery/public/common/schemas/ecs/v1.12.1.json b/x-pack/plugins/osquery/public/common/schemas/ecs/v1.12.1.json new file mode 100644 index 000000000000000..2b4a3c8c92f2f51 --- /dev/null +++ b/x-pack/plugins/osquery/public/common/schemas/ecs/v1.12.1.json @@ -0,0 +1 @@ +[{"field":"labels","type":"object","description":"Custom key/value pairs."},{"field":"message","type":"match_only_text","description":"Log message optimized for viewing in a log viewer."},{"field":"tags","type":"keyword","description":"List of keywords used to tag each event."},{"field":"agent.build.original","type":"keyword","description":"Extended build information for the agent."},{"field":"client.address","type":"keyword","description":"Client network address."},{"field":"client.as.number","type":"long","description":"Unique number allocated to the autonomous system."},{"field":"client.as.organization.name","type":"keyword","description":"Organization name."},{"field":"client.as.organization.name.text","type":"match_only_text","description":"Organization name."},{"field":"client.bytes","type":"long","description":"Bytes sent from the client to the server."},{"field":"client.domain","type":"keyword","description":"Client domain."},{"field":"client.geo.city_name","type":"keyword","description":"City name."},{"field":"client.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"client.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"client.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"client.geo.country_name","type":"keyword","description":"Country name."},{"field":"client.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"client.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"client.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"client.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"client.geo.region_name","type":"keyword","description":"Region name."},{"field":"client.geo.timezone","type":"keyword","description":"Time zone."},{"field":"client.ip","type":"ip","description":"IP address of the client."},{"field":"client.mac","type":"keyword","description":"MAC address of the client."},{"field":"client.nat.ip","type":"ip","description":"Client NAT ip address"},{"field":"client.nat.port","type":"long","description":"Client NAT port"},{"field":"client.packets","type":"long","description":"Packets sent from the client to the server."},{"field":"client.port","type":"long","description":"Port of the client."},{"field":"client.registered_domain","type":"keyword","description":"The highest registered client domain, stripped of the subdomain."},{"field":"client.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"client.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"client.user.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"client.user.email","type":"keyword","description":"User email address."},{"field":"client.user.full_name","type":"keyword","description":"User's full name, if available."},{"field":"client.user.full_name.text","type":"match_only_text","description":"User's full name, if available."},{"field":"client.user.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"client.user.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"client.user.group.name","type":"keyword","description":"Name of the group."},{"field":"client.user.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"client.user.id","type":"keyword","description":"Unique identifier of the user."},{"field":"client.user.name","type":"keyword","description":"Short name or login of the user."},{"field":"client.user.name.text","type":"match_only_text","description":"Short name or login of the user."},{"field":"client.user.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"cloud.account.id","type":"keyword","description":"The cloud account or organization id."},{"field":"cloud.account.name","type":"keyword","description":"The cloud account name."},{"field":"cloud.availability_zone","type":"keyword","description":"Availability zone in which this host, resource, or service is located."},{"field":"cloud.instance.id","type":"keyword","description":"Instance ID of the host machine."},{"field":"cloud.instance.name","type":"keyword","description":"Instance name of the host machine."},{"field":"cloud.machine.type","type":"keyword","description":"Machine type of the host machine."},{"field":"cloud.project.id","type":"keyword","description":"The cloud project id."},{"field":"cloud.project.name","type":"keyword","description":"The cloud project name."},{"field":"cloud.provider","type":"keyword","description":"Name of the cloud provider."},{"field":"cloud.region","type":"keyword","description":"Region in which this host, resource, or service is located."},{"field":"cloud.service.name","type":"keyword","description":"The cloud service name."},{"field":"container.id","type":"keyword","description":"Unique container id."},{"field":"container.image.name","type":"keyword","description":"Name of the image the container was built on."},{"field":"container.image.tag","type":"keyword","description":"Container image tags."},{"field":"container.labels","type":"object","description":"Image labels."},{"field":"container.name","type":"keyword","description":"Container name."},{"field":"container.runtime","type":"keyword","description":"Runtime managing this container."},{"field":"data_stream.dataset","type":"constant_keyword","description":"The field can contain anything that makes sense to signify the source of the data."},{"field":"data_stream.namespace","type":"constant_keyword","description":"A user defined namespace. Namespaces are useful to allow grouping of data."},{"field":"data_stream.type","type":"constant_keyword","description":"An overarching type for the data stream."},{"field":"destination.address","type":"keyword","description":"Destination network address."},{"field":"destination.as.number","type":"long","description":"Unique number allocated to the autonomous system."},{"field":"destination.as.organization.name","type":"keyword","description":"Organization name."},{"field":"destination.as.organization.name.text","type":"match_only_text","description":"Organization name."},{"field":"destination.bytes","type":"long","description":"Bytes sent from the destination to the source."},{"field":"destination.domain","type":"keyword","description":"Destination domain."},{"field":"destination.geo.city_name","type":"keyword","description":"City name."},{"field":"destination.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"destination.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"destination.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"destination.geo.country_name","type":"keyword","description":"Country name."},{"field":"destination.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"destination.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"destination.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"destination.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"destination.geo.region_name","type":"keyword","description":"Region name."},{"field":"destination.geo.timezone","type":"keyword","description":"Time zone."},{"field":"destination.ip","type":"ip","description":"IP address of the destination."},{"field":"destination.mac","type":"keyword","description":"MAC address of the destination."},{"field":"destination.nat.ip","type":"ip","description":"Destination NAT ip"},{"field":"destination.nat.port","type":"long","description":"Destination NAT Port"},{"field":"destination.packets","type":"long","description":"Packets sent from the destination to the source."},{"field":"destination.port","type":"long","description":"Port of the destination."},{"field":"destination.registered_domain","type":"keyword","description":"The highest registered destination domain, stripped of the subdomain."},{"field":"destination.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"destination.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"destination.user.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"destination.user.email","type":"keyword","description":"User email address."},{"field":"destination.user.full_name","type":"keyword","description":"User's full name, if available."},{"field":"destination.user.full_name.text","type":"match_only_text","description":"User's full name, if available."},{"field":"destination.user.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"destination.user.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"destination.user.group.name","type":"keyword","description":"Name of the group."},{"field":"destination.user.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"destination.user.id","type":"keyword","description":"Unique identifier of the user."},{"field":"destination.user.name","type":"keyword","description":"Short name or login of the user."},{"field":"destination.user.name.text","type":"match_only_text","description":"Short name or login of the user."},{"field":"destination.user.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"dll.code_signature.digest_algorithm","type":"keyword","description":"Hashing algorithm used to sign the process."},{"field":"dll.code_signature.exists","type":"boolean","description":"Boolean to capture if a signature is present."},{"field":"dll.code_signature.signing_id","type":"keyword","description":"The identifier used to sign the process."},{"field":"dll.code_signature.status","type":"keyword","description":"Additional information about the certificate status."},{"field":"dll.code_signature.subject_name","type":"keyword","description":"Subject name of the code signer"},{"field":"dll.code_signature.team_id","type":"keyword","description":"The team identifier used to sign the process."},{"field":"dll.code_signature.timestamp","type":"date","description":"When the signature was generated and signed."},{"field":"dll.code_signature.trusted","type":"boolean","description":"Stores the trust status of the certificate chain."},{"field":"dll.code_signature.valid","type":"boolean","description":"Boolean to capture if the digital signature is verified against the binary content."},{"field":"dll.hash.md5","type":"keyword","description":"MD5 hash."},{"field":"dll.hash.sha1","type":"keyword","description":"SHA1 hash."},{"field":"dll.hash.sha256","type":"keyword","description":"SHA256 hash."},{"field":"dll.hash.sha512","type":"keyword","description":"SHA512 hash."},{"field":"dll.hash.ssdeep","type":"keyword","description":"SSDEEP hash."},{"field":"dll.name","type":"keyword","description":"Name of the library."},{"field":"dll.path","type":"keyword","description":"Full file path of the library."},{"field":"dll.pe.architecture","type":"keyword","description":"CPU architecture target for the file."},{"field":"dll.pe.company","type":"keyword","description":"Internal company name of the file, provided at compile-time."},{"field":"dll.pe.description","type":"keyword","description":"Internal description of the file, provided at compile-time."},{"field":"dll.pe.file_version","type":"keyword","description":"Process name."},{"field":"dll.pe.imphash","type":"keyword","description":"A hash of the imports in a PE file."},{"field":"dll.pe.original_file_name","type":"keyword","description":"Internal name of the file, provided at compile-time."},{"field":"dll.pe.product","type":"keyword","description":"Internal product name of the file, provided at compile-time."},{"field":"dns.answers","type":"object","description":"Array of DNS answers."},{"field":"dns.answers.class","type":"keyword","description":"The class of DNS data contained in this resource record."},{"field":"dns.answers.data","type":"keyword","description":"The data describing the resource."},{"field":"dns.answers.name","type":"keyword","description":"The domain name to which this resource record pertains."},{"field":"dns.answers.ttl","type":"long","description":"The time interval in seconds that this resource record may be cached before it should be discarded."},{"field":"dns.answers.type","type":"keyword","description":"The type of data contained in this resource record."},{"field":"dns.header_flags","type":"keyword","description":"Array of DNS header flags."},{"field":"dns.id","type":"keyword","description":"The DNS packet identifier assigned by the program that generated the query. The identifier is copied to the response."},{"field":"dns.op_code","type":"keyword","description":"The DNS operation code that specifies the kind of query in the message."},{"field":"dns.question.class","type":"keyword","description":"The class of records being queried."},{"field":"dns.question.name","type":"keyword","description":"The name being queried."},{"field":"dns.question.registered_domain","type":"keyword","description":"The highest registered domain, stripped of the subdomain."},{"field":"dns.question.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"dns.question.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"dns.question.type","type":"keyword","description":"The type of record being queried."},{"field":"dns.resolved_ip","type":"ip","description":"Array containing all IPs seen in answers.data"},{"field":"dns.response_code","type":"keyword","description":"The DNS response code."},{"field":"dns.type","type":"keyword","description":"The type of DNS event captured, query or answer."},{"field":"error.code","type":"keyword","description":"Error code describing the error."},{"field":"error.id","type":"keyword","description":"Unique identifier for the error."},{"field":"error.message","type":"match_only_text","description":"Error message."},{"field":"error.stack_trace","type":"wildcard","description":"The stack trace of this error in plain text."},{"field":"error.stack_trace.text","type":"match_only_text","description":"The stack trace of this error in plain text."},{"field":"error.type","type":"keyword","description":"The type of the error, for example the class name of the exception."},{"field":"event.action","type":"keyword","description":"The action captured by the event."},{"field":"event.category","type":"keyword","description":"Event category. The second categorization field in the hierarchy."},{"field":"event.code","type":"keyword","description":"Identification code for this event."},{"field":"event.created","type":"date","description":"Time when the event was first read by an agent or by your pipeline."},{"field":"event.dataset","type":"keyword","description":"Name of the dataset."},{"field":"event.duration","type":"long","description":"Duration of the event in nanoseconds."},{"field":"event.end","type":"date","description":"event.end contains the date when the event ended or when the activity was last observed."},{"field":"event.hash","type":"keyword","description":"Hash (perhaps logstash fingerprint) of raw field to be able to demonstrate log integrity."},{"field":"event.id","type":"keyword","description":"Unique ID to describe the event."},{"field":"event.kind","type":"keyword","description":"The kind of the event. The highest categorization field in the hierarchy."},{"field":"event.original","type":"keyword","description":"Raw text message of entire event."},{"field":"event.outcome","type":"keyword","description":"The outcome of the event. The lowest level categorization field in the hierarchy."},{"field":"event.provider","type":"keyword","description":"Source of the event."},{"field":"event.reason","type":"keyword","description":"Reason why this event happened, according to the source"},{"field":"event.reference","type":"keyword","description":"Event reference URL"},{"field":"event.risk_score","type":"float","description":"Risk score or priority of the event (e.g. security solutions). Use your system's original value here."},{"field":"event.risk_score_norm","type":"float","description":"Normalized risk score or priority of the event (0-100)."},{"field":"event.sequence","type":"long","description":"Sequence number of the event."},{"field":"event.severity","type":"long","description":"Numeric severity of the event."},{"field":"event.start","type":"date","description":"event.start contains the date when the event started or when the activity was first observed."},{"field":"event.timezone","type":"keyword","description":"Event time zone."},{"field":"event.type","type":"keyword","description":"Event type. The third categorization field in the hierarchy."},{"field":"event.url","type":"keyword","description":"Event investigation URL"},{"field":"file.accessed","type":"date","description":"Last time the file was accessed."},{"field":"file.attributes","type":"keyword","description":"Array of file attributes."},{"field":"file.code_signature.digest_algorithm","type":"keyword","description":"Hashing algorithm used to sign the process."},{"field":"file.code_signature.exists","type":"boolean","description":"Boolean to capture if a signature is present."},{"field":"file.code_signature.signing_id","type":"keyword","description":"The identifier used to sign the process."},{"field":"file.code_signature.status","type":"keyword","description":"Additional information about the certificate status."},{"field":"file.code_signature.subject_name","type":"keyword","description":"Subject name of the code signer"},{"field":"file.code_signature.team_id","type":"keyword","description":"The team identifier used to sign the process."},{"field":"file.code_signature.timestamp","type":"date","description":"When the signature was generated and signed."},{"field":"file.code_signature.trusted","type":"boolean","description":"Stores the trust status of the certificate chain."},{"field":"file.code_signature.valid","type":"boolean","description":"Boolean to capture if the digital signature is verified against the binary content."},{"field":"file.created","type":"date","description":"File creation time."},{"field":"file.ctime","type":"date","description":"Last time the file attributes or metadata changed."},{"field":"file.device","type":"keyword","description":"Device that is the source of the file."},{"field":"file.directory","type":"keyword","description":"Directory where the file is located."},{"field":"file.drive_letter","type":"keyword","description":"Drive letter where the file is located."},{"field":"file.elf.architecture","type":"keyword","description":"Machine architecture of the ELF file."},{"field":"file.elf.byte_order","type":"keyword","description":"Byte sequence of ELF file."},{"field":"file.elf.cpu_type","type":"keyword","description":"CPU type of the ELF file."},{"field":"file.elf.creation_date","type":"date","description":"Build or compile date."},{"field":"file.elf.exports","type":"flattened","description":"List of exported element names and types."},{"field":"file.elf.header.abi_version","type":"keyword","description":"Version of the ELF Application Binary Interface (ABI)."},{"field":"file.elf.header.class","type":"keyword","description":"Header class of the ELF file."},{"field":"file.elf.header.data","type":"keyword","description":"Data table of the ELF header."},{"field":"file.elf.header.entrypoint","type":"long","description":"Header entrypoint of the ELF file."},{"field":"file.elf.header.object_version","type":"keyword","description":"0x1\" for original ELF files."},{"field":"file.elf.header.os_abi","type":"keyword","description":"Application Binary Interface (ABI) of the Linux OS."},{"field":"file.elf.header.type","type":"keyword","description":"Header type of the ELF file."},{"field":"file.elf.header.version","type":"keyword","description":"Version of the ELF header."},{"field":"file.elf.imports","type":"flattened","description":"List of imported element names and types."},{"field":"file.elf.sections","type":"nested","description":"Section information of the ELF file."},{"field":"file.elf.sections.chi2","type":"long","description":"Chi-square probability distribution of the section."},{"field":"file.elf.sections.entropy","type":"long","description":"Shannon entropy calculation from the section."},{"field":"file.elf.sections.flags","type":"keyword","description":"ELF Section List flags."},{"field":"file.elf.sections.name","type":"keyword","description":"ELF Section List name."},{"field":"file.elf.sections.physical_offset","type":"keyword","description":"ELF Section List offset."},{"field":"file.elf.sections.physical_size","type":"long","description":"ELF Section List physical size."},{"field":"file.elf.sections.type","type":"keyword","description":"ELF Section List type."},{"field":"file.elf.sections.virtual_address","type":"long","description":"ELF Section List virtual address."},{"field":"file.elf.sections.virtual_size","type":"long","description":"ELF Section List virtual size."},{"field":"file.elf.segments","type":"nested","description":"ELF object segment list."},{"field":"file.elf.segments.sections","type":"keyword","description":"ELF object segment sections."},{"field":"file.elf.segments.type","type":"keyword","description":"ELF object segment type."},{"field":"file.elf.shared_libraries","type":"keyword","description":"List of shared libraries used by this ELF object."},{"field":"file.elf.telfhash","type":"keyword","description":"telfhash hash for ELF file."},{"field":"file.extension","type":"keyword","description":"File extension, excluding the leading dot."},{"field":"file.fork_name","type":"keyword","description":"A fork is additional data associated with a filesystem object."},{"field":"file.gid","type":"keyword","description":"Primary group ID (GID) of the file."},{"field":"file.group","type":"keyword","description":"Primary group name of the file."},{"field":"file.hash.md5","type":"keyword","description":"MD5 hash."},{"field":"file.hash.sha1","type":"keyword","description":"SHA1 hash."},{"field":"file.hash.sha256","type":"keyword","description":"SHA256 hash."},{"field":"file.hash.sha512","type":"keyword","description":"SHA512 hash."},{"field":"file.hash.ssdeep","type":"keyword","description":"SSDEEP hash."},{"field":"file.inode","type":"keyword","description":"Inode representing the file in the filesystem."},{"field":"file.mime_type","type":"keyword","description":"Media type of file, document, or arrangement of bytes."},{"field":"file.mode","type":"keyword","description":"Mode of the file in octal representation."},{"field":"file.mtime","type":"date","description":"Last time the file content was modified."},{"field":"file.name","type":"keyword","description":"Name of the file including the extension, without the directory."},{"field":"file.owner","type":"keyword","description":"File owner's username."},{"field":"file.path","type":"keyword","description":"Full path to the file, including the file name."},{"field":"file.path.text","type":"match_only_text","description":"Full path to the file, including the file name."},{"field":"file.pe.architecture","type":"keyword","description":"CPU architecture target for the file."},{"field":"file.pe.company","type":"keyword","description":"Internal company name of the file, provided at compile-time."},{"field":"file.pe.description","type":"keyword","description":"Internal description of the file, provided at compile-time."},{"field":"file.pe.file_version","type":"keyword","description":"Process name."},{"field":"file.pe.imphash","type":"keyword","description":"A hash of the imports in a PE file."},{"field":"file.pe.original_file_name","type":"keyword","description":"Internal name of the file, provided at compile-time."},{"field":"file.pe.product","type":"keyword","description":"Internal product name of the file, provided at compile-time."},{"field":"file.size","type":"long","description":"File size in bytes."},{"field":"file.target_path","type":"keyword","description":"Target path for symlinks."},{"field":"file.target_path.text","type":"match_only_text","description":"Target path for symlinks."},{"field":"file.type","type":"keyword","description":"File type (file, dir, or symlink)."},{"field":"file.uid","type":"keyword","description":"The user ID (UID) or security identifier (SID) of the file owner."},{"field":"file.x509.alternative_names","type":"keyword","description":"List of subject alternative names (SAN)."},{"field":"file.x509.issuer.common_name","type":"keyword","description":"List of common name (CN) of issuing certificate authority."},{"field":"file.x509.issuer.country","type":"keyword","description":"List of country (C) codes"},{"field":"file.x509.issuer.distinguished_name","type":"keyword","description":"Distinguished name (DN) of issuing certificate authority."},{"field":"file.x509.issuer.locality","type":"keyword","description":"List of locality names (L)"},{"field":"file.x509.issuer.organization","type":"keyword","description":"List of organizations (O) of issuing certificate authority."},{"field":"file.x509.issuer.organizational_unit","type":"keyword","description":"List of organizational units (OU) of issuing certificate authority."},{"field":"file.x509.issuer.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"file.x509.not_after","type":"date","description":"Time at which the certificate is no longer considered valid."},{"field":"file.x509.not_before","type":"date","description":"Time at which the certificate is first considered valid."},{"field":"file.x509.public_key_algorithm","type":"keyword","description":"Algorithm used to generate the public key."},{"field":"file.x509.public_key_curve","type":"keyword","description":"The curve used by the elliptic curve public key algorithm. This is algorithm specific."},{"field":"file.x509.public_key_exponent","type":"long","description":"Exponent used to derive the public key. This is algorithm specific."},{"field":"file.x509.public_key_size","type":"long","description":"The size of the public key space in bits."},{"field":"file.x509.serial_number","type":"keyword","description":"Unique serial number issued by the certificate authority."},{"field":"file.x509.signature_algorithm","type":"keyword","description":"Identifier for certificate signature algorithm."},{"field":"file.x509.subject.common_name","type":"keyword","description":"List of common names (CN) of subject."},{"field":"file.x509.subject.country","type":"keyword","description":"List of country (C) code"},{"field":"file.x509.subject.distinguished_name","type":"keyword","description":"Distinguished name (DN) of the certificate subject entity."},{"field":"file.x509.subject.locality","type":"keyword","description":"List of locality names (L)"},{"field":"file.x509.subject.organization","type":"keyword","description":"List of organizations (O) of subject."},{"field":"file.x509.subject.organizational_unit","type":"keyword","description":"List of organizational units (OU) of subject."},{"field":"file.x509.subject.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"file.x509.version_number","type":"keyword","description":"Version of x509 format."},{"field":"group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"group.name","type":"keyword","description":"Name of the group."},{"field":"host.cpu.usage","type":"scaled_float","description":"Percent CPU used, between 0 and 1."},{"field":"host.disk.read.bytes","type":"long","description":"The number of bytes read by all disks."},{"field":"host.disk.write.bytes","type":"long","description":"The number of bytes written on all disks."},{"field":"host.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"host.geo.city_name","type":"keyword","description":"City name."},{"field":"host.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"host.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"host.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"host.geo.country_name","type":"keyword","description":"Country name."},{"field":"host.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"host.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"host.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"host.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"host.geo.region_name","type":"keyword","description":"Region name."},{"field":"host.geo.timezone","type":"keyword","description":"Time zone."},{"field":"host.name","type":"keyword","description":"Name of the host."},{"field":"host.network.egress.bytes","type":"long","description":"The number of bytes sent on all network interfaces."},{"field":"host.network.egress.packets","type":"long","description":"The number of packets sent on all network interfaces."},{"field":"host.network.ingress.bytes","type":"long","description":"The number of bytes received on all network interfaces."},{"field":"host.network.ingress.packets","type":"long","description":"The number of packets received on all network interfaces."},{"field":"host.os.full","type":"keyword","description":"Operating system name, including the version or code name."},{"field":"host.os.full.text","type":"match_only_text","description":"Operating system name, including the version or code name."},{"field":"host.os.name.text","type":"match_only_text","description":"Operating system name, without the version."},{"field":"host.os.platform","type":"keyword","description":"Operating system platform (such centos, ubuntu, windows)."},{"field":"host.type","type":"keyword","description":"Type of host."},{"field":"host.uptime","type":"long","description":"Seconds the host has been up."},{"field":"host.user.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"host.user.email","type":"keyword","description":"User email address."},{"field":"host.user.full_name","type":"keyword","description":"User's full name, if available."},{"field":"host.user.full_name.text","type":"match_only_text","description":"User's full name, if available."},{"field":"host.user.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"host.user.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"host.user.group.name","type":"keyword","description":"Name of the group."},{"field":"host.user.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"host.user.id","type":"keyword","description":"Unique identifier of the user."},{"field":"host.user.name","type":"keyword","description":"Short name or login of the user."},{"field":"host.user.name.text","type":"match_only_text","description":"Short name or login of the user."},{"field":"host.user.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"http.request.body.bytes","type":"long","description":"Size in bytes of the request body."},{"field":"http.request.body.content","type":"wildcard","description":"The full HTTP request body."},{"field":"http.request.body.content.text","type":"match_only_text","description":"The full HTTP request body."},{"field":"http.request.bytes","type":"long","description":"Total size in bytes of the request (body and headers)."},{"field":"http.request.id","type":"keyword","description":"HTTP request ID."},{"field":"http.request.method","type":"keyword","description":"HTTP request method."},{"field":"http.request.mime_type","type":"keyword","description":"Mime type of the body of the request."},{"field":"http.request.referrer","type":"keyword","description":"Referrer for this HTTP request."},{"field":"http.response.body.bytes","type":"long","description":"Size in bytes of the response body."},{"field":"http.response.body.content","type":"wildcard","description":"The full HTTP response body."},{"field":"http.response.body.content.text","type":"match_only_text","description":"The full HTTP response body."},{"field":"http.response.bytes","type":"long","description":"Total size in bytes of the response (body and headers)."},{"field":"http.response.mime_type","type":"keyword","description":"Mime type of the body of the response."},{"field":"http.response.status_code","type":"long","description":"HTTP response status code."},{"field":"http.version","type":"keyword","description":"HTTP version."},{"field":"log.file.path","type":"keyword","description":"Full path to the log file this event came from."},{"field":"log.level","type":"keyword","description":"Log level of the log event."},{"field":"log.logger","type":"keyword","description":"Name of the logger."},{"field":"log.origin.file.line","type":"integer","description":"The line number of the file which originated the log event."},{"field":"log.origin.file.name","type":"keyword","description":"The code file which originated the log event."},{"field":"log.origin.function","type":"keyword","description":"The function which originated the log event."},{"field":"log.original","type":"keyword","description":"Deprecated original log message with light interpretation only (encoding, newlines)."},{"field":"log.syslog","type":"object","description":"Syslog metadata"},{"field":"log.syslog.facility.code","type":"long","description":"Syslog numeric facility of the event."},{"field":"log.syslog.facility.name","type":"keyword","description":"Syslog text-based facility of the event."},{"field":"log.syslog.priority","type":"long","description":"Syslog priority of the event."},{"field":"log.syslog.severity.code","type":"long","description":"Syslog numeric severity of the event."},{"field":"log.syslog.severity.name","type":"keyword","description":"Syslog text-based severity of the event."},{"field":"network.application","type":"keyword","description":"Application level protocol name."},{"field":"network.bytes","type":"long","description":"Total bytes transferred in both directions."},{"field":"network.community_id","type":"keyword","description":"A hash of source and destination IPs and ports."},{"field":"network.direction","type":"keyword","description":"Direction of the network traffic."},{"field":"network.forwarded_ip","type":"ip","description":"Host IP address when the source IP address is the proxy."},{"field":"network.iana_number","type":"keyword","description":"IANA Protocol Number."},{"field":"network.inner","type":"object","description":"Inner VLAN tag information"},{"field":"network.inner.vlan.id","type":"keyword","description":"VLAN ID as reported by the observer."},{"field":"network.inner.vlan.name","type":"keyword","description":"Optional VLAN name as reported by the observer."},{"field":"network.name","type":"keyword","description":"Name given by operators to sections of their network."},{"field":"network.packets","type":"long","description":"Total packets transferred in both directions."},{"field":"network.protocol","type":"keyword","description":"L7 Network protocol name."},{"field":"network.transport","type":"keyword","description":"Protocol Name corresponding to the field `iana_number`."},{"field":"network.type","type":"keyword","description":"In the OSI Model this would be the Network Layer. ipv4, ipv6, ipsec, pim, etc"},{"field":"network.vlan.id","type":"keyword","description":"VLAN ID as reported by the observer."},{"field":"network.vlan.name","type":"keyword","description":"Optional VLAN name as reported by the observer."},{"field":"observer.egress","type":"object","description":"Object field for egress information"},{"field":"observer.egress.interface.alias","type":"keyword","description":"Interface alias"},{"field":"observer.egress.interface.id","type":"keyword","description":"Interface ID"},{"field":"observer.egress.interface.name","type":"keyword","description":"Interface name"},{"field":"observer.egress.vlan.id","type":"keyword","description":"VLAN ID as reported by the observer."},{"field":"observer.egress.vlan.name","type":"keyword","description":"Optional VLAN name as reported by the observer."},{"field":"observer.egress.zone","type":"keyword","description":"Observer Egress zone"},{"field":"observer.geo.city_name","type":"keyword","description":"City name."},{"field":"observer.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"observer.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"observer.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"observer.geo.country_name","type":"keyword","description":"Country name."},{"field":"observer.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"observer.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"observer.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"observer.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"observer.geo.region_name","type":"keyword","description":"Region name."},{"field":"observer.geo.timezone","type":"keyword","description":"Time zone."},{"field":"observer.hostname","type":"keyword","description":"Hostname of the observer."},{"field":"observer.ingress","type":"object","description":"Object field for ingress information"},{"field":"observer.ingress.interface.alias","type":"keyword","description":"Interface alias"},{"field":"observer.ingress.interface.id","type":"keyword","description":"Interface ID"},{"field":"observer.ingress.interface.name","type":"keyword","description":"Interface name"},{"field":"observer.ingress.vlan.id","type":"keyword","description":"VLAN ID as reported by the observer."},{"field":"observer.ingress.vlan.name","type":"keyword","description":"Optional VLAN name as reported by the observer."},{"field":"observer.ingress.zone","type":"keyword","description":"Observer ingress zone"},{"field":"observer.ip","type":"ip","description":"IP addresses of the observer."},{"field":"observer.mac","type":"keyword","description":"MAC addresses of the observer."},{"field":"observer.name","type":"keyword","description":"Custom name of the observer."},{"field":"observer.os.family","type":"keyword","description":"OS family (such as redhat, debian, freebsd, windows)."},{"field":"observer.os.full","type":"keyword","description":"Operating system name, including the version or code name."},{"field":"observer.os.full.text","type":"match_only_text","description":"Operating system name, including the version or code name."},{"field":"observer.os.kernel","type":"keyword","description":"Operating system kernel version as a raw string."},{"field":"observer.os.name","type":"keyword","description":"Operating system name, without the version."},{"field":"observer.os.name.text","type":"match_only_text","description":"Operating system name, without the version."},{"field":"observer.os.platform","type":"keyword","description":"Operating system platform (such centos, ubuntu, windows)."},{"field":"observer.os.type","type":"keyword","description":"Which commercial OS family (one of: linux, macos, unix or windows)."},{"field":"observer.os.version","type":"keyword","description":"Operating system version as a raw string."},{"field":"observer.product","type":"keyword","description":"The product name of the observer."},{"field":"observer.serial_number","type":"keyword","description":"Observer serial number."},{"field":"observer.type","type":"keyword","description":"The type of the observer the data is coming from."},{"field":"observer.vendor","type":"keyword","description":"Vendor name of the observer."},{"field":"observer.version","type":"keyword","description":"Observer version."},{"field":"orchestrator.api_version","type":"keyword","description":"API version being used to carry out the action"},{"field":"orchestrator.cluster.name","type":"keyword","description":"Name of the cluster."},{"field":"orchestrator.cluster.url","type":"keyword","description":"URL of the API used to manage the cluster."},{"field":"orchestrator.cluster.version","type":"keyword","description":"The version of the cluster."},{"field":"orchestrator.namespace","type":"keyword","description":"Namespace in which the action is taking place."},{"field":"orchestrator.organization","type":"keyword","description":"Organization affected by the event (for multi-tenant orchestrator setups)."},{"field":"orchestrator.resource.name","type":"keyword","description":"Name of the resource being acted upon."},{"field":"orchestrator.resource.type","type":"keyword","description":"Type of resource being acted upon."},{"field":"orchestrator.type","type":"keyword","description":"Orchestrator cluster type (e.g. kubernetes, nomad or cloudfoundry)."},{"field":"organization.id","type":"keyword","description":"Unique identifier for the organization."},{"field":"organization.name","type":"keyword","description":"Organization name."},{"field":"organization.name.text","type":"match_only_text","description":"Organization name."},{"field":"package.architecture","type":"keyword","description":"Package architecture."},{"field":"package.build_version","type":"keyword","description":"Build version information"},{"field":"package.checksum","type":"keyword","description":"Checksum of the installed package for verification."},{"field":"package.description","type":"keyword","description":"Description of the package."},{"field":"package.install_scope","type":"keyword","description":"Indicating how the package was installed, e.g. user-local, global."},{"field":"package.installed","type":"date","description":"Time when package was installed."},{"field":"package.license","type":"keyword","description":"Package license"},{"field":"package.name","type":"keyword","description":"Package name"},{"field":"package.path","type":"keyword","description":"Path where the package is installed."},{"field":"package.reference","type":"keyword","description":"Package home page or reference URL"},{"field":"package.size","type":"long","description":"Package size in bytes."},{"field":"package.type","type":"keyword","description":"Package type"},{"field":"package.version","type":"keyword","description":"Package version"},{"field":"process.args","type":"keyword","description":"Array of process arguments."},{"field":"process.args_count","type":"long","description":"Length of the process.args array."},{"field":"process.code_signature.digest_algorithm","type":"keyword","description":"Hashing algorithm used to sign the process."},{"field":"process.code_signature.exists","type":"boolean","description":"Boolean to capture if a signature is present."},{"field":"process.code_signature.signing_id","type":"keyword","description":"The identifier used to sign the process."},{"field":"process.code_signature.status","type":"keyword","description":"Additional information about the certificate status."},{"field":"process.code_signature.subject_name","type":"keyword","description":"Subject name of the code signer"},{"field":"process.code_signature.team_id","type":"keyword","description":"The team identifier used to sign the process."},{"field":"process.code_signature.timestamp","type":"date","description":"When the signature was generated and signed."},{"field":"process.code_signature.trusted","type":"boolean","description":"Stores the trust status of the certificate chain."},{"field":"process.code_signature.valid","type":"boolean","description":"Boolean to capture if the digital signature is verified against the binary content."},{"field":"process.command_line","type":"wildcard","description":"Full command line that started the process."},{"field":"process.command_line.text","type":"match_only_text","description":"Full command line that started the process."},{"field":"process.elf.architecture","type":"keyword","description":"Machine architecture of the ELF file."},{"field":"process.elf.byte_order","type":"keyword","description":"Byte sequence of ELF file."},{"field":"process.elf.cpu_type","type":"keyword","description":"CPU type of the ELF file."},{"field":"process.elf.creation_date","type":"date","description":"Build or compile date."},{"field":"process.elf.exports","type":"flattened","description":"List of exported element names and types."},{"field":"process.elf.header.abi_version","type":"keyword","description":"Version of the ELF Application Binary Interface (ABI)."},{"field":"process.elf.header.class","type":"keyword","description":"Header class of the ELF file."},{"field":"process.elf.header.data","type":"keyword","description":"Data table of the ELF header."},{"field":"process.elf.header.entrypoint","type":"long","description":"Header entrypoint of the ELF file."},{"field":"process.elf.header.object_version","type":"keyword","description":"0x1\" for original ELF files."},{"field":"process.elf.header.os_abi","type":"keyword","description":"Application Binary Interface (ABI) of the Linux OS."},{"field":"process.elf.header.type","type":"keyword","description":"Header type of the ELF file."},{"field":"process.elf.header.version","type":"keyword","description":"Version of the ELF header."},{"field":"process.elf.imports","type":"flattened","description":"List of imported element names and types."},{"field":"process.elf.sections","type":"nested","description":"Section information of the ELF file."},{"field":"process.elf.sections.chi2","type":"long","description":"Chi-square probability distribution of the section."},{"field":"process.elf.sections.entropy","type":"long","description":"Shannon entropy calculation from the section."},{"field":"process.elf.sections.flags","type":"keyword","description":"ELF Section List flags."},{"field":"process.elf.sections.name","type":"keyword","description":"ELF Section List name."},{"field":"process.elf.sections.physical_offset","type":"keyword","description":"ELF Section List offset."},{"field":"process.elf.sections.physical_size","type":"long","description":"ELF Section List physical size."},{"field":"process.elf.sections.type","type":"keyword","description":"ELF Section List type."},{"field":"process.elf.sections.virtual_address","type":"long","description":"ELF Section List virtual address."},{"field":"process.elf.sections.virtual_size","type":"long","description":"ELF Section List virtual size."},{"field":"process.elf.segments","type":"nested","description":"ELF object segment list."},{"field":"process.elf.segments.sections","type":"keyword","description":"ELF object segment sections."},{"field":"process.elf.segments.type","type":"keyword","description":"ELF object segment type."},{"field":"process.elf.shared_libraries","type":"keyword","description":"List of shared libraries used by this ELF object."},{"field":"process.elf.telfhash","type":"keyword","description":"telfhash hash for ELF file."},{"field":"process.end","type":"date","description":"The time the process ended."},{"field":"process.entity_id","type":"keyword","description":"Unique identifier for the process."},{"field":"process.executable","type":"keyword","description":"Absolute path to the process executable."},{"field":"process.executable.text","type":"match_only_text","description":"Absolute path to the process executable."},{"field":"process.exit_code","type":"long","description":"The exit code of the process."},{"field":"process.hash.md5","type":"keyword","description":"MD5 hash."},{"field":"process.hash.sha1","type":"keyword","description":"SHA1 hash."},{"field":"process.hash.sha256","type":"keyword","description":"SHA256 hash."},{"field":"process.hash.sha512","type":"keyword","description":"SHA512 hash."},{"field":"process.hash.ssdeep","type":"keyword","description":"SSDEEP hash."},{"field":"process.name","type":"keyword","description":"Process name."},{"field":"process.name.text","type":"match_only_text","description":"Process name."},{"field":"process.parent.args","type":"keyword","description":"Array of process arguments."},{"field":"process.parent.args_count","type":"long","description":"Length of the process.args array."},{"field":"process.parent.code_signature.digest_algorithm","type":"keyword","description":"Hashing algorithm used to sign the process."},{"field":"process.parent.code_signature.exists","type":"boolean","description":"Boolean to capture if a signature is present."},{"field":"process.parent.code_signature.signing_id","type":"keyword","description":"The identifier used to sign the process."},{"field":"process.parent.code_signature.status","type":"keyword","description":"Additional information about the certificate status."},{"field":"process.parent.code_signature.subject_name","type":"keyword","description":"Subject name of the code signer"},{"field":"process.parent.code_signature.team_id","type":"keyword","description":"The team identifier used to sign the process."},{"field":"process.parent.code_signature.timestamp","type":"date","description":"When the signature was generated and signed."},{"field":"process.parent.code_signature.trusted","type":"boolean","description":"Stores the trust status of the certificate chain."},{"field":"process.parent.code_signature.valid","type":"boolean","description":"Boolean to capture if the digital signature is verified against the binary content."},{"field":"process.parent.command_line","type":"wildcard","description":"Full command line that started the process."},{"field":"process.parent.command_line.text","type":"match_only_text","description":"Full command line that started the process."},{"field":"process.parent.elf.architecture","type":"keyword","description":"Machine architecture of the ELF file."},{"field":"process.parent.elf.byte_order","type":"keyword","description":"Byte sequence of ELF file."},{"field":"process.parent.elf.cpu_type","type":"keyword","description":"CPU type of the ELF file."},{"field":"process.parent.elf.creation_date","type":"date","description":"Build or compile date."},{"field":"process.parent.elf.exports","type":"flattened","description":"List of exported element names and types."},{"field":"process.parent.elf.header.abi_version","type":"keyword","description":"Version of the ELF Application Binary Interface (ABI)."},{"field":"process.parent.elf.header.class","type":"keyword","description":"Header class of the ELF file."},{"field":"process.parent.elf.header.data","type":"keyword","description":"Data table of the ELF header."},{"field":"process.parent.elf.header.entrypoint","type":"long","description":"Header entrypoint of the ELF file."},{"field":"process.parent.elf.header.object_version","type":"keyword","description":"0x1\" for original ELF files."},{"field":"process.parent.elf.header.os_abi","type":"keyword","description":"Application Binary Interface (ABI) of the Linux OS."},{"field":"process.parent.elf.header.type","type":"keyword","description":"Header type of the ELF file."},{"field":"process.parent.elf.header.version","type":"keyword","description":"Version of the ELF header."},{"field":"process.parent.elf.imports","type":"flattened","description":"List of imported element names and types."},{"field":"process.parent.elf.sections","type":"nested","description":"Section information of the ELF file."},{"field":"process.parent.elf.sections.chi2","type":"long","description":"Chi-square probability distribution of the section."},{"field":"process.parent.elf.sections.entropy","type":"long","description":"Shannon entropy calculation from the section."},{"field":"process.parent.elf.sections.flags","type":"keyword","description":"ELF Section List flags."},{"field":"process.parent.elf.sections.name","type":"keyword","description":"ELF Section List name."},{"field":"process.parent.elf.sections.physical_offset","type":"keyword","description":"ELF Section List offset."},{"field":"process.parent.elf.sections.physical_size","type":"long","description":"ELF Section List physical size."},{"field":"process.parent.elf.sections.type","type":"keyword","description":"ELF Section List type."},{"field":"process.parent.elf.sections.virtual_address","type":"long","description":"ELF Section List virtual address."},{"field":"process.parent.elf.sections.virtual_size","type":"long","description":"ELF Section List virtual size."},{"field":"process.parent.elf.segments","type":"nested","description":"ELF object segment list."},{"field":"process.parent.elf.segments.sections","type":"keyword","description":"ELF object segment sections."},{"field":"process.parent.elf.segments.type","type":"keyword","description":"ELF object segment type."},{"field":"process.parent.elf.shared_libraries","type":"keyword","description":"List of shared libraries used by this ELF object."},{"field":"process.parent.elf.telfhash","type":"keyword","description":"telfhash hash for ELF file."},{"field":"process.parent.end","type":"date","description":"The time the process ended."},{"field":"process.parent.entity_id","type":"keyword","description":"Unique identifier for the process."},{"field":"process.parent.executable","type":"keyword","description":"Absolute path to the process executable."},{"field":"process.parent.executable.text","type":"match_only_text","description":"Absolute path to the process executable."},{"field":"process.parent.exit_code","type":"long","description":"The exit code of the process."},{"field":"process.parent.hash.md5","type":"keyword","description":"MD5 hash."},{"field":"process.parent.hash.sha1","type":"keyword","description":"SHA1 hash."},{"field":"process.parent.hash.sha256","type":"keyword","description":"SHA256 hash."},{"field":"process.parent.hash.sha512","type":"keyword","description":"SHA512 hash."},{"field":"process.parent.hash.ssdeep","type":"keyword","description":"SSDEEP hash."},{"field":"process.parent.name","type":"keyword","description":"Process name."},{"field":"process.parent.name.text","type":"match_only_text","description":"Process name."},{"field":"process.parent.pe.architecture","type":"keyword","description":"CPU architecture target for the file."},{"field":"process.parent.pe.company","type":"keyword","description":"Internal company name of the file, provided at compile-time."},{"field":"process.parent.pe.description","type":"keyword","description":"Internal description of the file, provided at compile-time."},{"field":"process.parent.pe.file_version","type":"keyword","description":"Process name."},{"field":"process.parent.pe.imphash","type":"keyword","description":"A hash of the imports in a PE file."},{"field":"process.parent.pe.original_file_name","type":"keyword","description":"Internal name of the file, provided at compile-time."},{"field":"process.parent.pe.product","type":"keyword","description":"Internal product name of the file, provided at compile-time."},{"field":"process.parent.pgid","type":"long","description":"Identifier of the group of processes the process belongs to."},{"field":"process.parent.pid","type":"long","description":"Process id."},{"field":"process.parent.ppid","type":"long","description":"Parent process' pid."},{"field":"process.parent.start","type":"date","description":"The time the process started."},{"field":"process.parent.thread.id","type":"long","description":"Thread ID."},{"field":"process.parent.thread.name","type":"keyword","description":"Thread name."},{"field":"process.parent.title","type":"keyword","description":"Process title."},{"field":"process.parent.title.text","type":"match_only_text","description":"Process title."},{"field":"process.parent.uptime","type":"long","description":"Seconds the process has been up."},{"field":"process.parent.working_directory","type":"keyword","description":"The working directory of the process."},{"field":"process.parent.working_directory.text","type":"match_only_text","description":"The working directory of the process."},{"field":"process.pe.architecture","type":"keyword","description":"CPU architecture target for the file."},{"field":"process.pe.company","type":"keyword","description":"Internal company name of the file, provided at compile-time."},{"field":"process.pe.description","type":"keyword","description":"Internal description of the file, provided at compile-time."},{"field":"process.pe.file_version","type":"keyword","description":"Process name."},{"field":"process.pe.imphash","type":"keyword","description":"A hash of the imports in a PE file."},{"field":"process.pe.original_file_name","type":"keyword","description":"Internal name of the file, provided at compile-time."},{"field":"process.pe.product","type":"keyword","description":"Internal product name of the file, provided at compile-time."},{"field":"process.pgid","type":"long","description":"Identifier of the group of processes the process belongs to."},{"field":"process.pid","type":"long","description":"Process id."},{"field":"process.ppid","type":"long","description":"Parent process' pid."},{"field":"process.start","type":"date","description":"The time the process started."},{"field":"process.thread.id","type":"long","description":"Thread ID."},{"field":"process.thread.name","type":"keyword","description":"Thread name."},{"field":"process.title","type":"keyword","description":"Process title."},{"field":"process.title.text","type":"match_only_text","description":"Process title."},{"field":"process.uptime","type":"long","description":"Seconds the process has been up."},{"field":"process.working_directory","type":"keyword","description":"The working directory of the process."},{"field":"process.working_directory.text","type":"match_only_text","description":"The working directory of the process."},{"field":"registry.data.bytes","type":"keyword","description":"Original bytes written with base64 encoding."},{"field":"registry.data.strings","type":"wildcard","description":"List of strings representing what was written to the registry."},{"field":"registry.data.type","type":"keyword","description":"Standard registry type for encoding contents"},{"field":"registry.hive","type":"keyword","description":"Abbreviated name for the hive."},{"field":"registry.key","type":"keyword","description":"Hive-relative path of keys."},{"field":"registry.path","type":"keyword","description":"Full path, including hive, key and value"},{"field":"registry.value","type":"keyword","description":"Name of the value written."},{"field":"related.hash","type":"keyword","description":"All the hashes seen on your event."},{"field":"related.hosts","type":"keyword","description":"All the host identifiers seen on your event."},{"field":"related.ip","type":"ip","description":"All of the IPs seen on your event."},{"field":"related.user","type":"keyword","description":"All the user names or other user identifiers seen on the event."},{"field":"rule.author","type":"keyword","description":"Rule author"},{"field":"rule.category","type":"keyword","description":"Rule category"},{"field":"rule.description","type":"keyword","description":"Rule description"},{"field":"rule.id","type":"keyword","description":"Rule ID"},{"field":"rule.license","type":"keyword","description":"Rule license"},{"field":"rule.name","type":"keyword","description":"Rule name"},{"field":"rule.reference","type":"keyword","description":"Rule reference URL"},{"field":"rule.ruleset","type":"keyword","description":"Rule ruleset"},{"field":"rule.uuid","type":"keyword","description":"Rule UUID"},{"field":"rule.version","type":"keyword","description":"Rule version"},{"field":"server.address","type":"keyword","description":"Server network address."},{"field":"server.as.number","type":"long","description":"Unique number allocated to the autonomous system."},{"field":"server.as.organization.name","type":"keyword","description":"Organization name."},{"field":"server.as.organization.name.text","type":"match_only_text","description":"Organization name."},{"field":"server.bytes","type":"long","description":"Bytes sent from the server to the client."},{"field":"server.domain","type":"keyword","description":"Server domain."},{"field":"server.geo.city_name","type":"keyword","description":"City name."},{"field":"server.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"server.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"server.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"server.geo.country_name","type":"keyword","description":"Country name."},{"field":"server.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"server.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"server.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"server.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"server.geo.region_name","type":"keyword","description":"Region name."},{"field":"server.geo.timezone","type":"keyword","description":"Time zone."},{"field":"server.ip","type":"ip","description":"IP address of the server."},{"field":"server.mac","type":"keyword","description":"MAC address of the server."},{"field":"server.nat.ip","type":"ip","description":"Server NAT ip"},{"field":"server.nat.port","type":"long","description":"Server NAT port"},{"field":"server.packets","type":"long","description":"Packets sent from the server to the client."},{"field":"server.port","type":"long","description":"Port of the server."},{"field":"server.registered_domain","type":"keyword","description":"The highest registered server domain, stripped of the subdomain."},{"field":"server.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"server.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"server.user.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"server.user.email","type":"keyword","description":"User email address."},{"field":"server.user.full_name","type":"keyword","description":"User's full name, if available."},{"field":"server.user.full_name.text","type":"match_only_text","description":"User's full name, if available."},{"field":"server.user.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"server.user.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"server.user.group.name","type":"keyword","description":"Name of the group."},{"field":"server.user.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"server.user.id","type":"keyword","description":"Unique identifier of the user."},{"field":"server.user.name","type":"keyword","description":"Short name or login of the user."},{"field":"server.user.name.text","type":"match_only_text","description":"Short name or login of the user."},{"field":"server.user.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"service.address","type":"keyword","description":"Address of this service."},{"field":"service.environment","type":"keyword","description":"Environment of the service."},{"field":"service.ephemeral_id","type":"keyword","description":"Ephemeral identifier of this service."},{"field":"service.id","type":"keyword","description":"Unique identifier of the running service."},{"field":"service.name","type":"keyword","description":"Name of the service."},{"field":"service.node.name","type":"keyword","description":"Name of the service node."},{"field":"service.state","type":"keyword","description":"Current state of the service."},{"field":"service.type","type":"keyword","description":"The type of the service."},{"field":"service.version","type":"keyword","description":"Version of the service."},{"field":"source.address","type":"keyword","description":"Source network address."},{"field":"source.as.number","type":"long","description":"Unique number allocated to the autonomous system."},{"field":"source.as.organization.name","type":"keyword","description":"Organization name."},{"field":"source.as.organization.name.text","type":"match_only_text","description":"Organization name."},{"field":"source.bytes","type":"long","description":"Bytes sent from the source to the destination."},{"field":"source.domain","type":"keyword","description":"Source domain."},{"field":"source.geo.city_name","type":"keyword","description":"City name."},{"field":"source.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"source.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"source.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"source.geo.country_name","type":"keyword","description":"Country name."},{"field":"source.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"source.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"source.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"source.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"source.geo.region_name","type":"keyword","description":"Region name."},{"field":"source.geo.timezone","type":"keyword","description":"Time zone."},{"field":"source.ip","type":"ip","description":"IP address of the source."},{"field":"source.mac","type":"keyword","description":"MAC address of the source."},{"field":"source.nat.ip","type":"ip","description":"Source NAT ip"},{"field":"source.nat.port","type":"long","description":"Source NAT port"},{"field":"source.packets","type":"long","description":"Packets sent from the source to the destination."},{"field":"source.port","type":"long","description":"Port of the source."},{"field":"source.registered_domain","type":"keyword","description":"The highest registered source domain, stripped of the subdomain."},{"field":"source.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"source.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"source.user.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"source.user.email","type":"keyword","description":"User email address."},{"field":"source.user.full_name","type":"keyword","description":"User's full name, if available."},{"field":"source.user.full_name.text","type":"match_only_text","description":"User's full name, if available."},{"field":"source.user.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"source.user.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"source.user.group.name","type":"keyword","description":"Name of the group."},{"field":"source.user.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"source.user.id","type":"keyword","description":"Unique identifier of the user."},{"field":"source.user.name","type":"keyword","description":"Short name or login of the user."},{"field":"source.user.name.text","type":"match_only_text","description":"Short name or login of the user."},{"field":"source.user.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"span.id","type":"keyword","description":"Unique identifier of the span within the scope of its trace."},{"field":"threat.enrichments","type":"nested","description":"List of objects containing indicators enriching the event."},{"field":"threat.enrichments.indicator","type":"object","description":"Object containing indicators enriching the event."},{"field":"threat.enrichments.indicator.as.number","type":"long","description":"Unique number allocated to the autonomous system."},{"field":"threat.enrichments.indicator.as.organization.name","type":"keyword","description":"Organization name."},{"field":"threat.enrichments.indicator.as.organization.name.text","type":"match_only_text","description":"Organization name."},{"field":"threat.enrichments.indicator.confidence","type":"keyword","description":"Indicator confidence rating"},{"field":"threat.enrichments.indicator.description","type":"keyword","description":"Indicator description"},{"field":"threat.enrichments.indicator.email.address","type":"keyword","description":"Indicator email address"},{"field":"threat.enrichments.indicator.file.accessed","type":"date","description":"Last time the file was accessed."},{"field":"threat.enrichments.indicator.file.attributes","type":"keyword","description":"Array of file attributes."},{"field":"threat.enrichments.indicator.file.code_signature.digest_algorithm","type":"keyword","description":"Hashing algorithm used to sign the process."},{"field":"threat.enrichments.indicator.file.code_signature.exists","type":"boolean","description":"Boolean to capture if a signature is present."},{"field":"threat.enrichments.indicator.file.code_signature.signing_id","type":"keyword","description":"The identifier used to sign the process."},{"field":"threat.enrichments.indicator.file.code_signature.status","type":"keyword","description":"Additional information about the certificate status."},{"field":"threat.enrichments.indicator.file.code_signature.subject_name","type":"keyword","description":"Subject name of the code signer"},{"field":"threat.enrichments.indicator.file.code_signature.team_id","type":"keyword","description":"The team identifier used to sign the process."},{"field":"threat.enrichments.indicator.file.code_signature.timestamp","type":"date","description":"When the signature was generated and signed."},{"field":"threat.enrichments.indicator.file.code_signature.trusted","type":"boolean","description":"Stores the trust status of the certificate chain."},{"field":"threat.enrichments.indicator.file.code_signature.valid","type":"boolean","description":"Boolean to capture if the digital signature is verified against the binary content."},{"field":"threat.enrichments.indicator.file.created","type":"date","description":"File creation time."},{"field":"threat.enrichments.indicator.file.ctime","type":"date","description":"Last time the file attributes or metadata changed."},{"field":"threat.enrichments.indicator.file.device","type":"keyword","description":"Device that is the source of the file."},{"field":"threat.enrichments.indicator.file.directory","type":"keyword","description":"Directory where the file is located."},{"field":"threat.enrichments.indicator.file.drive_letter","type":"keyword","description":"Drive letter where the file is located."},{"field":"threat.enrichments.indicator.file.elf.architecture","type":"keyword","description":"Machine architecture of the ELF file."},{"field":"threat.enrichments.indicator.file.elf.byte_order","type":"keyword","description":"Byte sequence of ELF file."},{"field":"threat.enrichments.indicator.file.elf.cpu_type","type":"keyword","description":"CPU type of the ELF file."},{"field":"threat.enrichments.indicator.file.elf.creation_date","type":"date","description":"Build or compile date."},{"field":"threat.enrichments.indicator.file.elf.exports","type":"flattened","description":"List of exported element names and types."},{"field":"threat.enrichments.indicator.file.elf.header.abi_version","type":"keyword","description":"Version of the ELF Application Binary Interface (ABI)."},{"field":"threat.enrichments.indicator.file.elf.header.class","type":"keyword","description":"Header class of the ELF file."},{"field":"threat.enrichments.indicator.file.elf.header.data","type":"keyword","description":"Data table of the ELF header."},{"field":"threat.enrichments.indicator.file.elf.header.entrypoint","type":"long","description":"Header entrypoint of the ELF file."},{"field":"threat.enrichments.indicator.file.elf.header.object_version","type":"keyword","description":"0x1\" for original ELF files."},{"field":"threat.enrichments.indicator.file.elf.header.os_abi","type":"keyword","description":"Application Binary Interface (ABI) of the Linux OS."},{"field":"threat.enrichments.indicator.file.elf.header.type","type":"keyword","description":"Header type of the ELF file."},{"field":"threat.enrichments.indicator.file.elf.header.version","type":"keyword","description":"Version of the ELF header."},{"field":"threat.enrichments.indicator.file.elf.imports","type":"flattened","description":"List of imported element names and types."},{"field":"threat.enrichments.indicator.file.elf.sections","type":"nested","description":"Section information of the ELF file."},{"field":"threat.enrichments.indicator.file.elf.sections.chi2","type":"long","description":"Chi-square probability distribution of the section."},{"field":"threat.enrichments.indicator.file.elf.sections.entropy","type":"long","description":"Shannon entropy calculation from the section."},{"field":"threat.enrichments.indicator.file.elf.sections.flags","type":"keyword","description":"ELF Section List flags."},{"field":"threat.enrichments.indicator.file.elf.sections.name","type":"keyword","description":"ELF Section List name."},{"field":"threat.enrichments.indicator.file.elf.sections.physical_offset","type":"keyword","description":"ELF Section List offset."},{"field":"threat.enrichments.indicator.file.elf.sections.physical_size","type":"long","description":"ELF Section List physical size."},{"field":"threat.enrichments.indicator.file.elf.sections.type","type":"keyword","description":"ELF Section List type."},{"field":"threat.enrichments.indicator.file.elf.sections.virtual_address","type":"long","description":"ELF Section List virtual address."},{"field":"threat.enrichments.indicator.file.elf.sections.virtual_size","type":"long","description":"ELF Section List virtual size."},{"field":"threat.enrichments.indicator.file.elf.segments","type":"nested","description":"ELF object segment list."},{"field":"threat.enrichments.indicator.file.elf.segments.sections","type":"keyword","description":"ELF object segment sections."},{"field":"threat.enrichments.indicator.file.elf.segments.type","type":"keyword","description":"ELF object segment type."},{"field":"threat.enrichments.indicator.file.elf.shared_libraries","type":"keyword","description":"List of shared libraries used by this ELF object."},{"field":"threat.enrichments.indicator.file.elf.telfhash","type":"keyword","description":"telfhash hash for ELF file."},{"field":"threat.enrichments.indicator.file.extension","type":"keyword","description":"File extension, excluding the leading dot."},{"field":"threat.enrichments.indicator.file.fork_name","type":"keyword","description":"A fork is additional data associated with a filesystem object."},{"field":"threat.enrichments.indicator.file.gid","type":"keyword","description":"Primary group ID (GID) of the file."},{"field":"threat.enrichments.indicator.file.group","type":"keyword","description":"Primary group name of the file."},{"field":"threat.enrichments.indicator.file.hash.md5","type":"keyword","description":"MD5 hash."},{"field":"threat.enrichments.indicator.file.hash.sha1","type":"keyword","description":"SHA1 hash."},{"field":"threat.enrichments.indicator.file.hash.sha256","type":"keyword","description":"SHA256 hash."},{"field":"threat.enrichments.indicator.file.hash.sha512","type":"keyword","description":"SHA512 hash."},{"field":"threat.enrichments.indicator.file.hash.ssdeep","type":"keyword","description":"SSDEEP hash."},{"field":"threat.enrichments.indicator.file.inode","type":"keyword","description":"Inode representing the file in the filesystem."},{"field":"threat.enrichments.indicator.file.mime_type","type":"keyword","description":"Media type of file, document, or arrangement of bytes."},{"field":"threat.enrichments.indicator.file.mode","type":"keyword","description":"Mode of the file in octal representation."},{"field":"threat.enrichments.indicator.file.mtime","type":"date","description":"Last time the file content was modified."},{"field":"threat.enrichments.indicator.file.name","type":"keyword","description":"Name of the file including the extension, without the directory."},{"field":"threat.enrichments.indicator.file.owner","type":"keyword","description":"File owner's username."},{"field":"threat.enrichments.indicator.file.path","type":"keyword","description":"Full path to the file, including the file name."},{"field":"threat.enrichments.indicator.file.path.text","type":"match_only_text","description":"Full path to the file, including the file name."},{"field":"threat.enrichments.indicator.file.pe.architecture","type":"keyword","description":"CPU architecture target for the file."},{"field":"threat.enrichments.indicator.file.pe.company","type":"keyword","description":"Internal company name of the file, provided at compile-time."},{"field":"threat.enrichments.indicator.file.pe.description","type":"keyword","description":"Internal description of the file, provided at compile-time."},{"field":"threat.enrichments.indicator.file.pe.file_version","type":"keyword","description":"Process name."},{"field":"threat.enrichments.indicator.file.pe.imphash","type":"keyword","description":"A hash of the imports in a PE file."},{"field":"threat.enrichments.indicator.file.pe.original_file_name","type":"keyword","description":"Internal name of the file, provided at compile-time."},{"field":"threat.enrichments.indicator.file.pe.product","type":"keyword","description":"Internal product name of the file, provided at compile-time."},{"field":"threat.enrichments.indicator.file.size","type":"long","description":"File size in bytes."},{"field":"threat.enrichments.indicator.file.target_path","type":"keyword","description":"Target path for symlinks."},{"field":"threat.enrichments.indicator.file.target_path.text","type":"match_only_text","description":"Target path for symlinks."},{"field":"threat.enrichments.indicator.file.type","type":"keyword","description":"File type (file, dir, or symlink)."},{"field":"threat.enrichments.indicator.file.uid","type":"keyword","description":"The user ID (UID) or security identifier (SID) of the file owner."},{"field":"threat.enrichments.indicator.file.x509.alternative_names","type":"keyword","description":"List of subject alternative names (SAN)."},{"field":"threat.enrichments.indicator.file.x509.issuer.common_name","type":"keyword","description":"List of common name (CN) of issuing certificate authority."},{"field":"threat.enrichments.indicator.file.x509.issuer.country","type":"keyword","description":"List of country (C) codes"},{"field":"threat.enrichments.indicator.file.x509.issuer.distinguished_name","type":"keyword","description":"Distinguished name (DN) of issuing certificate authority."},{"field":"threat.enrichments.indicator.file.x509.issuer.locality","type":"keyword","description":"List of locality names (L)"},{"field":"threat.enrichments.indicator.file.x509.issuer.organization","type":"keyword","description":"List of organizations (O) of issuing certificate authority."},{"field":"threat.enrichments.indicator.file.x509.issuer.organizational_unit","type":"keyword","description":"List of organizational units (OU) of issuing certificate authority."},{"field":"threat.enrichments.indicator.file.x509.issuer.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"threat.enrichments.indicator.file.x509.not_after","type":"date","description":"Time at which the certificate is no longer considered valid."},{"field":"threat.enrichments.indicator.file.x509.not_before","type":"date","description":"Time at which the certificate is first considered valid."},{"field":"threat.enrichments.indicator.file.x509.public_key_algorithm","type":"keyword","description":"Algorithm used to generate the public key."},{"field":"threat.enrichments.indicator.file.x509.public_key_curve","type":"keyword","description":"The curve used by the elliptic curve public key algorithm. This is algorithm specific."},{"field":"threat.enrichments.indicator.file.x509.public_key_exponent","type":"long","description":"Exponent used to derive the public key. This is algorithm specific."},{"field":"threat.enrichments.indicator.file.x509.public_key_size","type":"long","description":"The size of the public key space in bits."},{"field":"threat.enrichments.indicator.file.x509.serial_number","type":"keyword","description":"Unique serial number issued by the certificate authority."},{"field":"threat.enrichments.indicator.file.x509.signature_algorithm","type":"keyword","description":"Identifier for certificate signature algorithm."},{"field":"threat.enrichments.indicator.file.x509.subject.common_name","type":"keyword","description":"List of common names (CN) of subject."},{"field":"threat.enrichments.indicator.file.x509.subject.country","type":"keyword","description":"List of country (C) code"},{"field":"threat.enrichments.indicator.file.x509.subject.distinguished_name","type":"keyword","description":"Distinguished name (DN) of the certificate subject entity."},{"field":"threat.enrichments.indicator.file.x509.subject.locality","type":"keyword","description":"List of locality names (L)"},{"field":"threat.enrichments.indicator.file.x509.subject.organization","type":"keyword","description":"List of organizations (O) of subject."},{"field":"threat.enrichments.indicator.file.x509.subject.organizational_unit","type":"keyword","description":"List of organizational units (OU) of subject."},{"field":"threat.enrichments.indicator.file.x509.subject.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"threat.enrichments.indicator.file.x509.version_number","type":"keyword","description":"Version of x509 format."},{"field":"threat.enrichments.indicator.first_seen","type":"date","description":"Date/time indicator was first reported."},{"field":"threat.enrichments.indicator.geo.city_name","type":"keyword","description":"City name."},{"field":"threat.enrichments.indicator.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"threat.enrichments.indicator.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"threat.enrichments.indicator.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"threat.enrichments.indicator.geo.country_name","type":"keyword","description":"Country name."},{"field":"threat.enrichments.indicator.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"threat.enrichments.indicator.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"threat.enrichments.indicator.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"threat.enrichments.indicator.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"threat.enrichments.indicator.geo.region_name","type":"keyword","description":"Region name."},{"field":"threat.enrichments.indicator.geo.timezone","type":"keyword","description":"Time zone."},{"field":"threat.enrichments.indicator.ip","type":"ip","description":"Indicator IP address"},{"field":"threat.enrichments.indicator.last_seen","type":"date","description":"Date/time indicator was last reported."},{"field":"threat.enrichments.indicator.marking.tlp","type":"keyword","description":"Indicator TLP marking"},{"field":"threat.enrichments.indicator.modified_at","type":"date","description":"Date/time indicator was last updated."},{"field":"threat.enrichments.indicator.port","type":"long","description":"Indicator port"},{"field":"threat.enrichments.indicator.provider","type":"keyword","description":"Indicator provider"},{"field":"threat.enrichments.indicator.reference","type":"keyword","description":"Indicator reference URL"},{"field":"threat.enrichments.indicator.registry.data.bytes","type":"keyword","description":"Original bytes written with base64 encoding."},{"field":"threat.enrichments.indicator.registry.data.strings","type":"wildcard","description":"List of strings representing what was written to the registry."},{"field":"threat.enrichments.indicator.registry.data.type","type":"keyword","description":"Standard registry type for encoding contents"},{"field":"threat.enrichments.indicator.registry.hive","type":"keyword","description":"Abbreviated name for the hive."},{"field":"threat.enrichments.indicator.registry.key","type":"keyword","description":"Hive-relative path of keys."},{"field":"threat.enrichments.indicator.registry.path","type":"keyword","description":"Full path, including hive, key and value"},{"field":"threat.enrichments.indicator.registry.value","type":"keyword","description":"Name of the value written."},{"field":"threat.enrichments.indicator.scanner_stats","type":"long","description":"Scanner statistics"},{"field":"threat.enrichments.indicator.sightings","type":"long","description":"Number of times indicator observed"},{"field":"threat.enrichments.indicator.type","type":"keyword","description":"Type of indicator"},{"field":"threat.enrichments.indicator.url.domain","type":"keyword","description":"Domain of the url."},{"field":"threat.enrichments.indicator.url.extension","type":"keyword","description":"File extension from the request url, excluding the leading dot."},{"field":"threat.enrichments.indicator.url.fragment","type":"keyword","description":"Portion of the url after the `#`."},{"field":"threat.enrichments.indicator.url.full","type":"wildcard","description":"Full unparsed URL."},{"field":"threat.enrichments.indicator.url.full.text","type":"match_only_text","description":"Full unparsed URL."},{"field":"threat.enrichments.indicator.url.original","type":"wildcard","description":"Unmodified original url as seen in the event source."},{"field":"threat.enrichments.indicator.url.original.text","type":"match_only_text","description":"Unmodified original url as seen in the event source."},{"field":"threat.enrichments.indicator.url.password","type":"keyword","description":"Password of the request."},{"field":"threat.enrichments.indicator.url.path","type":"wildcard","description":"Path of the request, such as \"/search\"."},{"field":"threat.enrichments.indicator.url.port","type":"long","description":"Port of the request, such as 443."},{"field":"threat.enrichments.indicator.url.query","type":"keyword","description":"Query string of the request."},{"field":"threat.enrichments.indicator.url.registered_domain","type":"keyword","description":"The highest registered url domain, stripped of the subdomain."},{"field":"threat.enrichments.indicator.url.scheme","type":"keyword","description":"Scheme of the url."},{"field":"threat.enrichments.indicator.url.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"threat.enrichments.indicator.url.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"threat.enrichments.indicator.url.username","type":"keyword","description":"Username of the request."},{"field":"threat.enrichments.indicator.x509.alternative_names","type":"keyword","description":"List of subject alternative names (SAN)."},{"field":"threat.enrichments.indicator.x509.issuer.common_name","type":"keyword","description":"List of common name (CN) of issuing certificate authority."},{"field":"threat.enrichments.indicator.x509.issuer.country","type":"keyword","description":"List of country (C) codes"},{"field":"threat.enrichments.indicator.x509.issuer.distinguished_name","type":"keyword","description":"Distinguished name (DN) of issuing certificate authority."},{"field":"threat.enrichments.indicator.x509.issuer.locality","type":"keyword","description":"List of locality names (L)"},{"field":"threat.enrichments.indicator.x509.issuer.organization","type":"keyword","description":"List of organizations (O) of issuing certificate authority."},{"field":"threat.enrichments.indicator.x509.issuer.organizational_unit","type":"keyword","description":"List of organizational units (OU) of issuing certificate authority."},{"field":"threat.enrichments.indicator.x509.issuer.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"threat.enrichments.indicator.x509.not_after","type":"date","description":"Time at which the certificate is no longer considered valid."},{"field":"threat.enrichments.indicator.x509.not_before","type":"date","description":"Time at which the certificate is first considered valid."},{"field":"threat.enrichments.indicator.x509.public_key_algorithm","type":"keyword","description":"Algorithm used to generate the public key."},{"field":"threat.enrichments.indicator.x509.public_key_curve","type":"keyword","description":"The curve used by the elliptic curve public key algorithm. This is algorithm specific."},{"field":"threat.enrichments.indicator.x509.public_key_exponent","type":"long","description":"Exponent used to derive the public key. This is algorithm specific."},{"field":"threat.enrichments.indicator.x509.public_key_size","type":"long","description":"The size of the public key space in bits."},{"field":"threat.enrichments.indicator.x509.serial_number","type":"keyword","description":"Unique serial number issued by the certificate authority."},{"field":"threat.enrichments.indicator.x509.signature_algorithm","type":"keyword","description":"Identifier for certificate signature algorithm."},{"field":"threat.enrichments.indicator.x509.subject.common_name","type":"keyword","description":"List of common names (CN) of subject."},{"field":"threat.enrichments.indicator.x509.subject.country","type":"keyword","description":"List of country (C) code"},{"field":"threat.enrichments.indicator.x509.subject.distinguished_name","type":"keyword","description":"Distinguished name (DN) of the certificate subject entity."},{"field":"threat.enrichments.indicator.x509.subject.locality","type":"keyword","description":"List of locality names (L)"},{"field":"threat.enrichments.indicator.x509.subject.organization","type":"keyword","description":"List of organizations (O) of subject."},{"field":"threat.enrichments.indicator.x509.subject.organizational_unit","type":"keyword","description":"List of organizational units (OU) of subject."},{"field":"threat.enrichments.indicator.x509.subject.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"threat.enrichments.indicator.x509.version_number","type":"keyword","description":"Version of x509 format."},{"field":"threat.enrichments.matched.atomic","type":"keyword","description":"Matched indicator value"},{"field":"threat.enrichments.matched.field","type":"keyword","description":"Matched indicator field"},{"field":"threat.enrichments.matched.id","type":"keyword","description":"Matched indicator identifier"},{"field":"threat.enrichments.matched.index","type":"keyword","description":"Matched indicator index"},{"field":"threat.enrichments.matched.type","type":"keyword","description":"Type of indicator match"},{"field":"threat.framework","type":"keyword","description":"Threat classification framework."},{"field":"threat.group.alias","type":"keyword","description":"Alias of the group."},{"field":"threat.group.id","type":"keyword","description":"ID of the group."},{"field":"threat.group.name","type":"keyword","description":"Name of the group."},{"field":"threat.group.reference","type":"keyword","description":"Reference URL of the group."},{"field":"threat.indicator.as.number","type":"long","description":"Unique number allocated to the autonomous system."},{"field":"threat.indicator.as.organization.name","type":"keyword","description":"Organization name."},{"field":"threat.indicator.as.organization.name.text","type":"match_only_text","description":"Organization name."},{"field":"threat.indicator.confidence","type":"keyword","description":"Indicator confidence rating"},{"field":"threat.indicator.description","type":"keyword","description":"Indicator description"},{"field":"threat.indicator.email.address","type":"keyword","description":"Indicator email address"},{"field":"threat.indicator.file.accessed","type":"date","description":"Last time the file was accessed."},{"field":"threat.indicator.file.attributes","type":"keyword","description":"Array of file attributes."},{"field":"threat.indicator.file.code_signature.digest_algorithm","type":"keyword","description":"Hashing algorithm used to sign the process."},{"field":"threat.indicator.file.code_signature.exists","type":"boolean","description":"Boolean to capture if a signature is present."},{"field":"threat.indicator.file.code_signature.signing_id","type":"keyword","description":"The identifier used to sign the process."},{"field":"threat.indicator.file.code_signature.status","type":"keyword","description":"Additional information about the certificate status."},{"field":"threat.indicator.file.code_signature.subject_name","type":"keyword","description":"Subject name of the code signer"},{"field":"threat.indicator.file.code_signature.team_id","type":"keyword","description":"The team identifier used to sign the process."},{"field":"threat.indicator.file.code_signature.timestamp","type":"date","description":"When the signature was generated and signed."},{"field":"threat.indicator.file.code_signature.trusted","type":"boolean","description":"Stores the trust status of the certificate chain."},{"field":"threat.indicator.file.code_signature.valid","type":"boolean","description":"Boolean to capture if the digital signature is verified against the binary content."},{"field":"threat.indicator.file.created","type":"date","description":"File creation time."},{"field":"threat.indicator.file.ctime","type":"date","description":"Last time the file attributes or metadata changed."},{"field":"threat.indicator.file.device","type":"keyword","description":"Device that is the source of the file."},{"field":"threat.indicator.file.directory","type":"keyword","description":"Directory where the file is located."},{"field":"threat.indicator.file.drive_letter","type":"keyword","description":"Drive letter where the file is located."},{"field":"threat.indicator.file.elf.architecture","type":"keyword","description":"Machine architecture of the ELF file."},{"field":"threat.indicator.file.elf.byte_order","type":"keyword","description":"Byte sequence of ELF file."},{"field":"threat.indicator.file.elf.cpu_type","type":"keyword","description":"CPU type of the ELF file."},{"field":"threat.indicator.file.elf.creation_date","type":"date","description":"Build or compile date."},{"field":"threat.indicator.file.elf.exports","type":"flattened","description":"List of exported element names and types."},{"field":"threat.indicator.file.elf.header.abi_version","type":"keyword","description":"Version of the ELF Application Binary Interface (ABI)."},{"field":"threat.indicator.file.elf.header.class","type":"keyword","description":"Header class of the ELF file."},{"field":"threat.indicator.file.elf.header.data","type":"keyword","description":"Data table of the ELF header."},{"field":"threat.indicator.file.elf.header.entrypoint","type":"long","description":"Header entrypoint of the ELF file."},{"field":"threat.indicator.file.elf.header.object_version","type":"keyword","description":"0x1\" for original ELF files."},{"field":"threat.indicator.file.elf.header.os_abi","type":"keyword","description":"Application Binary Interface (ABI) of the Linux OS."},{"field":"threat.indicator.file.elf.header.type","type":"keyword","description":"Header type of the ELF file."},{"field":"threat.indicator.file.elf.header.version","type":"keyword","description":"Version of the ELF header."},{"field":"threat.indicator.file.elf.imports","type":"flattened","description":"List of imported element names and types."},{"field":"threat.indicator.file.elf.sections","type":"nested","description":"Section information of the ELF file."},{"field":"threat.indicator.file.elf.sections.chi2","type":"long","description":"Chi-square probability distribution of the section."},{"field":"threat.indicator.file.elf.sections.entropy","type":"long","description":"Shannon entropy calculation from the section."},{"field":"threat.indicator.file.elf.sections.flags","type":"keyword","description":"ELF Section List flags."},{"field":"threat.indicator.file.elf.sections.name","type":"keyword","description":"ELF Section List name."},{"field":"threat.indicator.file.elf.sections.physical_offset","type":"keyword","description":"ELF Section List offset."},{"field":"threat.indicator.file.elf.sections.physical_size","type":"long","description":"ELF Section List physical size."},{"field":"threat.indicator.file.elf.sections.type","type":"keyword","description":"ELF Section List type."},{"field":"threat.indicator.file.elf.sections.virtual_address","type":"long","description":"ELF Section List virtual address."},{"field":"threat.indicator.file.elf.sections.virtual_size","type":"long","description":"ELF Section List virtual size."},{"field":"threat.indicator.file.elf.segments","type":"nested","description":"ELF object segment list."},{"field":"threat.indicator.file.elf.segments.sections","type":"keyword","description":"ELF object segment sections."},{"field":"threat.indicator.file.elf.segments.type","type":"keyword","description":"ELF object segment type."},{"field":"threat.indicator.file.elf.shared_libraries","type":"keyword","description":"List of shared libraries used by this ELF object."},{"field":"threat.indicator.file.elf.telfhash","type":"keyword","description":"telfhash hash for ELF file."},{"field":"threat.indicator.file.extension","type":"keyword","description":"File extension, excluding the leading dot."},{"field":"threat.indicator.file.fork_name","type":"keyword","description":"A fork is additional data associated with a filesystem object."},{"field":"threat.indicator.file.gid","type":"keyword","description":"Primary group ID (GID) of the file."},{"field":"threat.indicator.file.group","type":"keyword","description":"Primary group name of the file."},{"field":"threat.indicator.file.hash.md5","type":"keyword","description":"MD5 hash."},{"field":"threat.indicator.file.hash.sha1","type":"keyword","description":"SHA1 hash."},{"field":"threat.indicator.file.hash.sha256","type":"keyword","description":"SHA256 hash."},{"field":"threat.indicator.file.hash.sha512","type":"keyword","description":"SHA512 hash."},{"field":"threat.indicator.file.hash.ssdeep","type":"keyword","description":"SSDEEP hash."},{"field":"threat.indicator.file.inode","type":"keyword","description":"Inode representing the file in the filesystem."},{"field":"threat.indicator.file.mime_type","type":"keyword","description":"Media type of file, document, or arrangement of bytes."},{"field":"threat.indicator.file.mode","type":"keyword","description":"Mode of the file in octal representation."},{"field":"threat.indicator.file.mtime","type":"date","description":"Last time the file content was modified."},{"field":"threat.indicator.file.name","type":"keyword","description":"Name of the file including the extension, without the directory."},{"field":"threat.indicator.file.owner","type":"keyword","description":"File owner's username."},{"field":"threat.indicator.file.path","type":"keyword","description":"Full path to the file, including the file name."},{"field":"threat.indicator.file.path.text","type":"match_only_text","description":"Full path to the file, including the file name."},{"field":"threat.indicator.file.pe.architecture","type":"keyword","description":"CPU architecture target for the file."},{"field":"threat.indicator.file.pe.company","type":"keyword","description":"Internal company name of the file, provided at compile-time."},{"field":"threat.indicator.file.pe.description","type":"keyword","description":"Internal description of the file, provided at compile-time."},{"field":"threat.indicator.file.pe.file_version","type":"keyword","description":"Process name."},{"field":"threat.indicator.file.pe.imphash","type":"keyword","description":"A hash of the imports in a PE file."},{"field":"threat.indicator.file.pe.original_file_name","type":"keyword","description":"Internal name of the file, provided at compile-time."},{"field":"threat.indicator.file.pe.product","type":"keyword","description":"Internal product name of the file, provided at compile-time."},{"field":"threat.indicator.file.size","type":"long","description":"File size in bytes."},{"field":"threat.indicator.file.target_path","type":"keyword","description":"Target path for symlinks."},{"field":"threat.indicator.file.target_path.text","type":"match_only_text","description":"Target path for symlinks."},{"field":"threat.indicator.file.type","type":"keyword","description":"File type (file, dir, or symlink)."},{"field":"threat.indicator.file.uid","type":"keyword","description":"The user ID (UID) or security identifier (SID) of the file owner."},{"field":"threat.indicator.file.x509.alternative_names","type":"keyword","description":"List of subject alternative names (SAN)."},{"field":"threat.indicator.file.x509.issuer.common_name","type":"keyword","description":"List of common name (CN) of issuing certificate authority."},{"field":"threat.indicator.file.x509.issuer.country","type":"keyword","description":"List of country (C) codes"},{"field":"threat.indicator.file.x509.issuer.distinguished_name","type":"keyword","description":"Distinguished name (DN) of issuing certificate authority."},{"field":"threat.indicator.file.x509.issuer.locality","type":"keyword","description":"List of locality names (L)"},{"field":"threat.indicator.file.x509.issuer.organization","type":"keyword","description":"List of organizations (O) of issuing certificate authority."},{"field":"threat.indicator.file.x509.issuer.organizational_unit","type":"keyword","description":"List of organizational units (OU) of issuing certificate authority."},{"field":"threat.indicator.file.x509.issuer.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"threat.indicator.file.x509.not_after","type":"date","description":"Time at which the certificate is no longer considered valid."},{"field":"threat.indicator.file.x509.not_before","type":"date","description":"Time at which the certificate is first considered valid."},{"field":"threat.indicator.file.x509.public_key_algorithm","type":"keyword","description":"Algorithm used to generate the public key."},{"field":"threat.indicator.file.x509.public_key_curve","type":"keyword","description":"The curve used by the elliptic curve public key algorithm. This is algorithm specific."},{"field":"threat.indicator.file.x509.public_key_exponent","type":"long","description":"Exponent used to derive the public key. This is algorithm specific."},{"field":"threat.indicator.file.x509.public_key_size","type":"long","description":"The size of the public key space in bits."},{"field":"threat.indicator.file.x509.serial_number","type":"keyword","description":"Unique serial number issued by the certificate authority."},{"field":"threat.indicator.file.x509.signature_algorithm","type":"keyword","description":"Identifier for certificate signature algorithm."},{"field":"threat.indicator.file.x509.subject.common_name","type":"keyword","description":"List of common names (CN) of subject."},{"field":"threat.indicator.file.x509.subject.country","type":"keyword","description":"List of country (C) code"},{"field":"threat.indicator.file.x509.subject.distinguished_name","type":"keyword","description":"Distinguished name (DN) of the certificate subject entity."},{"field":"threat.indicator.file.x509.subject.locality","type":"keyword","description":"List of locality names (L)"},{"field":"threat.indicator.file.x509.subject.organization","type":"keyword","description":"List of organizations (O) of subject."},{"field":"threat.indicator.file.x509.subject.organizational_unit","type":"keyword","description":"List of organizational units (OU) of subject."},{"field":"threat.indicator.file.x509.subject.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"threat.indicator.file.x509.version_number","type":"keyword","description":"Version of x509 format."},{"field":"threat.indicator.first_seen","type":"date","description":"Date/time indicator was first reported."},{"field":"threat.indicator.geo.city_name","type":"keyword","description":"City name."},{"field":"threat.indicator.geo.continent_code","type":"keyword","description":"Continent code."},{"field":"threat.indicator.geo.continent_name","type":"keyword","description":"Name of the continent."},{"field":"threat.indicator.geo.country_iso_code","type":"keyword","description":"Country ISO code."},{"field":"threat.indicator.geo.country_name","type":"keyword","description":"Country name."},{"field":"threat.indicator.geo.location","type":"geo_point","description":"Longitude and latitude."},{"field":"threat.indicator.geo.name","type":"keyword","description":"User-defined description of a location."},{"field":"threat.indicator.geo.postal_code","type":"keyword","description":"Postal code."},{"field":"threat.indicator.geo.region_iso_code","type":"keyword","description":"Region ISO code."},{"field":"threat.indicator.geo.region_name","type":"keyword","description":"Region name."},{"field":"threat.indicator.geo.timezone","type":"keyword","description":"Time zone."},{"field":"threat.indicator.ip","type":"ip","description":"Indicator IP address"},{"field":"threat.indicator.last_seen","type":"date","description":"Date/time indicator was last reported."},{"field":"threat.indicator.marking.tlp","type":"keyword","description":"Indicator TLP marking"},{"field":"threat.indicator.modified_at","type":"date","description":"Date/time indicator was last updated."},{"field":"threat.indicator.port","type":"long","description":"Indicator port"},{"field":"threat.indicator.provider","type":"keyword","description":"Indicator provider"},{"field":"threat.indicator.reference","type":"keyword","description":"Indicator reference URL"},{"field":"threat.indicator.registry.data.bytes","type":"keyword","description":"Original bytes written with base64 encoding."},{"field":"threat.indicator.registry.data.strings","type":"wildcard","description":"List of strings representing what was written to the registry."},{"field":"threat.indicator.registry.data.type","type":"keyword","description":"Standard registry type for encoding contents"},{"field":"threat.indicator.registry.hive","type":"keyword","description":"Abbreviated name for the hive."},{"field":"threat.indicator.registry.key","type":"keyword","description":"Hive-relative path of keys."},{"field":"threat.indicator.registry.path","type":"keyword","description":"Full path, including hive, key and value"},{"field":"threat.indicator.registry.value","type":"keyword","description":"Name of the value written."},{"field":"threat.indicator.scanner_stats","type":"long","description":"Scanner statistics"},{"field":"threat.indicator.sightings","type":"long","description":"Number of times indicator observed"},{"field":"threat.indicator.type","type":"keyword","description":"Type of indicator"},{"field":"threat.indicator.url.domain","type":"keyword","description":"Domain of the url."},{"field":"threat.indicator.url.extension","type":"keyword","description":"File extension from the request url, excluding the leading dot."},{"field":"threat.indicator.url.fragment","type":"keyword","description":"Portion of the url after the `#`."},{"field":"threat.indicator.url.full","type":"wildcard","description":"Full unparsed URL."},{"field":"threat.indicator.url.full.text","type":"match_only_text","description":"Full unparsed URL."},{"field":"threat.indicator.url.original","type":"wildcard","description":"Unmodified original url as seen in the event source."},{"field":"threat.indicator.url.original.text","type":"match_only_text","description":"Unmodified original url as seen in the event source."},{"field":"threat.indicator.url.password","type":"keyword","description":"Password of the request."},{"field":"threat.indicator.url.path","type":"wildcard","description":"Path of the request, such as \"/search\"."},{"field":"threat.indicator.url.port","type":"long","description":"Port of the request, such as 443."},{"field":"threat.indicator.url.query","type":"keyword","description":"Query string of the request."},{"field":"threat.indicator.url.registered_domain","type":"keyword","description":"The highest registered url domain, stripped of the subdomain."},{"field":"threat.indicator.url.scheme","type":"keyword","description":"Scheme of the url."},{"field":"threat.indicator.url.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"threat.indicator.url.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"threat.indicator.url.username","type":"keyword","description":"Username of the request."},{"field":"threat.indicator.x509.alternative_names","type":"keyword","description":"List of subject alternative names (SAN)."},{"field":"threat.indicator.x509.issuer.common_name","type":"keyword","description":"List of common name (CN) of issuing certificate authority."},{"field":"threat.indicator.x509.issuer.country","type":"keyword","description":"List of country (C) codes"},{"field":"threat.indicator.x509.issuer.distinguished_name","type":"keyword","description":"Distinguished name (DN) of issuing certificate authority."},{"field":"threat.indicator.x509.issuer.locality","type":"keyword","description":"List of locality names (L)"},{"field":"threat.indicator.x509.issuer.organization","type":"keyword","description":"List of organizations (O) of issuing certificate authority."},{"field":"threat.indicator.x509.issuer.organizational_unit","type":"keyword","description":"List of organizational units (OU) of issuing certificate authority."},{"field":"threat.indicator.x509.issuer.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"threat.indicator.x509.not_after","type":"date","description":"Time at which the certificate is no longer considered valid."},{"field":"threat.indicator.x509.not_before","type":"date","description":"Time at which the certificate is first considered valid."},{"field":"threat.indicator.x509.public_key_algorithm","type":"keyword","description":"Algorithm used to generate the public key."},{"field":"threat.indicator.x509.public_key_curve","type":"keyword","description":"The curve used by the elliptic curve public key algorithm. This is algorithm specific."},{"field":"threat.indicator.x509.public_key_exponent","type":"long","description":"Exponent used to derive the public key. This is algorithm specific."},{"field":"threat.indicator.x509.public_key_size","type":"long","description":"The size of the public key space in bits."},{"field":"threat.indicator.x509.serial_number","type":"keyword","description":"Unique serial number issued by the certificate authority."},{"field":"threat.indicator.x509.signature_algorithm","type":"keyword","description":"Identifier for certificate signature algorithm."},{"field":"threat.indicator.x509.subject.common_name","type":"keyword","description":"List of common names (CN) of subject."},{"field":"threat.indicator.x509.subject.country","type":"keyword","description":"List of country (C) code"},{"field":"threat.indicator.x509.subject.distinguished_name","type":"keyword","description":"Distinguished name (DN) of the certificate subject entity."},{"field":"threat.indicator.x509.subject.locality","type":"keyword","description":"List of locality names (L)"},{"field":"threat.indicator.x509.subject.organization","type":"keyword","description":"List of organizations (O) of subject."},{"field":"threat.indicator.x509.subject.organizational_unit","type":"keyword","description":"List of organizational units (OU) of subject."},{"field":"threat.indicator.x509.subject.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"threat.indicator.x509.version_number","type":"keyword","description":"Version of x509 format."},{"field":"threat.software.alias","type":"keyword","description":"Alias of the software"},{"field":"threat.software.id","type":"keyword","description":"ID of the software"},{"field":"threat.software.name","type":"keyword","description":"Name of the software."},{"field":"threat.software.platforms","type":"keyword","description":"Platforms of the software."},{"field":"threat.software.reference","type":"keyword","description":"Software reference URL."},{"field":"threat.software.type","type":"keyword","description":"Software type."},{"field":"threat.tactic.id","type":"keyword","description":"Threat tactic id."},{"field":"threat.tactic.name","type":"keyword","description":"Threat tactic."},{"field":"threat.tactic.reference","type":"keyword","description":"Threat tactic URL reference."},{"field":"threat.technique.id","type":"keyword","description":"Threat technique id."},{"field":"threat.technique.name","type":"keyword","description":"Threat technique name."},{"field":"threat.technique.name.text","type":"match_only_text","description":"Threat technique name."},{"field":"threat.technique.reference","type":"keyword","description":"Threat technique URL reference."},{"field":"threat.technique.subtechnique.id","type":"keyword","description":"Threat subtechnique id."},{"field":"threat.technique.subtechnique.name","type":"keyword","description":"Threat subtechnique name."},{"field":"threat.technique.subtechnique.name.text","type":"match_only_text","description":"Threat subtechnique name."},{"field":"threat.technique.subtechnique.reference","type":"keyword","description":"Threat subtechnique URL reference."},{"field":"tls.cipher","type":"keyword","description":"String indicating the cipher used during the current connection."},{"field":"tls.client.certificate","type":"keyword","description":"PEM-encoded stand-alone certificate offered by the client."},{"field":"tls.client.certificate_chain","type":"keyword","description":"Array of PEM-encoded certificates that make up the certificate chain offered by the client."},{"field":"tls.client.hash.md5","type":"keyword","description":"Certificate fingerprint using the MD5 digest of DER-encoded version of certificate offered by the client."},{"field":"tls.client.hash.sha1","type":"keyword","description":"Certificate fingerprint using the SHA1 digest of DER-encoded version of certificate offered by the client."},{"field":"tls.client.hash.sha256","type":"keyword","description":"Certificate fingerprint using the SHA256 digest of DER-encoded version of certificate offered by the client."},{"field":"tls.client.issuer","type":"keyword","description":"Distinguished name of subject of the issuer of the x.509 certificate presented by the client."},{"field":"tls.client.ja3","type":"keyword","description":"A hash that identifies clients based on how they perform an SSL/TLS handshake."},{"field":"tls.client.not_after","type":"date","description":"Date/Time indicating when client certificate is no longer considered valid."},{"field":"tls.client.not_before","type":"date","description":"Date/Time indicating when client certificate is first considered valid."},{"field":"tls.client.server_name","type":"keyword","description":"Hostname the client is trying to connect to. Also called the SNI."},{"field":"tls.client.subject","type":"keyword","description":"Distinguished name of subject of the x.509 certificate presented by the client."},{"field":"tls.client.supported_ciphers","type":"keyword","description":"Array of ciphers offered by the client during the client hello."},{"field":"tls.client.x509.alternative_names","type":"keyword","description":"List of subject alternative names (SAN)."},{"field":"tls.client.x509.issuer.common_name","type":"keyword","description":"List of common name (CN) of issuing certificate authority."},{"field":"tls.client.x509.issuer.country","type":"keyword","description":"List of country (C) codes"},{"field":"tls.client.x509.issuer.distinguished_name","type":"keyword","description":"Distinguished name (DN) of issuing certificate authority."},{"field":"tls.client.x509.issuer.locality","type":"keyword","description":"List of locality names (L)"},{"field":"tls.client.x509.issuer.organization","type":"keyword","description":"List of organizations (O) of issuing certificate authority."},{"field":"tls.client.x509.issuer.organizational_unit","type":"keyword","description":"List of organizational units (OU) of issuing certificate authority."},{"field":"tls.client.x509.issuer.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"tls.client.x509.not_after","type":"date","description":"Time at which the certificate is no longer considered valid."},{"field":"tls.client.x509.not_before","type":"date","description":"Time at which the certificate is first considered valid."},{"field":"tls.client.x509.public_key_algorithm","type":"keyword","description":"Algorithm used to generate the public key."},{"field":"tls.client.x509.public_key_curve","type":"keyword","description":"The curve used by the elliptic curve public key algorithm. This is algorithm specific."},{"field":"tls.client.x509.public_key_exponent","type":"long","description":"Exponent used to derive the public key. This is algorithm specific."},{"field":"tls.client.x509.public_key_size","type":"long","description":"The size of the public key space in bits."},{"field":"tls.client.x509.serial_number","type":"keyword","description":"Unique serial number issued by the certificate authority."},{"field":"tls.client.x509.signature_algorithm","type":"keyword","description":"Identifier for certificate signature algorithm."},{"field":"tls.client.x509.subject.common_name","type":"keyword","description":"List of common names (CN) of subject."},{"field":"tls.client.x509.subject.country","type":"keyword","description":"List of country (C) code"},{"field":"tls.client.x509.subject.distinguished_name","type":"keyword","description":"Distinguished name (DN) of the certificate subject entity."},{"field":"tls.client.x509.subject.locality","type":"keyword","description":"List of locality names (L)"},{"field":"tls.client.x509.subject.organization","type":"keyword","description":"List of organizations (O) of subject."},{"field":"tls.client.x509.subject.organizational_unit","type":"keyword","description":"List of organizational units (OU) of subject."},{"field":"tls.client.x509.subject.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"tls.client.x509.version_number","type":"keyword","description":"Version of x509 format."},{"field":"tls.curve","type":"keyword","description":"String indicating the curve used for the given cipher, when applicable."},{"field":"tls.established","type":"boolean","description":"Boolean flag indicating if the TLS negotiation was successful and transitioned to an encrypted tunnel."},{"field":"tls.next_protocol","type":"keyword","description":"String indicating the protocol being tunneled."},{"field":"tls.resumed","type":"boolean","description":"Boolean flag indicating if this TLS connection was resumed from an existing TLS negotiation."},{"field":"tls.server.certificate","type":"keyword","description":"PEM-encoded stand-alone certificate offered by the server."},{"field":"tls.server.certificate_chain","type":"keyword","description":"Array of PEM-encoded certificates that make up the certificate chain offered by the server."},{"field":"tls.server.hash.md5","type":"keyword","description":"Certificate fingerprint using the MD5 digest of DER-encoded version of certificate offered by the server."},{"field":"tls.server.hash.sha1","type":"keyword","description":"Certificate fingerprint using the SHA1 digest of DER-encoded version of certificate offered by the server."},{"field":"tls.server.hash.sha256","type":"keyword","description":"Certificate fingerprint using the SHA256 digest of DER-encoded version of certificate offered by the server."},{"field":"tls.server.issuer","type":"keyword","description":"Subject of the issuer of the x.509 certificate presented by the server."},{"field":"tls.server.ja3s","type":"keyword","description":"A hash that identifies servers based on how they perform an SSL/TLS handshake."},{"field":"tls.server.not_after","type":"date","description":"Timestamp indicating when server certificate is no longer considered valid."},{"field":"tls.server.not_before","type":"date","description":"Timestamp indicating when server certificate is first considered valid."},{"field":"tls.server.subject","type":"keyword","description":"Subject of the x.509 certificate presented by the server."},{"field":"tls.server.x509.alternative_names","type":"keyword","description":"List of subject alternative names (SAN)."},{"field":"tls.server.x509.issuer.common_name","type":"keyword","description":"List of common name (CN) of issuing certificate authority."},{"field":"tls.server.x509.issuer.country","type":"keyword","description":"List of country (C) codes"},{"field":"tls.server.x509.issuer.distinguished_name","type":"keyword","description":"Distinguished name (DN) of issuing certificate authority."},{"field":"tls.server.x509.issuer.locality","type":"keyword","description":"List of locality names (L)"},{"field":"tls.server.x509.issuer.organization","type":"keyword","description":"List of organizations (O) of issuing certificate authority."},{"field":"tls.server.x509.issuer.organizational_unit","type":"keyword","description":"List of organizational units (OU) of issuing certificate authority."},{"field":"tls.server.x509.issuer.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"tls.server.x509.not_after","type":"date","description":"Time at which the certificate is no longer considered valid."},{"field":"tls.server.x509.not_before","type":"date","description":"Time at which the certificate is first considered valid."},{"field":"tls.server.x509.public_key_algorithm","type":"keyword","description":"Algorithm used to generate the public key."},{"field":"tls.server.x509.public_key_curve","type":"keyword","description":"The curve used by the elliptic curve public key algorithm. This is algorithm specific."},{"field":"tls.server.x509.public_key_exponent","type":"long","description":"Exponent used to derive the public key. This is algorithm specific."},{"field":"tls.server.x509.public_key_size","type":"long","description":"The size of the public key space in bits."},{"field":"tls.server.x509.serial_number","type":"keyword","description":"Unique serial number issued by the certificate authority."},{"field":"tls.server.x509.signature_algorithm","type":"keyword","description":"Identifier for certificate signature algorithm."},{"field":"tls.server.x509.subject.common_name","type":"keyword","description":"List of common names (CN) of subject."},{"field":"tls.server.x509.subject.country","type":"keyword","description":"List of country (C) code"},{"field":"tls.server.x509.subject.distinguished_name","type":"keyword","description":"Distinguished name (DN) of the certificate subject entity."},{"field":"tls.server.x509.subject.locality","type":"keyword","description":"List of locality names (L)"},{"field":"tls.server.x509.subject.organization","type":"keyword","description":"List of organizations (O) of subject."},{"field":"tls.server.x509.subject.organizational_unit","type":"keyword","description":"List of organizational units (OU) of subject."},{"field":"tls.server.x509.subject.state_or_province","type":"keyword","description":"List of state or province names (ST, S, or P)"},{"field":"tls.server.x509.version_number","type":"keyword","description":"Version of x509 format."},{"field":"tls.version","type":"keyword","description":"Numeric part of the version parsed from the original string."},{"field":"tls.version_protocol","type":"keyword","description":"Normalized lowercase protocol name parsed from original string."},{"field":"trace.id","type":"keyword","description":"Unique identifier of the trace."},{"field":"transaction.id","type":"keyword","description":"Unique identifier of the transaction within the scope of its trace."},{"field":"url.domain","type":"keyword","description":"Domain of the url."},{"field":"url.extension","type":"keyword","description":"File extension from the request url, excluding the leading dot."},{"field":"url.fragment","type":"keyword","description":"Portion of the url after the `#`."},{"field":"url.full","type":"wildcard","description":"Full unparsed URL."},{"field":"url.full.text","type":"match_only_text","description":"Full unparsed URL."},{"field":"url.original","type":"wildcard","description":"Unmodified original url as seen in the event source."},{"field":"url.original.text","type":"match_only_text","description":"Unmodified original url as seen in the event source."},{"field":"url.password","type":"keyword","description":"Password of the request."},{"field":"url.path","type":"wildcard","description":"Path of the request, such as \"/search\"."},{"field":"url.port","type":"long","description":"Port of the request, such as 443."},{"field":"url.query","type":"keyword","description":"Query string of the request."},{"field":"url.registered_domain","type":"keyword","description":"The highest registered url domain, stripped of the subdomain."},{"field":"url.scheme","type":"keyword","description":"Scheme of the url."},{"field":"url.subdomain","type":"keyword","description":"The subdomain of the domain."},{"field":"url.top_level_domain","type":"keyword","description":"The effective top level domain (com, org, net, co.uk)."},{"field":"url.username","type":"keyword","description":"Username of the request."},{"field":"user.changes.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"user.changes.email","type":"keyword","description":"User email address."},{"field":"user.changes.full_name","type":"keyword","description":"User's full name, if available."},{"field":"user.changes.full_name.text","type":"match_only_text","description":"User's full name, if available."},{"field":"user.changes.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"user.changes.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"user.changes.group.name","type":"keyword","description":"Name of the group."},{"field":"user.changes.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"user.changes.id","type":"keyword","description":"Unique identifier of the user."},{"field":"user.changes.name","type":"keyword","description":"Short name or login of the user."},{"field":"user.changes.name.text","type":"match_only_text","description":"Short name or login of the user."},{"field":"user.changes.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"user.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"user.effective.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"user.effective.email","type":"keyword","description":"User email address."},{"field":"user.effective.full_name","type":"keyword","description":"User's full name, if available."},{"field":"user.effective.full_name.text","type":"match_only_text","description":"User's full name, if available."},{"field":"user.effective.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"user.effective.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"user.effective.group.name","type":"keyword","description":"Name of the group."},{"field":"user.effective.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"user.effective.id","type":"keyword","description":"Unique identifier of the user."},{"field":"user.effective.name","type":"keyword","description":"Short name or login of the user."},{"field":"user.effective.name.text","type":"match_only_text","description":"Short name or login of the user."},{"field":"user.effective.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"user.email","type":"keyword","description":"User email address."},{"field":"user.full_name","type":"keyword","description":"User's full name, if available."},{"field":"user.full_name.text","type":"match_only_text","description":"User's full name, if available."},{"field":"user.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"user.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"user.group.name","type":"keyword","description":"Name of the group."},{"field":"user.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"user.id","type":"keyword","description":"Unique identifier of the user."},{"field":"user.name","type":"keyword","description":"Short name or login of the user."},{"field":"user.name.text","type":"match_only_text","description":"Short name or login of the user."},{"field":"user.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"user.target.domain","type":"keyword","description":"Name of the directory the user is a member of."},{"field":"user.target.email","type":"keyword","description":"User email address."},{"field":"user.target.full_name","type":"keyword","description":"User's full name, if available."},{"field":"user.target.full_name.text","type":"match_only_text","description":"User's full name, if available."},{"field":"user.target.group.domain","type":"keyword","description":"Name of the directory the group is a member of."},{"field":"user.target.group.id","type":"keyword","description":"Unique identifier for the group on the system/platform."},{"field":"user.target.group.name","type":"keyword","description":"Name of the group."},{"field":"user.target.hash","type":"keyword","description":"Unique user hash to correlate information for a user in anonymized form."},{"field":"user.target.id","type":"keyword","description":"Unique identifier of the user."},{"field":"user.target.name","type":"keyword","description":"Short name or login of the user."},{"field":"user.target.name.text","type":"match_only_text","description":"Short name or login of the user."},{"field":"user.target.roles","type":"keyword","description":"Array of user roles at the time of the event."},{"field":"user_agent.device.name","type":"keyword","description":"Name of the device."},{"field":"user_agent.name","type":"keyword","description":"Name of the user agent."},{"field":"user_agent.original","type":"keyword","description":"Unparsed user_agent string."},{"field":"user_agent.original.text","type":"match_only_text","description":"Unparsed user_agent string."},{"field":"user_agent.os.family","type":"keyword","description":"OS family (such as redhat, debian, freebsd, windows)."},{"field":"user_agent.os.full","type":"keyword","description":"Operating system name, including the version or code name."},{"field":"user_agent.os.full.text","type":"match_only_text","description":"Operating system name, including the version or code name."},{"field":"user_agent.os.kernel","type":"keyword","description":"Operating system kernel version as a raw string."},{"field":"user_agent.os.name","type":"keyword","description":"Operating system name, without the version."},{"field":"user_agent.os.name.text","type":"match_only_text","description":"Operating system name, without the version."},{"field":"user_agent.os.platform","type":"keyword","description":"Operating system platform (such centos, ubuntu, windows)."},{"field":"user_agent.os.type","type":"keyword","description":"Which commercial OS family (one of: linux, macos, unix or windows)."},{"field":"user_agent.os.version","type":"keyword","description":"Operating system version as a raw string."},{"field":"user_agent.version","type":"keyword","description":"Version of the user agent."},{"field":"vulnerability.category","type":"keyword","description":"Category of a vulnerability."},{"field":"vulnerability.classification","type":"keyword","description":"Classification of the vulnerability."},{"field":"vulnerability.description","type":"keyword","description":"Description of the vulnerability."},{"field":"vulnerability.description.text","type":"match_only_text","description":"Description of the vulnerability."},{"field":"vulnerability.enumeration","type":"keyword","description":"Identifier of the vulnerability."},{"field":"vulnerability.id","type":"keyword","description":"ID of the vulnerability."},{"field":"vulnerability.reference","type":"keyword","description":"Reference of the vulnerability."},{"field":"vulnerability.report_id","type":"keyword","description":"Scan identification number."},{"field":"vulnerability.scanner.vendor","type":"keyword","description":"Name of the scanner vendor."},{"field":"vulnerability.score.base","type":"float","description":"Vulnerability Base score."},{"field":"vulnerability.score.environmental","type":"float","description":"Vulnerability Environmental score."},{"field":"vulnerability.score.temporal","type":"float","description":"Vulnerability Temporal score."},{"field":"vulnerability.score.version","type":"keyword","description":"CVSS version."},{"field":"vulnerability.severity","type":"keyword","description":"Severity of the vulnerability."}] \ No newline at end of file diff --git a/x-pack/plugins/osquery/public/common/schemas/osquery/v4.9.0.json b/x-pack/plugins/osquery/public/common/schemas/osquery/v4.9.0.json deleted file mode 100644 index 1c41c10ef4ebd22..000000000000000 --- a/x-pack/plugins/osquery/public/common/schemas/osquery/v4.9.0.json +++ /dev/null @@ -1 +0,0 @@ -[{"name":"account_policy_data","description":"Additional OS X user account data from the AccountPolicy section of OpenDirectory.","platforms":["darwin"],"columns":[{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"creation_time","description":"When the account was first created","type":"double","hidden":false,"required":false,"index":false},{"name":"failed_login_count","description":"The number of failed login attempts using an incorrect password. Count resets after a correct password is entered.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"failed_login_timestamp","description":"The time of the last failed login attempt. Resets after a correct password is entered","type":"double","hidden":false,"required":false,"index":false},{"name":"password_last_set_time","description":"The time the password was last changed","type":"double","hidden":false,"required":false,"index":false}]},{"name":"acpi_tables","description":"Firmware ACPI functional table common metadata and content.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"ACPI table name","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of compiled table data","type":"integer","hidden":false,"required":false,"index":false},{"name":"md5","description":"MD5 hash of table content","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ad_config","description":"OS X Active Directory configuration.","platforms":["darwin"],"columns":[{"name":"name","description":"The OS X-specific configuration name","type":"text","hidden":false,"required":false,"index":false},{"name":"domain","description":"Active Directory trust domain","type":"text","hidden":false,"required":false,"index":false},{"name":"option","description":"Canonical name of option","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Variable typed option value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"alf","description":"OS X application layer firewall (ALF) service details.","platforms":["darwin"],"columns":[{"name":"allow_signed_enabled","description":"1 If allow signed mode is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"firewall_unload","description":"1 If firewall unloading enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"global_state","description":"1 If the firewall is enabled with exceptions, 2 if the firewall is configured to block all incoming connections, else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"logging_enabled","description":"1 If logging mode is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"logging_option","description":"Firewall logging option","type":"integer","hidden":false,"required":false,"index":false},{"name":"stealth_enabled","description":"1 If stealth mode is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"version","description":"Application Layer Firewall version","type":"text","hidden":false,"required":false,"index":false}]},{"name":"alf_exceptions","description":"OS X application layer firewall (ALF) service exceptions.","platforms":["darwin"],"columns":[{"name":"path","description":"Path to the executable that is excepted","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"Firewall exception state","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"alf_explicit_auths","description":"ALF services explicitly allowed to perform networking.","platforms":["darwin"],"columns":[{"name":"process","description":"Process name explicitly allowed","type":"text","hidden":false,"required":false,"index":false}]},{"name":"app_schemes","description":"OS X application schemes and handlers (e.g., http, file, mailto).","platforms":["darwin"],"columns":[{"name":"scheme","description":"Name of the scheme/protocol","type":"text","hidden":false,"required":false,"index":false},{"name":"handler","description":"Application label for the handler","type":"text","hidden":false,"required":false,"index":false},{"name":"enabled","description":"1 if this handler is the OS default, else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"external","description":"1 if this handler does NOT exist on OS X by default, else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"protected","description":"1 if this handler is protected (reserved) by OS X, else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"apparmor_events","description":"Track AppArmor events.","platforms":["linux"],"columns":[{"name":"type","description":"Event type","type":"text","hidden":false,"required":false,"index":false},{"name":"message","description":"Raw audit message","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false},{"name":"apparmor","description":"Apparmor Status like ALLOWED, DENIED etc.","type":"text","hidden":false,"required":false,"index":false},{"name":"operation","description":"Permission requested by the process","type":"text","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent process PID","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"profile","description":"Apparmor profile name","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Process name","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"comm","description":"Command-line name of the command that was used to invoke the analyzed process","type":"text","hidden":false,"required":false,"index":false},{"name":"denied_mask","description":"Denied permissions for the process","type":"text","hidden":false,"required":false,"index":false},{"name":"capname","description":"Capability requested by the process","type":"text","hidden":false,"required":false,"index":false},{"name":"fsuid","description":"Filesystem user ID","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"ouid","description":"Object owner's user ID","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"capability","description":"Capability number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"requested_mask","description":"Requested access mask","type":"text","hidden":false,"required":false,"index":false},{"name":"info","description":"Additional information","type":"text","hidden":false,"required":false,"index":false},{"name":"error","description":"Error information","type":"text","hidden":false,"required":false,"index":false},{"name":"namespace","description":"AppArmor namespace","type":"text","hidden":false,"required":false,"index":false},{"name":"label","description":"AppArmor label","type":"text","hidden":false,"required":false,"index":false}]},{"name":"apparmor_profiles","description":"Track active AppArmor profiles.","platforms":["linux"],"columns":[{"name":"path","description":"Unique, aa-status compatible, policy identifier.","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Policy name.","type":"text","hidden":false,"required":false,"index":false},{"name":"attach","description":"Which executable(s) a profile will attach to.","type":"text","hidden":false,"required":false,"index":false},{"name":"mode","description":"How the policy is applied.","type":"text","hidden":false,"required":false,"index":false},{"name":"sha1","description":"A unique hash that identifies this policy.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"appcompat_shims","description":"Application Compatibility shims are a way to persist malware. This table presents the AppCompat Shim information from the registry in a nice format. See http://files.brucon.org/2015/Tomczak_and_Ballenthin_Shims_for_the_Win.pdf for more details.","platforms":["windows"],"columns":[{"name":"executable","description":"Name of the executable that is being shimmed. This is pulled from the registry.","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"This is the path to the SDB database.","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Description of the SDB.","type":"text","hidden":false,"required":false,"index":false},{"name":"install_time","description":"Install time of the SDB","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of the SDB database.","type":"text","hidden":false,"required":false,"index":false},{"name":"sdb_id","description":"Unique GUID of the SDB.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"apps","description":"OS X applications installed in known search paths (e.g., /Applications).","platforms":["darwin"],"columns":[{"name":"name","description":"Name of the Name.app folder","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Absolute and full Name.app path","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_executable","description":"Info properties CFBundleExecutable label","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_identifier","description":"Info properties CFBundleIdentifier label","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_name","description":"Info properties CFBundleName label","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_short_version","description":"Info properties CFBundleShortVersionString label","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_version","description":"Info properties CFBundleVersion label","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_package_type","description":"Info properties CFBundlePackageType label","type":"text","hidden":false,"required":false,"index":false},{"name":"environment","description":"Application-set environment variables","type":"text","hidden":false,"required":false,"index":false},{"name":"element","description":"Does the app identify as a background agent","type":"text","hidden":false,"required":false,"index":false},{"name":"compiler","description":"Info properties DTCompiler label","type":"text","hidden":false,"required":false,"index":false},{"name":"development_region","description":"Info properties CFBundleDevelopmentRegion label","type":"text","hidden":false,"required":false,"index":false},{"name":"display_name","description":"Info properties CFBundleDisplayName label","type":"text","hidden":false,"required":false,"index":false},{"name":"info_string","description":"Info properties CFBundleGetInfoString label","type":"text","hidden":false,"required":false,"index":false},{"name":"minimum_system_version","description":"Minimum version of OS X required for the app to run","type":"text","hidden":false,"required":false,"index":false},{"name":"category","description":"The UTI that categorizes the app for the App Store","type":"text","hidden":false,"required":false,"index":false},{"name":"applescript_enabled","description":"Info properties NSAppleScriptEnabled label","type":"text","hidden":false,"required":false,"index":false},{"name":"copyright","description":"Info properties NSHumanReadableCopyright label","type":"text","hidden":false,"required":false,"index":false},{"name":"last_opened_time","description":"The time that the app was last used","type":"double","hidden":false,"required":false,"index":false}]},{"name":"apt_sources","description":"Current list of APT repositories or software channels.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Repository name","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Source file","type":"text","hidden":false,"required":false,"index":false},{"name":"base_uri","description":"Repository base URI","type":"text","hidden":false,"required":false,"index":false},{"name":"release","description":"Release name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Repository source version","type":"text","hidden":false,"required":false,"index":false},{"name":"maintainer","description":"Repository maintainer","type":"text","hidden":false,"required":false,"index":false},{"name":"components","description":"Repository components","type":"text","hidden":false,"required":false,"index":false},{"name":"architectures","description":"Repository architectures","type":"text","hidden":false,"required":false,"index":false}]},{"name":"arp_cache","description":"Address resolution cache, both static and dynamic (from ARP, NDP).","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"address","description":"IPv4 address target","type":"text","hidden":false,"required":false,"index":false},{"name":"mac","description":"MAC address of broadcasted address","type":"text","hidden":false,"required":false,"index":false},{"name":"interface","description":"Interface of the network for the MAC","type":"text","hidden":false,"required":false,"index":false},{"name":"permanent","description":"1 for true, 0 for false","type":"text","hidden":false,"required":false,"index":false}]},{"name":"asl","description":"Queries the Apple System Log data structure for system events.","platforms":["darwin"],"columns":[{"name":"time","description":"Unix timestamp. Set automatically","type":"integer","hidden":false,"required":false,"index":false},{"name":"time_nano_sec","description":"Nanosecond time.","type":"integer","hidden":false,"required":false,"index":false},{"name":"host","description":"Sender's address (set by the server).","type":"text","hidden":false,"required":false,"index":false},{"name":"sender","description":"Sender's identification string. Default is process name.","type":"text","hidden":false,"required":false,"index":false},{"name":"facility","description":"Sender's facility. Default is 'user'.","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Sending process ID encoded as a string. Set automatically.","type":"integer","hidden":false,"required":false,"index":false},{"name":"gid","description":"GID that sent the log message (set by the server).","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"UID that sent the log message (set by the server).","type":"bigint","hidden":false,"required":false,"index":false},{"name":"level","description":"Log level number. See levels in asl.h.","type":"integer","hidden":false,"required":false,"index":false},{"name":"message","description":"Message text.","type":"text","hidden":false,"required":false,"index":false},{"name":"ref_pid","description":"Reference PID for messages proxied by launchd","type":"integer","hidden":false,"required":false,"index":false},{"name":"ref_proc","description":"Reference process for messages proxied by launchd","type":"text","hidden":false,"required":false,"index":false},{"name":"extra","description":"Extra columns, in JSON format. Queries against this column are performed entirely in SQLite, so do not benefit from efficient querying via asl.h.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"atom_packages","description":"Lists all atom packages in a directory or globally installed in a system.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Package display name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package supplied version","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Package supplied description","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Package's package.json path","type":"text","hidden":false,"required":false,"index":false},{"name":"license","description":"License for package","type":"text","hidden":false,"required":false,"index":false},{"name":"homepage","description":"Package supplied homepage","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"The local user that owns the plugin","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"augeas","description":"Configuration files parsed by augeas.","platforms":["darwin","linux"],"columns":[{"name":"node","description":"The node path of the configuration item","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"The value of the configuration item","type":"text","hidden":false,"required":false,"index":false},{"name":"label","description":"The label of the configuration item","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"The path to the configuration file","type":"text","hidden":false,"required":false,"index":false}]},{"name":"authenticode","description":"File (executable, bundle, installer, disk) code signing status.","platforms":["windows"],"columns":[{"name":"path","description":"Must provide a path or directory","type":"text","hidden":false,"required":true,"index":false},{"name":"original_program_name","description":"The original program name that the publisher has signed","type":"text","hidden":false,"required":false,"index":false},{"name":"serial_number","description":"The certificate serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"issuer_name","description":"The certificate issuer name","type":"text","hidden":false,"required":false,"index":false},{"name":"subject_name","description":"The certificate subject name","type":"text","hidden":false,"required":false,"index":false},{"name":"result","description":"The signature check result","type":"text","hidden":false,"required":false,"index":false}]},{"name":"authorization_mechanisms","description":"OS X Authorization mechanisms database.","platforms":["darwin"],"columns":[{"name":"label","description":"Label of the authorization right","type":"text","hidden":false,"required":false,"index":false},{"name":"plugin","description":"Authorization plugin name","type":"text","hidden":false,"required":false,"index":false},{"name":"mechanism","description":"Name of the mechanism that will be called","type":"text","hidden":false,"required":false,"index":false},{"name":"privileged","description":"If privileged it will run as root, else as an anonymous user","type":"text","hidden":false,"required":false,"index":false},{"name":"entry","description":"The whole string entry","type":"text","hidden":false,"required":false,"index":false}]},{"name":"authorizations","description":"OS X Authorization rights database.","platforms":["darwin"],"columns":[{"name":"label","description":"Item name, usually in reverse domain format","type":"text","hidden":false,"required":false,"index":false},{"name":"modified","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"allow_root","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"timeout","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"tries","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"authenticate_user","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"shared","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"comment","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"created","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"session_owner","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false}]},{"name":"authorized_keys","description":"A line-delimited authorized_keys table.","platforms":["darwin","linux"],"columns":[{"name":"uid","description":"The local owner of authorized_keys file","type":"bigint","hidden":false,"required":false,"index":false},{"name":"algorithm","description":"algorithm of key","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"parsed authorized keys line","type":"text","hidden":false,"required":false,"index":false},{"name":"key_file","description":"Path to the authorized_keys file","type":"text","hidden":false,"required":false,"index":false}]},{"name":"autoexec","description":"Aggregate of executables that will automatically execute on the target machine. This is an amalgamation of other tables like services, scheduled_tasks, startup_items and more.","platforms":["windows"],"columns":[{"name":"path","description":"Path to the executable","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the program","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Source table of the autoexec item","type":"text","hidden":false,"required":false,"index":false}]},{"name":"azure_instance_metadata","description":"Azure instance metadata.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"location","description":"Azure Region the VM is running in","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"offer","description":"Offer information for the VM image (Azure image gallery VMs only)","type":"text","hidden":false,"required":false,"index":false},{"name":"publisher","description":"Publisher of the VM image","type":"text","hidden":false,"required":false,"index":false},{"name":"sku","description":"SKU for the VM image","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Version of the VM image","type":"text","hidden":false,"required":false,"index":false},{"name":"os_type","description":"Linux or Windows","type":"text","hidden":false,"required":false,"index":false},{"name":"platform_update_domain","description":"Update domain the VM is running in","type":"text","hidden":false,"required":false,"index":false},{"name":"platform_fault_domain","description":"Fault domain the VM is running in","type":"text","hidden":false,"required":false,"index":false},{"name":"vm_id","description":"Unique identifier for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"vm_size","description":"VM size","type":"text","hidden":false,"required":false,"index":false},{"name":"subscription_id","description":"Azure subscription for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"resource_group_name","description":"Resource group for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"placement_group_id","description":"Placement group for the VM scale set","type":"text","hidden":false,"required":false,"index":false},{"name":"vm_scale_set_name","description":"VM scale set name","type":"text","hidden":false,"required":false,"index":false},{"name":"zone","description":"Availability zone of the VM","type":"text","hidden":false,"required":false,"index":false}]},{"name":"azure_instance_tags","description":"Azure instance tags.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"vm_id","description":"Unique identifier for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"The tag key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"The tag value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"background_activities_moderator","description":"Background Activities Moderator (BAM) tracks application execution.","platforms":["windows"],"columns":[{"name":"path","description":"Application file path.","type":"text","hidden":false,"required":false,"index":false},{"name":"last_execution_time","description":"Most recent time application was executed.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sid","description":"User SID.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"battery","description":"Provides information about the internal battery of a Macbook.","platforms":["darwin"],"columns":[{"name":"manufacturer","description":"The battery manufacturer's name","type":"text","hidden":false,"required":false,"index":false},{"name":"manufacture_date","description":"The date the battery was manufactured UNIX Epoch","type":"integer","hidden":false,"required":false,"index":false},{"name":"model","description":"The battery's model number","type":"text","hidden":false,"required":false,"index":false},{"name":"serial_number","description":"The battery's unique serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"cycle_count","description":"The number of charge/discharge cycles","type":"integer","hidden":false,"required":false,"index":false},{"name":"health","description":"One of the following: \"Good\" describes a well-performing battery, \"Fair\" describes a functional battery with limited capacity, or \"Poor\" describes a battery that's not capable of providing power","type":"text","hidden":false,"required":false,"index":false},{"name":"condition","description":"One of the following: \"Normal\" indicates the condition of the battery is within normal tolerances, \"Service Needed\" indicates that the battery should be checked out by a licensed Mac repair service, \"Permanent Failure\" indicates the battery needs replacement","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"One of the following: \"AC Power\" indicates the battery is connected to an external power source, \"Battery Power\" indicates that the battery is drawing internal power, \"Off Line\" indicates the battery is off-line or no longer connected","type":"text","hidden":false,"required":false,"index":false},{"name":"charging","description":"1 if the battery is currently being charged by a power source. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"charged","description":"1 if the battery is currently completely charged. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"designed_capacity","description":"The battery's designed capacity in mAh","type":"integer","hidden":false,"required":false,"index":false},{"name":"max_capacity","description":"The battery's actual capacity when it is fully charged in mAh","type":"integer","hidden":false,"required":false,"index":false},{"name":"current_capacity","description":"The battery's current charged capacity in mAh","type":"integer","hidden":false,"required":false,"index":false},{"name":"percent_remaining","description":"The percentage of battery remaining before it is drained","type":"integer","hidden":false,"required":false,"index":false},{"name":"amperage","description":"The battery's current amperage in mA","type":"integer","hidden":false,"required":false,"index":false},{"name":"voltage","description":"The battery's current voltage in mV","type":"integer","hidden":false,"required":false,"index":false},{"name":"minutes_until_empty","description":"The number of minutes until the battery is fully depleted. This value is -1 if this time is still being calculated","type":"integer","hidden":false,"required":false,"index":false},{"name":"minutes_to_full_charge","description":"The number of minutes until the battery is fully charged. This value is -1 if this time is still being calculated","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"bitlocker_info","description":"Retrieve bitlocker status of the machine.","platforms":["windows"],"columns":[{"name":"device_id","description":"ID of the encrypted drive.","type":"text","hidden":false,"required":false,"index":false},{"name":"drive_letter","description":"Drive letter of the encrypted drive.","type":"text","hidden":false,"required":false,"index":false},{"name":"persistent_volume_id","description":"Persistent ID of the drive.","type":"text","hidden":false,"required":false,"index":false},{"name":"conversion_status","description":"The bitlocker conversion status of the drive.","type":"integer","hidden":false,"required":false,"index":false},{"name":"protection_status","description":"The bitlocker protection status of the drive.","type":"integer","hidden":false,"required":false,"index":false},{"name":"encryption_method","description":"The encryption type of the device.","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"The FVE metadata version of the drive.","type":"integer","hidden":false,"required":false,"index":false},{"name":"percentage_encrypted","description":"The percentage of the drive that is encrypted.","type":"integer","hidden":false,"required":false,"index":false},{"name":"lock_status","description":"The accessibility status of the drive from Windows.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"block_devices","description":"Block (buffered access) device file nodes: disks, ramdisks, and DMG containers.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Block device name","type":"text","hidden":false,"required":false,"index":false},{"name":"parent","description":"Block device parent name","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor","description":"Block device vendor string","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"Block device model string identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Block device size in blocks","type":"bigint","hidden":false,"required":false,"index":false},{"name":"block_size","description":"Block size in bytes","type":"integer","hidden":false,"required":false,"index":false},{"name":"uuid","description":"Block device Universally Unique Identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Block device type string","type":"text","hidden":false,"required":false,"index":false},{"name":"label","description":"Block device label string","type":"text","hidden":false,"required":false,"index":false}]},{"name":"bpf_process_events","description":"Track time/action process executions.","platforms":["linux"],"columns":[{"name":"tid","description":"Thread ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cid","description":"Cgroup ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"exit_code","description":"Exit code of the system call","type":"text","hidden":false,"required":false,"index":false},{"name":"probe_error","description":"Set to 1 if one or more buffers could not be captured","type":"integer","hidden":false,"required":false,"index":false},{"name":"syscall","description":"System call name","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Binary path","type":"text","hidden":false,"required":false,"index":false},{"name":"cwd","description":"Current working directory","type":"text","hidden":false,"required":false,"index":false},{"name":"cmdline","description":"Command line arguments","type":"text","hidden":false,"required":false,"index":false},{"name":"duration","description":"How much time was spent inside the syscall (nsecs)","type":"integer","hidden":false,"required":false,"index":false},{"name":"json_cmdline","description":"Command line arguments, in JSON format","type":"text","hidden":true,"required":false,"index":false},{"name":"ntime","description":"The nsecs uptime timestamp as obtained from BPF","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":true,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"bpf_socket_events","description":"Track network socket opens and closes.","platforms":["linux"],"columns":[{"name":"tid","description":"Thread ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cid","description":"Cgroup ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"exit_code","description":"Exit code of the system call","type":"text","hidden":false,"required":false,"index":false},{"name":"probe_error","description":"Set to 1 if one or more buffers could not be captured","type":"integer","hidden":false,"required":false,"index":false},{"name":"syscall","description":"System call name","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of executed file","type":"text","hidden":false,"required":false,"index":false},{"name":"fd","description":"The file description for the process socket","type":"text","hidden":false,"required":false,"index":false},{"name":"family","description":"The Internet protocol family ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"The socket type","type":"integer","hidden":false,"required":false,"index":false},{"name":"protocol","description":"The network protocol ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"local_address","description":"Local address associated with socket","type":"text","hidden":false,"required":false,"index":false},{"name":"remote_address","description":"Remote address associated with socket","type":"text","hidden":false,"required":false,"index":false},{"name":"local_port","description":"Local network protocol port number","type":"integer","hidden":false,"required":false,"index":false},{"name":"remote_port","description":"Remote network protocol port number","type":"integer","hidden":false,"required":false,"index":false},{"name":"duration","description":"How much time was spent inside the syscall (nsecs)","type":"integer","hidden":false,"required":false,"index":false},{"name":"ntime","description":"The nsecs uptime timestamp as obtained from BPF","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":true,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"browser_plugins","description":"All C/NPAPI browser plugin details for all users.","platforms":["darwin"],"columns":[{"name":"uid","description":"The local user that owns the plugin","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Plugin display name","type":"text","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Plugin identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Plugin short version","type":"text","hidden":false,"required":false,"index":false},{"name":"sdk","description":"Build SDK used to compile plugin","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Plugin description text","type":"text","hidden":false,"required":false,"index":false},{"name":"development_region","description":"Plugin language-localization","type":"text","hidden":false,"required":false,"index":false},{"name":"native","description":"Plugin requires native execution","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to plugin bundle","type":"text","hidden":false,"required":false,"index":false},{"name":"disabled","description":"Is the plugin disabled. 1 = Disabled","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"carbon_black_info","description":"Returns info about a Carbon Black sensor install.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"sensor_id","description":"Sensor ID of the Carbon Black sensor","type":"integer","hidden":false,"required":false,"index":false},{"name":"config_name","description":"Sensor group","type":"text","hidden":false,"required":false,"index":false},{"name":"collect_store_files","description":"If the sensor is configured to send back binaries to the Carbon Black server","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_module_loads","description":"If the sensor is configured to capture module loads","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_module_info","description":"If the sensor is configured to collect metadata of binaries","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_file_mods","description":"If the sensor is configured to collect file modification events","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_reg_mods","description":"If the sensor is configured to collect registry modification events","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_net_conns","description":"If the sensor is configured to collect network connections","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_processes","description":"If the sensor is configured to process events","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_cross_processes","description":"If the sensor is configured to cross process events","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_emet_events","description":"If the sensor is configured to EMET events","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_data_file_writes","description":"If the sensor is configured to collect non binary file writes","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_process_user_context","description":"If the sensor is configured to collect the user running a process","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_sensor_operations","description":"Unknown","type":"integer","hidden":false,"required":false,"index":false},{"name":"log_file_disk_quota_mb","description":"Event file disk quota in MB","type":"integer","hidden":false,"required":false,"index":false},{"name":"log_file_disk_quota_percentage","description":"Event file disk quota in a percentage","type":"integer","hidden":false,"required":false,"index":false},{"name":"protection_disabled","description":"If the sensor is configured to report tamper events","type":"integer","hidden":false,"required":false,"index":false},{"name":"sensor_ip_addr","description":"IP address of the sensor","type":"text","hidden":false,"required":false,"index":false},{"name":"sensor_backend_server","description":"Carbon Black server","type":"text","hidden":false,"required":false,"index":false},{"name":"event_queue","description":"Size in bytes of Carbon Black event files on disk","type":"integer","hidden":false,"required":false,"index":false},{"name":"binary_queue","description":"Size in bytes of binaries waiting to be sent to Carbon Black server","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"carves","description":"List the set of completed and in-progress carves. If carve=1 then the query is treated as a new carve request.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"time","description":"Time at which the carve was kicked off","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sha256","description":"A SHA256 sum of the carved archive","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of the carved archive","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"The path of the requested carve","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Status of the carve, can be STARTING, PENDING, SUCCESS, or FAILED","type":"text","hidden":false,"required":false,"index":false},{"name":"carve_guid","description":"Identifying value of the carve session","type":"text","hidden":false,"required":false,"index":false},{"name":"request_id","description":"Identifying value of the carve request (e.g., scheduled query name, distributed request, etc)","type":"text","hidden":false,"required":false,"index":false},{"name":"carve","description":"Set this value to '1' to start a file carve","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"certificates","description":"Certificate Authorities installed in Keychains/ca-bundles.","platforms":["darwin","windows"],"columns":[{"name":"common_name","description":"Certificate CommonName","type":"text","hidden":false,"required":false,"index":false},{"name":"subject","description":"Certificate distinguished name","type":"text","hidden":false,"required":false,"index":false},{"name":"issuer","description":"Certificate issuer distinguished name","type":"text","hidden":false,"required":false,"index":false},{"name":"ca","description":"1 if CA: true (certificate is an authority) else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"self_signed","description":"1 if self-signed, else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"not_valid_before","description":"Lower bound of valid date","type":"text","hidden":false,"required":false,"index":false},{"name":"not_valid_after","description":"Certificate expiration data","type":"text","hidden":false,"required":false,"index":false},{"name":"signing_algorithm","description":"Signing algorithm used","type":"text","hidden":false,"required":false,"index":false},{"name":"key_algorithm","description":"Key algorithm used","type":"text","hidden":false,"required":false,"index":false},{"name":"key_strength","description":"Key size used for RSA/DSA, or curve name","type":"text","hidden":false,"required":false,"index":false},{"name":"key_usage","description":"Certificate key usage and extended key usage","type":"text","hidden":false,"required":false,"index":false},{"name":"subject_key_id","description":"SKID an optionally included SHA1","type":"text","hidden":false,"required":false,"index":false},{"name":"authority_key_id","description":"AKID an optionally included SHA1","type":"text","hidden":false,"required":false,"index":false},{"name":"sha1","description":"SHA1 hash of the raw certificate contents","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to Keychain or PEM bundle","type":"text","hidden":false,"required":false,"index":false},{"name":"serial","description":"Certificate serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"sid","description":"SID","type":"text","hidden":true,"required":false,"index":false},{"name":"store_location","description":"Certificate system store location","type":"text","hidden":true,"required":false,"index":false},{"name":"store","description":"Certificate system store","type":"text","hidden":true,"required":false,"index":false},{"name":"username","description":"Username","type":"text","hidden":true,"required":false,"index":false},{"name":"store_id","description":"Exists for service/user stores. Contains raw store id provided by WinAPI.","type":"text","hidden":true,"required":false,"index":false}]},{"name":"chassis_info","description":"Display information pertaining to the chassis and its security status.","platforms":["windows"],"columns":[{"name":"audible_alarm","description":"If TRUE, the frame is equipped with an audible alarm.","type":"text","hidden":false,"required":false,"index":false},{"name":"breach_description","description":"If provided, gives a more detailed description of a detected security breach.","type":"text","hidden":false,"required":false,"index":false},{"name":"chassis_types","description":"A comma-separated list of chassis types, such as Desktop or Laptop.","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"An extended description of the chassis if available.","type":"text","hidden":false,"required":false,"index":false},{"name":"lock","description":"If TRUE, the frame is equipped with a lock.","type":"text","hidden":false,"required":false,"index":false},{"name":"manufacturer","description":"The manufacturer of the chassis.","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"The model of the chassis.","type":"text","hidden":false,"required":false,"index":false},{"name":"security_breach","description":"The physical status of the chassis such as Breach Successful, Breach Attempted, etc.","type":"text","hidden":false,"required":false,"index":false},{"name":"serial","description":"The serial number of the chassis.","type":"text","hidden":false,"required":false,"index":false},{"name":"smbios_tag","description":"The assigned asset tag number of the chassis.","type":"text","hidden":false,"required":false,"index":false},{"name":"sku","description":"The Stock Keeping Unit number if available.","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"If available, gives various operational or nonoperational statuses such as OK, Degraded, and Pred Fail.","type":"text","hidden":false,"required":false,"index":false},{"name":"visible_alarm","description":"If TRUE, the frame is equipped with a visual alarm.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"chocolatey_packages","description":"Chocolatey packages installed in a system.","platforms":["windows"],"columns":[{"name":"name","description":"Package display name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package-supplied version","type":"text","hidden":false,"required":false,"index":false},{"name":"summary","description":"Package-supplied summary","type":"text","hidden":false,"required":false,"index":false},{"name":"author","description":"Optional package author","type":"text","hidden":false,"required":false,"index":false},{"name":"license","description":"License under which package is launched","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path at which this package resides","type":"text","hidden":false,"required":false,"index":false}]},{"name":"chrome_extension_content_scripts","description":"Chrome browser extension content scripts.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"browser_type","description":"The browser type (Valid values: chrome, chromium, opera, yandex, brave)","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"The local user that owns the extension","type":"bigint","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Extension identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Extension-supplied version","type":"text","hidden":false,"required":false,"index":false},{"name":"script","description":"The content script used by the extension","type":"text","hidden":false,"required":false,"index":false},{"name":"match","description":"The pattern that the script is matched against","type":"text","hidden":false,"required":false,"index":false},{"name":"profile_path","description":"The profile path","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to extension folder","type":"text","hidden":false,"required":false,"index":false},{"name":"referenced","description":"1 if this extension is referenced by the Preferences file of the profile","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"chrome_extensions","description":"Chrome-based browser extensions.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"browser_type","description":"The browser type (Valid values: chrome, chromium, opera, yandex, brave, edge, edge_beta)","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"The local user that owns the extension","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Extension display name","type":"text","hidden":false,"required":false,"index":false},{"name":"profile","description":"The name of the Chrome profile that contains this extension","type":"text","hidden":false,"required":false,"index":false},{"name":"profile_path","description":"The profile path","type":"text","hidden":false,"required":false,"index":false},{"name":"referenced_identifier","description":"Extension identifier, as specified by the preferences file. Empty if the extension is not in the profile.","type":"text","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Extension identifier, computed from its manifest. Empty in case of error.","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Extension-supplied version","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Extension-optional description","type":"text","hidden":false,"required":false,"index":false},{"name":"default_locale","description":"Default locale supported by extension","type":"text","hidden":false,"required":false,"index":false},{"name":"current_locale","description":"Current locale supported by extension","type":"text","hidden":false,"required":false,"index":false},{"name":"update_url","description":"Extension-supplied update URI","type":"text","hidden":false,"required":false,"index":false},{"name":"author","description":"Optional extension author","type":"text","hidden":false,"required":false,"index":false},{"name":"persistent","description":"1 If extension is persistent across all tabs else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to extension folder","type":"text","hidden":false,"required":false,"index":false},{"name":"permissions","description":"The permissions required by the extension","type":"text","hidden":false,"required":false,"index":false},{"name":"permissions_json","description":"The JSON-encoded permissions required by the extension","type":"text","hidden":true,"required":false,"index":false},{"name":"optional_permissions","description":"The permissions optionally required by the extensions","type":"text","hidden":false,"required":false,"index":false},{"name":"optional_permissions_json","description":"The JSON-encoded permissions optionally required by the extensions","type":"text","hidden":true,"required":false,"index":false},{"name":"manifest_hash","description":"The SHA256 hash of the manifest.json file","type":"text","hidden":false,"required":false,"index":false},{"name":"referenced","description":"1 if this extension is referenced by the Preferences file of the profile","type":"bigint","hidden":false,"required":false,"index":false},{"name":"from_webstore","description":"True if this extension was installed from the web store","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"1 if this extension is enabled","type":"text","hidden":false,"required":false,"index":false},{"name":"install_time","description":"Extension install time, in its original Webkit format","type":"text","hidden":false,"required":false,"index":false},{"name":"install_timestamp","description":"Extension install time, converted to unix time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"manifest_json","description":"The manifest file of the extension","type":"text","hidden":true,"required":false,"index":false},{"name":"key","description":"The extension key, from the manifest file","type":"text","hidden":true,"required":false,"index":false}]},{"name":"connectivity","description":"Provides the overall system's network state.","platforms":["windows"],"columns":[{"name":"disconnected","description":"True if the all interfaces are not connected to any network","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv4_no_traffic","description":"True if any interface is connected via IPv4, but has seen no traffic","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv6_no_traffic","description":"True if any interface is connected via IPv6, but has seen no traffic","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv4_subnet","description":"True if any interface is connected to the local subnet via IPv4","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv4_local_network","description":"True if any interface is connected to a routed network via IPv4","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv4_internet","description":"True if any interface is connected to the Internet via IPv4","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv6_subnet","description":"True if any interface is connected to the local subnet via IPv6","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv6_local_network","description":"True if any interface is connected to a routed network via IPv6","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv6_internet","description":"True if any interface is connected to the Internet via IPv6","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"cpu_info","description":"Retrieve cpu hardware info of the machine.","platforms":["windows"],"columns":[{"name":"device_id","description":"The DeviceID of the CPU.","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"The model of the CPU.","type":"text","hidden":false,"required":false,"index":false},{"name":"manufacturer","description":"The manufacturer of the CPU.","type":"text","hidden":false,"required":false,"index":false},{"name":"processor_type","description":"The processor type, such as Central, Math, or Video.","type":"text","hidden":false,"required":false,"index":false},{"name":"availability","description":"The availability and status of the CPU.","type":"text","hidden":false,"required":false,"index":false},{"name":"cpu_status","description":"The current operating status of the CPU.","type":"integer","hidden":false,"required":false,"index":false},{"name":"number_of_cores","description":"The number of cores of the CPU.","type":"text","hidden":false,"required":false,"index":false},{"name":"logical_processors","description":"The number of logical processors of the CPU.","type":"integer","hidden":false,"required":false,"index":false},{"name":"address_width","description":"The width of the CPU address bus.","type":"text","hidden":false,"required":false,"index":false},{"name":"current_clock_speed","description":"The current frequency of the CPU.","type":"integer","hidden":false,"required":false,"index":false},{"name":"max_clock_speed","description":"The maximum possible frequency of the CPU.","type":"integer","hidden":false,"required":false,"index":false},{"name":"socket_designation","description":"The assigned socket on the board for the given CPU.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"cpu_time","description":"Displays information from /proc/stat file about the time the cpu cores spent in different parts of the system.","platforms":["darwin","linux"],"columns":[{"name":"core","description":"Name of the cpu (core)","type":"integer","hidden":false,"required":false,"index":false},{"name":"user","description":"Time spent in user mode","type":"bigint","hidden":false,"required":false,"index":false},{"name":"nice","description":"Time spent in user mode with low priority (nice)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"system","description":"Time spent in system mode","type":"bigint","hidden":false,"required":false,"index":false},{"name":"idle","description":"Time spent in the idle task","type":"bigint","hidden":false,"required":false,"index":false},{"name":"iowait","description":"Time spent waiting for I/O to complete","type":"bigint","hidden":false,"required":false,"index":false},{"name":"irq","description":"Time spent servicing interrupts","type":"bigint","hidden":false,"required":false,"index":false},{"name":"softirq","description":"Time spent servicing softirqs","type":"bigint","hidden":false,"required":false,"index":false},{"name":"steal","description":"Time spent in other operating systems when running in a virtualized environment","type":"bigint","hidden":false,"required":false,"index":false},{"name":"guest","description":"Time spent running a virtual CPU for a guest OS under the control of the Linux kernel","type":"bigint","hidden":false,"required":false,"index":false},{"name":"guest_nice","description":"Time spent running a niced guest ","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"cpuid","description":"Useful CPU features from the cpuid ASM call.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"feature","description":"Present feature flags","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Bit value or string","type":"text","hidden":false,"required":false,"index":false},{"name":"output_register","description":"Register used to for feature value","type":"text","hidden":false,"required":false,"index":false},{"name":"output_bit","description":"Bit in register value for feature value","type":"integer","hidden":false,"required":false,"index":false},{"name":"input_eax","description":"Value of EAX used","type":"text","hidden":false,"required":false,"index":false}]},{"name":"crashes","description":"Application, System, and Mobile App crash logs.","platforms":["darwin"],"columns":[{"name":"type","description":"Type of crash log","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process (or thread) ID of the crashed process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"crash_path","description":"Location of log file","type":"text","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Identifier of the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Version info of the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent PID of the crashed process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"responsible","description":"Process responsible for the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID of the crashed process","type":"integer","hidden":false,"required":false,"index":false},{"name":"datetime","description":"Date/Time at which the crash occurred","type":"text","hidden":false,"required":false,"index":false},{"name":"crashed_thread","description":"Thread ID which crashed","type":"bigint","hidden":false,"required":false,"index":false},{"name":"stack_trace","description":"Most recent frame from the stack trace","type":"text","hidden":false,"required":false,"index":false},{"name":"exception_type","description":"Exception type of the crash","type":"text","hidden":false,"required":false,"index":false},{"name":"exception_codes","description":"Exception codes from the crash","type":"text","hidden":false,"required":false,"index":false},{"name":"exception_notes","description":"Exception notes from the crash","type":"text","hidden":false,"required":false,"index":false},{"name":"registers","description":"The value of the system registers","type":"text","hidden":false,"required":false,"index":false}]},{"name":"crontab","description":"Line parsed values from system and user cron/tab.","platforms":["darwin","linux"],"columns":[{"name":"event","description":"The job @event name (rare)","type":"text","hidden":false,"required":false,"index":false},{"name":"minute","description":"The exact minute for the job","type":"text","hidden":false,"required":false,"index":false},{"name":"hour","description":"The hour of the day for the job","type":"text","hidden":false,"required":false,"index":false},{"name":"day_of_month","description":"The day of the month for the job","type":"text","hidden":false,"required":false,"index":false},{"name":"month","description":"The month of the year for the job","type":"text","hidden":false,"required":false,"index":false},{"name":"day_of_week","description":"The day of the week for the job","type":"text","hidden":false,"required":false,"index":false},{"name":"command","description":"Raw command string","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"File parsed","type":"text","hidden":false,"required":false,"index":false}]},{"name":"cups_destinations","description":"Returns all configured printers.","platforms":["darwin"],"columns":[{"name":"name","description":"Name of the printer","type":"text","hidden":false,"required":false,"index":false},{"name":"option_name","description":"Option name","type":"text","hidden":false,"required":false,"index":false},{"name":"option_value","description":"Option value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"cups_jobs","description":"Returns all completed print jobs from cups.","platforms":["darwin"],"columns":[{"name":"title","description":"Title of the printed job","type":"text","hidden":false,"required":false,"index":false},{"name":"destination","description":"The printer the job was sent to","type":"text","hidden":false,"required":false,"index":false},{"name":"user","description":"The user who printed the job","type":"text","hidden":false,"required":false,"index":false},{"name":"format","description":"The format of the print job","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"The size of the print job","type":"integer","hidden":false,"required":false,"index":false},{"name":"completed_time","description":"When the job completed printing","type":"integer","hidden":false,"required":false,"index":false},{"name":"processing_time","description":"How long the job took to process","type":"integer","hidden":false,"required":false,"index":false},{"name":"creation_time","description":"When the print request was initiated","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"curl","description":"Perform an http request and return stats about it.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"url","description":"The url for the request","type":"text","hidden":false,"required":true,"index":false},{"name":"method","description":"The HTTP method for the request","type":"text","hidden":false,"required":false,"index":false},{"name":"user_agent","description":"The user-agent string to use for the request","type":"text","hidden":false,"required":false,"index":false},{"name":"response_code","description":"The HTTP status code for the response","type":"integer","hidden":false,"required":false,"index":false},{"name":"round_trip_time","description":"Time taken to complete the request","type":"bigint","hidden":false,"required":false,"index":false},{"name":"bytes","description":"Number of bytes in the response","type":"bigint","hidden":false,"required":false,"index":false},{"name":"result","description":"The HTTP response body","type":"text","hidden":false,"required":false,"index":false}]},{"name":"curl_certificate","description":"Inspect TLS certificates by connecting to input hostnames.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"hostname","description":"Hostname (domain[:port]) to CURL","type":"text","hidden":false,"required":true,"index":false},{"name":"common_name","description":"Common name of company issued to","type":"text","hidden":false,"required":false,"index":false},{"name":"organization","description":"Organization issued to","type":"text","hidden":false,"required":false,"index":false},{"name":"organization_unit","description":"Organization unit issued to","type":"text","hidden":false,"required":false,"index":false},{"name":"serial_number","description":"Certificate serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"issuer_common_name","description":"Issuer common name","type":"text","hidden":false,"required":false,"index":false},{"name":"issuer_organization","description":"Issuer organization","type":"text","hidden":false,"required":false,"index":false},{"name":"issuer_organization_unit","description":"Issuer organization unit","type":"text","hidden":false,"required":false,"index":false},{"name":"valid_from","description":"Period of validity start date","type":"text","hidden":false,"required":false,"index":false},{"name":"valid_to","description":"Period of validity end date","type":"text","hidden":false,"required":false,"index":false},{"name":"sha256_fingerprint","description":"SHA-256 fingerprint","type":"text","hidden":false,"required":false,"index":false},{"name":"sha1_fingerprint","description":"SHA1 fingerprint","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Version Number","type":"integer","hidden":false,"required":false,"index":false},{"name":"signature_algorithm","description":"Signature Algorithm","type":"text","hidden":false,"required":false,"index":false},{"name":"signature","description":"Signature","type":"text","hidden":false,"required":false,"index":false},{"name":"subject_key_identifier","description":"Subject Key Identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"authority_key_identifier","description":"Authority Key Identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"key_usage","description":"Usage of key in certificate","type":"text","hidden":false,"required":false,"index":false},{"name":"extended_key_usage","description":"Extended usage of key in certificate","type":"text","hidden":false,"required":false,"index":false},{"name":"policies","description":"Certificate Policies","type":"text","hidden":false,"required":false,"index":false},{"name":"subject_alternative_names","description":"Subject Alternative Name","type":"text","hidden":false,"required":false,"index":false},{"name":"issuer_alternative_names","description":"Issuer Alternative Name","type":"text","hidden":false,"required":false,"index":false},{"name":"info_access","description":"Authority Information Access","type":"text","hidden":false,"required":false,"index":false},{"name":"subject_info_access","description":"Subject Information Access","type":"text","hidden":false,"required":false,"index":false},{"name":"policy_mappings","description":"Policy Mappings","type":"text","hidden":false,"required":false,"index":false},{"name":"has_expired","description":"1 if the certificate has expired, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"basic_constraint","description":"Basic Constraints","type":"text","hidden":false,"required":false,"index":false},{"name":"name_constraints","description":"Name Constraints","type":"text","hidden":false,"required":false,"index":false},{"name":"policy_constraints","description":"Policy Constraints","type":"text","hidden":false,"required":false,"index":false},{"name":"dump_certificate","description":"Set this value to '1' to dump certificate","type":"integer","hidden":true,"required":false,"index":false},{"name":"timeout","description":"Set this value to the timeout in seconds to complete the TLS handshake (default 4s, use 0 for no timeout)","type":"integer","hidden":true,"required":false,"index":false},{"name":"pem","description":"Certificate PEM format","type":"text","hidden":false,"required":false,"index":false}]},{"name":"deb_packages","description":"The installed DEB package database.","platforms":["linux"],"columns":[{"name":"name","description":"Package name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package version","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Package source","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Package size in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"arch","description":"Package architecture","type":"text","hidden":false,"required":false,"index":false},{"name":"revision","description":"Package revision","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Package status","type":"text","hidden":false,"required":false,"index":false},{"name":"maintainer","description":"Package maintainer","type":"text","hidden":false,"required":false,"index":false},{"name":"section","description":"Package section","type":"text","hidden":false,"required":false,"index":false},{"name":"priority","description":"Package priority","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false},{"name":"mount_namespace_id","description":"Mount namespace id","type":"text","hidden":true,"required":false,"index":false}]},{"name":"default_environment","description":"Default environment variables and values.","platforms":["windows"],"columns":[{"name":"variable","description":"Name of the environment variable","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Value of the environment variable","type":"text","hidden":false,"required":false,"index":false},{"name":"expand","description":"1 if the variable needs expanding, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"device_file","description":"Similar to the file table, but use TSK and allow block address access.","platforms":["darwin","linux"],"columns":[{"name":"device","description":"Absolute file path to device node","type":"text","hidden":false,"required":true,"index":false},{"name":"partition","description":"A partition number","type":"text","hidden":false,"required":true,"index":false},{"name":"path","description":"A logical path within the device node","type":"text","hidden":false,"required":false,"index":false},{"name":"filename","description":"Name portion of file path","type":"text","hidden":false,"required":false,"index":false},{"name":"inode","description":"Filesystem inode number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"Owning user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Owning group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mode","description":"Permission bits","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of file in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"block_size","description":"Block size of filesystem","type":"integer","hidden":false,"required":false,"index":false},{"name":"atime","description":"Last access time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mtime","description":"Last modification time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ctime","description":"Creation time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"hard_links","description":"Number of hard links","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"File status","type":"text","hidden":false,"required":false,"index":false}]},{"name":"device_firmware","description":"A best-effort list of discovered firmware versions.","platforms":["darwin"],"columns":[{"name":"type","description":"Type of device","type":"text","hidden":false,"required":false,"index":false},{"name":"device","description":"The device name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Firmware version","type":"text","hidden":false,"required":false,"index":false}]},{"name":"device_hash","description":"Similar to the hash table, but use TSK and allow block address access.","platforms":["darwin","linux"],"columns":[{"name":"device","description":"Absolute file path to device node","type":"text","hidden":false,"required":true,"index":false},{"name":"partition","description":"A partition number","type":"text","hidden":false,"required":true,"index":false},{"name":"inode","description":"Filesystem inode number","type":"bigint","hidden":false,"required":true,"index":false},{"name":"md5","description":"MD5 hash of provided inode data","type":"text","hidden":false,"required":false,"index":false},{"name":"sha1","description":"SHA1 hash of provided inode data","type":"text","hidden":false,"required":false,"index":false},{"name":"sha256","description":"SHA256 hash of provided inode data","type":"text","hidden":false,"required":false,"index":false}]},{"name":"device_partitions","description":"Use TSK to enumerate details about partitions on a disk device.","platforms":["darwin","linux"],"columns":[{"name":"device","description":"Absolute file path to device node","type":"text","hidden":false,"required":true,"index":false},{"name":"partition","description":"A partition number or description","type":"integer","hidden":false,"required":false,"index":false},{"name":"label","description":"","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"","type":"text","hidden":false,"required":false,"index":false},{"name":"offset","description":"","type":"bigint","hidden":false,"required":false,"index":false},{"name":"blocks_size","description":"Byte size of each block","type":"bigint","hidden":false,"required":false,"index":false},{"name":"blocks","description":"Number of blocks","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inodes","description":"Number of meta nodes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"flags","description":"","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"disk_encryption","description":"Disk encryption status and information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Disk name","type":"text","hidden":false,"required":false,"index":false},{"name":"uuid","description":"Disk Universally Unique Identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"encrypted","description":"1 If encrypted: true (disk is encrypted), else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Description of cipher type and mode if available","type":"text","hidden":false,"required":false,"index":false},{"name":"encryption_status","description":"Disk encryption status with one of following values: encrypted | not encrypted | undefined","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"Currently authenticated user if available","type":"text","hidden":true,"required":false,"index":false},{"name":"user_uuid","description":"UUID of authenticated user if available","type":"text","hidden":true,"required":false,"index":false},{"name":"filevault_status","description":"FileVault status with one of following values: on | off | unknown","type":"text","hidden":true,"required":false,"index":false}]},{"name":"disk_events","description":"Track DMG disk image events (appearance/disappearance) when opened.","platforms":["darwin"],"columns":[{"name":"action","description":"Appear or disappear","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of the DMG file accessed","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Disk event name","type":"text","hidden":false,"required":false,"index":false},{"name":"device","description":"Disk event BSD name","type":"text","hidden":false,"required":false,"index":false},{"name":"uuid","description":"UUID of the volume inside DMG if available","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of partition in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ejectable","description":"1 if ejectable, 0 if not","type":"integer","hidden":false,"required":false,"index":false},{"name":"mountable","description":"1 if mountable, 0 if not","type":"integer","hidden":false,"required":false,"index":false},{"name":"writable","description":"1 if writable, 0 if not","type":"integer","hidden":false,"required":false,"index":false},{"name":"content","description":"Disk event content","type":"text","hidden":false,"required":false,"index":false},{"name":"media_name","description":"Disk event media name string","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor","description":"Disk event vendor string","type":"text","hidden":false,"required":false,"index":false},{"name":"filesystem","description":"Filesystem if available","type":"text","hidden":false,"required":false,"index":false},{"name":"checksum","description":"UDIF Master checksum if available (CRC32)","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of appearance/disappearance in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"disk_info","description":"Retrieve basic information about the physical disks of a system.","platforms":["windows"],"columns":[{"name":"partitions","description":"Number of detected partitions on disk.","type":"integer","hidden":false,"required":false,"index":false},{"name":"disk_index","description":"Physical drive number of the disk.","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"The interface type of the disk.","type":"text","hidden":false,"required":false,"index":false},{"name":"id","description":"The unique identifier of the drive on the system.","type":"text","hidden":false,"required":false,"index":false},{"name":"pnp_device_id","description":"The unique identifier of the drive on the system.","type":"text","hidden":false,"required":false,"index":false},{"name":"disk_size","description":"Size of the disk.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"manufacturer","description":"The manufacturer of the disk.","type":"text","hidden":false,"required":false,"index":false},{"name":"hardware_model","description":"Hard drive model.","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"The label of the disk object.","type":"text","hidden":false,"required":false,"index":false},{"name":"serial","description":"The serial number of the disk.","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"The OS's description of the disk.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"dns_cache","description":"Enumerate the DNS cache using the undocumented DnsGetCacheDataTable function in dnsapi.dll.","platforms":["windows"],"columns":[{"name":"name","description":"DNS record name","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"DNS record type","type":"text","hidden":false,"required":false,"index":false},{"name":"flags","description":"DNS record flags","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"dns_resolvers","description":"Resolvers used by this host.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Address type index or order","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Address type: sortlist, nameserver, search","type":"text","hidden":false,"required":false,"index":false},{"name":"address","description":"Resolver IP/IPv6 address","type":"text","hidden":false,"required":false,"index":false},{"name":"netmask","description":"Address (sortlist) netmask length","type":"text","hidden":false,"required":false,"index":false},{"name":"options","description":"Resolver options","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"docker_container_fs_changes","description":"Changes to files or directories on container's filesystem.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":true,"index":false},{"name":"path","description":"FIle or directory path relative to rootfs","type":"text","hidden":false,"required":false,"index":false},{"name":"change_type","description":"Type of change: C:Modified, A:Added, D:Deleted","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_container_labels","description":"Docker container labels.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Label key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Optional label value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_container_mounts","description":"Docker container mounts.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of mount (bind, volume)","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Optional mount name","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Source path on host","type":"text","hidden":false,"required":false,"index":false},{"name":"destination","description":"Destination path inside container","type":"text","hidden":false,"required":false,"index":false},{"name":"driver","description":"Driver providing the mount","type":"text","hidden":false,"required":false,"index":false},{"name":"mode","description":"Mount options (rw, ro)","type":"text","hidden":false,"required":false,"index":false},{"name":"rw","description":"1 if read/write. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"propagation","description":"Mount propagation","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_container_networks","description":"Docker container networks.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Network name","type":"text","hidden":false,"required":false,"index":false},{"name":"network_id","description":"Network ID","type":"text","hidden":false,"required":false,"index":false},{"name":"endpoint_id","description":"Endpoint ID","type":"text","hidden":false,"required":false,"index":false},{"name":"gateway","description":"Gateway","type":"text","hidden":false,"required":false,"index":false},{"name":"ip_address","description":"IP address","type":"text","hidden":false,"required":false,"index":false},{"name":"ip_prefix_len","description":"IP subnet prefix length","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv6_gateway","description":"IPv6 gateway","type":"text","hidden":false,"required":false,"index":false},{"name":"ipv6_address","description":"IPv6 address","type":"text","hidden":false,"required":false,"index":false},{"name":"ipv6_prefix_len","description":"IPv6 subnet prefix length","type":"integer","hidden":false,"required":false,"index":false},{"name":"mac_address","description":"MAC address","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_container_ports","description":"Docker container ports.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Protocol (tcp, udp)","type":"text","hidden":false,"required":false,"index":false},{"name":"port","description":"Port inside the container","type":"integer","hidden":false,"required":false,"index":false},{"name":"host_ip","description":"Host IP address on which public port is listening","type":"text","hidden":false,"required":false,"index":false},{"name":"host_port","description":"Host port","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"docker_container_processes","description":"Docker container processes.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":true,"index":false},{"name":"pid","description":"Process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"The process path or shorthand argv[0]","type":"text","hidden":false,"required":false,"index":false},{"name":"cmdline","description":"Complete argv","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"Process state","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"euid","description":"Effective user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"egid","description":"Effective group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"suid","description":"Saved user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sgid","description":"Saved group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"wired_size","description":"Bytes of unpageable memory used by process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"resident_size","description":"Bytes of private memory used by process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"total_size","description":"Total virtual memory size","type":"bigint","hidden":false,"required":false,"index":false},{"name":"start_time","description":"Process start in seconds since boot (non-sleeping)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"parent","description":"Process parent's PID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pgroup","description":"Process group","type":"bigint","hidden":false,"required":false,"index":false},{"name":"threads","description":"Number of threads used by process","type":"integer","hidden":false,"required":false,"index":false},{"name":"nice","description":"Process nice level (-20 to 20, default 0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"user","description":"User name","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Cumulative CPU time. [DD-]HH:MM:SS format","type":"text","hidden":false,"required":false,"index":false},{"name":"cpu","description":"CPU utilization as percentage","type":"double","hidden":false,"required":false,"index":false},{"name":"mem","description":"Memory utilization as percentage","type":"double","hidden":false,"required":false,"index":false}]},{"name":"docker_container_stats","description":"Docker container statistics. Queries on this table take at least one second.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":true,"index":false},{"name":"name","description":"Container name","type":"text","hidden":false,"required":false,"index":false},{"name":"pids","description":"Number of processes","type":"integer","hidden":false,"required":false,"index":false},{"name":"read","description":"UNIX time when stats were read","type":"bigint","hidden":false,"required":false,"index":false},{"name":"preread","description":"UNIX time when stats were last read","type":"bigint","hidden":false,"required":false,"index":false},{"name":"interval","description":"Difference between read and preread in nano-seconds","type":"bigint","hidden":false,"required":false,"index":false},{"name":"disk_read","description":"Total disk read bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"disk_write","description":"Total disk write bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"num_procs","description":"Number of processors","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_total_usage","description":"Total CPU usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cpu_kernelmode_usage","description":"CPU kernel mode usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cpu_usermode_usage","description":"CPU user mode usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"system_cpu_usage","description":"CPU system usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"online_cpus","description":"Online CPUs","type":"integer","hidden":false,"required":false,"index":false},{"name":"pre_cpu_total_usage","description":"Last read total CPU usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pre_cpu_kernelmode_usage","description":"Last read CPU kernel mode usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pre_cpu_usermode_usage","description":"Last read CPU user mode usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pre_system_cpu_usage","description":"Last read CPU system usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pre_online_cpus","description":"Last read online CPUs","type":"integer","hidden":false,"required":false,"index":false},{"name":"memory_usage","description":"Memory usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"memory_max_usage","description":"Memory maximum usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"memory_limit","description":"Memory limit","type":"bigint","hidden":false,"required":false,"index":false},{"name":"network_rx_bytes","description":"Total network bytes read","type":"bigint","hidden":false,"required":false,"index":false},{"name":"network_tx_bytes","description":"Total network bytes transmitted","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"docker_containers","description":"Docker containers information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Container name","type":"text","hidden":false,"required":false,"index":false},{"name":"image","description":"Docker image (name) used to launch this container","type":"text","hidden":false,"required":false,"index":false},{"name":"image_id","description":"Docker image ID","type":"text","hidden":false,"required":false,"index":false},{"name":"command","description":"Command with arguments","type":"text","hidden":false,"required":false,"index":false},{"name":"created","description":"Time of creation as UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"state","description":"Container state (created, restarting, running, removing, paused, exited, dead)","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Container status information","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Identifier of the initial process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Container path","type":"text","hidden":false,"required":false,"index":false},{"name":"config_entrypoint","description":"Container entrypoint(s)","type":"text","hidden":false,"required":false,"index":false},{"name":"started_at","description":"Container start time as string","type":"text","hidden":false,"required":false,"index":false},{"name":"finished_at","description":"Container finish time as string","type":"text","hidden":false,"required":false,"index":false},{"name":"privileged","description":"Is the container privileged","type":"integer","hidden":false,"required":false,"index":false},{"name":"security_options","description":"List of container security options","type":"text","hidden":false,"required":false,"index":false},{"name":"env_variables","description":"Container environmental variables","type":"text","hidden":false,"required":false,"index":false},{"name":"readonly_rootfs","description":"Is the root filesystem mounted as read only","type":"integer","hidden":false,"required":false,"index":false},{"name":"cgroup_namespace","description":"cgroup namespace","type":"text","hidden":false,"required":false,"index":false},{"name":"ipc_namespace","description":"IPC namespace","type":"text","hidden":false,"required":false,"index":false},{"name":"mnt_namespace","description":"Mount namespace","type":"text","hidden":false,"required":false,"index":false},{"name":"net_namespace","description":"Network namespace","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_namespace","description":"PID namespace","type":"text","hidden":false,"required":false,"index":false},{"name":"user_namespace","description":"User namespace","type":"text","hidden":false,"required":false,"index":false},{"name":"uts_namespace","description":"UTS namespace","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_image_history","description":"Docker image history information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Image ID","type":"text","hidden":false,"required":false,"index":false},{"name":"created","description":"Time of creation as UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of instruction in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"created_by","description":"Created by instruction","type":"text","hidden":false,"required":false,"index":false},{"name":"tags","description":"Comma-separated list of tags","type":"text","hidden":false,"required":false,"index":false},{"name":"comment","description":"Instruction comment","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_image_labels","description":"Docker image labels.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Image ID","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Label key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Optional label value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_image_layers","description":"Docker image layers information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Image ID","type":"text","hidden":false,"required":false,"index":false},{"name":"layer_id","description":"Layer ID","type":"text","hidden":false,"required":false,"index":false},{"name":"layer_order","description":"Layer Order (1 = base layer)","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"docker_images","description":"Docker images information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Image ID","type":"text","hidden":false,"required":false,"index":false},{"name":"created","description":"Time of creation as UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"size_bytes","description":"Size of image in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"tags","description":"Comma-separated list of repository tags","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_info","description":"Docker system information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Docker system ID","type":"text","hidden":false,"required":false,"index":false},{"name":"containers","description":"Total number of containers","type":"integer","hidden":false,"required":false,"index":false},{"name":"containers_running","description":"Number of containers currently running","type":"integer","hidden":false,"required":false,"index":false},{"name":"containers_paused","description":"Number of containers in paused state","type":"integer","hidden":false,"required":false,"index":false},{"name":"containers_stopped","description":"Number of containers in stopped state","type":"integer","hidden":false,"required":false,"index":false},{"name":"images","description":"Number of images","type":"integer","hidden":false,"required":false,"index":false},{"name":"storage_driver","description":"Storage driver","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_limit","description":"1 if memory limit support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"swap_limit","description":"1 if swap limit support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"kernel_memory","description":"1 if kernel memory limit support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_cfs_period","description":"1 if CPU Completely Fair Scheduler (CFS) period support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_cfs_quota","description":"1 if CPU Completely Fair Scheduler (CFS) quota support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_shares","description":"1 if CPU share weighting support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_set","description":"1 if CPU set selection support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv4_forwarding","description":"1 if IPv4 forwarding is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"bridge_nf_iptables","description":"1 if bridge netfilter iptables is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"bridge_nf_ip6tables","description":"1 if bridge netfilter ip6tables is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"oom_kill_disable","description":"1 if Out-of-memory kill is disabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"logging_driver","description":"Logging driver","type":"text","hidden":false,"required":false,"index":false},{"name":"cgroup_driver","description":"Control groups driver","type":"text","hidden":false,"required":false,"index":false},{"name":"kernel_version","description":"Kernel version","type":"text","hidden":false,"required":false,"index":false},{"name":"os","description":"Operating system","type":"text","hidden":false,"required":false,"index":false},{"name":"os_type","description":"Operating system type","type":"text","hidden":false,"required":false,"index":false},{"name":"architecture","description":"Hardware architecture","type":"text","hidden":false,"required":false,"index":false},{"name":"cpus","description":"Number of CPUs","type":"integer","hidden":false,"required":false,"index":false},{"name":"memory","description":"Total memory","type":"bigint","hidden":false,"required":false,"index":false},{"name":"http_proxy","description":"HTTP proxy","type":"text","hidden":false,"required":false,"index":false},{"name":"https_proxy","description":"HTTPS proxy","type":"text","hidden":false,"required":false,"index":false},{"name":"no_proxy","description":"Comma-separated list of domain extensions proxy should not be used for","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the docker host","type":"text","hidden":false,"required":false,"index":false},{"name":"server_version","description":"Server version","type":"text","hidden":false,"required":false,"index":false},{"name":"root_dir","description":"Docker root directory","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_network_labels","description":"Docker network labels.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Network ID","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Label key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Optional label value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_networks","description":"Docker networks information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Network ID","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Network name","type":"text","hidden":false,"required":false,"index":false},{"name":"driver","description":"Network driver","type":"text","hidden":false,"required":false,"index":false},{"name":"created","description":"Time of creation as UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"enable_ipv6","description":"1 if IPv6 is enabled on this network. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"subnet","description":"Network subnet","type":"text","hidden":false,"required":false,"index":false},{"name":"gateway","description":"Network gateway","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_version","description":"Docker version information.","platforms":["darwin","linux"],"columns":[{"name":"version","description":"Docker version","type":"text","hidden":false,"required":false,"index":false},{"name":"api_version","description":"API version","type":"text","hidden":false,"required":false,"index":false},{"name":"min_api_version","description":"Minimum API version supported","type":"text","hidden":false,"required":false,"index":false},{"name":"git_commit","description":"Docker build git commit","type":"text","hidden":false,"required":false,"index":false},{"name":"go_version","description":"Go version","type":"text","hidden":false,"required":false,"index":false},{"name":"os","description":"Operating system","type":"text","hidden":false,"required":false,"index":false},{"name":"arch","description":"Hardware architecture","type":"text","hidden":false,"required":false,"index":false},{"name":"kernel_version","description":"Kernel version","type":"text","hidden":false,"required":false,"index":false},{"name":"build_time","description":"Build time","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_volume_labels","description":"Docker volume labels.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Volume name","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Label key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Optional label value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_volumes","description":"Docker volumes information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Volume name","type":"text","hidden":false,"required":false,"index":false},{"name":"driver","description":"Volume driver","type":"text","hidden":false,"required":false,"index":false},{"name":"mount_point","description":"Mount point","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Volume type","type":"text","hidden":false,"required":false,"index":false}]},{"name":"drivers","description":"Details for in-use Windows device drivers. This does not display installed but unused drivers.","platforms":["windows"],"columns":[{"name":"device_id","description":"Device ID","type":"text","hidden":false,"required":false,"index":false},{"name":"device_name","description":"Device name","type":"text","hidden":false,"required":false,"index":false},{"name":"image","description":"Path to driver image file","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Driver description","type":"text","hidden":false,"required":false,"index":false},{"name":"service","description":"Driver service name, if one exists","type":"text","hidden":false,"required":false,"index":false},{"name":"service_key","description":"Driver service registry key","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Driver version","type":"text","hidden":false,"required":false,"index":false},{"name":"inf","description":"Associated inf file","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"Device/driver class name","type":"text","hidden":false,"required":false,"index":false},{"name":"provider","description":"Driver provider","type":"text","hidden":false,"required":false,"index":false},{"name":"manufacturer","description":"Device manufacturer","type":"text","hidden":false,"required":false,"index":false},{"name":"driver_key","description":"Driver key","type":"text","hidden":false,"required":false,"index":false},{"name":"date","description":"Driver date","type":"bigint","hidden":false,"required":false,"index":false},{"name":"signed","description":"Whether the driver is signed or not","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"ec2_instance_metadata","description":"EC2 instance metadata.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"instance_id","description":"EC2 instance ID","type":"text","hidden":false,"required":false,"index":false},{"name":"instance_type","description":"EC2 instance type","type":"text","hidden":false,"required":false,"index":false},{"name":"architecture","description":"Hardware architecture of this EC2 instance","type":"text","hidden":false,"required":false,"index":false},{"name":"region","description":"AWS region in which this instance launched","type":"text","hidden":false,"required":false,"index":false},{"name":"availability_zone","description":"Availability zone in which this instance launched","type":"text","hidden":false,"required":false,"index":false},{"name":"local_hostname","description":"Private IPv4 DNS hostname of the first interface of this instance","type":"text","hidden":false,"required":false,"index":false},{"name":"local_ipv4","description":"Private IPv4 address of the first interface of this instance","type":"text","hidden":false,"required":false,"index":false},{"name":"mac","description":"MAC address for the first network interface of this EC2 instance","type":"text","hidden":false,"required":false,"index":false},{"name":"security_groups","description":"Comma separated list of security group names","type":"text","hidden":false,"required":false,"index":false},{"name":"iam_arn","description":"If there is an IAM role associated with the instance, contains instance profile ARN","type":"text","hidden":false,"required":false,"index":false},{"name":"ami_id","description":"AMI ID used to launch this EC2 instance","type":"text","hidden":false,"required":false,"index":false},{"name":"reservation_id","description":"ID of the reservation","type":"text","hidden":false,"required":false,"index":false},{"name":"account_id","description":"AWS account ID which owns this EC2 instance","type":"text","hidden":false,"required":false,"index":false},{"name":"ssh_public_key","description":"SSH public key. Only available if supplied at instance launch time","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ec2_instance_tags","description":"EC2 instance tag key value pairs.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"instance_id","description":"EC2 instance ID","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Tag key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Tag value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"elf_dynamic","description":"ELF dynamic section information.","platforms":["linux"],"columns":[{"name":"tag","description":"Tag ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"value","description":"Tag value","type":"integer","hidden":false,"required":false,"index":false},{"name":"class","description":"Class (32 or 64)","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to ELF file","type":"text","hidden":false,"required":true,"index":false}]},{"name":"elf_info","description":"ELF file information.","platforms":["linux"],"columns":[{"name":"class","description":"Class type, 32 or 64bit","type":"text","hidden":false,"required":false,"index":false},{"name":"abi","description":"Section type","type":"text","hidden":false,"required":false,"index":false},{"name":"abi_version","description":"Section virtual address in memory","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Offset of section in file","type":"text","hidden":false,"required":false,"index":false},{"name":"machine","description":"Machine type","type":"integer","hidden":false,"required":false,"index":false},{"name":"version","description":"Object file version","type":"integer","hidden":false,"required":false,"index":false},{"name":"entry","description":"Entry point address","type":"bigint","hidden":false,"required":false,"index":false},{"name":"flags","description":"ELF header flags","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to ELF file","type":"text","hidden":false,"required":true,"index":false}]},{"name":"elf_sections","description":"ELF section information.","platforms":["linux"],"columns":[{"name":"name","description":"Section name","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Section type","type":"integer","hidden":false,"required":false,"index":false},{"name":"vaddr","description":"Section virtual address in memory","type":"integer","hidden":false,"required":false,"index":false},{"name":"offset","description":"Offset of section in file","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of section","type":"integer","hidden":false,"required":false,"index":false},{"name":"flags","description":"Section attributes","type":"text","hidden":false,"required":false,"index":false},{"name":"link","description":"Link to other section","type":"text","hidden":false,"required":false,"index":false},{"name":"align","description":"Segment alignment","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to ELF file","type":"text","hidden":false,"required":true,"index":false}]},{"name":"elf_segments","description":"ELF segment information.","platforms":["linux"],"columns":[{"name":"name","description":"Segment type/name","type":"text","hidden":false,"required":false,"index":false},{"name":"offset","description":"Segment offset in file","type":"integer","hidden":false,"required":false,"index":false},{"name":"vaddr","description":"Segment virtual address in memory","type":"integer","hidden":false,"required":false,"index":false},{"name":"psize","description":"Size of segment in file","type":"integer","hidden":false,"required":false,"index":false},{"name":"msize","description":"Segment offset in memory","type":"integer","hidden":false,"required":false,"index":false},{"name":"flags","description":"Segment attributes","type":"text","hidden":false,"required":false,"index":false},{"name":"align","description":"Segment alignment","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to ELF file","type":"text","hidden":false,"required":true,"index":false}]},{"name":"elf_symbols","description":"ELF symbol list.","platforms":["linux"],"columns":[{"name":"name","description":"Symbol name","type":"text","hidden":false,"required":false,"index":false},{"name":"addr","description":"Symbol address (value)","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of object","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Symbol type","type":"text","hidden":false,"required":false,"index":false},{"name":"binding","description":"Binding type","type":"text","hidden":false,"required":false,"index":false},{"name":"offset","description":"Section table index","type":"integer","hidden":false,"required":false,"index":false},{"name":"table","description":"Table name containing symbol","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to ELF file","type":"text","hidden":false,"required":true,"index":false}]},{"name":"es_process_events","description":"Process execution events from EndpointSecurity.","platforms":["darwin"],"columns":[{"name":"version","description":"Version of EndpointSecurity event","type":"integer","hidden":false,"required":false,"index":false},{"name":"seq_num","description":"Per event sequence number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"global_seq_num","description":"Global sequence number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process (or thread) ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of executed file","type":"text","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"original_parent","description":"Original parent process ID in case of reparenting","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cmdline","description":"Command line arguments (argv)","type":"text","hidden":false,"required":false,"index":false},{"name":"cmdline_count","description":"Number of command line arguments","type":"bigint","hidden":false,"required":false,"index":false},{"name":"env","description":"Environment variables delimited by spaces","type":"text","hidden":false,"required":false,"index":false},{"name":"env_count","description":"Number of environment variables","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cwd","description":"The process current working directory","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID of the process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"euid","description":"Effective User ID of the process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID of the process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"egid","description":"Effective Group ID of the process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"username","description":"Username","type":"text","hidden":false,"required":false,"index":false},{"name":"signing_id","description":"Signature identifier of the process","type":"text","hidden":false,"required":false,"index":false},{"name":"team_id","description":"Team identifier of thd process","type":"text","hidden":false,"required":false,"index":false},{"name":"cdhash","description":"Codesigning hash of the process","type":"text","hidden":false,"required":false,"index":false},{"name":"platform_binary","description":"Indicates if the binary is Apple signed binary (1) or not (0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"exit_code","description":"Exit code of a process in case of an exit event","type":"integer","hidden":false,"required":false,"index":false},{"name":"child_pid","description":"Process ID of a child process in case of a fork event","type":"bigint","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"event_type","description":"Type of EndpointSecurity event","type":"text","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"etc_hosts","description":"Line-parsed /etc/hosts.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"address","description":"IP address mapping","type":"text","hidden":false,"required":false,"index":false},{"name":"hostnames","description":"Raw hosts mapping","type":"text","hidden":false,"required":false,"index":false}]},{"name":"etc_protocols","description":"Line-parsed /etc/protocols.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Protocol name","type":"text","hidden":false,"required":false,"index":false},{"name":"number","description":"Protocol number","type":"integer","hidden":false,"required":false,"index":false},{"name":"alias","description":"Protocol alias","type":"text","hidden":false,"required":false,"index":false},{"name":"comment","description":"Comment with protocol description","type":"text","hidden":false,"required":false,"index":false}]},{"name":"etc_services","description":"Line-parsed /etc/services.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Service name","type":"text","hidden":false,"required":false,"index":false},{"name":"port","description":"Service port number","type":"integer","hidden":false,"required":false,"index":false},{"name":"protocol","description":"Transport protocol (TCP/UDP)","type":"text","hidden":false,"required":false,"index":false},{"name":"aliases","description":"Optional space separated list of other names for a service","type":"text","hidden":false,"required":false,"index":false},{"name":"comment","description":"Optional comment for a service.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"event_taps","description":"Returns information about installed event taps.","platforms":["darwin"],"columns":[{"name":"enabled","description":"Is the Event Tap enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"event_tap_id","description":"Unique ID for the Tap","type":"integer","hidden":false,"required":false,"index":false},{"name":"event_tapped","description":"The mask that identifies the set of events to be observed.","type":"text","hidden":false,"required":false,"index":false},{"name":"process_being_tapped","description":"The process ID of the target application","type":"integer","hidden":false,"required":false,"index":false},{"name":"tapping_process","description":"The process ID of the application that created the event tap.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"example","description":"This is an example table spec.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Description for name column","type":"text","hidden":false,"required":false,"index":false},{"name":"points","description":"This is a signed SQLite int column","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"This is a signed SQLite bigint column","type":"bigint","hidden":false,"required":false,"index":false},{"name":"action","description":"Action performed in generation","type":"text","hidden":false,"required":true,"index":false},{"name":"id","description":"An index of some sort","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of example","type":"text","hidden":false,"required":false,"index":false}]},{"name":"extended_attributes","description":"Returns the extended attributes for files (similar to Windows ADS).","platforms":["darwin","linux"],"columns":[{"name":"path","description":"Absolute file path","type":"text","hidden":false,"required":true,"index":false},{"name":"directory","description":"Directory of file(s)","type":"text","hidden":false,"required":true,"index":false},{"name":"key","description":"Name of the value generated from the extended attribute","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"The parsed information from the attribute","type":"text","hidden":false,"required":false,"index":false},{"name":"base64","description":"1 if the value is base64 encoded else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"fan_speed_sensors","description":"Fan speeds.","platforms":["darwin"],"columns":[{"name":"fan","description":"Fan number","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Fan name","type":"text","hidden":false,"required":false,"index":false},{"name":"actual","description":"Actual speed","type":"integer","hidden":false,"required":false,"index":false},{"name":"min","description":"Minimum speed","type":"integer","hidden":false,"required":false,"index":false},{"name":"max","description":"Maximum speed","type":"integer","hidden":false,"required":false,"index":false},{"name":"target","description":"Target speed","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"fbsd_kmods","description":"Loaded FreeBSD kernel modules.","platforms":["freebsd"],"columns":[{"name":"name","description":"Module name","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of module content","type":"integer","hidden":false,"required":false,"index":false},{"name":"refs","description":"Module reverse dependencies","type":"integer","hidden":false,"required":false,"index":false},{"name":"address","description":"Kernel module address","type":"text","hidden":false,"required":false,"index":false}]},{"name":"file","description":"Interactive filesystem attributes and metadata.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"path","description":"Absolute file path","type":"text","hidden":false,"required":true,"index":false},{"name":"directory","description":"Directory of file(s)","type":"text","hidden":false,"required":true,"index":false},{"name":"filename","description":"Name portion of file path","type":"text","hidden":false,"required":false,"index":false},{"name":"inode","description":"Filesystem inode number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"Owning user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Owning group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mode","description":"Permission bits","type":"text","hidden":false,"required":false,"index":false},{"name":"device","description":"Device ID (optional)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of file in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"block_size","description":"Block size of filesystem","type":"integer","hidden":false,"required":false,"index":false},{"name":"atime","description":"Last access time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mtime","description":"Last modification time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ctime","description":"Last status change time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"btime","description":"(B)irth or (cr)eate time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"hard_links","description":"Number of hard links","type":"integer","hidden":false,"required":false,"index":false},{"name":"symlink","description":"1 if the path is a symlink, otherwise 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"File status","type":"text","hidden":false,"required":false,"index":false},{"name":"attributes","description":"File attrib string. See: https://ss64.com/nt/attrib.html","type":"text","hidden":true,"required":false,"index":false},{"name":"volume_serial","description":"Volume serial number","type":"text","hidden":true,"required":false,"index":false},{"name":"file_id","description":"file ID","type":"text","hidden":true,"required":false,"index":false},{"name":"file_version","description":"File version","type":"text","hidden":true,"required":false,"index":false},{"name":"product_version","description":"File product version","type":"text","hidden":true,"required":false,"index":false},{"name":"bsd_flags","description":"The BSD file flags (chflags). Possible values: NODUMP, UF_IMMUTABLE, UF_APPEND, OPAQUE, HIDDEN, ARCHIVED, SF_IMMUTABLE, SF_APPEND","type":"text","hidden":true,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false},{"name":"mount_namespace_id","description":"Mount namespace id","type":"text","hidden":true,"required":false,"index":false}]},{"name":"file_events","description":"Track time/action changes to files specified in configuration data.","platforms":["darwin","linux"],"columns":[{"name":"target_path","description":"The path associated with the event","type":"text","hidden":false,"required":false,"index":false},{"name":"category","description":"The category of the file defined in the config","type":"text","hidden":false,"required":false,"index":false},{"name":"action","description":"Change action (UPDATE, REMOVE, etc)","type":"text","hidden":false,"required":false,"index":false},{"name":"transaction_id","description":"ID used during bulk update","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inode","description":"Filesystem inode number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"Owning user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Owning group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mode","description":"Permission bits","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of file in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"atime","description":"Last access time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mtime","description":"Last modification time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ctime","description":"Last status change time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"md5","description":"The MD5 of the file after change","type":"text","hidden":false,"required":false,"index":false},{"name":"sha1","description":"The SHA1 of the file after change","type":"text","hidden":false,"required":false,"index":false},{"name":"sha256","description":"The SHA256 of the file after change","type":"text","hidden":false,"required":false,"index":false},{"name":"hashed","description":"1 if the file was hashed, 0 if not, -1 if hashing failed","type":"integer","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of file event","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"firefox_addons","description":"Firefox browser extensions, webapps, and addons.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"uid","description":"The local user that owns the addon","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Addon display name","type":"text","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Addon identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"creator","description":"Addon-supported creator string","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Extension, addon, webapp","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Addon-supplied version string","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Addon-supplied description string","type":"text","hidden":false,"required":false,"index":false},{"name":"source_url","description":"URL that installed the addon","type":"text","hidden":false,"required":false,"index":false},{"name":"visible","description":"1 If the addon is shown in browser else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"active","description":"1 If the addon is active else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"disabled","description":"1 If the addon is application-disabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"autoupdate","description":"1 If the addon applies background updates else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"native","description":"1 If the addon includes binary components else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"location","description":"Global, profile location","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to plugin bundle","type":"text","hidden":false,"required":false,"index":false}]},{"name":"gatekeeper","description":"OS X Gatekeeper Details.","platforms":["darwin"],"columns":[{"name":"assessments_enabled","description":"1 If a Gatekeeper is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"dev_id_enabled","description":"1 If a Gatekeeper allows execution from identified developers else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"version","description":"Version of Gatekeeper's gke.bundle","type":"text","hidden":false,"required":false,"index":false},{"name":"opaque_version","description":"Version of Gatekeeper's gkopaque.bundle","type":"text","hidden":false,"required":false,"index":false}]},{"name":"gatekeeper_approved_apps","description":"Gatekeeper apps a user has allowed to run.","platforms":["darwin"],"columns":[{"name":"path","description":"Path of executable allowed to run","type":"text","hidden":false,"required":false,"index":false},{"name":"requirement","description":"Code signing requirement language","type":"text","hidden":false,"required":false,"index":false},{"name":"ctime","description":"Last change time","type":"double","hidden":false,"required":false,"index":false},{"name":"mtime","description":"Last modification time","type":"double","hidden":false,"required":false,"index":false}]},{"name":"groups","description":"Local system groups.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"gid","description":"Unsigned int64 group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid_signed","description":"A signed int64 version of gid","type":"bigint","hidden":false,"required":false,"index":false},{"name":"groupname","description":"Canonical local group name","type":"text","hidden":false,"required":false,"index":false},{"name":"group_sid","description":"Unique group ID","type":"text","hidden":true,"required":false,"index":false},{"name":"comment","description":"Remarks or comments associated with the group","type":"text","hidden":true,"required":false,"index":false},{"name":"is_hidden","description":"IsHidden attribute set in OpenDirectory","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"hardware_events","description":"Hardware (PCI/USB/HID) events from UDEV or IOKit.","platforms":["darwin","linux"],"columns":[{"name":"action","description":"Remove, insert, change properties, etc","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Local device path assigned (optional)","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of hardware and hardware event","type":"text","hidden":false,"required":false,"index":false},{"name":"driver","description":"Driver claiming the device","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor","description":"Hardware device vendor","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor_id","description":"Hex encoded Hardware vendor identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"Hardware device model","type":"text","hidden":false,"required":false,"index":false},{"name":"model_id","description":"Hex encoded Hardware model identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"serial","description":"Device serial (optional)","type":"text","hidden":false,"required":false,"index":false},{"name":"revision","description":"Device revision (optional)","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of hardware event","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"hash","description":"Filesystem hash data.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"path","description":"Must provide a path or directory","type":"text","hidden":false,"required":true,"index":false},{"name":"directory","description":"Must provide a path or directory","type":"text","hidden":false,"required":true,"index":false},{"name":"md5","description":"MD5 hash of provided filesystem data","type":"text","hidden":false,"required":false,"index":false},{"name":"sha1","description":"SHA1 hash of provided filesystem data","type":"text","hidden":false,"required":false,"index":false},{"name":"sha256","description":"SHA256 hash of provided filesystem data","type":"text","hidden":false,"required":false,"index":false},{"name":"ssdeep","description":"ssdeep hash of provided filesystem data","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false},{"name":"mount_namespace_id","description":"Mount namespace id","type":"text","hidden":true,"required":false,"index":false}]},{"name":"homebrew_packages","description":"The installed homebrew package database.","platforms":["darwin"],"columns":[{"name":"name","description":"Package name","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Package install path","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Current 'linked' version","type":"text","hidden":false,"required":false,"index":false},{"name":"prefix","description":"Homebrew install prefix","type":"text","hidden":true,"required":false,"index":false}]},{"name":"hvci_status","description":"Retrieve HVCI info of the machine.","platforms":["windows"],"columns":[{"name":"version","description":"The version number of the Device Guard build.","type":"text","hidden":false,"required":false,"index":false},{"name":"instance_identifier","description":"The instance ID of Device Guard.","type":"text","hidden":false,"required":false,"index":false},{"name":"vbs_status","description":"The status of the virtualization based security settings. Returns UNKNOWN if an error is encountered.","type":"text","hidden":false,"required":false,"index":false},{"name":"code_integrity_policy_enforcement_status","description":"The status of the code integrity policy enforcement settings. Returns UNKNOWN if an error is encountered.","type":"text","hidden":false,"required":false,"index":false},{"name":"umci_policy_status","description":"The status of the User Mode Code Integrity security settings. Returns UNKNOWN if an error is encountered.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ibridge_info","description":"Information about the Apple iBridge hardware controller.","platforms":["darwin"],"columns":[{"name":"boot_uuid","description":"Boot UUID of the iBridge controller","type":"text","hidden":false,"required":false,"index":false},{"name":"coprocessor_version","description":"The manufacturer and chip version","type":"text","hidden":false,"required":false,"index":false},{"name":"firmware_version","description":"The build version of the firmware","type":"text","hidden":false,"required":false,"index":false},{"name":"unique_chip_id","description":"Unique id of the iBridge controller","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ie_extensions","description":"Internet Explorer browser extensions.","platforms":["windows"],"columns":[{"name":"name","description":"Extension display name","type":"text","hidden":false,"required":false,"index":false},{"name":"registry_path","description":"Extension identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Version of the executable","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to executable","type":"text","hidden":false,"required":false,"index":false}]},{"name":"intel_me_info","description":"Intel ME/CSE Info.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"version","description":"Intel ME version","type":"text","hidden":false,"required":false,"index":false}]},{"name":"interface_addresses","description":"Network interfaces and relevant metadata.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"interface","description":"Interface name","type":"text","hidden":false,"required":false,"index":false},{"name":"address","description":"Specific address for interface","type":"text","hidden":false,"required":false,"index":false},{"name":"mask","description":"Interface netmask","type":"text","hidden":false,"required":false,"index":false},{"name":"broadcast","description":"Broadcast address for the interface","type":"text","hidden":false,"required":false,"index":false},{"name":"point_to_point","description":"PtP address for the interface","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of address. One of dhcp, manual, auto, other, unknown","type":"text","hidden":false,"required":false,"index":false},{"name":"friendly_name","description":"The friendly display name of the interface.","type":"text","hidden":true,"required":false,"index":false}]},{"name":"interface_details","description":"Detailed information and stats of network interfaces.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"interface","description":"Interface name","type":"text","hidden":false,"required":false,"index":false},{"name":"mac","description":"MAC of interface (optional)","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Interface type (includes virtual)","type":"integer","hidden":false,"required":false,"index":false},{"name":"mtu","description":"Network MTU","type":"integer","hidden":false,"required":false,"index":false},{"name":"metric","description":"Metric based on the speed of the interface","type":"integer","hidden":false,"required":false,"index":false},{"name":"flags","description":"Flags (netdevice) for the device","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipackets","description":"Input packets","type":"bigint","hidden":false,"required":false,"index":false},{"name":"opackets","description":"Output packets","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ibytes","description":"Input bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"obytes","description":"Output bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ierrors","description":"Input errors","type":"bigint","hidden":false,"required":false,"index":false},{"name":"oerrors","description":"Output errors","type":"bigint","hidden":false,"required":false,"index":false},{"name":"idrops","description":"Input drops","type":"bigint","hidden":false,"required":false,"index":false},{"name":"odrops","description":"Output drops","type":"bigint","hidden":false,"required":false,"index":false},{"name":"collisions","description":"Packet Collisions detected","type":"bigint","hidden":false,"required":false,"index":false},{"name":"last_change","description":"Time of last device modification (optional)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"link_speed","description":"Interface speed in Mb/s","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pci_slot","description":"PCI slot number","type":"text","hidden":false,"required":false,"index":false},{"name":"friendly_name","description":"The friendly display name of the interface.","type":"text","hidden":true,"required":false,"index":false},{"name":"description","description":"Short description of the object a one-line string.","type":"text","hidden":true,"required":false,"index":false},{"name":"manufacturer","description":"Name of the network adapter's manufacturer.","type":"text","hidden":true,"required":false,"index":false},{"name":"connection_id","description":"Name of the network connection as it appears in the Network Connections Control Panel program.","type":"text","hidden":true,"required":false,"index":false},{"name":"connection_status","description":"State of the network adapter connection to the network.","type":"text","hidden":true,"required":false,"index":false},{"name":"enabled","description":"Indicates whether the adapter is enabled or not.","type":"integer","hidden":true,"required":false,"index":false},{"name":"physical_adapter","description":"Indicates whether the adapter is a physical or a logical adapter.","type":"integer","hidden":true,"required":false,"index":false},{"name":"speed","description":"Estimate of the current bandwidth in bits per second.","type":"integer","hidden":true,"required":false,"index":false},{"name":"service","description":"The name of the service the network adapter uses.","type":"text","hidden":true,"required":false,"index":false},{"name":"dhcp_enabled","description":"If TRUE, the dynamic host configuration protocol (DHCP) server automatically assigns an IP address to the computer system when establishing a network connection.","type":"integer","hidden":true,"required":false,"index":false},{"name":"dhcp_lease_expires","description":"Expiration date and time for a leased IP address that was assigned to the computer by the dynamic host configuration protocol (DHCP) server.","type":"text","hidden":true,"required":false,"index":false},{"name":"dhcp_lease_obtained","description":"Date and time the lease was obtained for the IP address assigned to the computer by the dynamic host configuration protocol (DHCP) server.","type":"text","hidden":true,"required":false,"index":false},{"name":"dhcp_server","description":"IP address of the dynamic host configuration protocol (DHCP) server.","type":"text","hidden":true,"required":false,"index":false},{"name":"dns_domain","description":"Organization name followed by a period and an extension that indicates the type of organization, such as 'microsoft.com'.","type":"text","hidden":true,"required":false,"index":false},{"name":"dns_domain_suffix_search_order","description":"Array of DNS domain suffixes to be appended to the end of host names during name resolution.","type":"text","hidden":true,"required":false,"index":false},{"name":"dns_host_name","description":"Host name used to identify the local computer for authentication by some utilities.","type":"text","hidden":true,"required":false,"index":false},{"name":"dns_server_search_order","description":"Array of server IP addresses to be used in querying for DNS servers.","type":"text","hidden":true,"required":false,"index":false}]},{"name":"interface_ipv6","description":"IPv6 configuration and stats of network interfaces.","platforms":["darwin","linux"],"columns":[{"name":"interface","description":"Interface name","type":"text","hidden":false,"required":false,"index":false},{"name":"hop_limit","description":"Current Hop Limit","type":"integer","hidden":false,"required":false,"index":false},{"name":"forwarding_enabled","description":"Enable IP forwarding","type":"integer","hidden":false,"required":false,"index":false},{"name":"redirect_accept","description":"Accept ICMP redirect messages","type":"integer","hidden":false,"required":false,"index":false},{"name":"rtadv_accept","description":"Accept ICMP Router Advertisement","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"iokit_devicetree","description":"The IOKit registry matching the DeviceTree plane.","platforms":["darwin"],"columns":[{"name":"name","description":"Device node name","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"Best matching device class (most-specific category)","type":"text","hidden":false,"required":false,"index":false},{"name":"id","description":"IOKit internal registry ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent device registry ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"device_path","description":"Device tree path","type":"text","hidden":false,"required":false,"index":false},{"name":"service","description":"1 if the device conforms to IOService else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"busy_state","description":"1 if the device is in a busy state else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"retain_count","description":"The device reference count","type":"integer","hidden":false,"required":false,"index":false},{"name":"depth","description":"Device nested depth","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"iokit_registry","description":"The full IOKit registry without selecting a plane.","platforms":["darwin"],"columns":[{"name":"name","description":"Default name of the node","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"Best matching device class (most-specific category)","type":"text","hidden":false,"required":false,"index":false},{"name":"id","description":"IOKit internal registry ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent registry ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"busy_state","description":"1 if the node is in a busy state else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"retain_count","description":"The node reference count","type":"integer","hidden":false,"required":false,"index":false},{"name":"depth","description":"Node nested depth","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"iptables","description":"Linux IP packet filtering and NAT tool.","platforms":["linux"],"columns":[{"name":"filter_name","description":"Packet matching filter table name.","type":"text","hidden":false,"required":false,"index":false},{"name":"chain","description":"Size of module content.","type":"text","hidden":false,"required":false,"index":false},{"name":"policy","description":"Policy that applies for this rule.","type":"text","hidden":false,"required":false,"index":false},{"name":"target","description":"Target that applies for this rule.","type":"text","hidden":false,"required":false,"index":false},{"name":"protocol","description":"Protocol number identification.","type":"integer","hidden":false,"required":false,"index":false},{"name":"src_port","description":"Protocol source port(s).","type":"text","hidden":false,"required":false,"index":false},{"name":"dst_port","description":"Protocol destination port(s).","type":"text","hidden":false,"required":false,"index":false},{"name":"src_ip","description":"Source IP address.","type":"text","hidden":false,"required":false,"index":false},{"name":"src_mask","description":"Source IP address mask.","type":"text","hidden":false,"required":false,"index":false},{"name":"iniface","description":"Input interface for the rule.","type":"text","hidden":false,"required":false,"index":false},{"name":"iniface_mask","description":"Input interface mask for the rule.","type":"text","hidden":false,"required":false,"index":false},{"name":"dst_ip","description":"Destination IP address.","type":"text","hidden":false,"required":false,"index":false},{"name":"dst_mask","description":"Destination IP address mask.","type":"text","hidden":false,"required":false,"index":false},{"name":"outiface","description":"Output interface for the rule.","type":"text","hidden":false,"required":false,"index":false},{"name":"outiface_mask","description":"Output interface mask for the rule.","type":"text","hidden":false,"required":false,"index":false},{"name":"match","description":"Matching rule that applies.","type":"text","hidden":false,"required":false,"index":false},{"name":"packets","description":"Number of matching packets for this rule.","type":"integer","hidden":false,"required":false,"index":false},{"name":"bytes","description":"Number of matching bytes for this rule.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"kernel_extensions","description":"OS X's kernel extensions, both loaded and within the load search path.","platforms":["darwin"],"columns":[{"name":"idx","description":"Extension load tag or index","type":"integer","hidden":false,"required":false,"index":false},{"name":"refs","description":"Reference count","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Bytes of wired memory used by extension","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Extension label","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Extension version","type":"text","hidden":false,"required":false,"index":false},{"name":"linked_against","description":"Indexes of extensions this extension is linked against","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Optional path to extension bundle","type":"text","hidden":false,"required":false,"index":false}]},{"name":"kernel_info","description":"Basic active kernel information.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"version","description":"Kernel version","type":"text","hidden":false,"required":false,"index":false},{"name":"arguments","description":"Kernel arguments","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Kernel path","type":"text","hidden":false,"required":false,"index":false},{"name":"device","description":"Kernel device identifier","type":"text","hidden":false,"required":false,"index":false}]},{"name":"kernel_modules","description":"Linux kernel modules both loaded and within the load search path.","platforms":["linux"],"columns":[{"name":"name","description":"Module name","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of module content","type":"bigint","hidden":false,"required":false,"index":false},{"name":"used_by","description":"Module reverse dependencies","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Kernel module status","type":"text","hidden":false,"required":false,"index":false},{"name":"address","description":"Kernel module address","type":"text","hidden":false,"required":false,"index":false}]},{"name":"kernel_panics","description":"System kernel panic logs.","platforms":["darwin"],"columns":[{"name":"path","description":"Location of log file","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Formatted time of the event","type":"text","hidden":false,"required":false,"index":false},{"name":"registers","description":"A space delimited line of register:value pairs","type":"text","hidden":false,"required":false,"index":false},{"name":"frame_backtrace","description":"Backtrace of the crashed module","type":"text","hidden":false,"required":false,"index":false},{"name":"module_backtrace","description":"Modules appearing in the crashed module's backtrace","type":"text","hidden":false,"required":false,"index":false},{"name":"dependencies","description":"Module dependencies existing in crashed module's backtrace","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Process name corresponding to crashed thread","type":"text","hidden":false,"required":false,"index":false},{"name":"os_version","description":"Version of the operating system","type":"text","hidden":false,"required":false,"index":false},{"name":"kernel_version","description":"Version of the system kernel","type":"text","hidden":false,"required":false,"index":false},{"name":"system_model","description":"Physical system model, for example 'MacBookPro12,1 (Mac-E43C1C25D4880AD6)'","type":"text","hidden":false,"required":false,"index":false},{"name":"uptime","description":"System uptime at kernel panic in nanoseconds","type":"bigint","hidden":false,"required":false,"index":false},{"name":"last_loaded","description":"Last loaded module before panic","type":"text","hidden":false,"required":false,"index":false},{"name":"last_unloaded","description":"Last unloaded module before panic","type":"text","hidden":false,"required":false,"index":false}]},{"name":"keychain_acls","description":"Applications that have ACL entries in the keychain.","platforms":["darwin"],"columns":[{"name":"keychain_path","description":"The path of the keychain","type":"text","hidden":false,"required":false,"index":false},{"name":"authorizations","description":"A space delimited set of authorization attributes","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"The path of the authorized application","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"The description included with the ACL entry","type":"text","hidden":false,"required":false,"index":false},{"name":"label","description":"An optional label tag that may be included with the keychain entry","type":"text","hidden":false,"required":false,"index":false}]},{"name":"keychain_items","description":"Generic details about keychain items.","platforms":["darwin"],"columns":[{"name":"label","description":"Generic item name","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Optional item description","type":"text","hidden":false,"required":false,"index":false},{"name":"comment","description":"Optional keychain comment","type":"text","hidden":false,"required":false,"index":false},{"name":"created","description":"Data item was created","type":"text","hidden":false,"required":false,"index":false},{"name":"modified","description":"Date of last modification","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Keychain item type (class)","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to keychain containing item","type":"text","hidden":false,"required":false,"index":false}]},{"name":"known_hosts","description":"A line-delimited known_hosts table.","platforms":["darwin","linux"],"columns":[{"name":"uid","description":"The local user that owns the known_hosts file","type":"bigint","hidden":false,"required":false,"index":false},{"name":"key","description":"parsed authorized keys line","type":"text","hidden":false,"required":false,"index":false},{"name":"key_file","description":"Path to known_hosts file","type":"text","hidden":false,"required":false,"index":false}]},{"name":"kva_speculative_info","description":"Display kernel virtual address and speculative execution information for the system.","platforms":["windows"],"columns":[{"name":"kva_shadow_enabled","description":"Kernel Virtual Address shadowing is enabled.","type":"integer","hidden":false,"required":false,"index":false},{"name":"kva_shadow_user_global","description":"User pages are marked as global.","type":"integer","hidden":false,"required":false,"index":false},{"name":"kva_shadow_pcid","description":"Kernel VA PCID flushing optimization is enabled.","type":"integer","hidden":false,"required":false,"index":false},{"name":"kva_shadow_inv_pcid","description":"Kernel VA INVPCID is enabled.","type":"integer","hidden":false,"required":false,"index":false},{"name":"bp_mitigations","description":"Branch Prediction mitigations are enabled.","type":"integer","hidden":false,"required":false,"index":false},{"name":"bp_system_pol_disabled","description":"Branch Predictions are disabled via system policy.","type":"integer","hidden":false,"required":false,"index":false},{"name":"bp_microcode_disabled","description":"Branch Predictions are disabled due to lack of microcode update.","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_spec_ctrl_supported","description":"SPEC_CTRL MSR supported by CPU Microcode.","type":"integer","hidden":false,"required":false,"index":false},{"name":"ibrs_support_enabled","description":"Windows uses IBRS.","type":"integer","hidden":false,"required":false,"index":false},{"name":"stibp_support_enabled","description":"Windows uses STIBP.","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_pred_cmd_supported","description":"PRED_CMD MSR supported by CPU Microcode.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"last","description":"System logins and logouts.","platforms":["darwin","linux"],"columns":[{"name":"username","description":"Entry username","type":"text","hidden":false,"required":false,"index":false},{"name":"tty","description":"Entry terminal","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Entry type, according to ut_type types (utmp.h)","type":"integer","hidden":false,"required":false,"index":false},{"name":"time","description":"Entry timestamp","type":"integer","hidden":false,"required":false,"index":false},{"name":"host","description":"Entry hostname","type":"text","hidden":false,"required":false,"index":false}]},{"name":"launchd","description":"LaunchAgents and LaunchDaemons from default search paths.","platforms":["darwin"],"columns":[{"name":"path","description":"Path to daemon or agent plist","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"File name of plist (used by launchd)","type":"text","hidden":false,"required":false,"index":false},{"name":"label","description":"Daemon or agent service name","type":"text","hidden":false,"required":false,"index":false},{"name":"program","description":"Path to target program","type":"text","hidden":false,"required":false,"index":false},{"name":"run_at_load","description":"Should the program run on launch load","type":"text","hidden":false,"required":false,"index":false},{"name":"keep_alive","description":"Should the process be restarted if killed","type":"text","hidden":false,"required":false,"index":false},{"name":"on_demand","description":"Deprecated key, replaced by keep_alive","type":"text","hidden":false,"required":false,"index":false},{"name":"disabled","description":"Skip loading this daemon or agent on boot","type":"text","hidden":false,"required":false,"index":false},{"name":"username","description":"Run this daemon or agent as this username","type":"text","hidden":false,"required":false,"index":false},{"name":"groupname","description":"Run this daemon or agent as this group","type":"text","hidden":false,"required":false,"index":false},{"name":"stdout_path","description":"Pipe stdout to a target path","type":"text","hidden":false,"required":false,"index":false},{"name":"stderr_path","description":"Pipe stderr to a target path","type":"text","hidden":false,"required":false,"index":false},{"name":"start_interval","description":"Frequency to run in seconds","type":"text","hidden":false,"required":false,"index":false},{"name":"program_arguments","description":"Command line arguments passed to program","type":"text","hidden":false,"required":false,"index":false},{"name":"watch_paths","description":"Key that launches daemon or agent if path is modified","type":"text","hidden":false,"required":false,"index":false},{"name":"queue_directories","description":"Similar to watch_paths but only with non-empty directories","type":"text","hidden":false,"required":false,"index":false},{"name":"inetd_compatibility","description":"Run this daemon or agent as it was launched from inetd","type":"text","hidden":false,"required":false,"index":false},{"name":"start_on_mount","description":"Run daemon or agent every time a filesystem is mounted","type":"text","hidden":false,"required":false,"index":false},{"name":"root_directory","description":"Key used to specify a directory to chroot to before launch","type":"text","hidden":false,"required":false,"index":false},{"name":"working_directory","description":"Key used to specify a directory to chdir to before launch","type":"text","hidden":false,"required":false,"index":false},{"name":"process_type","description":"Key describes the intended purpose of the job","type":"text","hidden":false,"required":false,"index":false}]},{"name":"launchd_overrides","description":"Override keys, per user, for LaunchDaemons and Agents.","platforms":["darwin"],"columns":[{"name":"label","description":"Daemon or agent service name","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Name of the override key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Overridden value","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID applied to the override, 0 applies to all","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to daemon or agent plist","type":"text","hidden":false,"required":false,"index":false}]},{"name":"listening_ports","description":"Processes with listening (bound) network sockets/ports.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"port","description":"Transport layer port","type":"integer","hidden":false,"required":false,"index":false},{"name":"protocol","description":"Transport protocol (TCP/UDP)","type":"integer","hidden":false,"required":false,"index":false},{"name":"family","description":"Network protocol (IPv4, IPv6)","type":"integer","hidden":false,"required":false,"index":false},{"name":"address","description":"Specific address for bind","type":"text","hidden":false,"required":false,"index":false},{"name":"fd","description":"Socket file descriptor number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"socket","description":"Socket handle or inode number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path for UNIX domain sockets","type":"text","hidden":false,"required":false,"index":false},{"name":"net_namespace","description":"The inode number of the network namespace","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lldp_neighbors","description":"LLDP neighbors of interfaces.","platforms":["linux"],"columns":[{"name":"interface","description":"Interface name","type":"text","hidden":false,"required":false,"index":false},{"name":"rid","description":"Neighbor chassis index","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_id_type","description":"Neighbor chassis ID type","type":"text","hidden":false,"required":false,"index":false},{"name":"chassis_id","description":"Neighbor chassis ID value","type":"text","hidden":false,"required":false,"index":false},{"name":"chassis_sysname","description":"CPU brand string, contains vendor and model","type":"text","hidden":false,"required":false,"index":false},{"name":"chassis_sys_description","description":"Max number of CPU physical cores","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_bridge_capability_available","description":"Chassis bridge capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_bridge_capability_enabled","description":"Is chassis bridge capability enabled.","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_router_capability_available","description":"Chassis router capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_router_capability_enabled","description":"Chassis router capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_repeater_capability_available","description":"Chassis repeater capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_repeater_capability_enabled","description":"Chassis repeater capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_wlan_capability_available","description":"Chassis wlan capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_wlan_capability_enabled","description":"Chassis wlan capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_tel_capability_available","description":"Chassis telephone capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_tel_capability_enabled","description":"Chassis telephone capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_docsis_capability_available","description":"Chassis DOCSIS capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_docsis_capability_enabled","description":"Chassis DOCSIS capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_station_capability_available","description":"Chassis station capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_station_capability_enabled","description":"Chassis station capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_other_capability_available","description":"Chassis other capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_other_capability_enabled","description":"Chassis other capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_mgmt_ips","description":"Comma delimited list of chassis management IPS","type":"text","hidden":false,"required":false,"index":false},{"name":"port_id_type","description":"Port ID type","type":"text","hidden":false,"required":false,"index":false},{"name":"port_id","description":"Port ID value","type":"text","hidden":false,"required":false,"index":false},{"name":"port_description","description":"Port description","type":"text","hidden":false,"required":false,"index":false},{"name":"port_ttl","description":"Age of neighbor port","type":"bigint","hidden":false,"required":false,"index":false},{"name":"port_mfs","description":"Port max frame size","type":"bigint","hidden":false,"required":false,"index":false},{"name":"port_aggregation_id","description":"Port aggregation ID","type":"text","hidden":false,"required":false,"index":false},{"name":"port_autoneg_supported","description":"Auto negotiation supported","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_enabled","description":"Is auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_mau_type","description":"MAU type","type":"text","hidden":false,"required":false,"index":false},{"name":"port_autoneg_10baset_hd_enabled","description":"10Base-T HD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_10baset_fd_enabled","description":"10Base-T FD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_100basetx_hd_enabled","description":"100Base-TX HD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_100basetx_fd_enabled","description":"100Base-TX FD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_100baset2_hd_enabled","description":"100Base-T2 HD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_100baset2_fd_enabled","description":"100Base-T2 FD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_100baset4_hd_enabled","description":"100Base-T4 HD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_100baset4_fd_enabled","description":"100Base-T4 FD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_1000basex_hd_enabled","description":"1000Base-X HD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_1000basex_fd_enabled","description":"1000Base-X FD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_1000baset_hd_enabled","description":"1000Base-T HD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_1000baset_fd_enabled","description":"1000Base-T FD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"power_device_type","description":"Dot3 power device type","type":"text","hidden":false,"required":false,"index":false},{"name":"power_mdi_supported","description":"MDI power supported","type":"integer","hidden":false,"required":false,"index":false},{"name":"power_mdi_enabled","description":"Is MDI power enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"power_paircontrol_enabled","description":"Is power pair control enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"power_pairs","description":"Dot3 power pairs","type":"text","hidden":false,"required":false,"index":false},{"name":"power_class","description":"Power class","type":"text","hidden":false,"required":false,"index":false},{"name":"power_8023at_enabled","description":"Is 802.3at enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"power_8023at_power_type","description":"802.3at power type","type":"text","hidden":false,"required":false,"index":false},{"name":"power_8023at_power_source","description":"802.3at power source","type":"text","hidden":false,"required":false,"index":false},{"name":"power_8023at_power_priority","description":"802.3at power priority","type":"text","hidden":false,"required":false,"index":false},{"name":"power_8023at_power_allocated","description":"802.3at power allocated","type":"text","hidden":false,"required":false,"index":false},{"name":"power_8023at_power_requested","description":"802.3at power requested","type":"text","hidden":false,"required":false,"index":false},{"name":"med_device_type","description":"Chassis MED type","type":"text","hidden":false,"required":false,"index":false},{"name":"med_capability_capabilities","description":"Is MED capabilities enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"med_capability_policy","description":"Is MED policy capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"med_capability_location","description":"Is MED location capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"med_capability_mdi_pse","description":"Is MED MDI PSE capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"med_capability_mdi_pd","description":"Is MED MDI PD capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"med_capability_inventory","description":"Is MED inventory capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"med_policies","description":"Comma delimited list of MED policies","type":"text","hidden":false,"required":false,"index":false},{"name":"vlans","description":"Comma delimited list of vlan ids","type":"text","hidden":false,"required":false,"index":false},{"name":"pvid","description":"Primary VLAN id","type":"text","hidden":false,"required":false,"index":false},{"name":"ppvids_supported","description":"Comma delimited list of supported PPVIDs","type":"text","hidden":false,"required":false,"index":false},{"name":"ppvids_enabled","description":"Comma delimited list of enabled PPVIDs","type":"text","hidden":false,"required":false,"index":false},{"name":"pids","description":"Comma delimited list of PIDs","type":"text","hidden":false,"required":false,"index":false}]},{"name":"load_average","description":"Displays information about the system wide load averages.","platforms":["darwin","linux"],"columns":[{"name":"period","description":"Period over which the average is calculated.","type":"text","hidden":false,"required":false,"index":false},{"name":"average","description":"Load average over the specified period.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"location_services","description":"Reports the status of the Location Services feature of the OS.","platforms":["darwin"],"columns":[{"name":"enabled","description":"1 if Location Services are enabled, else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"logged_in_users","description":"Users with an active shell on the system.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"type","description":"Login type","type":"text","hidden":false,"required":false,"index":false},{"name":"user","description":"User login name","type":"text","hidden":false,"required":false,"index":false},{"name":"tty","description":"Device name","type":"text","hidden":false,"required":false,"index":false},{"name":"host","description":"Remote hostname","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time entry was made","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"sid","description":"The user's unique security identifier","type":"text","hidden":true,"required":false,"index":false},{"name":"registry_hive","description":"HKEY_USERS registry hive","type":"text","hidden":true,"required":false,"index":false}]},{"name":"logical_drives","description":"Details for logical drives on the system. A logical drive generally represents a single partition.","platforms":["windows"],"columns":[{"name":"device_id","description":"The drive id, usually the drive name, e.g., 'C:'.","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Deprecated (always 'Unknown').","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"The canonical description of the drive, e.g. 'Logical Fixed Disk', 'CD-ROM Disk'.","type":"text","hidden":false,"required":false,"index":false},{"name":"free_space","description":"The amount of free space, in bytes, of the drive (-1 on failure).","type":"bigint","hidden":false,"required":false,"index":false},{"name":"size","description":"The total amount of space, in bytes, of the drive (-1 on failure).","type":"bigint","hidden":false,"required":false,"index":false},{"name":"file_system","description":"The file system of the drive.","type":"text","hidden":false,"required":false,"index":false},{"name":"boot_partition","description":"True if Windows booted from this drive.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"logon_sessions","description":"Windows Logon Session.","platforms":["windows"],"columns":[{"name":"logon_id","description":"A locally unique identifier (LUID) that identifies a logon session.","type":"integer","hidden":false,"required":false,"index":false},{"name":"user","description":"The account name of the security principal that owns the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"logon_domain","description":"The name of the domain used to authenticate the owner of the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"authentication_package","description":"The authentication package used to authenticate the owner of the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"logon_type","description":"The logon method.","type":"text","hidden":false,"required":false,"index":false},{"name":"session_id","description":"The Terminal Services session identifier.","type":"integer","hidden":false,"required":false,"index":false},{"name":"logon_sid","description":"The user's security identifier (SID).","type":"text","hidden":false,"required":false,"index":false},{"name":"logon_time","description":"The time the session owner logged on.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"logon_server","description":"The name of the server used to authenticate the owner of the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"dns_domain_name","description":"The DNS name for the owner of the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"upn","description":"The user principal name (UPN) for the owner of the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"logon_script","description":"The script used for logging on.","type":"text","hidden":false,"required":false,"index":false},{"name":"profile_path","description":"The home directory for the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"home_directory","description":"The home directory for the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"home_directory_drive","description":"The drive location of the home directory of the logon session.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_certificates","description":"LXD certificates information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Name of the certificate","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of the certificate","type":"text","hidden":false,"required":false,"index":false},{"name":"fingerprint","description":"SHA256 hash of the certificate","type":"text","hidden":false,"required":false,"index":false},{"name":"certificate","description":"Certificate content","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_cluster","description":"LXD cluster information.","platforms":["darwin","linux"],"columns":[{"name":"server_name","description":"Name of the LXD server node","type":"text","hidden":false,"required":false,"index":false},{"name":"enabled","description":"Whether clustering enabled (1) or not (0) on this node","type":"integer","hidden":false,"required":false,"index":false},{"name":"member_config_entity","description":"Type of configuration parameter for this node","type":"text","hidden":false,"required":false,"index":false},{"name":"member_config_name","description":"Name of configuration parameter","type":"text","hidden":false,"required":false,"index":false},{"name":"member_config_key","description":"Config key","type":"text","hidden":false,"required":false,"index":false},{"name":"member_config_value","description":"Config value","type":"text","hidden":false,"required":false,"index":false},{"name":"member_config_description","description":"Config description","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_cluster_members","description":"LXD cluster members information.","platforms":["darwin","linux"],"columns":[{"name":"server_name","description":"Name of the LXD server node","type":"text","hidden":false,"required":false,"index":false},{"name":"url","description":"URL of the node","type":"text","hidden":false,"required":false,"index":false},{"name":"database","description":"Whether the server is a database node (1) or not (0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"status","description":"Status of the node (Online/Offline)","type":"text","hidden":false,"required":false,"index":false},{"name":"message","description":"Message from the node (Online/Offline)","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_images","description":"LXD images information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Image ID","type":"text","hidden":false,"required":false,"index":false},{"name":"architecture","description":"Target architecture for the image","type":"text","hidden":false,"required":false,"index":false},{"name":"os","description":"OS on which image is based","type":"text","hidden":false,"required":false,"index":false},{"name":"release","description":"OS release version on which the image is based","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Image description","type":"text","hidden":false,"required":false,"index":false},{"name":"aliases","description":"Comma-separated list of image aliases","type":"text","hidden":false,"required":false,"index":false},{"name":"filename","description":"Filename of the image file","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of image in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"auto_update","description":"Whether the image auto-updates (1) or not (0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"cached","description":"Whether image is cached (1) or not (0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"public","description":"Whether image is public (1) or not (0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"created_at","description":"ISO time of image creation","type":"text","hidden":false,"required":false,"index":false},{"name":"expires_at","description":"ISO time of image expiration","type":"text","hidden":false,"required":false,"index":false},{"name":"uploaded_at","description":"ISO time of image upload","type":"text","hidden":false,"required":false,"index":false},{"name":"last_used_at","description":"ISO time for the most recent use of this image in terms of container spawn","type":"text","hidden":false,"required":false,"index":false},{"name":"update_source_server","description":"Server for image update","type":"text","hidden":false,"required":false,"index":false},{"name":"update_source_protocol","description":"Protocol used for image information update and image import from source server","type":"text","hidden":false,"required":false,"index":false},{"name":"update_source_certificate","description":"Certificate for update source server","type":"text","hidden":false,"required":false,"index":false},{"name":"update_source_alias","description":"Alias of image at update source server","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_instance_config","description":"LXD instance configuration information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Instance name","type":"text","hidden":false,"required":true,"index":false},{"name":"key","description":"Configuration parameter name","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Configuration parameter value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_instance_devices","description":"LXD instance devices information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Instance name","type":"text","hidden":false,"required":true,"index":false},{"name":"device","description":"Name of the device","type":"text","hidden":false,"required":false,"index":false},{"name":"device_type","description":"Device type","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Device info param name","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Device info param value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_instances","description":"LXD instances information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Instance name","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Instance state (running, stopped, etc.)","type":"text","hidden":false,"required":false,"index":false},{"name":"stateful","description":"Whether the instance is stateful(1) or not(0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"ephemeral","description":"Whether the instance is ephemeral(1) or not(0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"created_at","description":"ISO time of creation","type":"text","hidden":false,"required":false,"index":false},{"name":"base_image","description":"ID of image used to launch this instance","type":"text","hidden":false,"required":false,"index":false},{"name":"architecture","description":"Instance architecture","type":"text","hidden":false,"required":false,"index":false},{"name":"os","description":"The OS of this instance","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Instance description","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Instance's process ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"processes","description":"Number of processes running inside this instance","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"lxd_networks","description":"LXD network information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Name of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of network","type":"text","hidden":false,"required":false,"index":false},{"name":"managed","description":"1 if network created by LXD, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv4_address","description":"IPv4 address","type":"text","hidden":false,"required":false,"index":false},{"name":"ipv6_address","description":"IPv6 address","type":"text","hidden":false,"required":false,"index":false},{"name":"used_by","description":"URLs for containers using this network","type":"text","hidden":false,"required":false,"index":false},{"name":"bytes_received","description":"Number of bytes received on this network","type":"bigint","hidden":false,"required":false,"index":false},{"name":"bytes_sent","description":"Number of bytes sent on this network","type":"bigint","hidden":false,"required":false,"index":false},{"name":"packets_received","description":"Number of packets received on this network","type":"bigint","hidden":false,"required":false,"index":false},{"name":"packets_sent","description":"Number of packets sent on this network","type":"bigint","hidden":false,"required":false,"index":false},{"name":"hwaddr","description":"Hardware address for this network","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"Network status","type":"text","hidden":false,"required":false,"index":false},{"name":"mtu","description":"MTU size","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"lxd_storage_pools","description":"LXD storage pool information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Name of the storage pool","type":"text","hidden":false,"required":false,"index":false},{"name":"driver","description":"Storage driver","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Storage pool source","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of the storage pool","type":"text","hidden":false,"required":false,"index":false},{"name":"space_used","description":"Storage space used in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"space_total","description":"Total available storage space in bytes for this storage pool","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inodes_used","description":"Number of inodes used","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inodes_total","description":"Total number of inodes available in this storage pool","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"magic","description":"Magic number recognition library table.","platforms":["darwin","linux"],"columns":[{"name":"path","description":"Absolute path to target file","type":"text","hidden":false,"required":true,"index":false},{"name":"magic_db_files","description":"Colon(:) separated list of files where the magic db file can be found. By default one of the following is used: /usr/share/file/magic/magic, /usr/share/misc/magic or /usr/share/misc/magic.mgc","type":"text","hidden":false,"required":false,"index":false},{"name":"data","description":"Magic number data from libmagic","type":"text","hidden":false,"required":false,"index":false},{"name":"mime_type","description":"MIME type data from libmagic","type":"text","hidden":false,"required":false,"index":false},{"name":"mime_encoding","description":"MIME encoding data from libmagic","type":"text","hidden":false,"required":false,"index":false}]},{"name":"managed_policies","description":"The managed configuration policies from AD, MDM, MCX, etc.","platforms":["darwin"],"columns":[{"name":"domain","description":"System or manager-chosen domain key","type":"text","hidden":false,"required":false,"index":false},{"name":"uuid","description":"Optional UUID assigned to policy set","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Policy key name","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Policy value","type":"text","hidden":false,"required":false,"index":false},{"name":"username","description":"Policy applies only this user","type":"text","hidden":false,"required":false,"index":false},{"name":"manual","description":"1 if policy was loaded manually, otherwise 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"md_devices","description":"Software RAID array settings.","platforms":["linux"],"columns":[{"name":"device_name","description":"md device name","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Current state of the array","type":"text","hidden":false,"required":false,"index":false},{"name":"raid_level","description":"Current raid level of the array","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"size of the array in blocks","type":"bigint","hidden":false,"required":false,"index":false},{"name":"chunk_size","description":"chunk size in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"raid_disks","description":"Number of configured RAID disks in array","type":"integer","hidden":false,"required":false,"index":false},{"name":"nr_raid_disks","description":"Number of partitions or disk devices to comprise the array","type":"integer","hidden":false,"required":false,"index":false},{"name":"working_disks","description":"Number of working disks in array","type":"integer","hidden":false,"required":false,"index":false},{"name":"active_disks","description":"Number of active disks in array","type":"integer","hidden":false,"required":false,"index":false},{"name":"failed_disks","description":"Number of failed disks in array","type":"integer","hidden":false,"required":false,"index":false},{"name":"spare_disks","description":"Number of idle disks in array","type":"integer","hidden":false,"required":false,"index":false},{"name":"superblock_state","description":"State of the superblock","type":"text","hidden":false,"required":false,"index":false},{"name":"superblock_version","description":"Version of the superblock","type":"text","hidden":false,"required":false,"index":false},{"name":"superblock_update_time","description":"Unix timestamp of last update","type":"bigint","hidden":false,"required":false,"index":false},{"name":"bitmap_on_mem","description":"Pages allocated in in-memory bitmap, if enabled","type":"text","hidden":false,"required":false,"index":false},{"name":"bitmap_chunk_size","description":"Bitmap chunk size","type":"text","hidden":false,"required":false,"index":false},{"name":"bitmap_external_file","description":"External referenced bitmap file","type":"text","hidden":false,"required":false,"index":false},{"name":"recovery_progress","description":"Progress of the recovery activity","type":"text","hidden":false,"required":false,"index":false},{"name":"recovery_finish","description":"Estimated duration of recovery activity","type":"text","hidden":false,"required":false,"index":false},{"name":"recovery_speed","description":"Speed of recovery activity","type":"text","hidden":false,"required":false,"index":false},{"name":"resync_progress","description":"Progress of the resync activity","type":"text","hidden":false,"required":false,"index":false},{"name":"resync_finish","description":"Estimated duration of resync activity","type":"text","hidden":false,"required":false,"index":false},{"name":"resync_speed","description":"Speed of resync activity","type":"text","hidden":false,"required":false,"index":false},{"name":"reshape_progress","description":"Progress of the reshape activity","type":"text","hidden":false,"required":false,"index":false},{"name":"reshape_finish","description":"Estimated duration of reshape activity","type":"text","hidden":false,"required":false,"index":false},{"name":"reshape_speed","description":"Speed of reshape activity","type":"text","hidden":false,"required":false,"index":false},{"name":"check_array_progress","description":"Progress of the check array activity","type":"text","hidden":false,"required":false,"index":false},{"name":"check_array_finish","description":"Estimated duration of the check array activity","type":"text","hidden":false,"required":false,"index":false},{"name":"check_array_speed","description":"Speed of the check array activity","type":"text","hidden":false,"required":false,"index":false},{"name":"unused_devices","description":"Unused devices","type":"text","hidden":false,"required":false,"index":false},{"name":"other","description":"Other information associated with array from /proc/mdstat","type":"text","hidden":false,"required":false,"index":false}]},{"name":"md_drives","description":"Drive devices used for Software RAID.","platforms":["linux"],"columns":[{"name":"md_device_name","description":"md device name","type":"text","hidden":false,"required":false,"index":false},{"name":"drive_name","description":"Drive device name","type":"text","hidden":false,"required":false,"index":false},{"name":"slot","description":"Slot position of disk","type":"integer","hidden":false,"required":false,"index":false},{"name":"state","description":"State of the drive","type":"text","hidden":false,"required":false,"index":false}]},{"name":"md_personalities","description":"Software RAID setting supported by the kernel.","platforms":["linux"],"columns":[{"name":"name","description":"Name of personality supported by kernel","type":"text","hidden":false,"required":false,"index":false}]},{"name":"mdfind","description":"Run searches against the spotlight database.","platforms":["darwin"],"columns":[{"name":"path","description":"Path of the file returned from spotlight","type":"text","hidden":false,"required":false,"index":false},{"name":"query","description":"The query that was run to find the file","type":"text","hidden":false,"required":true,"index":false}]},{"name":"mdls","description":"Query file metadata in the Spotlight database.","platforms":["darwin"],"columns":[{"name":"path","description":"Path of the file","type":"text","hidden":false,"required":true,"index":false},{"name":"key","description":"Name of the metadata key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Value stored in the metadata key","type":"text","hidden":false,"required":false,"index":false},{"name":"valuetype","description":"CoreFoundation type of data stored in value","type":"text","hidden":true,"required":false,"index":false}]},{"name":"memory_array_mapped_addresses","description":"Data associated for address mapping of physical memory arrays.","platforms":["darwin","linux"],"columns":[{"name":"handle","description":"Handle, or instance number, associated with the structure","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_array_handle","description":"Handle of the memory array associated with this structure","type":"text","hidden":false,"required":false,"index":false},{"name":"starting_address","description":"Physical stating address, in kilobytes, of a range of memory mapped to physical memory array","type":"text","hidden":false,"required":false,"index":false},{"name":"ending_address","description":"Physical ending address of last kilobyte of a range of memory mapped to physical memory array","type":"text","hidden":false,"required":false,"index":false},{"name":"partition_width","description":"Number of memory devices that form a single row of memory for the address partition of this structure","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"memory_arrays","description":"Data associated with collection of memory devices that operate to form a memory address.","platforms":["darwin","linux"],"columns":[{"name":"handle","description":"Handle, or instance number, associated with the array","type":"text","hidden":false,"required":false,"index":false},{"name":"location","description":"Physical location of the memory array","type":"text","hidden":false,"required":false,"index":false},{"name":"use","description":"Function for which the array is used","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_error_correction","description":"Primary hardware error correction or detection method supported","type":"text","hidden":false,"required":false,"index":false},{"name":"max_capacity","description":"Maximum capacity of array in gigabytes","type":"integer","hidden":false,"required":false,"index":false},{"name":"memory_error_info_handle","description":"Handle, or instance number, associated with any error that was detected for the array","type":"text","hidden":false,"required":false,"index":false},{"name":"number_memory_devices","description":"Number of memory devices on array","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"memory_device_mapped_addresses","description":"Data associated for address mapping of physical memory devices.","platforms":["darwin","linux"],"columns":[{"name":"handle","description":"Handle, or instance number, associated with the structure","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_device_handle","description":"Handle of the memory device structure associated with this structure","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_array_mapped_address_handle","description":"Handle of the memory array mapped address to which this device range is mapped to","type":"text","hidden":false,"required":false,"index":false},{"name":"starting_address","description":"Physical stating address, in kilobytes, of a range of memory mapped to physical memory array","type":"text","hidden":false,"required":false,"index":false},{"name":"ending_address","description":"Physical ending address of last kilobyte of a range of memory mapped to physical memory array","type":"text","hidden":false,"required":false,"index":false},{"name":"partition_row_position","description":"Identifies the position of the referenced memory device in a row of the address partition","type":"integer","hidden":false,"required":false,"index":false},{"name":"interleave_position","description":"The position of the device in a interleave, i.e. 0 indicates non-interleave, 1 indicates 1st interleave, 2 indicates 2nd interleave, etc.","type":"integer","hidden":false,"required":false,"index":false},{"name":"interleave_data_depth","description":"The max number of consecutive rows from memory device that are accessed in a single interleave transfer; 0 indicates device is non-interleave","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"memory_devices","description":"Physical memory device (type 17) information retrieved from SMBIOS.","platforms":["darwin","linux"],"columns":[{"name":"handle","description":"Handle, or instance number, associated with the structure in SMBIOS","type":"text","hidden":false,"required":false,"index":false},{"name":"array_handle","description":"The memory array that the device is attached to","type":"text","hidden":false,"required":false,"index":false},{"name":"form_factor","description":"Implementation form factor for this memory device","type":"text","hidden":false,"required":false,"index":false},{"name":"total_width","description":"Total width, in bits, of this memory device, including any check or error-correction bits","type":"integer","hidden":false,"required":false,"index":false},{"name":"data_width","description":"Data width, in bits, of this memory device","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of memory device in Megabyte","type":"integer","hidden":false,"required":false,"index":false},{"name":"set","description":"Identifies if memory device is one of a set of devices. A value of 0 indicates no set affiliation.","type":"integer","hidden":false,"required":false,"index":false},{"name":"device_locator","description":"String number of the string that identifies the physically-labeled socket or board position where the memory device is located","type":"text","hidden":false,"required":false,"index":false},{"name":"bank_locator","description":"String number of the string that identifies the physically-labeled bank where the memory device is located","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_type","description":"Type of memory used","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_type_details","description":"Additional details for memory device","type":"text","hidden":false,"required":false,"index":false},{"name":"max_speed","description":"Max speed of memory device in megatransfers per second (MT/s)","type":"integer","hidden":false,"required":false,"index":false},{"name":"configured_clock_speed","description":"Configured speed of memory device in megatransfers per second (MT/s)","type":"integer","hidden":false,"required":false,"index":false},{"name":"manufacturer","description":"Manufacturer ID string","type":"text","hidden":false,"required":false,"index":false},{"name":"serial_number","description":"Serial number of memory device","type":"text","hidden":false,"required":false,"index":false},{"name":"asset_tag","description":"Manufacturer specific asset tag of memory device","type":"text","hidden":false,"required":false,"index":false},{"name":"part_number","description":"Manufacturer specific serial number of memory device","type":"text","hidden":false,"required":false,"index":false},{"name":"min_voltage","description":"Minimum operating voltage of device in millivolts","type":"integer","hidden":false,"required":false,"index":false},{"name":"max_voltage","description":"Maximum operating voltage of device in millivolts","type":"integer","hidden":false,"required":false,"index":false},{"name":"configured_voltage","description":"Configured operating voltage of device in millivolts","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"memory_error_info","description":"Data associated with errors of a physical memory array.","platforms":["darwin","linux"],"columns":[{"name":"handle","description":"Handle, or instance number, associated with the structure","type":"text","hidden":false,"required":false,"index":false},{"name":"error_type","description":"type of error associated with current error status for array or device","type":"text","hidden":false,"required":false,"index":false},{"name":"error_granularity","description":"Granularity to which the error can be resolved","type":"text","hidden":false,"required":false,"index":false},{"name":"error_operation","description":"Memory access operation that caused the error","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor_syndrome","description":"Vendor specific ECC syndrome or CRC data associated with the erroneous access","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_array_error_address","description":"32 bit physical address of the error based on the addressing of the bus to which the memory array is connected","type":"text","hidden":false,"required":false,"index":false},{"name":"device_error_address","description":"32 bit physical address of the error relative to the start of the failing memory address, in bytes","type":"text","hidden":false,"required":false,"index":false},{"name":"error_resolution","description":"Range, in bytes, within which this error can be determined, when an error address is given","type":"text","hidden":false,"required":false,"index":false}]},{"name":"memory_info","description":"Main memory information in bytes.","platforms":["linux"],"columns":[{"name":"memory_total","description":"Total amount of physical RAM, in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"memory_free","description":"The amount of physical RAM, in bytes, left unused by the system","type":"bigint","hidden":false,"required":false,"index":false},{"name":"buffers","description":"The amount of physical RAM, in bytes, used for file buffers","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cached","description":"The amount of physical RAM, in bytes, used as cache memory","type":"bigint","hidden":false,"required":false,"index":false},{"name":"swap_cached","description":"The amount of swap, in bytes, used as cache memory","type":"bigint","hidden":false,"required":false,"index":false},{"name":"active","description":"The total amount of buffer or page cache memory, in bytes, that is in active use","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inactive","description":"The total amount of buffer or page cache memory, in bytes, that are free and available","type":"bigint","hidden":false,"required":false,"index":false},{"name":"swap_total","description":"The total amount of swap available, in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"swap_free","description":"The total amount of swap free, in bytes","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"memory_map","description":"OS memory region map.","platforms":["linux"],"columns":[{"name":"name","description":"Region name","type":"text","hidden":false,"required":false,"index":false},{"name":"start","description":"Start address of memory region","type":"text","hidden":false,"required":false,"index":false},{"name":"end","description":"End address of memory region","type":"text","hidden":false,"required":false,"index":false}]},{"name":"mounts","description":"System mounted devices and filesystems (not process specific).","platforms":["darwin","linux"],"columns":[{"name":"device","description":"Mounted device","type":"text","hidden":false,"required":false,"index":false},{"name":"device_alias","description":"Mounted device alias","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Mounted device path","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Mounted device type","type":"text","hidden":false,"required":false,"index":false},{"name":"blocks_size","description":"Block size in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"blocks","description":"Mounted device used blocks","type":"bigint","hidden":false,"required":false,"index":false},{"name":"blocks_free","description":"Mounted device free blocks","type":"bigint","hidden":false,"required":false,"index":false},{"name":"blocks_available","description":"Mounted device available blocks","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inodes","description":"Mounted device used inodes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inodes_free","description":"Mounted device free inodes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"flags","description":"Mounted device flags","type":"text","hidden":false,"required":false,"index":false}]},{"name":"msr","description":"Various pieces of data stored in the model specific register per processor. NOTE: the msr kernel module must be enabled, and osquery must be run as root.","platforms":["linux"],"columns":[{"name":"processor_number","description":"The processor number as reported in /proc/cpuinfo","type":"bigint","hidden":false,"required":false,"index":false},{"name":"turbo_disabled","description":"Whether the turbo feature is disabled.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"turbo_ratio_limit","description":"The turbo feature ratio limit.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"platform_info","description":"Platform information.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"perf_ctl","description":"Performance setting for the processor.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"perf_status","description":"Performance status for the processor.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"feature_control","description":"Bitfield controlling enabled features.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"rapl_power_limit","description":"Run Time Average Power Limiting power limit.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"rapl_energy_status","description":"Run Time Average Power Limiting energy status.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"rapl_power_units","description":"Run Time Average Power Limiting power units.","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"nfs_shares","description":"NFS shares exported by the host.","platforms":["darwin"],"columns":[{"name":"share","description":"Filesystem path to the share","type":"text","hidden":false,"required":false,"index":false},{"name":"options","description":"Options string set on the export share","type":"text","hidden":false,"required":false,"index":false},{"name":"readonly","description":"1 if the share is exported readonly else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"npm_packages","description":"Lists all npm packages in a directory or globally installed in a system.","platforms":["linux"],"columns":[{"name":"name","description":"Package display name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package supplied version","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Package supplied description","type":"text","hidden":false,"required":false,"index":false},{"name":"author","description":"Package author name","type":"text","hidden":false,"required":false,"index":false},{"name":"license","description":"License for package","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Module's package.json path","type":"text","hidden":false,"required":false,"index":false},{"name":"directory","description":"Node module's directory where this package is located","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false},{"name":"mount_namespace_id","description":"Mount namespace id","type":"text","hidden":true,"required":false,"index":false}]},{"name":"ntdomains","description":"Display basic NT domain information of a Windows machine.","platforms":["windows"],"columns":[{"name":"name","description":"The label by which the object is known.","type":"text","hidden":false,"required":false,"index":false},{"name":"client_site_name","description":"The name of the site where the domain controller is configured.","type":"text","hidden":false,"required":false,"index":false},{"name":"dc_site_name","description":"The name of the site where the domain controller is located.","type":"text","hidden":false,"required":false,"index":false},{"name":"dns_forest_name","description":"The name of the root of the DNS tree.","type":"text","hidden":false,"required":false,"index":false},{"name":"domain_controller_address","description":"The IP Address of the discovered domain controller..","type":"text","hidden":false,"required":false,"index":false},{"name":"domain_controller_name","description":"The name of the discovered domain controller.","type":"text","hidden":false,"required":false,"index":false},{"name":"domain_name","description":"The name of the domain.","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"The current status of the domain object.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ntfs_acl_permissions","description":"Retrieve NTFS ACL permission information for files and directories.","platforms":["windows"],"columns":[{"name":"path","description":"Path to the file or directory.","type":"text","hidden":false,"required":true,"index":false},{"name":"type","description":"Type of access mode for the access control entry.","type":"text","hidden":false,"required":false,"index":false},{"name":"principal","description":"User or group to which the ACE applies.","type":"text","hidden":false,"required":false,"index":false},{"name":"access","description":"Specific permissions that indicate the rights described by the ACE.","type":"text","hidden":false,"required":false,"index":false},{"name":"inherited_from","description":"The inheritance policy of the ACE.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ntfs_journal_events","description":"Track time/action changes to files specified in configuration data.","platforms":["windows"],"columns":[{"name":"action","description":"Change action (Write, Delete, etc)","type":"text","hidden":false,"required":false,"index":false},{"name":"category","description":"The category that the event originated from","type":"text","hidden":false,"required":false,"index":false},{"name":"old_path","description":"Old path (renames only)","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path","type":"text","hidden":false,"required":false,"index":false},{"name":"record_timestamp","description":"Journal record timestamp","type":"text","hidden":false,"required":false,"index":false},{"name":"record_usn","description":"The update sequence number that identifies the journal record","type":"text","hidden":false,"required":false,"index":false},{"name":"node_ref_number","description":"The ordinal that associates a journal record with a filename","type":"text","hidden":false,"required":false,"index":false},{"name":"parent_ref_number","description":"The ordinal that associates a journal record with a filename's parent directory","type":"text","hidden":false,"required":false,"index":false},{"name":"drive_letter","description":"The drive letter identifying the source journal","type":"text","hidden":false,"required":false,"index":false},{"name":"file_attributes","description":"File attributes","type":"text","hidden":false,"required":false,"index":false},{"name":"partial","description":"Set to 1 if either path or old_path only contains the file or folder name","type":"bigint","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of file event","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"nvram","description":"Apple NVRAM variable listing.","platforms":["darwin"],"columns":[{"name":"name","description":"Variable name","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Data type (CFData, CFString, etc)","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Raw variable data","type":"text","hidden":false,"required":false,"index":false}]},{"name":"oem_strings","description":"OEM defined strings retrieved from SMBIOS.","platforms":["darwin","linux"],"columns":[{"name":"handle","description":"Handle, or instance number, associated with the Type 11 structure","type":"text","hidden":false,"required":false,"index":false},{"name":"number","description":"The string index of the structure","type":"integer","hidden":false,"required":false,"index":false},{"name":"value","description":"The value of the OEM string","type":"text","hidden":false,"required":false,"index":false}]},{"name":"office_mru","description":"View recently opened Office documents.","platforms":["windows"],"columns":[{"name":"application","description":"Associated Office application","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Office application version number","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"File path","type":"text","hidden":false,"required":false,"index":false},{"name":"last_opened_time","description":"Most recent opened time file was opened","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sid","description":"User SID","type":"text","hidden":false,"required":false,"index":false}]},{"name":"os_version","description":"A single row containing the operating system name and version.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Distribution or product name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Pretty, suitable for presentation, OS version","type":"text","hidden":false,"required":false,"index":false},{"name":"major","description":"Major release version","type":"integer","hidden":false,"required":false,"index":false},{"name":"minor","description":"Minor release version","type":"integer","hidden":false,"required":false,"index":false},{"name":"patch","description":"Optional patch release","type":"integer","hidden":false,"required":false,"index":false},{"name":"build","description":"Optional build-specific or variant string","type":"text","hidden":false,"required":false,"index":false},{"name":"platform","description":"OS Platform or ID","type":"text","hidden":false,"required":false,"index":false},{"name":"platform_like","description":"Closely related platforms","type":"text","hidden":false,"required":false,"index":false},{"name":"codename","description":"OS version codename","type":"text","hidden":false,"required":false,"index":false},{"name":"arch","description":"OS Architecture","type":"text","hidden":false,"required":false,"index":false},{"name":"install_date","description":"The install date of the OS.","type":"bigint","hidden":true,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false},{"name":"mount_namespace_id","description":"Mount namespace id","type":"text","hidden":true,"required":false,"index":false}]},{"name":"osquery_events","description":"Information about the event publishers and subscribers.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"name","description":"Event publisher or subscriber name","type":"text","hidden":false,"required":false,"index":false},{"name":"publisher","description":"Name of the associated publisher","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Either publisher or subscriber","type":"text","hidden":false,"required":false,"index":false},{"name":"subscriptions","description":"Number of subscriptions the publisher received or subscriber used","type":"integer","hidden":false,"required":false,"index":false},{"name":"events","description":"Number of events emitted or received since osquery started","type":"integer","hidden":false,"required":false,"index":false},{"name":"refreshes","description":"Publisher only: number of runloop restarts","type":"integer","hidden":false,"required":false,"index":false},{"name":"active","description":"1 if the publisher or subscriber is active else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"osquery_extensions","description":"List of active osquery extensions.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"uuid","description":"The transient ID assigned for communication","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Extension's name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Extension's version","type":"text","hidden":false,"required":false,"index":false},{"name":"sdk_version","description":"osquery SDK version used to build the extension","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of the extension's Thrift connection or library path","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"SDK extension type: extension or module","type":"text","hidden":false,"required":false,"index":false}]},{"name":"osquery_flags","description":"Configurable flags that modify osquery's behavior.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"name","description":"Flag name","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Flag type","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Flag description","type":"text","hidden":false,"required":false,"index":false},{"name":"default_value","description":"Flag default value","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Flag value","type":"text","hidden":false,"required":false,"index":false},{"name":"shell_only","description":"Is the flag shell only?","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"osquery_info","description":"Top level information about the running version of osquery.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"pid","description":"Process (or thread/handle) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"uuid","description":"Unique ID provided by the system","type":"text","hidden":false,"required":false,"index":false},{"name":"instance_id","description":"Unique, long-lived ID per instance of osquery","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"osquery toolkit version","type":"text","hidden":false,"required":false,"index":false},{"name":"config_hash","description":"Hash of the working configuration state","type":"text","hidden":false,"required":false,"index":false},{"name":"config_valid","description":"1 if the config was loaded and considered valid, else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"extensions","description":"osquery extensions status","type":"text","hidden":false,"required":false,"index":false},{"name":"build_platform","description":"osquery toolkit build platform","type":"text","hidden":false,"required":false,"index":false},{"name":"build_distro","description":"osquery toolkit platform distribution name (os version)","type":"text","hidden":false,"required":false,"index":false},{"name":"start_time","description":"UNIX time in seconds when the process started","type":"integer","hidden":false,"required":false,"index":false},{"name":"watcher","description":"Process (or thread/handle) ID of optional watcher process","type":"integer","hidden":false,"required":false,"index":false},{"name":"platform_mask","description":"The osquery platform bitmask","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"osquery_packs","description":"Information about the current query packs that are loaded in osquery.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"name","description":"The given name for this query pack","type":"text","hidden":false,"required":false,"index":false},{"name":"platform","description":"Platforms this query is supported on","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Minimum osquery version that this query will run on","type":"text","hidden":false,"required":false,"index":false},{"name":"shard","description":"Shard restriction limit, 1-100, 0 meaning no restriction","type":"integer","hidden":false,"required":false,"index":false},{"name":"discovery_cache_hits","description":"The number of times that the discovery query used cached values since the last time the config was reloaded","type":"integer","hidden":false,"required":false,"index":false},{"name":"discovery_executions","description":"The number of times that the discovery queries have been executed since the last time the config was reloaded","type":"integer","hidden":false,"required":false,"index":false},{"name":"active","description":"Whether this pack is active (the version, platform and discovery queries match) yes=1, no=0.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"osquery_registry","description":"List the osquery registry plugins.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"registry","description":"Name of the osquery registry","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the plugin item","type":"text","hidden":false,"required":false,"index":false},{"name":"owner_uuid","description":"Extension route UUID (0 for core)","type":"integer","hidden":false,"required":false,"index":false},{"name":"internal","description":"1 If the plugin is internal else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"active","description":"1 If this plugin is active else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"osquery_schedule","description":"Information about the current queries that are scheduled in osquery.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"name","description":"The given name for this query","type":"text","hidden":false,"required":false,"index":false},{"name":"query","description":"The exact query to run","type":"text","hidden":false,"required":false,"index":false},{"name":"interval","description":"The interval in seconds to run this query, not an exact interval","type":"integer","hidden":false,"required":false,"index":false},{"name":"executions","description":"Number of times the query was executed","type":"bigint","hidden":false,"required":false,"index":false},{"name":"last_executed","description":"UNIX time stamp in seconds of the last completed execution","type":"bigint","hidden":false,"required":false,"index":false},{"name":"denylisted","description":"1 if the query is denylisted else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"output_size","description":"Total number of bytes generated by the query","type":"bigint","hidden":false,"required":false,"index":false},{"name":"wall_time","description":"Total wall time spent executing","type":"bigint","hidden":false,"required":false,"index":false},{"name":"user_time","description":"Total user time spent executing","type":"bigint","hidden":false,"required":false,"index":false},{"name":"system_time","description":"Total system time spent executing","type":"bigint","hidden":false,"required":false,"index":false},{"name":"average_memory","description":"Average private memory left after executing","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"package_bom","description":"OS X package bill of materials (BOM) file list.","platforms":["darwin"],"columns":[{"name":"filepath","description":"Package file or directory","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"Expected user of file or directory","type":"integer","hidden":false,"required":false,"index":false},{"name":"gid","description":"Expected group of file or directory","type":"integer","hidden":false,"required":false,"index":false},{"name":"mode","description":"Expected permissions","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Expected file size","type":"bigint","hidden":false,"required":false,"index":false},{"name":"modified_time","description":"Timestamp the file was installed","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of package bom","type":"text","hidden":false,"required":true,"index":false}]},{"name":"package_install_history","description":"OS X package install history.","platforms":["darwin"],"columns":[{"name":"package_id","description":"Label packageIdentifiers","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Label date as UNIX timestamp","type":"integer","hidden":false,"required":false,"index":false},{"name":"name","description":"Package display name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package display version","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Install source: usually the installer process name","type":"text","hidden":false,"required":false,"index":false},{"name":"content_type","description":"Package content_type (optional)","type":"text","hidden":false,"required":false,"index":false}]},{"name":"package_receipts","description":"OS X package receipt details.","platforms":["darwin"],"columns":[{"name":"package_id","description":"Package domain identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"package_filename","description":"Filename of original .pkg file","type":"text","hidden":true,"required":false,"index":false},{"name":"version","description":"Installed package version","type":"text","hidden":false,"required":false,"index":false},{"name":"location","description":"Optional relative install path on volume","type":"text","hidden":false,"required":false,"index":false},{"name":"install_time","description":"Timestamp of install time","type":"double","hidden":false,"required":false,"index":false},{"name":"installer_name","description":"Name of installer process","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of receipt plist","type":"text","hidden":false,"required":false,"index":false}]},{"name":"patches","description":"Lists all the patches applied. Note: This does not include patches applied via MSI or downloaded from Windows Update (e.g. Service Packs).","platforms":["windows"],"columns":[{"name":"csname","description":"The name of the host the patch is installed on.","type":"text","hidden":false,"required":false,"index":false},{"name":"hotfix_id","description":"The KB ID of the patch.","type":"text","hidden":false,"required":false,"index":false},{"name":"caption","description":"Short description of the patch.","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Fuller description of the patch.","type":"text","hidden":false,"required":false,"index":false},{"name":"fix_comments","description":"Additional comments about the patch.","type":"text","hidden":false,"required":false,"index":false},{"name":"installed_by","description":"The system context in which the patch as installed.","type":"text","hidden":false,"required":false,"index":false},{"name":"install_date","description":"Indicates when the patch was installed. Lack of a value does not indicate that the patch was not installed.","type":"text","hidden":false,"required":false,"index":false},{"name":"installed_on","description":"The date when the patch was installed.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"pci_devices","description":"PCI devices active on the host system.","platforms":["darwin","linux"],"columns":[{"name":"pci_slot","description":"PCI Device used slot","type":"text","hidden":false,"required":false,"index":false},{"name":"pci_class","description":"PCI Device class","type":"text","hidden":false,"required":false,"index":false},{"name":"driver","description":"PCI Device used driver","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor","description":"PCI Device vendor","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor_id","description":"Hex encoded PCI Device vendor identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"PCI Device model","type":"text","hidden":false,"required":false,"index":false},{"name":"model_id","description":"Hex encoded PCI Device model identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"pci_class_id","description":"PCI Device class ID in hex format","type":"text","hidden":false,"required":false,"index":false},{"name":"pci_subclass_id","description":"PCI Device subclass in hex format","type":"text","hidden":false,"required":false,"index":false},{"name":"pci_subclass","description":"PCI Device subclass","type":"text","hidden":false,"required":false,"index":false},{"name":"subsystem_vendor_id","description":"Vendor ID of PCI device subsystem","type":"text","hidden":false,"required":false,"index":false},{"name":"subsystem_vendor","description":"Vendor of PCI device subsystem","type":"text","hidden":false,"required":false,"index":false},{"name":"subsystem_model_id","description":"Model ID of PCI device subsystem","type":"text","hidden":false,"required":false,"index":false},{"name":"subsystem_model","description":"Device description of PCI device subsystem","type":"text","hidden":false,"required":false,"index":false}]},{"name":"physical_disk_performance","description":"Provides provides raw data from performance counters that monitor hard or fixed disk drives on the system.","platforms":["windows"],"columns":[{"name":"name","description":"Name of the physical disk","type":"text","hidden":false,"required":false,"index":false},{"name":"avg_disk_bytes_per_read","description":"Average number of bytes transferred from the disk during read operations","type":"bigint","hidden":false,"required":false,"index":false},{"name":"avg_disk_bytes_per_write","description":"Average number of bytes transferred to the disk during write operations","type":"bigint","hidden":false,"required":false,"index":false},{"name":"avg_disk_read_queue_length","description":"Average number of read requests that were queued for the selected disk during the sample interval","type":"bigint","hidden":false,"required":false,"index":false},{"name":"avg_disk_write_queue_length","description":"Average number of write requests that were queued for the selected disk during the sample interval","type":"bigint","hidden":false,"required":false,"index":false},{"name":"avg_disk_sec_per_read","description":"Average time, in seconds, of a read operation of data from the disk","type":"integer","hidden":false,"required":false,"index":false},{"name":"avg_disk_sec_per_write","description":"Average time, in seconds, of a write operation of data to the disk","type":"integer","hidden":false,"required":false,"index":false},{"name":"current_disk_queue_length","description":"Number of requests outstanding on the disk at the time the performance data is collected","type":"integer","hidden":false,"required":false,"index":false},{"name":"percent_disk_read_time","description":"Percentage of elapsed time that the selected disk drive is busy servicing read requests","type":"bigint","hidden":false,"required":false,"index":false},{"name":"percent_disk_write_time","description":"Percentage of elapsed time that the selected disk drive is busy servicing write requests","type":"bigint","hidden":false,"required":false,"index":false},{"name":"percent_disk_time","description":"Percentage of elapsed time that the selected disk drive is busy servicing read or write requests","type":"bigint","hidden":false,"required":false,"index":false},{"name":"percent_idle_time","description":"Percentage of time during the sample interval that the disk was idle","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"pipes","description":"Named and Anonymous pipes.","platforms":["windows"],"columns":[{"name":"pid","description":"Process ID of the process to which the pipe belongs","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the pipe","type":"text","hidden":false,"required":false,"index":false},{"name":"instances","description":"Number of instances of the named pipe","type":"integer","hidden":false,"required":false,"index":false},{"name":"max_instances","description":"The maximum number of instances creatable for this pipe","type":"integer","hidden":false,"required":false,"index":false},{"name":"flags","description":"The flags indicating whether this pipe connection is a server or client end, and if the pipe for sending messages or bytes","type":"text","hidden":false,"required":false,"index":false}]},{"name":"pkg_packages","description":"pkgng packages that are currently installed on the host system.","platforms":["freebsd"],"columns":[{"name":"name","description":"Package name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package version","type":"text","hidden":false,"required":false,"index":false},{"name":"flatsize","description":"Package size in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"arch","description":"Architecture(s) supported","type":"text","hidden":false,"required":false,"index":false}]},{"name":"platform_info","description":"Information about EFI/UEFI/ROM and platform/boot.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"vendor","description":"Platform code vendor","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Platform code version","type":"text","hidden":false,"required":false,"index":false},{"name":"date","description":"Self-reported platform code update date","type":"text","hidden":false,"required":false,"index":false},{"name":"revision","description":"BIOS major and minor revision","type":"text","hidden":false,"required":false,"index":false},{"name":"address","description":"Relative address of firmware mapping","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size in bytes of firmware","type":"text","hidden":false,"required":false,"index":false},{"name":"volume_size","description":"(Optional) size of firmware volume","type":"integer","hidden":false,"required":false,"index":false},{"name":"extra","description":"Platform-specific additional information","type":"text","hidden":false,"required":false,"index":false}]},{"name":"plist","description":"Read and parse a plist file.","platforms":["darwin"],"columns":[{"name":"key","description":"Preference top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"subkey","description":"Intermediate key path, includes lists/dicts","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"String value of most CF types","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"(required) read preferences from a plist","type":"text","hidden":false,"required":true,"index":false}]},{"name":"portage_keywords","description":"A summary about portage configurations like keywords, mask and unmask.","platforms":["linux"],"columns":[{"name":"package","description":"Package name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"The version which are affected by the use flags, empty means all","type":"text","hidden":false,"required":false,"index":false},{"name":"keyword","description":"The keyword applied to the package","type":"text","hidden":false,"required":false,"index":false},{"name":"mask","description":"If the package is masked","type":"integer","hidden":false,"required":false,"index":false},{"name":"unmask","description":"If the package is unmasked","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"portage_packages","description":"List of currently installed packages.","platforms":["linux"],"columns":[{"name":"package","description":"Package name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"The version which are affected by the use flags, empty means all","type":"text","hidden":false,"required":false,"index":false},{"name":"slot","description":"The slot used by package","type":"text","hidden":false,"required":false,"index":false},{"name":"build_time","description":"Unix time when package was built","type":"bigint","hidden":false,"required":false,"index":false},{"name":"repository","description":"From which repository the ebuild was used","type":"text","hidden":false,"required":false,"index":false},{"name":"eapi","description":"The eapi for the ebuild","type":"bigint","hidden":false,"required":false,"index":false},{"name":"size","description":"The size of the package","type":"bigint","hidden":false,"required":false,"index":false},{"name":"world","description":"If package is in the world file","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"portage_use","description":"List of enabled portage USE values for specific package.","platforms":["linux"],"columns":[{"name":"package","description":"Package name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"The version of the installed package","type":"text","hidden":false,"required":false,"index":false},{"name":"use","description":"USE flag which has been enabled for package","type":"text","hidden":false,"required":false,"index":false}]},{"name":"power_sensors","description":"Machine power (currents, voltages, wattages, etc) sensors.","platforms":["darwin"],"columns":[{"name":"key","description":"The SMC key on OS X","type":"text","hidden":false,"required":false,"index":false},{"name":"category","description":"The sensor category: currents, voltage, wattage","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of power source","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Power in Watts","type":"text","hidden":false,"required":false,"index":false}]},{"name":"powershell_events","description":"Powershell script blocks reconstructed to their full script content, this table requires script block logging to be enabled.","platforms":["windows"],"columns":[{"name":"time","description":"Timestamp the event was received by the osquery event publisher","type":"bigint","hidden":false,"required":false,"index":false},{"name":"datetime","description":"System time at which the Powershell script event occurred","type":"text","hidden":false,"required":false,"index":false},{"name":"script_block_id","description":"The unique GUID of the powershell script to which this block belongs","type":"text","hidden":false,"required":false,"index":false},{"name":"script_block_count","description":"The total number of script blocks for this script","type":"integer","hidden":false,"required":false,"index":false},{"name":"script_text","description":"The text content of the Powershell script","type":"text","hidden":false,"required":false,"index":false},{"name":"script_name","description":"The name of the Powershell script","type":"text","hidden":false,"required":false,"index":false},{"name":"script_path","description":"The path for the Powershell script","type":"text","hidden":false,"required":false,"index":false},{"name":"cosine_similarity","description":"How similar the Powershell script is to a provided 'normal' character frequency","type":"double","hidden":false,"required":false,"index":false}]},{"name":"preferences","description":"OS X defaults and managed preferences.","platforms":["darwin"],"columns":[{"name":"domain","description":"Application ID usually in com.name.product format","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Preference top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"subkey","description":"Intemediate key path, includes lists/dicts","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"String value of most CF types","type":"text","hidden":false,"required":false,"index":false},{"name":"forced","description":"1 if the value is forced/managed, else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"username","description":"(optional) read preferences for a specific user","type":"text","hidden":false,"required":false,"index":false},{"name":"host","description":"'current' or 'any' host, where 'current' takes precedence","type":"text","hidden":false,"required":false,"index":false}]},{"name":"prefetch","description":"Prefetch files show metadata related to file execution.","platforms":["windows"],"columns":[{"name":"path","description":"Prefetch file path.","type":"text","hidden":false,"required":false,"index":false},{"name":"filename","description":"Executable filename.","type":"text","hidden":false,"required":false,"index":false},{"name":"hash","description":"Prefetch CRC hash.","type":"text","hidden":false,"required":false,"index":false},{"name":"last_run_time","description":"Most recent time application was run.","type":"integer","hidden":false,"required":false,"index":false},{"name":"other_run_times","description":"Other execution times in prefetch file.","type":"text","hidden":false,"required":false,"index":false},{"name":"run_count","description":"Number of times the application has been run.","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Application file size.","type":"integer","hidden":false,"required":false,"index":false},{"name":"volume_serial","description":"Volume serial number.","type":"text","hidden":false,"required":false,"index":false},{"name":"volume_creation","description":"Volume creation time.","type":"text","hidden":false,"required":false,"index":false},{"name":"accessed_files_count","description":"Number of files accessed.","type":"integer","hidden":false,"required":false,"index":false},{"name":"accessed_directories_count","description":"Number of directories accessed.","type":"integer","hidden":false,"required":false,"index":false},{"name":"accessed_files","description":"Files accessed by application within ten seconds of launch.","type":"text","hidden":false,"required":false,"index":false},{"name":"accessed_directories","description":"Directories accessed by application within ten seconds of launch.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"process_envs","description":"A key/value table of environment variables for each process.","platforms":["darwin","linux"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"key","description":"Environment variable name","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Environment variable value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"process_events","description":"Track time/action process executions.","platforms":["darwin","linux"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of executed file","type":"text","hidden":false,"required":false,"index":false},{"name":"mode","description":"File mode permissions","type":"text","hidden":false,"required":false,"index":false},{"name":"cmdline","description":"Command line arguments (argv)","type":"text","hidden":false,"required":false,"index":false},{"name":"cmdline_size","description":"Actual size (bytes) of command line arguments","type":"bigint","hidden":true,"required":false,"index":false},{"name":"env","description":"Environment variables delimited by spaces","type":"text","hidden":true,"required":false,"index":false},{"name":"env_count","description":"Number of environment variables","type":"bigint","hidden":true,"required":false,"index":false},{"name":"env_size","description":"Actual size (bytes) of environment list","type":"bigint","hidden":true,"required":false,"index":false},{"name":"cwd","description":"The process current working directory","type":"text","hidden":false,"required":false,"index":false},{"name":"auid","description":"Audit User ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"euid","description":"Effective user ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"egid","description":"Effective group ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"owner_uid","description":"File owner user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"owner_gid","description":"File owner group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"atime","description":"File last access in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mtime","description":"File modification in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ctime","description":"File last metadata change in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"btime","description":"File creation in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"overflows","description":"List of structures that overflowed","type":"text","hidden":true,"required":false,"index":false},{"name":"parent","description":"Process parent's PID, or -1 if cannot be determined.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false},{"name":"status","description":"OpenBSM Attribute: Status of the process","type":"bigint","hidden":true,"required":false,"index":false},{"name":"fsuid","description":"Filesystem user ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"suid","description":"Saved user ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"fsgid","description":"Filesystem group ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sgid","description":"Saved group ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"syscall","description":"Syscall name: fork, vfork, clone, execve, execveat","type":"text","hidden":false,"required":false,"index":false}]},{"name":"process_file_events","description":"A File Integrity Monitor implementation using the audit service.","platforms":["linux"],"columns":[{"name":"operation","description":"Operation type","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ppid","description":"Parent process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"executable","description":"The executable path","type":"text","hidden":false,"required":false,"index":false},{"name":"partial","description":"True if this is a partial event (i.e.: this process existed before we started osquery)","type":"text","hidden":false,"required":false,"index":false},{"name":"cwd","description":"The current working directory of the process","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"The path associated with the event","type":"text","hidden":false,"required":false,"index":false},{"name":"dest_path","description":"The canonical path associated with the event","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"The uid of the process performing the action","type":"text","hidden":false,"required":false,"index":false},{"name":"gid","description":"The gid of the process performing the action","type":"text","hidden":false,"required":false,"index":false},{"name":"auid","description":"Audit user ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"euid","description":"Effective user ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"egid","description":"Effective group ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"fsuid","description":"Filesystem user ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"fsgid","description":"Filesystem group ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"suid","description":"Saved user ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"sgid","description":"Saved group ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"process_memory_map","description":"Process memory mapped files and pseudo device/regions.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"start","description":"Virtual start address (hex)","type":"text","hidden":false,"required":false,"index":false},{"name":"end","description":"Virtual end address (hex)","type":"text","hidden":false,"required":false,"index":false},{"name":"permissions","description":"r=read, w=write, x=execute, p=private (cow)","type":"text","hidden":false,"required":false,"index":false},{"name":"offset","description":"Offset into mapped path","type":"bigint","hidden":false,"required":false,"index":false},{"name":"device","description":"MA:MI Major/minor device ID","type":"text","hidden":false,"required":false,"index":false},{"name":"inode","description":"Mapped path inode, 0 means uninitialized (BSS)","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to mapped file or mapped type","type":"text","hidden":false,"required":false,"index":false},{"name":"pseudo","description":"1 If path is a pseudo path, else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"process_namespaces","description":"Linux namespaces for processes running on the host system.","platforms":["linux"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"cgroup_namespace","description":"cgroup namespace inode","type":"text","hidden":false,"required":false,"index":false},{"name":"ipc_namespace","description":"ipc namespace inode","type":"text","hidden":false,"required":false,"index":false},{"name":"mnt_namespace","description":"mnt namespace inode","type":"text","hidden":false,"required":false,"index":false},{"name":"net_namespace","description":"net namespace inode","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_namespace","description":"pid namespace inode","type":"text","hidden":false,"required":false,"index":false},{"name":"user_namespace","description":"user namespace inode","type":"text","hidden":false,"required":false,"index":false},{"name":"uts_namespace","description":"uts namespace inode","type":"text","hidden":false,"required":false,"index":false}]},{"name":"process_open_files","description":"File descriptors for each process.","platforms":["darwin","linux"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"fd","description":"Process-specific file descriptor number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Filesystem path of descriptor","type":"text","hidden":false,"required":false,"index":false}]},{"name":"process_open_pipes","description":"Pipes and partner processes for each process.","platforms":["darwin","linux"],"columns":[{"name":"pid","description":"Process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"fd","description":"File descriptor","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mode","description":"Pipe open mode (r/w)","type":"text","hidden":false,"required":false,"index":false},{"name":"inode","description":"Pipe inode number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"type","description":"Pipe Type: named vs unnamed/anonymous","type":"text","hidden":false,"required":false,"index":false},{"name":"partner_pid","description":"Process ID of partner process sharing a particular pipe","type":"bigint","hidden":false,"required":false,"index":false},{"name":"partner_fd","description":"File descriptor of shared pipe at partner's end","type":"bigint","hidden":false,"required":false,"index":false},{"name":"partner_mode","description":"Mode of shared pipe at partner's end","type":"text","hidden":false,"required":false,"index":false}]},{"name":"process_open_sockets","description":"Processes which have open network sockets on the system.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"fd","description":"Socket file descriptor number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"socket","description":"Socket handle or inode number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"family","description":"Network protocol (IPv4, IPv6)","type":"integer","hidden":false,"required":false,"index":false},{"name":"protocol","description":"Transport protocol (TCP/UDP)","type":"integer","hidden":false,"required":false,"index":false},{"name":"local_address","description":"Socket local address","type":"text","hidden":false,"required":false,"index":false},{"name":"remote_address","description":"Socket remote address","type":"text","hidden":false,"required":false,"index":false},{"name":"local_port","description":"Socket local port","type":"integer","hidden":false,"required":false,"index":false},{"name":"remote_port","description":"Socket remote port","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"For UNIX sockets (family=AF_UNIX), the domain path","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"TCP socket state","type":"text","hidden":false,"required":false,"index":false},{"name":"net_namespace","description":"The inode number of the network namespace","type":"text","hidden":false,"required":false,"index":false}]},{"name":"processes","description":"All running processes on the host system.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"The process path or shorthand argv[0]","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to executed binary","type":"text","hidden":false,"required":false,"index":false},{"name":"cmdline","description":"Complete argv","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"Process state","type":"text","hidden":false,"required":false,"index":false},{"name":"cwd","description":"Process current working directory","type":"text","hidden":false,"required":false,"index":false},{"name":"root","description":"Process virtual root directory","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"Unsigned user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Unsigned group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"euid","description":"Unsigned effective user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"egid","description":"Unsigned effective group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"suid","description":"Unsigned saved user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sgid","description":"Unsigned saved group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"on_disk","description":"The process path exists yes=1, no=0, unknown=-1","type":"integer","hidden":false,"required":false,"index":false},{"name":"wired_size","description":"Bytes of unpageable memory used by process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"resident_size","description":"Bytes of private memory used by process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"total_size","description":"Total virtual memory size","type":"bigint","hidden":false,"required":false,"index":false},{"name":"user_time","description":"CPU time in milliseconds spent in user space","type":"bigint","hidden":false,"required":false,"index":false},{"name":"system_time","description":"CPU time in milliseconds spent in kernel space","type":"bigint","hidden":false,"required":false,"index":false},{"name":"disk_bytes_read","description":"Bytes read from disk","type":"bigint","hidden":false,"required":false,"index":false},{"name":"disk_bytes_written","description":"Bytes written to disk","type":"bigint","hidden":false,"required":false,"index":false},{"name":"start_time","description":"Process start time in seconds since Epoch, in case of error -1","type":"bigint","hidden":false,"required":false,"index":false},{"name":"parent","description":"Process parent's PID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pgroup","description":"Process group","type":"bigint","hidden":false,"required":false,"index":false},{"name":"threads","description":"Number of threads used by process","type":"integer","hidden":false,"required":false,"index":false},{"name":"nice","description":"Process nice level (-20 to 20, default 0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"elevated_token","description":"Process uses elevated token yes=1, no=0","type":"integer","hidden":true,"required":false,"index":false},{"name":"secure_process","description":"Process is secure (IUM) yes=1, no=0","type":"integer","hidden":true,"required":false,"index":false},{"name":"protection_type","description":"The protection type of the process","type":"text","hidden":true,"required":false,"index":false},{"name":"virtual_process","description":"Process is virtual (e.g. System, Registry, vmmem) yes=1, no=0","type":"integer","hidden":true,"required":false,"index":false},{"name":"elapsed_time","description":"Elapsed time in seconds this process has been running.","type":"bigint","hidden":true,"required":false,"index":false},{"name":"handle_count","description":"Total number of handles that the process has open. This number is the sum of the handles currently opened by each thread in the process.","type":"bigint","hidden":true,"required":false,"index":false},{"name":"percent_processor_time","description":"Returns elapsed time that all of the threads of this process used the processor to execute instructions in 100 nanoseconds ticks.","type":"bigint","hidden":true,"required":false,"index":false},{"name":"upid","description":"A 64bit pid that is never reused. Returns -1 if we couldn't gather them from the system.","type":"bigint","hidden":true,"required":false,"index":false},{"name":"uppid","description":"The 64bit parent pid that is never reused. Returns -1 if we couldn't gather them from the system.","type":"bigint","hidden":true,"required":false,"index":false},{"name":"cpu_type","description":"Indicates the specific processor designed for installation.","type":"integer","hidden":true,"required":false,"index":false},{"name":"cpu_subtype","description":"Indicates the specific processor on which an entry may be used.","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"programs","description":"Represents products as they are installed by Windows Installer. A product generally correlates to one installation package on Windows. Some fields may be blank as Windows installation details are left to the discretion of the product author.","platforms":["windows"],"columns":[{"name":"name","description":"Commonly used product name.","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Product version information.","type":"text","hidden":false,"required":false,"index":false},{"name":"install_location","description":"The installation location directory of the product.","type":"text","hidden":false,"required":false,"index":false},{"name":"install_source","description":"The installation source of the product.","type":"text","hidden":false,"required":false,"index":false},{"name":"language","description":"The language of the product.","type":"text","hidden":false,"required":false,"index":false},{"name":"publisher","description":"Name of the product supplier.","type":"text","hidden":false,"required":false,"index":false},{"name":"uninstall_string","description":"Path and filename of the uninstaller.","type":"text","hidden":false,"required":false,"index":false},{"name":"install_date","description":"Date that this product was installed on the system. ","type":"text","hidden":false,"required":false,"index":false},{"name":"identifying_number","description":"Product identification such as a serial number on software, or a die number on a hardware chip.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"prometheus_metrics","description":"Retrieve metrics from a Prometheus server.","platforms":["darwin","linux"],"columns":[{"name":"target_name","description":"Address of prometheus target","type":"text","hidden":false,"required":false,"index":false},{"name":"metric_name","description":"Name of collected Prometheus metric","type":"text","hidden":false,"required":false,"index":false},{"name":"metric_value","description":"Value of collected Prometheus metric","type":"double","hidden":false,"required":false,"index":false},{"name":"timestamp_ms","description":"Unix timestamp of collected data in MS","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"python_packages","description":"Python packages installed in a system.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Package display name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package-supplied version","type":"text","hidden":false,"required":false,"index":false},{"name":"summary","description":"Package-supplied summary","type":"text","hidden":false,"required":false,"index":false},{"name":"author","description":"Optional package author","type":"text","hidden":false,"required":false,"index":false},{"name":"license","description":"License under which package is launched","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path at which this module resides","type":"text","hidden":false,"required":false,"index":false},{"name":"directory","description":"Directory where Python modules are located","type":"text","hidden":false,"required":false,"index":false}]},{"name":"quicklook_cache","description":"Files and thumbnails within OS X's Quicklook Cache.","platforms":["darwin"],"columns":[{"name":"path","description":"Path of file","type":"text","hidden":false,"required":false,"index":false},{"name":"rowid","description":"Quicklook file rowid key","type":"integer","hidden":false,"required":false,"index":false},{"name":"fs_id","description":"Quicklook file fs_id key","type":"text","hidden":false,"required":false,"index":false},{"name":"volume_id","description":"Parsed volume ID from fs_id","type":"integer","hidden":false,"required":false,"index":false},{"name":"inode","description":"Parsed file ID (inode) from fs_id","type":"integer","hidden":false,"required":false,"index":false},{"name":"mtime","description":"Parsed version date field","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Parsed version size field","type":"bigint","hidden":false,"required":false,"index":false},{"name":"label","description":"Parsed version 'gen' field","type":"text","hidden":false,"required":false,"index":false},{"name":"last_hit_date","description":"Apple date format for last thumbnail cache hit","type":"integer","hidden":false,"required":false,"index":false},{"name":"hit_count","description":"Number of cache hits on thumbnail","type":"text","hidden":false,"required":false,"index":false},{"name":"icon_mode","description":"Thumbnail icon mode","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cache_path","description":"Path to cache data","type":"text","hidden":false,"required":false,"index":false}]},{"name":"registry","description":"All of the Windows registry hives.","platforms":["windows"],"columns":[{"name":"key","description":"Name of the key to search for","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Full path to the value","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the registry value entry","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of the registry value, or 'subkey' if item is a subkey","type":"text","hidden":false,"required":false,"index":false},{"name":"data","description":"Data content of registry value","type":"text","hidden":false,"required":false,"index":false},{"name":"mtime","description":"timestamp of the most recent registry write","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"routes","description":"The active route table for the host system.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"destination","description":"Destination IP address","type":"text","hidden":false,"required":false,"index":false},{"name":"netmask","description":"Netmask length","type":"integer","hidden":false,"required":false,"index":false},{"name":"gateway","description":"Route gateway","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Route source","type":"text","hidden":false,"required":false,"index":false},{"name":"flags","description":"Flags to describe route","type":"integer","hidden":false,"required":false,"index":false},{"name":"interface","description":"Route local interface","type":"text","hidden":false,"required":false,"index":false},{"name":"mtu","description":"Maximum Transmission Unit for the route","type":"integer","hidden":false,"required":false,"index":false},{"name":"metric","description":"Cost of route. Lowest is preferred","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of route","type":"text","hidden":false,"required":false,"index":false},{"name":"hopcount","description":"Max hops expected","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"rpm_package_files","description":"RPM packages that are currently installed on the host system.","platforms":["linux"],"columns":[{"name":"package","description":"RPM package name","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"File path within the package","type":"text","hidden":false,"required":false,"index":false},{"name":"username","description":"File default username from info DB","type":"text","hidden":false,"required":false,"index":false},{"name":"groupname","description":"File default groupname from info DB","type":"text","hidden":false,"required":false,"index":false},{"name":"mode","description":"File permissions mode from info DB","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Expected file size in bytes from RPM info DB","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sha256","description":"SHA256 file digest from RPM info DB","type":"text","hidden":false,"required":false,"index":false}]},{"name":"rpm_packages","description":"RPM packages that are currently installed on the host system.","platforms":["linux"],"columns":[{"name":"name","description":"RPM package name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package version","type":"text","hidden":false,"required":false,"index":false},{"name":"release","description":"Package release","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Source RPM package name (optional)","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Package size in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sha1","description":"SHA1 hash of the package contents","type":"text","hidden":false,"required":false,"index":false},{"name":"arch","description":"Architecture(s) supported","type":"text","hidden":false,"required":false,"index":false},{"name":"epoch","description":"Package epoch value","type":"integer","hidden":false,"required":false,"index":false},{"name":"install_time","description":"When the package was installed","type":"integer","hidden":false,"required":false,"index":false},{"name":"vendor","description":"Package vendor","type":"text","hidden":false,"required":false,"index":false},{"name":"package_group","description":"Package group","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false},{"name":"mount_namespace_id","description":"Mount namespace id","type":"text","hidden":true,"required":false,"index":false}]},{"name":"running_apps","description":"macOS applications currently running on the host system.","platforms":["darwin"],"columns":[{"name":"pid","description":"The pid of the application","type":"integer","hidden":false,"required":false,"index":false},{"name":"bundle_identifier","description":"The bundle identifier of the application","type":"text","hidden":false,"required":false,"index":false},{"name":"is_active","description":"1 if the application is in focus, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"safari_extensions","description":"Safari browser extension details for all users.","platforms":["darwin"],"columns":[{"name":"uid","description":"The local user that owns the extension","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Extension display name","type":"text","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Extension identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Extension long version","type":"text","hidden":false,"required":false,"index":false},{"name":"sdk","description":"Bundle SDK used to compile extension","type":"text","hidden":false,"required":false,"index":false},{"name":"update_url","description":"Extension-supplied update URI","type":"text","hidden":false,"required":false,"index":false},{"name":"author","description":"Optional extension author","type":"text","hidden":false,"required":false,"index":false},{"name":"developer_id","description":"Optional developer identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Optional extension description text","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to extension XAR bundle","type":"text","hidden":false,"required":false,"index":false}]},{"name":"sandboxes","description":"OS X application sandboxes container details.","platforms":["darwin"],"columns":[{"name":"label","description":"UTI-format bundle or label ID","type":"text","hidden":false,"required":false,"index":false},{"name":"user","description":"Sandbox owner","type":"text","hidden":false,"required":false,"index":false},{"name":"enabled","description":"Application sandboxings enabled on container","type":"integer","hidden":false,"required":false,"index":false},{"name":"build_id","description":"Sandbox-specific identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_path","description":"Application bundle used by the sandbox","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to sandbox container directory","type":"text","hidden":false,"required":false,"index":false}]},{"name":"scheduled_tasks","description":"Lists all of the tasks in the Windows task scheduler.","platforms":["windows"],"columns":[{"name":"name","description":"Name of the scheduled task","type":"text","hidden":false,"required":false,"index":false},{"name":"action","description":"Actions executed by the scheduled task","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to the executable to be run","type":"text","hidden":false,"required":false,"index":false},{"name":"enabled","description":"Whether or not the scheduled task is enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"state","description":"State of the scheduled task","type":"text","hidden":false,"required":false,"index":false},{"name":"hidden","description":"Whether or not the task is visible in the UI","type":"integer","hidden":false,"required":false,"index":false},{"name":"last_run_time","description":"Timestamp the task last ran","type":"bigint","hidden":false,"required":false,"index":false},{"name":"next_run_time","description":"Timestamp the task is scheduled to run next","type":"bigint","hidden":false,"required":false,"index":false},{"name":"last_run_message","description":"Exit status message of the last task run","type":"text","hidden":false,"required":false,"index":false},{"name":"last_run_code","description":"Exit status code of the last task run","type":"text","hidden":false,"required":false,"index":false}]},{"name":"screenlock","description":"macOS screenlock status for the current logged in user context.","platforms":["darwin"],"columns":[{"name":"enabled","description":"1 If a password is required after sleep or the screensaver begins; else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"grace_period","description":"The amount of time in seconds the screen must be asleep or the screensaver on before a password is required on-wake. 0 = immediately; -1 = no password is required on-wake","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"seccomp_events","description":"A virtual table that tracks seccomp events.","platforms":["linux"],"columns":[{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"auid","description":"Audit user ID (loginuid) of the user who started the analyzed process","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID of the user who started the analyzed process","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID of the user who started the analyzed process","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"ses","description":"Session ID of the session from which the analyzed process was invoked","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"comm","description":"Command-line name of the command that was used to invoke the analyzed process","type":"text","hidden":false,"required":false,"index":false},{"name":"exe","description":"The path to the executable that was used to invoke the analyzed process","type":"text","hidden":false,"required":false,"index":false},{"name":"sig","description":"Signal value sent to process by seccomp","type":"bigint","hidden":false,"required":false,"index":false},{"name":"arch","description":"Information about the CPU architecture","type":"text","hidden":false,"required":false,"index":false},{"name":"syscall","description":"Type of the system call","type":"text","hidden":false,"required":false,"index":false},{"name":"compat","description":"Is system call in compatibility mode","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ip","description":"Instruction pointer value","type":"text","hidden":false,"required":false,"index":false},{"name":"code","description":"The seccomp action","type":"text","hidden":false,"required":false,"index":false}]},{"name":"selinux_events","description":"Track SELinux events.","platforms":["linux"],"columns":[{"name":"type","description":"Event type","type":"text","hidden":false,"required":false,"index":false},{"name":"message","description":"Message","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"selinux_settings","description":"Track active SELinux settings.","platforms":["linux"],"columns":[{"name":"scope","description":"Where the key is located inside the SELinuxFS mount point.","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Key or class name.","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Active value.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"services","description":"Lists all installed Windows services and their relevant data.","platforms":["windows"],"columns":[{"name":"name","description":"Service name","type":"text","hidden":false,"required":false,"index":false},{"name":"service_type","description":"Service Type: OWN_PROCESS, SHARE_PROCESS and maybe Interactive (can interact with the desktop)","type":"text","hidden":false,"required":false,"index":false},{"name":"display_name","description":"Service Display name","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Service Current status: STOPPED, START_PENDING, STOP_PENDING, RUNNING, CONTINUE_PENDING, PAUSE_PENDING, PAUSED","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"the Process ID of the service","type":"integer","hidden":false,"required":false,"index":false},{"name":"start_type","description":"Service start type: BOOT_START, SYSTEM_START, AUTO_START, DEMAND_START, DISABLED","type":"text","hidden":false,"required":false,"index":false},{"name":"win32_exit_code","description":"The error code that the service uses to report an error that occurs when it is starting or stopping","type":"integer","hidden":false,"required":false,"index":false},{"name":"service_exit_code","description":"The service-specific error code that the service returns when an error occurs while the service is starting or stopping","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to Service Executable","type":"text","hidden":false,"required":false,"index":false},{"name":"module_path","description":"Path to ServiceDll","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Service Description","type":"text","hidden":false,"required":false,"index":false},{"name":"user_account","description":"The name of the account that the service process will be logged on as when it runs. This name can be of the form Domain\\UserName. If the account belongs to the built-in domain, the name can be of the form .\\UserName.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"shadow","description":"Local system users encrypted passwords and related information. Please note, that you usually need superuser rights to access `/etc/shadow`.","platforms":["linux"],"columns":[{"name":"password_status","description":"Password status","type":"text","hidden":false,"required":false,"index":false},{"name":"hash_alg","description":"Password hashing algorithm","type":"text","hidden":false,"required":false,"index":false},{"name":"last_change","description":"Date of last password change (starting from UNIX epoch date)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"min","description":"Minimal number of days between password changes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"max","description":"Maximum number of days between password changes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"warning","description":"Number of days before password expires to warn user about it","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inactive","description":"Number of days after password expires until account is blocked","type":"bigint","hidden":false,"required":false,"index":false},{"name":"expire","description":"Number of days since UNIX epoch date until account is disabled","type":"bigint","hidden":false,"required":false,"index":false},{"name":"flag","description":"Reserved","type":"bigint","hidden":false,"required":false,"index":false},{"name":"username","description":"Username","type":"text","hidden":false,"required":false,"index":false}]},{"name":"shared_folders","description":"Folders available to others via SMB or AFP.","platforms":["darwin"],"columns":[{"name":"name","description":"The shared name of the folder as it appears to other users","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Absolute path of shared folder on the local system","type":"text","hidden":false,"required":false,"index":false}]},{"name":"shared_memory","description":"OS shared memory regions.","platforms":["linux"],"columns":[{"name":"shmid","description":"Shared memory segment ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"owner_uid","description":"User ID of owning process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"creator_uid","description":"User ID of creator process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID to last use the segment","type":"bigint","hidden":false,"required":false,"index":false},{"name":"creator_pid","description":"Process ID that created the segment","type":"bigint","hidden":false,"required":false,"index":false},{"name":"atime","description":"Attached time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"dtime","description":"Detached time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ctime","description":"Changed time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"permissions","description":"Memory segment permissions","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"attached","description":"Number of attached processes","type":"integer","hidden":false,"required":false,"index":false},{"name":"status","description":"Destination/attach status","type":"text","hidden":false,"required":false,"index":false},{"name":"locked","description":"1 if segment is locked else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"shared_resources","description":"Displays shared resources on a computer system running Windows. This may be a disk drive, printer, interprocess communication, or other sharable device.","platforms":["windows"],"columns":[{"name":"description","description":"A textual description of the object","type":"text","hidden":false,"required":false,"index":false},{"name":"install_date","description":"Indicates when the object was installed. Lack of a value does not indicate that the object is not installed.","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"String that indicates the current status of the object.","type":"text","hidden":false,"required":false,"index":false},{"name":"allow_maximum","description":"Number of concurrent users for this resource has been limited. If True, the value in the MaximumAllowed property is ignored.","type":"integer","hidden":false,"required":false,"index":false},{"name":"maximum_allowed","description":"Limit on the maximum number of users allowed to use this resource concurrently. The value is only valid if the AllowMaximum property is set to FALSE.","type":"integer","hidden":false,"required":false,"index":false},{"name":"name","description":"Alias given to a path set up as a share on a computer system running Windows.","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Local path of the Windows share.","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of resource being shared. Types include: disk drives, print queues, interprocess communications (IPC), and general devices.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"sharing_preferences","description":"OS X Sharing preferences.","platforms":["darwin"],"columns":[{"name":"screen_sharing","description":"1 If screen sharing is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"file_sharing","description":"1 If file sharing is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"printer_sharing","description":"1 If printer sharing is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"remote_login","description":"1 If remote login is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"remote_management","description":"1 If remote management is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"remote_apple_events","description":"1 If remote apple events are enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"internet_sharing","description":"1 If internet sharing is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"bluetooth_sharing","description":"1 If bluetooth sharing is enabled for any user else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"disc_sharing","description":"1 If CD or DVD sharing is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"content_caching","description":"1 If content caching is enabled else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"shell_history","description":"A line-delimited (command) table of per-user .*_history data.","platforms":["darwin","linux"],"columns":[{"name":"uid","description":"Shell history owner","type":"bigint","hidden":false,"required":false,"index":false},{"name":"time","description":"Entry timestamp. It could be absent, default value is 0.","type":"integer","hidden":false,"required":false,"index":false},{"name":"command","description":"Unparsed date/line/command history line","type":"text","hidden":false,"required":false,"index":false},{"name":"history_file","description":"Path to the .*_history for this user","type":"text","hidden":false,"required":false,"index":false}]},{"name":"shellbags","description":"Shows directories accessed via Windows Explorer.","platforms":["windows"],"columns":[{"name":"sid","description":"User SID","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Shellbags source Registry file","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Directory name.","type":"text","hidden":false,"required":false,"index":false},{"name":"modified_time","description":"Directory Modified time.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"created_time","description":"Directory Created time.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"accessed_time","description":"Directory Accessed time.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mft_entry","description":"Directory master file table entry.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mft_sequence","description":"Directory master file table sequence.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"shimcache","description":"Application Compatibility Cache, contains artifacts of execution.","platforms":["windows"],"columns":[{"name":"entry","description":"Execution order.","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"This is the path to the executed file.","type":"text","hidden":false,"required":false,"index":false},{"name":"modified_time","description":"File Modified time.","type":"integer","hidden":false,"required":false,"index":false},{"name":"execution_flag","description":"Boolean Execution flag, 1 for execution, 0 for no execution, -1 for missing (this flag does not exist on Windows 10 and higher).","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"shortcut_files","description":"View data about Windows Shortcut files.","platforms":["windows"],"columns":[{"name":"path","description":"Directory name.","type":"text","hidden":false,"required":true,"index":false},{"name":"target_path","description":"Target file path","type":"text","hidden":false,"required":false,"index":false},{"name":"target_modified","description":"Target Modified time.","type":"integer","hidden":false,"required":false,"index":false},{"name":"target_created","description":"Target Created time.","type":"integer","hidden":false,"required":false,"index":false},{"name":"target_accessed","description":"Target Accessed time.","type":"integer","hidden":false,"required":false,"index":false},{"name":"target_size","description":"Size of target file.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"relative_path","description":"Relative path to target file from lnk file.","type":"text","hidden":false,"required":false,"index":false},{"name":"local_path","description":"Local system path to target file.","type":"text","hidden":false,"required":false,"index":false},{"name":"working_path","description":"Target file directory.","type":"text","hidden":false,"required":false,"index":false},{"name":"icon_path","description":"Lnk file icon location.","type":"text","hidden":false,"required":false,"index":false},{"name":"common_path","description":"Common system path to target file.","type":"text","hidden":false,"required":false,"index":false},{"name":"command_args","description":"Command args passed to lnk file.","type":"text","hidden":false,"required":false,"index":false},{"name":"hostname","description":"Optional hostname of the target file.","type":"text","hidden":false,"required":false,"index":false},{"name":"share_name","description":"Share name of the target file.","type":"text","hidden":false,"required":false,"index":false},{"name":"device_type","description":"Device containing the target file.","type":"text","hidden":false,"required":false,"index":false},{"name":"volume_serial","description":"Volume serial number.","type":"text","hidden":false,"required":false,"index":false},{"name":"mft_entry","description":"Target mft entry.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mft_sequence","description":"Target mft sequence.","type":"integer","hidden":false,"required":false,"index":false},{"name":"description","description":"Lnk file description.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"signature","description":"File (executable, bundle, installer, disk) code signing status.","platforms":["darwin"],"columns":[{"name":"path","description":"Must provide a path or directory","type":"text","hidden":false,"required":true,"index":false},{"name":"hash_resources","description":"Set to 1 to also hash resources, or 0 otherwise. Default is 1","type":"integer","hidden":false,"required":false,"index":false},{"name":"arch","description":"If applicable, the arch of the signed code","type":"text","hidden":false,"required":false,"index":false},{"name":"signed","description":"1 If the file is signed else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"identifier","description":"The signing identifier sealed into the signature","type":"text","hidden":false,"required":false,"index":false},{"name":"cdhash","description":"Hash of the application Code Directory","type":"text","hidden":false,"required":false,"index":false},{"name":"team_identifier","description":"The team signing identifier sealed into the signature","type":"text","hidden":false,"required":false,"index":false},{"name":"authority","description":"Certificate Common Name","type":"text","hidden":false,"required":false,"index":false}]},{"name":"sip_config","description":"Apple's System Integrity Protection (rootless) status.","platforms":["darwin"],"columns":[{"name":"config_flag","description":"The System Integrity Protection config flag","type":"text","hidden":false,"required":false,"index":false},{"name":"enabled","description":"1 if this configuration is enabled, otherwise 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"enabled_nvram","description":"1 if this configuration is enabled, otherwise 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"smart_drive_info","description":"Drive information read by SMART controller utilizing autodetect.","platforms":["darwin","linux"],"columns":[{"name":"device_name","description":"Name of block device","type":"text","hidden":false,"required":false,"index":false},{"name":"disk_id","description":"Physical slot number of device, only exists when hardware storage controller exists","type":"integer","hidden":false,"required":false,"index":false},{"name":"driver_type","description":"The explicit device type used to retrieve the SMART information","type":"text","hidden":false,"required":false,"index":false},{"name":"model_family","description":"Drive model family","type":"text","hidden":false,"required":false,"index":false},{"name":"device_model","description":"Device Model","type":"text","hidden":false,"required":false,"index":false},{"name":"serial_number","description":"Device serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"lu_wwn_device_id","description":"Device Identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"additional_product_id","description":"An additional drive identifier if any","type":"text","hidden":false,"required":false,"index":false},{"name":"firmware_version","description":"Drive firmware version","type":"text","hidden":false,"required":false,"index":false},{"name":"user_capacity","description":"Bytes of drive capacity","type":"text","hidden":false,"required":false,"index":false},{"name":"sector_sizes","description":"Bytes of drive sector sizes","type":"text","hidden":false,"required":false,"index":false},{"name":"rotation_rate","description":"Drive RPM","type":"text","hidden":false,"required":false,"index":false},{"name":"form_factor","description":"Form factor if reported","type":"text","hidden":false,"required":false,"index":false},{"name":"in_smartctl_db","description":"Boolean value for if drive is recognized","type":"integer","hidden":false,"required":false,"index":false},{"name":"ata_version","description":"ATA version of drive","type":"text","hidden":false,"required":false,"index":false},{"name":"transport_type","description":"Drive transport type","type":"text","hidden":false,"required":false,"index":false},{"name":"sata_version","description":"SATA version, if any","type":"text","hidden":false,"required":false,"index":false},{"name":"read_device_identity_failure","description":"Error string for device id read, if any","type":"text","hidden":false,"required":false,"index":false},{"name":"smart_supported","description":"SMART support status","type":"text","hidden":false,"required":false,"index":false},{"name":"smart_enabled","description":"SMART enabled status","type":"text","hidden":false,"required":false,"index":false},{"name":"packet_device_type","description":"Packet device type","type":"text","hidden":false,"required":false,"index":false},{"name":"power_mode","description":"Device power mode","type":"text","hidden":false,"required":false,"index":false},{"name":"warnings","description":"Warning messages from SMART controller","type":"text","hidden":false,"required":false,"index":false}]},{"name":"smbios_tables","description":"BIOS (DMI) structure common details and content.","platforms":["darwin","linux"],"columns":[{"name":"number","description":"Table entry number","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Table entry type","type":"integer","hidden":false,"required":false,"index":false},{"name":"description","description":"Table entry description","type":"text","hidden":false,"required":false,"index":false},{"name":"handle","description":"Table entry handle","type":"integer","hidden":false,"required":false,"index":false},{"name":"header_size","description":"Header size in bytes","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Table entry size in bytes","type":"integer","hidden":false,"required":false,"index":false},{"name":"md5","description":"MD5 hash of table entry","type":"text","hidden":false,"required":false,"index":false}]},{"name":"smc_keys","description":"Apple's system management controller keys.","platforms":["darwin"],"columns":[{"name":"key","description":"4-character key","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"SMC-reported type literal type","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Reported size of data in bytes","type":"integer","hidden":false,"required":false,"index":false},{"name":"value","description":"A type-encoded representation of the key value","type":"text","hidden":false,"required":false,"index":false},{"name":"hidden","description":"1 if this key is normally hidden, otherwise 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"socket_events","description":"Track network socket opens and closes.","platforms":["darwin","linux"],"columns":[{"name":"action","description":"The socket action (bind, listen, close)","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process (or thread) ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of executed file","type":"text","hidden":false,"required":false,"index":false},{"name":"fd","description":"The file description for the process socket","type":"text","hidden":false,"required":false,"index":false},{"name":"auid","description":"Audit User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"success","description":"The socket open attempt status","type":"integer","hidden":false,"required":false,"index":false},{"name":"family","description":"The Internet protocol family ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"protocol","description":"The network protocol ID","type":"integer","hidden":true,"required":false,"index":false},{"name":"local_address","description":"Local address associated with socket","type":"text","hidden":false,"required":false,"index":false},{"name":"remote_address","description":"Remote address associated with socket","type":"text","hidden":false,"required":false,"index":false},{"name":"local_port","description":"Local network protocol port number","type":"integer","hidden":false,"required":false,"index":false},{"name":"remote_port","description":"Remote network protocol port number","type":"integer","hidden":false,"required":false,"index":false},{"name":"socket","description":"The local path (UNIX domain socket only)","type":"text","hidden":true,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"ssh_configs","description":"A table of parsed ssh_configs.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"uid","description":"The local owner of the ssh_config file","type":"bigint","hidden":false,"required":false,"index":false},{"name":"block","description":"The host or match block","type":"text","hidden":false,"required":false,"index":false},{"name":"option","description":"The option and value","type":"text","hidden":false,"required":false,"index":false},{"name":"ssh_config_file","description":"Path to the ssh_config file","type":"text","hidden":false,"required":false,"index":false}]},{"name":"startup_items","description":"Applications and binaries set as user/login startup items.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Name of startup item","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of startup item","type":"text","hidden":false,"required":false,"index":false},{"name":"args","description":"Arguments provided to startup executable","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Startup Item or Login Item","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Directory or plist containing startup item","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Startup status; either enabled or disabled","type":"text","hidden":false,"required":false,"index":false},{"name":"username","description":"The user associated with the startup item","type":"text","hidden":false,"required":false,"index":false}]},{"name":"sudoers","description":"Rules for running commands as other users via sudo.","platforms":["darwin","linux"],"columns":[{"name":"source","description":"Source file containing the given rule","type":"text","hidden":false,"required":false,"index":false},{"name":"header","description":"Symbol for given rule","type":"text","hidden":false,"required":false,"index":false},{"name":"rule_details","description":"Rule definition","type":"text","hidden":false,"required":false,"index":false}]},{"name":"suid_bin","description":"suid binaries in common locations.","platforms":["darwin","linux"],"columns":[{"name":"path","description":"Binary path","type":"text","hidden":false,"required":false,"index":false},{"name":"username","description":"Binary owner username","type":"text","hidden":false,"required":false,"index":false},{"name":"groupname","description":"Binary owner group","type":"text","hidden":false,"required":false,"index":false},{"name":"permissions","description":"Binary permissions","type":"text","hidden":false,"required":false,"index":false}]},{"name":"syslog_events","description":"","platforms":["linux"],"columns":[{"name":"time","description":"Current unix epoch time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"datetime","description":"Time known to syslog","type":"text","hidden":false,"required":false,"index":false},{"name":"host","description":"Hostname configured for syslog","type":"text","hidden":false,"required":false,"index":false},{"name":"severity","description":"Syslog severity","type":"integer","hidden":false,"required":false,"index":false},{"name":"facility","description":"Syslog facility","type":"text","hidden":false,"required":false,"index":false},{"name":"tag","description":"The syslog tag","type":"text","hidden":false,"required":false,"index":false},{"name":"message","description":"The syslog message","type":"text","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"system_controls","description":"sysctl names, values, and settings information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Full sysctl MIB name","type":"text","hidden":false,"required":false,"index":false},{"name":"oid","description":"Control MIB","type":"text","hidden":false,"required":false,"index":false},{"name":"subsystem","description":"Subsystem ID, control type","type":"text","hidden":false,"required":false,"index":false},{"name":"current_value","description":"Value of setting","type":"text","hidden":false,"required":false,"index":false},{"name":"config_value","description":"The MIB value set in /etc/sysctl.conf","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Data type","type":"text","hidden":false,"required":false,"index":false},{"name":"field_name","description":"Specific attribute of opaque type","type":"text","hidden":true,"required":false,"index":false}]},{"name":"system_extensions","description":"macOS (>= 10.15) system extension table.","platforms":["darwin"],"columns":[{"name":"path","description":"Original path of system extension","type":"text","hidden":false,"required":false,"index":false},{"name":"UUID","description":"Extension unique id","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"System extension state","type":"text","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Identifier name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"System extension version","type":"text","hidden":false,"required":false,"index":false},{"name":"category","description":"System extension category","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_path","description":"System extension bundle path","type":"text","hidden":false,"required":false,"index":false},{"name":"team","description":"Signing team ID","type":"text","hidden":false,"required":false,"index":false},{"name":"mdm_managed","description":"1 if managed by MDM system extension payload configuration, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"system_info","description":"System information for identification.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"hostname","description":"Network hostname including domain","type":"text","hidden":false,"required":false,"index":false},{"name":"uuid","description":"Unique ID provided by the system","type":"text","hidden":false,"required":false,"index":false},{"name":"cpu_type","description":"CPU type","type":"text","hidden":false,"required":false,"index":false},{"name":"cpu_subtype","description":"CPU subtype","type":"text","hidden":false,"required":false,"index":false},{"name":"cpu_brand","description":"CPU brand string, contains vendor and model","type":"text","hidden":false,"required":false,"index":false},{"name":"cpu_physical_cores","description":"Number of physical CPU cores in to the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_logical_cores","description":"Number of logical CPU cores available to the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_microcode","description":"Microcode version","type":"text","hidden":false,"required":false,"index":false},{"name":"physical_memory","description":"Total physical memory in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"hardware_vendor","description":"Hardware vendor","type":"text","hidden":false,"required":false,"index":false},{"name":"hardware_model","description":"Hardware model","type":"text","hidden":false,"required":false,"index":false},{"name":"hardware_version","description":"Hardware version","type":"text","hidden":false,"required":false,"index":false},{"name":"hardware_serial","description":"Device serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"board_vendor","description":"Board vendor","type":"text","hidden":false,"required":false,"index":false},{"name":"board_model","description":"Board model","type":"text","hidden":false,"required":false,"index":false},{"name":"board_version","description":"Board version","type":"text","hidden":false,"required":false,"index":false},{"name":"board_serial","description":"Board serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"computer_name","description":"Friendly computer name (optional)","type":"text","hidden":false,"required":false,"index":false},{"name":"local_hostname","description":"Local hostname (optional)","type":"text","hidden":false,"required":false,"index":false}]},{"name":"systemd_units","description":"Track systemd units.","platforms":["linux"],"columns":[{"name":"id","description":"Unique unit identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Unit description","type":"text","hidden":false,"required":false,"index":false},{"name":"load_state","description":"Reflects whether the unit definition was properly loaded","type":"text","hidden":false,"required":false,"index":false},{"name":"active_state","description":"The high-level unit activation state, i.e. generalization of SUB","type":"text","hidden":false,"required":false,"index":false},{"name":"sub_state","description":"The low-level unit activation state, values depend on unit type","type":"text","hidden":false,"required":false,"index":false},{"name":"following","description":"The name of another unit that this unit follows in state","type":"text","hidden":false,"required":false,"index":false},{"name":"object_path","description":"The object path for this unit","type":"text","hidden":false,"required":false,"index":false},{"name":"job_id","description":"Next queued job id","type":"bigint","hidden":false,"required":false,"index":false},{"name":"job_type","description":"Job type","type":"text","hidden":false,"required":false,"index":false},{"name":"job_path","description":"The object path for the job","type":"text","hidden":false,"required":false,"index":false},{"name":"fragment_path","description":"The unit file path this unit was read from, if there is any","type":"text","hidden":false,"required":false,"index":false},{"name":"user","description":"The configured user, if any","type":"text","hidden":false,"required":false,"index":false},{"name":"source_path","description":"Path to the (possibly generated) unit configuration file","type":"text","hidden":false,"required":false,"index":false}]},{"name":"temperature_sensors","description":"Machine's temperature sensors.","platforms":["darwin"],"columns":[{"name":"key","description":"The SMC key on OS X","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of temperature source","type":"text","hidden":false,"required":false,"index":false},{"name":"celsius","description":"Temperature in Celsius","type":"double","hidden":false,"required":false,"index":false},{"name":"fahrenheit","description":"Temperature in Fahrenheit","type":"double","hidden":false,"required":false,"index":false}]},{"name":"time","description":"Track current date and time in the system.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"weekday","description":"Current weekday in the system","type":"text","hidden":false,"required":false,"index":false},{"name":"year","description":"Current year in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"month","description":"Current month in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"day","description":"Current day in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"hour","description":"Current hour in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"minutes","description":"Current minutes in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"seconds","description":"Current seconds in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"timezone","description":"Current timezone in the system","type":"text","hidden":false,"required":false,"index":false},{"name":"local_time","description":"Current local UNIX time in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"local_timezone","description":"Current local timezone in the system","type":"text","hidden":false,"required":false,"index":false},{"name":"unix_time","description":"Current UNIX time in the system, converted to UTC if --utc enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"timestamp","description":"Current timestamp (log format) in the system","type":"text","hidden":false,"required":false,"index":false},{"name":"datetime","description":"Current date and time (ISO format) in the system","type":"text","hidden":false,"required":false,"index":false},{"name":"iso_8601","description":"Current time (ISO format) in the system","type":"text","hidden":false,"required":false,"index":false},{"name":"win_timestamp","description":"Timestamp value in 100 nanosecond units.","type":"bigint","hidden":true,"required":false,"index":false}]},{"name":"time_machine_backups","description":"Backups to drives using TimeMachine.","platforms":["darwin"],"columns":[{"name":"destination_id","description":"Time Machine destination ID","type":"text","hidden":false,"required":false,"index":false},{"name":"backup_date","description":"Backup Date","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"time_machine_destinations","description":"Locations backed up to using Time Machine.","platforms":["darwin"],"columns":[{"name":"alias","description":"Human readable name of drive","type":"text","hidden":false,"required":false,"index":false},{"name":"destination_id","description":"Time Machine destination ID","type":"text","hidden":false,"required":false,"index":false},{"name":"consistency_scan_date","description":"Consistency scan date","type":"integer","hidden":false,"required":false,"index":false},{"name":"root_volume_uuid","description":"Root UUID of backup volume","type":"text","hidden":false,"required":false,"index":false},{"name":"bytes_available","description":"Bytes available on volume","type":"integer","hidden":false,"required":false,"index":false},{"name":"bytes_used","description":"Bytes used on volume","type":"integer","hidden":false,"required":false,"index":false},{"name":"encryption","description":"Last known encrypted state","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ulimit_info","description":"System resource usage limits.","platforms":["darwin","linux"],"columns":[{"name":"type","description":"System resource to be limited","type":"text","hidden":false,"required":false,"index":false},{"name":"soft_limit","description":"Current limit value","type":"text","hidden":false,"required":false,"index":false},{"name":"hard_limit","description":"Maximum limit value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"uptime","description":"Track time passed since last boot.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"days","description":"Days of uptime","type":"integer","hidden":false,"required":false,"index":false},{"name":"hours","description":"Hours of uptime","type":"integer","hidden":false,"required":false,"index":false},{"name":"minutes","description":"Minutes of uptime","type":"integer","hidden":false,"required":false,"index":false},{"name":"seconds","description":"Seconds of uptime","type":"integer","hidden":false,"required":false,"index":false},{"name":"total_seconds","description":"Total uptime seconds","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"usb_devices","description":"USB devices that are actively plugged into the host system.","platforms":["darwin","linux"],"columns":[{"name":"usb_address","description":"USB Device used address","type":"integer","hidden":false,"required":false,"index":false},{"name":"usb_port","description":"USB Device used port","type":"integer","hidden":false,"required":false,"index":false},{"name":"vendor","description":"USB Device vendor string","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor_id","description":"Hex encoded USB Device vendor identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"USB Device version number","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"USB Device model string","type":"text","hidden":false,"required":false,"index":false},{"name":"model_id","description":"Hex encoded USB Device model identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"serial","description":"USB Device serial connection","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"USB Device class","type":"text","hidden":false,"required":false,"index":false},{"name":"subclass","description":"USB Device subclass","type":"text","hidden":false,"required":false,"index":false},{"name":"protocol","description":"USB Device protocol","type":"text","hidden":false,"required":false,"index":false},{"name":"removable","description":"1 If USB device is removable else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"user_events","description":"Track user events from the audit framework.","platforms":["darwin","linux"],"columns":[{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"auid","description":"Audit User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process (or thread) ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"message","description":"Message from the event","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"The file description for the process socket","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Supplied path from event","type":"text","hidden":false,"required":false,"index":false},{"name":"address","description":"The Internet protocol address or family ID","type":"text","hidden":false,"required":false,"index":false},{"name":"terminal","description":"The network protocol ID","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"user_groups","description":"Local system user group relationships.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"user_interaction_events","description":"Track user interaction events from macOS' event tapping framework.","platforms":["darwin"],"columns":[{"name":"time","description":"Time","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"user_ssh_keys","description":"Returns the private keys in the users ~/.ssh directory and whether or not they are encrypted.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"uid","description":"The local user that owns the key file","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to key file","type":"text","hidden":false,"required":false,"index":false},{"name":"encrypted","description":"1 if key is encrypted, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"userassist","description":"UserAssist Registry Key tracks when a user executes an application from Windows Explorer.","platforms":["windows"],"columns":[{"name":"path","description":"Application file path.","type":"text","hidden":false,"required":false,"index":false},{"name":"last_execution_time","description":"Most recent time application was executed.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"count","description":"Number of times the application has been executed.","type":"integer","hidden":false,"required":false,"index":false},{"name":"sid","description":"User SID.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"users","description":"Local user accounts (including domain accounts that have logged on locally (Windows)).","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID (unsigned)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid_signed","description":"User ID as int64 signed (Apple)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid_signed","description":"Default group ID as int64 signed (Apple)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"username","description":"Username","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Optional user description","type":"text","hidden":false,"required":false,"index":false},{"name":"directory","description":"User's home directory","type":"text","hidden":false,"required":false,"index":false},{"name":"shell","description":"User's configured default shell","type":"text","hidden":false,"required":false,"index":false},{"name":"uuid","description":"User's UUID (Apple) or SID (Windows)","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Whether the account is roaming (domain), local, or a system profile","type":"text","hidden":true,"required":false,"index":false},{"name":"is_hidden","description":"IsHidden attribute set in OpenDirectory","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"video_info","description":"Retrieve video card information of the machine.","platforms":["windows"],"columns":[{"name":"color_depth","description":"The amount of bits per pixel to represent color.","type":"integer","hidden":false,"required":false,"index":false},{"name":"driver","description":"The driver of the device.","type":"text","hidden":false,"required":false,"index":false},{"name":"driver_date","description":"The date listed on the installed driver.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"driver_version","description":"The version of the installed driver.","type":"text","hidden":false,"required":false,"index":false},{"name":"manufacturer","description":"The manufacturer of the gpu.","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"The model of the gpu.","type":"text","hidden":false,"required":false,"index":false},{"name":"series","description":"The series of the gpu.","type":"text","hidden":false,"required":false,"index":false},{"name":"video_mode","description":"The current resolution of the display.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"virtual_memory_info","description":"Darwin Virtual Memory statistics.","platforms":["darwin"],"columns":[{"name":"free","description":"Total number of free pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"active","description":"Total number of active pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inactive","description":"Total number of inactive pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"speculative","description":"Total number of speculative pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"throttled","description":"Total number of throttled pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"wired","description":"Total number of wired down pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"purgeable","description":"Total number of purgeable pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"faults","description":"Total number of calls to vm_faults.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"copy","description":"Total number of copy-on-write pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"zero_fill","description":"Total number of zero filled pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"reactivated","description":"Total number of reactivated pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"purged","description":"Total number of purged pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"file_backed","description":"Total number of file backed pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"anonymous","description":"Total number of anonymous pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uncompressed","description":"Total number of uncompressed pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"compressor","description":"The number of pages used to store compressed VM pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"decompressed","description":"The total number of pages that have been decompressed by the VM compressor.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"compressed","description":"The total number of pages that have been compressed by the VM compressor.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"page_ins","description":"The total number of requests for pages from a pager.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"page_outs","description":"Total number of pages paged out.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"swap_ins","description":"The total number of compressed pages that have been swapped out to disk.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"swap_outs","description":"The total number of compressed pages that have been swapped back in from disk.","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"wifi_networks","description":"OS X known/remembered Wi-Fi networks list.","platforms":["darwin"],"columns":[{"name":"ssid","description":"SSID octets of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"network_name","description":"Name of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"security_type","description":"Type of security on this network","type":"text","hidden":false,"required":false,"index":false},{"name":"last_connected","description":"Last time this netword was connected to as a unix_time","type":"integer","hidden":false,"required":false,"index":false},{"name":"passpoint","description":"1 if Passpoint is supported, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"possibly_hidden","description":"1 if network is possibly a hidden network, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"roaming","description":"1 if roaming is supported, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"roaming_profile","description":"Describe the roaming profile, usually one of Single, Dual or Multi","type":"text","hidden":false,"required":false,"index":false},{"name":"captive_portal","description":"1 if this network has a captive portal, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"auto_login","description":"1 if auto login is enabled, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"temporarily_disabled","description":"1 if this network is temporarily disabled, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"disabled","description":"1 if this network is disabled, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"wifi_status","description":"OS X current WiFi status.","platforms":["darwin"],"columns":[{"name":"interface","description":"Name of the interface","type":"text","hidden":false,"required":false,"index":false},{"name":"ssid","description":"SSID octets of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"bssid","description":"The current basic service set identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"network_name","description":"Name of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"country_code","description":"The country code (ISO/IEC 3166-1:1997) for the network","type":"text","hidden":false,"required":false,"index":false},{"name":"security_type","description":"Type of security on this network","type":"text","hidden":false,"required":false,"index":false},{"name":"rssi","description":"The current received signal strength indication (dbm)","type":"integer","hidden":false,"required":false,"index":false},{"name":"noise","description":"The current noise measurement (dBm)","type":"integer","hidden":false,"required":false,"index":false},{"name":"channel","description":"Channel number","type":"integer","hidden":false,"required":false,"index":false},{"name":"channel_width","description":"Channel width","type":"integer","hidden":false,"required":false,"index":false},{"name":"channel_band","description":"Channel band","type":"integer","hidden":false,"required":false,"index":false},{"name":"transmit_rate","description":"The current transmit rate","type":"text","hidden":false,"required":false,"index":false},{"name":"mode","description":"The current operating mode for the Wi-Fi interface","type":"text","hidden":false,"required":false,"index":false}]},{"name":"wifi_survey","description":"Scan for nearby WiFi networks.","platforms":["darwin"],"columns":[{"name":"interface","description":"Name of the interface","type":"text","hidden":false,"required":false,"index":false},{"name":"ssid","description":"SSID octets of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"bssid","description":"The current basic service set identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"network_name","description":"Name of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"country_code","description":"The country code (ISO/IEC 3166-1:1997) for the network","type":"text","hidden":false,"required":false,"index":false},{"name":"rssi","description":"The current received signal strength indication (dbm)","type":"integer","hidden":false,"required":false,"index":false},{"name":"noise","description":"The current noise measurement (dBm)","type":"integer","hidden":false,"required":false,"index":false},{"name":"channel","description":"Channel number","type":"integer","hidden":false,"required":false,"index":false},{"name":"channel_width","description":"Channel width","type":"integer","hidden":false,"required":false,"index":false},{"name":"channel_band","description":"Channel band","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"winbaseobj","description":"Lists named Windows objects in the default object directories, across all terminal services sessions. Example Windows ojbect types include Mutexes, Events, Jobs and Semaphors.","platforms":["windows"],"columns":[{"name":"session_id","description":"Terminal Services Session Id","type":"integer","hidden":false,"required":false,"index":false},{"name":"object_name","description":"Object Name","type":"text","hidden":false,"required":false,"index":false},{"name":"object_type","description":"Object Type","type":"text","hidden":false,"required":false,"index":false}]},{"name":"windows_crashes","description":"Extracted information from Windows crash logs (Minidumps).","platforms":["windows"],"columns":[{"name":"datetime","description":"Timestamp (log format) of the crash","type":"text","hidden":false,"required":false,"index":false},{"name":"module","description":"Path of the crashed module within the process","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of the executable file for the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID of the crashed process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"tid","description":"Thread ID of the crashed thread","type":"bigint","hidden":false,"required":false,"index":false},{"name":"version","description":"File version info of the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"process_uptime","description":"Uptime of the process in seconds","type":"bigint","hidden":false,"required":false,"index":false},{"name":"stack_trace","description":"Multiple stack frames from the stack trace","type":"text","hidden":false,"required":false,"index":false},{"name":"exception_code","description":"The Windows exception code","type":"text","hidden":false,"required":false,"index":false},{"name":"exception_message","description":"The NTSTATUS error message associated with the exception code","type":"text","hidden":false,"required":false,"index":false},{"name":"exception_address","description":"Address (in hex) where the exception occurred","type":"text","hidden":false,"required":false,"index":false},{"name":"registers","description":"The values of the system registers","type":"text","hidden":false,"required":false,"index":false},{"name":"command_line","description":"Command-line string passed to the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"current_directory","description":"Current working directory of the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"username","description":"Username of the user who ran the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"machine_name","description":"Name of the machine where the crash happened","type":"text","hidden":false,"required":false,"index":false},{"name":"major_version","description":"Windows major version of the machine","type":"integer","hidden":false,"required":false,"index":false},{"name":"minor_version","description":"Windows minor version of the machine","type":"integer","hidden":false,"required":false,"index":false},{"name":"build_number","description":"Windows build number of the crashing machine","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of crash log","type":"text","hidden":false,"required":false,"index":false},{"name":"crash_path","description":"Path of the log file","type":"text","hidden":false,"required":false,"index":false}]},{"name":"windows_eventlog","description":"Table for querying all recorded Windows event logs.","platforms":["windows"],"columns":[{"name":"channel","description":"Source or channel of the event","type":"text","hidden":false,"required":true,"index":false},{"name":"datetime","description":"System time at which the event occurred","type":"text","hidden":false,"required":false,"index":false},{"name":"task","description":"Task value associated with the event","type":"integer","hidden":false,"required":false,"index":false},{"name":"level","description":"Severity level associated with the event","type":"integer","hidden":false,"required":false,"index":false},{"name":"provider_name","description":"Provider name of the event","type":"text","hidden":false,"required":false,"index":false},{"name":"provider_guid","description":"Provider guid of the event","type":"text","hidden":false,"required":false,"index":false},{"name":"computer_name","description":"Hostname of system where event was generated","type":"text","hidden":false,"required":false,"index":false},{"name":"eventid","description":"Event ID of the event","type":"integer","hidden":false,"required":false,"index":false},{"name":"keywords","description":"A bitmask of the keywords defined in the event","type":"text","hidden":false,"required":false,"index":false},{"name":"data","description":"Data associated with the event","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID which emitted the event record","type":"integer","hidden":false,"required":false,"index":false},{"name":"tid","description":"Thread ID which emitted the event record","type":"integer","hidden":false,"required":false,"index":false},{"name":"time_range","description":"System time to selectively filter the events","type":"text","hidden":true,"required":false,"index":false},{"name":"timestamp","description":"Timestamp to selectively filter the events","type":"text","hidden":true,"required":false,"index":false},{"name":"xpath","description":"The custom query to filter events","type":"text","hidden":true,"required":true,"index":false}]},{"name":"windows_events","description":"Windows Event logs.","platforms":["windows"],"columns":[{"name":"time","description":"Timestamp the event was received","type":"bigint","hidden":false,"required":false,"index":false},{"name":"datetime","description":"System time at which the event occurred","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Source or channel of the event","type":"text","hidden":false,"required":false,"index":false},{"name":"provider_name","description":"Provider name of the event","type":"text","hidden":false,"required":false,"index":false},{"name":"provider_guid","description":"Provider guid of the event","type":"text","hidden":false,"required":false,"index":false},{"name":"computer_name","description":"Hostname of system where event was generated","type":"text","hidden":false,"required":false,"index":false},{"name":"eventid","description":"Event ID of the event","type":"integer","hidden":false,"required":false,"index":false},{"name":"task","description":"Task value associated with the event","type":"integer","hidden":false,"required":false,"index":false},{"name":"level","description":"The severity level associated with the event","type":"integer","hidden":false,"required":false,"index":false},{"name":"keywords","description":"A bitmask of the keywords defined in the event","type":"text","hidden":false,"required":false,"index":false},{"name":"data","description":"Data associated with the event","type":"text","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"windows_optional_features","description":"Lists names and installation states of windows features. Maps to Win32_OptionalFeature WMI class.","platforms":["windows"],"columns":[{"name":"name","description":"Name of the feature","type":"text","hidden":false,"required":false,"index":false},{"name":"caption","description":"Caption of feature in settings UI","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"Installation state value. 1 == Enabled, 2 == Disabled, 3 == Absent","type":"integer","hidden":false,"required":false,"index":false},{"name":"statename","description":"Installation state name. 'Enabled','Disabled','Absent'","type":"text","hidden":false,"required":false,"index":false}]},{"name":"windows_security_center","description":"The health status of Window Security features. Health values can be \"Good\", \"Poor\". \"Snoozed\", \"Not Monitored\", and \"Error\".","platforms":["windows"],"columns":[{"name":"firewall","description":"The health of the monitored Firewall (see windows_security_products)","type":"text","hidden":false,"required":false,"index":false},{"name":"autoupdate","description":"The health of the Windows Autoupdate feature","type":"text","hidden":false,"required":false,"index":false},{"name":"antivirus","description":"The health of the monitored Antivirus solution (see windows_security_products)","type":"text","hidden":false,"required":false,"index":false},{"name":"antispyware","description":"The health of the monitored Antispyware solution (see windows_security_products)","type":"text","hidden":false,"required":false,"index":false},{"name":"internet_settings","description":"The health of the Internet Settings","type":"text","hidden":false,"required":false,"index":false},{"name":"windows_security_center_service","description":"The health of the Windows Security Center Service","type":"text","hidden":false,"required":false,"index":false},{"name":"user_account_control","description":"The health of the User Account Control (UAC) capability in Windows","type":"text","hidden":false,"required":false,"index":false}]},{"name":"windows_security_products","description":"Enumeration of registered Windows security products.","platforms":["windows"],"columns":[{"name":"type","description":"Type of security product","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of product","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"State of protection","type":"text","hidden":false,"required":false,"index":false},{"name":"state_timestamp","description":"Timestamp for the product state","type":"text","hidden":false,"required":false,"index":false},{"name":"remediation_path","description":"Remediation path","type":"text","hidden":false,"required":false,"index":false},{"name":"signatures_up_to_date","description":"1 if product signatures are up to date, else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"wmi_bios_info","description":"Lists important information from the system bios.","platforms":["windows"],"columns":[{"name":"name","description":"Name of the Bios setting","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Value of the Bios setting","type":"text","hidden":false,"required":false,"index":false}]},{"name":"wmi_cli_event_consumers","description":"WMI CommandLineEventConsumer, which can be used for persistence on Windows. See https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent%20Asynchronous-And-Fileless-Backdoor-wp.pdf for more details.","platforms":["windows"],"columns":[{"name":"name","description":"Unique name of a consumer.","type":"text","hidden":false,"required":false,"index":false},{"name":"command_line_template","description":"Standard string template that specifies the process to be started. This property can be NULL, and the ExecutablePath property is used as the command line.","type":"text","hidden":false,"required":false,"index":false},{"name":"executable_path","description":"Module to execute. The string can specify the full path and file name of the module to execute, or it can specify a partial name. If a partial name is specified, the current drive and current directory are assumed.","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"The name of the class.","type":"text","hidden":false,"required":false,"index":false},{"name":"relative_path","description":"Relative path to the class or instance.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"wmi_event_filters","description":"Lists WMI event filters.","platforms":["windows"],"columns":[{"name":"name","description":"Unique identifier of an event filter.","type":"text","hidden":false,"required":false,"index":false},{"name":"query","description":"Windows Management Instrumentation Query Language (WQL) event query that specifies the set of events for consumer notification, and the specific conditions for notification.","type":"text","hidden":false,"required":false,"index":false},{"name":"query_language","description":"Query language that the query is written in.","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"The name of the class.","type":"text","hidden":false,"required":false,"index":false},{"name":"relative_path","description":"Relative path to the class or instance.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"wmi_filter_consumer_binding","description":"Lists the relationship between event consumers and filters.","platforms":["windows"],"columns":[{"name":"consumer","description":"Reference to an instance of __EventConsumer that represents the object path to a logical consumer, the recipient of an event.","type":"text","hidden":false,"required":false,"index":false},{"name":"filter","description":"Reference to an instance of __EventFilter that represents the object path to an event filter which is a query that specifies the type of event to be received.","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"The name of the class.","type":"text","hidden":false,"required":false,"index":false},{"name":"relative_path","description":"Relative path to the class or instance.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"wmi_script_event_consumers","description":"WMI ActiveScriptEventConsumer, which can be used for persistence on Windows. See https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent%20Asynchronous-And-Fileless-Backdoor-wp.pdf for more details.","platforms":["windows"],"columns":[{"name":"name","description":"Unique identifier for the event consumer. ","type":"text","hidden":false,"required":false,"index":false},{"name":"scripting_engine","description":"Name of the scripting engine to use, for example, 'VBScript'. This property cannot be NULL.","type":"text","hidden":false,"required":false,"index":false},{"name":"script_file_name","description":"Name of the file from which the script text is read, intended as an alternative to specifying the text of the script in the ScriptText property.","type":"text","hidden":false,"required":false,"index":false},{"name":"script_text","description":"Text of the script that is expressed in a language known to the scripting engine. This property must be NULL if the ScriptFileName property is not NULL.","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"The name of the class.","type":"text","hidden":false,"required":false,"index":false},{"name":"relative_path","description":"Relative path to the class or instance.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"xprotect_entries","description":"Database of the machine's XProtect signatures.","platforms":["darwin"],"columns":[{"name":"name","description":"Description of XProtected malware","type":"text","hidden":false,"required":false,"index":false},{"name":"launch_type","description":"Launch services content type","type":"text","hidden":false,"required":false,"index":false},{"name":"identity","description":"XProtect identity (SHA1) of content","type":"text","hidden":false,"required":false,"index":false},{"name":"filename","description":"Use this file name to match","type":"text","hidden":false,"required":false,"index":false},{"name":"filetype","description":"Use this file type to match","type":"text","hidden":false,"required":false,"index":false},{"name":"optional","description":"Match any of the identities/patterns for this XProtect name","type":"integer","hidden":false,"required":false,"index":false},{"name":"uses_pattern","description":"Uses a match pattern instead of identity","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"xprotect_meta","description":"Database of the machine's XProtect browser-related signatures.","platforms":["darwin"],"columns":[{"name":"identifier","description":"Browser plugin or extension identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Either plugin or extension","type":"text","hidden":false,"required":false,"index":false},{"name":"developer_id","description":"Developer identity (SHA1) of extension","type":"text","hidden":false,"required":false,"index":false},{"name":"min_version","description":"The minimum allowed plugin version.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"xprotect_reports","description":"Database of XProtect matches (if user generated/sent an XProtect report).","platforms":["darwin"],"columns":[{"name":"name","description":"Description of XProtected malware","type":"text","hidden":false,"required":false,"index":false},{"name":"user_action","description":"Action taken by user after prompted","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Quarantine alert time","type":"text","hidden":false,"required":false,"index":false}]},{"name":"yara","description":"Track YARA matches for files or PIDs.","platforms":["darwin","linux","windows"],"columns":[{"name":"path","description":"The path scanned","type":"text","hidden":false,"required":true,"index":false},{"name":"matches","description":"List of YARA matches","type":"text","hidden":false,"required":false,"index":false},{"name":"count","description":"Number of YARA matches","type":"integer","hidden":false,"required":false,"index":false},{"name":"sig_group","description":"Signature group used","type":"text","hidden":false,"required":false,"index":false},{"name":"sigfile","description":"Signature file used","type":"text","hidden":false,"required":false,"index":false},{"name":"sigrule","description":"Signature strings used","type":"text","hidden":true,"required":false,"index":false},{"name":"strings","description":"Matching strings","type":"text","hidden":false,"required":false,"index":false},{"name":"tags","description":"Matching tags","type":"text","hidden":false,"required":false,"index":false},{"name":"sigurl","description":"Signature url","type":"text","hidden":true,"required":false,"index":false}]},{"name":"yara_events","description":"Track YARA matches for files specified in configuration data.","platforms":["darwin","linux","windows"],"columns":[{"name":"target_path","description":"The path scanned","type":"text","hidden":false,"required":false,"index":false},{"name":"category","description":"The category of the file","type":"text","hidden":false,"required":false,"index":false},{"name":"action","description":"Change action (UPDATE, REMOVE, etc)","type":"text","hidden":false,"required":false,"index":false},{"name":"transaction_id","description":"ID used during bulk update","type":"bigint","hidden":false,"required":false,"index":false},{"name":"matches","description":"List of YARA matches","type":"text","hidden":false,"required":false,"index":false},{"name":"count","description":"Number of YARA matches","type":"integer","hidden":false,"required":false,"index":false},{"name":"strings","description":"Matching strings","type":"text","hidden":false,"required":false,"index":false},{"name":"tags","description":"Matching tags","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of the scan","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"ycloud_instance_metadata","description":"Yandex.Cloud instance metadata.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"instance_id","description":"Unique identifier for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"folder_id","description":"Folder identifier for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Description of the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"hostname","description":"Hostname of the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"zone","description":"Availability zone of the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"ssh_public_key","description":"SSH public key. Only available if supplied at instance launch time","type":"text","hidden":false,"required":false,"index":false},{"name":"serial_port_enabled","description":"Indicates if serial port is enabled for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"metadata_endpoint","description":"Endpoint used to fetch VM metadata","type":"text","hidden":false,"required":false,"index":false}]},{"name":"yum_sources","description":"Current list of Yum repositories or software channels.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Repository name","type":"text","hidden":false,"required":false,"index":false},{"name":"baseurl","description":"Repository base URL","type":"text","hidden":false,"required":false,"index":false},{"name":"enabled","description":"Whether the repository is used","type":"text","hidden":false,"required":false,"index":false},{"name":"gpgcheck","description":"Whether packages are GPG checked","type":"text","hidden":false,"required":false,"index":false},{"name":"gpgkey","description":"URL to GPG key","type":"text","hidden":false,"required":false,"index":false}]}] \ No newline at end of file diff --git a/x-pack/plugins/osquery/public/common/schemas/osquery/v5.0.1.json b/x-pack/plugins/osquery/public/common/schemas/osquery/v5.0.1.json new file mode 100644 index 000000000000000..e995062462022ec --- /dev/null +++ b/x-pack/plugins/osquery/public/common/schemas/osquery/v5.0.1.json @@ -0,0 +1 @@ +[{"name":"account_policy_data","description":"Additional OS X user account data from the AccountPolicy section of OpenDirectory.","platforms":["darwin"],"columns":[{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"creation_time","description":"When the account was first created","type":"double","hidden":false,"required":false,"index":false},{"name":"failed_login_count","description":"The number of failed login attempts using an incorrect password. Count resets after a correct password is entered.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"failed_login_timestamp","description":"The time of the last failed login attempt. Resets after a correct password is entered","type":"double","hidden":false,"required":false,"index":false},{"name":"password_last_set_time","description":"The time the password was last changed","type":"double","hidden":false,"required":false,"index":false}]},{"name":"acpi_tables","description":"Firmware ACPI functional table common metadata and content.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"ACPI table name","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of compiled table data","type":"integer","hidden":false,"required":false,"index":false},{"name":"md5","description":"MD5 hash of table content","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ad_config","description":"OS X Active Directory configuration.","platforms":["darwin"],"columns":[{"name":"name","description":"The OS X-specific configuration name","type":"text","hidden":false,"required":false,"index":false},{"name":"domain","description":"Active Directory trust domain","type":"text","hidden":false,"required":false,"index":false},{"name":"option","description":"Canonical name of option","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Variable typed option value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"alf","description":"OS X application layer firewall (ALF) service details.","platforms":["darwin"],"columns":[{"name":"allow_signed_enabled","description":"1 If allow signed mode is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"firewall_unload","description":"1 If firewall unloading enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"global_state","description":"1 If the firewall is enabled with exceptions, 2 if the firewall is configured to block all incoming connections, else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"logging_enabled","description":"1 If logging mode is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"logging_option","description":"Firewall logging option","type":"integer","hidden":false,"required":false,"index":false},{"name":"stealth_enabled","description":"1 If stealth mode is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"version","description":"Application Layer Firewall version","type":"text","hidden":false,"required":false,"index":false}]},{"name":"alf_exceptions","description":"OS X application layer firewall (ALF) service exceptions.","platforms":["darwin"],"columns":[{"name":"path","description":"Path to the executable that is excepted","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"Firewall exception state","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"alf_explicit_auths","description":"ALF services explicitly allowed to perform networking.","platforms":["darwin"],"columns":[{"name":"process","description":"Process name explicitly allowed","type":"text","hidden":false,"required":false,"index":false}]},{"name":"app_schemes","description":"OS X application schemes and handlers (e.g., http, file, mailto).","platforms":["darwin"],"columns":[{"name":"scheme","description":"Name of the scheme/protocol","type":"text","hidden":false,"required":false,"index":false},{"name":"handler","description":"Application label for the handler","type":"text","hidden":false,"required":false,"index":false},{"name":"enabled","description":"1 if this handler is the OS default, else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"external","description":"1 if this handler does NOT exist on OS X by default, else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"protected","description":"1 if this handler is protected (reserved) by OS X, else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"apparmor_events","description":"Track AppArmor events.","platforms":["linux"],"columns":[{"name":"type","description":"Event type","type":"text","hidden":false,"required":false,"index":false},{"name":"message","description":"Raw audit message","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false},{"name":"apparmor","description":"Apparmor Status like ALLOWED, DENIED etc.","type":"text","hidden":false,"required":false,"index":false},{"name":"operation","description":"Permission requested by the process","type":"text","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent process PID","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"profile","description":"Apparmor profile name","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Process name","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"comm","description":"Command-line name of the command that was used to invoke the analyzed process","type":"text","hidden":false,"required":false,"index":false},{"name":"denied_mask","description":"Denied permissions for the process","type":"text","hidden":false,"required":false,"index":false},{"name":"capname","description":"Capability requested by the process","type":"text","hidden":false,"required":false,"index":false},{"name":"fsuid","description":"Filesystem user ID","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"ouid","description":"Object owner's user ID","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"capability","description":"Capability number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"requested_mask","description":"Requested access mask","type":"text","hidden":false,"required":false,"index":false},{"name":"info","description":"Additional information","type":"text","hidden":false,"required":false,"index":false},{"name":"error","description":"Error information","type":"text","hidden":false,"required":false,"index":false},{"name":"namespace","description":"AppArmor namespace","type":"text","hidden":false,"required":false,"index":false},{"name":"label","description":"AppArmor label","type":"text","hidden":false,"required":false,"index":false}]},{"name":"apparmor_profiles","description":"Track active AppArmor profiles.","platforms":["linux"],"columns":[{"name":"path","description":"Unique, aa-status compatible, policy identifier.","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Policy name.","type":"text","hidden":false,"required":false,"index":false},{"name":"attach","description":"Which executable(s) a profile will attach to.","type":"text","hidden":false,"required":false,"index":false},{"name":"mode","description":"How the policy is applied.","type":"text","hidden":false,"required":false,"index":false},{"name":"sha1","description":"A unique hash that identifies this policy.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"appcompat_shims","description":"Application Compatibility shims are a way to persist malware. This table presents the AppCompat Shim information from the registry in a nice format. See http://files.brucon.org/2015/Tomczak_and_Ballenthin_Shims_for_the_Win.pdf for more details.","platforms":["windows"],"columns":[{"name":"executable","description":"Name of the executable that is being shimmed. This is pulled from the registry.","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"This is the path to the SDB database.","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Description of the SDB.","type":"text","hidden":false,"required":false,"index":false},{"name":"install_time","description":"Install time of the SDB","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of the SDB database.","type":"text","hidden":false,"required":false,"index":false},{"name":"sdb_id","description":"Unique GUID of the SDB.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"apps","description":"OS X applications installed in known search paths (e.g., /Applications).","platforms":["darwin"],"columns":[{"name":"name","description":"Name of the Name.app folder","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Absolute and full Name.app path","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_executable","description":"Info properties CFBundleExecutable label","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_identifier","description":"Info properties CFBundleIdentifier label","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_name","description":"Info properties CFBundleName label","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_short_version","description":"Info properties CFBundleShortVersionString label","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_version","description":"Info properties CFBundleVersion label","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_package_type","description":"Info properties CFBundlePackageType label","type":"text","hidden":false,"required":false,"index":false},{"name":"environment","description":"Application-set environment variables","type":"text","hidden":false,"required":false,"index":false},{"name":"element","description":"Does the app identify as a background agent","type":"text","hidden":false,"required":false,"index":false},{"name":"compiler","description":"Info properties DTCompiler label","type":"text","hidden":false,"required":false,"index":false},{"name":"development_region","description":"Info properties CFBundleDevelopmentRegion label","type":"text","hidden":false,"required":false,"index":false},{"name":"display_name","description":"Info properties CFBundleDisplayName label","type":"text","hidden":false,"required":false,"index":false},{"name":"info_string","description":"Info properties CFBundleGetInfoString label","type":"text","hidden":false,"required":false,"index":false},{"name":"minimum_system_version","description":"Minimum version of OS X required for the app to run","type":"text","hidden":false,"required":false,"index":false},{"name":"category","description":"The UTI that categorizes the app for the App Store","type":"text","hidden":false,"required":false,"index":false},{"name":"applescript_enabled","description":"Info properties NSAppleScriptEnabled label","type":"text","hidden":false,"required":false,"index":false},{"name":"copyright","description":"Info properties NSHumanReadableCopyright label","type":"text","hidden":false,"required":false,"index":false},{"name":"last_opened_time","description":"The time that the app was last used","type":"double","hidden":false,"required":false,"index":false}]},{"name":"apt_sources","description":"Current list of APT repositories or software channels.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Repository name","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Source file","type":"text","hidden":false,"required":false,"index":false},{"name":"base_uri","description":"Repository base URI","type":"text","hidden":false,"required":false,"index":false},{"name":"release","description":"Release name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Repository source version","type":"text","hidden":false,"required":false,"index":false},{"name":"maintainer","description":"Repository maintainer","type":"text","hidden":false,"required":false,"index":false},{"name":"components","description":"Repository components","type":"text","hidden":false,"required":false,"index":false},{"name":"architectures","description":"Repository architectures","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"arp_cache","description":"Address resolution cache, both static and dynamic (from ARP, NDP).","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"address","description":"IPv4 address target","type":"text","hidden":false,"required":false,"index":false},{"name":"mac","description":"MAC address of broadcasted address","type":"text","hidden":false,"required":false,"index":false},{"name":"interface","description":"Interface of the network for the MAC","type":"text","hidden":false,"required":false,"index":false},{"name":"permanent","description":"1 for true, 0 for false","type":"text","hidden":false,"required":false,"index":false}]},{"name":"asl","description":"Queries the Apple System Log data structure for system events.","platforms":["darwin"],"columns":[{"name":"time","description":"Unix timestamp. Set automatically","type":"integer","hidden":false,"required":false,"index":false},{"name":"time_nano_sec","description":"Nanosecond time.","type":"integer","hidden":false,"required":false,"index":false},{"name":"host","description":"Sender's address (set by the server).","type":"text","hidden":false,"required":false,"index":false},{"name":"sender","description":"Sender's identification string. Default is process name.","type":"text","hidden":false,"required":false,"index":false},{"name":"facility","description":"Sender's facility. Default is 'user'.","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Sending process ID encoded as a string. Set automatically.","type":"integer","hidden":false,"required":false,"index":false},{"name":"gid","description":"GID that sent the log message (set by the server).","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"UID that sent the log message (set by the server).","type":"bigint","hidden":false,"required":false,"index":false},{"name":"level","description":"Log level number. See levels in asl.h.","type":"integer","hidden":false,"required":false,"index":false},{"name":"message","description":"Message text.","type":"text","hidden":false,"required":false,"index":false},{"name":"ref_pid","description":"Reference PID for messages proxied by launchd","type":"integer","hidden":false,"required":false,"index":false},{"name":"ref_proc","description":"Reference process for messages proxied by launchd","type":"text","hidden":false,"required":false,"index":false},{"name":"extra","description":"Extra columns, in JSON format. Queries against this column are performed entirely in SQLite, so do not benefit from efficient querying via asl.h.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"atom_packages","description":"Lists all atom packages in a directory or globally installed in a system.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Package display name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package supplied version","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Package supplied description","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Package's package.json path","type":"text","hidden":false,"required":false,"index":false},{"name":"license","description":"License for package","type":"text","hidden":false,"required":false,"index":false},{"name":"homepage","description":"Package supplied homepage","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"The local user that owns the plugin","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"augeas","description":"Configuration files parsed by augeas.","platforms":["darwin","linux"],"columns":[{"name":"node","description":"The node path of the configuration item","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"The value of the configuration item","type":"text","hidden":false,"required":false,"index":false},{"name":"label","description":"The label of the configuration item","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"The path to the configuration file","type":"text","hidden":false,"required":false,"index":false}]},{"name":"authenticode","description":"File (executable, bundle, installer, disk) code signing status.","platforms":["windows"],"columns":[{"name":"path","description":"Must provide a path or directory","type":"text","hidden":false,"required":true,"index":false},{"name":"original_program_name","description":"The original program name that the publisher has signed","type":"text","hidden":false,"required":false,"index":false},{"name":"serial_number","description":"The certificate serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"issuer_name","description":"The certificate issuer name","type":"text","hidden":false,"required":false,"index":false},{"name":"subject_name","description":"The certificate subject name","type":"text","hidden":false,"required":false,"index":false},{"name":"result","description":"The signature check result","type":"text","hidden":false,"required":false,"index":false}]},{"name":"authorization_mechanisms","description":"OS X Authorization mechanisms database.","platforms":["darwin"],"columns":[{"name":"label","description":"Label of the authorization right","type":"text","hidden":false,"required":false,"index":false},{"name":"plugin","description":"Authorization plugin name","type":"text","hidden":false,"required":false,"index":false},{"name":"mechanism","description":"Name of the mechanism that will be called","type":"text","hidden":false,"required":false,"index":false},{"name":"privileged","description":"If privileged it will run as root, else as an anonymous user","type":"text","hidden":false,"required":false,"index":false},{"name":"entry","description":"The whole string entry","type":"text","hidden":false,"required":false,"index":false}]},{"name":"authorizations","description":"OS X Authorization rights database.","platforms":["darwin"],"columns":[{"name":"label","description":"Item name, usually in reverse domain format","type":"text","hidden":false,"required":false,"index":false},{"name":"modified","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"allow_root","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"timeout","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"tries","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"authenticate_user","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"shared","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"comment","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"created","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"session_owner","description":"Label top-level key","type":"text","hidden":false,"required":false,"index":false}]},{"name":"authorized_keys","description":"A line-delimited authorized_keys table.","platforms":["darwin","linux"],"columns":[{"name":"uid","description":"The local owner of authorized_keys file","type":"bigint","hidden":false,"required":false,"index":false},{"name":"algorithm","description":"algorithm of key","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"parsed authorized keys line","type":"text","hidden":false,"required":false,"index":false},{"name":"key_file","description":"Path to the authorized_keys file","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"autoexec","description":"Aggregate of executables that will automatically execute on the target machine. This is an amalgamation of other tables like services, scheduled_tasks, startup_items and more.","platforms":["windows"],"columns":[{"name":"path","description":"Path to the executable","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the program","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Source table of the autoexec item","type":"text","hidden":false,"required":false,"index":false}]},{"name":"azure_instance_metadata","description":"Azure instance metadata.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"location","description":"Azure Region the VM is running in","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"offer","description":"Offer information for the VM image (Azure image gallery VMs only)","type":"text","hidden":false,"required":false,"index":false},{"name":"publisher","description":"Publisher of the VM image","type":"text","hidden":false,"required":false,"index":false},{"name":"sku","description":"SKU for the VM image","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Version of the VM image","type":"text","hidden":false,"required":false,"index":false},{"name":"os_type","description":"Linux or Windows","type":"text","hidden":false,"required":false,"index":false},{"name":"platform_update_domain","description":"Update domain the VM is running in","type":"text","hidden":false,"required":false,"index":false},{"name":"platform_fault_domain","description":"Fault domain the VM is running in","type":"text","hidden":false,"required":false,"index":false},{"name":"vm_id","description":"Unique identifier for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"vm_size","description":"VM size","type":"text","hidden":false,"required":false,"index":false},{"name":"subscription_id","description":"Azure subscription for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"resource_group_name","description":"Resource group for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"placement_group_id","description":"Placement group for the VM scale set","type":"text","hidden":false,"required":false,"index":false},{"name":"vm_scale_set_name","description":"VM scale set name","type":"text","hidden":false,"required":false,"index":false},{"name":"zone","description":"Availability zone of the VM","type":"text","hidden":false,"required":false,"index":false}]},{"name":"azure_instance_tags","description":"Azure instance tags.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"vm_id","description":"Unique identifier for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"The tag key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"The tag value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"background_activities_moderator","description":"Background Activities Moderator (BAM) tracks application execution.","platforms":["windows"],"columns":[{"name":"path","description":"Application file path.","type":"text","hidden":false,"required":false,"index":false},{"name":"last_execution_time","description":"Most recent time application was executed.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sid","description":"User SID.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"battery","description":"Provides information about the internal battery of a Macbook.","platforms":["darwin"],"columns":[{"name":"manufacturer","description":"The battery manufacturer's name","type":"text","hidden":false,"required":false,"index":false},{"name":"manufacture_date","description":"The date the battery was manufactured UNIX Epoch","type":"integer","hidden":false,"required":false,"index":false},{"name":"model","description":"The battery's model number","type":"text","hidden":false,"required":false,"index":false},{"name":"serial_number","description":"The battery's unique serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"cycle_count","description":"The number of charge/discharge cycles","type":"integer","hidden":false,"required":false,"index":false},{"name":"health","description":"One of the following: \"Good\" describes a well-performing battery, \"Fair\" describes a functional battery with limited capacity, or \"Poor\" describes a battery that's not capable of providing power","type":"text","hidden":false,"required":false,"index":false},{"name":"condition","description":"One of the following: \"Normal\" indicates the condition of the battery is within normal tolerances, \"Service Needed\" indicates that the battery should be checked out by a licensed Mac repair service, \"Permanent Failure\" indicates the battery needs replacement","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"One of the following: \"AC Power\" indicates the battery is connected to an external power source, \"Battery Power\" indicates that the battery is drawing internal power, \"Off Line\" indicates the battery is off-line or no longer connected","type":"text","hidden":false,"required":false,"index":false},{"name":"charging","description":"1 if the battery is currently being charged by a power source. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"charged","description":"1 if the battery is currently completely charged. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"designed_capacity","description":"The battery's designed capacity in mAh","type":"integer","hidden":false,"required":false,"index":false},{"name":"max_capacity","description":"The battery's actual capacity when it is fully charged in mAh","type":"integer","hidden":false,"required":false,"index":false},{"name":"current_capacity","description":"The battery's current charged capacity in mAh","type":"integer","hidden":false,"required":false,"index":false},{"name":"percent_remaining","description":"The percentage of battery remaining before it is drained","type":"integer","hidden":false,"required":false,"index":false},{"name":"amperage","description":"The battery's current amperage in mA","type":"integer","hidden":false,"required":false,"index":false},{"name":"voltage","description":"The battery's current voltage in mV","type":"integer","hidden":false,"required":false,"index":false},{"name":"minutes_until_empty","description":"The number of minutes until the battery is fully depleted. This value is -1 if this time is still being calculated","type":"integer","hidden":false,"required":false,"index":false},{"name":"minutes_to_full_charge","description":"The number of minutes until the battery is fully charged. This value is -1 if this time is still being calculated","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"bitlocker_info","description":"Retrieve bitlocker status of the machine.","platforms":["windows"],"columns":[{"name":"device_id","description":"ID of the encrypted drive.","type":"text","hidden":false,"required":false,"index":false},{"name":"drive_letter","description":"Drive letter of the encrypted drive.","type":"text","hidden":false,"required":false,"index":false},{"name":"persistent_volume_id","description":"Persistent ID of the drive.","type":"text","hidden":false,"required":false,"index":false},{"name":"conversion_status","description":"The bitlocker conversion status of the drive.","type":"integer","hidden":false,"required":false,"index":false},{"name":"protection_status","description":"The bitlocker protection status of the drive.","type":"integer","hidden":false,"required":false,"index":false},{"name":"encryption_method","description":"The encryption type of the device.","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"The FVE metadata version of the drive.","type":"integer","hidden":false,"required":false,"index":false},{"name":"percentage_encrypted","description":"The percentage of the drive that is encrypted.","type":"integer","hidden":false,"required":false,"index":false},{"name":"lock_status","description":"The accessibility status of the drive from Windows.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"block_devices","description":"Block (buffered access) device file nodes: disks, ramdisks, and DMG containers.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Block device name","type":"text","hidden":false,"required":false,"index":false},{"name":"parent","description":"Block device parent name","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor","description":"Block device vendor string","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"Block device model string identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Block device size in blocks","type":"bigint","hidden":false,"required":false,"index":false},{"name":"block_size","description":"Block size in bytes","type":"integer","hidden":false,"required":false,"index":false},{"name":"uuid","description":"Block device Universally Unique Identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Block device type string","type":"text","hidden":false,"required":false,"index":false},{"name":"label","description":"Block device label string","type":"text","hidden":false,"required":false,"index":false}]},{"name":"bpf_process_events","description":"Track time/action process executions.","platforms":["linux"],"columns":[{"name":"tid","description":"Thread ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cid","description":"Cgroup ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"exit_code","description":"Exit code of the system call","type":"text","hidden":false,"required":false,"index":false},{"name":"probe_error","description":"Set to 1 if one or more buffers could not be captured","type":"integer","hidden":false,"required":false,"index":false},{"name":"syscall","description":"System call name","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Binary path","type":"text","hidden":false,"required":false,"index":false},{"name":"cwd","description":"Current working directory","type":"text","hidden":false,"required":false,"index":false},{"name":"cmdline","description":"Command line arguments","type":"text","hidden":false,"required":false,"index":false},{"name":"duration","description":"How much time was spent inside the syscall (nsecs)","type":"integer","hidden":false,"required":false,"index":false},{"name":"json_cmdline","description":"Command line arguments, in JSON format","type":"text","hidden":true,"required":false,"index":false},{"name":"ntime","description":"The nsecs uptime timestamp as obtained from BPF","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":true,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"bpf_socket_events","description":"Track network socket opens and closes.","platforms":["linux"],"columns":[{"name":"tid","description":"Thread ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cid","description":"Cgroup ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"exit_code","description":"Exit code of the system call","type":"text","hidden":false,"required":false,"index":false},{"name":"probe_error","description":"Set to 1 if one or more buffers could not be captured","type":"integer","hidden":false,"required":false,"index":false},{"name":"syscall","description":"System call name","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of executed file","type":"text","hidden":false,"required":false,"index":false},{"name":"fd","description":"The file description for the process socket","type":"text","hidden":false,"required":false,"index":false},{"name":"family","description":"The Internet protocol family ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"The socket type","type":"integer","hidden":false,"required":false,"index":false},{"name":"protocol","description":"The network protocol ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"local_address","description":"Local address associated with socket","type":"text","hidden":false,"required":false,"index":false},{"name":"remote_address","description":"Remote address associated with socket","type":"text","hidden":false,"required":false,"index":false},{"name":"local_port","description":"Local network protocol port number","type":"integer","hidden":false,"required":false,"index":false},{"name":"remote_port","description":"Remote network protocol port number","type":"integer","hidden":false,"required":false,"index":false},{"name":"duration","description":"How much time was spent inside the syscall (nsecs)","type":"integer","hidden":false,"required":false,"index":false},{"name":"ntime","description":"The nsecs uptime timestamp as obtained from BPF","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":true,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"browser_plugins","description":"All C/NPAPI browser plugin details for all users.","platforms":["darwin"],"columns":[{"name":"uid","description":"The local user that owns the plugin","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Plugin display name","type":"text","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Plugin identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Plugin short version","type":"text","hidden":false,"required":false,"index":false},{"name":"sdk","description":"Build SDK used to compile plugin","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Plugin description text","type":"text","hidden":false,"required":false,"index":false},{"name":"development_region","description":"Plugin language-localization","type":"text","hidden":false,"required":false,"index":false},{"name":"native","description":"Plugin requires native execution","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to plugin bundle","type":"text","hidden":false,"required":false,"index":false},{"name":"disabled","description":"Is the plugin disabled. 1 = Disabled","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"carbon_black_info","description":"Returns info about a Carbon Black sensor install.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"sensor_id","description":"Sensor ID of the Carbon Black sensor","type":"integer","hidden":false,"required":false,"index":false},{"name":"config_name","description":"Sensor group","type":"text","hidden":false,"required":false,"index":false},{"name":"collect_store_files","description":"If the sensor is configured to send back binaries to the Carbon Black server","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_module_loads","description":"If the sensor is configured to capture module loads","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_module_info","description":"If the sensor is configured to collect metadata of binaries","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_file_mods","description":"If the sensor is configured to collect file modification events","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_reg_mods","description":"If the sensor is configured to collect registry modification events","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_net_conns","description":"If the sensor is configured to collect network connections","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_processes","description":"If the sensor is configured to process events","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_cross_processes","description":"If the sensor is configured to cross process events","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_emet_events","description":"If the sensor is configured to EMET events","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_data_file_writes","description":"If the sensor is configured to collect non binary file writes","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_process_user_context","description":"If the sensor is configured to collect the user running a process","type":"integer","hidden":false,"required":false,"index":false},{"name":"collect_sensor_operations","description":"Unknown","type":"integer","hidden":false,"required":false,"index":false},{"name":"log_file_disk_quota_mb","description":"Event file disk quota in MB","type":"integer","hidden":false,"required":false,"index":false},{"name":"log_file_disk_quota_percentage","description":"Event file disk quota in a percentage","type":"integer","hidden":false,"required":false,"index":false},{"name":"protection_disabled","description":"If the sensor is configured to report tamper events","type":"integer","hidden":false,"required":false,"index":false},{"name":"sensor_ip_addr","description":"IP address of the sensor","type":"text","hidden":false,"required":false,"index":false},{"name":"sensor_backend_server","description":"Carbon Black server","type":"text","hidden":false,"required":false,"index":false},{"name":"event_queue","description":"Size in bytes of Carbon Black event files on disk","type":"integer","hidden":false,"required":false,"index":false},{"name":"binary_queue","description":"Size in bytes of binaries waiting to be sent to Carbon Black server","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"carves","description":"List the set of completed and in-progress carves. If carve=1 then the query is treated as a new carve request.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"time","description":"Time at which the carve was kicked off","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sha256","description":"A SHA256 sum of the carved archive","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of the carved archive","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"The path of the requested carve","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Status of the carve, can be STARTING, PENDING, SUCCESS, or FAILED","type":"text","hidden":false,"required":false,"index":false},{"name":"carve_guid","description":"Identifying value of the carve session","type":"text","hidden":false,"required":false,"index":false},{"name":"request_id","description":"Identifying value of the carve request (e.g., scheduled query name, distributed request, etc)","type":"text","hidden":false,"required":false,"index":false},{"name":"carve","description":"Set this value to '1' to start a file carve","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"certificates","description":"Certificate Authorities installed in Keychains/ca-bundles.","platforms":["darwin","windows"],"columns":[{"name":"common_name","description":"Certificate CommonName","type":"text","hidden":false,"required":false,"index":false},{"name":"subject","description":"Certificate distinguished name","type":"text","hidden":false,"required":false,"index":false},{"name":"issuer","description":"Certificate issuer distinguished name","type":"text","hidden":false,"required":false,"index":false},{"name":"ca","description":"1 if CA: true (certificate is an authority) else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"self_signed","description":"1 if self-signed, else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"not_valid_before","description":"Lower bound of valid date","type":"text","hidden":false,"required":false,"index":false},{"name":"not_valid_after","description":"Certificate expiration data","type":"text","hidden":false,"required":false,"index":false},{"name":"signing_algorithm","description":"Signing algorithm used","type":"text","hidden":false,"required":false,"index":false},{"name":"key_algorithm","description":"Key algorithm used","type":"text","hidden":false,"required":false,"index":false},{"name":"key_strength","description":"Key size used for RSA/DSA, or curve name","type":"text","hidden":false,"required":false,"index":false},{"name":"key_usage","description":"Certificate key usage and extended key usage","type":"text","hidden":false,"required":false,"index":false},{"name":"subject_key_id","description":"SKID an optionally included SHA1","type":"text","hidden":false,"required":false,"index":false},{"name":"authority_key_id","description":"AKID an optionally included SHA1","type":"text","hidden":false,"required":false,"index":false},{"name":"sha1","description":"SHA1 hash of the raw certificate contents","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to Keychain or PEM bundle","type":"text","hidden":false,"required":false,"index":false},{"name":"serial","description":"Certificate serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"sid","description":"SID","type":"text","hidden":true,"required":false,"index":false},{"name":"store_location","description":"Certificate system store location","type":"text","hidden":true,"required":false,"index":false},{"name":"store","description":"Certificate system store","type":"text","hidden":true,"required":false,"index":false},{"name":"username","description":"Username","type":"text","hidden":true,"required":false,"index":false},{"name":"store_id","description":"Exists for service/user stores. Contains raw store id provided by WinAPI.","type":"text","hidden":true,"required":false,"index":false}]},{"name":"chassis_info","description":"Display information pertaining to the chassis and its security status.","platforms":["windows"],"columns":[{"name":"audible_alarm","description":"If TRUE, the frame is equipped with an audible alarm.","type":"text","hidden":false,"required":false,"index":false},{"name":"breach_description","description":"If provided, gives a more detailed description of a detected security breach.","type":"text","hidden":false,"required":false,"index":false},{"name":"chassis_types","description":"A comma-separated list of chassis types, such as Desktop or Laptop.","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"An extended description of the chassis if available.","type":"text","hidden":false,"required":false,"index":false},{"name":"lock","description":"If TRUE, the frame is equipped with a lock.","type":"text","hidden":false,"required":false,"index":false},{"name":"manufacturer","description":"The manufacturer of the chassis.","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"The model of the chassis.","type":"text","hidden":false,"required":false,"index":false},{"name":"security_breach","description":"The physical status of the chassis such as Breach Successful, Breach Attempted, etc.","type":"text","hidden":false,"required":false,"index":false},{"name":"serial","description":"The serial number of the chassis.","type":"text","hidden":false,"required":false,"index":false},{"name":"smbios_tag","description":"The assigned asset tag number of the chassis.","type":"text","hidden":false,"required":false,"index":false},{"name":"sku","description":"The Stock Keeping Unit number if available.","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"If available, gives various operational or nonoperational statuses such as OK, Degraded, and Pred Fail.","type":"text","hidden":false,"required":false,"index":false},{"name":"visible_alarm","description":"If TRUE, the frame is equipped with a visual alarm.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"chocolatey_packages","description":"Chocolatey packages installed in a system.","platforms":["windows"],"columns":[{"name":"name","description":"Package display name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package-supplied version","type":"text","hidden":false,"required":false,"index":false},{"name":"summary","description":"Package-supplied summary","type":"text","hidden":false,"required":false,"index":false},{"name":"author","description":"Optional package author","type":"text","hidden":false,"required":false,"index":false},{"name":"license","description":"License under which package is launched","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path at which this package resides","type":"text","hidden":false,"required":false,"index":false}]},{"name":"chrome_extension_content_scripts","description":"Chrome browser extension content scripts.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"browser_type","description":"The browser type (Valid values: chrome, chromium, opera, yandex, brave)","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"The local user that owns the extension","type":"bigint","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Extension identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Extension-supplied version","type":"text","hidden":false,"required":false,"index":false},{"name":"script","description":"The content script used by the extension","type":"text","hidden":false,"required":false,"index":false},{"name":"match","description":"The pattern that the script is matched against","type":"text","hidden":false,"required":false,"index":false},{"name":"profile_path","description":"The profile path","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to extension folder","type":"text","hidden":false,"required":false,"index":false},{"name":"referenced","description":"1 if this extension is referenced by the Preferences file of the profile","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"chrome_extensions","description":"Chrome-based browser extensions.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"browser_type","description":"The browser type (Valid values: chrome, chromium, opera, yandex, brave, edge, edge_beta)","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"The local user that owns the extension","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Extension display name","type":"text","hidden":false,"required":false,"index":false},{"name":"profile","description":"The name of the Chrome profile that contains this extension","type":"text","hidden":false,"required":false,"index":false},{"name":"profile_path","description":"The profile path","type":"text","hidden":false,"required":false,"index":false},{"name":"referenced_identifier","description":"Extension identifier, as specified by the preferences file. Empty if the extension is not in the profile.","type":"text","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Extension identifier, computed from its manifest. Empty in case of error.","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Extension-supplied version","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Extension-optional description","type":"text","hidden":false,"required":false,"index":false},{"name":"default_locale","description":"Default locale supported by extension","type":"text","hidden":false,"required":false,"index":false},{"name":"current_locale","description":"Current locale supported by extension","type":"text","hidden":false,"required":false,"index":false},{"name":"update_url","description":"Extension-supplied update URI","type":"text","hidden":false,"required":false,"index":false},{"name":"author","description":"Optional extension author","type":"text","hidden":false,"required":false,"index":false},{"name":"persistent","description":"1 If extension is persistent across all tabs else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to extension folder","type":"text","hidden":false,"required":false,"index":false},{"name":"permissions","description":"The permissions required by the extension","type":"text","hidden":false,"required":false,"index":false},{"name":"permissions_json","description":"The JSON-encoded permissions required by the extension","type":"text","hidden":true,"required":false,"index":false},{"name":"optional_permissions","description":"The permissions optionally required by the extensions","type":"text","hidden":false,"required":false,"index":false},{"name":"optional_permissions_json","description":"The JSON-encoded permissions optionally required by the extensions","type":"text","hidden":true,"required":false,"index":false},{"name":"manifest_hash","description":"The SHA256 hash of the manifest.json file","type":"text","hidden":false,"required":false,"index":false},{"name":"referenced","description":"1 if this extension is referenced by the Preferences file of the profile","type":"bigint","hidden":false,"required":false,"index":false},{"name":"from_webstore","description":"True if this extension was installed from the web store","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"1 if this extension is enabled","type":"text","hidden":false,"required":false,"index":false},{"name":"install_time","description":"Extension install time, in its original Webkit format","type":"text","hidden":false,"required":false,"index":false},{"name":"install_timestamp","description":"Extension install time, converted to unix time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"manifest_json","description":"The manifest file of the extension","type":"text","hidden":true,"required":false,"index":false},{"name":"key","description":"The extension key, from the manifest file","type":"text","hidden":true,"required":false,"index":false}]},{"name":"connectivity","description":"Provides the overall system's network state.","platforms":["windows"],"columns":[{"name":"disconnected","description":"True if the all interfaces are not connected to any network","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv4_no_traffic","description":"True if any interface is connected via IPv4, but has seen no traffic","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv6_no_traffic","description":"True if any interface is connected via IPv6, but has seen no traffic","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv4_subnet","description":"True if any interface is connected to the local subnet via IPv4","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv4_local_network","description":"True if any interface is connected to a routed network via IPv4","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv4_internet","description":"True if any interface is connected to the Internet via IPv4","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv6_subnet","description":"True if any interface is connected to the local subnet via IPv6","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv6_local_network","description":"True if any interface is connected to a routed network via IPv6","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv6_internet","description":"True if any interface is connected to the Internet via IPv6","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"cpu_info","description":"Retrieve cpu hardware info of the machine.","platforms":["windows"],"columns":[{"name":"device_id","description":"The DeviceID of the CPU.","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"The model of the CPU.","type":"text","hidden":false,"required":false,"index":false},{"name":"manufacturer","description":"The manufacturer of the CPU.","type":"text","hidden":false,"required":false,"index":false},{"name":"processor_type","description":"The processor type, such as Central, Math, or Video.","type":"text","hidden":false,"required":false,"index":false},{"name":"availability","description":"The availability and status of the CPU.","type":"text","hidden":false,"required":false,"index":false},{"name":"cpu_status","description":"The current operating status of the CPU.","type":"integer","hidden":false,"required":false,"index":false},{"name":"number_of_cores","description":"The number of cores of the CPU.","type":"text","hidden":false,"required":false,"index":false},{"name":"logical_processors","description":"The number of logical processors of the CPU.","type":"integer","hidden":false,"required":false,"index":false},{"name":"address_width","description":"The width of the CPU address bus.","type":"text","hidden":false,"required":false,"index":false},{"name":"current_clock_speed","description":"The current frequency of the CPU.","type":"integer","hidden":false,"required":false,"index":false},{"name":"max_clock_speed","description":"The maximum possible frequency of the CPU.","type":"integer","hidden":false,"required":false,"index":false},{"name":"socket_designation","description":"The assigned socket on the board for the given CPU.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"cpu_time","description":"Displays information from /proc/stat file about the time the cpu cores spent in different parts of the system.","platforms":["darwin","linux"],"columns":[{"name":"core","description":"Name of the cpu (core)","type":"integer","hidden":false,"required":false,"index":false},{"name":"user","description":"Time spent in user mode","type":"bigint","hidden":false,"required":false,"index":false},{"name":"nice","description":"Time spent in user mode with low priority (nice)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"system","description":"Time spent in system mode","type":"bigint","hidden":false,"required":false,"index":false},{"name":"idle","description":"Time spent in the idle task","type":"bigint","hidden":false,"required":false,"index":false},{"name":"iowait","description":"Time spent waiting for I/O to complete","type":"bigint","hidden":false,"required":false,"index":false},{"name":"irq","description":"Time spent servicing interrupts","type":"bigint","hidden":false,"required":false,"index":false},{"name":"softirq","description":"Time spent servicing softirqs","type":"bigint","hidden":false,"required":false,"index":false},{"name":"steal","description":"Time spent in other operating systems when running in a virtualized environment","type":"bigint","hidden":false,"required":false,"index":false},{"name":"guest","description":"Time spent running a virtual CPU for a guest OS under the control of the Linux kernel","type":"bigint","hidden":false,"required":false,"index":false},{"name":"guest_nice","description":"Time spent running a niced guest ","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"cpuid","description":"Useful CPU features from the cpuid ASM call.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"feature","description":"Present feature flags","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Bit value or string","type":"text","hidden":false,"required":false,"index":false},{"name":"output_register","description":"Register used to for feature value","type":"text","hidden":false,"required":false,"index":false},{"name":"output_bit","description":"Bit in register value for feature value","type":"integer","hidden":false,"required":false,"index":false},{"name":"input_eax","description":"Value of EAX used","type":"text","hidden":false,"required":false,"index":false}]},{"name":"crashes","description":"Application, System, and Mobile App crash logs.","platforms":["darwin"],"columns":[{"name":"type","description":"Type of crash log","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process (or thread) ID of the crashed process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"crash_path","description":"Location of log file","type":"text","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Identifier of the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Version info of the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent PID of the crashed process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"responsible","description":"Process responsible for the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID of the crashed process","type":"integer","hidden":false,"required":false,"index":false},{"name":"datetime","description":"Date/Time at which the crash occurred","type":"text","hidden":false,"required":false,"index":false},{"name":"crashed_thread","description":"Thread ID which crashed","type":"bigint","hidden":false,"required":false,"index":false},{"name":"stack_trace","description":"Most recent frame from the stack trace","type":"text","hidden":false,"required":false,"index":false},{"name":"exception_type","description":"Exception type of the crash","type":"text","hidden":false,"required":false,"index":false},{"name":"exception_codes","description":"Exception codes from the crash","type":"text","hidden":false,"required":false,"index":false},{"name":"exception_notes","description":"Exception notes from the crash","type":"text","hidden":false,"required":false,"index":false},{"name":"registers","description":"The value of the system registers","type":"text","hidden":false,"required":false,"index":false}]},{"name":"crontab","description":"Line parsed values from system and user cron/tab.","platforms":["darwin","linux"],"columns":[{"name":"event","description":"The job @event name (rare)","type":"text","hidden":false,"required":false,"index":false},{"name":"minute","description":"The exact minute for the job","type":"text","hidden":false,"required":false,"index":false},{"name":"hour","description":"The hour of the day for the job","type":"text","hidden":false,"required":false,"index":false},{"name":"day_of_month","description":"The day of the month for the job","type":"text","hidden":false,"required":false,"index":false},{"name":"month","description":"The month of the year for the job","type":"text","hidden":false,"required":false,"index":false},{"name":"day_of_week","description":"The day of the week for the job","type":"text","hidden":false,"required":false,"index":false},{"name":"command","description":"Raw command string","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"File parsed","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"cups_destinations","description":"Returns all configured printers.","platforms":["darwin"],"columns":[{"name":"name","description":"Name of the printer","type":"text","hidden":false,"required":false,"index":false},{"name":"option_name","description":"Option name","type":"text","hidden":false,"required":false,"index":false},{"name":"option_value","description":"Option value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"cups_jobs","description":"Returns all completed print jobs from cups.","platforms":["darwin"],"columns":[{"name":"title","description":"Title of the printed job","type":"text","hidden":false,"required":false,"index":false},{"name":"destination","description":"The printer the job was sent to","type":"text","hidden":false,"required":false,"index":false},{"name":"user","description":"The user who printed the job","type":"text","hidden":false,"required":false,"index":false},{"name":"format","description":"The format of the print job","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"The size of the print job","type":"integer","hidden":false,"required":false,"index":false},{"name":"completed_time","description":"When the job completed printing","type":"integer","hidden":false,"required":false,"index":false},{"name":"processing_time","description":"How long the job took to process","type":"integer","hidden":false,"required":false,"index":false},{"name":"creation_time","description":"When the print request was initiated","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"curl","description":"Perform an http request and return stats about it.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"url","description":"The url for the request","type":"text","hidden":false,"required":true,"index":false},{"name":"method","description":"The HTTP method for the request","type":"text","hidden":false,"required":false,"index":false},{"name":"user_agent","description":"The user-agent string to use for the request","type":"text","hidden":false,"required":false,"index":false},{"name":"response_code","description":"The HTTP status code for the response","type":"integer","hidden":false,"required":false,"index":false},{"name":"round_trip_time","description":"Time taken to complete the request","type":"bigint","hidden":false,"required":false,"index":false},{"name":"bytes","description":"Number of bytes in the response","type":"bigint","hidden":false,"required":false,"index":false},{"name":"result","description":"The HTTP response body","type":"text","hidden":false,"required":false,"index":false}]},{"name":"curl_certificate","description":"Inspect TLS certificates by connecting to input hostnames.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"hostname","description":"Hostname (domain[:port]) to CURL","type":"text","hidden":false,"required":true,"index":false},{"name":"common_name","description":"Common name of company issued to","type":"text","hidden":false,"required":false,"index":false},{"name":"organization","description":"Organization issued to","type":"text","hidden":false,"required":false,"index":false},{"name":"organization_unit","description":"Organization unit issued to","type":"text","hidden":false,"required":false,"index":false},{"name":"serial_number","description":"Certificate serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"issuer_common_name","description":"Issuer common name","type":"text","hidden":false,"required":false,"index":false},{"name":"issuer_organization","description":"Issuer organization","type":"text","hidden":false,"required":false,"index":false},{"name":"issuer_organization_unit","description":"Issuer organization unit","type":"text","hidden":false,"required":false,"index":false},{"name":"valid_from","description":"Period of validity start date","type":"text","hidden":false,"required":false,"index":false},{"name":"valid_to","description":"Period of validity end date","type":"text","hidden":false,"required":false,"index":false},{"name":"sha256_fingerprint","description":"SHA-256 fingerprint","type":"text","hidden":false,"required":false,"index":false},{"name":"sha1_fingerprint","description":"SHA1 fingerprint","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Version Number","type":"integer","hidden":false,"required":false,"index":false},{"name":"signature_algorithm","description":"Signature Algorithm","type":"text","hidden":false,"required":false,"index":false},{"name":"signature","description":"Signature","type":"text","hidden":false,"required":false,"index":false},{"name":"subject_key_identifier","description":"Subject Key Identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"authority_key_identifier","description":"Authority Key Identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"key_usage","description":"Usage of key in certificate","type":"text","hidden":false,"required":false,"index":false},{"name":"extended_key_usage","description":"Extended usage of key in certificate","type":"text","hidden":false,"required":false,"index":false},{"name":"policies","description":"Certificate Policies","type":"text","hidden":false,"required":false,"index":false},{"name":"subject_alternative_names","description":"Subject Alternative Name","type":"text","hidden":false,"required":false,"index":false},{"name":"issuer_alternative_names","description":"Issuer Alternative Name","type":"text","hidden":false,"required":false,"index":false},{"name":"info_access","description":"Authority Information Access","type":"text","hidden":false,"required":false,"index":false},{"name":"subject_info_access","description":"Subject Information Access","type":"text","hidden":false,"required":false,"index":false},{"name":"policy_mappings","description":"Policy Mappings","type":"text","hidden":false,"required":false,"index":false},{"name":"has_expired","description":"1 if the certificate has expired, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"basic_constraint","description":"Basic Constraints","type":"text","hidden":false,"required":false,"index":false},{"name":"name_constraints","description":"Name Constraints","type":"text","hidden":false,"required":false,"index":false},{"name":"policy_constraints","description":"Policy Constraints","type":"text","hidden":false,"required":false,"index":false},{"name":"dump_certificate","description":"Set this value to '1' to dump certificate","type":"integer","hidden":true,"required":false,"index":false},{"name":"timeout","description":"Set this value to the timeout in seconds to complete the TLS handshake (default 4s, use 0 for no timeout)","type":"integer","hidden":true,"required":false,"index":false},{"name":"pem","description":"Certificate PEM format","type":"text","hidden":false,"required":false,"index":false}]},{"name":"deb_packages","description":"The installed DEB package database.","platforms":["linux"],"columns":[{"name":"name","description":"Package name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package version","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Package source","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Package size in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"arch","description":"Package architecture","type":"text","hidden":false,"required":false,"index":false},{"name":"revision","description":"Package revision","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Package status","type":"text","hidden":false,"required":false,"index":false},{"name":"maintainer","description":"Package maintainer","type":"text","hidden":false,"required":false,"index":false},{"name":"section","description":"Package section","type":"text","hidden":false,"required":false,"index":false},{"name":"priority","description":"Package priority","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false},{"name":"mount_namespace_id","description":"Mount namespace id","type":"text","hidden":true,"required":false,"index":false}]},{"name":"default_environment","description":"Default environment variables and values.","platforms":["windows"],"columns":[{"name":"variable","description":"Name of the environment variable","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Value of the environment variable","type":"text","hidden":false,"required":false,"index":false},{"name":"expand","description":"1 if the variable needs expanding, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"device_file","description":"Similar to the file table, but use TSK and allow block address access.","platforms":["darwin","linux"],"columns":[{"name":"device","description":"Absolute file path to device node","type":"text","hidden":false,"required":true,"index":false},{"name":"partition","description":"A partition number","type":"text","hidden":false,"required":true,"index":false},{"name":"path","description":"A logical path within the device node","type":"text","hidden":false,"required":false,"index":false},{"name":"filename","description":"Name portion of file path","type":"text","hidden":false,"required":false,"index":false},{"name":"inode","description":"Filesystem inode number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"Owning user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Owning group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mode","description":"Permission bits","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of file in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"block_size","description":"Block size of filesystem","type":"integer","hidden":false,"required":false,"index":false},{"name":"atime","description":"Last access time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mtime","description":"Last modification time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ctime","description":"Creation time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"hard_links","description":"Number of hard links","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"File status","type":"text","hidden":false,"required":false,"index":false}]},{"name":"device_firmware","description":"A best-effort list of discovered firmware versions.","platforms":["darwin"],"columns":[{"name":"type","description":"Type of device","type":"text","hidden":false,"required":false,"index":false},{"name":"device","description":"The device name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Firmware version","type":"text","hidden":false,"required":false,"index":false}]},{"name":"device_hash","description":"Similar to the hash table, but use TSK and allow block address access.","platforms":["darwin","linux"],"columns":[{"name":"device","description":"Absolute file path to device node","type":"text","hidden":false,"required":true,"index":false},{"name":"partition","description":"A partition number","type":"text","hidden":false,"required":true,"index":false},{"name":"inode","description":"Filesystem inode number","type":"bigint","hidden":false,"required":true,"index":false},{"name":"md5","description":"MD5 hash of provided inode data","type":"text","hidden":false,"required":false,"index":false},{"name":"sha1","description":"SHA1 hash of provided inode data","type":"text","hidden":false,"required":false,"index":false},{"name":"sha256","description":"SHA256 hash of provided inode data","type":"text","hidden":false,"required":false,"index":false}]},{"name":"device_partitions","description":"Use TSK to enumerate details about partitions on a disk device.","platforms":["darwin","linux"],"columns":[{"name":"device","description":"Absolute file path to device node","type":"text","hidden":false,"required":true,"index":false},{"name":"partition","description":"A partition number or description","type":"integer","hidden":false,"required":false,"index":false},{"name":"label","description":"","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"","type":"text","hidden":false,"required":false,"index":false},{"name":"offset","description":"","type":"bigint","hidden":false,"required":false,"index":false},{"name":"blocks_size","description":"Byte size of each block","type":"bigint","hidden":false,"required":false,"index":false},{"name":"blocks","description":"Number of blocks","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inodes","description":"Number of meta nodes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"flags","description":"","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"disk_encryption","description":"Disk encryption status and information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Disk name","type":"text","hidden":false,"required":false,"index":false},{"name":"uuid","description":"Disk Universally Unique Identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"encrypted","description":"1 If encrypted: true (disk is encrypted), else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Description of cipher type and mode if available","type":"text","hidden":false,"required":false,"index":false},{"name":"encryption_status","description":"Disk encryption status with one of following values: encrypted | not encrypted | undefined","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"Currently authenticated user if available","type":"text","hidden":false,"required":false,"index":false},{"name":"user_uuid","description":"UUID of authenticated user if available","type":"text","hidden":false,"required":false,"index":false},{"name":"filevault_status","description":"FileVault status with one of following values: on | off | unknown","type":"text","hidden":false,"required":false,"index":false}]},{"name":"disk_events","description":"Track DMG disk image events (appearance/disappearance) when opened.","platforms":["darwin"],"columns":[{"name":"action","description":"Appear or disappear","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of the DMG file accessed","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Disk event name","type":"text","hidden":false,"required":false,"index":false},{"name":"device","description":"Disk event BSD name","type":"text","hidden":false,"required":false,"index":false},{"name":"uuid","description":"UUID of the volume inside DMG if available","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of partition in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ejectable","description":"1 if ejectable, 0 if not","type":"integer","hidden":false,"required":false,"index":false},{"name":"mountable","description":"1 if mountable, 0 if not","type":"integer","hidden":false,"required":false,"index":false},{"name":"writable","description":"1 if writable, 0 if not","type":"integer","hidden":false,"required":false,"index":false},{"name":"content","description":"Disk event content","type":"text","hidden":false,"required":false,"index":false},{"name":"media_name","description":"Disk event media name string","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor","description":"Disk event vendor string","type":"text","hidden":false,"required":false,"index":false},{"name":"filesystem","description":"Filesystem if available","type":"text","hidden":false,"required":false,"index":false},{"name":"checksum","description":"UDIF Master checksum if available (CRC32)","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of appearance/disappearance in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"disk_info","description":"Retrieve basic information about the physical disks of a system.","platforms":["windows"],"columns":[{"name":"partitions","description":"Number of detected partitions on disk.","type":"integer","hidden":false,"required":false,"index":false},{"name":"disk_index","description":"Physical drive number of the disk.","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"The interface type of the disk.","type":"text","hidden":false,"required":false,"index":false},{"name":"id","description":"The unique identifier of the drive on the system.","type":"text","hidden":false,"required":false,"index":false},{"name":"pnp_device_id","description":"The unique identifier of the drive on the system.","type":"text","hidden":false,"required":false,"index":false},{"name":"disk_size","description":"Size of the disk.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"manufacturer","description":"The manufacturer of the disk.","type":"text","hidden":false,"required":false,"index":false},{"name":"hardware_model","description":"Hard drive model.","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"The label of the disk object.","type":"text","hidden":false,"required":false,"index":false},{"name":"serial","description":"The serial number of the disk.","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"The OS's description of the disk.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"dns_cache","description":"Enumerate the DNS cache using the undocumented DnsGetCacheDataTable function in dnsapi.dll.","platforms":["windows"],"columns":[{"name":"name","description":"DNS record name","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"DNS record type","type":"text","hidden":false,"required":false,"index":false},{"name":"flags","description":"DNS record flags","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"dns_resolvers","description":"Resolvers used by this host.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Address type index or order","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Address type: sortlist, nameserver, search","type":"text","hidden":false,"required":false,"index":false},{"name":"address","description":"Resolver IP/IPv6 address","type":"text","hidden":false,"required":false,"index":false},{"name":"netmask","description":"Address (sortlist) netmask length","type":"text","hidden":false,"required":false,"index":false},{"name":"options","description":"Resolver options","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"docker_container_fs_changes","description":"Changes to files or directories on container's filesystem.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":true,"index":false},{"name":"path","description":"FIle or directory path relative to rootfs","type":"text","hidden":false,"required":false,"index":false},{"name":"change_type","description":"Type of change: C:Modified, A:Added, D:Deleted","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_container_labels","description":"Docker container labels.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Label key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Optional label value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_container_mounts","description":"Docker container mounts.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of mount (bind, volume)","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Optional mount name","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Source path on host","type":"text","hidden":false,"required":false,"index":false},{"name":"destination","description":"Destination path inside container","type":"text","hidden":false,"required":false,"index":false},{"name":"driver","description":"Driver providing the mount","type":"text","hidden":false,"required":false,"index":false},{"name":"mode","description":"Mount options (rw, ro)","type":"text","hidden":false,"required":false,"index":false},{"name":"rw","description":"1 if read/write. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"propagation","description":"Mount propagation","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_container_networks","description":"Docker container networks.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Network name","type":"text","hidden":false,"required":false,"index":false},{"name":"network_id","description":"Network ID","type":"text","hidden":false,"required":false,"index":false},{"name":"endpoint_id","description":"Endpoint ID","type":"text","hidden":false,"required":false,"index":false},{"name":"gateway","description":"Gateway","type":"text","hidden":false,"required":false,"index":false},{"name":"ip_address","description":"IP address","type":"text","hidden":false,"required":false,"index":false},{"name":"ip_prefix_len","description":"IP subnet prefix length","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv6_gateway","description":"IPv6 gateway","type":"text","hidden":false,"required":false,"index":false},{"name":"ipv6_address","description":"IPv6 address","type":"text","hidden":false,"required":false,"index":false},{"name":"ipv6_prefix_len","description":"IPv6 subnet prefix length","type":"integer","hidden":false,"required":false,"index":false},{"name":"mac_address","description":"MAC address","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_container_ports","description":"Docker container ports.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Protocol (tcp, udp)","type":"text","hidden":false,"required":false,"index":false},{"name":"port","description":"Port inside the container","type":"integer","hidden":false,"required":false,"index":false},{"name":"host_ip","description":"Host IP address on which public port is listening","type":"text","hidden":false,"required":false,"index":false},{"name":"host_port","description":"Host port","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"docker_container_processes","description":"Docker container processes.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":true,"index":false},{"name":"pid","description":"Process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"The process path or shorthand argv[0]","type":"text","hidden":false,"required":false,"index":false},{"name":"cmdline","description":"Complete argv","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"Process state","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"euid","description":"Effective user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"egid","description":"Effective group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"suid","description":"Saved user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sgid","description":"Saved group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"wired_size","description":"Bytes of unpageable memory used by process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"resident_size","description":"Bytes of private memory used by process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"total_size","description":"Total virtual memory size","type":"bigint","hidden":false,"required":false,"index":false},{"name":"start_time","description":"Process start in seconds since boot (non-sleeping)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"parent","description":"Process parent's PID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pgroup","description":"Process group","type":"bigint","hidden":false,"required":false,"index":false},{"name":"threads","description":"Number of threads used by process","type":"integer","hidden":false,"required":false,"index":false},{"name":"nice","description":"Process nice level (-20 to 20, default 0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"user","description":"User name","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Cumulative CPU time. [DD-]HH:MM:SS format","type":"text","hidden":false,"required":false,"index":false},{"name":"cpu","description":"CPU utilization as percentage","type":"double","hidden":false,"required":false,"index":false},{"name":"mem","description":"Memory utilization as percentage","type":"double","hidden":false,"required":false,"index":false}]},{"name":"docker_container_stats","description":"Docker container statistics. Queries on this table take at least one second.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":true,"index":false},{"name":"name","description":"Container name","type":"text","hidden":false,"required":false,"index":false},{"name":"pids","description":"Number of processes","type":"integer","hidden":false,"required":false,"index":false},{"name":"read","description":"UNIX time when stats were read","type":"bigint","hidden":false,"required":false,"index":false},{"name":"preread","description":"UNIX time when stats were last read","type":"bigint","hidden":false,"required":false,"index":false},{"name":"interval","description":"Difference between read and preread in nano-seconds","type":"bigint","hidden":false,"required":false,"index":false},{"name":"disk_read","description":"Total disk read bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"disk_write","description":"Total disk write bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"num_procs","description":"Number of processors","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_total_usage","description":"Total CPU usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cpu_kernelmode_usage","description":"CPU kernel mode usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cpu_usermode_usage","description":"CPU user mode usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"system_cpu_usage","description":"CPU system usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"online_cpus","description":"Online CPUs","type":"integer","hidden":false,"required":false,"index":false},{"name":"pre_cpu_total_usage","description":"Last read total CPU usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pre_cpu_kernelmode_usage","description":"Last read CPU kernel mode usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pre_cpu_usermode_usage","description":"Last read CPU user mode usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pre_system_cpu_usage","description":"Last read CPU system usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pre_online_cpus","description":"Last read online CPUs","type":"integer","hidden":false,"required":false,"index":false},{"name":"memory_usage","description":"Memory usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"memory_max_usage","description":"Memory maximum usage","type":"bigint","hidden":false,"required":false,"index":false},{"name":"memory_limit","description":"Memory limit","type":"bigint","hidden":false,"required":false,"index":false},{"name":"network_rx_bytes","description":"Total network bytes read","type":"bigint","hidden":false,"required":false,"index":false},{"name":"network_tx_bytes","description":"Total network bytes transmitted","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"docker_containers","description":"Docker containers information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Container ID","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Container name","type":"text","hidden":false,"required":false,"index":false},{"name":"image","description":"Docker image (name) used to launch this container","type":"text","hidden":false,"required":false,"index":false},{"name":"image_id","description":"Docker image ID","type":"text","hidden":false,"required":false,"index":false},{"name":"command","description":"Command with arguments","type":"text","hidden":false,"required":false,"index":false},{"name":"created","description":"Time of creation as UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"state","description":"Container state (created, restarting, running, removing, paused, exited, dead)","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Container status information","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Identifier of the initial process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Container path","type":"text","hidden":false,"required":false,"index":false},{"name":"config_entrypoint","description":"Container entrypoint(s)","type":"text","hidden":false,"required":false,"index":false},{"name":"started_at","description":"Container start time as string","type":"text","hidden":false,"required":false,"index":false},{"name":"finished_at","description":"Container finish time as string","type":"text","hidden":false,"required":false,"index":false},{"name":"privileged","description":"Is the container privileged","type":"integer","hidden":false,"required":false,"index":false},{"name":"security_options","description":"List of container security options","type":"text","hidden":false,"required":false,"index":false},{"name":"env_variables","description":"Container environmental variables","type":"text","hidden":false,"required":false,"index":false},{"name":"readonly_rootfs","description":"Is the root filesystem mounted as read only","type":"integer","hidden":false,"required":false,"index":false},{"name":"cgroup_namespace","description":"cgroup namespace","type":"text","hidden":true,"required":false,"index":false},{"name":"ipc_namespace","description":"IPC namespace","type":"text","hidden":true,"required":false,"index":false},{"name":"mnt_namespace","description":"Mount namespace","type":"text","hidden":true,"required":false,"index":false},{"name":"net_namespace","description":"Network namespace","type":"text","hidden":true,"required":false,"index":false},{"name":"pid_namespace","description":"PID namespace","type":"text","hidden":true,"required":false,"index":false},{"name":"user_namespace","description":"User namespace","type":"text","hidden":true,"required":false,"index":false},{"name":"uts_namespace","description":"UTS namespace","type":"text","hidden":true,"required":false,"index":false}]},{"name":"docker_image_history","description":"Docker image history information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Image ID","type":"text","hidden":false,"required":false,"index":false},{"name":"created","description":"Time of creation as UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of instruction in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"created_by","description":"Created by instruction","type":"text","hidden":false,"required":false,"index":false},{"name":"tags","description":"Comma-separated list of tags","type":"text","hidden":false,"required":false,"index":false},{"name":"comment","description":"Instruction comment","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_image_labels","description":"Docker image labels.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Image ID","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Label key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Optional label value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_image_layers","description":"Docker image layers information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Image ID","type":"text","hidden":false,"required":false,"index":false},{"name":"layer_id","description":"Layer ID","type":"text","hidden":false,"required":false,"index":false},{"name":"layer_order","description":"Layer Order (1 = base layer)","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"docker_images","description":"Docker images information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Image ID","type":"text","hidden":false,"required":false,"index":false},{"name":"created","description":"Time of creation as UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"size_bytes","description":"Size of image in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"tags","description":"Comma-separated list of repository tags","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_info","description":"Docker system information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Docker system ID","type":"text","hidden":false,"required":false,"index":false},{"name":"containers","description":"Total number of containers","type":"integer","hidden":false,"required":false,"index":false},{"name":"containers_running","description":"Number of containers currently running","type":"integer","hidden":false,"required":false,"index":false},{"name":"containers_paused","description":"Number of containers in paused state","type":"integer","hidden":false,"required":false,"index":false},{"name":"containers_stopped","description":"Number of containers in stopped state","type":"integer","hidden":false,"required":false,"index":false},{"name":"images","description":"Number of images","type":"integer","hidden":false,"required":false,"index":false},{"name":"storage_driver","description":"Storage driver","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_limit","description":"1 if memory limit support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"swap_limit","description":"1 if swap limit support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"kernel_memory","description":"1 if kernel memory limit support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_cfs_period","description":"1 if CPU Completely Fair Scheduler (CFS) period support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_cfs_quota","description":"1 if CPU Completely Fair Scheduler (CFS) quota support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_shares","description":"1 if CPU share weighting support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_set","description":"1 if CPU set selection support is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv4_forwarding","description":"1 if IPv4 forwarding is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"bridge_nf_iptables","description":"1 if bridge netfilter iptables is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"bridge_nf_ip6tables","description":"1 if bridge netfilter ip6tables is enabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"oom_kill_disable","description":"1 if Out-of-memory kill is disabled. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"logging_driver","description":"Logging driver","type":"text","hidden":false,"required":false,"index":false},{"name":"cgroup_driver","description":"Control groups driver","type":"text","hidden":false,"required":false,"index":false},{"name":"kernel_version","description":"Kernel version","type":"text","hidden":false,"required":false,"index":false},{"name":"os","description":"Operating system","type":"text","hidden":false,"required":false,"index":false},{"name":"os_type","description":"Operating system type","type":"text","hidden":false,"required":false,"index":false},{"name":"architecture","description":"Hardware architecture","type":"text","hidden":false,"required":false,"index":false},{"name":"cpus","description":"Number of CPUs","type":"integer","hidden":false,"required":false,"index":false},{"name":"memory","description":"Total memory","type":"bigint","hidden":false,"required":false,"index":false},{"name":"http_proxy","description":"HTTP proxy","type":"text","hidden":false,"required":false,"index":false},{"name":"https_proxy","description":"HTTPS proxy","type":"text","hidden":false,"required":false,"index":false},{"name":"no_proxy","description":"Comma-separated list of domain extensions proxy should not be used for","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the docker host","type":"text","hidden":false,"required":false,"index":false},{"name":"server_version","description":"Server version","type":"text","hidden":false,"required":false,"index":false},{"name":"root_dir","description":"Docker root directory","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_network_labels","description":"Docker network labels.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Network ID","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Label key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Optional label value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_networks","description":"Docker networks information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Network ID","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Network name","type":"text","hidden":false,"required":false,"index":false},{"name":"driver","description":"Network driver","type":"text","hidden":false,"required":false,"index":false},{"name":"created","description":"Time of creation as UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"enable_ipv6","description":"1 if IPv6 is enabled on this network. 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"subnet","description":"Network subnet","type":"text","hidden":false,"required":false,"index":false},{"name":"gateway","description":"Network gateway","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_version","description":"Docker version information.","platforms":["darwin","linux"],"columns":[{"name":"version","description":"Docker version","type":"text","hidden":false,"required":false,"index":false},{"name":"api_version","description":"API version","type":"text","hidden":false,"required":false,"index":false},{"name":"min_api_version","description":"Minimum API version supported","type":"text","hidden":false,"required":false,"index":false},{"name":"git_commit","description":"Docker build git commit","type":"text","hidden":false,"required":false,"index":false},{"name":"go_version","description":"Go version","type":"text","hidden":false,"required":false,"index":false},{"name":"os","description":"Operating system","type":"text","hidden":false,"required":false,"index":false},{"name":"arch","description":"Hardware architecture","type":"text","hidden":false,"required":false,"index":false},{"name":"kernel_version","description":"Kernel version","type":"text","hidden":false,"required":false,"index":false},{"name":"build_time","description":"Build time","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_volume_labels","description":"Docker volume labels.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Volume name","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Label key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Optional label value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"docker_volumes","description":"Docker volumes information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Volume name","type":"text","hidden":false,"required":false,"index":false},{"name":"driver","description":"Volume driver","type":"text","hidden":false,"required":false,"index":false},{"name":"mount_point","description":"Mount point","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Volume type","type":"text","hidden":false,"required":false,"index":false}]},{"name":"drivers","description":"Details for in-use Windows device drivers. This does not display installed but unused drivers.","platforms":["windows"],"columns":[{"name":"device_id","description":"Device ID","type":"text","hidden":false,"required":false,"index":false},{"name":"device_name","description":"Device name","type":"text","hidden":false,"required":false,"index":false},{"name":"image","description":"Path to driver image file","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Driver description","type":"text","hidden":false,"required":false,"index":false},{"name":"service","description":"Driver service name, if one exists","type":"text","hidden":false,"required":false,"index":false},{"name":"service_key","description":"Driver service registry key","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Driver version","type":"text","hidden":false,"required":false,"index":false},{"name":"inf","description":"Associated inf file","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"Device/driver class name","type":"text","hidden":false,"required":false,"index":false},{"name":"provider","description":"Driver provider","type":"text","hidden":false,"required":false,"index":false},{"name":"manufacturer","description":"Device manufacturer","type":"text","hidden":false,"required":false,"index":false},{"name":"driver_key","description":"Driver key","type":"text","hidden":false,"required":false,"index":false},{"name":"date","description":"Driver date","type":"bigint","hidden":false,"required":false,"index":false},{"name":"signed","description":"Whether the driver is signed or not","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"ec2_instance_metadata","description":"EC2 instance metadata.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"instance_id","description":"EC2 instance ID","type":"text","hidden":false,"required":false,"index":false},{"name":"instance_type","description":"EC2 instance type","type":"text","hidden":false,"required":false,"index":false},{"name":"architecture","description":"Hardware architecture of this EC2 instance","type":"text","hidden":false,"required":false,"index":false},{"name":"region","description":"AWS region in which this instance launched","type":"text","hidden":false,"required":false,"index":false},{"name":"availability_zone","description":"Availability zone in which this instance launched","type":"text","hidden":false,"required":false,"index":false},{"name":"local_hostname","description":"Private IPv4 DNS hostname of the first interface of this instance","type":"text","hidden":false,"required":false,"index":false},{"name":"local_ipv4","description":"Private IPv4 address of the first interface of this instance","type":"text","hidden":false,"required":false,"index":false},{"name":"mac","description":"MAC address for the first network interface of this EC2 instance","type":"text","hidden":false,"required":false,"index":false},{"name":"security_groups","description":"Comma separated list of security group names","type":"text","hidden":false,"required":false,"index":false},{"name":"iam_arn","description":"If there is an IAM role associated with the instance, contains instance profile ARN","type":"text","hidden":false,"required":false,"index":false},{"name":"ami_id","description":"AMI ID used to launch this EC2 instance","type":"text","hidden":false,"required":false,"index":false},{"name":"reservation_id","description":"ID of the reservation","type":"text","hidden":false,"required":false,"index":false},{"name":"account_id","description":"AWS account ID which owns this EC2 instance","type":"text","hidden":false,"required":false,"index":false},{"name":"ssh_public_key","description":"SSH public key. Only available if supplied at instance launch time","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ec2_instance_tags","description":"EC2 instance tag key value pairs.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"instance_id","description":"EC2 instance ID","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Tag key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Tag value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"elf_dynamic","description":"ELF dynamic section information.","platforms":["linux"],"columns":[{"name":"tag","description":"Tag ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"value","description":"Tag value","type":"integer","hidden":false,"required":false,"index":false},{"name":"class","description":"Class (32 or 64)","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to ELF file","type":"text","hidden":false,"required":true,"index":false}]},{"name":"elf_info","description":"ELF file information.","platforms":["linux"],"columns":[{"name":"class","description":"Class type, 32 or 64bit","type":"text","hidden":false,"required":false,"index":false},{"name":"abi","description":"Section type","type":"text","hidden":false,"required":false,"index":false},{"name":"abi_version","description":"Section virtual address in memory","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Offset of section in file","type":"text","hidden":false,"required":false,"index":false},{"name":"machine","description":"Machine type","type":"integer","hidden":false,"required":false,"index":false},{"name":"version","description":"Object file version","type":"integer","hidden":false,"required":false,"index":false},{"name":"entry","description":"Entry point address","type":"bigint","hidden":false,"required":false,"index":false},{"name":"flags","description":"ELF header flags","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to ELF file","type":"text","hidden":false,"required":true,"index":false}]},{"name":"elf_sections","description":"ELF section information.","platforms":["linux"],"columns":[{"name":"name","description":"Section name","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Section type","type":"integer","hidden":false,"required":false,"index":false},{"name":"vaddr","description":"Section virtual address in memory","type":"integer","hidden":false,"required":false,"index":false},{"name":"offset","description":"Offset of section in file","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of section","type":"integer","hidden":false,"required":false,"index":false},{"name":"flags","description":"Section attributes","type":"text","hidden":false,"required":false,"index":false},{"name":"link","description":"Link to other section","type":"text","hidden":false,"required":false,"index":false},{"name":"align","description":"Segment alignment","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to ELF file","type":"text","hidden":false,"required":true,"index":false}]},{"name":"elf_segments","description":"ELF segment information.","platforms":["linux"],"columns":[{"name":"name","description":"Segment type/name","type":"text","hidden":false,"required":false,"index":false},{"name":"offset","description":"Segment offset in file","type":"integer","hidden":false,"required":false,"index":false},{"name":"vaddr","description":"Segment virtual address in memory","type":"integer","hidden":false,"required":false,"index":false},{"name":"psize","description":"Size of segment in file","type":"integer","hidden":false,"required":false,"index":false},{"name":"msize","description":"Segment offset in memory","type":"integer","hidden":false,"required":false,"index":false},{"name":"flags","description":"Segment attributes","type":"text","hidden":false,"required":false,"index":false},{"name":"align","description":"Segment alignment","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to ELF file","type":"text","hidden":false,"required":true,"index":false}]},{"name":"elf_symbols","description":"ELF symbol list.","platforms":["linux"],"columns":[{"name":"name","description":"Symbol name","type":"text","hidden":false,"required":false,"index":false},{"name":"addr","description":"Symbol address (value)","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of object","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Symbol type","type":"text","hidden":false,"required":false,"index":false},{"name":"binding","description":"Binding type","type":"text","hidden":false,"required":false,"index":false},{"name":"offset","description":"Section table index","type":"integer","hidden":false,"required":false,"index":false},{"name":"table","description":"Table name containing symbol","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to ELF file","type":"text","hidden":false,"required":true,"index":false}]},{"name":"es_process_events","description":"Process execution events from EndpointSecurity.","platforms":["darwin"],"columns":[{"name":"version","description":"Version of EndpointSecurity event","type":"integer","hidden":false,"required":false,"index":false},{"name":"seq_num","description":"Per event sequence number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"global_seq_num","description":"Global sequence number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process (or thread) ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of executed file","type":"text","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"original_parent","description":"Original parent process ID in case of reparenting","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cmdline","description":"Command line arguments (argv)","type":"text","hidden":false,"required":false,"index":false},{"name":"cmdline_count","description":"Number of command line arguments","type":"bigint","hidden":false,"required":false,"index":false},{"name":"env","description":"Environment variables delimited by spaces","type":"text","hidden":false,"required":false,"index":false},{"name":"env_count","description":"Number of environment variables","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cwd","description":"The process current working directory","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID of the process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"euid","description":"Effective User ID of the process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID of the process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"egid","description":"Effective Group ID of the process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"username","description":"Username","type":"text","hidden":false,"required":false,"index":false},{"name":"signing_id","description":"Signature identifier of the process","type":"text","hidden":false,"required":false,"index":false},{"name":"team_id","description":"Team identifier of thd process","type":"text","hidden":false,"required":false,"index":false},{"name":"cdhash","description":"Codesigning hash of the process","type":"text","hidden":false,"required":false,"index":false},{"name":"platform_binary","description":"Indicates if the binary is Apple signed binary (1) or not (0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"exit_code","description":"Exit code of a process in case of an exit event","type":"integer","hidden":false,"required":false,"index":false},{"name":"child_pid","description":"Process ID of a child process in case of a fork event","type":"bigint","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"event_type","description":"Type of EndpointSecurity event","type":"text","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"etc_hosts","description":"Line-parsed /etc/hosts.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"address","description":"IP address mapping","type":"text","hidden":false,"required":false,"index":false},{"name":"hostnames","description":"Raw hosts mapping","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"etc_protocols","description":"Line-parsed /etc/protocols.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Protocol name","type":"text","hidden":false,"required":false,"index":false},{"name":"number","description":"Protocol number","type":"integer","hidden":false,"required":false,"index":false},{"name":"alias","description":"Protocol alias","type":"text","hidden":false,"required":false,"index":false},{"name":"comment","description":"Comment with protocol description","type":"text","hidden":false,"required":false,"index":false}]},{"name":"etc_services","description":"Line-parsed /etc/services.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Service name","type":"text","hidden":false,"required":false,"index":false},{"name":"port","description":"Service port number","type":"integer","hidden":false,"required":false,"index":false},{"name":"protocol","description":"Transport protocol (TCP/UDP)","type":"text","hidden":false,"required":false,"index":false},{"name":"aliases","description":"Optional space separated list of other names for a service","type":"text","hidden":false,"required":false,"index":false},{"name":"comment","description":"Optional comment for a service.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"event_taps","description":"Returns information about installed event taps.","platforms":["darwin"],"columns":[{"name":"enabled","description":"Is the Event Tap enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"event_tap_id","description":"Unique ID for the Tap","type":"integer","hidden":false,"required":false,"index":false},{"name":"event_tapped","description":"The mask that identifies the set of events to be observed.","type":"text","hidden":false,"required":false,"index":false},{"name":"process_being_tapped","description":"The process ID of the target application","type":"integer","hidden":false,"required":false,"index":false},{"name":"tapping_process","description":"The process ID of the application that created the event tap.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"example","description":"This is an example table spec.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Description for name column","type":"text","hidden":false,"required":false,"index":false},{"name":"points","description":"This is a signed SQLite int column","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"This is a signed SQLite bigint column","type":"bigint","hidden":false,"required":false,"index":false},{"name":"action","description":"Action performed in generation","type":"text","hidden":false,"required":true,"index":false},{"name":"id","description":"An index of some sort","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of example","type":"text","hidden":false,"required":false,"index":false}]},{"name":"extended_attributes","description":"Returns the extended attributes for files (similar to Windows ADS).","platforms":["darwin","linux"],"columns":[{"name":"path","description":"Absolute file path","type":"text","hidden":false,"required":true,"index":false},{"name":"directory","description":"Directory of file(s)","type":"text","hidden":false,"required":true,"index":false},{"name":"key","description":"Name of the value generated from the extended attribute","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"The parsed information from the attribute","type":"text","hidden":false,"required":false,"index":false},{"name":"base64","description":"1 if the value is base64 encoded else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"fan_speed_sensors","description":"Fan speeds.","platforms":["darwin"],"columns":[{"name":"fan","description":"Fan number","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Fan name","type":"text","hidden":false,"required":false,"index":false},{"name":"actual","description":"Actual speed","type":"integer","hidden":false,"required":false,"index":false},{"name":"min","description":"Minimum speed","type":"integer","hidden":false,"required":false,"index":false},{"name":"max","description":"Maximum speed","type":"integer","hidden":false,"required":false,"index":false},{"name":"target","description":"Target speed","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"fbsd_kmods","description":"Loaded FreeBSD kernel modules.","platforms":["freebsd"],"columns":[{"name":"name","description":"Module name","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of module content","type":"integer","hidden":false,"required":false,"index":false},{"name":"refs","description":"Module reverse dependencies","type":"integer","hidden":false,"required":false,"index":false},{"name":"address","description":"Kernel module address","type":"text","hidden":false,"required":false,"index":false}]},{"name":"file","description":"Interactive filesystem attributes and metadata.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"path","description":"Absolute file path","type":"text","hidden":false,"required":true,"index":false},{"name":"directory","description":"Directory of file(s)","type":"text","hidden":false,"required":true,"index":false},{"name":"filename","description":"Name portion of file path","type":"text","hidden":false,"required":false,"index":false},{"name":"inode","description":"Filesystem inode number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"Owning user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Owning group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mode","description":"Permission bits","type":"text","hidden":false,"required":false,"index":false},{"name":"device","description":"Device ID (optional)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of file in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"block_size","description":"Block size of filesystem","type":"integer","hidden":false,"required":false,"index":false},{"name":"atime","description":"Last access time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mtime","description":"Last modification time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ctime","description":"Last status change time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"btime","description":"(B)irth or (cr)eate time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"hard_links","description":"Number of hard links","type":"integer","hidden":false,"required":false,"index":false},{"name":"symlink","description":"1 if the path is a symlink, otherwise 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"File status","type":"text","hidden":false,"required":false,"index":false},{"name":"attributes","description":"File attrib string. See: https://ss64.com/nt/attrib.html","type":"text","hidden":true,"required":false,"index":false},{"name":"volume_serial","description":"Volume serial number","type":"text","hidden":true,"required":false,"index":false},{"name":"file_id","description":"file ID","type":"text","hidden":true,"required":false,"index":false},{"name":"file_version","description":"File version","type":"text","hidden":true,"required":false,"index":false},{"name":"product_version","description":"File product version","type":"text","hidden":true,"required":false,"index":false},{"name":"bsd_flags","description":"The BSD file flags (chflags). Possible values: NODUMP, UF_IMMUTABLE, UF_APPEND, OPAQUE, HIDDEN, ARCHIVED, SF_IMMUTABLE, SF_APPEND","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false},{"name":"mount_namespace_id","description":"Mount namespace id","type":"text","hidden":true,"required":false,"index":false}]},{"name":"file_events","description":"Track time/action changes to files specified in configuration data.","platforms":["darwin","linux"],"columns":[{"name":"target_path","description":"The path associated with the event","type":"text","hidden":false,"required":false,"index":false},{"name":"category","description":"The category of the file defined in the config","type":"text","hidden":false,"required":false,"index":false},{"name":"action","description":"Change action (UPDATE, REMOVE, etc)","type":"text","hidden":false,"required":false,"index":false},{"name":"transaction_id","description":"ID used during bulk update","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inode","description":"Filesystem inode number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"Owning user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Owning group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mode","description":"Permission bits","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of file in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"atime","description":"Last access time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mtime","description":"Last modification time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ctime","description":"Last status change time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"md5","description":"The MD5 of the file after change","type":"text","hidden":false,"required":false,"index":false},{"name":"sha1","description":"The SHA1 of the file after change","type":"text","hidden":false,"required":false,"index":false},{"name":"sha256","description":"The SHA256 of the file after change","type":"text","hidden":false,"required":false,"index":false},{"name":"hashed","description":"1 if the file was hashed, 0 if not, -1 if hashing failed","type":"integer","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of file event","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"firefox_addons","description":"Firefox browser extensions, webapps, and addons.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"uid","description":"The local user that owns the addon","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Addon display name","type":"text","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Addon identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"creator","description":"Addon-supported creator string","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Extension, addon, webapp","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Addon-supplied version string","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Addon-supplied description string","type":"text","hidden":false,"required":false,"index":false},{"name":"source_url","description":"URL that installed the addon","type":"text","hidden":false,"required":false,"index":false},{"name":"visible","description":"1 If the addon is shown in browser else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"active","description":"1 If the addon is active else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"disabled","description":"1 If the addon is application-disabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"autoupdate","description":"1 If the addon applies background updates else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"native","description":"1 If the addon includes binary components else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"location","description":"Global, profile location","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to plugin bundle","type":"text","hidden":false,"required":false,"index":false}]},{"name":"gatekeeper","description":"OS X Gatekeeper Details.","platforms":["darwin"],"columns":[{"name":"assessments_enabled","description":"1 If a Gatekeeper is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"dev_id_enabled","description":"1 If a Gatekeeper allows execution from identified developers else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"version","description":"Version of Gatekeeper's gke.bundle","type":"text","hidden":false,"required":false,"index":false},{"name":"opaque_version","description":"Version of Gatekeeper's gkopaque.bundle","type":"text","hidden":false,"required":false,"index":false}]},{"name":"gatekeeper_approved_apps","description":"Gatekeeper apps a user has allowed to run.","platforms":["darwin"],"columns":[{"name":"path","description":"Path of executable allowed to run","type":"text","hidden":false,"required":false,"index":false},{"name":"requirement","description":"Code signing requirement language","type":"text","hidden":false,"required":false,"index":false},{"name":"ctime","description":"Last change time","type":"double","hidden":false,"required":false,"index":false},{"name":"mtime","description":"Last modification time","type":"double","hidden":false,"required":false,"index":false}]},{"name":"groups","description":"Local system groups.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"gid","description":"Unsigned int64 group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid_signed","description":"A signed int64 version of gid","type":"bigint","hidden":false,"required":false,"index":false},{"name":"groupname","description":"Canonical local group name","type":"text","hidden":false,"required":false,"index":false},{"name":"group_sid","description":"Unique group ID","type":"text","hidden":true,"required":false,"index":false},{"name":"comment","description":"Remarks or comments associated with the group","type":"text","hidden":true,"required":false,"index":false},{"name":"is_hidden","description":"IsHidden attribute set in OpenDirectory","type":"integer","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"hardware_events","description":"Hardware (PCI/USB/HID) events from UDEV or IOKit.","platforms":["darwin","linux"],"columns":[{"name":"action","description":"Remove, insert, change properties, etc","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Local device path assigned (optional)","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of hardware and hardware event","type":"text","hidden":false,"required":false,"index":false},{"name":"driver","description":"Driver claiming the device","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor","description":"Hardware device vendor","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor_id","description":"Hex encoded Hardware vendor identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"Hardware device model","type":"text","hidden":false,"required":false,"index":false},{"name":"model_id","description":"Hex encoded Hardware model identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"serial","description":"Device serial (optional)","type":"text","hidden":false,"required":false,"index":false},{"name":"revision","description":"Device revision (optional)","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of hardware event","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"hash","description":"Filesystem hash data.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"path","description":"Must provide a path or directory","type":"text","hidden":false,"required":true,"index":false},{"name":"directory","description":"Must provide a path or directory","type":"text","hidden":false,"required":true,"index":false},{"name":"md5","description":"MD5 hash of provided filesystem data","type":"text","hidden":false,"required":false,"index":false},{"name":"sha1","description":"SHA1 hash of provided filesystem data","type":"text","hidden":false,"required":false,"index":false},{"name":"sha256","description":"SHA256 hash of provided filesystem data","type":"text","hidden":false,"required":false,"index":false},{"name":"ssdeep","description":"ssdeep hash of provided filesystem data","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false},{"name":"mount_namespace_id","description":"Mount namespace id","type":"text","hidden":true,"required":false,"index":false}]},{"name":"homebrew_packages","description":"The installed homebrew package database.","platforms":["darwin"],"columns":[{"name":"name","description":"Package name","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Package install path","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Current 'linked' version","type":"text","hidden":false,"required":false,"index":false},{"name":"prefix","description":"Homebrew install prefix","type":"text","hidden":true,"required":false,"index":false}]},{"name":"hvci_status","description":"Retrieve HVCI info of the machine.","platforms":["windows"],"columns":[{"name":"version","description":"The version number of the Device Guard build.","type":"text","hidden":false,"required":false,"index":false},{"name":"instance_identifier","description":"The instance ID of Device Guard.","type":"text","hidden":false,"required":false,"index":false},{"name":"vbs_status","description":"The status of the virtualization based security settings. Returns UNKNOWN if an error is encountered.","type":"text","hidden":false,"required":false,"index":false},{"name":"code_integrity_policy_enforcement_status","description":"The status of the code integrity policy enforcement settings. Returns UNKNOWN if an error is encountered.","type":"text","hidden":false,"required":false,"index":false},{"name":"umci_policy_status","description":"The status of the User Mode Code Integrity security settings. Returns UNKNOWN if an error is encountered.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ibridge_info","description":"Information about the Apple iBridge hardware controller.","platforms":["darwin"],"columns":[{"name":"boot_uuid","description":"Boot UUID of the iBridge controller","type":"text","hidden":false,"required":false,"index":false},{"name":"coprocessor_version","description":"The manufacturer and chip version","type":"text","hidden":false,"required":false,"index":false},{"name":"firmware_version","description":"The build version of the firmware","type":"text","hidden":false,"required":false,"index":false},{"name":"unique_chip_id","description":"Unique id of the iBridge controller","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ie_extensions","description":"Internet Explorer browser extensions.","platforms":["windows"],"columns":[{"name":"name","description":"Extension display name","type":"text","hidden":false,"required":false,"index":false},{"name":"registry_path","description":"Extension identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Version of the executable","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to executable","type":"text","hidden":false,"required":false,"index":false}]},{"name":"intel_me_info","description":"Intel ME/CSE Info.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"version","description":"Intel ME version","type":"text","hidden":false,"required":false,"index":false}]},{"name":"interface_addresses","description":"Network interfaces and relevant metadata.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"interface","description":"Interface name","type":"text","hidden":false,"required":false,"index":false},{"name":"address","description":"Specific address for interface","type":"text","hidden":false,"required":false,"index":false},{"name":"mask","description":"Interface netmask","type":"text","hidden":false,"required":false,"index":false},{"name":"broadcast","description":"Broadcast address for the interface","type":"text","hidden":false,"required":false,"index":false},{"name":"point_to_point","description":"PtP address for the interface","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of address. One of dhcp, manual, auto, other, unknown","type":"text","hidden":false,"required":false,"index":false},{"name":"friendly_name","description":"The friendly display name of the interface.","type":"text","hidden":true,"required":false,"index":false}]},{"name":"interface_details","description":"Detailed information and stats of network interfaces.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"interface","description":"Interface name","type":"text","hidden":false,"required":false,"index":false},{"name":"mac","description":"MAC of interface (optional)","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Interface type (includes virtual)","type":"integer","hidden":false,"required":false,"index":false},{"name":"mtu","description":"Network MTU","type":"integer","hidden":false,"required":false,"index":false},{"name":"metric","description":"Metric based on the speed of the interface","type":"integer","hidden":false,"required":false,"index":false},{"name":"flags","description":"Flags (netdevice) for the device","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipackets","description":"Input packets","type":"bigint","hidden":false,"required":false,"index":false},{"name":"opackets","description":"Output packets","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ibytes","description":"Input bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"obytes","description":"Output bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ierrors","description":"Input errors","type":"bigint","hidden":false,"required":false,"index":false},{"name":"oerrors","description":"Output errors","type":"bigint","hidden":false,"required":false,"index":false},{"name":"idrops","description":"Input drops","type":"bigint","hidden":false,"required":false,"index":false},{"name":"odrops","description":"Output drops","type":"bigint","hidden":false,"required":false,"index":false},{"name":"collisions","description":"Packet Collisions detected","type":"bigint","hidden":false,"required":false,"index":false},{"name":"last_change","description":"Time of last device modification (optional)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"link_speed","description":"Interface speed in Mb/s","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pci_slot","description":"PCI slot number","type":"text","hidden":true,"required":false,"index":false},{"name":"friendly_name","description":"The friendly display name of the interface.","type":"text","hidden":true,"required":false,"index":false},{"name":"description","description":"Short description of the object a one-line string.","type":"text","hidden":true,"required":false,"index":false},{"name":"manufacturer","description":"Name of the network adapter's manufacturer.","type":"text","hidden":true,"required":false,"index":false},{"name":"connection_id","description":"Name of the network connection as it appears in the Network Connections Control Panel program.","type":"text","hidden":true,"required":false,"index":false},{"name":"connection_status","description":"State of the network adapter connection to the network.","type":"text","hidden":true,"required":false,"index":false},{"name":"enabled","description":"Indicates whether the adapter is enabled or not.","type":"integer","hidden":true,"required":false,"index":false},{"name":"physical_adapter","description":"Indicates whether the adapter is a physical or a logical adapter.","type":"integer","hidden":true,"required":false,"index":false},{"name":"speed","description":"Estimate of the current bandwidth in bits per second.","type":"integer","hidden":true,"required":false,"index":false},{"name":"service","description":"The name of the service the network adapter uses.","type":"text","hidden":true,"required":false,"index":false},{"name":"dhcp_enabled","description":"If TRUE, the dynamic host configuration protocol (DHCP) server automatically assigns an IP address to the computer system when establishing a network connection.","type":"integer","hidden":true,"required":false,"index":false},{"name":"dhcp_lease_expires","description":"Expiration date and time for a leased IP address that was assigned to the computer by the dynamic host configuration protocol (DHCP) server.","type":"text","hidden":true,"required":false,"index":false},{"name":"dhcp_lease_obtained","description":"Date and time the lease was obtained for the IP address assigned to the computer by the dynamic host configuration protocol (DHCP) server.","type":"text","hidden":true,"required":false,"index":false},{"name":"dhcp_server","description":"IP address of the dynamic host configuration protocol (DHCP) server.","type":"text","hidden":true,"required":false,"index":false},{"name":"dns_domain","description":"Organization name followed by a period and an extension that indicates the type of organization, such as 'microsoft.com'.","type":"text","hidden":true,"required":false,"index":false},{"name":"dns_domain_suffix_search_order","description":"Array of DNS domain suffixes to be appended to the end of host names during name resolution.","type":"text","hidden":true,"required":false,"index":false},{"name":"dns_host_name","description":"Host name used to identify the local computer for authentication by some utilities.","type":"text","hidden":true,"required":false,"index":false},{"name":"dns_server_search_order","description":"Array of server IP addresses to be used in querying for DNS servers.","type":"text","hidden":true,"required":false,"index":false}]},{"name":"interface_ipv6","description":"IPv6 configuration and stats of network interfaces.","platforms":["darwin","linux"],"columns":[{"name":"interface","description":"Interface name","type":"text","hidden":false,"required":false,"index":false},{"name":"hop_limit","description":"Current Hop Limit","type":"integer","hidden":false,"required":false,"index":false},{"name":"forwarding_enabled","description":"Enable IP forwarding","type":"integer","hidden":false,"required":false,"index":false},{"name":"redirect_accept","description":"Accept ICMP redirect messages","type":"integer","hidden":false,"required":false,"index":false},{"name":"rtadv_accept","description":"Accept ICMP Router Advertisement","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"iokit_devicetree","description":"The IOKit registry matching the DeviceTree plane.","platforms":["darwin"],"columns":[{"name":"name","description":"Device node name","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"Best matching device class (most-specific category)","type":"text","hidden":false,"required":false,"index":false},{"name":"id","description":"IOKit internal registry ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent device registry ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"device_path","description":"Device tree path","type":"text","hidden":false,"required":false,"index":false},{"name":"service","description":"1 if the device conforms to IOService else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"busy_state","description":"1 if the device is in a busy state else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"retain_count","description":"The device reference count","type":"integer","hidden":false,"required":false,"index":false},{"name":"depth","description":"Device nested depth","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"iokit_registry","description":"The full IOKit registry without selecting a plane.","platforms":["darwin"],"columns":[{"name":"name","description":"Default name of the node","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"Best matching device class (most-specific category)","type":"text","hidden":false,"required":false,"index":false},{"name":"id","description":"IOKit internal registry ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"parent","description":"Parent registry ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"busy_state","description":"1 if the node is in a busy state else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"retain_count","description":"The node reference count","type":"integer","hidden":false,"required":false,"index":false},{"name":"depth","description":"Node nested depth","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"iptables","description":"Linux IP packet filtering and NAT tool.","platforms":["linux"],"columns":[{"name":"filter_name","description":"Packet matching filter table name.","type":"text","hidden":false,"required":false,"index":false},{"name":"chain","description":"Size of module content.","type":"text","hidden":false,"required":false,"index":false},{"name":"policy","description":"Policy that applies for this rule.","type":"text","hidden":false,"required":false,"index":false},{"name":"target","description":"Target that applies for this rule.","type":"text","hidden":false,"required":false,"index":false},{"name":"protocol","description":"Protocol number identification.","type":"integer","hidden":false,"required":false,"index":false},{"name":"src_port","description":"Protocol source port(s).","type":"text","hidden":false,"required":false,"index":false},{"name":"dst_port","description":"Protocol destination port(s).","type":"text","hidden":false,"required":false,"index":false},{"name":"src_ip","description":"Source IP address.","type":"text","hidden":false,"required":false,"index":false},{"name":"src_mask","description":"Source IP address mask.","type":"text","hidden":false,"required":false,"index":false},{"name":"iniface","description":"Input interface for the rule.","type":"text","hidden":false,"required":false,"index":false},{"name":"iniface_mask","description":"Input interface mask for the rule.","type":"text","hidden":false,"required":false,"index":false},{"name":"dst_ip","description":"Destination IP address.","type":"text","hidden":false,"required":false,"index":false},{"name":"dst_mask","description":"Destination IP address mask.","type":"text","hidden":false,"required":false,"index":false},{"name":"outiface","description":"Output interface for the rule.","type":"text","hidden":false,"required":false,"index":false},{"name":"outiface_mask","description":"Output interface mask for the rule.","type":"text","hidden":false,"required":false,"index":false},{"name":"match","description":"Matching rule that applies.","type":"text","hidden":false,"required":false,"index":false},{"name":"packets","description":"Number of matching packets for this rule.","type":"integer","hidden":false,"required":false,"index":false},{"name":"bytes","description":"Number of matching bytes for this rule.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"kernel_extensions","description":"OS X's kernel extensions, both loaded and within the load search path.","platforms":["darwin"],"columns":[{"name":"idx","description":"Extension load tag or index","type":"integer","hidden":false,"required":false,"index":false},{"name":"refs","description":"Reference count","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Bytes of wired memory used by extension","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Extension label","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Extension version","type":"text","hidden":false,"required":false,"index":false},{"name":"linked_against","description":"Indexes of extensions this extension is linked against","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Optional path to extension bundle","type":"text","hidden":false,"required":false,"index":false}]},{"name":"kernel_info","description":"Basic active kernel information.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"version","description":"Kernel version","type":"text","hidden":false,"required":false,"index":false},{"name":"arguments","description":"Kernel arguments","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Kernel path","type":"text","hidden":false,"required":false,"index":false},{"name":"device","description":"Kernel device identifier","type":"text","hidden":false,"required":false,"index":false}]},{"name":"kernel_modules","description":"Linux kernel modules both loaded and within the load search path.","platforms":["linux"],"columns":[{"name":"name","description":"Module name","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of module content","type":"bigint","hidden":false,"required":false,"index":false},{"name":"used_by","description":"Module reverse dependencies","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Kernel module status","type":"text","hidden":false,"required":false,"index":false},{"name":"address","description":"Kernel module address","type":"text","hidden":false,"required":false,"index":false}]},{"name":"kernel_panics","description":"System kernel panic logs.","platforms":["darwin"],"columns":[{"name":"path","description":"Location of log file","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Formatted time of the event","type":"text","hidden":false,"required":false,"index":false},{"name":"registers","description":"A space delimited line of register:value pairs","type":"text","hidden":false,"required":false,"index":false},{"name":"frame_backtrace","description":"Backtrace of the crashed module","type":"text","hidden":false,"required":false,"index":false},{"name":"module_backtrace","description":"Modules appearing in the crashed module's backtrace","type":"text","hidden":false,"required":false,"index":false},{"name":"dependencies","description":"Module dependencies existing in crashed module's backtrace","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Process name corresponding to crashed thread","type":"text","hidden":false,"required":false,"index":false},{"name":"os_version","description":"Version of the operating system","type":"text","hidden":false,"required":false,"index":false},{"name":"kernel_version","description":"Version of the system kernel","type":"text","hidden":false,"required":false,"index":false},{"name":"system_model","description":"Physical system model, for example 'MacBookPro12,1 (Mac-E43C1C25D4880AD6)'","type":"text","hidden":false,"required":false,"index":false},{"name":"uptime","description":"System uptime at kernel panic in nanoseconds","type":"bigint","hidden":false,"required":false,"index":false},{"name":"last_loaded","description":"Last loaded module before panic","type":"text","hidden":false,"required":false,"index":false},{"name":"last_unloaded","description":"Last unloaded module before panic","type":"text","hidden":false,"required":false,"index":false}]},{"name":"keychain_acls","description":"Applications that have ACL entries in the keychain.","platforms":["darwin"],"columns":[{"name":"keychain_path","description":"The path of the keychain","type":"text","hidden":false,"required":false,"index":false},{"name":"authorizations","description":"A space delimited set of authorization attributes","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"The path of the authorized application","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"The description included with the ACL entry","type":"text","hidden":false,"required":false,"index":false},{"name":"label","description":"An optional label tag that may be included with the keychain entry","type":"text","hidden":false,"required":false,"index":false}]},{"name":"keychain_items","description":"Generic details about keychain items.","platforms":["darwin"],"columns":[{"name":"label","description":"Generic item name","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Optional item description","type":"text","hidden":false,"required":false,"index":false},{"name":"comment","description":"Optional keychain comment","type":"text","hidden":false,"required":false,"index":false},{"name":"created","description":"Data item was created","type":"text","hidden":false,"required":false,"index":false},{"name":"modified","description":"Date of last modification","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Keychain item type (class)","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to keychain containing item","type":"text","hidden":false,"required":false,"index":false}]},{"name":"known_hosts","description":"A line-delimited known_hosts table.","platforms":["darwin","linux"],"columns":[{"name":"uid","description":"The local user that owns the known_hosts file","type":"bigint","hidden":false,"required":false,"index":false},{"name":"key","description":"parsed authorized keys line","type":"text","hidden":false,"required":false,"index":false},{"name":"key_file","description":"Path to known_hosts file","type":"text","hidden":false,"required":false,"index":false}]},{"name":"kva_speculative_info","description":"Display kernel virtual address and speculative execution information for the system.","platforms":["windows"],"columns":[{"name":"kva_shadow_enabled","description":"Kernel Virtual Address shadowing is enabled.","type":"integer","hidden":false,"required":false,"index":false},{"name":"kva_shadow_user_global","description":"User pages are marked as global.","type":"integer","hidden":false,"required":false,"index":false},{"name":"kva_shadow_pcid","description":"Kernel VA PCID flushing optimization is enabled.","type":"integer","hidden":false,"required":false,"index":false},{"name":"kva_shadow_inv_pcid","description":"Kernel VA INVPCID is enabled.","type":"integer","hidden":false,"required":false,"index":false},{"name":"bp_mitigations","description":"Branch Prediction mitigations are enabled.","type":"integer","hidden":false,"required":false,"index":false},{"name":"bp_system_pol_disabled","description":"Branch Predictions are disabled via system policy.","type":"integer","hidden":false,"required":false,"index":false},{"name":"bp_microcode_disabled","description":"Branch Predictions are disabled due to lack of microcode update.","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_spec_ctrl_supported","description":"SPEC_CTRL MSR supported by CPU Microcode.","type":"integer","hidden":false,"required":false,"index":false},{"name":"ibrs_support_enabled","description":"Windows uses IBRS.","type":"integer","hidden":false,"required":false,"index":false},{"name":"stibp_support_enabled","description":"Windows uses STIBP.","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_pred_cmd_supported","description":"PRED_CMD MSR supported by CPU Microcode.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"last","description":"System logins and logouts.","platforms":["darwin","linux"],"columns":[{"name":"username","description":"Entry username","type":"text","hidden":false,"required":false,"index":false},{"name":"tty","description":"Entry terminal","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Entry type, according to ut_type types (utmp.h)","type":"integer","hidden":false,"required":false,"index":false},{"name":"type_name","description":"Entry type name, according to ut_type types (utmp.h)","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Entry timestamp","type":"integer","hidden":false,"required":false,"index":false},{"name":"host","description":"Entry hostname","type":"text","hidden":false,"required":false,"index":false}]},{"name":"launchd","description":"LaunchAgents and LaunchDaemons from default search paths.","platforms":["darwin"],"columns":[{"name":"path","description":"Path to daemon or agent plist","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"File name of plist (used by launchd)","type":"text","hidden":false,"required":false,"index":false},{"name":"label","description":"Daemon or agent service name","type":"text","hidden":false,"required":false,"index":false},{"name":"program","description":"Path to target program","type":"text","hidden":false,"required":false,"index":false},{"name":"run_at_load","description":"Should the program run on launch load","type":"text","hidden":false,"required":false,"index":false},{"name":"keep_alive","description":"Should the process be restarted if killed","type":"text","hidden":false,"required":false,"index":false},{"name":"on_demand","description":"Deprecated key, replaced by keep_alive","type":"text","hidden":false,"required":false,"index":false},{"name":"disabled","description":"Skip loading this daemon or agent on boot","type":"text","hidden":false,"required":false,"index":false},{"name":"username","description":"Run this daemon or agent as this username","type":"text","hidden":false,"required":false,"index":false},{"name":"groupname","description":"Run this daemon or agent as this group","type":"text","hidden":false,"required":false,"index":false},{"name":"stdout_path","description":"Pipe stdout to a target path","type":"text","hidden":false,"required":false,"index":false},{"name":"stderr_path","description":"Pipe stderr to a target path","type":"text","hidden":false,"required":false,"index":false},{"name":"start_interval","description":"Frequency to run in seconds","type":"text","hidden":false,"required":false,"index":false},{"name":"program_arguments","description":"Command line arguments passed to program","type":"text","hidden":false,"required":false,"index":false},{"name":"watch_paths","description":"Key that launches daemon or agent if path is modified","type":"text","hidden":false,"required":false,"index":false},{"name":"queue_directories","description":"Similar to watch_paths but only with non-empty directories","type":"text","hidden":false,"required":false,"index":false},{"name":"inetd_compatibility","description":"Run this daemon or agent as it was launched from inetd","type":"text","hidden":false,"required":false,"index":false},{"name":"start_on_mount","description":"Run daemon or agent every time a filesystem is mounted","type":"text","hidden":false,"required":false,"index":false},{"name":"root_directory","description":"Key used to specify a directory to chroot to before launch","type":"text","hidden":false,"required":false,"index":false},{"name":"working_directory","description":"Key used to specify a directory to chdir to before launch","type":"text","hidden":false,"required":false,"index":false},{"name":"process_type","description":"Key describes the intended purpose of the job","type":"text","hidden":false,"required":false,"index":false}]},{"name":"launchd_overrides","description":"Override keys, per user, for LaunchDaemons and Agents.","platforms":["darwin"],"columns":[{"name":"label","description":"Daemon or agent service name","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Name of the override key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Overridden value","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID applied to the override, 0 applies to all","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to daemon or agent plist","type":"text","hidden":false,"required":false,"index":false}]},{"name":"listening_ports","description":"Processes with listening (bound) network sockets/ports.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"port","description":"Transport layer port","type":"integer","hidden":false,"required":false,"index":false},{"name":"protocol","description":"Transport protocol (TCP/UDP)","type":"integer","hidden":false,"required":false,"index":false},{"name":"family","description":"Network protocol (IPv4, IPv6)","type":"integer","hidden":false,"required":false,"index":false},{"name":"address","description":"Specific address for bind","type":"text","hidden":false,"required":false,"index":false},{"name":"fd","description":"Socket file descriptor number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"socket","description":"Socket handle or inode number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path for UNIX domain sockets","type":"text","hidden":false,"required":false,"index":false},{"name":"net_namespace","description":"The inode number of the network namespace","type":"text","hidden":true,"required":false,"index":false}]},{"name":"lldp_neighbors","description":"LLDP neighbors of interfaces.","platforms":["linux"],"columns":[{"name":"interface","description":"Interface name","type":"text","hidden":false,"required":false,"index":false},{"name":"rid","description":"Neighbor chassis index","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_id_type","description":"Neighbor chassis ID type","type":"text","hidden":false,"required":false,"index":false},{"name":"chassis_id","description":"Neighbor chassis ID value","type":"text","hidden":false,"required":false,"index":false},{"name":"chassis_sysname","description":"CPU brand string, contains vendor and model","type":"text","hidden":false,"required":false,"index":false},{"name":"chassis_sys_description","description":"Max number of CPU physical cores","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_bridge_capability_available","description":"Chassis bridge capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_bridge_capability_enabled","description":"Is chassis bridge capability enabled.","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_router_capability_available","description":"Chassis router capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_router_capability_enabled","description":"Chassis router capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_repeater_capability_available","description":"Chassis repeater capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_repeater_capability_enabled","description":"Chassis repeater capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_wlan_capability_available","description":"Chassis wlan capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_wlan_capability_enabled","description":"Chassis wlan capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_tel_capability_available","description":"Chassis telephone capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_tel_capability_enabled","description":"Chassis telephone capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_docsis_capability_available","description":"Chassis DOCSIS capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_docsis_capability_enabled","description":"Chassis DOCSIS capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_station_capability_available","description":"Chassis station capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_station_capability_enabled","description":"Chassis station capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_other_capability_available","description":"Chassis other capability availability","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_other_capability_enabled","description":"Chassis other capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"chassis_mgmt_ips","description":"Comma delimited list of chassis management IPS","type":"text","hidden":false,"required":false,"index":false},{"name":"port_id_type","description":"Port ID type","type":"text","hidden":false,"required":false,"index":false},{"name":"port_id","description":"Port ID value","type":"text","hidden":false,"required":false,"index":false},{"name":"port_description","description":"Port description","type":"text","hidden":false,"required":false,"index":false},{"name":"port_ttl","description":"Age of neighbor port","type":"bigint","hidden":false,"required":false,"index":false},{"name":"port_mfs","description":"Port max frame size","type":"bigint","hidden":false,"required":false,"index":false},{"name":"port_aggregation_id","description":"Port aggregation ID","type":"text","hidden":false,"required":false,"index":false},{"name":"port_autoneg_supported","description":"Auto negotiation supported","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_enabled","description":"Is auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_mau_type","description":"MAU type","type":"text","hidden":false,"required":false,"index":false},{"name":"port_autoneg_10baset_hd_enabled","description":"10Base-T HD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_10baset_fd_enabled","description":"10Base-T FD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_100basetx_hd_enabled","description":"100Base-TX HD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_100basetx_fd_enabled","description":"100Base-TX FD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_100baset2_hd_enabled","description":"100Base-T2 HD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_100baset2_fd_enabled","description":"100Base-T2 FD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_100baset4_hd_enabled","description":"100Base-T4 HD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_100baset4_fd_enabled","description":"100Base-T4 FD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_1000basex_hd_enabled","description":"1000Base-X HD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_1000basex_fd_enabled","description":"1000Base-X FD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_1000baset_hd_enabled","description":"1000Base-T HD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"port_autoneg_1000baset_fd_enabled","description":"1000Base-T FD auto negotiation enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"power_device_type","description":"Dot3 power device type","type":"text","hidden":false,"required":false,"index":false},{"name":"power_mdi_supported","description":"MDI power supported","type":"integer","hidden":false,"required":false,"index":false},{"name":"power_mdi_enabled","description":"Is MDI power enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"power_paircontrol_enabled","description":"Is power pair control enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"power_pairs","description":"Dot3 power pairs","type":"text","hidden":false,"required":false,"index":false},{"name":"power_class","description":"Power class","type":"text","hidden":false,"required":false,"index":false},{"name":"power_8023at_enabled","description":"Is 802.3at enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"power_8023at_power_type","description":"802.3at power type","type":"text","hidden":false,"required":false,"index":false},{"name":"power_8023at_power_source","description":"802.3at power source","type":"text","hidden":false,"required":false,"index":false},{"name":"power_8023at_power_priority","description":"802.3at power priority","type":"text","hidden":false,"required":false,"index":false},{"name":"power_8023at_power_allocated","description":"802.3at power allocated","type":"text","hidden":false,"required":false,"index":false},{"name":"power_8023at_power_requested","description":"802.3at power requested","type":"text","hidden":false,"required":false,"index":false},{"name":"med_device_type","description":"Chassis MED type","type":"text","hidden":false,"required":false,"index":false},{"name":"med_capability_capabilities","description":"Is MED capabilities enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"med_capability_policy","description":"Is MED policy capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"med_capability_location","description":"Is MED location capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"med_capability_mdi_pse","description":"Is MED MDI PSE capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"med_capability_mdi_pd","description":"Is MED MDI PD capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"med_capability_inventory","description":"Is MED inventory capability enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"med_policies","description":"Comma delimited list of MED policies","type":"text","hidden":false,"required":false,"index":false},{"name":"vlans","description":"Comma delimited list of vlan ids","type":"text","hidden":false,"required":false,"index":false},{"name":"pvid","description":"Primary VLAN id","type":"text","hidden":false,"required":false,"index":false},{"name":"ppvids_supported","description":"Comma delimited list of supported PPVIDs","type":"text","hidden":false,"required":false,"index":false},{"name":"ppvids_enabled","description":"Comma delimited list of enabled PPVIDs","type":"text","hidden":false,"required":false,"index":false},{"name":"pids","description":"Comma delimited list of PIDs","type":"text","hidden":false,"required":false,"index":false}]},{"name":"load_average","description":"Displays information about the system wide load averages.","platforms":["darwin","linux"],"columns":[{"name":"period","description":"Period over which the average is calculated.","type":"text","hidden":false,"required":false,"index":false},{"name":"average","description":"Load average over the specified period.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"location_services","description":"Reports the status of the Location Services feature of the OS.","platforms":["darwin"],"columns":[{"name":"enabled","description":"1 if Location Services are enabled, else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"logged_in_users","description":"Users with an active shell on the system.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"type","description":"Login type","type":"text","hidden":false,"required":false,"index":false},{"name":"user","description":"User login name","type":"text","hidden":false,"required":false,"index":false},{"name":"tty","description":"Device name","type":"text","hidden":false,"required":false,"index":false},{"name":"host","description":"Remote hostname","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time entry was made","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"sid","description":"The user's unique security identifier","type":"text","hidden":true,"required":false,"index":false},{"name":"registry_hive","description":"HKEY_USERS registry hive","type":"text","hidden":true,"required":false,"index":false}]},{"name":"logical_drives","description":"Details for logical drives on the system. A logical drive generally represents a single partition.","platforms":["windows"],"columns":[{"name":"device_id","description":"The drive id, usually the drive name, e.g., 'C:'.","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Deprecated (always 'Unknown').","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"The canonical description of the drive, e.g. 'Logical Fixed Disk', 'CD-ROM Disk'.","type":"text","hidden":false,"required":false,"index":false},{"name":"free_space","description":"The amount of free space, in bytes, of the drive (-1 on failure).","type":"bigint","hidden":false,"required":false,"index":false},{"name":"size","description":"The total amount of space, in bytes, of the drive (-1 on failure).","type":"bigint","hidden":false,"required":false,"index":false},{"name":"file_system","description":"The file system of the drive.","type":"text","hidden":false,"required":false,"index":false},{"name":"boot_partition","description":"True if Windows booted from this drive.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"logon_sessions","description":"Windows Logon Session.","platforms":["windows"],"columns":[{"name":"logon_id","description":"A locally unique identifier (LUID) that identifies a logon session.","type":"integer","hidden":false,"required":false,"index":false},{"name":"user","description":"The account name of the security principal that owns the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"logon_domain","description":"The name of the domain used to authenticate the owner of the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"authentication_package","description":"The authentication package used to authenticate the owner of the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"logon_type","description":"The logon method.","type":"text","hidden":false,"required":false,"index":false},{"name":"session_id","description":"The Terminal Services session identifier.","type":"integer","hidden":false,"required":false,"index":false},{"name":"logon_sid","description":"The user's security identifier (SID).","type":"text","hidden":false,"required":false,"index":false},{"name":"logon_time","description":"The time the session owner logged on.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"logon_server","description":"The name of the server used to authenticate the owner of the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"dns_domain_name","description":"The DNS name for the owner of the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"upn","description":"The user principal name (UPN) for the owner of the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"logon_script","description":"The script used for logging on.","type":"text","hidden":false,"required":false,"index":false},{"name":"profile_path","description":"The home directory for the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"home_directory","description":"The home directory for the logon session.","type":"text","hidden":false,"required":false,"index":false},{"name":"home_directory_drive","description":"The drive location of the home directory of the logon session.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_certificates","description":"LXD certificates information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Name of the certificate","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of the certificate","type":"text","hidden":false,"required":false,"index":false},{"name":"fingerprint","description":"SHA256 hash of the certificate","type":"text","hidden":false,"required":false,"index":false},{"name":"certificate","description":"Certificate content","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_cluster","description":"LXD cluster information.","platforms":["darwin","linux"],"columns":[{"name":"server_name","description":"Name of the LXD server node","type":"text","hidden":false,"required":false,"index":false},{"name":"enabled","description":"Whether clustering enabled (1) or not (0) on this node","type":"integer","hidden":false,"required":false,"index":false},{"name":"member_config_entity","description":"Type of configuration parameter for this node","type":"text","hidden":false,"required":false,"index":false},{"name":"member_config_name","description":"Name of configuration parameter","type":"text","hidden":false,"required":false,"index":false},{"name":"member_config_key","description":"Config key","type":"text","hidden":false,"required":false,"index":false},{"name":"member_config_value","description":"Config value","type":"text","hidden":false,"required":false,"index":false},{"name":"member_config_description","description":"Config description","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_cluster_members","description":"LXD cluster members information.","platforms":["darwin","linux"],"columns":[{"name":"server_name","description":"Name of the LXD server node","type":"text","hidden":false,"required":false,"index":false},{"name":"url","description":"URL of the node","type":"text","hidden":false,"required":false,"index":false},{"name":"database","description":"Whether the server is a database node (1) or not (0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"status","description":"Status of the node (Online/Offline)","type":"text","hidden":false,"required":false,"index":false},{"name":"message","description":"Message from the node (Online/Offline)","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_images","description":"LXD images information.","platforms":["darwin","linux"],"columns":[{"name":"id","description":"Image ID","type":"text","hidden":false,"required":false,"index":false},{"name":"architecture","description":"Target architecture for the image","type":"text","hidden":false,"required":false,"index":false},{"name":"os","description":"OS on which image is based","type":"text","hidden":false,"required":false,"index":false},{"name":"release","description":"OS release version on which the image is based","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Image description","type":"text","hidden":false,"required":false,"index":false},{"name":"aliases","description":"Comma-separated list of image aliases","type":"text","hidden":false,"required":false,"index":false},{"name":"filename","description":"Filename of the image file","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of image in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"auto_update","description":"Whether the image auto-updates (1) or not (0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"cached","description":"Whether image is cached (1) or not (0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"public","description":"Whether image is public (1) or not (0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"created_at","description":"ISO time of image creation","type":"text","hidden":false,"required":false,"index":false},{"name":"expires_at","description":"ISO time of image expiration","type":"text","hidden":false,"required":false,"index":false},{"name":"uploaded_at","description":"ISO time of image upload","type":"text","hidden":false,"required":false,"index":false},{"name":"last_used_at","description":"ISO time for the most recent use of this image in terms of container spawn","type":"text","hidden":false,"required":false,"index":false},{"name":"update_source_server","description":"Server for image update","type":"text","hidden":false,"required":false,"index":false},{"name":"update_source_protocol","description":"Protocol used for image information update and image import from source server","type":"text","hidden":false,"required":false,"index":false},{"name":"update_source_certificate","description":"Certificate for update source server","type":"text","hidden":false,"required":false,"index":false},{"name":"update_source_alias","description":"Alias of image at update source server","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_instance_config","description":"LXD instance configuration information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Instance name","type":"text","hidden":false,"required":true,"index":false},{"name":"key","description":"Configuration parameter name","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Configuration parameter value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_instance_devices","description":"LXD instance devices information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Instance name","type":"text","hidden":false,"required":true,"index":false},{"name":"device","description":"Name of the device","type":"text","hidden":false,"required":false,"index":false},{"name":"device_type","description":"Device type","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Device info param name","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Device info param value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"lxd_instances","description":"LXD instances information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Instance name","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Instance state (running, stopped, etc.)","type":"text","hidden":false,"required":false,"index":false},{"name":"stateful","description":"Whether the instance is stateful(1) or not(0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"ephemeral","description":"Whether the instance is ephemeral(1) or not(0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"created_at","description":"ISO time of creation","type":"text","hidden":false,"required":false,"index":false},{"name":"base_image","description":"ID of image used to launch this instance","type":"text","hidden":false,"required":false,"index":false},{"name":"architecture","description":"Instance architecture","type":"text","hidden":false,"required":false,"index":false},{"name":"os","description":"The OS of this instance","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Instance description","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Instance's process ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"processes","description":"Number of processes running inside this instance","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"lxd_networks","description":"LXD network information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Name of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of network","type":"text","hidden":false,"required":false,"index":false},{"name":"managed","description":"1 if network created by LXD, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"ipv4_address","description":"IPv4 address","type":"text","hidden":false,"required":false,"index":false},{"name":"ipv6_address","description":"IPv6 address","type":"text","hidden":false,"required":false,"index":false},{"name":"used_by","description":"URLs for containers using this network","type":"text","hidden":false,"required":false,"index":false},{"name":"bytes_received","description":"Number of bytes received on this network","type":"bigint","hidden":false,"required":false,"index":false},{"name":"bytes_sent","description":"Number of bytes sent on this network","type":"bigint","hidden":false,"required":false,"index":false},{"name":"packets_received","description":"Number of packets received on this network","type":"bigint","hidden":false,"required":false,"index":false},{"name":"packets_sent","description":"Number of packets sent on this network","type":"bigint","hidden":false,"required":false,"index":false},{"name":"hwaddr","description":"Hardware address for this network","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"Network status","type":"text","hidden":false,"required":false,"index":false},{"name":"mtu","description":"MTU size","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"lxd_storage_pools","description":"LXD storage pool information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Name of the storage pool","type":"text","hidden":false,"required":false,"index":false},{"name":"driver","description":"Storage driver","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Storage pool source","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of the storage pool","type":"text","hidden":false,"required":false,"index":false},{"name":"space_used","description":"Storage space used in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"space_total","description":"Total available storage space in bytes for this storage pool","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inodes_used","description":"Number of inodes used","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inodes_total","description":"Total number of inodes available in this storage pool","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"magic","description":"Magic number recognition library table.","platforms":["darwin","linux"],"columns":[{"name":"path","description":"Absolute path to target file","type":"text","hidden":false,"required":true,"index":false},{"name":"magic_db_files","description":"Colon(:) separated list of files where the magic db file can be found. By default one of the following is used: /usr/share/file/magic/magic, /usr/share/misc/magic or /usr/share/misc/magic.mgc","type":"text","hidden":false,"required":false,"index":false},{"name":"data","description":"Magic number data from libmagic","type":"text","hidden":false,"required":false,"index":false},{"name":"mime_type","description":"MIME type data from libmagic","type":"text","hidden":false,"required":false,"index":false},{"name":"mime_encoding","description":"MIME encoding data from libmagic","type":"text","hidden":false,"required":false,"index":false}]},{"name":"managed_policies","description":"The managed configuration policies from AD, MDM, MCX, etc.","platforms":["darwin"],"columns":[{"name":"domain","description":"System or manager-chosen domain key","type":"text","hidden":false,"required":false,"index":false},{"name":"uuid","description":"Optional UUID assigned to policy set","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Policy key name","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Policy value","type":"text","hidden":false,"required":false,"index":false},{"name":"username","description":"Policy applies only this user","type":"text","hidden":false,"required":false,"index":false},{"name":"manual","description":"1 if policy was loaded manually, otherwise 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"md_devices","description":"Software RAID array settings.","platforms":["linux"],"columns":[{"name":"device_name","description":"md device name","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Current state of the array","type":"text","hidden":false,"required":false,"index":false},{"name":"raid_level","description":"Current raid level of the array","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"size of the array in blocks","type":"bigint","hidden":false,"required":false,"index":false},{"name":"chunk_size","description":"chunk size in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"raid_disks","description":"Number of configured RAID disks in array","type":"integer","hidden":false,"required":false,"index":false},{"name":"nr_raid_disks","description":"Number of partitions or disk devices to comprise the array","type":"integer","hidden":false,"required":false,"index":false},{"name":"working_disks","description":"Number of working disks in array","type":"integer","hidden":false,"required":false,"index":false},{"name":"active_disks","description":"Number of active disks in array","type":"integer","hidden":false,"required":false,"index":false},{"name":"failed_disks","description":"Number of failed disks in array","type":"integer","hidden":false,"required":false,"index":false},{"name":"spare_disks","description":"Number of idle disks in array","type":"integer","hidden":false,"required":false,"index":false},{"name":"superblock_state","description":"State of the superblock","type":"text","hidden":false,"required":false,"index":false},{"name":"superblock_version","description":"Version of the superblock","type":"text","hidden":false,"required":false,"index":false},{"name":"superblock_update_time","description":"Unix timestamp of last update","type":"bigint","hidden":false,"required":false,"index":false},{"name":"bitmap_on_mem","description":"Pages allocated in in-memory bitmap, if enabled","type":"text","hidden":false,"required":false,"index":false},{"name":"bitmap_chunk_size","description":"Bitmap chunk size","type":"text","hidden":false,"required":false,"index":false},{"name":"bitmap_external_file","description":"External referenced bitmap file","type":"text","hidden":false,"required":false,"index":false},{"name":"recovery_progress","description":"Progress of the recovery activity","type":"text","hidden":false,"required":false,"index":false},{"name":"recovery_finish","description":"Estimated duration of recovery activity","type":"text","hidden":false,"required":false,"index":false},{"name":"recovery_speed","description":"Speed of recovery activity","type":"text","hidden":false,"required":false,"index":false},{"name":"resync_progress","description":"Progress of the resync activity","type":"text","hidden":false,"required":false,"index":false},{"name":"resync_finish","description":"Estimated duration of resync activity","type":"text","hidden":false,"required":false,"index":false},{"name":"resync_speed","description":"Speed of resync activity","type":"text","hidden":false,"required":false,"index":false},{"name":"reshape_progress","description":"Progress of the reshape activity","type":"text","hidden":false,"required":false,"index":false},{"name":"reshape_finish","description":"Estimated duration of reshape activity","type":"text","hidden":false,"required":false,"index":false},{"name":"reshape_speed","description":"Speed of reshape activity","type":"text","hidden":false,"required":false,"index":false},{"name":"check_array_progress","description":"Progress of the check array activity","type":"text","hidden":false,"required":false,"index":false},{"name":"check_array_finish","description":"Estimated duration of the check array activity","type":"text","hidden":false,"required":false,"index":false},{"name":"check_array_speed","description":"Speed of the check array activity","type":"text","hidden":false,"required":false,"index":false},{"name":"unused_devices","description":"Unused devices","type":"text","hidden":false,"required":false,"index":false},{"name":"other","description":"Other information associated with array from /proc/mdstat","type":"text","hidden":false,"required":false,"index":false}]},{"name":"md_drives","description":"Drive devices used for Software RAID.","platforms":["linux"],"columns":[{"name":"md_device_name","description":"md device name","type":"text","hidden":false,"required":false,"index":false},{"name":"drive_name","description":"Drive device name","type":"text","hidden":false,"required":false,"index":false},{"name":"slot","description":"Slot position of disk","type":"integer","hidden":false,"required":false,"index":false},{"name":"state","description":"State of the drive","type":"text","hidden":false,"required":false,"index":false}]},{"name":"md_personalities","description":"Software RAID setting supported by the kernel.","platforms":["linux"],"columns":[{"name":"name","description":"Name of personality supported by kernel","type":"text","hidden":false,"required":false,"index":false}]},{"name":"mdfind","description":"Run searches against the spotlight database.","platforms":["darwin"],"columns":[{"name":"path","description":"Path of the file returned from spotlight","type":"text","hidden":false,"required":false,"index":false},{"name":"query","description":"The query that was run to find the file","type":"text","hidden":false,"required":true,"index":false}]},{"name":"mdls","description":"Query file metadata in the Spotlight database.","platforms":["darwin"],"columns":[{"name":"path","description":"Path of the file","type":"text","hidden":false,"required":true,"index":false},{"name":"key","description":"Name of the metadata key","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Value stored in the metadata key","type":"text","hidden":false,"required":false,"index":false},{"name":"valuetype","description":"CoreFoundation type of data stored in value","type":"text","hidden":true,"required":false,"index":false}]},{"name":"memory_array_mapped_addresses","description":"Data associated for address mapping of physical memory arrays.","platforms":["darwin","linux"],"columns":[{"name":"handle","description":"Handle, or instance number, associated with the structure","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_array_handle","description":"Handle of the memory array associated with this structure","type":"text","hidden":false,"required":false,"index":false},{"name":"starting_address","description":"Physical stating address, in kilobytes, of a range of memory mapped to physical memory array","type":"text","hidden":false,"required":false,"index":false},{"name":"ending_address","description":"Physical ending address of last kilobyte of a range of memory mapped to physical memory array","type":"text","hidden":false,"required":false,"index":false},{"name":"partition_width","description":"Number of memory devices that form a single row of memory for the address partition of this structure","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"memory_arrays","description":"Data associated with collection of memory devices that operate to form a memory address.","platforms":["darwin","linux"],"columns":[{"name":"handle","description":"Handle, or instance number, associated with the array","type":"text","hidden":false,"required":false,"index":false},{"name":"location","description":"Physical location of the memory array","type":"text","hidden":false,"required":false,"index":false},{"name":"use","description":"Function for which the array is used","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_error_correction","description":"Primary hardware error correction or detection method supported","type":"text","hidden":false,"required":false,"index":false},{"name":"max_capacity","description":"Maximum capacity of array in gigabytes","type":"integer","hidden":false,"required":false,"index":false},{"name":"memory_error_info_handle","description":"Handle, or instance number, associated with any error that was detected for the array","type":"text","hidden":false,"required":false,"index":false},{"name":"number_memory_devices","description":"Number of memory devices on array","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"memory_device_mapped_addresses","description":"Data associated for address mapping of physical memory devices.","platforms":["darwin","linux"],"columns":[{"name":"handle","description":"Handle, or instance number, associated with the structure","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_device_handle","description":"Handle of the memory device structure associated with this structure","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_array_mapped_address_handle","description":"Handle of the memory array mapped address to which this device range is mapped to","type":"text","hidden":false,"required":false,"index":false},{"name":"starting_address","description":"Physical stating address, in kilobytes, of a range of memory mapped to physical memory array","type":"text","hidden":false,"required":false,"index":false},{"name":"ending_address","description":"Physical ending address of last kilobyte of a range of memory mapped to physical memory array","type":"text","hidden":false,"required":false,"index":false},{"name":"partition_row_position","description":"Identifies the position of the referenced memory device in a row of the address partition","type":"integer","hidden":false,"required":false,"index":false},{"name":"interleave_position","description":"The position of the device in a interleave, i.e. 0 indicates non-interleave, 1 indicates 1st interleave, 2 indicates 2nd interleave, etc.","type":"integer","hidden":false,"required":false,"index":false},{"name":"interleave_data_depth","description":"The max number of consecutive rows from memory device that are accessed in a single interleave transfer; 0 indicates device is non-interleave","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"memory_devices","description":"Physical memory device (type 17) information retrieved from SMBIOS.","platforms":["darwin","linux"],"columns":[{"name":"handle","description":"Handle, or instance number, associated with the structure in SMBIOS","type":"text","hidden":false,"required":false,"index":false},{"name":"array_handle","description":"The memory array that the device is attached to","type":"text","hidden":false,"required":false,"index":false},{"name":"form_factor","description":"Implementation form factor for this memory device","type":"text","hidden":false,"required":false,"index":false},{"name":"total_width","description":"Total width, in bits, of this memory device, including any check or error-correction bits","type":"integer","hidden":false,"required":false,"index":false},{"name":"data_width","description":"Data width, in bits, of this memory device","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Size of memory device in Megabyte","type":"integer","hidden":false,"required":false,"index":false},{"name":"set","description":"Identifies if memory device is one of a set of devices. A value of 0 indicates no set affiliation.","type":"integer","hidden":false,"required":false,"index":false},{"name":"device_locator","description":"String number of the string that identifies the physically-labeled socket or board position where the memory device is located","type":"text","hidden":false,"required":false,"index":false},{"name":"bank_locator","description":"String number of the string that identifies the physically-labeled bank where the memory device is located","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_type","description":"Type of memory used","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_type_details","description":"Additional details for memory device","type":"text","hidden":false,"required":false,"index":false},{"name":"max_speed","description":"Max speed of memory device in megatransfers per second (MT/s)","type":"integer","hidden":false,"required":false,"index":false},{"name":"configured_clock_speed","description":"Configured speed of memory device in megatransfers per second (MT/s)","type":"integer","hidden":false,"required":false,"index":false},{"name":"manufacturer","description":"Manufacturer ID string","type":"text","hidden":false,"required":false,"index":false},{"name":"serial_number","description":"Serial number of memory device","type":"text","hidden":false,"required":false,"index":false},{"name":"asset_tag","description":"Manufacturer specific asset tag of memory device","type":"text","hidden":false,"required":false,"index":false},{"name":"part_number","description":"Manufacturer specific serial number of memory device","type":"text","hidden":false,"required":false,"index":false},{"name":"min_voltage","description":"Minimum operating voltage of device in millivolts","type":"integer","hidden":false,"required":false,"index":false},{"name":"max_voltage","description":"Maximum operating voltage of device in millivolts","type":"integer","hidden":false,"required":false,"index":false},{"name":"configured_voltage","description":"Configured operating voltage of device in millivolts","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"memory_error_info","description":"Data associated with errors of a physical memory array.","platforms":["darwin","linux"],"columns":[{"name":"handle","description":"Handle, or instance number, associated with the structure","type":"text","hidden":false,"required":false,"index":false},{"name":"error_type","description":"type of error associated with current error status for array or device","type":"text","hidden":false,"required":false,"index":false},{"name":"error_granularity","description":"Granularity to which the error can be resolved","type":"text","hidden":false,"required":false,"index":false},{"name":"error_operation","description":"Memory access operation that caused the error","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor_syndrome","description":"Vendor specific ECC syndrome or CRC data associated with the erroneous access","type":"text","hidden":false,"required":false,"index":false},{"name":"memory_array_error_address","description":"32 bit physical address of the error based on the addressing of the bus to which the memory array is connected","type":"text","hidden":false,"required":false,"index":false},{"name":"device_error_address","description":"32 bit physical address of the error relative to the start of the failing memory address, in bytes","type":"text","hidden":false,"required":false,"index":false},{"name":"error_resolution","description":"Range, in bytes, within which this error can be determined, when an error address is given","type":"text","hidden":false,"required":false,"index":false}]},{"name":"memory_info","description":"Main memory information in bytes.","platforms":["linux"],"columns":[{"name":"memory_total","description":"Total amount of physical RAM, in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"memory_free","description":"The amount of physical RAM, in bytes, left unused by the system","type":"bigint","hidden":false,"required":false,"index":false},{"name":"buffers","description":"The amount of physical RAM, in bytes, used for file buffers","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cached","description":"The amount of physical RAM, in bytes, used as cache memory","type":"bigint","hidden":false,"required":false,"index":false},{"name":"swap_cached","description":"The amount of swap, in bytes, used as cache memory","type":"bigint","hidden":false,"required":false,"index":false},{"name":"active","description":"The total amount of buffer or page cache memory, in bytes, that is in active use","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inactive","description":"The total amount of buffer or page cache memory, in bytes, that are free and available","type":"bigint","hidden":false,"required":false,"index":false},{"name":"swap_total","description":"The total amount of swap available, in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"swap_free","description":"The total amount of swap free, in bytes","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"memory_map","description":"OS memory region map.","platforms":["linux"],"columns":[{"name":"name","description":"Region name","type":"text","hidden":false,"required":false,"index":false},{"name":"start","description":"Start address of memory region","type":"text","hidden":false,"required":false,"index":false},{"name":"end","description":"End address of memory region","type":"text","hidden":false,"required":false,"index":false}]},{"name":"mounts","description":"System mounted devices and filesystems (not process specific).","platforms":["darwin","linux"],"columns":[{"name":"device","description":"Mounted device","type":"text","hidden":false,"required":false,"index":false},{"name":"device_alias","description":"Mounted device alias","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Mounted device path","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Mounted device type","type":"text","hidden":false,"required":false,"index":false},{"name":"blocks_size","description":"Block size in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"blocks","description":"Mounted device used blocks","type":"bigint","hidden":false,"required":false,"index":false},{"name":"blocks_free","description":"Mounted device free blocks","type":"bigint","hidden":false,"required":false,"index":false},{"name":"blocks_available","description":"Mounted device available blocks","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inodes","description":"Mounted device used inodes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inodes_free","description":"Mounted device free inodes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"flags","description":"Mounted device flags","type":"text","hidden":false,"required":false,"index":false}]},{"name":"msr","description":"Various pieces of data stored in the model specific register per processor. NOTE: the msr kernel module must be enabled, and osquery must be run as root.","platforms":["linux"],"columns":[{"name":"processor_number","description":"The processor number as reported in /proc/cpuinfo","type":"bigint","hidden":false,"required":false,"index":false},{"name":"turbo_disabled","description":"Whether the turbo feature is disabled.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"turbo_ratio_limit","description":"The turbo feature ratio limit.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"platform_info","description":"Platform information.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"perf_ctl","description":"Performance setting for the processor.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"perf_status","description":"Performance status for the processor.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"feature_control","description":"Bitfield controlling enabled features.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"rapl_power_limit","description":"Run Time Average Power Limiting power limit.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"rapl_energy_status","description":"Run Time Average Power Limiting energy status.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"rapl_power_units","description":"Run Time Average Power Limiting power units.","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"nfs_shares","description":"NFS shares exported by the host.","platforms":["darwin"],"columns":[{"name":"share","description":"Filesystem path to the share","type":"text","hidden":false,"required":false,"index":false},{"name":"options","description":"Options string set on the export share","type":"text","hidden":false,"required":false,"index":false},{"name":"readonly","description":"1 if the share is exported readonly else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"npm_packages","description":"Lists all npm packages in a directory or globally installed in a system.","platforms":["linux"],"columns":[{"name":"name","description":"Package display name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package supplied version","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Package supplied description","type":"text","hidden":false,"required":false,"index":false},{"name":"author","description":"Package author name","type":"text","hidden":false,"required":false,"index":false},{"name":"license","description":"License for package","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Module's package.json path","type":"text","hidden":false,"required":false,"index":false},{"name":"directory","description":"Node module's directory where this package is located","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false},{"name":"mount_namespace_id","description":"Mount namespace id","type":"text","hidden":true,"required":false,"index":false}]},{"name":"ntdomains","description":"Display basic NT domain information of a Windows machine.","platforms":["windows"],"columns":[{"name":"name","description":"The label by which the object is known.","type":"text","hidden":false,"required":false,"index":false},{"name":"client_site_name","description":"The name of the site where the domain controller is configured.","type":"text","hidden":false,"required":false,"index":false},{"name":"dc_site_name","description":"The name of the site where the domain controller is located.","type":"text","hidden":false,"required":false,"index":false},{"name":"dns_forest_name","description":"The name of the root of the DNS tree.","type":"text","hidden":false,"required":false,"index":false},{"name":"domain_controller_address","description":"The IP Address of the discovered domain controller..","type":"text","hidden":false,"required":false,"index":false},{"name":"domain_controller_name","description":"The name of the discovered domain controller.","type":"text","hidden":false,"required":false,"index":false},{"name":"domain_name","description":"The name of the domain.","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"The current status of the domain object.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ntfs_acl_permissions","description":"Retrieve NTFS ACL permission information for files and directories.","platforms":["windows"],"columns":[{"name":"path","description":"Path to the file or directory.","type":"text","hidden":false,"required":true,"index":false},{"name":"type","description":"Type of access mode for the access control entry.","type":"text","hidden":false,"required":false,"index":false},{"name":"principal","description":"User or group to which the ACE applies.","type":"text","hidden":false,"required":false,"index":false},{"name":"access","description":"Specific permissions that indicate the rights described by the ACE.","type":"text","hidden":false,"required":false,"index":false},{"name":"inherited_from","description":"The inheritance policy of the ACE.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ntfs_journal_events","description":"Track time/action changes to files specified in configuration data.","platforms":["windows"],"columns":[{"name":"action","description":"Change action (Write, Delete, etc)","type":"text","hidden":false,"required":false,"index":false},{"name":"category","description":"The category that the event originated from","type":"text","hidden":false,"required":false,"index":false},{"name":"old_path","description":"Old path (renames only)","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path","type":"text","hidden":false,"required":false,"index":false},{"name":"record_timestamp","description":"Journal record timestamp","type":"text","hidden":false,"required":false,"index":false},{"name":"record_usn","description":"The update sequence number that identifies the journal record","type":"text","hidden":false,"required":false,"index":false},{"name":"node_ref_number","description":"The ordinal that associates a journal record with a filename","type":"text","hidden":false,"required":false,"index":false},{"name":"parent_ref_number","description":"The ordinal that associates a journal record with a filename's parent directory","type":"text","hidden":false,"required":false,"index":false},{"name":"drive_letter","description":"The drive letter identifying the source journal","type":"text","hidden":false,"required":false,"index":false},{"name":"file_attributes","description":"File attributes","type":"text","hidden":false,"required":false,"index":false},{"name":"partial","description":"Set to 1 if either path or old_path only contains the file or folder name","type":"bigint","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of file event","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"nvram","description":"Apple NVRAM variable listing.","platforms":["darwin"],"columns":[{"name":"name","description":"Variable name","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Data type (CFData, CFString, etc)","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Raw variable data","type":"text","hidden":false,"required":false,"index":false}]},{"name":"oem_strings","description":"OEM defined strings retrieved from SMBIOS.","platforms":["darwin","linux"],"columns":[{"name":"handle","description":"Handle, or instance number, associated with the Type 11 structure","type":"text","hidden":false,"required":false,"index":false},{"name":"number","description":"The string index of the structure","type":"integer","hidden":false,"required":false,"index":false},{"name":"value","description":"The value of the OEM string","type":"text","hidden":false,"required":false,"index":false}]},{"name":"office_mru","description":"View recently opened Office documents.","platforms":["windows"],"columns":[{"name":"application","description":"Associated Office application","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Office application version number","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"File path","type":"text","hidden":false,"required":false,"index":false},{"name":"last_opened_time","description":"Most recent opened time file was opened","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sid","description":"User SID","type":"text","hidden":false,"required":false,"index":false}]},{"name":"os_version","description":"A single row containing the operating system name and version.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Distribution or product name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Pretty, suitable for presentation, OS version","type":"text","hidden":false,"required":false,"index":false},{"name":"major","description":"Major release version","type":"integer","hidden":false,"required":false,"index":false},{"name":"minor","description":"Minor release version","type":"integer","hidden":false,"required":false,"index":false},{"name":"patch","description":"Optional patch release","type":"integer","hidden":false,"required":false,"index":false},{"name":"build","description":"Optional build-specific or variant string","type":"text","hidden":false,"required":false,"index":false},{"name":"platform","description":"OS Platform or ID","type":"text","hidden":false,"required":false,"index":false},{"name":"platform_like","description":"Closely related platforms","type":"text","hidden":false,"required":false,"index":false},{"name":"codename","description":"OS version codename","type":"text","hidden":false,"required":false,"index":false},{"name":"arch","description":"OS Architecture","type":"text","hidden":false,"required":false,"index":false},{"name":"install_date","description":"The install date of the OS.","type":"bigint","hidden":true,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false},{"name":"mount_namespace_id","description":"Mount namespace id","type":"text","hidden":true,"required":false,"index":false}]},{"name":"osquery_events","description":"Information about the event publishers and subscribers.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"name","description":"Event publisher or subscriber name","type":"text","hidden":false,"required":false,"index":false},{"name":"publisher","description":"Name of the associated publisher","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Either publisher or subscriber","type":"text","hidden":false,"required":false,"index":false},{"name":"subscriptions","description":"Number of subscriptions the publisher received or subscriber used","type":"integer","hidden":false,"required":false,"index":false},{"name":"events","description":"Number of events emitted or received since osquery started","type":"integer","hidden":false,"required":false,"index":false},{"name":"refreshes","description":"Publisher only: number of runloop restarts","type":"integer","hidden":false,"required":false,"index":false},{"name":"active","description":"1 if the publisher or subscriber is active else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"osquery_extensions","description":"List of active osquery extensions.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"uuid","description":"The transient ID assigned for communication","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Extension's name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Extension's version","type":"text","hidden":false,"required":false,"index":false},{"name":"sdk_version","description":"osquery SDK version used to build the extension","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of the extension's Thrift connection or library path","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"SDK extension type: extension or module","type":"text","hidden":false,"required":false,"index":false}]},{"name":"osquery_flags","description":"Configurable flags that modify osquery's behavior.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"name","description":"Flag name","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Flag type","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Flag description","type":"text","hidden":false,"required":false,"index":false},{"name":"default_value","description":"Flag default value","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Flag value","type":"text","hidden":false,"required":false,"index":false},{"name":"shell_only","description":"Is the flag shell only?","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"osquery_info","description":"Top level information about the running version of osquery.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"pid","description":"Process (or thread/handle) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"uuid","description":"Unique ID provided by the system","type":"text","hidden":false,"required":false,"index":false},{"name":"instance_id","description":"Unique, long-lived ID per instance of osquery","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"osquery toolkit version","type":"text","hidden":false,"required":false,"index":false},{"name":"config_hash","description":"Hash of the working configuration state","type":"text","hidden":false,"required":false,"index":false},{"name":"config_valid","description":"1 if the config was loaded and considered valid, else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"extensions","description":"osquery extensions status","type":"text","hidden":false,"required":false,"index":false},{"name":"build_platform","description":"osquery toolkit build platform","type":"text","hidden":false,"required":false,"index":false},{"name":"build_distro","description":"osquery toolkit platform distribution name (os version)","type":"text","hidden":false,"required":false,"index":false},{"name":"start_time","description":"UNIX time in seconds when the process started","type":"integer","hidden":false,"required":false,"index":false},{"name":"watcher","description":"Process (or thread/handle) ID of optional watcher process","type":"integer","hidden":false,"required":false,"index":false},{"name":"platform_mask","description":"The osquery platform bitmask","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"osquery_packs","description":"Information about the current query packs that are loaded in osquery.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"name","description":"The given name for this query pack","type":"text","hidden":false,"required":false,"index":false},{"name":"platform","description":"Platforms this query is supported on","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Minimum osquery version that this query will run on","type":"text","hidden":false,"required":false,"index":false},{"name":"shard","description":"Shard restriction limit, 1-100, 0 meaning no restriction","type":"integer","hidden":false,"required":false,"index":false},{"name":"discovery_cache_hits","description":"The number of times that the discovery query used cached values since the last time the config was reloaded","type":"integer","hidden":false,"required":false,"index":false},{"name":"discovery_executions","description":"The number of times that the discovery queries have been executed since the last time the config was reloaded","type":"integer","hidden":false,"required":false,"index":false},{"name":"active","description":"Whether this pack is active (the version, platform and discovery queries match) yes=1, no=0.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"osquery_registry","description":"List the osquery registry plugins.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"registry","description":"Name of the osquery registry","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the plugin item","type":"text","hidden":false,"required":false,"index":false},{"name":"owner_uuid","description":"Extension route UUID (0 for core)","type":"integer","hidden":false,"required":false,"index":false},{"name":"internal","description":"1 If the plugin is internal else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"active","description":"1 If this plugin is active else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"osquery_schedule","description":"Information about the current queries that are scheduled in osquery.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"name","description":"The given name for this query","type":"text","hidden":false,"required":false,"index":false},{"name":"query","description":"The exact query to run","type":"text","hidden":false,"required":false,"index":false},{"name":"interval","description":"The interval in seconds to run this query, not an exact interval","type":"integer","hidden":false,"required":false,"index":false},{"name":"executions","description":"Number of times the query was executed","type":"bigint","hidden":false,"required":false,"index":false},{"name":"last_executed","description":"UNIX time stamp in seconds of the last completed execution","type":"bigint","hidden":false,"required":false,"index":false},{"name":"denylisted","description":"1 if the query is denylisted else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"output_size","description":"Total number of bytes generated by the query","type":"bigint","hidden":false,"required":false,"index":false},{"name":"wall_time","description":"Total wall time spent executing","type":"bigint","hidden":false,"required":false,"index":false},{"name":"user_time","description":"Total user time spent executing","type":"bigint","hidden":false,"required":false,"index":false},{"name":"system_time","description":"Total system time spent executing","type":"bigint","hidden":false,"required":false,"index":false},{"name":"average_memory","description":"Average private memory left after executing","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"package_bom","description":"OS X package bill of materials (BOM) file list.","platforms":["darwin"],"columns":[{"name":"filepath","description":"Package file or directory","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"Expected user of file or directory","type":"integer","hidden":false,"required":false,"index":false},{"name":"gid","description":"Expected group of file or directory","type":"integer","hidden":false,"required":false,"index":false},{"name":"mode","description":"Expected permissions","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Expected file size","type":"bigint","hidden":false,"required":false,"index":false},{"name":"modified_time","description":"Timestamp the file was installed","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of package bom","type":"text","hidden":false,"required":true,"index":false}]},{"name":"package_install_history","description":"OS X package install history.","platforms":["darwin"],"columns":[{"name":"package_id","description":"Label packageIdentifiers","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Label date as UNIX timestamp","type":"integer","hidden":false,"required":false,"index":false},{"name":"name","description":"Package display name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package display version","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Install source: usually the installer process name","type":"text","hidden":false,"required":false,"index":false},{"name":"content_type","description":"Package content_type (optional)","type":"text","hidden":false,"required":false,"index":false}]},{"name":"package_receipts","description":"OS X package receipt details.","platforms":["darwin"],"columns":[{"name":"package_id","description":"Package domain identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"package_filename","description":"Filename of original .pkg file","type":"text","hidden":true,"required":false,"index":false},{"name":"version","description":"Installed package version","type":"text","hidden":false,"required":false,"index":false},{"name":"location","description":"Optional relative install path on volume","type":"text","hidden":false,"required":false,"index":false},{"name":"install_time","description":"Timestamp of install time","type":"double","hidden":false,"required":false,"index":false},{"name":"installer_name","description":"Name of installer process","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of receipt plist","type":"text","hidden":false,"required":false,"index":false}]},{"name":"patches","description":"Lists all the patches applied. Note: This does not include patches applied via MSI or downloaded from Windows Update (e.g. Service Packs).","platforms":["windows"],"columns":[{"name":"csname","description":"The name of the host the patch is installed on.","type":"text","hidden":false,"required":false,"index":false},{"name":"hotfix_id","description":"The KB ID of the patch.","type":"text","hidden":false,"required":false,"index":false},{"name":"caption","description":"Short description of the patch.","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Fuller description of the patch.","type":"text","hidden":false,"required":false,"index":false},{"name":"fix_comments","description":"Additional comments about the patch.","type":"text","hidden":false,"required":false,"index":false},{"name":"installed_by","description":"The system context in which the patch as installed.","type":"text","hidden":false,"required":false,"index":false},{"name":"install_date","description":"Indicates when the patch was installed. Lack of a value does not indicate that the patch was not installed.","type":"text","hidden":false,"required":false,"index":false},{"name":"installed_on","description":"The date when the patch was installed.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"pci_devices","description":"PCI devices active on the host system.","platforms":["darwin","linux"],"columns":[{"name":"pci_slot","description":"PCI Device used slot","type":"text","hidden":false,"required":false,"index":false},{"name":"pci_class","description":"PCI Device class","type":"text","hidden":false,"required":false,"index":false},{"name":"driver","description":"PCI Device used driver","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor","description":"PCI Device vendor","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor_id","description":"Hex encoded PCI Device vendor identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"PCI Device model","type":"text","hidden":false,"required":false,"index":false},{"name":"model_id","description":"Hex encoded PCI Device model identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"pci_class_id","description":"PCI Device class ID in hex format","type":"text","hidden":true,"required":false,"index":false},{"name":"pci_subclass_id","description":"PCI Device subclass in hex format","type":"text","hidden":true,"required":false,"index":false},{"name":"pci_subclass","description":"PCI Device subclass","type":"text","hidden":true,"required":false,"index":false},{"name":"subsystem_vendor_id","description":"Vendor ID of PCI device subsystem","type":"text","hidden":true,"required":false,"index":false},{"name":"subsystem_vendor","description":"Vendor of PCI device subsystem","type":"text","hidden":true,"required":false,"index":false},{"name":"subsystem_model_id","description":"Model ID of PCI device subsystem","type":"text","hidden":true,"required":false,"index":false},{"name":"subsystem_model","description":"Device description of PCI device subsystem","type":"text","hidden":true,"required":false,"index":false}]},{"name":"physical_disk_performance","description":"Provides provides raw data from performance counters that monitor hard or fixed disk drives on the system.","platforms":["windows"],"columns":[{"name":"name","description":"Name of the physical disk","type":"text","hidden":false,"required":false,"index":false},{"name":"avg_disk_bytes_per_read","description":"Average number of bytes transferred from the disk during read operations","type":"bigint","hidden":false,"required":false,"index":false},{"name":"avg_disk_bytes_per_write","description":"Average number of bytes transferred to the disk during write operations","type":"bigint","hidden":false,"required":false,"index":false},{"name":"avg_disk_read_queue_length","description":"Average number of read requests that were queued for the selected disk during the sample interval","type":"bigint","hidden":false,"required":false,"index":false},{"name":"avg_disk_write_queue_length","description":"Average number of write requests that were queued for the selected disk during the sample interval","type":"bigint","hidden":false,"required":false,"index":false},{"name":"avg_disk_sec_per_read","description":"Average time, in seconds, of a read operation of data from the disk","type":"integer","hidden":false,"required":false,"index":false},{"name":"avg_disk_sec_per_write","description":"Average time, in seconds, of a write operation of data to the disk","type":"integer","hidden":false,"required":false,"index":false},{"name":"current_disk_queue_length","description":"Number of requests outstanding on the disk at the time the performance data is collected","type":"integer","hidden":false,"required":false,"index":false},{"name":"percent_disk_read_time","description":"Percentage of elapsed time that the selected disk drive is busy servicing read requests","type":"bigint","hidden":false,"required":false,"index":false},{"name":"percent_disk_write_time","description":"Percentage of elapsed time that the selected disk drive is busy servicing write requests","type":"bigint","hidden":false,"required":false,"index":false},{"name":"percent_disk_time","description":"Percentage of elapsed time that the selected disk drive is busy servicing read or write requests","type":"bigint","hidden":false,"required":false,"index":false},{"name":"percent_idle_time","description":"Percentage of time during the sample interval that the disk was idle","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"pipes","description":"Named and Anonymous pipes.","platforms":["windows"],"columns":[{"name":"pid","description":"Process ID of the process to which the pipe belongs","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the pipe","type":"text","hidden":false,"required":false,"index":false},{"name":"instances","description":"Number of instances of the named pipe","type":"integer","hidden":false,"required":false,"index":false},{"name":"max_instances","description":"The maximum number of instances creatable for this pipe","type":"integer","hidden":false,"required":false,"index":false},{"name":"flags","description":"The flags indicating whether this pipe connection is a server or client end, and if the pipe for sending messages or bytes","type":"text","hidden":false,"required":false,"index":false}]},{"name":"pkg_packages","description":"pkgng packages that are currently installed on the host system.","platforms":["freebsd"],"columns":[{"name":"name","description":"Package name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package version","type":"text","hidden":false,"required":false,"index":false},{"name":"flatsize","description":"Package size in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"arch","description":"Architecture(s) supported","type":"text","hidden":false,"required":false,"index":false}]},{"name":"platform_info","description":"Information about EFI/UEFI/ROM and platform/boot.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"vendor","description":"Platform code vendor","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Platform code version","type":"text","hidden":false,"required":false,"index":false},{"name":"date","description":"Self-reported platform code update date","type":"text","hidden":false,"required":false,"index":false},{"name":"revision","description":"BIOS major and minor revision","type":"text","hidden":false,"required":false,"index":false},{"name":"address","description":"Relative address of firmware mapping","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size in bytes of firmware","type":"text","hidden":false,"required":false,"index":false},{"name":"volume_size","description":"(Optional) size of firmware volume","type":"integer","hidden":false,"required":false,"index":false},{"name":"extra","description":"Platform-specific additional information","type":"text","hidden":false,"required":false,"index":false}]},{"name":"plist","description":"Read and parse a plist file.","platforms":["darwin"],"columns":[{"name":"key","description":"Preference top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"subkey","description":"Intermediate key path, includes lists/dicts","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"String value of most CF types","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"(required) read preferences from a plist","type":"text","hidden":false,"required":true,"index":false}]},{"name":"portage_keywords","description":"A summary about portage configurations like keywords, mask and unmask.","platforms":["linux"],"columns":[{"name":"package","description":"Package name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"The version which are affected by the use flags, empty means all","type":"text","hidden":false,"required":false,"index":false},{"name":"keyword","description":"The keyword applied to the package","type":"text","hidden":false,"required":false,"index":false},{"name":"mask","description":"If the package is masked","type":"integer","hidden":false,"required":false,"index":false},{"name":"unmask","description":"If the package is unmasked","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"portage_packages","description":"List of currently installed packages.","platforms":["linux"],"columns":[{"name":"package","description":"Package name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"The version which are affected by the use flags, empty means all","type":"text","hidden":false,"required":false,"index":false},{"name":"slot","description":"The slot used by package","type":"text","hidden":false,"required":false,"index":false},{"name":"build_time","description":"Unix time when package was built","type":"bigint","hidden":false,"required":false,"index":false},{"name":"repository","description":"From which repository the ebuild was used","type":"text","hidden":false,"required":false,"index":false},{"name":"eapi","description":"The eapi for the ebuild","type":"bigint","hidden":false,"required":false,"index":false},{"name":"size","description":"The size of the package","type":"bigint","hidden":false,"required":false,"index":false},{"name":"world","description":"If package is in the world file","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"portage_use","description":"List of enabled portage USE values for specific package.","platforms":["linux"],"columns":[{"name":"package","description":"Package name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"The version of the installed package","type":"text","hidden":false,"required":false,"index":false},{"name":"use","description":"USE flag which has been enabled for package","type":"text","hidden":false,"required":false,"index":false}]},{"name":"power_sensors","description":"Machine power (currents, voltages, wattages, etc) sensors.","platforms":["darwin"],"columns":[{"name":"key","description":"The SMC key on OS X","type":"text","hidden":false,"required":false,"index":false},{"name":"category","description":"The sensor category: currents, voltage, wattage","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of power source","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Power in Watts","type":"text","hidden":false,"required":false,"index":false}]},{"name":"powershell_events","description":"Powershell script blocks reconstructed to their full script content, this table requires script block logging to be enabled.","platforms":["windows"],"columns":[{"name":"time","description":"Timestamp the event was received by the osquery event publisher","type":"bigint","hidden":false,"required":false,"index":false},{"name":"datetime","description":"System time at which the Powershell script event occurred","type":"text","hidden":false,"required":false,"index":false},{"name":"script_block_id","description":"The unique GUID of the powershell script to which this block belongs","type":"text","hidden":false,"required":false,"index":false},{"name":"script_block_count","description":"The total number of script blocks for this script","type":"integer","hidden":false,"required":false,"index":false},{"name":"script_text","description":"The text content of the Powershell script","type":"text","hidden":false,"required":false,"index":false},{"name":"script_name","description":"The name of the Powershell script","type":"text","hidden":false,"required":false,"index":false},{"name":"script_path","description":"The path for the Powershell script","type":"text","hidden":false,"required":false,"index":false},{"name":"cosine_similarity","description":"How similar the Powershell script is to a provided 'normal' character frequency","type":"double","hidden":false,"required":false,"index":false}]},{"name":"preferences","description":"OS X defaults and managed preferences.","platforms":["darwin"],"columns":[{"name":"domain","description":"Application ID usually in com.name.product format","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Preference top-level key","type":"text","hidden":false,"required":false,"index":false},{"name":"subkey","description":"Intemediate key path, includes lists/dicts","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"String value of most CF types","type":"text","hidden":false,"required":false,"index":false},{"name":"forced","description":"1 if the value is forced/managed, else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"username","description":"(optional) read preferences for a specific user","type":"text","hidden":false,"required":false,"index":false},{"name":"host","description":"'current' or 'any' host, where 'current' takes precedence","type":"text","hidden":false,"required":false,"index":false}]},{"name":"prefetch","description":"Prefetch files show metadata related to file execution.","platforms":["windows"],"columns":[{"name":"path","description":"Prefetch file path.","type":"text","hidden":false,"required":false,"index":false},{"name":"filename","description":"Executable filename.","type":"text","hidden":false,"required":false,"index":false},{"name":"hash","description":"Prefetch CRC hash.","type":"text","hidden":false,"required":false,"index":false},{"name":"last_run_time","description":"Most recent time application was run.","type":"integer","hidden":false,"required":false,"index":false},{"name":"other_run_times","description":"Other execution times in prefetch file.","type":"text","hidden":false,"required":false,"index":false},{"name":"run_count","description":"Number of times the application has been run.","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Application file size.","type":"integer","hidden":false,"required":false,"index":false},{"name":"volume_serial","description":"Volume serial number.","type":"text","hidden":false,"required":false,"index":false},{"name":"volume_creation","description":"Volume creation time.","type":"text","hidden":false,"required":false,"index":false},{"name":"accessed_files_count","description":"Number of files accessed.","type":"integer","hidden":false,"required":false,"index":false},{"name":"accessed_directories_count","description":"Number of directories accessed.","type":"integer","hidden":false,"required":false,"index":false},{"name":"accessed_files","description":"Files accessed by application within ten seconds of launch.","type":"text","hidden":false,"required":false,"index":false},{"name":"accessed_directories","description":"Directories accessed by application within ten seconds of launch.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"process_envs","description":"A key/value table of environment variables for each process.","platforms":["darwin","linux"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"key","description":"Environment variable name","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Environment variable value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"process_events","description":"Track time/action process executions.","platforms":["darwin","linux"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of executed file","type":"text","hidden":false,"required":false,"index":false},{"name":"mode","description":"File mode permissions","type":"text","hidden":false,"required":false,"index":false},{"name":"cmdline","description":"Command line arguments (argv)","type":"text","hidden":false,"required":false,"index":false},{"name":"cmdline_size","description":"Actual size (bytes) of command line arguments","type":"bigint","hidden":true,"required":false,"index":false},{"name":"env","description":"Environment variables delimited by spaces","type":"text","hidden":true,"required":false,"index":false},{"name":"env_count","description":"Number of environment variables","type":"bigint","hidden":true,"required":false,"index":false},{"name":"env_size","description":"Actual size (bytes) of environment list","type":"bigint","hidden":true,"required":false,"index":false},{"name":"cwd","description":"The process current working directory","type":"text","hidden":false,"required":false,"index":false},{"name":"auid","description":"Audit User ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"euid","description":"Effective user ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"egid","description":"Effective group ID at process start","type":"bigint","hidden":false,"required":false,"index":false},{"name":"owner_uid","description":"File owner user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"owner_gid","description":"File owner group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"atime","description":"File last access in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mtime","description":"File modification in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ctime","description":"File last metadata change in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"btime","description":"File creation in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"overflows","description":"List of structures that overflowed","type":"text","hidden":true,"required":false,"index":false},{"name":"parent","description":"Process parent's PID, or -1 if cannot be determined.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false},{"name":"status","description":"OpenBSM Attribute: Status of the process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"fsuid","description":"Filesystem user ID at process start","type":"bigint","hidden":true,"required":false,"index":false},{"name":"suid","description":"Saved user ID at process start","type":"bigint","hidden":true,"required":false,"index":false},{"name":"fsgid","description":"Filesystem group ID at process start","type":"bigint","hidden":true,"required":false,"index":false},{"name":"sgid","description":"Saved group ID at process start","type":"bigint","hidden":true,"required":false,"index":false},{"name":"syscall","description":"Syscall name: fork, vfork, clone, execve, execveat","type":"text","hidden":true,"required":false,"index":false}]},{"name":"process_file_events","description":"A File Integrity Monitor implementation using the audit service.","platforms":["linux"],"columns":[{"name":"operation","description":"Operation type","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ppid","description":"Parent process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"executable","description":"The executable path","type":"text","hidden":false,"required":false,"index":false},{"name":"partial","description":"True if this is a partial event (i.e.: this process existed before we started osquery)","type":"text","hidden":false,"required":false,"index":false},{"name":"cwd","description":"The current working directory of the process","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"The path associated with the event","type":"text","hidden":false,"required":false,"index":false},{"name":"dest_path","description":"The canonical path associated with the event","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"The uid of the process performing the action","type":"text","hidden":false,"required":false,"index":false},{"name":"gid","description":"The gid of the process performing the action","type":"text","hidden":false,"required":false,"index":false},{"name":"auid","description":"Audit user ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"euid","description":"Effective user ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"egid","description":"Effective group ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"fsuid","description":"Filesystem user ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"fsgid","description":"Filesystem group ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"suid","description":"Saved user ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"sgid","description":"Saved group ID of the process using the file","type":"text","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"process_memory_map","description":"Process memory mapped files and pseudo device/regions.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"start","description":"Virtual start address (hex)","type":"text","hidden":false,"required":false,"index":false},{"name":"end","description":"Virtual end address (hex)","type":"text","hidden":false,"required":false,"index":false},{"name":"permissions","description":"r=read, w=write, x=execute, p=private (cow)","type":"text","hidden":false,"required":false,"index":false},{"name":"offset","description":"Offset into mapped path","type":"bigint","hidden":false,"required":false,"index":false},{"name":"device","description":"MA:MI Major/minor device ID","type":"text","hidden":false,"required":false,"index":false},{"name":"inode","description":"Mapped path inode, 0 means uninitialized (BSS)","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to mapped file or mapped type","type":"text","hidden":false,"required":false,"index":false},{"name":"pseudo","description":"1 If path is a pseudo path, else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"process_namespaces","description":"Linux namespaces for processes running on the host system.","platforms":["linux"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"cgroup_namespace","description":"cgroup namespace inode","type":"text","hidden":false,"required":false,"index":false},{"name":"ipc_namespace","description":"ipc namespace inode","type":"text","hidden":false,"required":false,"index":false},{"name":"mnt_namespace","description":"mnt namespace inode","type":"text","hidden":false,"required":false,"index":false},{"name":"net_namespace","description":"net namespace inode","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_namespace","description":"pid namespace inode","type":"text","hidden":false,"required":false,"index":false},{"name":"user_namespace","description":"user namespace inode","type":"text","hidden":false,"required":false,"index":false},{"name":"uts_namespace","description":"uts namespace inode","type":"text","hidden":false,"required":false,"index":false}]},{"name":"process_open_files","description":"File descriptors for each process.","platforms":["darwin","linux"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"fd","description":"Process-specific file descriptor number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Filesystem path of descriptor","type":"text","hidden":false,"required":false,"index":false}]},{"name":"process_open_pipes","description":"Pipes and partner processes for each process.","platforms":["darwin","linux"],"columns":[{"name":"pid","description":"Process ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"fd","description":"File descriptor","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mode","description":"Pipe open mode (r/w)","type":"text","hidden":false,"required":false,"index":false},{"name":"inode","description":"Pipe inode number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"type","description":"Pipe Type: named vs unnamed/anonymous","type":"text","hidden":false,"required":false,"index":false},{"name":"partner_pid","description":"Process ID of partner process sharing a particular pipe","type":"bigint","hidden":false,"required":false,"index":false},{"name":"partner_fd","description":"File descriptor of shared pipe at partner's end","type":"bigint","hidden":false,"required":false,"index":false},{"name":"partner_mode","description":"Mode of shared pipe at partner's end","type":"text","hidden":false,"required":false,"index":false}]},{"name":"process_open_sockets","description":"Processes which have open network sockets on the system.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"fd","description":"Socket file descriptor number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"socket","description":"Socket handle or inode number","type":"bigint","hidden":false,"required":false,"index":false},{"name":"family","description":"Network protocol (IPv4, IPv6)","type":"integer","hidden":false,"required":false,"index":false},{"name":"protocol","description":"Transport protocol (TCP/UDP)","type":"integer","hidden":false,"required":false,"index":false},{"name":"local_address","description":"Socket local address","type":"text","hidden":false,"required":false,"index":false},{"name":"remote_address","description":"Socket remote address","type":"text","hidden":false,"required":false,"index":false},{"name":"local_port","description":"Socket local port","type":"integer","hidden":false,"required":false,"index":false},{"name":"remote_port","description":"Socket remote port","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"For UNIX sockets (family=AF_UNIX), the domain path","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"TCP socket state","type":"text","hidden":false,"required":false,"index":false},{"name":"net_namespace","description":"The inode number of the network namespace","type":"text","hidden":true,"required":false,"index":false}]},{"name":"processes","description":"All running processes on the host system.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"pid","description":"Process (or thread) ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"The process path or shorthand argv[0]","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to executed binary","type":"text","hidden":false,"required":false,"index":false},{"name":"cmdline","description":"Complete argv","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"Process state","type":"text","hidden":false,"required":false,"index":false},{"name":"cwd","description":"Process current working directory","type":"text","hidden":false,"required":false,"index":false},{"name":"root","description":"Process virtual root directory","type":"text","hidden":false,"required":false,"index":false},{"name":"uid","description":"Unsigned user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Unsigned group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"euid","description":"Unsigned effective user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"egid","description":"Unsigned effective group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"suid","description":"Unsigned saved user ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sgid","description":"Unsigned saved group ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"on_disk","description":"The process path exists yes=1, no=0, unknown=-1","type":"integer","hidden":false,"required":false,"index":false},{"name":"wired_size","description":"Bytes of unpageable memory used by process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"resident_size","description":"Bytes of private memory used by process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"total_size","description":"Total virtual memory size","type":"bigint","hidden":false,"required":false,"index":false},{"name":"user_time","description":"CPU time in milliseconds spent in user space","type":"bigint","hidden":false,"required":false,"index":false},{"name":"system_time","description":"CPU time in milliseconds spent in kernel space","type":"bigint","hidden":false,"required":false,"index":false},{"name":"disk_bytes_read","description":"Bytes read from disk","type":"bigint","hidden":false,"required":false,"index":false},{"name":"disk_bytes_written","description":"Bytes written to disk","type":"bigint","hidden":false,"required":false,"index":false},{"name":"start_time","description":"Process start time in seconds since Epoch, in case of error -1","type":"bigint","hidden":false,"required":false,"index":false},{"name":"parent","description":"Process parent's PID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pgroup","description":"Process group","type":"bigint","hidden":false,"required":false,"index":false},{"name":"threads","description":"Number of threads used by process","type":"integer","hidden":false,"required":false,"index":false},{"name":"nice","description":"Process nice level (-20 to 20, default 0)","type":"integer","hidden":false,"required":false,"index":false},{"name":"elevated_token","description":"Process uses elevated token yes=1, no=0","type":"integer","hidden":true,"required":false,"index":false},{"name":"secure_process","description":"Process is secure (IUM) yes=1, no=0","type":"integer","hidden":true,"required":false,"index":false},{"name":"protection_type","description":"The protection type of the process","type":"text","hidden":true,"required":false,"index":false},{"name":"virtual_process","description":"Process is virtual (e.g. System, Registry, vmmem) yes=1, no=0","type":"integer","hidden":true,"required":false,"index":false},{"name":"elapsed_time","description":"Elapsed time in seconds this process has been running.","type":"bigint","hidden":true,"required":false,"index":false},{"name":"handle_count","description":"Total number of handles that the process has open. This number is the sum of the handles currently opened by each thread in the process.","type":"bigint","hidden":true,"required":false,"index":false},{"name":"percent_processor_time","description":"Returns elapsed time that all of the threads of this process used the processor to execute instructions in 100 nanoseconds ticks.","type":"bigint","hidden":true,"required":false,"index":false},{"name":"upid","description":"A 64bit pid that is never reused. Returns -1 if we couldn't gather them from the system.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uppid","description":"The 64bit parent pid that is never reused. Returns -1 if we couldn't gather them from the system.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cpu_type","description":"Indicates the specific processor designed for installation.","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_subtype","description":"Indicates the specific processor on which an entry may be used.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"programs","description":"Represents products as they are installed by Windows Installer. A product generally correlates to one installation package on Windows. Some fields may be blank as Windows installation details are left to the discretion of the product author.","platforms":["windows"],"columns":[{"name":"name","description":"Commonly used product name.","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Product version information.","type":"text","hidden":false,"required":false,"index":false},{"name":"install_location","description":"The installation location directory of the product.","type":"text","hidden":false,"required":false,"index":false},{"name":"install_source","description":"The installation source of the product.","type":"text","hidden":false,"required":false,"index":false},{"name":"language","description":"The language of the product.","type":"text","hidden":false,"required":false,"index":false},{"name":"publisher","description":"Name of the product supplier.","type":"text","hidden":false,"required":false,"index":false},{"name":"uninstall_string","description":"Path and filename of the uninstaller.","type":"text","hidden":false,"required":false,"index":false},{"name":"install_date","description":"Date that this product was installed on the system. ","type":"text","hidden":false,"required":false,"index":false},{"name":"identifying_number","description":"Product identification such as a serial number on software, or a die number on a hardware chip.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"prometheus_metrics","description":"Retrieve metrics from a Prometheus server.","platforms":["darwin","linux"],"columns":[{"name":"target_name","description":"Address of prometheus target","type":"text","hidden":false,"required":false,"index":false},{"name":"metric_name","description":"Name of collected Prometheus metric","type":"text","hidden":false,"required":false,"index":false},{"name":"metric_value","description":"Value of collected Prometheus metric","type":"double","hidden":false,"required":false,"index":false},{"name":"timestamp_ms","description":"Unix timestamp of collected data in MS","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"python_packages","description":"Python packages installed in a system.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Package display name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package-supplied version","type":"text","hidden":false,"required":false,"index":false},{"name":"summary","description":"Package-supplied summary","type":"text","hidden":false,"required":false,"index":false},{"name":"author","description":"Optional package author","type":"text","hidden":false,"required":false,"index":false},{"name":"license","description":"License under which package is launched","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path at which this module resides","type":"text","hidden":false,"required":false,"index":false},{"name":"directory","description":"Directory where Python modules are located","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"quicklook_cache","description":"Files and thumbnails within OS X's Quicklook Cache.","platforms":["darwin"],"columns":[{"name":"path","description":"Path of file","type":"text","hidden":false,"required":false,"index":false},{"name":"rowid","description":"Quicklook file rowid key","type":"integer","hidden":false,"required":false,"index":false},{"name":"fs_id","description":"Quicklook file fs_id key","type":"text","hidden":false,"required":false,"index":false},{"name":"volume_id","description":"Parsed volume ID from fs_id","type":"integer","hidden":false,"required":false,"index":false},{"name":"inode","description":"Parsed file ID (inode) from fs_id","type":"integer","hidden":false,"required":false,"index":false},{"name":"mtime","description":"Parsed version date field","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Parsed version size field","type":"bigint","hidden":false,"required":false,"index":false},{"name":"label","description":"Parsed version 'gen' field","type":"text","hidden":false,"required":false,"index":false},{"name":"last_hit_date","description":"Apple date format for last thumbnail cache hit","type":"integer","hidden":false,"required":false,"index":false},{"name":"hit_count","description":"Number of cache hits on thumbnail","type":"text","hidden":false,"required":false,"index":false},{"name":"icon_mode","description":"Thumbnail icon mode","type":"bigint","hidden":false,"required":false,"index":false},{"name":"cache_path","description":"Path to cache data","type":"text","hidden":false,"required":false,"index":false}]},{"name":"registry","description":"All of the Windows registry hives.","platforms":["windows"],"columns":[{"name":"key","description":"Name of the key to search for","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Full path to the value","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the registry value entry","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of the registry value, or 'subkey' if item is a subkey","type":"text","hidden":false,"required":false,"index":false},{"name":"data","description":"Data content of registry value","type":"text","hidden":false,"required":false,"index":false},{"name":"mtime","description":"timestamp of the most recent registry write","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"routes","description":"The active route table for the host system.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"destination","description":"Destination IP address","type":"text","hidden":false,"required":false,"index":false},{"name":"netmask","description":"Netmask length","type":"integer","hidden":false,"required":false,"index":false},{"name":"gateway","description":"Route gateway","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Route source","type":"text","hidden":false,"required":false,"index":false},{"name":"flags","description":"Flags to describe route","type":"integer","hidden":false,"required":false,"index":false},{"name":"interface","description":"Route local interface","type":"text","hidden":false,"required":false,"index":false},{"name":"mtu","description":"Maximum Transmission Unit for the route","type":"integer","hidden":false,"required":false,"index":false},{"name":"metric","description":"Cost of route. Lowest is preferred","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of route","type":"text","hidden":false,"required":false,"index":false},{"name":"hopcount","description":"Max hops expected","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"rpm_package_files","description":"RPM packages that are currently installed on the host system.","platforms":["linux"],"columns":[{"name":"package","description":"RPM package name","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"File path within the package","type":"text","hidden":false,"required":false,"index":false},{"name":"username","description":"File default username from info DB","type":"text","hidden":false,"required":false,"index":false},{"name":"groupname","description":"File default groupname from info DB","type":"text","hidden":false,"required":false,"index":false},{"name":"mode","description":"File permissions mode from info DB","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Expected file size in bytes from RPM info DB","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sha256","description":"SHA256 file digest from RPM info DB","type":"text","hidden":false,"required":false,"index":false}]},{"name":"rpm_packages","description":"RPM packages that are currently installed on the host system.","platforms":["linux"],"columns":[{"name":"name","description":"RPM package name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Package version","type":"text","hidden":false,"required":false,"index":false},{"name":"release","description":"Package release","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Source RPM package name (optional)","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Package size in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"sha1","description":"SHA1 hash of the package contents","type":"text","hidden":false,"required":false,"index":false},{"name":"arch","description":"Architecture(s) supported","type":"text","hidden":false,"required":false,"index":false},{"name":"epoch","description":"Package epoch value","type":"integer","hidden":false,"required":false,"index":false},{"name":"install_time","description":"When the package was installed","type":"integer","hidden":false,"required":false,"index":false},{"name":"vendor","description":"Package vendor","type":"text","hidden":false,"required":false,"index":false},{"name":"package_group","description":"Package group","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false},{"name":"mount_namespace_id","description":"Mount namespace id","type":"text","hidden":true,"required":false,"index":false}]},{"name":"running_apps","description":"macOS applications currently running on the host system.","platforms":["darwin"],"columns":[{"name":"pid","description":"The pid of the application","type":"integer","hidden":false,"required":false,"index":false},{"name":"bundle_identifier","description":"The bundle identifier of the application","type":"text","hidden":false,"required":false,"index":false},{"name":"is_active","description":"1 if the application is in focus, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"safari_extensions","description":"Safari browser extension details for all users.","platforms":["darwin"],"columns":[{"name":"uid","description":"The local user that owns the extension","type":"bigint","hidden":false,"required":false,"index":false},{"name":"name","description":"Extension display name","type":"text","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Extension identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"Extension long version","type":"text","hidden":false,"required":false,"index":false},{"name":"sdk","description":"Bundle SDK used to compile extension","type":"text","hidden":false,"required":false,"index":false},{"name":"update_url","description":"Extension-supplied update URI","type":"text","hidden":false,"required":false,"index":false},{"name":"author","description":"Optional extension author","type":"text","hidden":false,"required":false,"index":false},{"name":"developer_id","description":"Optional developer identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Optional extension description text","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to extension XAR bundle","type":"text","hidden":false,"required":false,"index":false}]},{"name":"sandboxes","description":"OS X application sandboxes container details.","platforms":["darwin"],"columns":[{"name":"label","description":"UTI-format bundle or label ID","type":"text","hidden":false,"required":false,"index":false},{"name":"user","description":"Sandbox owner","type":"text","hidden":false,"required":false,"index":false},{"name":"enabled","description":"Application sandboxings enabled on container","type":"integer","hidden":false,"required":false,"index":false},{"name":"build_id","description":"Sandbox-specific identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_path","description":"Application bundle used by the sandbox","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to sandbox container directory","type":"text","hidden":false,"required":false,"index":false}]},{"name":"scheduled_tasks","description":"Lists all of the tasks in the Windows task scheduler.","platforms":["windows"],"columns":[{"name":"name","description":"Name of the scheduled task","type":"text","hidden":false,"required":false,"index":false},{"name":"action","description":"Actions executed by the scheduled task","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to the executable to be run","type":"text","hidden":false,"required":false,"index":false},{"name":"enabled","description":"Whether or not the scheduled task is enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"state","description":"State of the scheduled task","type":"text","hidden":false,"required":false,"index":false},{"name":"hidden","description":"Whether or not the task is visible in the UI","type":"integer","hidden":false,"required":false,"index":false},{"name":"last_run_time","description":"Timestamp the task last ran","type":"bigint","hidden":false,"required":false,"index":false},{"name":"next_run_time","description":"Timestamp the task is scheduled to run next","type":"bigint","hidden":false,"required":false,"index":false},{"name":"last_run_message","description":"Exit status message of the last task run","type":"text","hidden":false,"required":false,"index":false},{"name":"last_run_code","description":"Exit status code of the last task run","type":"text","hidden":false,"required":false,"index":false}]},{"name":"screenlock","description":"macOS screenlock status for the current logged in user context.","platforms":["darwin"],"columns":[{"name":"enabled","description":"1 If a password is required after sleep or the screensaver begins; else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"grace_period","description":"The amount of time in seconds the screen must be asleep or the screensaver on before a password is required on-wake. 0 = immediately; -1 = no password is required on-wake","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"seccomp_events","description":"A virtual table that tracks seccomp events.","platforms":["linux"],"columns":[{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"auid","description":"Audit user ID (loginuid) of the user who started the analyzed process","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"uid","description":"User ID of the user who started the analyzed process","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID of the user who started the analyzed process","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"ses","description":"Session ID of the session from which the analyzed process was invoked","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID","type":"unsigned_bigint","hidden":false,"required":false,"index":false},{"name":"comm","description":"Command-line name of the command that was used to invoke the analyzed process","type":"text","hidden":false,"required":false,"index":false},{"name":"exe","description":"The path to the executable that was used to invoke the analyzed process","type":"text","hidden":false,"required":false,"index":false},{"name":"sig","description":"Signal value sent to process by seccomp","type":"bigint","hidden":false,"required":false,"index":false},{"name":"arch","description":"Information about the CPU architecture","type":"text","hidden":false,"required":false,"index":false},{"name":"syscall","description":"Type of the system call","type":"text","hidden":false,"required":false,"index":false},{"name":"compat","description":"Is system call in compatibility mode","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ip","description":"Instruction pointer value","type":"text","hidden":false,"required":false,"index":false},{"name":"code","description":"The seccomp action","type":"text","hidden":false,"required":false,"index":false}]},{"name":"secureboot","description":"Secure Boot UEFI Settings.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"secure_boot","description":"Whether secure boot is enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"setup_mode","description":"Whether setup mode is enabled","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"selinux_events","description":"Track SELinux events.","platforms":["linux"],"columns":[{"name":"type","description":"Event type","type":"text","hidden":false,"required":false,"index":false},{"name":"message","description":"Message","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"selinux_settings","description":"Track active SELinux settings.","platforms":["linux"],"columns":[{"name":"scope","description":"Where the key is located inside the SELinuxFS mount point.","type":"text","hidden":false,"required":false,"index":false},{"name":"key","description":"Key or class name.","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Active value.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"services","description":"Lists all installed Windows services and their relevant data.","platforms":["windows"],"columns":[{"name":"name","description":"Service name","type":"text","hidden":false,"required":false,"index":false},{"name":"service_type","description":"Service Type: OWN_PROCESS, SHARE_PROCESS and maybe Interactive (can interact with the desktop)","type":"text","hidden":false,"required":false,"index":false},{"name":"display_name","description":"Service Display name","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Service Current status: STOPPED, START_PENDING, STOP_PENDING, RUNNING, CONTINUE_PENDING, PAUSE_PENDING, PAUSED","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"the Process ID of the service","type":"integer","hidden":false,"required":false,"index":false},{"name":"start_type","description":"Service start type: BOOT_START, SYSTEM_START, AUTO_START, DEMAND_START, DISABLED","type":"text","hidden":false,"required":false,"index":false},{"name":"win32_exit_code","description":"The error code that the service uses to report an error that occurs when it is starting or stopping","type":"integer","hidden":false,"required":false,"index":false},{"name":"service_exit_code","description":"The service-specific error code that the service returns when an error occurs while the service is starting or stopping","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to Service Executable","type":"text","hidden":false,"required":false,"index":false},{"name":"module_path","description":"Path to ServiceDll","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Service Description","type":"text","hidden":false,"required":false,"index":false},{"name":"user_account","description":"The name of the account that the service process will be logged on as when it runs. This name can be of the form Domain\\UserName. If the account belongs to the built-in domain, the name can be of the form .\\UserName.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"shadow","description":"Local system users encrypted passwords and related information. Please note, that you usually need superuser rights to access `/etc/shadow`.","platforms":["linux"],"columns":[{"name":"password_status","description":"Password status","type":"text","hidden":false,"required":false,"index":false},{"name":"hash_alg","description":"Password hashing algorithm","type":"text","hidden":false,"required":false,"index":false},{"name":"last_change","description":"Date of last password change (starting from UNIX epoch date)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"min","description":"Minimal number of days between password changes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"max","description":"Maximum number of days between password changes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"warning","description":"Number of days before password expires to warn user about it","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inactive","description":"Number of days after password expires until account is blocked","type":"bigint","hidden":false,"required":false,"index":false},{"name":"expire","description":"Number of days since UNIX epoch date until account is disabled","type":"bigint","hidden":false,"required":false,"index":false},{"name":"flag","description":"Reserved","type":"bigint","hidden":false,"required":false,"index":false},{"name":"username","description":"Username","type":"text","hidden":false,"required":false,"index":false}]},{"name":"shared_folders","description":"Folders available to others via SMB or AFP.","platforms":["darwin"],"columns":[{"name":"name","description":"The shared name of the folder as it appears to other users","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Absolute path of shared folder on the local system","type":"text","hidden":false,"required":false,"index":false}]},{"name":"shared_memory","description":"OS shared memory regions.","platforms":["linux"],"columns":[{"name":"shmid","description":"Shared memory segment ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"owner_uid","description":"User ID of owning process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"creator_uid","description":"User ID of creator process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID to last use the segment","type":"bigint","hidden":false,"required":false,"index":false},{"name":"creator_pid","description":"Process ID that created the segment","type":"bigint","hidden":false,"required":false,"index":false},{"name":"atime","description":"Attached time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"dtime","description":"Detached time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"ctime","description":"Changed time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"permissions","description":"Memory segment permissions","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Size in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"attached","description":"Number of attached processes","type":"integer","hidden":false,"required":false,"index":false},{"name":"status","description":"Destination/attach status","type":"text","hidden":false,"required":false,"index":false},{"name":"locked","description":"1 if segment is locked else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"shared_resources","description":"Displays shared resources on a computer system running Windows. This may be a disk drive, printer, interprocess communication, or other sharable device.","platforms":["windows"],"columns":[{"name":"description","description":"A textual description of the object","type":"text","hidden":false,"required":false,"index":false},{"name":"install_date","description":"Indicates when the object was installed. Lack of a value does not indicate that the object is not installed.","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"String that indicates the current status of the object.","type":"text","hidden":false,"required":false,"index":false},{"name":"allow_maximum","description":"Number of concurrent users for this resource has been limited. If True, the value in the MaximumAllowed property is ignored.","type":"integer","hidden":false,"required":false,"index":false},{"name":"maximum_allowed","description":"Limit on the maximum number of users allowed to use this resource concurrently. The value is only valid if the AllowMaximum property is set to FALSE.","type":"integer","hidden":false,"required":false,"index":false},{"name":"name","description":"Alias given to a path set up as a share on a computer system running Windows.","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Local path of the Windows share.","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of resource being shared. Types include: disk drives, print queues, interprocess communications (IPC), and general devices.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"sharing_preferences","description":"OS X Sharing preferences.","platforms":["darwin"],"columns":[{"name":"screen_sharing","description":"1 If screen sharing is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"file_sharing","description":"1 If file sharing is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"printer_sharing","description":"1 If printer sharing is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"remote_login","description":"1 If remote login is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"remote_management","description":"1 If remote management is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"remote_apple_events","description":"1 If remote apple events are enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"internet_sharing","description":"1 If internet sharing is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"bluetooth_sharing","description":"1 If bluetooth sharing is enabled for any user else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"disc_sharing","description":"1 If CD or DVD sharing is enabled else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"content_caching","description":"1 If content caching is enabled else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"shell_history","description":"A line-delimited (command) table of per-user .*_history data.","platforms":["darwin","linux"],"columns":[{"name":"uid","description":"Shell history owner","type":"bigint","hidden":false,"required":false,"index":false},{"name":"time","description":"Entry timestamp. It could be absent, default value is 0.","type":"integer","hidden":false,"required":false,"index":false},{"name":"command","description":"Unparsed date/line/command history line","type":"text","hidden":false,"required":false,"index":false},{"name":"history_file","description":"Path to the .*_history for this user","type":"text","hidden":false,"required":false,"index":false}]},{"name":"shellbags","description":"Shows directories accessed via Windows Explorer.","platforms":["windows"],"columns":[{"name":"sid","description":"User SID","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Shellbags source Registry file","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Directory name.","type":"text","hidden":false,"required":false,"index":false},{"name":"modified_time","description":"Directory Modified time.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"created_time","description":"Directory Created time.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"accessed_time","description":"Directory Accessed time.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mft_entry","description":"Directory master file table entry.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mft_sequence","description":"Directory master file table sequence.","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"shimcache","description":"Application Compatibility Cache, contains artifacts of execution.","platforms":["windows"],"columns":[{"name":"entry","description":"Execution order.","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"This is the path to the executed file.","type":"text","hidden":false,"required":false,"index":false},{"name":"modified_time","description":"File Modified time.","type":"integer","hidden":false,"required":false,"index":false},{"name":"execution_flag","description":"Boolean Execution flag, 1 for execution, 0 for no execution, -1 for missing (this flag does not exist on Windows 10 and higher).","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"shortcut_files","description":"View data about Windows Shortcut files.","platforms":["windows"],"columns":[{"name":"path","description":"Directory name.","type":"text","hidden":false,"required":true,"index":false},{"name":"target_path","description":"Target file path","type":"text","hidden":false,"required":false,"index":false},{"name":"target_modified","description":"Target Modified time.","type":"integer","hidden":false,"required":false,"index":false},{"name":"target_created","description":"Target Created time.","type":"integer","hidden":false,"required":false,"index":false},{"name":"target_accessed","description":"Target Accessed time.","type":"integer","hidden":false,"required":false,"index":false},{"name":"target_size","description":"Size of target file.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"relative_path","description":"Relative path to target file from lnk file.","type":"text","hidden":false,"required":false,"index":false},{"name":"local_path","description":"Local system path to target file.","type":"text","hidden":false,"required":false,"index":false},{"name":"working_path","description":"Target file directory.","type":"text","hidden":false,"required":false,"index":false},{"name":"icon_path","description":"Lnk file icon location.","type":"text","hidden":false,"required":false,"index":false},{"name":"common_path","description":"Common system path to target file.","type":"text","hidden":false,"required":false,"index":false},{"name":"command_args","description":"Command args passed to lnk file.","type":"text","hidden":false,"required":false,"index":false},{"name":"hostname","description":"Optional hostname of the target file.","type":"text","hidden":false,"required":false,"index":false},{"name":"share_name","description":"Share name of the target file.","type":"text","hidden":false,"required":false,"index":false},{"name":"device_type","description":"Device containing the target file.","type":"text","hidden":false,"required":false,"index":false},{"name":"volume_serial","description":"Volume serial number.","type":"text","hidden":false,"required":false,"index":false},{"name":"mft_entry","description":"Target mft entry.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"mft_sequence","description":"Target mft sequence.","type":"integer","hidden":false,"required":false,"index":false},{"name":"description","description":"Lnk file description.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"signature","description":"File (executable, bundle, installer, disk) code signing status.","platforms":["darwin"],"columns":[{"name":"path","description":"Must provide a path or directory","type":"text","hidden":false,"required":true,"index":false},{"name":"hash_resources","description":"Set to 1 to also hash resources, or 0 otherwise. Default is 1","type":"integer","hidden":false,"required":false,"index":false},{"name":"arch","description":"If applicable, the arch of the signed code","type":"text","hidden":false,"required":false,"index":false},{"name":"signed","description":"1 If the file is signed else 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"identifier","description":"The signing identifier sealed into the signature","type":"text","hidden":false,"required":false,"index":false},{"name":"cdhash","description":"Hash of the application Code Directory","type":"text","hidden":false,"required":false,"index":false},{"name":"team_identifier","description":"The team signing identifier sealed into the signature","type":"text","hidden":false,"required":false,"index":false},{"name":"authority","description":"Certificate Common Name","type":"text","hidden":false,"required":false,"index":false}]},{"name":"sip_config","description":"Apple's System Integrity Protection (rootless) status.","platforms":["darwin"],"columns":[{"name":"config_flag","description":"The System Integrity Protection config flag","type":"text","hidden":false,"required":false,"index":false},{"name":"enabled","description":"1 if this configuration is enabled, otherwise 0","type":"integer","hidden":false,"required":false,"index":false},{"name":"enabled_nvram","description":"1 if this configuration is enabled, otherwise 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"smart_drive_info","description":"Drive information read by SMART controller utilizing autodetect.","platforms":["darwin","linux"],"columns":[{"name":"device_name","description":"Name of block device","type":"text","hidden":false,"required":false,"index":false},{"name":"disk_id","description":"Physical slot number of device, only exists when hardware storage controller exists","type":"integer","hidden":false,"required":false,"index":false},{"name":"driver_type","description":"The explicit device type used to retrieve the SMART information","type":"text","hidden":false,"required":false,"index":false},{"name":"model_family","description":"Drive model family","type":"text","hidden":false,"required":false,"index":false},{"name":"device_model","description":"Device Model","type":"text","hidden":false,"required":false,"index":false},{"name":"serial_number","description":"Device serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"lu_wwn_device_id","description":"Device Identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"additional_product_id","description":"An additional drive identifier if any","type":"text","hidden":false,"required":false,"index":false},{"name":"firmware_version","description":"Drive firmware version","type":"text","hidden":false,"required":false,"index":false},{"name":"user_capacity","description":"Bytes of drive capacity","type":"text","hidden":false,"required":false,"index":false},{"name":"sector_sizes","description":"Bytes of drive sector sizes","type":"text","hidden":false,"required":false,"index":false},{"name":"rotation_rate","description":"Drive RPM","type":"text","hidden":false,"required":false,"index":false},{"name":"form_factor","description":"Form factor if reported","type":"text","hidden":false,"required":false,"index":false},{"name":"in_smartctl_db","description":"Boolean value for if drive is recognized","type":"integer","hidden":false,"required":false,"index":false},{"name":"ata_version","description":"ATA version of drive","type":"text","hidden":false,"required":false,"index":false},{"name":"transport_type","description":"Drive transport type","type":"text","hidden":false,"required":false,"index":false},{"name":"sata_version","description":"SATA version, if any","type":"text","hidden":false,"required":false,"index":false},{"name":"read_device_identity_failure","description":"Error string for device id read, if any","type":"text","hidden":false,"required":false,"index":false},{"name":"smart_supported","description":"SMART support status","type":"text","hidden":false,"required":false,"index":false},{"name":"smart_enabled","description":"SMART enabled status","type":"text","hidden":false,"required":false,"index":false},{"name":"packet_device_type","description":"Packet device type","type":"text","hidden":false,"required":false,"index":false},{"name":"power_mode","description":"Device power mode","type":"text","hidden":false,"required":false,"index":false},{"name":"warnings","description":"Warning messages from SMART controller","type":"text","hidden":false,"required":false,"index":false}]},{"name":"smbios_tables","description":"BIOS (DMI) structure common details and content.","platforms":["darwin","linux"],"columns":[{"name":"number","description":"Table entry number","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Table entry type","type":"integer","hidden":false,"required":false,"index":false},{"name":"description","description":"Table entry description","type":"text","hidden":false,"required":false,"index":false},{"name":"handle","description":"Table entry handle","type":"integer","hidden":false,"required":false,"index":false},{"name":"header_size","description":"Header size in bytes","type":"integer","hidden":false,"required":false,"index":false},{"name":"size","description":"Table entry size in bytes","type":"integer","hidden":false,"required":false,"index":false},{"name":"md5","description":"MD5 hash of table entry","type":"text","hidden":false,"required":false,"index":false}]},{"name":"smc_keys","description":"Apple's system management controller keys.","platforms":["darwin"],"columns":[{"name":"key","description":"4-character key","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"SMC-reported type literal type","type":"text","hidden":false,"required":false,"index":false},{"name":"size","description":"Reported size of data in bytes","type":"integer","hidden":false,"required":false,"index":false},{"name":"value","description":"A type-encoded representation of the key value","type":"text","hidden":false,"required":false,"index":false},{"name":"hidden","description":"1 if this key is normally hidden, otherwise 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"socket_events","description":"Track network socket opens and closes.","platforms":["darwin","linux"],"columns":[{"name":"action","description":"The socket action (bind, listen, close)","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process (or thread) ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of executed file","type":"text","hidden":false,"required":false,"index":false},{"name":"fd","description":"The file description for the process socket","type":"text","hidden":false,"required":false,"index":false},{"name":"auid","description":"Audit User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"status","description":"Either 'succeeded', 'failed', 'in_progress' (connect() on non-blocking socket) or 'no_client' (null accept() on non-blocking socket)","type":"text","hidden":false,"required":false,"index":false},{"name":"family","description":"The Internet protocol family ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"protocol","description":"The network protocol ID","type":"integer","hidden":true,"required":false,"index":false},{"name":"local_address","description":"Local address associated with socket","type":"text","hidden":false,"required":false,"index":false},{"name":"remote_address","description":"Remote address associated with socket","type":"text","hidden":false,"required":false,"index":false},{"name":"local_port","description":"Local network protocol port number","type":"integer","hidden":false,"required":false,"index":false},{"name":"remote_port","description":"Remote network protocol port number","type":"integer","hidden":false,"required":false,"index":false},{"name":"socket","description":"The local path (UNIX domain socket only)","type":"text","hidden":true,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false},{"name":"success","description":"Deprecated. Use the 'status' column instead","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"ssh_configs","description":"A table of parsed ssh_configs.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"uid","description":"The local owner of the ssh_config file","type":"bigint","hidden":false,"required":false,"index":false},{"name":"block","description":"The host or match block","type":"text","hidden":false,"required":false,"index":false},{"name":"option","description":"The option and value","type":"text","hidden":false,"required":false,"index":false},{"name":"ssh_config_file","description":"Path to the ssh_config file","type":"text","hidden":false,"required":false,"index":false}]},{"name":"startup_items","description":"Applications and binaries set as user/login startup items.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"name","description":"Name of startup item","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of startup item","type":"text","hidden":false,"required":false,"index":false},{"name":"args","description":"Arguments provided to startup executable","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Startup Item or Login Item","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Directory or plist containing startup item","type":"text","hidden":false,"required":false,"index":false},{"name":"status","description":"Startup status; either enabled or disabled","type":"text","hidden":false,"required":false,"index":false},{"name":"username","description":"The user associated with the startup item","type":"text","hidden":false,"required":false,"index":false}]},{"name":"sudoers","description":"Rules for running commands as other users via sudo.","platforms":["darwin","linux"],"columns":[{"name":"source","description":"Source file containing the given rule","type":"text","hidden":false,"required":false,"index":false},{"name":"header","description":"Symbol for given rule","type":"text","hidden":false,"required":false,"index":false},{"name":"rule_details","description":"Rule definition","type":"text","hidden":false,"required":false,"index":false}]},{"name":"suid_bin","description":"suid binaries in common locations.","platforms":["darwin","linux"],"columns":[{"name":"path","description":"Binary path","type":"text","hidden":false,"required":false,"index":false},{"name":"username","description":"Binary owner username","type":"text","hidden":false,"required":false,"index":false},{"name":"groupname","description":"Binary owner group","type":"text","hidden":false,"required":false,"index":false},{"name":"permissions","description":"Binary permissions","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"syslog_events","description":"","platforms":["linux"],"columns":[{"name":"time","description":"Current unix epoch time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"datetime","description":"Time known to syslog","type":"text","hidden":false,"required":false,"index":false},{"name":"host","description":"Hostname configured for syslog","type":"text","hidden":false,"required":false,"index":false},{"name":"severity","description":"Syslog severity","type":"integer","hidden":false,"required":false,"index":false},{"name":"facility","description":"Syslog facility","type":"text","hidden":false,"required":false,"index":false},{"name":"tag","description":"The syslog tag","type":"text","hidden":false,"required":false,"index":false},{"name":"message","description":"The syslog message","type":"text","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"system_controls","description":"sysctl names, values, and settings information.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Full sysctl MIB name","type":"text","hidden":false,"required":false,"index":false},{"name":"oid","description":"Control MIB","type":"text","hidden":false,"required":false,"index":false},{"name":"subsystem","description":"Subsystem ID, control type","type":"text","hidden":false,"required":false,"index":false},{"name":"current_value","description":"Value of setting","type":"text","hidden":false,"required":false,"index":false},{"name":"config_value","description":"The MIB value set in /etc/sysctl.conf","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Data type","type":"text","hidden":false,"required":false,"index":false},{"name":"field_name","description":"Specific attribute of opaque type","type":"text","hidden":false,"required":false,"index":false}]},{"name":"system_extensions","description":"macOS (>= 10.15) system extension table.","platforms":["darwin"],"columns":[{"name":"path","description":"Original path of system extension","type":"text","hidden":false,"required":false,"index":false},{"name":"UUID","description":"Extension unique id","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"System extension state","type":"text","hidden":false,"required":false,"index":false},{"name":"identifier","description":"Identifier name","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"System extension version","type":"text","hidden":false,"required":false,"index":false},{"name":"category","description":"System extension category","type":"text","hidden":false,"required":false,"index":false},{"name":"bundle_path","description":"System extension bundle path","type":"text","hidden":false,"required":false,"index":false},{"name":"team","description":"Signing team ID","type":"text","hidden":false,"required":false,"index":false},{"name":"mdm_managed","description":"1 if managed by MDM system extension payload configuration, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"system_info","description":"System information for identification.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"hostname","description":"Network hostname including domain","type":"text","hidden":false,"required":false,"index":false},{"name":"uuid","description":"Unique ID provided by the system","type":"text","hidden":false,"required":false,"index":false},{"name":"cpu_type","description":"CPU type","type":"text","hidden":false,"required":false,"index":false},{"name":"cpu_subtype","description":"CPU subtype","type":"text","hidden":false,"required":false,"index":false},{"name":"cpu_brand","description":"CPU brand string, contains vendor and model","type":"text","hidden":false,"required":false,"index":false},{"name":"cpu_physical_cores","description":"Number of physical CPU cores in to the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_logical_cores","description":"Number of logical CPU cores available to the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"cpu_microcode","description":"Microcode version","type":"text","hidden":false,"required":false,"index":false},{"name":"physical_memory","description":"Total physical memory in bytes","type":"bigint","hidden":false,"required":false,"index":false},{"name":"hardware_vendor","description":"Hardware vendor","type":"text","hidden":false,"required":false,"index":false},{"name":"hardware_model","description":"Hardware model","type":"text","hidden":false,"required":false,"index":false},{"name":"hardware_version","description":"Hardware version","type":"text","hidden":false,"required":false,"index":false},{"name":"hardware_serial","description":"Device serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"board_vendor","description":"Board vendor","type":"text","hidden":false,"required":false,"index":false},{"name":"board_model","description":"Board model","type":"text","hidden":false,"required":false,"index":false},{"name":"board_version","description":"Board version","type":"text","hidden":false,"required":false,"index":false},{"name":"board_serial","description":"Board serial number","type":"text","hidden":false,"required":false,"index":false},{"name":"computer_name","description":"Friendly computer name (optional)","type":"text","hidden":false,"required":false,"index":false},{"name":"local_hostname","description":"Local hostname (optional)","type":"text","hidden":false,"required":false,"index":false}]},{"name":"systemd_units","description":"Track systemd units.","platforms":["linux"],"columns":[{"name":"id","description":"Unique unit identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Unit description","type":"text","hidden":false,"required":false,"index":false},{"name":"load_state","description":"Reflects whether the unit definition was properly loaded","type":"text","hidden":false,"required":false,"index":false},{"name":"active_state","description":"The high-level unit activation state, i.e. generalization of SUB","type":"text","hidden":false,"required":false,"index":false},{"name":"sub_state","description":"The low-level unit activation state, values depend on unit type","type":"text","hidden":false,"required":false,"index":false},{"name":"following","description":"The name of another unit that this unit follows in state","type":"text","hidden":false,"required":false,"index":false},{"name":"object_path","description":"The object path for this unit","type":"text","hidden":false,"required":false,"index":false},{"name":"job_id","description":"Next queued job id","type":"bigint","hidden":false,"required":false,"index":false},{"name":"job_type","description":"Job type","type":"text","hidden":false,"required":false,"index":false},{"name":"job_path","description":"The object path for the job","type":"text","hidden":false,"required":false,"index":false},{"name":"fragment_path","description":"The unit file path this unit was read from, if there is any","type":"text","hidden":false,"required":false,"index":false},{"name":"user","description":"The configured user, if any","type":"text","hidden":false,"required":false,"index":false},{"name":"source_path","description":"Path to the (possibly generated) unit configuration file","type":"text","hidden":false,"required":false,"index":false}]},{"name":"temperature_sensors","description":"Machine's temperature sensors.","platforms":["darwin"],"columns":[{"name":"key","description":"The SMC key on OS X","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of temperature source","type":"text","hidden":false,"required":false,"index":false},{"name":"celsius","description":"Temperature in Celsius","type":"double","hidden":false,"required":false,"index":false},{"name":"fahrenheit","description":"Temperature in Fahrenheit","type":"double","hidden":false,"required":false,"index":false}]},{"name":"time","description":"Track current date and time in the system.","platforms":["darwin","linux","freebsd","windows"],"columns":[{"name":"weekday","description":"Current weekday in the system","type":"text","hidden":false,"required":false,"index":false},{"name":"year","description":"Current year in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"month","description":"Current month in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"day","description":"Current day in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"hour","description":"Current hour in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"minutes","description":"Current minutes in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"seconds","description":"Current seconds in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"timezone","description":"Current timezone in the system","type":"text","hidden":false,"required":false,"index":false},{"name":"local_time","description":"Current local UNIX time in the system","type":"integer","hidden":false,"required":false,"index":false},{"name":"local_timezone","description":"Current local timezone in the system","type":"text","hidden":false,"required":false,"index":false},{"name":"unix_time","description":"Current UNIX time in the system, converted to UTC if --utc enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"timestamp","description":"Current timestamp (log format) in the system","type":"text","hidden":false,"required":false,"index":false},{"name":"datetime","description":"Current date and time (ISO format) in the system","type":"text","hidden":false,"required":false,"index":false},{"name":"iso_8601","description":"Current time (ISO format) in the system","type":"text","hidden":false,"required":false,"index":false},{"name":"win_timestamp","description":"Timestamp value in 100 nanosecond units.","type":"bigint","hidden":true,"required":false,"index":false}]},{"name":"time_machine_backups","description":"Backups to drives using TimeMachine.","platforms":["darwin"],"columns":[{"name":"destination_id","description":"Time Machine destination ID","type":"text","hidden":false,"required":false,"index":false},{"name":"backup_date","description":"Backup Date","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"time_machine_destinations","description":"Locations backed up to using Time Machine.","platforms":["darwin"],"columns":[{"name":"alias","description":"Human readable name of drive","type":"text","hidden":false,"required":false,"index":false},{"name":"destination_id","description":"Time Machine destination ID","type":"text","hidden":false,"required":false,"index":false},{"name":"consistency_scan_date","description":"Consistency scan date","type":"integer","hidden":false,"required":false,"index":false},{"name":"root_volume_uuid","description":"Root UUID of backup volume","type":"text","hidden":false,"required":false,"index":false},{"name":"bytes_available","description":"Bytes available on volume","type":"integer","hidden":false,"required":false,"index":false},{"name":"bytes_used","description":"Bytes used on volume","type":"integer","hidden":false,"required":false,"index":false},{"name":"encryption","description":"Last known encrypted state","type":"text","hidden":false,"required":false,"index":false}]},{"name":"tpm_info","description":"A table that lists the TPM related information.","platforms":["windows"],"columns":[{"name":"activated","description":"TPM is activated","type":"integer","hidden":false,"required":false,"index":false},{"name":"enabled","description":"TPM is enabled","type":"integer","hidden":false,"required":false,"index":false},{"name":"owned","description":"TPM is ownned","type":"integer","hidden":false,"required":false,"index":false},{"name":"manufacturer_version","description":"TPM version","type":"text","hidden":false,"required":false,"index":false},{"name":"manufacturer_id","description":"TPM manufacturers ID","type":"integer","hidden":false,"required":false,"index":false},{"name":"manufacturer_name","description":"TPM manufacturers name","type":"text","hidden":false,"required":false,"index":false},{"name":"product_name","description":"Product name of the TPM","type":"text","hidden":false,"required":false,"index":false},{"name":"physical_presence_version","description":"Version of the Physical Presence Interface","type":"text","hidden":false,"required":false,"index":false},{"name":"spec_version","description":"Trusted Computing Group specification that the TPM supports","type":"text","hidden":false,"required":false,"index":false}]},{"name":"ulimit_info","description":"System resource usage limits.","platforms":["darwin","linux"],"columns":[{"name":"type","description":"System resource to be limited","type":"text","hidden":false,"required":false,"index":false},{"name":"soft_limit","description":"Current limit value","type":"text","hidden":false,"required":false,"index":false},{"name":"hard_limit","description":"Maximum limit value","type":"text","hidden":false,"required":false,"index":false}]},{"name":"uptime","description":"Track time passed since last boot. Some systems track this as calendar time, some as runtime.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"days","description":"Days of uptime","type":"integer","hidden":false,"required":false,"index":false},{"name":"hours","description":"Hours of uptime","type":"integer","hidden":false,"required":false,"index":false},{"name":"minutes","description":"Minutes of uptime","type":"integer","hidden":false,"required":false,"index":false},{"name":"seconds","description":"Seconds of uptime","type":"integer","hidden":false,"required":false,"index":false},{"name":"total_seconds","description":"Total uptime seconds","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"usb_devices","description":"USB devices that are actively plugged into the host system.","platforms":["darwin","linux"],"columns":[{"name":"usb_address","description":"USB Device used address","type":"integer","hidden":false,"required":false,"index":false},{"name":"usb_port","description":"USB Device used port","type":"integer","hidden":false,"required":false,"index":false},{"name":"vendor","description":"USB Device vendor string","type":"text","hidden":false,"required":false,"index":false},{"name":"vendor_id","description":"Hex encoded USB Device vendor identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"version","description":"USB Device version number","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"USB Device model string","type":"text","hidden":false,"required":false,"index":false},{"name":"model_id","description":"Hex encoded USB Device model identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"serial","description":"USB Device serial connection","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"USB Device class","type":"text","hidden":false,"required":false,"index":false},{"name":"subclass","description":"USB Device subclass","type":"text","hidden":false,"required":false,"index":false},{"name":"protocol","description":"USB Device protocol","type":"text","hidden":false,"required":false,"index":false},{"name":"removable","description":"1 If USB device is removable else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"user_events","description":"Track user events from the audit framework.","platforms":["darwin","linux"],"columns":[{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"auid","description":"Audit User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process (or thread) ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"message","description":"Message from the event","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"The file description for the process socket","type":"integer","hidden":false,"required":false,"index":false},{"name":"path","description":"Supplied path from event","type":"text","hidden":false,"required":false,"index":false},{"name":"address","description":"The Internet protocol address or family ID","type":"text","hidden":false,"required":false,"index":false},{"name":"terminal","description":"The network protocol ID","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of execution in UNIX time","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uptime","description":"Time of execution in system uptime","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"user_groups","description":"Local system user group relationships.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"user_interaction_events","description":"Track user interaction events from macOS' event tapping framework.","platforms":["darwin"],"columns":[{"name":"time","description":"Time","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"user_ssh_keys","description":"Returns the private keys in the users ~/.ssh directory and whether or not they are encrypted.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"uid","description":"The local user that owns the key file","type":"bigint","hidden":false,"required":false,"index":false},{"name":"path","description":"Path to key file","type":"text","hidden":false,"required":false,"index":false},{"name":"encrypted","description":"1 if key is encrypted, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"key_type","description":"The type of the private key. One of [rsa, dsa, dh, ec, hmac, cmac], or the empty string.","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"userassist","description":"UserAssist Registry Key tracks when a user executes an application from Windows Explorer.","platforms":["windows"],"columns":[{"name":"path","description":"Application file path.","type":"text","hidden":false,"required":false,"index":false},{"name":"last_execution_time","description":"Most recent time application was executed.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"count","description":"Number of times the application has been executed.","type":"integer","hidden":false,"required":false,"index":false},{"name":"sid","description":"User SID.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"users","description":"Local user accounts (including domain accounts that have logged on locally (Windows)).","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"uid","description":"User ID","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid","description":"Group ID (unsigned)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uid_signed","description":"User ID as int64 signed (Apple)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"gid_signed","description":"Default group ID as int64 signed (Apple)","type":"bigint","hidden":false,"required":false,"index":false},{"name":"username","description":"Username","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Optional user description","type":"text","hidden":false,"required":false,"index":false},{"name":"directory","description":"User's home directory","type":"text","hidden":false,"required":false,"index":false},{"name":"shell","description":"User's configured default shell","type":"text","hidden":false,"required":false,"index":false},{"name":"uuid","description":"User's UUID (Apple) or SID (Windows)","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Whether the account is roaming (domain), local, or a system profile","type":"text","hidden":true,"required":false,"index":false},{"name":"is_hidden","description":"IsHidden attribute set in OpenDirectory","type":"integer","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false}]},{"name":"video_info","description":"Retrieve video card information of the machine.","platforms":["windows"],"columns":[{"name":"color_depth","description":"The amount of bits per pixel to represent color.","type":"integer","hidden":false,"required":false,"index":false},{"name":"driver","description":"The driver of the device.","type":"text","hidden":false,"required":false,"index":false},{"name":"driver_date","description":"The date listed on the installed driver.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"driver_version","description":"The version of the installed driver.","type":"text","hidden":false,"required":false,"index":false},{"name":"manufacturer","description":"The manufacturer of the gpu.","type":"text","hidden":false,"required":false,"index":false},{"name":"model","description":"The model of the gpu.","type":"text","hidden":false,"required":false,"index":false},{"name":"series","description":"The series of the gpu.","type":"text","hidden":false,"required":false,"index":false},{"name":"video_mode","description":"The current resolution of the display.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"virtual_memory_info","description":"Darwin Virtual Memory statistics.","platforms":["darwin"],"columns":[{"name":"free","description":"Total number of free pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"active","description":"Total number of active pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"inactive","description":"Total number of inactive pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"speculative","description":"Total number of speculative pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"throttled","description":"Total number of throttled pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"wired","description":"Total number of wired down pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"purgeable","description":"Total number of purgeable pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"faults","description":"Total number of calls to vm_faults.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"copy","description":"Total number of copy-on-write pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"zero_fill","description":"Total number of zero filled pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"reactivated","description":"Total number of reactivated pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"purged","description":"Total number of purged pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"file_backed","description":"Total number of file backed pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"anonymous","description":"Total number of anonymous pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"uncompressed","description":"Total number of uncompressed pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"compressor","description":"The number of pages used to store compressed VM pages.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"decompressed","description":"The total number of pages that have been decompressed by the VM compressor.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"compressed","description":"The total number of pages that have been compressed by the VM compressor.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"page_ins","description":"The total number of requests for pages from a pager.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"page_outs","description":"Total number of pages paged out.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"swap_ins","description":"The total number of compressed pages that have been swapped out to disk.","type":"bigint","hidden":false,"required":false,"index":false},{"name":"swap_outs","description":"The total number of compressed pages that have been swapped back in from disk.","type":"bigint","hidden":false,"required":false,"index":false}]},{"name":"wifi_networks","description":"OS X known/remembered Wi-Fi networks list.","platforms":["darwin"],"columns":[{"name":"ssid","description":"SSID octets of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"network_name","description":"Name of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"security_type","description":"Type of security on this network","type":"text","hidden":false,"required":false,"index":false},{"name":"last_connected","description":"Last time this netword was connected to as a unix_time","type":"integer","hidden":false,"required":false,"index":false},{"name":"passpoint","description":"1 if Passpoint is supported, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"possibly_hidden","description":"1 if network is possibly a hidden network, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"roaming","description":"1 if roaming is supported, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"roaming_profile","description":"Describe the roaming profile, usually one of Single, Dual or Multi","type":"text","hidden":false,"required":false,"index":false},{"name":"captive_portal","description":"1 if this network has a captive portal, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"auto_login","description":"1 if auto login is enabled, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"temporarily_disabled","description":"1 if this network is temporarily disabled, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false},{"name":"disabled","description":"1 if this network is disabled, 0 otherwise","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"wifi_status","description":"OS X current WiFi status.","platforms":["darwin"],"columns":[{"name":"interface","description":"Name of the interface","type":"text","hidden":false,"required":false,"index":false},{"name":"ssid","description":"SSID octets of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"bssid","description":"The current basic service set identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"network_name","description":"Name of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"country_code","description":"The country code (ISO/IEC 3166-1:1997) for the network","type":"text","hidden":false,"required":false,"index":false},{"name":"security_type","description":"Type of security on this network","type":"text","hidden":false,"required":false,"index":false},{"name":"rssi","description":"The current received signal strength indication (dbm)","type":"integer","hidden":false,"required":false,"index":false},{"name":"noise","description":"The current noise measurement (dBm)","type":"integer","hidden":false,"required":false,"index":false},{"name":"channel","description":"Channel number","type":"integer","hidden":false,"required":false,"index":false},{"name":"channel_width","description":"Channel width","type":"integer","hidden":false,"required":false,"index":false},{"name":"channel_band","description":"Channel band","type":"integer","hidden":false,"required":false,"index":false},{"name":"transmit_rate","description":"The current transmit rate","type":"text","hidden":false,"required":false,"index":false},{"name":"mode","description":"The current operating mode for the Wi-Fi interface","type":"text","hidden":false,"required":false,"index":false}]},{"name":"wifi_survey","description":"Scan for nearby WiFi networks.","platforms":["darwin"],"columns":[{"name":"interface","description":"Name of the interface","type":"text","hidden":false,"required":false,"index":false},{"name":"ssid","description":"SSID octets of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"bssid","description":"The current basic service set identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"network_name","description":"Name of the network","type":"text","hidden":false,"required":false,"index":false},{"name":"country_code","description":"The country code (ISO/IEC 3166-1:1997) for the network","type":"text","hidden":false,"required":false,"index":false},{"name":"rssi","description":"The current received signal strength indication (dbm)","type":"integer","hidden":false,"required":false,"index":false},{"name":"noise","description":"The current noise measurement (dBm)","type":"integer","hidden":false,"required":false,"index":false},{"name":"channel","description":"Channel number","type":"integer","hidden":false,"required":false,"index":false},{"name":"channel_width","description":"Channel width","type":"integer","hidden":false,"required":false,"index":false},{"name":"channel_band","description":"Channel band","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"winbaseobj","description":"Lists named Windows objects in the default object directories, across all terminal services sessions. Example Windows ojbect types include Mutexes, Events, Jobs and Semaphors.","platforms":["windows"],"columns":[{"name":"session_id","description":"Terminal Services Session Id","type":"integer","hidden":false,"required":false,"index":false},{"name":"object_name","description":"Object Name","type":"text","hidden":false,"required":false,"index":false},{"name":"object_type","description":"Object Type","type":"text","hidden":false,"required":false,"index":false}]},{"name":"windows_crashes","description":"Extracted information from Windows crash logs (Minidumps).","platforms":["windows"],"columns":[{"name":"datetime","description":"Timestamp (log format) of the crash","type":"text","hidden":false,"required":false,"index":false},{"name":"module","description":"Path of the crashed module within the process","type":"text","hidden":false,"required":false,"index":false},{"name":"path","description":"Path of the executable file for the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID of the crashed process","type":"bigint","hidden":false,"required":false,"index":false},{"name":"tid","description":"Thread ID of the crashed thread","type":"bigint","hidden":false,"required":false,"index":false},{"name":"version","description":"File version info of the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"process_uptime","description":"Uptime of the process in seconds","type":"bigint","hidden":false,"required":false,"index":false},{"name":"stack_trace","description":"Multiple stack frames from the stack trace","type":"text","hidden":false,"required":false,"index":false},{"name":"exception_code","description":"The Windows exception code","type":"text","hidden":false,"required":false,"index":false},{"name":"exception_message","description":"The NTSTATUS error message associated with the exception code","type":"text","hidden":false,"required":false,"index":false},{"name":"exception_address","description":"Address (in hex) where the exception occurred","type":"text","hidden":false,"required":false,"index":false},{"name":"registers","description":"The values of the system registers","type":"text","hidden":false,"required":false,"index":false},{"name":"command_line","description":"Command-line string passed to the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"current_directory","description":"Current working directory of the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"username","description":"Username of the user who ran the crashed process","type":"text","hidden":false,"required":false,"index":false},{"name":"machine_name","description":"Name of the machine where the crash happened","type":"text","hidden":false,"required":false,"index":false},{"name":"major_version","description":"Windows major version of the machine","type":"integer","hidden":false,"required":false,"index":false},{"name":"minor_version","description":"Windows minor version of the machine","type":"integer","hidden":false,"required":false,"index":false},{"name":"build_number","description":"Windows build number of the crashing machine","type":"integer","hidden":false,"required":false,"index":false},{"name":"type","description":"Type of crash log","type":"text","hidden":false,"required":false,"index":false},{"name":"crash_path","description":"Path of the log file","type":"text","hidden":false,"required":false,"index":false}]},{"name":"windows_eventlog","description":"Table for querying all recorded Windows event logs.","platforms":["windows"],"columns":[{"name":"channel","description":"Source or channel of the event","type":"text","hidden":false,"required":true,"index":false},{"name":"datetime","description":"System time at which the event occurred","type":"text","hidden":false,"required":false,"index":false},{"name":"task","description":"Task value associated with the event","type":"integer","hidden":false,"required":false,"index":false},{"name":"level","description":"Severity level associated with the event","type":"integer","hidden":false,"required":false,"index":false},{"name":"provider_name","description":"Provider name of the event","type":"text","hidden":false,"required":false,"index":false},{"name":"provider_guid","description":"Provider guid of the event","type":"text","hidden":false,"required":false,"index":false},{"name":"computer_name","description":"Hostname of system where event was generated","type":"text","hidden":false,"required":false,"index":false},{"name":"eventid","description":"Event ID of the event","type":"integer","hidden":false,"required":false,"index":false},{"name":"keywords","description":"A bitmask of the keywords defined in the event","type":"text","hidden":false,"required":false,"index":false},{"name":"data","description":"Data associated with the event","type":"text","hidden":false,"required":false,"index":false},{"name":"pid","description":"Process ID which emitted the event record","type":"integer","hidden":false,"required":false,"index":false},{"name":"tid","description":"Thread ID which emitted the event record","type":"integer","hidden":false,"required":false,"index":false},{"name":"time_range","description":"System time to selectively filter the events","type":"text","hidden":true,"required":false,"index":false},{"name":"timestamp","description":"Timestamp to selectively filter the events","type":"text","hidden":true,"required":false,"index":false},{"name":"xpath","description":"The custom query to filter events","type":"text","hidden":true,"required":true,"index":false}]},{"name":"windows_events","description":"Windows Event logs.","platforms":["windows"],"columns":[{"name":"time","description":"Timestamp the event was received","type":"bigint","hidden":false,"required":false,"index":false},{"name":"datetime","description":"System time at which the event occurred","type":"text","hidden":false,"required":false,"index":false},{"name":"source","description":"Source or channel of the event","type":"text","hidden":false,"required":false,"index":false},{"name":"provider_name","description":"Provider name of the event","type":"text","hidden":false,"required":false,"index":false},{"name":"provider_guid","description":"Provider guid of the event","type":"text","hidden":false,"required":false,"index":false},{"name":"computer_name","description":"Hostname of system where event was generated","type":"text","hidden":false,"required":false,"index":false},{"name":"eventid","description":"Event ID of the event","type":"integer","hidden":false,"required":false,"index":false},{"name":"task","description":"Task value associated with the event","type":"integer","hidden":false,"required":false,"index":false},{"name":"level","description":"The severity level associated with the event","type":"integer","hidden":false,"required":false,"index":false},{"name":"keywords","description":"A bitmask of the keywords defined in the event","type":"text","hidden":false,"required":false,"index":false},{"name":"data","description":"Data associated with the event","type":"text","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"windows_optional_features","description":"Lists names and installation states of windows features. Maps to Win32_OptionalFeature WMI class.","platforms":["windows"],"columns":[{"name":"name","description":"Name of the feature","type":"text","hidden":false,"required":false,"index":false},{"name":"caption","description":"Caption of feature in settings UI","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"Installation state value. 1 == Enabled, 2 == Disabled, 3 == Absent","type":"integer","hidden":false,"required":false,"index":false},{"name":"statename","description":"Installation state name. 'Enabled','Disabled','Absent'","type":"text","hidden":false,"required":false,"index":false}]},{"name":"windows_security_center","description":"The health status of Window Security features. Health values can be \"Good\", \"Poor\". \"Snoozed\", \"Not Monitored\", and \"Error\".","platforms":["windows"],"columns":[{"name":"firewall","description":"The health of the monitored Firewall (see windows_security_products)","type":"text","hidden":false,"required":false,"index":false},{"name":"autoupdate","description":"The health of the Windows Autoupdate feature","type":"text","hidden":false,"required":false,"index":false},{"name":"antivirus","description":"The health of the monitored Antivirus solution (see windows_security_products)","type":"text","hidden":false,"required":false,"index":false},{"name":"antispyware","description":"The health of the monitored Antispyware solution (see windows_security_products)","type":"text","hidden":false,"required":false,"index":false},{"name":"internet_settings","description":"The health of the Internet Settings","type":"text","hidden":false,"required":false,"index":false},{"name":"windows_security_center_service","description":"The health of the Windows Security Center Service","type":"text","hidden":false,"required":false,"index":false},{"name":"user_account_control","description":"The health of the User Account Control (UAC) capability in Windows","type":"text","hidden":false,"required":false,"index":false}]},{"name":"windows_security_products","description":"Enumeration of registered Windows security products.","platforms":["windows"],"columns":[{"name":"type","description":"Type of security product","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of product","type":"text","hidden":false,"required":false,"index":false},{"name":"state","description":"State of protection","type":"text","hidden":false,"required":false,"index":false},{"name":"state_timestamp","description":"Timestamp for the product state","type":"text","hidden":false,"required":false,"index":false},{"name":"remediation_path","description":"Remediation path","type":"text","hidden":false,"required":false,"index":false},{"name":"signatures_up_to_date","description":"1 if product signatures are up to date, else 0","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"wmi_bios_info","description":"Lists important information from the system bios.","platforms":["windows"],"columns":[{"name":"name","description":"Name of the Bios setting","type":"text","hidden":false,"required":false,"index":false},{"name":"value","description":"Value of the Bios setting","type":"text","hidden":false,"required":false,"index":false}]},{"name":"wmi_cli_event_consumers","description":"WMI CommandLineEventConsumer, which can be used for persistence on Windows. See https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent%20Asynchronous-And-Fileless-Backdoor-wp.pdf for more details.","platforms":["windows"],"columns":[{"name":"name","description":"Unique name of a consumer.","type":"text","hidden":false,"required":false,"index":false},{"name":"command_line_template","description":"Standard string template that specifies the process to be started. This property can be NULL, and the ExecutablePath property is used as the command line.","type":"text","hidden":false,"required":false,"index":false},{"name":"executable_path","description":"Module to execute. The string can specify the full path and file name of the module to execute, or it can specify a partial name. If a partial name is specified, the current drive and current directory are assumed.","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"The name of the class.","type":"text","hidden":false,"required":false,"index":false},{"name":"relative_path","description":"Relative path to the class or instance.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"wmi_event_filters","description":"Lists WMI event filters.","platforms":["windows"],"columns":[{"name":"name","description":"Unique identifier of an event filter.","type":"text","hidden":false,"required":false,"index":false},{"name":"query","description":"Windows Management Instrumentation Query Language (WQL) event query that specifies the set of events for consumer notification, and the specific conditions for notification.","type":"text","hidden":false,"required":false,"index":false},{"name":"query_language","description":"Query language that the query is written in.","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"The name of the class.","type":"text","hidden":false,"required":false,"index":false},{"name":"relative_path","description":"Relative path to the class or instance.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"wmi_filter_consumer_binding","description":"Lists the relationship between event consumers and filters.","platforms":["windows"],"columns":[{"name":"consumer","description":"Reference to an instance of __EventConsumer that represents the object path to a logical consumer, the recipient of an event.","type":"text","hidden":false,"required":false,"index":false},{"name":"filter","description":"Reference to an instance of __EventFilter that represents the object path to an event filter which is a query that specifies the type of event to be received.","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"The name of the class.","type":"text","hidden":false,"required":false,"index":false},{"name":"relative_path","description":"Relative path to the class or instance.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"wmi_script_event_consumers","description":"WMI ActiveScriptEventConsumer, which can be used for persistence on Windows. See https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent%20Asynchronous-And-Fileless-Backdoor-wp.pdf for more details.","platforms":["windows"],"columns":[{"name":"name","description":"Unique identifier for the event consumer. ","type":"text","hidden":false,"required":false,"index":false},{"name":"scripting_engine","description":"Name of the scripting engine to use, for example, 'VBScript'. This property cannot be NULL.","type":"text","hidden":false,"required":false,"index":false},{"name":"script_file_name","description":"Name of the file from which the script text is read, intended as an alternative to specifying the text of the script in the ScriptText property.","type":"text","hidden":false,"required":false,"index":false},{"name":"script_text","description":"Text of the script that is expressed in a language known to the scripting engine. This property must be NULL if the ScriptFileName property is not NULL.","type":"text","hidden":false,"required":false,"index":false},{"name":"class","description":"The name of the class.","type":"text","hidden":false,"required":false,"index":false},{"name":"relative_path","description":"Relative path to the class or instance.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"xprotect_entries","description":"Database of the machine's XProtect signatures.","platforms":["darwin"],"columns":[{"name":"name","description":"Description of XProtected malware","type":"text","hidden":false,"required":false,"index":false},{"name":"launch_type","description":"Launch services content type","type":"text","hidden":false,"required":false,"index":false},{"name":"identity","description":"XProtect identity (SHA1) of content","type":"text","hidden":false,"required":false,"index":false},{"name":"filename","description":"Use this file name to match","type":"text","hidden":false,"required":false,"index":false},{"name":"filetype","description":"Use this file type to match","type":"text","hidden":false,"required":false,"index":false},{"name":"optional","description":"Match any of the identities/patterns for this XProtect name","type":"integer","hidden":false,"required":false,"index":false},{"name":"uses_pattern","description":"Uses a match pattern instead of identity","type":"integer","hidden":false,"required":false,"index":false}]},{"name":"xprotect_meta","description":"Database of the machine's XProtect browser-related signatures.","platforms":["darwin"],"columns":[{"name":"identifier","description":"Browser plugin or extension identifier","type":"text","hidden":false,"required":false,"index":false},{"name":"type","description":"Either plugin or extension","type":"text","hidden":false,"required":false,"index":false},{"name":"developer_id","description":"Developer identity (SHA1) of extension","type":"text","hidden":false,"required":false,"index":false},{"name":"min_version","description":"The minimum allowed plugin version.","type":"text","hidden":false,"required":false,"index":false}]},{"name":"xprotect_reports","description":"Database of XProtect matches (if user generated/sent an XProtect report).","platforms":["darwin"],"columns":[{"name":"name","description":"Description of XProtected malware","type":"text","hidden":false,"required":false,"index":false},{"name":"user_action","description":"Action taken by user after prompted","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Quarantine alert time","type":"text","hidden":false,"required":false,"index":false}]},{"name":"yara","description":"Track YARA matches for files or PIDs.","platforms":["darwin","linux","windows"],"columns":[{"name":"path","description":"The path scanned","type":"text","hidden":false,"required":true,"index":false},{"name":"matches","description":"List of YARA matches","type":"text","hidden":false,"required":false,"index":false},{"name":"count","description":"Number of YARA matches","type":"integer","hidden":false,"required":false,"index":false},{"name":"sig_group","description":"Signature group used","type":"text","hidden":false,"required":false,"index":false},{"name":"sigfile","description":"Signature file used","type":"text","hidden":false,"required":false,"index":false},{"name":"sigrule","description":"Signature strings used","type":"text","hidden":true,"required":false,"index":false},{"name":"strings","description":"Matching strings","type":"text","hidden":false,"required":false,"index":false},{"name":"tags","description":"Matching tags","type":"text","hidden":false,"required":false,"index":false},{"name":"sigurl","description":"Signature url","type":"text","hidden":true,"required":false,"index":false}]},{"name":"yara_events","description":"Track YARA matches for files specified in configuration data.","platforms":["darwin","linux","windows"],"columns":[{"name":"target_path","description":"The path scanned","type":"text","hidden":false,"required":false,"index":false},{"name":"category","description":"The category of the file","type":"text","hidden":false,"required":false,"index":false},{"name":"action","description":"Change action (UPDATE, REMOVE, etc)","type":"text","hidden":false,"required":false,"index":false},{"name":"transaction_id","description":"ID used during bulk update","type":"bigint","hidden":false,"required":false,"index":false},{"name":"matches","description":"List of YARA matches","type":"text","hidden":false,"required":false,"index":false},{"name":"count","description":"Number of YARA matches","type":"integer","hidden":false,"required":false,"index":false},{"name":"strings","description":"Matching strings","type":"text","hidden":false,"required":false,"index":false},{"name":"tags","description":"Matching tags","type":"text","hidden":false,"required":false,"index":false},{"name":"time","description":"Time of the scan","type":"bigint","hidden":false,"required":false,"index":false},{"name":"eid","description":"Event ID","type":"text","hidden":true,"required":false,"index":false}]},{"name":"ycloud_instance_metadata","description":"Yandex.Cloud instance metadata.","platforms":["darwin","linux","windows","freebsd"],"columns":[{"name":"instance_id","description":"Unique identifier for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"folder_id","description":"Folder identifier for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"name","description":"Name of the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"description","description":"Description of the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"hostname","description":"Hostname of the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"zone","description":"Availability zone of the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"ssh_public_key","description":"SSH public key. Only available if supplied at instance launch time","type":"text","hidden":false,"required":false,"index":false},{"name":"serial_port_enabled","description":"Indicates if serial port is enabled for the VM","type":"text","hidden":false,"required":false,"index":false},{"name":"metadata_endpoint","description":"Endpoint used to fetch VM metadata","type":"text","hidden":false,"required":false,"index":false}]},{"name":"yum_sources","description":"Current list of Yum repositories or software channels.","platforms":["darwin","linux"],"columns":[{"name":"name","description":"Repository name","type":"text","hidden":false,"required":false,"index":false},{"name":"baseurl","description":"Repository base URL","type":"text","hidden":false,"required":false,"index":false},{"name":"enabled","description":"Whether the repository is used","type":"text","hidden":false,"required":false,"index":false},{"name":"gpgcheck","description":"Whether packages are GPG checked","type":"text","hidden":false,"required":false,"index":false},{"name":"gpgkey","description":"URL to GPG key","type":"text","hidden":false,"required":false,"index":false},{"name":"pid_with_namespace","description":"Pids that contain a namespace","type":"integer","hidden":true,"required":false,"index":false}]}] \ No newline at end of file diff --git a/x-pack/plugins/osquery/public/common/validations.ts b/x-pack/plugins/osquery/public/common/validations.ts index 7ab9de52e35ade6..09c43c16b12a3fb 100644 --- a/x-pack/plugins/osquery/public/common/validations.ts +++ b/x-pack/plugins/osquery/public/common/validations.ts @@ -11,7 +11,7 @@ import { ValidationFunc, fieldValidators } from '../shared_imports'; // eslint-disable-next-line @typescript-eslint/no-explicit-any export const queryFieldValidation: ValidationFunc = fieldValidators.emptyField( - i18n.translate('xpack.osquery.scheduledQueryGroup.queryFlyoutForm.emptyQueryError', { + i18n.translate('xpack.osquery.pack.queryFlyoutForm.emptyQueryError', { defaultMessage: 'Query is a required field', }) ); diff --git a/x-pack/plugins/osquery/public/components/app.tsx b/x-pack/plugins/osquery/public/components/app.tsx index 33fb6ac6a2adf28..ea1f9698795aacb 100644 --- a/x-pack/plugins/osquery/public/components/app.tsx +++ b/x-pack/plugins/osquery/public/components/app.tsx @@ -44,13 +44,10 @@ const OsqueryAppComponent = () => { defaultMessage="Live queries" /> - + { application: { getUrlForApp, navigateToApp }, } = useKibana().services; - const integrationHref = useMemo(() => { - return getUrlForApp(INTEGRATIONS_PLUGIN_ID, { - path: pagePathGetters.integration_details_overview({ - pkgkey: OSQUERY_INTEGRATION_NAME, - })[1], - }); - }, [getUrlForApp]); + const integrationHref = useMemo( + () => + getUrlForApp(INTEGRATIONS_PLUGIN_ID, { + path: pagePathGetters.integration_details_overview({ + pkgkey: OSQUERY_INTEGRATION_NAME, + })[1], + }), + [getUrlForApp] + ); const integrationClick = useCallback( (event) => { diff --git a/x-pack/plugins/osquery/public/components/manage_integration_link.tsx b/x-pack/plugins/osquery/public/components/manage_integration_link.tsx index 32779ded46c5082..208d8e3f281723d 100644 --- a/x-pack/plugins/osquery/public/components/manage_integration_link.tsx +++ b/x-pack/plugins/osquery/public/components/manage_integration_link.tsx @@ -11,40 +11,36 @@ import { EuiButtonEmpty, EuiFlexItem } from '@elastic/eui'; import { INTEGRATIONS_PLUGIN_ID } from '../../../fleet/common'; import { pagePathGetters } from '../../../fleet/public'; - import { useKibana, isModifiedEvent, isLeftClickEvent } from '../common/lib/kibana'; -import { useOsqueryIntegrationStatus } from '../common/hooks'; +import { OSQUERY_INTEGRATION_NAME } from '../../common'; const ManageIntegrationLinkComponent = () => { const { application: { getUrlForApp, navigateToApp }, } = useKibana().services; - const { data: osqueryIntegration } = useOsqueryIntegrationStatus(); - const integrationHref = useMemo(() => { - if (osqueryIntegration) { - return getUrlForApp(INTEGRATIONS_PLUGIN_ID, { + const integrationHref = useMemo( + () => + getUrlForApp(INTEGRATIONS_PLUGIN_ID, { path: pagePathGetters.integration_details_policies({ - pkgkey: `${osqueryIntegration.name}-${osqueryIntegration.version}`, + pkgkey: OSQUERY_INTEGRATION_NAME, })[1], - }); - } - }, [getUrlForApp, osqueryIntegration]); + }), + [getUrlForApp] + ); const integrationClick = useCallback( (event) => { if (!isModifiedEvent(event) && isLeftClickEvent(event)) { event.preventDefault(); - if (osqueryIntegration) { - return navigateToApp(INTEGRATIONS_PLUGIN_ID, { - path: pagePathGetters.integration_details_policies({ - pkgkey: `${osqueryIntegration.name}-${osqueryIntegration.version}`, - })[1], - }); - } + return navigateToApp(INTEGRATIONS_PLUGIN_ID, { + path: pagePathGetters.integration_details_policies({ + pkgkey: OSQUERY_INTEGRATION_NAME, + })[1], + }); } }, - [navigateToApp, osqueryIntegration] + [navigateToApp] ); return integrationHref ? ( diff --git a/x-pack/plugins/osquery/public/components/osquery_schema_link.tsx b/x-pack/plugins/osquery/public/components/osquery_schema_link.tsx index 2ce1b4d933f60bc..77af34b40587685 100644 --- a/x-pack/plugins/osquery/public/components/osquery_schema_link.tsx +++ b/x-pack/plugins/osquery/public/components/osquery_schema_link.tsx @@ -11,7 +11,7 @@ import React from 'react'; export const OsquerySchemaLink = React.memo(() => ( - + diff --git a/x-pack/plugins/osquery/public/editor/index.tsx b/x-pack/plugins/osquery/public/editor/index.tsx index 09e0ccbf7a45c2e..7d6823acec2cd3b 100644 --- a/x-pack/plugins/osquery/public/editor/index.tsx +++ b/x-pack/plugins/osquery/public/editor/index.tsx @@ -44,7 +44,7 @@ const OsqueryEditorComponent: React.FC = ({ defaultValue, on name="osquery_editor" setOptions={EDITOR_SET_OPTIONS} editorProps={EDITOR_PROPS} - height="150px" + height="100px" width="100%" /> ); diff --git a/x-pack/plugins/osquery/public/editor/osquery_highlight_rules.ts b/x-pack/plugins/osquery/public/editor/osquery_highlight_rules.ts index eda9401efd3a2ba..c14899b902e2e0b 100644 --- a/x-pack/plugins/osquery/public/editor/osquery_highlight_rules.ts +++ b/x-pack/plugins/osquery/public/editor/osquery_highlight_rules.ts @@ -108,6 +108,7 @@ const dataTypes = [ (ace as unknown as AceInterface).define( 'ace/mode/osquery_highlight_rules', ['require', 'exports', 'ace/mode/sql_highlight_rules'], + // eslint-disable-next-line prefer-arrow-callback function (acequire, exports) { 'use strict'; diff --git a/x-pack/plugins/osquery/public/editor/osquery_mode.ts b/x-pack/plugins/osquery/public/editor/osquery_mode.ts index d417d6b5137bff9..85da6fb0fa5c4aa 100644 --- a/x-pack/plugins/osquery/public/editor/osquery_mode.ts +++ b/x-pack/plugins/osquery/public/editor/osquery_mode.ts @@ -14,6 +14,7 @@ import './osquery_highlight_rules'; (ace as unknown as AceInterface).define( 'ace/mode/osquery', ['require', 'exports', 'ace/mode/sql', 'ace/mode/osquery_highlight_rules'], + // eslint-disable-next-line prefer-arrow-callback function (acequire, exports) { const TextMode = acequire('./sql').Mode; const OsqueryHighlightRules = acequire('./osquery_highlight_rules').OsqueryHighlightRules; diff --git a/x-pack/plugins/osquery/public/editor/osquery_tables.ts b/x-pack/plugins/osquery/public/editor/osquery_tables.ts index 584a70391f0f203..132040798461801 100644 --- a/x-pack/plugins/osquery/public/editor/osquery_tables.ts +++ b/x-pack/plugins/osquery/public/editor/osquery_tables.ts @@ -10,18 +10,14 @@ import { flatMap, sortBy } from 'lodash'; type TablesJSON = Array<{ name: string; }>; -export const normalizeTables = (tablesJSON: TablesJSON) => { - return sortBy(tablesJSON, (table) => { - return table.name; - }); -}; +export const normalizeTables = (tablesJSON: TablesJSON) => sortBy(tablesJSON, 'name'); let osqueryTables: TablesJSON | null = null; export const getOsqueryTables = () => { if (!osqueryTables) { // eslint-disable-next-line @typescript-eslint/no-var-requires - osqueryTables = normalizeTables(require('../common/schemas/osquery/v4.9.0.json')); + osqueryTables = normalizeTables(require('../common/schemas/osquery/v5.0.1.json')); } return osqueryTables; }; -export const getOsqueryTableNames = () => flatMap(getOsqueryTables(), (table) => table.name); +export const getOsqueryTableNames = () => flatMap(getOsqueryTables(), 'name'); diff --git a/x-pack/plugins/osquery/public/fleet_integration/navigation_buttons.tsx b/x-pack/plugins/osquery/public/fleet_integration/navigation_buttons.tsx index d8169c25ad929ce..b6a90541d26c676 100644 --- a/x-pack/plugins/osquery/public/fleet_integration/navigation_buttons.tsx +++ b/x-pack/plugins/osquery/public/fleet_integration/navigation_buttons.tsx @@ -51,20 +51,16 @@ const NavigationButtonsComponent: React.FC = ({ [agentPolicyId, navigateToApp] ); - const scheduleQueryGroupsHref = getUrlForApp(PLUGIN_ID, { - path: integrationPolicyId - ? `/scheduled_query_groups/${integrationPolicyId}/edit` - : `/scheduled_query_groups`, + const packsHref = getUrlForApp(PLUGIN_ID, { + path: integrationPolicyId ? `/packs/${integrationPolicyId}/edit` : `/packs`, }); - const scheduleQueryGroupsClick = useCallback( + const packsClick = useCallback( (event) => { if (!isModifiedEvent(event) && isLeftClickEvent(event)) { event.preventDefault(); navigateToApp(PLUGIN_ID, { - path: integrationPolicyId - ? `/scheduled_query_groups/${integrationPolicyId}/edit` - : `/scheduled_query_groups`, + path: integrationPolicyId ? `/packs/${integrationPolicyId}/edit` : `/packs`, }); } }, @@ -88,13 +84,13 @@ const NavigationButtonsComponent: React.FC = ({ } - title={i18n.translate('xpack.osquery.fleetIntegration.scheduleQueryGroupsButtonText', { - defaultMessage: 'Schedule query groups', + title={i18n.translate('xpack.osquery.fleetIntegration.packsButtonText', { + defaultMessage: 'Packs', })} description={''} isDisabled={isDisabled} - href={scheduleQueryGroupsHref} - onClick={scheduleQueryGroupsClick} + href={packsHref} + onClick={packsClick} /> diff --git a/x-pack/plugins/osquery/public/fleet_integration/osquery_managed_policy_create_import_extension.tsx b/x-pack/plugins/osquery/public/fleet_integration/osquery_managed_policy_create_import_extension.tsx index 4578c159e809e16..2eddb5d6e932a4e 100644 --- a/x-pack/plugins/osquery/public/fleet_integration/osquery_managed_policy_create_import_extension.tsx +++ b/x-pack/plugins/osquery/public/fleet_integration/osquery_managed_policy_create_import_extension.tsx @@ -5,29 +5,45 @@ * 2.0. */ -import { filter } from 'lodash/fp'; -import { EuiFlexGroup, EuiFlexItem, EuiSpacer, EuiCallOut, EuiLink } from '@elastic/eui'; +import { get, isEmpty, unset, set } from 'lodash'; +import { satisfies } from 'semver'; +import { + EuiFlexGroup, + EuiFlexItem, + EuiSpacer, + EuiCallOut, + EuiLink, + EuiAccordion, +} from '@elastic/eui'; import React, { useEffect, useMemo, useState } from 'react'; -import { useHistory, useLocation } from 'react-router-dom'; import { produce } from 'immer'; +import { i18n } from '@kbn/i18n'; +import useDebounce from 'react-use/lib/useDebounce'; +import styled from 'styled-components'; import { agentRouteService, agentPolicyRouteService, AgentPolicy, PLUGIN_ID, - NewPackagePolicy, } from '../../../fleet/common'; import { pagePathGetters, PackagePolicyCreateExtensionComponentProps, PackagePolicyEditExtensionComponentProps, } from '../../../fleet/public'; -import { ScheduledQueryGroupQueriesTable } from '../scheduled_query_groups/scheduled_query_group_queries_table'; import { useKibana } from '../common/lib/kibana'; import { NavigationButtons } from './navigation_buttons'; import { DisabledCallout } from './disabled_callout'; -import { OsqueryManagerPackagePolicy } from '../../common/types'; +import { Form, useForm, Field, getUseField, FIELD_TYPES, fieldValidators } from '../shared_imports'; + +const CommonUseField = getUseField({ component: Field }); + +const StyledEuiAccordion = styled(EuiAccordion)` + .euiAccordion__button { + color: ${({ theme }) => theme.eui.euiColorPrimary}; + } +`; /** * Exports Osquery-specific package policy instructions @@ -46,8 +62,32 @@ export const OsqueryManagedPolicyCreateImportExtension = React.memo< application: { getUrlForApp }, http, } = useKibana().services; - const { state: locationState } = useLocation(); - const { go } = useHistory(); + + const { form: configForm } = useForm({ + defaultValue: { + config: JSON.stringify(get(newPolicy, 'inputs[0].config.osquery.value', {}), null, 2), + }, + schema: { + config: { + label: i18n.translate('xpack.osquery.fleetIntegration.osqueryConfig.configFieldLabel', { + defaultMessage: 'Osquery config', + }), + type: FIELD_TYPES.JSON, + validations: [ + { + validator: fieldValidators.isJsonField( + i18n.translate('xpack.osquery.fleetIntegration.osqueryConfig.configFieldError', { + defaultMessage: 'Invalid JSON', + }), + { allowEmptyString: true } + ), + }, + ], + }, + }, + }); + + const { isValid, getFormData } = configForm; const agentsLinkHref = useMemo(() => { if (!policy?.policy_id) return '#'; @@ -60,6 +100,27 @@ export const OsqueryManagedPolicyCreateImportExtension = React.memo< }); }, [getUrlForApp, policy?.policy_id]); + useDebounce( + () => { + // if undefined it means that config was not modified + if (isValid === undefined) return; + const configData = getFormData().config; + + const updatedPolicy = produce(newPolicy, (draft) => { + if (isEmpty(configData)) { + unset(draft, 'inputs[0].config'); + } else { + set(draft, 'inputs[0].config.osquery.value', configData); + } + return draft; + }); + + onChange({ isValid: !!isValid, updatedPolicy: isValid ? updatedPolicy : newPolicy }); + }, + 500, + [isValid] + ); + useEffect(() => { if (editMode && policyAgentsCount === null) { const fetchAgentsCount = async () => { @@ -95,70 +156,44 @@ export const OsqueryManagedPolicyCreateImportExtension = React.memo< } }, [editMode, http, policy?.policy_id, policyAgentsCount]); - useEffect(() => { - /* - in order to enable Osquery side nav we need to refresh the whole Kibana - TODO: Find a better solution - */ - if (editMode && locationState?.forceRefresh) { - go(0); - } - }, [editMode, go, locationState]); - useEffect(() => { /* by default Fleet set up streams with an empty scheduled query, this code removes that, so the user can schedule queries in the next step */ - if (!editMode) { - const updatedPolicy = produce(newPolicy, (draft) => { - draft.inputs[0].streams = []; - return draft; - }); - onChange({ - isValid: true, - updatedPolicy, - }); + if (newPolicy?.package?.version) { + if (!editMode && satisfies(newPolicy?.package?.version, '<0.6.0')) { + const updatedPolicy = produce(newPolicy, (draft) => { + set(draft, 'inputs[0].streams', []); + }); + onChange({ + isValid: true, + updatedPolicy, + }); + } + + /* From 0.6.0 we don't provide an input template, so we have to set it here */ + if (satisfies(newPolicy?.package?.version, '>=0.6.0')) { + const updatedPolicy = produce(newPolicy, (draft) => { + if (!draft.inputs.length) { + set(draft, 'inputs[0]', { + type: 'osquery', + enabled: true, + streams: [], + policy_template: 'osquery_manager', + }); + } + }); + onChange({ + isValid: true, + updatedPolicy, + }); + } } // eslint-disable-next-line react-hooks/exhaustive-deps }, []); - // TODO: Find a better solution - // useEffect(() => { - // if (!editMode) { - // replace({ - // state: { - // onSaveNavigateTo: (newPackagePolicy) => [ - // INTEGRATIONS_PLUGIN_ID, - // { - // path: - // '#' + - // pagePathGetters.integration_policy_edit({ - // packagePolicyId: newPackagePolicy.id, - // })[1], - // state: { - // forceRefresh: true, - // }, - // }, - // ], - // } as CreatePackagePolicyRouteState, - // }); - // } - // }, [editMode, replace]); - - const scheduledQueryGroupTableData = useMemo(() => { - const policyWithoutEmptyQueries = produce( - newPolicy, - (draft) => { - draft.inputs[0].streams = filter(['compiled_stream.id', null], draft.inputs[0].streams); - return draft; - } - ); - - return policyWithoutEmptyQueries; - }, [newPolicy]); - return ( <> {!editMode ? : null} @@ -191,18 +226,20 @@ export const OsqueryManagedPolicyCreateImportExtension = React.memo< agentPolicyId={policy?.policy_id} /> - - - {editMode && scheduledQueryGroupTableData.inputs[0].streams.length ? ( - - - - - - ) : null} + + +
+ + +
); }); diff --git a/x-pack/plugins/osquery/public/live_queries/form/index.tsx b/x-pack/plugins/osquery/public/live_queries/form/index.tsx index 4e569d4cf58d81f..86323b7ab431504 100644 --- a/x-pack/plugins/osquery/public/live_queries/form/index.tsx +++ b/x-pack/plugins/osquery/public/live_queries/form/index.tsx @@ -12,14 +12,18 @@ import { EuiSpacer, EuiFlexGroup, EuiFlexItem, + EuiAccordion, + EuiAccordionProps, } from '@elastic/eui'; import { EuiContainedStepProps } from '@elastic/eui/src/components/steps/steps'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import React, { useCallback, useEffect, useMemo, useState } from 'react'; +import React, { useCallback, useEffect, useMemo, useState, useRef } from 'react'; import { useMutation } from 'react-query'; import deepMerge from 'deepmerge'; +import styled from 'styled-components'; +import { pickBy, isEmpty } from 'lodash'; import { UseField, Form, FormData, useForm, useFormData, FIELD_TYPES } from '../../shared_imports'; import { AgentsTableField } from './agents_table_field'; import { LiveQueryQueryField } from './live_query_query_field'; @@ -29,26 +33,51 @@ import { queryFieldValidation } from '../../common/validations'; import { fieldValidators } from '../../shared_imports'; import { SavedQueryFlyout } from '../../saved_queries'; import { useErrorToast } from '../../common/hooks/use_error_toast'; +import { + ECSMappingEditorField, + ECSMappingEditorFieldRef, +} from '../../packs/queries/lazy_ecs_mapping_editor_field'; +import { SavedQueriesDropdown } from '../../saved_queries/saved_queries_dropdown'; const FORM_ID = 'liveQueryForm'; +const StyledEuiAccordion = styled(EuiAccordion)` + ${({ isDisabled }: { isDisabled: boolean }) => isDisabled && 'display: none;'} + .euiAccordion__button { + color: ${({ theme }) => theme.eui.euiColorPrimary}; + } +`; + export const MAX_QUERY_LENGTH = 2000; const GhostFormField = () => <>; +type FormType = 'simple' | 'steps'; + interface LiveQueryFormProps { defaultValue?: Partial | undefined; onSuccess?: () => void; - singleAgentMode?: boolean; + agentsField?: boolean; + queryField?: boolean; + ecsMappingField?: boolean; + formType?: FormType; + enabled?: boolean; } const LiveQueryFormComponent: React.FC = ({ defaultValue, onSuccess, - singleAgentMode, + agentsField = true, + queryField = true, + ecsMappingField = true, + formType = 'steps', + enabled = true, }) => { + const ecsFieldRef = useRef(); const permissions = useKibana().services.application.capabilities.osquery; const { http } = useKibana().services; + const [advancedContentState, setAdvancedContentState] = + useState('closed'); const [showSavedQueryFlyout, setShowSavedQueryFlyout] = useState(false); const setErrorToast = useErrorToast(); @@ -74,6 +103,20 @@ const LiveQueryFormComponent: React.FC = ({ ); const formSchema = { + agentSelection: { + defaultValue: { + agents: [], + allAgentsSelected: false, + platformsSelected: [], + policiesSelected: [], + }, + type: FIELD_TYPES.JSON, + validations: [], + }, + savedQueryId: { + type: FIELD_TYPES.TEXT, + validations: [], + }, query: { type: FIELD_TYPES.TEXT, validations: [ @@ -89,17 +132,41 @@ const LiveQueryFormComponent: React.FC = ({ { validator: queryFieldValidation }, ], }, + ecs_mapping: { + defaultValue: {}, + type: FIELD_TYPES.JSON, + validations: [], + }, + hidden: { + defaultValue: false, + type: FIELD_TYPES.TOGGLE, + validations: [], + }, }; const { form } = useForm({ id: FORM_ID, schema: formSchema, - onSubmit: (payload) => { - return mutateAsync(payload); + onSubmit: async (formData, isValid) => { + const ecsFieldValue = await ecsFieldRef?.current?.validate(); + + if (isValid) { + try { + await mutateAsync({ + ...formData, + ...(isEmpty(ecsFieldValue) ? {} : { ecs_mapping: ecsFieldValue }), + }); + // eslint-disable-next-line no-empty + } catch (e) {} + } }, options: { stripEmptyFields: false, }, + serializer: ({ savedQueryId, hidden, ...formData }) => ({ + ...pickBy({ ...formData, saved_query_id: savedQueryId }), + ...(hidden != null && hidden ? { hidden } : {}), + }), defaultValue: deepMerge( { agentSelection: { @@ -109,6 +176,8 @@ const LiveQueryFormComponent: React.FC = ({ policiesSelected: [], }, query: '', + savedQueryId: null, + hidden: false, }, defaultValue ?? {} ), @@ -118,7 +187,11 @@ const LiveQueryFormComponent: React.FC = ({ const actionId = useMemo(() => data?.actions[0].action_id, [data?.actions]); const agentIds = useMemo(() => data?.actions[0].agents, [data?.actions]); - const [{ agentSelection, query }] = useFormData({ form, watch: ['agentSelection', 'query'] }); + // eslint-disable-next-line @typescript-eslint/naming-convention + const [{ agentSelection, ecs_mapping, query, savedQueryId }] = useFormData({ + form, + watch: ['agentSelection', 'ecs_mapping', 'query', 'savedQueryId'], + }); const agentSelected = useMemo( () => @@ -148,6 +221,22 @@ const LiveQueryFormComponent: React.FC = ({ [queryStatus] ); + const handleSavedQueryChange = useCallback( + (savedQuery) => { + if (savedQuery) { + setFieldValue('query', savedQuery.query); + setFieldValue('savedQueryId', savedQuery.savedQueryId); + if (!isEmpty(savedQuery.ecs_mapping)) { + setFieldValue('ecs_mapping', savedQuery.ecs_mapping); + setAdvancedContentState('open'); + } + } else { + setFieldValue('savedQueryId', null); + } + }, + [setFieldValue] + ); + const queryComponentProps = useMemo( () => ({ disabled: queryStatus === 'disabled', @@ -155,19 +244,71 @@ const LiveQueryFormComponent: React.FC = ({ [queryStatus] ); - const flyoutFormDefaultValue = useMemo(() => ({ query }), [query]); + const flyoutFormDefaultValue = useMemo( + () => ({ savedQueryId, query, ecs_mapping }), + [savedQueryId, ecs_mapping, query] + ); + + const handleToggle = useCallback((isOpen) => { + const newState = isOpen ? 'open' : 'closed'; + setAdvancedContentState(newState); + }, []); + + const ecsFieldProps = useMemo( + () => ({ + isDisabled: !permissions.writeSavedQueries, + }), + [permissions.writeSavedQueries] + ); const queryFieldStepContent = useMemo( () => ( <> - + {queryField ? ( + <> + + + + + ) : ( + <> + + + + )} + {ecsMappingField ? ( + <> + + + + + + + ) : ( + + )} - {!singleAgentMode && ( + {formType === 'steps' && ( = ({ )} = ({ ), [ + queryField, queryComponentProps, - singleAgentMode, + permissions.runSavedQueries, permissions.writeSavedQueries, + handleSavedQueryChange, + ecsMappingField, + advancedContentState, + handleToggle, + query, + ecsFieldProps, + formType, agentSelected, queryValueProvided, resultsStatus, handleShowSaveQueryFlout, + enabled, isSubmitting, submit, ] @@ -247,15 +397,18 @@ const LiveQueryFormComponent: React.FC = ({ [agentSelected, queryFieldStepContent, queryStatus, resultsStepContent, resultsStatus] ); - const singleAgentForm = useMemo( + const simpleForm = useMemo( () => ( - + {queryFieldStepContent} {resultsStepContent} ), - [queryFieldStepContent, resultsStepContent] + [agentsField, queryFieldStepContent, resultsStepContent] ); useEffect(() => { @@ -265,11 +418,25 @@ const LiveQueryFormComponent: React.FC = ({ if (defaultValue?.query) { setFieldValue('query', defaultValue?.query); } + if (defaultValue?.hidden) { + setFieldValue('hidden', defaultValue?.hidden); + } + // TODO: Set query and ECS mapping from savedQueryId object + if (defaultValue?.savedQueryId) { + setFieldValue('savedQueryId', defaultValue?.savedQueryId); + } + if (!isEmpty(defaultValue?.ecs_mapping)) { + setFieldValue('ecs_mapping', defaultValue?.ecs_mapping); + } }, [defaultValue, setFieldValue]); return ( <> -
{singleAgentMode ? singleAgentForm : } +
+ {formType === 'steps' ? : simpleForm} + + + {showSavedQueryFlyout ? ( = ({ disa const permissions = useKibana().services.application.capabilities.osquery; const { value, setValue, errors } = field; const error = errors[0]?.message; - const savedQueriesDropdownRef = useRef(null); - - const handleSavedQueryChange = useCallback( - (savedQuery) => { - setValue(savedQuery?.query ?? ''); - }, - [setValue] - ); const handleEditorChange = useCallback( (newValue) => { - savedQueriesDropdownRef.current?.clearSelection(); setValue(newValue); }, [setValue] ); return ( - - <> - - - }> - {!permissions.writeLiveQueries || disabled ? ( - - {value} - - ) : ( - - )} - - + } + isDisabled={!permissions.writeLiveQueries || disabled} + > + {!permissions.writeLiveQueries || disabled ? ( + + {value} + + ) : ( + + )} ); }; diff --git a/x-pack/plugins/osquery/public/live_queries/index.tsx b/x-pack/plugins/osquery/public/live_queries/index.tsx index 8d87d59828ee37f..93459260a733389 100644 --- a/x-pack/plugins/osquery/public/live_queries/index.tsx +++ b/x-pack/plugins/osquery/public/live_queries/index.tsx @@ -5,6 +5,7 @@ * 2.0. */ +import { castArray } from 'lodash'; import { EuiCode, EuiLoadingContent, EuiEmptyPrompt } from '@elastic/eui'; import React, { useMemo } from 'react'; import { FormattedMessage } from '@kbn/i18n/react'; @@ -16,34 +17,53 @@ import { OsqueryIcon } from '../components/osquery_icon'; interface LiveQueryProps { agentId?: string; - agentPolicyId?: string; + agentIds?: string[]; + agentPolicyIds?: string[]; onSuccess?: () => void; query?: string; + savedQueryId?: string; + ecs_mapping?: unknown; + agentsField?: boolean; + queryField?: boolean; + ecsMappingField?: boolean; + enabled?: boolean; + formType?: 'steps' | 'simple'; } const LiveQueryComponent: React.FC = ({ agentId, - agentPolicyId, + agentIds, + agentPolicyIds, onSuccess, query, + savedQueryId, + // eslint-disable-next-line @typescript-eslint/naming-convention + ecs_mapping, + agentsField, + queryField, + ecsMappingField, + formType, + enabled, }) => { const { data: hasActionResultsPrivileges, isFetched } = useActionResultsPrivileges(); const defaultValue = useMemo(() => { - if (agentId || agentPolicyId || query) { + if (agentId || agentPolicyIds || query) { return { agentSelection: { allAgentsSelected: false, - agents: agentId ? [agentId] : [], + agents: castArray(agentId ?? agentIds ?? []), platformsSelected: [], - policiesSelected: agentPolicyId ? [agentPolicyId] : [], + policiesSelected: agentPolicyIds ?? [], }, query, + savedQueryId, + ecs_mapping, }; } return undefined; - }, [agentId, agentPolicyId, query]); + }, [agentId, agentIds, agentPolicyIds, ecs_mapping, query, savedQueryId]); if (!isFetched) { return ; @@ -80,7 +100,15 @@ const LiveQueryComponent: React.FC = ({ } return ( - + ); }; diff --git a/x-pack/plugins/osquery/public/packs/active_state_switch.tsx b/x-pack/plugins/osquery/public/packs/active_state_switch.tsx new file mode 100644 index 000000000000000..da1581f5f7bfe95 --- /dev/null +++ b/x-pack/plugins/osquery/public/packs/active_state_switch.tsx @@ -0,0 +1,120 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { EuiSwitch, EuiLoadingSpinner } from '@elastic/eui'; +import React, { useCallback, useMemo, useState } from 'react'; +import { useQueryClient } from 'react-query'; +import styled from 'styled-components'; +import { i18n } from '@kbn/i18n'; + +import { PackagePolicy } from '../../../fleet/common'; +import { useKibana } from '../common/lib/kibana'; +import { useAgentPolicies } from '../agent_policies/use_agent_policies'; +import { ConfirmDeployAgentPolicyModal } from './form/confirmation_modal'; +import { useErrorToast } from '../common/hooks/use_error_toast'; +import { useUpdatePack } from './use_update_pack'; + +const StyledEuiLoadingSpinner = styled(EuiLoadingSpinner)` + margin-right: ${({ theme }) => theme.eui.paddingSizes.s}; +`; + +interface ActiveStateSwitchProps { + disabled?: boolean; + item: PackagePolicy & { policy_ids: string[] }; +} + +const ActiveStateSwitchComponent: React.FC = ({ item }) => { + const queryClient = useQueryClient(); + const { + application: { + capabilities: { osquery: permissions }, + }, + notifications: { toasts }, + } = useKibana().services; + const setErrorToast = useErrorToast(); + const [confirmationModal, setConfirmationModal] = useState(false); + + const hideConfirmationModal = useCallback(() => setConfirmationModal(false), []); + + const { data } = useAgentPolicies(); + + const agentCount = useMemo( + () => + item.policy_ids.reduce( + (acc, policyId) => acc + (data?.agentPoliciesById[policyId]?.agents || 0), + 0 + ), + [data?.agentPoliciesById, item.policy_ids] + ); + + const { isLoading, mutateAsync } = useUpdatePack({ + options: { + // @ts-expect-error update types + onSuccess: (response) => { + queryClient.invalidateQueries('packList'); + setErrorToast(); + toasts.addSuccess( + response.attributes.enabled + ? i18n.translate('xpack.osquery.pack.table.activatedSuccessToastMessageText', { + defaultMessage: 'Successfully activated "{packName}" pack', + values: { + packName: response.attributes.name, + }, + }) + : i18n.translate('xpack.osquery.pack.table.deactivatedSuccessToastMessageText', { + defaultMessage: 'Successfully deactivated "{packName}" pack', + values: { + packName: response.attributes.name, + }, + }) + ); + }, + // @ts-expect-error update types + onError: (error) => { + setErrorToast(error, { title: error.body.error, toastMessage: error.body.message }); + }, + }, + }); + + const handleToggleActive = useCallback(() => { + // @ts-expect-error update types + mutateAsync({ id: item.id, enabled: !item.attributes.enabled }); + hideConfirmationModal(); + }, [hideConfirmationModal, item, mutateAsync]); + + const handleToggleActiveClick = useCallback(() => { + if (agentCount) { + return setConfirmationModal(true); + } + + handleToggleActive(); + }, [agentCount, handleToggleActive]); + + return ( + <> + {isLoading && } + + {confirmationModal && agentCount && ( + + )} + + ); +}; + +export const ActiveStateSwitch = React.memo(ActiveStateSwitchComponent); diff --git a/x-pack/plugins/osquery/public/packs/common/add_new_pack_query_flyout.tsx b/x-pack/plugins/osquery/public/packs/common/add_new_pack_query_flyout.tsx deleted file mode 100644 index 85578564b1eb2c1..000000000000000 --- a/x-pack/plugins/osquery/public/packs/common/add_new_pack_query_flyout.tsx +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { EuiFlyout, EuiFlyoutBody, EuiFlyoutHeader, EuiTitle } from '@elastic/eui'; -import React from 'react'; - -import { SavedQueryForm } from '../../saved_queries/form'; - -// @ts-expect-error update types -const AddNewPackQueryFlyoutComponent = ({ handleClose, handleSubmit }) => ( - - - -

{'Add new Saved Query'}

- - - - { - // @ts-expect-error update types - - } - - -); - -export const AddNewPackQueryFlyout = React.memo(AddNewPackQueryFlyoutComponent); diff --git a/x-pack/plugins/osquery/public/packs/common/add_pack_query.tsx b/x-pack/plugins/osquery/public/packs/common/add_pack_query.tsx deleted file mode 100644 index d1115898b4e403e..000000000000000 --- a/x-pack/plugins/osquery/public/packs/common/add_pack_query.tsx +++ /dev/null @@ -1,127 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* eslint-disable react-perf/jsx-no-new-object-as-prop */ - -import { EuiButton, EuiCodeBlock, EuiSpacer, EuiText, EuiLink, EuiPortal } from '@elastic/eui'; -import React, { useCallback, useMemo, useState } from 'react'; -import { useQuery, useMutation, useQueryClient } from 'react-query'; - -import { getUseField, useForm, Field, Form, FIELD_TYPES } from '../../shared_imports'; -import { useKibana } from '../../common/lib/kibana'; -import { AddNewPackQueryFlyout } from './add_new_pack_query_flyout'; - -const CommonUseField = getUseField({ component: Field }); - -// @ts-expect-error update types -const AddPackQueryFormComponent = ({ handleSubmit }) => { - const queryClient = useQueryClient(); - const [showAddQueryFlyout, setShowAddQueryFlyout] = useState(false); - - const { http } = useKibana().services; - const { data } = useQuery('savedQueryList', () => - http.get('/internal/osquery/saved_query', { - query: { - pageIndex: 0, - pageSize: 100, - sortField: 'updated_at', - sortDirection: 'desc', - }, - }) - ); - - const { form } = useForm({ - id: 'addPackQueryForm', - onSubmit: handleSubmit, - defaultValue: { - query: {}, - }, - schema: { - query: { - type: FIELD_TYPES.SUPER_SELECT, - label: 'Pick from Saved Queries', - }, - interval: { - type: FIELD_TYPES.NUMBER, - label: 'Interval in seconds', - }, - }, - }); - const { submit, isSubmitting } = form; - - const createSavedQueryMutation = useMutation( - (payload) => http.post(`/internal/osquery/saved_query`, { body: JSON.stringify(payload) }), - { - onSuccess: () => { - queryClient.invalidateQueries('savedQueryList'); - setShowAddQueryFlyout(false); - }, - } - ); - - const queryOptions = useMemo( - () => - // @ts-expect-error update types - data?.saved_objects.map((savedQuery) => ({ - value: { - id: savedQuery.id, - attributes: savedQuery.attributes, - type: savedQuery.type, - }, - inputDisplay: savedQuery.attributes.name, - dropdownDisplay: ( - <> - {savedQuery.attributes.name} - -

{savedQuery.attributes.description}

- - - {savedQuery.attributes.query} - - - ), - })) ?? [], - [data?.saved_objects] - ); - - const handleShowFlyout = useCallback(() => setShowAddQueryFlyout(true), []); - const handleCloseFlyout = useCallback(() => setShowAddQueryFlyout(false), []); - - return ( - <> -
- - {'Add new saved query'} - - } - euiFieldProps={{ - options: queryOptions, - }} - /> - - - - - {'Add query'} - - - {showAddQueryFlyout && ( - - - - )} - - ); -}; - -export const AddPackQueryForm = React.memo(AddPackQueryFormComponent); diff --git a/x-pack/plugins/osquery/public/packs/common/pack_form.tsx b/x-pack/plugins/osquery/public/packs/common/pack_form.tsx deleted file mode 100644 index ab0984e80894399..000000000000000 --- a/x-pack/plugins/osquery/public/packs/common/pack_form.tsx +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { EuiButton, EuiSpacer } from '@elastic/eui'; -import React from 'react'; - -import { getUseField, useForm, Field, Form, FIELD_TYPES } from '../../shared_imports'; -import { PackQueriesField } from './pack_queries_field'; - -const CommonUseField = getUseField({ component: Field }); - -// @ts-expect-error update types -const PackFormComponent = ({ data, handleSubmit }) => { - const { form } = useForm({ - id: 'addPackForm', - onSubmit: (payload) => { - return handleSubmit(payload); - }, - defaultValue: data ?? { - name: '', - description: '', - queries: [], - }, - schema: { - name: { - type: FIELD_TYPES.TEXT, - label: 'Pack name', - }, - description: { - type: FIELD_TYPES.TEXTAREA, - label: 'Description', - }, - queries: { - type: FIELD_TYPES.MULTI_SELECT, - label: 'Queries', - }, - }, - }); - const { submit, isSubmitting } = form; - - return ( -
- - - - - - - - {'Save pack'} - - - ); -}; - -export const PackForm = React.memo(PackFormComponent); diff --git a/x-pack/plugins/osquery/public/packs/common/pack_queries_field.tsx b/x-pack/plugins/osquery/public/packs/common/pack_queries_field.tsx deleted file mode 100644 index 6b3c1a001bd066a..000000000000000 --- a/x-pack/plugins/osquery/public/packs/common/pack_queries_field.tsx +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { reject } from 'lodash/fp'; -import { produce } from 'immer'; -import { EuiSpacer } from '@elastic/eui'; -import React, { useCallback, useMemo } from 'react'; -import { useQueries } from 'react-query'; - -import { useKibana } from '../../common/lib/kibana'; -import { PackQueriesTable } from '../common/pack_queries_table'; -import { AddPackQueryForm } from '../common/add_pack_query'; - -// @ts-expect-error update types -const PackQueriesFieldComponent = ({ field }) => { - const { value, setValue } = field; - const { http } = useKibana().services; - - const packQueriesData = useQueries( - // @ts-expect-error update types - value.map((query) => ({ - queryKey: ['savedQuery', { id: query.id }], - queryFn: () => http.get(`/internal/osquery/saved_query/${query.id}`), - })) ?? [] - ); - - const packQueries = useMemo( - () => - // @ts-expect-error update types - packQueriesData.reduce((acc, packQueryData) => { - if (packQueryData.data) { - return [...acc, packQueryData.data]; - } - return acc; - }, []) ?? [], - [packQueriesData] - ); - - const handleAddQuery = useCallback( - (newQuery) => - setValue( - produce((draft) => { - // @ts-expect-error update - draft.push({ - interval: newQuery.interval, - query: newQuery.query.attributes.query, - id: newQuery.query.id, - name: newQuery.query.attributes.name, - }); - }) - ), - [setValue] - ); - - const handleRemoveQuery = useCallback( - // @ts-expect-error update - (query) => setValue(produce((draft) => reject(['id', query.id], draft))), - [setValue] - ); - - return ( - <> - - - - - ); -}; - -export const PackQueriesField = React.memo(PackQueriesFieldComponent); diff --git a/x-pack/plugins/osquery/public/packs/common/pack_queries_table.tsx b/x-pack/plugins/osquery/public/packs/common/pack_queries_table.tsx deleted file mode 100644 index bf57f818dc3d93c..000000000000000 --- a/x-pack/plugins/osquery/public/packs/common/pack_queries_table.tsx +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* eslint-disable @typescript-eslint/no-shadow, react-perf/jsx-no-new-object-as-prop, react/jsx-no-bind, react-perf/jsx-no-new-function-as-prop, react-perf/jsx-no-new-array-as-prop */ - -import { find } from 'lodash/fp'; -import React, { useState } from 'react'; -import { - EuiBasicTable, - EuiButtonIcon, - EuiHealth, - EuiDescriptionList, - RIGHT_ALIGNMENT, -} from '@elastic/eui'; - -// @ts-expect-error update types -const PackQueriesTableComponent = ({ items, config, handleRemoveQuery }) => { - const [pageIndex, setPageIndex] = useState(0); - const [pageSize, setPageSize] = useState(10); - const [sortField, setSortField] = useState('firstName'); - const [sortDirection, setSortDirection] = useState('asc'); - const [itemIdToExpandedRowMap, setItemIdToExpandedRowMap] = useState({}); - const totalItemCount = 100; - - const onTableChange = ({ page = {}, sort = {} }) => { - // @ts-expect-error update types - const { index: pageIndex, size: pageSize } = page; - - // @ts-expect-error update types - const { field: sortField, direction: sortDirection } = sort; - - setPageIndex(pageIndex); - setPageSize(pageSize); - setSortField(sortField); - setSortDirection(sortDirection); - }; - - // @ts-expect-error update types - const toggleDetails = (item) => { - const itemIdToExpandedRowMapValues = { ...itemIdToExpandedRowMap }; - // @ts-expect-error update types - if (itemIdToExpandedRowMapValues[item.id]) { - // @ts-expect-error update types - delete itemIdToExpandedRowMapValues[item.id]; - } else { - const { online } = item; - const color = online ? 'success' : 'danger'; - const label = online ? 'Online' : 'Offline'; - const listItems = [ - { - title: 'Nationality', - description: `aa`, - }, - { - title: 'Online', - description: {label}, - }, - ]; - // @ts-expect-error update types - itemIdToExpandedRowMapValues[item.id] = ; - } - setItemIdToExpandedRowMap(itemIdToExpandedRowMapValues); - }; - - const columns = [ - { - field: 'name', - name: 'Query Name', - }, - { - name: 'Interval', - // @ts-expect-error update types - render: (query) => find(['name', query.name], config).interval, - }, - { - name: 'Actions', - actions: [ - { - name: 'Remove', - description: 'Remove this query', - type: 'icon', - icon: 'trash', - onClick: handleRemoveQuery, - }, - ], - }, - { - align: RIGHT_ALIGNMENT, - width: '40px', - isExpander: true, - // @ts-expect-error update types - render: (item) => ( - toggleDetails(item)} - // @ts-expect-error update types - aria-label={itemIdToExpandedRowMap[item.id] ? 'Collapse' : 'Expand'} - // @ts-expect-error update types - iconType={itemIdToExpandedRowMap[item.id] ? 'arrowUp' : 'arrowDown'} - /> - ), - }, - ]; - - const pagination = { - pageIndex, - pageSize, - totalItemCount, - pageSizeOptions: [3, 5, 8], - }; - - const sorting = { - sort: { - field: sortField, - direction: sortDirection, - }, - }; - - return ( - - ); -}; - -export const PackQueriesTable = React.memo(PackQueriesTableComponent); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/index.tsx b/x-pack/plugins/osquery/public/packs/constants.ts similarity index 84% rename from x-pack/plugins/osquery/public/scheduled_query_groups/index.tsx rename to x-pack/plugins/osquery/public/packs/constants.ts index f97127a9465584e..509a2d9c5fde9c8 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/index.tsx +++ b/x-pack/plugins/osquery/public/packs/constants.ts @@ -5,4 +5,4 @@ * 2.0. */ -export * from './scheduled_query_groups_table'; +export const PACKS_ID = 'packList'; diff --git a/x-pack/plugins/osquery/public/packs/edit/index.tsx b/x-pack/plugins/osquery/public/packs/edit/index.tsx deleted file mode 100644 index 3cbd80c9f4db01d..000000000000000 --- a/x-pack/plugins/osquery/public/packs/edit/index.tsx +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* eslint-disable react-perf/jsx-no-new-object-as-prop */ - -import React from 'react'; -import { useMutation, useQuery } from 'react-query'; - -import { PackForm } from '../common/pack_form'; -import { useKibana } from '../../common/lib/kibana'; - -interface EditPackPageProps { - onSuccess: () => void; - packId: string; -} - -const EditPackPageComponent: React.FC = ({ onSuccess, packId }) => { - const { http } = useKibana().services; - - const { - data = { - queries: [], - }, - } = useQuery(['pack', { id: packId }], ({ queryKey }) => { - // @ts-expect-error update types - return http.get(`/internal/osquery/pack/${queryKey[1].id}`); - }); - - const updatePackMutation = useMutation( - (payload) => - http.put(`/internal/osquery/pack/${packId}`, { - body: JSON.stringify({ - ...data, - // @ts-expect-error update types - ...payload, - }), - }), - { - onSuccess, - } - ); - - if (!data.id) { - return <>{'Loading...'}; - } - - return ; -}; - -export const EditPackPage = React.memo(EditPackPageComponent); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/form/confirmation_modal.tsx b/x-pack/plugins/osquery/public/packs/form/confirmation_modal.tsx similarity index 87% rename from x-pack/plugins/osquery/public/scheduled_query_groups/form/confirmation_modal.tsx rename to x-pack/plugins/osquery/public/packs/form/confirmation_modal.tsx index 65379c9e23626e5..bd0d08309847302 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/form/confirmation_modal.tsx +++ b/x-pack/plugins/osquery/public/packs/form/confirmation_modal.tsx @@ -10,20 +10,18 @@ import { EuiCallOut, EuiConfirmModal, EuiSpacer } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; import { i18n } from '@kbn/i18n'; -import { AgentPolicy } from '../../../../fleet/common'; - interface ConfirmDeployAgentPolicyModalProps { onConfirm: () => void; onCancel: () => void; agentCount: number; - agentPolicy: AgentPolicy; + agentPolicyCount: number; } const ConfirmDeployAgentPolicyModalComponent: React.FC = ({ onConfirm, onCancel, agentCount, - agentPolicy, + agentPolicyCount, }) => ( {agentPolicy.name}, + agentPolicyCount, }} /> diff --git a/x-pack/plugins/osquery/public/packs/form/index.tsx b/x-pack/plugins/osquery/public/packs/form/index.tsx new file mode 100644 index 000000000000000..f20a26f2791ddc3 --- /dev/null +++ b/x-pack/plugins/osquery/public/packs/form/index.tsx @@ -0,0 +1,270 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { isEmpty, reduce } from 'lodash'; +import { + EuiFlexGroup, + EuiFlexItem, + EuiButtonEmpty, + EuiButton, + EuiSpacer, + EuiBottomBar, + EuiHorizontalRule, +} from '@elastic/eui'; +import React, { useCallback, useMemo, useState } from 'react'; +import { i18n } from '@kbn/i18n'; +import { FormattedMessage } from '@kbn/i18n/react'; + +import { OsqueryManagerPackagePolicy } from '../../../common/types'; +import { + Form, + useForm, + useFormData, + getUseField, + Field, + FIELD_TYPES, + fieldValidators, +} from '../../shared_imports'; +import { useRouterNavigate } from '../../common/lib/kibana'; +import { PolicyIdComboBoxField } from './policy_id_combobox_field'; +import { QueriesField } from './queries_field'; +import { ConfirmDeployAgentPolicyModal } from './confirmation_modal'; +import { useAgentPolicies } from '../../agent_policies'; +import { useCreatePack } from '../use_create_pack'; +import { useUpdatePack } from '../use_update_pack'; +import { convertPackQueriesToSO, convertSOQueriesToPack } from './utils'; +import { idSchemaValidation } from '../queries/validations'; + +const GhostFormField = () => <>; + +const FORM_ID = 'scheduledQueryForm'; + +const CommonUseField = getUseField({ component: Field }); + +interface PackFormProps { + defaultValue?: OsqueryManagerPackagePolicy; + editMode?: boolean; +} + +const PackFormComponent: React.FC = ({ defaultValue, editMode = false }) => { + const [showConfirmationModal, setShowConfirmationModal] = useState(false); + const handleHideConfirmationModal = useCallback(() => setShowConfirmationModal(false), []); + + const { data: { agentPoliciesById } = {} } = useAgentPolicies(); + + const cancelButtonProps = useRouterNavigate(`packs/${editMode ? defaultValue?.id : ''}`); + + const { mutateAsync: createAsync } = useCreatePack({ + withRedirect: true, + }); + const { mutateAsync: updateAsync } = useUpdatePack({ + withRedirect: true, + }); + + const { form } = useForm< + Omit & { + queries: {}; + policy_ids: string[]; + }, + Omit & { + queries: {}; + policy_ids: string[]; + } + >({ + id: FORM_ID, + schema: { + name: { + type: FIELD_TYPES.TEXT, + label: i18n.translate('xpack.osquery.pack.form.nameFieldLabel', { + defaultMessage: 'Name', + }), + validations: [ + { + validator: idSchemaValidation, + }, + { + validator: fieldValidators.emptyField( + i18n.translate('xpack.osquery.pack.form.nameFieldRequiredErrorMessage', { + defaultMessage: 'Name is a required field', + }) + ), + }, + ], + }, + description: { + type: FIELD_TYPES.TEXT, + label: i18n.translate('xpack.osquery.pack.form.descriptionFieldLabel', { + defaultMessage: 'Description', + }), + }, + policy_ids: { + defaultValue: [], + type: FIELD_TYPES.COMBO_BOX, + label: i18n.translate('xpack.osquery.pack.form.agentPoliciesFieldLabel', { + defaultMessage: 'Agent policies', + }), + }, + enabled: { + defaultValue: true, + }, + queries: { + defaultValue: [], + }, + }, + onSubmit: async (formData, isValid) => { + if (isValid) { + try { + if (editMode) { + // @ts-expect-error update types + await updateAsync({ id: defaultValue?.id, ...formData }); + } else { + // @ts-expect-error update types + await createAsync(formData); + } + // eslint-disable-next-line no-empty + } catch (e) {} + } + }, + deserializer: (payload) => ({ + ...payload, + policy_ids: payload.policy_ids ?? [], + queries: convertPackQueriesToSO(payload.queries), + }), + serializer: (payload) => ({ + ...payload, + queries: convertSOQueriesToPack(payload.queries), + }), + defaultValue, + }); + + const { setFieldValue, submit, isSubmitting } = form; + + const [{ name: queryName, policy_ids: policyIds }] = useFormData({ + form, + watch: ['name', 'policy_ids'], + }); + + const agentCount = useMemo( + () => + reduce( + policyIds, + (acc, policyId) => { + const agentPolicy = agentPoliciesById && agentPoliciesById[policyId]; + return acc + (agentPolicy?.agents ?? 0); + }, + 0 + ), + [policyIds, agentPoliciesById] + ); + + const handleNameChange = useCallback( + (newName: string) => isEmpty(queryName) && setFieldValue('name', newName), + [queryName, setFieldValue] + ); + + const handleSaveClick = useCallback(() => { + if (agentCount) { + setShowConfirmationModal(true); + return; + } + + submit(); + }, [agentCount, submit]); + + const handleConfirmConfirmationClick = useCallback(() => { + submit(); + setShowConfirmationModal(false); + }, [submit]); + + return ( + <> +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + {editMode ? ( + + ) : ( + + )} + + + + + + + {showConfirmationModal && ( + + )} + + ); +}; + +export const PackForm = React.memo(PackFormComponent); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/form/pack_uploader.tsx b/x-pack/plugins/osquery/public/packs/form/pack_uploader.tsx similarity index 100% rename from x-pack/plugins/osquery/public/scheduled_query_groups/form/pack_uploader.tsx rename to x-pack/plugins/osquery/public/packs/form/pack_uploader.tsx diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/form/policy_id_combobox_field.tsx b/x-pack/plugins/osquery/public/packs/form/policy_id_combobox_field.tsx similarity index 77% rename from x-pack/plugins/osquery/public/scheduled_query_groups/form/policy_id_combobox_field.tsx rename to x-pack/plugins/osquery/public/packs/form/policy_id_combobox_field.tsx index 75bb95b198f5451..10149e8655d3539 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/form/policy_id_combobox_field.tsx +++ b/x-pack/plugins/osquery/public/packs/form/policy_id_combobox_field.tsx @@ -5,6 +5,7 @@ * 2.0. */ +import { reduce } from 'lodash'; import { FormattedMessage } from '@kbn/i18n/react'; import { EuiFlexGroup, EuiFlexItem, EuiTextColor, EuiComboBoxOptionOption } from '@elastic/eui'; import React, { useCallback, useMemo } from 'react'; @@ -39,7 +40,32 @@ const PolicyIdComboBoxFieldComponent: React.FC = ({ field, agentPoliciesById, }) => { - const { value } = field; + const { value, setValue } = field; + + const options = useMemo( + () => + Object.entries(agentPoliciesById).map(([agentPolicyId, agentPolicy]) => ({ + key: agentPolicyId, + label: agentPolicy.name, + })), + [agentPoliciesById] + ); + + const selectedOptions = useMemo( + () => + value.map((policyId) => ({ + key: policyId, + label: agentPoliciesById[policyId]?.name ?? policyId, + })), + [agentPoliciesById, value] + ); + + const onChange = useCallback( + (newOptions: EuiComboBoxOptionOption[]) => { + setValue(newOptions.map((option) => option.key || option.label)); + }, + [setValue] + ); const renderOption = useCallback( (option: EuiComboBoxOptionOption) => ( @@ -71,17 +97,19 @@ const PolicyIdComboBoxFieldComponent: React.FC = ({ [agentPoliciesById] ); - const selectedOptions = useMemo(() => { - if (!value?.length || !value[0].length) return []; - - return value.map((policyId) => ({ - label: agentPoliciesById[policyId]?.name ?? policyId, - })); - }, [agentPoliciesById, value]); - const helpText = useMemo(() => { - if (!value?.length || !value[0].length || !agentPoliciesById || !agentPoliciesById[value[0]]) + if (!value?.length || !value[0].length || !agentPoliciesById) { return; + } + + const agentCount = reduce( + value, + (acc, policyId) => { + const agentPolicy = agentPoliciesById && agentPoliciesById[policyId]; + return acc + (agentPolicy?.agents ?? 0); + }, + 0 + ); return ( = ({ defaultMessage="{count, plural, one {# agent} other {# agents}} enrolled" // eslint-disable-next-line react-perf/jsx-no-new-object-as-prop values={{ - count: agentPoliciesById[value[0]].agents ?? 0, + count: agentCount, }} /> ); @@ -98,14 +126,15 @@ const PolicyIdComboBoxFieldComponent: React.FC = ({ const mergedEuiFieldProps = useMemo( () => ({ onCreateOption: null, - singleSelection: { asPlainText: true }, noSuggestions: false, - isClearable: false, + isClearable: true, selectedOptions, + options, renderOption, + onChange, ...euiFieldProps, }), - [euiFieldProps, renderOption, selectedOptions] + [euiFieldProps, onChange, options, renderOption, selectedOptions] ); return ( diff --git a/x-pack/plugins/osquery/public/packs/form/queries_field.tsx b/x-pack/plugins/osquery/public/packs/form/queries_field.tsx new file mode 100644 index 000000000000000..03993bf35371cd3 --- /dev/null +++ b/x-pack/plugins/osquery/public/packs/form/queries_field.tsx @@ -0,0 +1,230 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { findIndex, forEach, pullAt, pullAllBy, pickBy } from 'lodash'; +import { EuiFlexGroup, EuiFlexItem, EuiButton, EuiSpacer } from '@elastic/eui'; +import { produce } from 'immer'; +import React, { useCallback, useMemo, useState } from 'react'; +import { FormattedMessage } from '@kbn/i18n/react'; + +import { OsqueryManagerPackagePolicyInputStream } from '../../../common/types'; +import { FieldHook } from '../../shared_imports'; +import { PackQueriesTable } from '../pack_queries_table'; +import { QueryFlyout } from '../queries/query_flyout'; +import { OsqueryPackUploader } from './pack_uploader'; +import { getSupportedPlatforms } from '../queries/platforms/helpers'; + +interface QueriesFieldProps { + handleNameChange: (name: string) => void; + field: FieldHook>>; +} + +const QueriesFieldComponent: React.FC = ({ field, handleNameChange }) => { + const [showAddQueryFlyout, setShowAddQueryFlyout] = useState(false); + const [showEditQueryFlyout, setShowEditQueryFlyout] = useState(-1); + const [tableSelectedItems, setTableSelectedItems] = useState< + OsqueryManagerPackagePolicyInputStream[] + >([]); + + const handleShowAddFlyout = useCallback(() => setShowAddQueryFlyout(true), []); + const handleHideAddFlyout = useCallback(() => setShowAddQueryFlyout(false), []); + const handleHideEditFlyout = useCallback(() => setShowEditQueryFlyout(-1), []); + + const { setValue } = field; + + const handleDeleteClick = useCallback( + (query) => { + const streamIndex = findIndex(field.value, ['id', query.id]); + + if (streamIndex > -1) { + setValue( + produce((draft) => { + pullAt(draft, [streamIndex]); + + return draft; + }) + ); + } + }, + [field.value, setValue] + ); + + const handleEditClick = useCallback( + (query) => { + const streamIndex = findIndex(field.value, ['id', query.id]); + + setShowEditQueryFlyout(streamIndex); + }, + [field.value] + ); + + const handleEditQuery = useCallback( + (updatedQuery) => + new Promise((resolve) => { + if (showEditQueryFlyout >= 0) { + setValue( + produce((draft) => { + draft[showEditQueryFlyout].id = updatedQuery.id; + draft[showEditQueryFlyout].interval = updatedQuery.interval; + draft[showEditQueryFlyout].query = updatedQuery.query; + + if (updatedQuery.platform?.length) { + draft[showEditQueryFlyout].platform = updatedQuery.platform; + } else { + delete draft[showEditQueryFlyout].platform; + } + + if (updatedQuery.version?.length) { + draft[showEditQueryFlyout].version = updatedQuery.version; + } else { + delete draft[showEditQueryFlyout].version; + } + + if (updatedQuery.ecs_mapping) { + draft[showEditQueryFlyout].ecs_mapping = updatedQuery.ecs_mapping; + } else { + delete draft[showEditQueryFlyout].ecs_mapping; + } + + return draft; + }) + ); + } + + handleHideEditFlyout(); + resolve(); + }), + [handleHideEditFlyout, setValue, showEditQueryFlyout] + ); + + const handleAddQuery = useCallback( + (newQuery) => + new Promise((resolve) => { + setValue( + produce((draft) => { + draft.push(newQuery); + return draft; + }) + ); + handleHideAddFlyout(); + resolve(); + }), + [handleHideAddFlyout, setValue] + ); + + const handleDeleteQueries = useCallback(() => { + setValue( + produce((draft) => { + pullAllBy(draft, tableSelectedItems, 'id'); + + return draft; + }) + ); + setTableSelectedItems([]); + }, [setValue, tableSelectedItems]); + + const handlePackUpload = useCallback( + (parsedContent, packName) => { + setValue( + produce((draft) => { + forEach(parsedContent.queries, (newQuery, newQueryId) => { + draft.push( + pickBy({ + id: newQueryId, + interval: newQuery.interval ?? parsedContent.interval, + query: newQuery.query, + version: newQuery.version ?? parsedContent.version, + platform: getSupportedPlatforms(newQuery.platform ?? parsedContent.platform), + }) + ); + }); + + return draft; + }) + ); + + handleNameChange(packName); + }, + [handleNameChange, setValue] + ); + + const tableData = useMemo(() => (field.value?.length ? field.value : []), [field.value]); + + const uniqueQueryIds = useMemo( + () => + field.value && field.value.length + ? field.value.reduce((acc, query) => { + if (query?.id) { + // @ts-expect-error update types + acc.push(query.id); + } + + return acc; + }, [] as string[]) + : [], + [field.value] + ); + + return ( + <> + + + {!tableSelectedItems.length ? ( + + + + ) : ( + + + + )} + + + + {field.value?.length ? ( + + ) : null} + + {} + {showAddQueryFlyout && ( + + )} + {showEditQueryFlyout != null && showEditQueryFlyout >= 0 && ( + + )} + + ); +}; + +export const QueriesField = React.memo(QueriesFieldComponent); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/form/translations.ts b/x-pack/plugins/osquery/public/packs/form/translations.ts similarity index 100% rename from x-pack/plugins/osquery/public/scheduled_query_groups/form/translations.ts rename to x-pack/plugins/osquery/public/packs/form/translations.ts diff --git a/x-pack/plugins/osquery/public/packs/form/utils.ts b/x-pack/plugins/osquery/public/packs/form/utils.ts new file mode 100644 index 000000000000000..5a4ff8ec13bb191 --- /dev/null +++ b/x-pack/plugins/osquery/public/packs/form/utils.ts @@ -0,0 +1,35 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { pick, reduce } from 'lodash'; + +// @ts-expect-error update types +export const convertPackQueriesToSO = (queries) => + reduce( + queries, + (acc, value, key) => { + acc.push({ + // @ts-expect-error update types + id: key, + ...pick(value, ['query', 'interval', 'platform', 'version', 'ecs_mapping']), + }); + return acc; + }, + [] + ); + +// @ts-expect-error update types +export const convertSOQueriesToPack = (queries) => + reduce( + queries, + (acc, { id: queryId, ...query }) => { + acc[queryId] = query; + return acc; + }, + // eslint-disable-next-line @typescript-eslint/no-explicit-any + {} as Record + ); diff --git a/x-pack/plugins/osquery/public/packs/index.tsx b/x-pack/plugins/osquery/public/packs/index.tsx index afd44f1b88955da..9f89e5151e41bca 100644 --- a/x-pack/plugins/osquery/public/packs/index.tsx +++ b/x-pack/plugins/osquery/public/packs/index.tsx @@ -5,32 +5,4 @@ * 2.0. */ -import React, { useCallback, useState } from 'react'; - -import { PacksPage } from './list'; -import { NewPackPage } from './new'; -import { EditPackPage } from './edit'; - -const PacksComponent = () => { - const [showNewPackForm, setShowNewPackForm] = useState(false); - const [editPackId, setEditPackId] = useState(null); - - const goBack = useCallback(() => { - setShowNewPackForm(false); - setEditPackId(null); - }, []); - - const handleNewQueryClick = useCallback(() => setShowNewPackForm(true), []); - - if (showNewPackForm) { - return ; - } - - if (editPackId?.length) { - return ; - } - - return ; -}; - -export const Packs = React.memo(PacksComponent); +export * from './packs_table'; diff --git a/x-pack/plugins/osquery/public/packs/list/index.tsx b/x-pack/plugins/osquery/public/packs/list/index.tsx deleted file mode 100644 index d7a80cb29549670..000000000000000 --- a/x-pack/plugins/osquery/public/packs/list/index.tsx +++ /dev/null @@ -1,226 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { map } from 'lodash/fp'; -import { - EuiBasicTable, - EuiButton, - EuiButtonIcon, - EuiFlexGroup, - EuiFlexItem, - EuiSpacer, - RIGHT_ALIGNMENT, -} from '@elastic/eui'; -import React, { useCallback, useMemo, useState } from 'react'; -import { useQuery, useQueryClient, useMutation } from 'react-query'; - -import { PackTableQueriesTable } from './pack_table_queries_table'; -import { useKibana } from '../../common/lib/kibana'; - -interface PacksPageProps { - onEditClick: (packId: string) => void; - onNewClick: () => void; -} - -const PacksPageComponent: React.FC = ({ onNewClick, onEditClick }) => { - const queryClient = useQueryClient(); - const [pageIndex, setPageIndex] = useState(0); - const [pageSize, setPageSize] = useState(5); - const [sortField, setSortField] = useState('updated_at'); - const [sortDirection, setSortDirection] = useState('desc'); - const [selectedItems, setSelectedItems] = useState([]); - const [itemIdToExpandedRowMap, setItemIdToExpandedRowMap] = useState>({}); - const { http } = useKibana().services; - - const deletePacksMutation = useMutation( - (payload) => http.delete(`/internal/osquery/pack`, { body: JSON.stringify(payload) }), - { - onSuccess: () => queryClient.invalidateQueries('packList'), - } - ); - - const { data = {} } = useQuery( - ['packList', { pageIndex, pageSize, sortField, sortDirection }], - () => - http.get('/internal/osquery/pack', { - query: { - pageIndex, - pageSize, - sortField, - sortDirection, - }, - }), - { - keepPreviousData: true, - // Refetch the data every 10 seconds - refetchInterval: 5000, - } - ); - const { total = 0, saved_objects: packs } = data; - - const toggleDetails = useCallback( - (item) => () => { - const itemIdToExpandedRowMapValues = { ...itemIdToExpandedRowMap }; - if (itemIdToExpandedRowMapValues[item.id]) { - delete itemIdToExpandedRowMapValues[item.id]; - } else { - itemIdToExpandedRowMapValues[item.id] = ( - <> - - - - ); - } - setItemIdToExpandedRowMap(itemIdToExpandedRowMapValues); - }, - [itemIdToExpandedRowMap] - ); - - const renderExtendedItemToggle = useCallback( - (item) => ( - - ), - [itemIdToExpandedRowMap, toggleDetails] - ); - - const handleEditClick = useCallback((item) => onEditClick(item.id), [onEditClick]); - - const columns = useMemo( - () => [ - { - field: 'name', - name: 'Pack name', - sortable: true, - truncateText: true, - }, - { - field: 'description', - name: 'Description', - sortable: true, - truncateText: true, - }, - { - field: 'queries', - name: 'Queries', - sortable: false, - // @ts-expect-error update types - render: (queries) => queries.length, - }, - { - field: 'updated_at', - name: 'Last updated at', - sortable: true, - truncateText: true, - }, - { - name: 'Actions', - actions: [ - { - name: 'Edit', - description: 'Edit or run this query', - type: 'icon', - icon: 'documentEdit', - onClick: handleEditClick, - }, - ], - }, - { - align: RIGHT_ALIGNMENT, - width: '40px', - isExpander: true, - render: renderExtendedItemToggle, - }, - ], - [handleEditClick, renderExtendedItemToggle] - ); - - const onTableChange = useCallback(({ page = {}, sort = {} }) => { - setPageIndex(page.index); - setPageSize(page.size); - setSortField(sort.field); - setSortDirection(sort.direction); - }, []); - - const pagination = useMemo( - () => ({ - pageIndex, - pageSize, - totalItemCount: total, - pageSizeOptions: [3, 5, 8], - }), - [total, pageIndex, pageSize] - ); - - const sorting = useMemo( - () => ({ - sort: { - field: sortField, - direction: sortDirection, - }, - }), - [sortDirection, sortField] - ); - - const selection = useMemo( - () => ({ - selectable: () => true, - onSelectionChange: setSelectedItems, - initialSelected: [], - }), - [] - ); - - const handleDeleteClick = useCallback(() => { - const selectedItemsIds = map('id', selectedItems); - // @ts-expect-error update types - deletePacksMutation.mutate({ packIds: selectedItemsIds }); - }, [deletePacksMutation, selectedItems]); - - return ( -
- - - {!selectedItems.length ? ( - - {'New pack'} - - ) : ( - - {`Delete ${selectedItems.length} packs`} - - )} - - - - - - {packs && ( - - )} -
- ); -}; - -export const PacksPage = React.memo(PacksPageComponent); diff --git a/x-pack/plugins/osquery/public/packs/list/pack_table_queries_table.tsx b/x-pack/plugins/osquery/public/packs/list/pack_table_queries_table.tsx deleted file mode 100644 index 14110275b9cb4ae..000000000000000 --- a/x-pack/plugins/osquery/public/packs/list/pack_table_queries_table.tsx +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { EuiBasicTable, EuiCodeBlock } from '@elastic/eui'; -import React from 'react'; - -const columns = [ - { - field: 'id', - name: 'ID', - }, - { - field: 'name', - name: 'Query name', - }, - { - field: 'interval', - name: 'Query interval', - }, - { - field: 'query', - name: 'Query', - render: (query: string) => ( - - {query} - - ), - }, -]; - -// @ts-expect-error update types -const PackTableQueriesTableComponent = ({ items }) => { - return ; -}; - -export const PackTableQueriesTable = React.memo(PackTableQueriesTableComponent); diff --git a/x-pack/plugins/osquery/public/packs/new/index.tsx b/x-pack/plugins/osquery/public/packs/new/index.tsx deleted file mode 100644 index 2b60e8942bbf994..000000000000000 --- a/x-pack/plugins/osquery/public/packs/new/index.tsx +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { useMutation } from 'react-query'; - -import { PackForm } from '../common/pack_form'; -import { useKibana } from '../../common/lib/kibana'; - -interface NewPackPageProps { - onSuccess: () => void; -} - -const NewPackPageComponent: React.FC = ({ onSuccess }) => { - const { http } = useKibana().services; - - const addPackMutation = useMutation( - (payload) => - http.post(`/internal/osquery/pack`, { - body: JSON.stringify(payload), - }), - { - onSuccess, - } - ); - - // @ts-expect-error update types - return ; -}; - -export const NewPackPage = React.memo(NewPackPageComponent); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/scheduled_query_group_queries_status_table.tsx b/x-pack/plugins/osquery/public/packs/pack_queries_status_table.tsx similarity index 71% rename from x-pack/plugins/osquery/public/scheduled_query_groups/scheduled_query_group_queries_status_table.tsx rename to x-pack/plugins/osquery/public/packs/pack_queries_status_table.tsx index 15547b2a4cca984..a32f369922958bf 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/scheduled_query_group_queries_status_table.tsx +++ b/x-pack/plugins/osquery/public/packs/pack_queries_status_table.tsx @@ -32,18 +32,18 @@ import { FilterStateStore, IndexPattern } from '../../../../../src/plugins/data/ import { useKibana, isModifiedEvent, isLeftClickEvent } from '../common/lib/kibana'; import { OsqueryManagerPackagePolicyInputStream } from '../../common/types'; import { ScheduledQueryErrorsTable } from './scheduled_query_errors_table'; -import { useScheduledQueryGroupQueryLastResults } from './use_scheduled_query_group_query_last_results'; -import { useScheduledQueryGroupQueryErrors } from './use_scheduled_query_group_query_errors'; +import { usePackQueryLastResults } from './use_pack_query_last_results'; +import { usePackQueryErrors } from './use_pack_query_errors'; const VIEW_IN_DISCOVER = i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queriesTable.viewDiscoverResultsActionAriaLabel', + 'xpack.osquery.pack.queriesTable.viewDiscoverResultsActionAriaLabel', { defaultMessage: 'View in Discover', } ); const VIEW_IN_LENS = i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queriesTable.viewLensResultsActionAriaLabel', + 'xpack.osquery.pack.queriesTable.viewLensResultsActionAriaLabel', { defaultMessage: 'View in Lens', } @@ -376,7 +376,6 @@ ScheduledQueryExpandedContent.displayName = 'ScheduledQueryExpandedContent'; interface ScheduledQueryLastResultsProps { actionId: string; - agentIds: string[]; queryId: string; interval: number; toggleErrors: (payload: { queryId: string; interval: number }) => void; @@ -385,7 +384,6 @@ interface ScheduledQueryLastResultsProps { const ScheduledQueryLastResults: React.FC = ({ actionId, - agentIds, queryId, interval, toggleErrors, @@ -394,16 +392,14 @@ const ScheduledQueryLastResults: React.FC = ({ const data = useKibana().services.data; const [logsIndexPattern, setLogsIndexPattern] = useState(undefined); - const { data: lastResultsData, isFetched } = useScheduledQueryGroupQueryLastResults({ + const { data: lastResultsData, isFetched } = usePackQueryLastResults({ actionId, - agentIds, interval, logsIndexPattern, }); - const { data: errorsData, isFetched: errorsFetched } = useScheduledQueryGroupQueryErrors({ + const { data: errorsData, isFetched: errorsFetched } = usePackQueryErrors({ actionId, - agentIds, interval, logsIndexPattern, }); @@ -483,7 +479,7 @@ const ScheduledQueryLastResults: React.FC = ({ id="xpack.osquery.queriesStatusTable.agentsLabelText" defaultMessage="{count, plural, one {Agent} other {Agents}}" // eslint-disable-next-line react-perf/jsx-no-new-object-as-prop - values={{ count: agentIds?.length }} + values={{ count: lastResultsData?.uniqueAgentsCount ?? 0 }} />
@@ -522,178 +518,169 @@ const ScheduledQueryLastResults: React.FC = ({ const getPackActionId = (actionId: string, packName: string) => `pack_${packName}_${actionId}`; -interface ScheduledQueryGroupQueriesStatusTableProps { +interface PackQueriesStatusTableProps { agentIds?: string[]; data: OsqueryManagerPackagePolicyInputStream[]; - scheduledQueryGroupName: string; + packName: string; } -const ScheduledQueryGroupQueriesStatusTableComponent: React.FC = - ({ agentIds, data, scheduledQueryGroupName }) => { - const [itemIdToExpandedRowMap, setItemIdToExpandedRowMap] = useState< - Record> - >({}); - - const renderQueryColumn = useCallback( - (query: string) => ( - - {query} - - ), - [] - ); +const PackQueriesStatusTableComponent: React.FC = ({ + agentIds, + data, + packName, +}) => { + const [itemIdToExpandedRowMap, setItemIdToExpandedRowMap] = useState< + Record> + >({}); + + const renderQueryColumn = useCallback( + (query: string) => ( + + {query} + + ), + [] + ); - const toggleErrors = useCallback( - ({ queryId, interval }: { queryId: string; interval: number }) => { - const itemIdToExpandedRowMapValues = { ...itemIdToExpandedRowMap }; - if (itemIdToExpandedRowMapValues[queryId]) { - delete itemIdToExpandedRowMapValues[queryId]; - } else { - itemIdToExpandedRowMapValues[queryId] = ( - - ); - } - setItemIdToExpandedRowMap(itemIdToExpandedRowMapValues); - }, - [agentIds, itemIdToExpandedRowMap, scheduledQueryGroupName] - ); + const toggleErrors = useCallback( + ({ queryId, interval }: { queryId: string; interval: number }) => { + const itemIdToExpandedRowMapValues = { ...itemIdToExpandedRowMap }; + if (itemIdToExpandedRowMapValues[queryId]) { + delete itemIdToExpandedRowMapValues[queryId]; + } else { + itemIdToExpandedRowMapValues[queryId] = ( + + ); + } + setItemIdToExpandedRowMap(itemIdToExpandedRowMapValues); + }, + [agentIds, itemIdToExpandedRowMap, packName] + ); - const renderLastResultsColumn = useCallback( - (item) => ( - - ), - [agentIds, itemIdToExpandedRowMap, scheduledQueryGroupName, toggleErrors] - ); + const renderLastResultsColumn = useCallback( + (item) => ( + + ), + [itemIdToExpandedRowMap, packName, toggleErrors] + ); - const renderDiscoverResultsAction = useCallback( - (item) => ( - - ), - [agentIds, scheduledQueryGroupName] - ); + const renderDiscoverResultsAction = useCallback( + (item) => ( + + ), + [agentIds, packName] + ); - const renderLensResultsAction = useCallback( - (item) => ( - - ), - [agentIds, scheduledQueryGroupName] - ); + const renderLensResultsAction = useCallback( + (item) => ( + + ), + [agentIds, packName] + ); - const getItemId = useCallback( - (item: OsqueryManagerPackagePolicyInputStream) => get('vars.id.value', item), - [] - ); + const getItemId = useCallback( + (item: OsqueryManagerPackagePolicyInputStream) => get('id', item), + [] + ); - const columns = useMemo( - () => [ - { - field: 'vars.id.value', - name: i18n.translate('xpack.osquery.scheduledQueryGroup.queriesTable.idColumnTitle', { - defaultMessage: 'ID', - }), - width: '15%', - }, - { - field: 'vars.interval.value', - name: i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queriesTable.intervalColumnTitle', - { - defaultMessage: 'Interval (s)', - } - ), - width: '80px', - }, - { - field: 'vars.query.value', - name: i18n.translate('xpack.osquery.scheduledQueryGroup.queriesTable.queryColumnTitle', { - defaultMessage: 'Query', - }), - render: renderQueryColumn, - width: '20%', - }, - { - name: i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queriesTable.lastResultsColumnTitle', - { - defaultMessage: 'Last results', - } - ), - render: renderLastResultsColumn, - }, - { - name: i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queriesTable.viewResultsColumnTitle', - { - defaultMessage: 'View results', - } - ), - width: '90px', - actions: [ - { - render: renderDiscoverResultsAction, - }, - { - render: renderLensResultsAction, - }, - ], - }, - ], - [ - renderQueryColumn, - renderLastResultsColumn, - renderDiscoverResultsAction, - renderLensResultsAction, - ] - ); + const columns = useMemo( + () => [ + { + field: 'id', + name: i18n.translate('xpack.osquery.pack.queriesTable.idColumnTitle', { + defaultMessage: 'ID', + }), + width: '15%', + }, + { + field: 'interval', + name: i18n.translate('xpack.osquery.pack.queriesTable.intervalColumnTitle', { + defaultMessage: 'Interval (s)', + }), + width: '80px', + }, + { + field: 'query', + name: i18n.translate('xpack.osquery.pack.queriesTable.queryColumnTitle', { + defaultMessage: 'Query', + }), + render: renderQueryColumn, + width: '20%', + }, + { + name: i18n.translate('xpack.osquery.pack.queriesTable.lastResultsColumnTitle', { + defaultMessage: 'Last results', + }), + render: renderLastResultsColumn, + }, + { + name: i18n.translate('xpack.osquery.pack.queriesTable.viewResultsColumnTitle', { + defaultMessage: 'View results', + }), + width: '90px', + actions: [ + { + render: renderDiscoverResultsAction, + }, + { + render: renderLensResultsAction, + }, + ], + }, + ], + [ + renderQueryColumn, + renderLastResultsColumn, + renderDiscoverResultsAction, + renderLensResultsAction, + ] + ); - const sorting = useMemo( - () => ({ - sort: { - field: 'vars.id.value' as keyof OsqueryManagerPackagePolicyInputStream, - direction: 'asc' as const, - }, - }), - [] - ); + const sorting = useMemo( + () => ({ + sort: { + field: 'id' as keyof OsqueryManagerPackagePolicyInputStream, + direction: 'asc' as const, + }, + }), + [] + ); - return ( - - items={data} - itemId={getItemId} - columns={columns} - sorting={sorting} - itemIdToExpandedRowMap={itemIdToExpandedRowMap} - isExpandable - /> - ); - }; + return ( + + // eslint-disable-next-line react-perf/jsx-no-new-array-as-prop + items={data ?? []} + itemId={getItemId} + columns={columns} + sorting={sorting} + itemIdToExpandedRowMap={itemIdToExpandedRowMap} + isExpandable + /> + ); +}; -export const ScheduledQueryGroupQueriesStatusTable = React.memo( - ScheduledQueryGroupQueriesStatusTableComponent -); +export const PackQueriesStatusTable = React.memo(PackQueriesStatusTableComponent); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/scheduled_query_group_queries_table.tsx b/x-pack/plugins/osquery/public/packs/pack_queries_table.tsx similarity index 66% rename from x-pack/plugins/osquery/public/scheduled_query_groups/scheduled_query_group_queries_table.tsx rename to x-pack/plugins/osquery/public/packs/pack_queries_table.tsx index fb3839a7167207f..d23d5f6ffb06a9a 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/scheduled_query_group_queries_table.tsx +++ b/x-pack/plugins/osquery/public/packs/pack_queries_table.tsx @@ -13,7 +13,7 @@ import { i18n } from '@kbn/i18n'; import { PlatformIcons } from './queries/platforms'; import { OsqueryManagerPackagePolicyInputStream } from '../../common/types'; -interface ScheduledQueryGroupQueriesTableProps { +interface PackQueriesTableProps { data: OsqueryManagerPackagePolicyInputStream[]; onDeleteClick?: (item: OsqueryManagerPackagePolicyInputStream) => void; onEditClick?: (item: OsqueryManagerPackagePolicyInputStream) => void; @@ -21,7 +21,7 @@ interface ScheduledQueryGroupQueriesTableProps { setSelectedItems?: (selection: OsqueryManagerPackagePolicyInputStream[]) => void; } -const ScheduledQueryGroupQueriesTableComponent: React.FC = ({ +const PackQueriesTableComponent: React.FC = ({ data, onDeleteClick, onEditClick, @@ -36,15 +36,12 @@ const ScheduledQueryGroupQueriesTableComponent: React.FC onDeleteClick(item)} iconType="trash" - aria-label={i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queriesTable.deleteActionAriaLabel', - { - defaultMessage: 'Delete {queryName}', - values: { - queryName: item.vars?.id.value, - }, - } - )} + aria-label={i18n.translate('xpack.osquery.pack.queriesTable.deleteActionAriaLabel', { + defaultMessage: 'Delete {queryName}', + values: { + queryName: item.id, + }, + })} /> ), [onDeleteClick] @@ -58,15 +55,12 @@ const ScheduledQueryGroupQueriesTableComponent: React.FC onEditClick(item)} iconType="pencil" - aria-label={i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queriesTable.editActionAriaLabel', - { - defaultMessage: 'Edit {queryName}', - values: { - queryName: item.vars?.id.value, - }, - } - )} + aria-label={i18n.translate('xpack.osquery.pack.queriesTable.editActionAriaLabel', { + defaultMessage: 'Edit {queryName}', + values: { + queryName: item.id, + }, + })} /> ), [onEditClick] @@ -90,7 +84,7 @@ const ScheduledQueryGroupQueriesTableComponent: React.FC version ? `${version}` - : i18n.translate('xpack.osquery.scheduledQueryGroup.queriesTable.osqueryVersionAllLabel', { + : i18n.translate('xpack.osquery.pack.queriesTable.osqueryVersionAllLabel', { defaultMessage: 'ALL', }), [] @@ -99,42 +93,42 @@ const ScheduledQueryGroupQueriesTableComponent: React.FC [ { - field: 'vars.id.value', - name: i18n.translate('xpack.osquery.scheduledQueryGroup.queriesTable.idColumnTitle', { + field: 'id', + name: i18n.translate('xpack.osquery.pack.queriesTable.idColumnTitle', { defaultMessage: 'ID', }), width: '20%', }, { - field: 'vars.interval.value', - name: i18n.translate('xpack.osquery.scheduledQueryGroup.queriesTable.intervalColumnTitle', { + field: 'interval', + name: i18n.translate('xpack.osquery.pack.queriesTable.intervalColumnTitle', { defaultMessage: 'Interval (s)', }), width: '100px', }, { - field: 'vars.query.value', - name: i18n.translate('xpack.osquery.scheduledQueryGroup.queriesTable.queryColumnTitle', { + field: 'query', + name: i18n.translate('xpack.osquery.pack.queriesTable.queryColumnTitle', { defaultMessage: 'Query', }), render: renderQueryColumn, }, { - field: 'vars.platform.value', - name: i18n.translate('xpack.osquery.scheduledQueryGroup.queriesTable.platformColumnTitle', { + field: 'platform', + name: i18n.translate('xpack.osquery.pack.queriesTable.platformColumnTitle', { defaultMessage: 'Platform', }), render: renderPlatformColumn, }, { - field: 'vars.version.value', - name: i18n.translate('xpack.osquery.scheduledQueryGroup.queriesTable.versionColumnTitle', { + field: 'version', + name: i18n.translate('xpack.osquery.pack.queriesTable.versionColumnTitle', { defaultMessage: 'Min Osquery version', }), render: renderVersionColumn, }, { - name: i18n.translate('xpack.osquery.scheduledQueryGroup.queriesTable.actionsColumnTitle', { + name: i18n.translate('xpack.osquery.pack.queriesTable.actionsColumnTitle', { defaultMessage: 'Actions', }), width: '120px', @@ -160,17 +154,14 @@ const ScheduledQueryGroupQueriesTableComponent: React.FC ({ sort: { - field: 'vars.id.value' as keyof OsqueryManagerPackagePolicyInputStream, + field: 'id' as keyof OsqueryManagerPackagePolicyInputStream, direction: 'asc' as const, }, }), [] ); - const itemId = useCallback( - (item: OsqueryManagerPackagePolicyInputStream) => get('vars.id.value', item), - [] - ); + const itemId = useCallback((item: OsqueryManagerPackagePolicyInputStream) => get('id', item), []); const selection = useMemo( () => ({ @@ -192,4 +183,4 @@ const ScheduledQueryGroupQueriesTableComponent: React.FC ( - {name} + {name} ); const ScheduledQueryName = React.memo(ScheduledQueryNameComponent); -const renderName = (_: unknown, item: PackagePolicy) => ( - +const renderName = (_: unknown, item: { id: string; attributes: { name: string } }) => ( + ); -const ScheduledQueryGroupsTableComponent = () => { - const { data } = useScheduledQueryGroups(); +const PacksTableComponent = () => { + const { data } = usePacks({}); - const renderAgentPolicy = useCallback((policyId) => , []); + const renderAgentPolicy = useCallback((policyIds) => <>{policyIds?.length ?? 0}, []); const renderQueries = useCallback( - (streams: PackagePolicy['inputs'][0]['streams']) => <>{streams.length}, + (queries) => <>{(queries && Object.keys(queries).length) ?? 0}, [] ); @@ -41,57 +47,64 @@ const ScheduledQueryGroupsTableComponent = () => { const renderUpdatedAt = useCallback((updatedAt, item) => { if (!updatedAt) return '-'; - const updatedBy = item.updated_by !== item.created_by ? ` @ ${item.updated_by}` : ''; - return updatedAt ? `${moment(updatedAt).fromNow()}${updatedBy}` : '-'; + const updatedBy = + item.attributes.updated_by !== item.attributes.created_by + ? ` @ ${item.attributes.updated_by}` + : ''; + return updatedAt ? ( + + {`${moment(updatedAt).fromNow()}${updatedBy}`} + + ) : ( + '-' + ); }, []); + // @ts-expect-error update types const columns: Array> = useMemo( () => [ { - field: 'name', - name: i18n.translate('xpack.osquery.scheduledQueryGroups.table.nameColumnTitle', { + field: 'attributes.name', + name: i18n.translate('xpack.osquery.packs.table.nameColumnTitle', { defaultMessage: 'Name', }), sortable: true, render: renderName, }, { - field: 'policy_id', - name: i18n.translate('xpack.osquery.scheduledQueryGroups.table.policyColumnTitle', { - defaultMessage: 'Policy', + field: 'policy_ids', + name: i18n.translate('xpack.osquery.packs.table.policyColumnTitle', { + defaultMessage: 'Policies', }), truncateText: true, render: renderAgentPolicy, }, { - field: 'inputs[0].streams', - name: i18n.translate( - 'xpack.osquery.scheduledQueryGroups.table.numberOfQueriesColumnTitle', - { - defaultMessage: 'Number of queries', - } - ), + field: 'attributes.queries', + name: i18n.translate('xpack.osquery.packs.table.numberOfQueriesColumnTitle', { + defaultMessage: 'Number of queries', + }), render: renderQueries, width: '150px', }, { - field: 'created_by', - name: i18n.translate('xpack.osquery.scheduledQueryGroups.table.createdByColumnTitle', { + field: 'attributes.created_by', + name: i18n.translate('xpack.osquery.packs.table.createdByColumnTitle', { defaultMessage: 'Created by', }), sortable: true, truncateText: true, }, { - field: 'updated_at', + field: 'attributes.updated_at', name: 'Last updated', sortable: (item) => (item.updated_at ? Date.parse(item.updated_at) : 0), truncateText: true, render: renderUpdatedAt, }, { - field: 'enabled', - name: i18n.translate('xpack.osquery.scheduledQueryGroups.table.activeColumnTitle', { + field: 'attributes.enabled', + name: i18n.translate('xpack.osquery.packs.table.activeColumnTitle', { defaultMessage: 'Active', }), sortable: true, @@ -106,7 +119,7 @@ const ScheduledQueryGroupsTableComponent = () => { const sorting = useMemo( () => ({ sort: { - field: 'name', + field: 'attributes.name', direction: 'asc' as const, }, }), @@ -116,7 +129,7 @@ const ScheduledQueryGroupsTableComponent = () => { return ( // eslint-disable-next-line react-perf/jsx-no-new-array-as-prop - items={data?.items ?? []} + items={data?.saved_objects ?? []} columns={columns} pagination={true} sorting={sorting} @@ -124,4 +137,4 @@ const ScheduledQueryGroupsTableComponent = () => { ); }; -export const ScheduledQueryGroupsTable = React.memo(ScheduledQueryGroupsTableComponent); +export const PacksTable = React.memo(PacksTableComponent); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/constants.ts b/x-pack/plugins/osquery/public/packs/queries/constants.ts similarity index 97% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/constants.ts rename to x-pack/plugins/osquery/public/packs/queries/constants.ts index cbd52fb418853fc..128f037da89e978 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/constants.ts +++ b/x-pack/plugins/osquery/public/packs/queries/constants.ts @@ -6,6 +6,9 @@ */ export const ALL_OSQUERY_VERSIONS_OPTIONS = [ + { + label: '5.0.1', + }, { label: '4.9.0', }, diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/ecs_mapping_editor_field.tsx b/x-pack/plugins/osquery/public/packs/queries/ecs_mapping_editor_field.tsx similarity index 83% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/ecs_mapping_editor_field.tsx rename to x-pack/plugins/osquery/public/packs/queries/ecs_mapping_editor_field.tsx index 8a5fa0e2066f268..4d7776bdb29544a 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/ecs_mapping_editor_field.tsx +++ b/x-pack/plugins/osquery/public/packs/queries/ecs_mapping_editor_field.tsx @@ -18,6 +18,7 @@ import React, { MutableRefObject, } from 'react'; import { + EuiFormLabel, EuiButtonIcon, EuiFlexGroup, EuiFlexItem, @@ -37,8 +38,8 @@ import styled from 'styled-components'; import deepEqual from 'fast-deep-equal'; import deepmerge from 'deepmerge'; -import ECSSchema from '../../common/schemas/ecs/v1.11.0.json'; -import osquerySchema from '../../common/schemas/osquery/v4.9.0.json'; +import ECSSchema from '../../common/schemas/ecs/v1.12.1.json'; +import osquerySchema from '../../common/schemas/osquery/v5.0.1.json'; import { FieldIcon } from '../../common/lib/kibana'; import { @@ -91,15 +92,11 @@ const StyledFieldSpan = styled.span` // align the icon to the inputs const StyledButtonWrapper = styled.div` - margin-top: 30px; -`; - -const ECSFieldColumn = styled(EuiFlexGroup)` - max-width: 100%; + margin-top: 11px; `; const ECSFieldWrapper = styled(EuiFlexItem)` - max-width: calc(100% - 66px); + max-width: 100%; `; const singleSelection = { asPlainText: true }; @@ -195,11 +192,13 @@ export const ECSComboboxField: React.FC = ({ return ( = ({ return ( >; query: string; fieldRef: MutableRefObject; + euiFieldProps: EuiComboBoxProps<{}>; } interface ECSMappingEditorFormProps { + isDisabled?: boolean; osquerySchemaOptions: OsquerySchemaOption[]; defaultValue?: FormData; onAdd?: (payload: FormData) => void; @@ -334,12 +337,9 @@ const getEcsFieldValidator = (editForm: boolean) => (args: ValidationFuncArg) => { const fieldRequiredError = fieldValidators.emptyField( - i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queryFlyoutForm.ecsFieldRequiredErrorMessage', - { - defaultMessage: 'ECS field is required.', - } - ) + i18n.translate('xpack.osquery.pack.queryFlyoutForm.ecsFieldRequiredErrorMessage', { + defaultMessage: 'ECS field is required.', + }) )(args); // @ts-expect-error update types @@ -356,12 +356,9 @@ const getOsqueryResultFieldValidator = args: ValidationFuncArg ) => { const fieldRequiredError = fieldValidators.emptyField( - i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queryFlyoutForm.osqueryResultFieldRequiredErrorMessage', - { - defaultMessage: 'Osquery result is required.', - } - ) + i18n.translate('xpack.osquery.pack.queryFlyoutForm.osqueryResultFieldRequiredErrorMessage', { + defaultMessage: 'Osquery result is required.', + }) )(args); if (fieldRequiredError && ((!editForm && args.formData.key.length) || editForm)) { @@ -377,7 +374,7 @@ const getOsqueryResultFieldValidator = code: 'ERR_FIELD_FORMAT', path: args.path, message: i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queryFlyoutForm.osqueryResultFieldValueMissingErrorMessage', + 'xpack.osquery.pack.queryFlyoutForm.osqueryResultFieldValueMissingErrorMessage', { defaultMessage: 'The current query does not return a {columnName} field', values: { @@ -409,14 +406,11 @@ interface ECSMappingEditorFormRef { } export const ECSMappingEditorForm = forwardRef( - ({ osquerySchemaOptions, defaultValue, onAdd, onChange, onDelete }, ref) => { + ({ isDisabled, osquerySchemaOptions, defaultValue, onAdd, onChange, onDelete }, ref) => { const editForm = !!defaultValue; const currentFormData = useRef(defaultValue); const formSchema = { key: { - label: i18n.translate('xpack.osquery.scheduledQueryGroup.queryFlyoutForm.ecsFieldLabel', { - defaultMessage: 'ECS field', - }), type: FIELD_TYPES.COMBO_BOX, fieldsToValidateOnChange: ['value.field'], validations: [ @@ -426,12 +420,6 @@ export const ECSMappingEditorForm = forwardRef - - - - + + + + + + + + - + - - - {defaultValue ? ( - - ) : ( - - )} - - - + {!isDisabled && ( + + + {defaultValue ? ( + + ) : ( + + )} + + + )} + @@ -583,7 +582,12 @@ interface OsqueryColumn { index: boolean; } -export const ECSMappingEditorField = ({ field, query, fieldRef }: ECSMappingEditorFieldProps) => { +export const ECSMappingEditorField = ({ + field, + query, + fieldRef, + euiFieldProps, +}: ECSMappingEditorFieldProps) => { const { setValue, value = {} } = field; const [osquerySchemaOptions, setOsquerySchemaOptions] = useState([]); const formRefs = useRef>({}); @@ -851,20 +855,39 @@ export const ECSMappingEditorField = ({ field, query, fieldRef }: ECSMappingEdit
- + + + + + + + + + + + + + + {Object.entries(value).map(([ecsKey, ecsValue]) => ( ))} - { - if (formRef) { - formRefs.current.new = formRef; - } - }} - osquerySchemaOptions={osquerySchemaOptions} - onAdd={handleAddRow} - /> + {!euiFieldProps?.isDisabled && ( + { + if (formRef) { + formRefs.current.new = formRef; + } + }} + osquerySchemaOptions={osquerySchemaOptions} + onAdd={handleAddRow} + /> + )} ); }; diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/lazy_ecs_mapping_editor_field.tsx b/x-pack/plugins/osquery/public/packs/queries/lazy_ecs_mapping_editor_field.tsx similarity index 100% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/lazy_ecs_mapping_editor_field.tsx rename to x-pack/plugins/osquery/public/packs/queries/lazy_ecs_mapping_editor_field.tsx diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/platform_checkbox_group_field.tsx b/x-pack/plugins/osquery/public/packs/queries/platform_checkbox_group_field.tsx similarity index 93% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/platform_checkbox_group_field.tsx rename to x-pack/plugins/osquery/public/packs/queries/platform_checkbox_group_field.tsx index 0d455486bfa25f4..35f866ac6cffe3d 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/platform_checkbox_group_field.tsx +++ b/x-pack/plugins/osquery/public/packs/queries/platform_checkbox_group_field.tsx @@ -43,7 +43,7 @@ export const PlatformCheckBoxGroupField = ({ @@ -59,7 +59,7 @@ export const PlatformCheckBoxGroupField = ({ @@ -75,7 +75,7 @@ export const PlatformCheckBoxGroupField = ({ diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/constants.ts b/x-pack/plugins/osquery/public/packs/queries/platforms/constants.ts similarity index 100% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/constants.ts rename to x-pack/plugins/osquery/public/packs/queries/platforms/constants.ts diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/helpers.tsx b/x-pack/plugins/osquery/public/packs/queries/platforms/helpers.tsx similarity index 100% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/helpers.tsx rename to x-pack/plugins/osquery/public/packs/queries/platforms/helpers.tsx diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/index.tsx b/x-pack/plugins/osquery/public/packs/queries/platforms/index.tsx similarity index 100% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/index.tsx rename to x-pack/plugins/osquery/public/packs/queries/platforms/index.tsx diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/logos/linux.svg b/x-pack/plugins/osquery/public/packs/queries/platforms/logos/linux.svg similarity index 100% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/logos/linux.svg rename to x-pack/plugins/osquery/public/packs/queries/platforms/logos/linux.svg diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/logos/macos.svg b/x-pack/plugins/osquery/public/packs/queries/platforms/logos/macos.svg similarity index 100% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/logos/macos.svg rename to x-pack/plugins/osquery/public/packs/queries/platforms/logos/macos.svg diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/logos/windows.svg b/x-pack/plugins/osquery/public/packs/queries/platforms/logos/windows.svg similarity index 100% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/logos/windows.svg rename to x-pack/plugins/osquery/public/packs/queries/platforms/logos/windows.svg diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/platform_icon.tsx b/x-pack/plugins/osquery/public/packs/queries/platforms/platform_icon.tsx similarity index 100% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/platform_icon.tsx rename to x-pack/plugins/osquery/public/packs/queries/platforms/platform_icon.tsx diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/types.ts b/x-pack/plugins/osquery/public/packs/queries/platforms/types.ts similarity index 100% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/platforms/types.ts rename to x-pack/plugins/osquery/public/packs/queries/platforms/types.ts diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/query_flyout.tsx b/x-pack/plugins/osquery/public/packs/queries/query_flyout.tsx similarity index 68% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/query_flyout.tsx rename to x-pack/plugins/osquery/public/packs/queries/query_flyout.tsx index d38c1b2118f244f..0c08e781c9f2c51 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/query_flyout.tsx +++ b/x-pack/plugins/osquery/public/packs/queries/query_flyout.tsx @@ -7,7 +7,6 @@ import { isEmpty } from 'lodash'; import { - EuiCallOut, EuiFlyout, EuiTitle, EuiSpacer, @@ -23,18 +22,12 @@ import { import React, { useCallback, useMemo, useState, useRef } from 'react'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { satisfies } from 'semver'; import { CodeEditorField } from '../../saved_queries/form/code_editor_field'; import { Form, getUseField, Field, useFormData } from '../../shared_imports'; import { PlatformCheckBoxGroupField } from './platform_checkbox_group_field'; import { ALL_OSQUERY_VERSIONS_OPTIONS } from './constants'; -import { - UseScheduledQueryGroupQueryFormProps, - ScheduledQueryGroupFormData, - useScheduledQueryGroupQueryForm, -} from './use_scheduled_query_group_query_form'; -import { ManageIntegrationLink } from '../../components/manage_integration_link'; +import { UsePackQueryFormProps, PackFormData, usePackQueryForm } from './use_pack_query_form'; import { SavedQueriesDropdown } from '../../saved_queries/saved_queries_dropdown'; import { ECSMappingEditorField, ECSMappingEditorFieldRef } from './lazy_ecs_mapping_editor_field'; @@ -42,22 +35,20 @@ const CommonUseField = getUseField({ component: Field }); interface QueryFlyoutProps { uniqueQueryIds: string[]; - defaultValue?: UseScheduledQueryGroupQueryFormProps['defaultValue'] | undefined; - integrationPackageVersion?: string | undefined; - onSave: (payload: ScheduledQueryGroupFormData) => Promise; + defaultValue?: UsePackQueryFormProps['defaultValue'] | undefined; + onSave: (payload: PackFormData) => Promise; onClose: () => void; } const QueryFlyoutComponent: React.FC = ({ uniqueQueryIds, defaultValue, - integrationPackageVersion, onSave, onClose, }) => { const ecsFieldRef = useRef(); const [isEditMode] = useState(!!defaultValue); - const { form } = useScheduledQueryGroupQueryForm({ + const { form } = usePackQueryForm({ uniqueQueryIds, defaultValue, handleSubmit: async (payload, isValid) => { @@ -76,12 +67,6 @@ const QueryFlyoutComponent: React.FC = ({ }, }); - /* Platform and version fields are supported since osquery_manager@0.3.0 */ - const isFieldSupported = useMemo( - () => (integrationPackageVersion ? satisfies(integrationPackageVersion, '>=0.3.0') : false), - [integrationPackageVersion] - ); - const { submit, setFieldValue, reset, isSubmitting } = form; const [{ query }] = useFormData({ @@ -106,15 +91,19 @@ const QueryFlyoutComponent: React.FC = ({ setFieldValue('interval', savedQuery.interval); } - if (isFieldSupported && savedQuery.platform) { + if (savedQuery.platform) { setFieldValue('platform', savedQuery.platform); } - if (isFieldSupported && savedQuery.version) { + if (savedQuery.version) { setFieldValue('version', [savedQuery.version]); } + + if (savedQuery.ecs_mapping) { + setFieldValue('ecs_mapping', savedQuery.ecs_mapping); + } }, - [isFieldSupported, setFieldValue, reset] + [setFieldValue, reset] ); /* Avoids accidental closing of the flyout when the user clicks outside of the flyout */ @@ -133,12 +122,12 @@ const QueryFlyoutComponent: React.FC = ({

{isEditMode ? ( ) : ( )} @@ -171,7 +160,7 @@ const QueryFlyoutComponent: React.FC = ({ @@ -179,27 +168,18 @@ const QueryFlyoutComponent: React.FC = ({ } // eslint-disable-next-line react-perf/jsx-no-new-object-as-prop euiFieldProps={{ - isDisabled: !isFieldSupported, noSuggestions: false, singleSelection: { asPlainText: true }, - placeholder: i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queriesTable.osqueryVersionAllLabel', - { - defaultMessage: 'ALL', - } - ), + placeholder: i18n.translate('xpack.osquery.queriesTable.osqueryVersionAllLabel', { + defaultMessage: 'ALL', + }), options: ALL_OSQUERY_VERSIONS_OPTIONS, onCreateOption: undefined, }} /> - + @@ -214,33 +194,13 @@ const QueryFlyoutComponent: React.FC = ({ - {!isFieldSupported ? ( - - } - iconType="pin" - > - - - - - - - ) : null} @@ -248,7 +208,7 @@ const QueryFlyoutComponent: React.FC = ({ diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/schema.tsx b/x-pack/plugins/osquery/public/packs/queries/schema.tsx similarity index 71% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/schema.tsx rename to x-pack/plugins/osquery/public/packs/queries/schema.tsx index f3bd150c8d3c39b..596b65a518b0aae 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/schema.tsx +++ b/x-pack/plugins/osquery/public/packs/queries/schema.tsx @@ -21,24 +21,21 @@ import { export const createFormSchema = (ids: Set) => ({ id: { type: FIELD_TYPES.TEXT, - label: i18n.translate('xpack.osquery.scheduledQueryGroup.queryFlyoutForm.idFieldLabel', { + label: i18n.translate('xpack.osquery.pack.queryFlyoutForm.idFieldLabel', { defaultMessage: 'ID', }), validations: createIdFieldValidations(ids).map((validator) => ({ validator })), }, description: { type: FIELD_TYPES.TEXT, - label: i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queryFlyoutForm.descriptionFieldLabel', - { - defaultMessage: 'Description', - } - ), + label: i18n.translate('xpack.osquery.pack.queryFlyoutForm.descriptionFieldLabel', { + defaultMessage: 'Description', + }), validations: [], }, query: { type: FIELD_TYPES.TEXT, - label: i18n.translate('xpack.osquery.scheduledQueryGroup.queryFlyoutForm.queryFieldLabel', { + label: i18n.translate('xpack.osquery.pack.queryFlyoutForm.queryFieldLabel', { defaultMessage: 'Query', }), validations: [{ validator: queryFieldValidation }], @@ -46,14 +43,14 @@ export const createFormSchema = (ids: Set) => ({ interval: { defaultValue: 3600, type: FIELD_TYPES.NUMBER, - label: i18n.translate('xpack.osquery.scheduledQueryGroup.queryFlyoutForm.intervalFieldLabel', { + label: i18n.translate('xpack.osquery.pack.queryFlyoutForm.intervalFieldLabel', { defaultMessage: 'Interval (s)', }), validations: [{ validator: intervalFieldValidation }], }, platform: { type: FIELD_TYPES.TEXT, - label: i18n.translate('xpack.osquery.scheduledQueryGroup.queryFlyoutForm.platformFieldLabel', { + label: i18n.translate('xpack.osquery.pack.queryFlyoutForm.platformFieldLabel', { defaultMessage: 'Platform', }), validations: [], @@ -65,7 +62,7 @@ export const createFormSchema = (ids: Set) => ({ @@ -73,4 +70,9 @@ export const createFormSchema = (ids: Set) => ({ ) as unknown as string, validations: [], }, + ecs_mapping: { + defaultValue: {}, + type: FIELD_TYPES.JSON, + validations: [], + }, }); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/use_scheduled_query_group_query_form.tsx b/x-pack/plugins/osquery/public/packs/queries/use_pack_query_form.tsx similarity index 60% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/use_scheduled_query_group_query_form.tsx rename to x-pack/plugins/osquery/public/packs/queries/use_pack_query_form.tsx index 5881612e182191f..a6cb38e24877460 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/use_scheduled_query_group_query_form.tsx +++ b/x-pack/plugins/osquery/public/packs/queries/use_pack_query_form.tsx @@ -11,23 +11,31 @@ import { produce } from 'immer'; import { useMemo } from 'react'; import { FormConfig, useForm } from '../../shared_imports'; -import { OsqueryManagerPackagePolicyConfigRecord } from '../../../common/types'; import { createFormSchema } from './schema'; const FORM_ID = 'editQueryFlyoutForm'; -export interface UseScheduledQueryGroupQueryFormProps { +export interface UsePackQueryFormProps { uniqueQueryIds: string[]; - defaultValue?: OsqueryManagerPackagePolicyConfigRecord | undefined; - handleSubmit: FormConfig['onSubmit']; + defaultValue?: PackFormData | undefined; + handleSubmit: FormConfig['onSubmit']; } -export interface ScheduledQueryGroupFormData { +export interface PackSOFormData { id: string; query: string; interval: number; platform?: string | undefined; - version?: string[] | undefined; + version?: string | undefined; + ecs_mapping?: Array<{ field: string; value: string }> | undefined; +} + +export interface PackFormData { + id: string; + query: string; + interval: number; + platform?: string | undefined; + version?: string | undefined; ecs_mapping?: | Record< string, @@ -38,14 +46,13 @@ export interface ScheduledQueryGroupFormData { | undefined; } -export const useScheduledQueryGroupQueryForm = ({ +export const usePackQueryForm = ({ uniqueQueryIds, defaultValue, handleSubmit, -}: UseScheduledQueryGroupQueryFormProps) => { +}: UsePackQueryFormProps) => { const idSet = useMemo>( - () => - new Set(xor(uniqueQueryIds, defaultValue?.id.value ? [defaultValue.id.value] : [])), + () => new Set(xor(uniqueQueryIds, defaultValue?.id ? [defaultValue.id] : [])), [uniqueQueryIds, defaultValue] ); const formSchema = useMemo>( @@ -53,7 +60,7 @@ export const useScheduledQueryGroupQueryForm = ({ [idSet] ); - return useForm({ + return useForm({ id: FORM_ID + uuid.v4(), onSubmit: async (formData, isValid) => { if (isValid && handleSubmit) { @@ -62,24 +69,14 @@ export const useScheduledQueryGroupQueryForm = ({ } }, options: { - stripEmptyFields: false, + stripEmptyFields: true, }, + // @ts-expect-error update types defaultValue: defaultValue || { - id: { - type: 'text', - value: '', - }, - query: { - type: 'text', - value: '', - }, - interval: { - type: 'integer', - value: '3600', - }, - ecs_mapping: { - value: {}, - }, + id: '', + query: '', + interval: 3600, + ecs_mapping: {}, }, // @ts-expect-error update types serializer: (payload) => @@ -95,7 +92,6 @@ export const useScheduledQueryGroupQueryForm = ({ if (!draft.version.length) { delete draft.version; } else { - // @ts-expect-error update types draft.version = draft.version[0]; } } @@ -104,18 +100,20 @@ export const useScheduledQueryGroupQueryForm = ({ } return draft; }), + // @ts-expect-error update types deserializer: (payload) => { - if (!payload) return {} as ScheduledQueryGroupFormData; + if (!payload) return {} as PackFormData; return { - id: payload.id.value, - query: payload.query.value, - interval: parseInt(payload.interval.value, 10), - platform: payload.platform?.value, - version: payload.version?.value ? [payload.version?.value] : [], - ecs_mapping: payload.ecs_mapping?.value ?? {}, + id: payload.id, + query: payload.query, + interval: payload.interval, + platform: payload.platform, + version: payload.version ? [payload.version] : [], + ecs_mapping: payload.ecs_mapping ?? {}, }; }, + // @ts-expect-error update types schema: formSchema, }); }; diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/validations.ts b/x-pack/plugins/osquery/public/packs/queries/validations.ts similarity index 72% rename from x-pack/plugins/osquery/public/scheduled_query_groups/queries/validations.ts rename to x-pack/plugins/osquery/public/packs/queries/validations.ts index c9f128b8e5d7942..1c568337524c70a 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/queries/validations.ts +++ b/x-pack/plugins/osquery/public/packs/queries/validations.ts @@ -12,11 +12,11 @@ export { queryFieldValidation } from '../../common/validations'; const idPattern = /^[a-zA-Z0-9-_]+$/; // eslint-disable-next-line @typescript-eslint/no-explicit-any -const idSchemaValidation: ValidationFunc = ({ value }) => { +export const idSchemaValidation: ValidationFunc = ({ value }) => { const valueIsValid = idPattern.test(value); if (!valueIsValid) { return { - message: i18n.translate('xpack.osquery.scheduledQueryGroup.queryFlyoutForm.invalidIdError', { + message: i18n.translate('xpack.osquery.pack.queryFlyoutForm.invalidIdError', { defaultMessage: 'Characters must be alphanumeric, _, or -', }), }; @@ -28,7 +28,7 @@ const createUniqueIdValidation = (ids: Set) => { const uniqueIdCheck: ValidationFunc = ({ value }) => { if (ids.has(value)) { return { - message: i18n.translate('xpack.osquery.scheduledQueryGroup.queryFlyoutForm.uniqueIdError', { + message: i18n.translate('xpack.osquery.pack.queryFlyoutForm.uniqueIdError', { defaultMessage: 'ID must be unique', }), }; @@ -39,7 +39,7 @@ const createUniqueIdValidation = (ids: Set) => { export const createIdFieldValidations = (ids: Set) => [ fieldValidators.emptyField( - i18n.translate('xpack.osquery.scheduledQueryGroup.queryFlyoutForm.emptyIdError', { + i18n.translate('xpack.osquery.pack.queryFlyoutForm.emptyIdError', { defaultMessage: 'ID is required', }) ), @@ -54,10 +54,7 @@ export const intervalFieldValidation: ValidationFunc< number > = fieldValidators.numberGreaterThanField({ than: 0, - message: i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queryFlyoutForm.invalidIntervalField', - { - defaultMessage: 'A positive interval value is required', - } - ), + message: i18n.translate('xpack.osquery.pack.queryFlyoutForm.invalidIntervalField', { + defaultMessage: 'A positive interval value is required', + }), }); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/scheduled_query_errors_table.tsx b/x-pack/plugins/osquery/public/packs/scheduled_query_errors_table.tsx similarity index 89% rename from x-pack/plugins/osquery/public/scheduled_query_groups/scheduled_query_errors_table.tsx rename to x-pack/plugins/osquery/public/packs/scheduled_query_errors_table.tsx index 71ae34660322936..2174c7ce1cc8f3d 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/scheduled_query_errors_table.tsx +++ b/x-pack/plugins/osquery/public/packs/scheduled_query_errors_table.tsx @@ -13,10 +13,11 @@ import { stringify } from 'querystring'; import { useKibana, isModifiedEvent, isLeftClickEvent } from '../common/lib/kibana'; import { AgentIdToName } from '../agents/agent_id_to_name'; -import { useScheduledQueryGroupQueryErrors } from './use_scheduled_query_group_query_errors'; +import { usePackQueryErrors } from './use_pack_query_errors'; +import { SearchHit } from '../../common/search_strategy'; const VIEW_IN_LOGS = i18n.translate( - 'xpack.osquery.scheduledQueryGroup.queriesTable.viewLogsErrorsActionAriaLabel', + 'xpack.osquery.pack.queriesTable.viewLogsErrorsActionAriaLabel', { defaultMessage: 'View in Logs', } @@ -82,12 +83,10 @@ const renderErrorMessage = (error: string) => ( const ScheduledQueryErrorsTableComponent: React.FC = ({ actionId, - agentIds, interval, }) => { - const { data: lastErrorsData } = useScheduledQueryGroupQueryErrors({ + const { data: lastErrorsData } = usePackQueryErrors({ actionId, - agentIds, interval, }); @@ -139,8 +138,14 @@ const ScheduledQueryErrorsTableComponent: React.FC; + return ( + + // eslint-disable-next-line react-perf/jsx-no-new-array-as-prop + items={lastErrorsData?.hits ?? []} + columns={columns} + pagination={true} + /> + ); }; export const ScheduledQueryErrorsTable = React.memo(ScheduledQueryErrorsTableComponent); diff --git a/x-pack/plugins/osquery/public/packs/use_create_pack.ts b/x-pack/plugins/osquery/public/packs/use_create_pack.ts new file mode 100644 index 000000000000000..05756afde40d834 --- /dev/null +++ b/x-pack/plugins/osquery/public/packs/use_create_pack.ts @@ -0,0 +1,56 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { useMutation, useQueryClient } from 'react-query'; +import { i18n } from '@kbn/i18n'; + +import { useKibana } from '../common/lib/kibana'; +import { PLUGIN_ID } from '../../common'; +import { pagePathGetters } from '../common/page_paths'; +import { PACKS_ID } from './constants'; +import { useErrorToast } from '../common/hooks/use_error_toast'; + +interface UseCreatePackProps { + withRedirect?: boolean; +} + +export const useCreatePack = ({ withRedirect }: UseCreatePackProps) => { + const queryClient = useQueryClient(); + const { + application: { navigateToApp }, + http, + notifications: { toasts }, + } = useKibana().services; + const setErrorToast = useErrorToast(); + + return useMutation( + (payload) => + http.post('/internal/osquery/packs', { + body: JSON.stringify(payload), + }), + { + onError: (error) => { + // @ts-expect-error update types + setErrorToast(error, { title: error.body.error, toastMessage: error.body.message }); + }, + onSuccess: (payload) => { + queryClient.invalidateQueries(PACKS_ID); + if (withRedirect) { + navigateToApp(PLUGIN_ID, { path: pagePathGetters.packs() }); + } + toasts.addSuccess( + i18n.translate('xpack.osquery.newPack.successToastMessageText', { + defaultMessage: 'Successfully created "{packName}" pack', + values: { + packName: payload.attributes?.name ?? '', + }, + }) + ); + }, + } + ); +}; diff --git a/x-pack/plugins/osquery/public/packs/use_delete_pack.ts b/x-pack/plugins/osquery/public/packs/use_delete_pack.ts new file mode 100644 index 000000000000000..1e5b55b90600f80 --- /dev/null +++ b/x-pack/plugins/osquery/public/packs/use_delete_pack.ts @@ -0,0 +1,50 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { useMutation, useQueryClient } from 'react-query'; +import { i18n } from '@kbn/i18n'; + +import { useKibana } from '../common/lib/kibana'; +import { PLUGIN_ID } from '../../common'; +import { pagePathGetters } from '../common/page_paths'; +import { PACKS_ID } from './constants'; +import { useErrorToast } from '../common/hooks/use_error_toast'; + +interface UseDeletePackProps { + packId: string; + withRedirect?: boolean; +} + +export const useDeletePack = ({ packId, withRedirect }: UseDeletePackProps) => { + const queryClient = useQueryClient(); + const { + application: { navigateToApp }, + http, + notifications: { toasts }, + } = useKibana().services; + const setErrorToast = useErrorToast(); + + return useMutation(() => http.delete(`/internal/osquery/packs/${packId}`), { + onError: (error: { body: { error: string; message: string } }) => { + setErrorToast(error, { + title: error.body.error, + toastMessage: error.body.message, + }); + }, + onSuccess: () => { + queryClient.invalidateQueries(PACKS_ID); + if (withRedirect) { + navigateToApp(PLUGIN_ID, { path: pagePathGetters.packs() }); + } + toasts.addSuccess( + i18n.translate('xpack.osquery.deletePack.successToastMessageText', { + defaultMessage: 'Successfully deleted pack', + }) + ); + }, + }); +}; diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_group.ts b/x-pack/plugins/osquery/public/packs/use_pack.ts similarity index 56% rename from x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_group.ts rename to x-pack/plugins/osquery/public/packs/use_pack.ts index c3458698dd517e6..6aadedab206c43f 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_group.ts +++ b/x-pack/plugins/osquery/public/packs/use_pack.ts @@ -11,30 +11,20 @@ import { useKibana } from '../common/lib/kibana'; import { GetOnePackagePolicyResponse } from '../../../fleet/common'; import { OsqueryManagerPackagePolicy } from '../../common/types'; -interface UseScheduledQueryGroup { - scheduledQueryGroupId: string; +interface UsePack { + packId: string; skip?: boolean; } -export const useScheduledQueryGroup = ({ - scheduledQueryGroupId, - skip = false, -}: UseScheduledQueryGroup) => { +export const usePack = ({ packId, skip = false }: UsePack) => { const { http } = useKibana().services; return useQuery< Omit & { item: OsqueryManagerPackagePolicy }, unknown, OsqueryManagerPackagePolicy - >( - ['scheduledQueryGroup', { scheduledQueryGroupId }], - () => http.get(`/internal/osquery/scheduled_query_group/${scheduledQueryGroupId}`), - { - keepPreviousData: true, - enabled: !skip || !scheduledQueryGroupId, - select: (response) => response.item, - refetchOnReconnect: false, - refetchOnWindowFocus: false, - } - ); + >(['pack', { packId }], () => http.get(`/internal/osquery/packs/${packId}`), { + keepPreviousData: true, + enabled: !skip || !packId, + }); }; diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_group_query_errors.ts b/x-pack/plugins/osquery/public/packs/use_pack_query_errors.ts similarity index 80% rename from x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_group_query_errors.ts rename to x-pack/plugins/osquery/public/packs/use_pack_query_errors.ts index 338d97f8801c894..b88bd8ce5709ded 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_group_query_errors.ts +++ b/x-pack/plugins/osquery/public/packs/use_pack_query_errors.ts @@ -10,21 +10,19 @@ import { IndexPattern, SortDirection } from '../../../../../src/plugins/data/com import { useKibana } from '../common/lib/kibana'; -interface UseScheduledQueryGroupQueryErrorsProps { +interface UsePackQueryErrorsProps { actionId: string; - agentIds?: string[]; interval: number; logsIndexPattern?: IndexPattern; skip?: boolean; } -export const useScheduledQueryGroupQueryErrors = ({ +export const usePackQueryErrors = ({ actionId, - agentIds, interval, logsIndexPattern, skip = false, -}: UseScheduledQueryGroupQueryErrorsProps) => { +}: UsePackQueryErrorsProps) => { const data = useKibana().services.data; return useQuery( @@ -41,12 +39,6 @@ export const useScheduledQueryGroupQueryErrors = ({ query: { // @ts-expect-error update types bool: { - should: agentIds?.map((agentId) => ({ - match_phrase: { - 'elastic_agent.id': agentId, - }, - })), - minimum_should_match: 1, filter: [ { match_phrase: { @@ -81,7 +73,7 @@ export const useScheduledQueryGroupQueryErrors = ({ }, { keepPreviousData: true, - enabled: !!(!skip && actionId && interval && agentIds?.length && logsIndexPattern), + enabled: !!(!skip && actionId && interval && logsIndexPattern), select: (response) => response.rawResponse.hits ?? [], refetchOnReconnect: false, refetchOnWindowFocus: false, diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_group_query_last_results.ts b/x-pack/plugins/osquery/public/packs/use_pack_query_last_results.ts similarity index 79% rename from x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_group_query_last_results.ts rename to x-pack/plugins/osquery/public/packs/use_pack_query_last_results.ts index 7cfd6be461e051e..af3e5b23e80f807 100644 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_group_query_last_results.ts +++ b/x-pack/plugins/osquery/public/packs/use_pack_query_last_results.ts @@ -9,7 +9,7 @@ import { useQuery } from 'react-query'; import { IndexPattern } from '../../../../../src/plugins/data/common'; import { useKibana } from '../common/lib/kibana'; -interface UseScheduledQueryGroupQueryLastResultsProps { +interface UsePackQueryLastResultsProps { actionId: string; agentIds?: string[]; interval: number; @@ -17,13 +17,12 @@ interface UseScheduledQueryGroupQueryLastResultsProps { skip?: boolean; } -export const useScheduledQueryGroupQueryLastResults = ({ +export const usePackQueryLastResults = ({ actionId, - agentIds, interval, logsIndexPattern, skip = false, -}: UseScheduledQueryGroupQueryLastResultsProps) => { +}: UsePackQueryLastResultsProps) => { const data = useKibana().services.data; return useQuery( @@ -35,12 +34,6 @@ export const useScheduledQueryGroupQueryLastResults = ({ query: { // @ts-expect-error update types bool: { - should: agentIds?.map((agentId) => ({ - match_phrase: { - 'agent.id': agentId, - }, - })), - minimum_should_match: 1, filter: [ { match_phrase: { @@ -66,12 +59,6 @@ export const useScheduledQueryGroupQueryLastResults = ({ query: { // @ts-expect-error update types bool: { - should: agentIds?.map((agentId) => ({ - match_phrase: { - 'agent.id': agentId, - }, - })), - minimum_should_match: 1, filter: [ { match_phrase: { @@ -102,7 +89,7 @@ export const useScheduledQueryGroupQueryLastResults = ({ }, { keepPreviousData: true, - enabled: !!(!skip && actionId && interval && agentIds?.length && logsIndexPattern), + enabled: !!(!skip && actionId && interval && logsIndexPattern), refetchOnReconnect: false, refetchOnWindowFocus: false, } diff --git a/x-pack/plugins/osquery/public/packs/use_packs.ts b/x-pack/plugins/osquery/public/packs/use_packs.ts new file mode 100644 index 000000000000000..9870cb481450f81 --- /dev/null +++ b/x-pack/plugins/osquery/public/packs/use_packs.ts @@ -0,0 +1,34 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { useQuery } from 'react-query'; + +import { useKibana } from '../common/lib/kibana'; +import { PACKS_ID } from './constants'; + +export const usePacks = ({ + isLive = false, + pageIndex = 0, + pageSize = 10000, + sortField = 'updated_at', + sortDirection = 'desc', +}) => { + const { http } = useKibana().services; + + return useQuery( + [PACKS_ID, { pageIndex, pageSize, sortField, sortDirection }], + async () => + http.get('/internal/osquery/packs', { + query: { pageIndex, pageSize, sortField, sortDirection }, + }), + { + keepPreviousData: true, + // Refetch the data every 10 seconds + refetchInterval: isLive ? 10000 : false, + } + ); +}; diff --git a/x-pack/plugins/osquery/public/packs/use_update_pack.ts b/x-pack/plugins/osquery/public/packs/use_update_pack.ts new file mode 100644 index 000000000000000..d9aecbe9ac5982a --- /dev/null +++ b/x-pack/plugins/osquery/public/packs/use_update_pack.ts @@ -0,0 +1,60 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { useMutation, useQueryClient } from 'react-query'; +import { i18n } from '@kbn/i18n'; + +import { useKibana } from '../common/lib/kibana'; +import { PLUGIN_ID } from '../../common'; +import { pagePathGetters } from '../common/page_paths'; +import { PACKS_ID } from './constants'; +import { useErrorToast } from '../common/hooks/use_error_toast'; + +interface UseUpdatePackProps { + withRedirect?: boolean; + // eslint-disable-next-line @typescript-eslint/no-explicit-any + options?: any; +} + +export const useUpdatePack = ({ withRedirect, options }: UseUpdatePackProps) => { + const queryClient = useQueryClient(); + const { + application: { navigateToApp }, + http, + notifications: { toasts }, + } = useKibana().services; + const setErrorToast = useErrorToast(); + + return useMutation( + // @ts-expect-error update types + ({ id, ...payload }) => + http.put(`/internal/osquery/packs/${id}`, { + body: JSON.stringify(payload), + }), + { + onError: (error) => { + // @ts-expect-error update types + setErrorToast(error, { title: error.body.error, toastMessage: error.body.message }); + }, + onSuccess: (payload) => { + queryClient.invalidateQueries(PACKS_ID); + if (withRedirect) { + navigateToApp(PLUGIN_ID, { path: pagePathGetters.packs() }); + } + toasts.addSuccess( + i18n.translate('xpack.osquery.updatePack.successToastMessageText', { + defaultMessage: 'Successfully updated "{packName}" pack', + values: { + packName: payload.attributes?.name ?? '', + }, + }) + ); + }, + ...options, + } + ); +}; diff --git a/x-pack/plugins/osquery/public/results/results_table.tsx b/x-pack/plugins/osquery/public/results/results_table.tsx index c59cd6281a3642a..e0dfb208e0ebcab 100644 --- a/x-pack/plugins/osquery/public/results/results_table.tsx +++ b/x-pack/plugins/osquery/public/results/results_table.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import { isEmpty, isEqual, keys, map } from 'lodash/fp'; +import { get, isEmpty, isEqual, keys, map, reduce } from 'lodash/fp'; import { EuiCallOut, EuiCode, @@ -17,8 +17,10 @@ import { EuiLoadingContent, EuiProgress, EuiSpacer, + EuiIconTip, } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; +import { FormattedMessage } from '@kbn/i18n/react'; import React, { createContext, useEffect, useState, useCallback, useContext, useMemo } from 'react'; import { pagePathGetters } from '../../../fleet/public'; @@ -31,9 +33,10 @@ import { ViewResultsInDiscoverAction, ViewResultsInLensAction, ViewResultsActionButtonType, -} from '../scheduled_query_groups/scheduled_query_group_queries_status_table'; +} from '../packs/pack_queries_status_table'; import { useActionResultsPrivileges } from '../action_results/use_action_privileges'; import { OSQUERY_INTEGRATION_NAME } from '../../common'; +import { useActionDetails } from '../actions/use_action_details'; const DataContext = createContext([]); @@ -53,6 +56,8 @@ const ResultsTableComponent: React.FC = ({ }) => { const [isLive, setIsLive] = useState(true); const { data: hasActionResultsPrivileges } = useActionResultsPrivileges(); + const { data: actionDetails } = useActionDetails({ actionId }); + const { // @ts-expect-error update types data: { aggregations }, @@ -155,6 +160,59 @@ const ResultsTableComponent: React.FC = ({ [onChangeItemsPerPage, onChangePage, pagination] ); + const ecsMapping = useMemo(() => { + const mapping = get('actionDetails._source.data.ecs_mapping', actionDetails); + if (!mapping) return; + + return reduce( + (acc, [key, value]) => { + // @ts-expect-error update types + if (value?.field) { + // @ts-expect-error update types + acc[value?.field] = [...(acc[value?.field] ?? []), key]; + } + return acc; + }, + {}, + Object.entries(mapping) + ); + }, [actionDetails]); + + const getHeaderDisplay = useCallback( + (columnName: string) => { + // @ts-expect-error update types + if (ecsMapping && ecsMapping[columnName]) { + return ( + <> + {columnName}{' '} + + + {`:`} +
    + { + // @ts-expect-error update types + ecsMapping[columnName].map((fieldName) => ( +
  • {fieldName}
    • + )) + } +
+ + } + type="indexMapping" + /> + + ); + } + }, + [ecsMapping] + ); + useEffect(() => { if (!allResultsData?.edges) { return; @@ -186,6 +244,7 @@ const ResultsTableComponent: React.FC = ({ data.push({ id: fieldName, displayAsText, + display: getHeaderDisplay(displayAsText), defaultSortDirection: Direction.asc, }); seen.add(displayAsText); @@ -198,11 +257,11 @@ const ResultsTableComponent: React.FC = ({ { data: [], seen: new Set() } as { data: EuiDataGridColumn[]; seen: Set } ).data; - if (!isEqual(columns, newColumns)) { - setColumns(newColumns); - setVisibleColumns(map('id', newColumns)); - } - }, [columns, allResultsData?.edges]); + setColumns((currentColumns) => + !isEqual(map('id', currentColumns), map('id', newColumns)) ? newColumns : currentColumns + ); + setVisibleColumns(map('id', newColumns)); + }, [allResultsData?.edges, getHeaderDisplay]); const toolbarVisibility = useMemo( () => ({ diff --git a/x-pack/plugins/osquery/public/results/translations.ts b/x-pack/plugins/osquery/public/results/translations.ts index e4f71d818f01d36..ca6b4a520339977 100644 --- a/x-pack/plugins/osquery/public/results/translations.ts +++ b/x-pack/plugins/osquery/public/results/translations.ts @@ -7,13 +7,12 @@ import { i18n } from '@kbn/i18n'; -export const generateEmptyDataMessage = (agentsResponded: number): string => { - return i18n.translate('xpack.osquery.results.multipleAgentsResponded', { +export const generateEmptyDataMessage = (agentsResponded: number): string => + i18n.translate('xpack.osquery.results.multipleAgentsResponded', { defaultMessage: '{agentsResponded, plural, one {# agent has} other {# agents have}} responded, no osquery data has been reported.', values: { agentsResponded }, }); -}; export const ERROR_ALL_RESULTS = i18n.translate('xpack.osquery.results.errorSearchDescription', { defaultMessage: `An error has occurred on all results search`, diff --git a/x-pack/plugins/osquery/public/routes/index.tsx b/x-pack/plugins/osquery/public/routes/index.tsx index a858a51aad64e35..48ce8a7619e13db 100644 --- a/x-pack/plugins/osquery/public/routes/index.tsx +++ b/x-pack/plugins/osquery/public/routes/index.tsx @@ -10,20 +10,20 @@ import { Switch, Redirect, Route } from 'react-router-dom'; import { useBreadcrumbs } from '../common/hooks/use_breadcrumbs'; import { LiveQueries } from './live_queries'; -import { ScheduledQueryGroups } from './scheduled_query_groups'; import { SavedQueries } from './saved_queries'; +import { Packs } from './packs'; const OsqueryAppRoutesComponent = () => { useBreadcrumbs('base'); return ( + + + - - - diff --git a/x-pack/plugins/osquery/public/routes/live_queries/new/index.tsx b/x-pack/plugins/osquery/public/routes/live_queries/new/index.tsx index cc37e1bc95a91ad..28db39ac1805f55 100644 --- a/x-pack/plugins/osquery/public/routes/live_queries/new/index.tsx +++ b/x-pack/plugins/osquery/public/routes/live_queries/new/index.tsx @@ -22,20 +22,20 @@ const NewLiveQueryPageComponent = () => { const { replace } = useHistory(); const location = useLocation(); const liveQueryListProps = useRouterNavigate('live_queries'); - const [initialQuery, setInitialQuery] = useState(undefined); + const [initialFormData, setInitialFormData] = useState | undefined>({}); - const agentPolicyId = useMemo(() => { + const agentPolicyIds = useMemo(() => { const queryParams = qs.parse(location.search); - return queryParams?.agentPolicyId as string | undefined; + return queryParams?.agentPolicyId ? ([queryParams?.agentPolicyId] as string[]) : undefined; }, [location.search]); useEffect(() => { - if (location.state?.form.query) { + if (location.state?.form) { + setInitialFormData(location.state?.form); replace({ state: null }); - setInitialQuery(location.state?.form.query); } - }, [location.state?.form.query, replace]); + }, [location.state?.form, replace]); const LeftColumn = useMemo( () => ( @@ -66,7 +66,7 @@ const NewLiveQueryPageComponent = () => { return ( - + ); }; diff --git a/x-pack/plugins/osquery/public/routes/packs/add/index.tsx b/x-pack/plugins/osquery/public/routes/packs/add/index.tsx new file mode 100644 index 000000000000000..b34550d07f81131 --- /dev/null +++ b/x-pack/plugins/osquery/public/routes/packs/add/index.tsx @@ -0,0 +1,53 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { EuiButtonEmpty, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n/react'; +import React, { useMemo } from 'react'; + +import { WithHeaderLayout } from '../../../components/layouts'; +import { useRouterNavigate } from '../../../common/lib/kibana'; +import { PackForm } from '../../../packs/form'; +import { useBreadcrumbs } from '../../../common/hooks/use_breadcrumbs'; +import { BetaBadge, BetaBadgeRowWrapper } from '../../../components/beta_badge'; + +const AddPackPageComponent = () => { + useBreadcrumbs('pack_add'); + const packListProps = useRouterNavigate('packs'); + + const LeftColumn = useMemo( + () => ( + + + + + + + + +

+ +

+ + + + + ), + [packListProps] + ); + + return ( + + + + ); +}; + +export const AddPackPage = React.memo(AddPackPageComponent); diff --git a/x-pack/plugins/osquery/public/routes/scheduled_query_groups/details/index.tsx b/x-pack/plugins/osquery/public/routes/packs/details/index.tsx similarity index 65% rename from x-pack/plugins/osquery/public/routes/scheduled_query_groups/details/index.tsx rename to x-pack/plugins/osquery/public/routes/packs/details/index.tsx index 35184ec4bcbc8f1..063cc75db2572ff 100644 --- a/x-pack/plugins/osquery/public/routes/scheduled_query_groups/details/index.tsx +++ b/x-pack/plugins/osquery/public/routes/packs/details/index.tsx @@ -23,10 +23,9 @@ import styled from 'styled-components'; import { useKibana, useRouterNavigate } from '../../../common/lib/kibana'; import { WithHeaderLayout } from '../../../components/layouts'; -import { useScheduledQueryGroup } from '../../../scheduled_query_groups/use_scheduled_query_group'; -import { ScheduledQueryGroupQueriesStatusTable } from '../../../scheduled_query_groups/scheduled_query_group_queries_status_table'; +import { usePack } from '../../../packs/use_pack'; +import { PackQueriesStatusTable } from '../../../packs/pack_queries_status_table'; import { useBreadcrumbs } from '../../../common/hooks/use_breadcrumbs'; -import { AgentsPolicyLink } from '../../../agent_policies/agents_policy_link'; import { BetaBadge, BetaBadgeRowWrapper } from '../../../components/beta_badge'; import { useAgentPolicyAgentIds } from '../../../agents/use_agent_policy_agent_ids'; @@ -36,35 +35,36 @@ const Divider = styled.div` border-left: ${({ theme }) => theme.eui.euiBorderThin}; `; -const ScheduledQueryGroupDetailsPageComponent = () => { +const PackDetailsPageComponent = () => { const permissions = useKibana().services.application.capabilities.osquery; - const { scheduledQueryGroupId } = useParams<{ scheduledQueryGroupId: string }>(); - const scheduledQueryGroupsListProps = useRouterNavigate('scheduled_query_groups'); - const editQueryLinkProps = useRouterNavigate( - `scheduled_query_groups/${scheduledQueryGroupId}/edit` - ); + const { packId } = useParams<{ packId: string }>(); + const packsListProps = useRouterNavigate('packs'); + const editQueryLinkProps = useRouterNavigate(`packs/${packId}/edit`); - const { data } = useScheduledQueryGroup({ scheduledQueryGroupId }); + const { data } = usePack({ packId }); const { data: agentIds } = useAgentPolicyAgentIds({ agentPolicyId: data?.policy_id, skip: !data, }); - useBreadcrumbs('scheduled_query_group_details', { scheduledQueryGroupName: data?.name ?? '' }); + useBreadcrumbs('pack_details', { packName: data?.name ?? '' }); + + const queriesArray = useMemo( + () => + // @ts-expect-error update types + (data?.queries && Object.entries(data.queries).map(([id, query]) => ({ ...query, id }))) ?? + [], + [data] + ); const LeftColumn = useMemo( () => ( - + @@ -72,7 +72,7 @@ const ScheduledQueryGroupDetailsPageComponent = () => {

{ )} ), - [data?.description, data?.name, scheduledQueryGroupsListProps] + [data?.description, data?.name, packsListProps] ); const RightColumn = useMemo( @@ -104,12 +104,15 @@ const ScheduledQueryGroupDetailsPageComponent = () => { - {data?.policy_id ? : null} + { + // @ts-expect-error update types + data?.policy_ids?.length + } @@ -124,27 +127,24 @@ const ScheduledQueryGroupDetailsPageComponent = () => { isDisabled={!permissions.writePacks} > ), - [data?.policy_id, editQueryLinkProps, permissions] + // @ts-expect-error update types + [data?.policy_ids, editQueryLinkProps, permissions] ); return ( {data && ( - + )} ); }; -export const ScheduledQueryGroupDetailsPage = React.memo(ScheduledQueryGroupDetailsPageComponent); +export const PackDetailsPage = React.memo(PackDetailsPageComponent); diff --git a/x-pack/plugins/osquery/public/routes/packs/edit/index.tsx b/x-pack/plugins/osquery/public/routes/packs/edit/index.tsx new file mode 100644 index 000000000000000..bd1d7a5e0875cde --- /dev/null +++ b/x-pack/plugins/osquery/public/routes/packs/edit/index.tsx @@ -0,0 +1,141 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { + EuiButton, + EuiButtonEmpty, + EuiConfirmModal, + EuiFlexGroup, + EuiFlexItem, + EuiLoadingContent, +} from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n/react'; +import React, { useCallback, useMemo, useState } from 'react'; +import { useParams } from 'react-router-dom'; + +import { WithHeaderLayout } from '../../../components/layouts'; +import { useRouterNavigate } from '../../../common/lib/kibana'; +import { PackForm } from '../../../packs/form'; +import { usePack } from '../../../packs/use_pack'; +import { useDeletePack } from '../../../packs/use_delete_pack'; + +import { useBreadcrumbs } from '../../../common/hooks/use_breadcrumbs'; +import { BetaBadge, BetaBadgeRowWrapper } from '../../../components/beta_badge'; + +const EditPackPageComponent = () => { + const { packId } = useParams<{ packId: string }>(); + const queryDetailsLinkProps = useRouterNavigate(`packs/${packId}`); + const [isDeleteModalVisible, setIsDeleteModalVisible] = useState(false); + + const { isLoading, data } = usePack({ packId }); + const deletePackMutation = useDeletePack({ packId, withRedirect: true }); + + useBreadcrumbs('pack_edit', { + packId: data?.id ?? '', + packName: data?.name ?? '', + }); + + const handleCloseDeleteConfirmationModal = useCallback(() => { + setIsDeleteModalVisible(false); + }, []); + + const handleDeleteClick = useCallback(() => { + setIsDeleteModalVisible(true); + }, []); + + const handleDeleteConfirmClick = useCallback(() => { + deletePackMutation.mutateAsync().then(() => { + handleCloseDeleteConfirmationModal(); + }); + }, [deletePackMutation, handleCloseDeleteConfirmationModal]); + + const LeftColumn = useMemo( + () => ( + + + + + + + + +

+ +

+ + + + + ), + [data?.name, queryDetailsLinkProps] + ); + + const RightColumn = useMemo( + () => ( + + + + ), + [handleDeleteClick] + ); + + if (isLoading) return null; + + return ( + + {!data ? : } + {isDeleteModalVisible ? ( + + } + onCancel={handleCloseDeleteConfirmationModal} + onConfirm={handleDeleteConfirmClick} + cancelButtonText={ + + } + confirmButtonText={ + + } + buttonColor="danger" + defaultFocusedButton="confirm" + > + + + ) : null} + + ); +}; + +export const EditPackPage = React.memo(EditPackPageComponent); diff --git a/x-pack/plugins/osquery/public/routes/scheduled_query_groups/index.tsx b/x-pack/plugins/osquery/public/routes/packs/index.tsx similarity index 53% rename from x-pack/plugins/osquery/public/routes/scheduled_query_groups/index.tsx rename to x-pack/plugins/osquery/public/routes/packs/index.tsx index 53bf4ae79a908dc..7b6f5ed5822929f 100644 --- a/x-pack/plugins/osquery/public/routes/scheduled_query_groups/index.tsx +++ b/x-pack/plugins/osquery/public/routes/packs/index.tsx @@ -8,17 +8,17 @@ import React from 'react'; import { Switch, Route, useRouteMatch } from 'react-router-dom'; -import { ScheduledQueryGroupsPage } from './list'; -import { AddScheduledQueryGroupPage } from './add'; -import { EditScheduledQueryGroupPage } from './edit'; -import { ScheduledQueryGroupDetailsPage } from './details'; +import { PacksPage } from './list'; +import { AddPackPage } from './add'; +import { EditPackPage } from './edit'; +import { PackDetailsPage } from './details'; import { useBreadcrumbs } from '../../common/hooks/use_breadcrumbs'; import { useKibana } from '../../common/lib/kibana'; import { MissingPrivileges } from '../components'; -const ScheduledQueryGroupsComponent = () => { +const PacksComponent = () => { const permissions = useKibana().services.application.capabilities.osquery; - useBreadcrumbs('scheduled_query_groups'); + useBreadcrumbs('packs'); const match = useRouteMatch(); if (!permissions.readPacks) { @@ -28,19 +28,19 @@ const ScheduledQueryGroupsComponent = () => { return ( - {permissions.writePacks ? : } + {permissions.writePacks ? : } - - {permissions.writePacks ? : } + + {permissions.writePacks ? : } - - + + - + ); }; -export const ScheduledQueryGroups = React.memo(ScheduledQueryGroupsComponent); +export const Packs = React.memo(PacksComponent); diff --git a/x-pack/plugins/osquery/public/routes/scheduled_query_groups/list/index.tsx b/x-pack/plugins/osquery/public/routes/packs/list/index.tsx similarity index 69% rename from x-pack/plugins/osquery/public/routes/scheduled_query_groups/list/index.tsx rename to x-pack/plugins/osquery/public/routes/packs/list/index.tsx index 006dd0e6ec1b61b..12f646e230ff690 100644 --- a/x-pack/plugins/osquery/public/routes/scheduled_query_groups/list/index.tsx +++ b/x-pack/plugins/osquery/public/routes/packs/list/index.tsx @@ -11,12 +11,12 @@ import React, { useMemo } from 'react'; import { useKibana, useRouterNavigate } from '../../../common/lib/kibana'; import { WithHeaderLayout } from '../../../components/layouts'; -import { ScheduledQueryGroupsTable } from '../../../scheduled_query_groups/scheduled_query_groups_table'; +import { PacksTable } from '../../../packs/packs_table'; import { BetaBadge, BetaBadgeRowWrapper } from '../../../components/beta_badge'; -const ScheduledQueryGroupsPageComponent = () => { +const PacksPageComponent = () => { const permissions = useKibana().services.application.capabilities.osquery; - const newQueryLinkProps = useRouterNavigate('scheduled_query_groups/add'); + const newQueryLinkProps = useRouterNavigate('packs/add'); const LeftColumn = useMemo( () => ( @@ -24,10 +24,7 @@ const ScheduledQueryGroupsPageComponent = () => {

- +

@@ -46,8 +43,8 @@ const ScheduledQueryGroupsPageComponent = () => { isDisabled={!permissions.writePacks} > ), @@ -56,9 +53,9 @@ const ScheduledQueryGroupsPageComponent = () => { return ( - + ); }; -export const ScheduledQueryGroupsPage = React.memo(ScheduledQueryGroupsPageComponent); +export const PacksPage = React.memo(PacksPageComponent); diff --git a/x-pack/plugins/osquery/public/routes/saved_queries/edit/form.tsx b/x-pack/plugins/osquery/public/routes/saved_queries/edit/form.tsx index 617d83821d08de5..c26bdb427041259 100644 --- a/x-pack/plugins/osquery/public/routes/saved_queries/edit/form.tsx +++ b/x-pack/plugins/osquery/public/routes/saved_queries/edit/form.tsx @@ -13,12 +13,12 @@ import { EuiFlexItem, EuiSpacer, } from '@elastic/eui'; -import React from 'react'; +import React, { useRef } from 'react'; import { FormattedMessage } from '@kbn/i18n/react'; import { useRouterNavigate } from '../../../common/lib/kibana'; import { Form } from '../../../shared_imports'; -import { SavedQueryForm } from '../../../saved_queries/form'; +import { SavedQueryForm, SavedQueryFormRefObject } from '../../../saved_queries/form'; import { useSavedQueryForm } from '../../../saved_queries/form/use_saved_query_form'; interface EditSavedQueryFormProps { @@ -32,17 +32,19 @@ const EditSavedQueryFormComponent: React.FC = ({ handleSubmit, viewMode, }) => { + const savedQueryFormRef = useRef(null); const savedQueryListProps = useRouterNavigate('saved_queries'); const { form } = useSavedQueryForm({ defaultValue, + savedQueryFormRef, handleSubmit, }); const { submit, isSubmitting } = form; return (
- + {!viewMode && ( <> diff --git a/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx b/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx index abed9fc1bce4879..71d0c886aac56ae 100644 --- a/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx +++ b/x-pack/plugins/osquery/public/routes/saved_queries/edit/index.tsx @@ -118,7 +118,6 @@ const EditSavedQueryPageComponent = () => { {!isLoading && !isEmpty(savedQueryDetails) && ( diff --git a/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx b/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx index 205099bb686180d..9f6ec176faac2c7 100644 --- a/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx +++ b/x-pack/plugins/osquery/public/routes/saved_queries/list/index.tsx @@ -19,34 +19,38 @@ import { FormattedMessage } from '@kbn/i18n/react'; import { useHistory } from 'react-router-dom'; import { SavedObject } from 'kibana/public'; +import { ECSMapping } from '../../../../common/schemas/common'; import { WithHeaderLayout } from '../../../components/layouts'; import { useBreadcrumbs } from '../../../common/hooks/use_breadcrumbs'; import { useKibana, useRouterNavigate } from '../../../common/lib/kibana'; import { BetaBadge, BetaBadgeRowWrapper } from '../../../components/beta_badge'; import { useSavedQueries } from '../../../saved_queries/use_saved_queries'; +type SavedQuerySO = SavedObject<{ + name: string; + query: string; + ecs_mapping: ECSMapping; + updated_at: string; +}>; interface PlayButtonProps { disabled: boolean; - savedQueryId: string; - savedQueryName: string; + savedQuery: SavedQuerySO; } -const PlayButtonComponent: React.FC = ({ - disabled = false, - savedQueryId, - savedQueryName, -}) => { +const PlayButtonComponent: React.FC = ({ disabled = false, savedQuery }) => { const { push } = useHistory(); - // TODO: Fix href + // TODO: Add href const handlePlayClick = useCallback( () => push('/live_queries/new', { form: { - savedQueryId, + savedQueryId: savedQuery.id, + query: savedQuery.attributes.query, + ecs_mapping: savedQuery.attributes.ecs_mapping, }, }), - [push, savedQueryId] + [push, savedQuery] ); return ( @@ -58,7 +62,7 @@ const PlayButtonComponent: React.FC = ({ aria-label={i18n.translate('xpack.osquery.savedQueryList.queriesTable.runActionAriaLabel', { defaultMessage: 'Run {savedQueryName}', values: { - savedQueryName, + savedQueryName: savedQuery.attributes.name, }, })} /> @@ -111,17 +115,16 @@ const SavedQueriesPageComponent = () => { const { data } = useSavedQueries({ isLive: true }); const renderEditAction = useCallback( - (item: SavedObject<{ name: string }>) => ( + (item: SavedQuerySO) => ( ), [] ); const renderPlayAction = useCallback( - (item: SavedObject<{ name: string }>) => ( + (item: SavedQuerySO) => ( ), @@ -169,7 +172,7 @@ const SavedQueriesPageComponent = () => { name: i18n.translate('xpack.osquery.savedQueries.table.updatedAtColumnTitle', { defaultMessage: 'Last updated at', }), - sortable: (item: SavedObject<{ updated_at: string }>) => + sortable: (item: SavedQuerySO) => item.attributes.updated_at ? Date.parse(item.attributes.updated_at) : 0, truncateText: true, render: renderUpdatedAt, @@ -249,11 +252,10 @@ const SavedQueriesPageComponent = () => { return ( - {data?.savedObjects && ( + {data?.saved_objects && ( = ({ defaultValue, handleSubmit, }) => { + const savedQueryFormRef = useRef(null); const savedQueryListProps = useRouterNavigate('saved_queries'); const { form } = useSavedQueryForm({ defaultValue, + savedQueryFormRef, handleSubmit, }); - const { submit, isSubmitting } = form; + const { submit, isSubmitting, isValid } = form; return ( - + diff --git a/x-pack/plugins/osquery/public/routes/saved_queries/new/index.tsx b/x-pack/plugins/osquery/public/routes/saved_queries/new/index.tsx index 3f5a1af64fe347d..3dc42aabe7a94e3 100644 --- a/x-pack/plugins/osquery/public/routes/saved_queries/new/index.tsx +++ b/x-pack/plugins/osquery/public/routes/saved_queries/new/index.tsx @@ -20,7 +20,7 @@ const NewSavedQueryPageComponent = () => { useBreadcrumbs('saved_query_new'); const savedQueryListProps = useRouterNavigate('saved_queries'); - const createSavedQueryMutation = useCreateSavedQuery({ withRedirect: true }); + const { mutateAsync } = useCreateSavedQuery({ withRedirect: true }); const LeftColumn = useMemo( () => ( @@ -51,10 +51,7 @@ const NewSavedQueryPageComponent = () => { return ( - { - // @ts-expect-error update types - - } + ); }; diff --git a/x-pack/plugins/osquery/public/routes/scheduled_query_groups/add/index.tsx b/x-pack/plugins/osquery/public/routes/scheduled_query_groups/add/index.tsx deleted file mode 100644 index 6a4753e7aac95e5..000000000000000 --- a/x-pack/plugins/osquery/public/routes/scheduled_query_groups/add/index.tsx +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { startCase } from 'lodash'; -import { EuiButtonEmpty, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; -import { FormattedMessage } from '@kbn/i18n/react'; -import React, { useMemo } from 'react'; - -import { WithHeaderLayout } from '../../../components/layouts'; -import { useRouterNavigate } from '../../../common/lib/kibana'; -import { ScheduledQueryGroupForm } from '../../../scheduled_query_groups/form'; -import { useOsqueryIntegrationStatus } from '../../../common/hooks'; -import { useBreadcrumbs } from '../../../common/hooks/use_breadcrumbs'; -import { BetaBadge, BetaBadgeRowWrapper } from '../../../components/beta_badge'; - -const AddScheduledQueryGroupPageComponent = () => { - useBreadcrumbs('scheduled_query_group_add'); - const scheduledQueryListProps = useRouterNavigate('scheduled_query_groups'); - const { data: osqueryIntegration } = useOsqueryIntegrationStatus(); - - const packageInfo = useMemo(() => { - if (!osqueryIntegration) return; - - return { - name: osqueryIntegration.name, - title: osqueryIntegration.title ?? startCase(osqueryIntegration.name), - version: osqueryIntegration.version, - }; - }, [osqueryIntegration]); - - const LeftColumn = useMemo( - () => ( - - - - - - - - -

- -

- - - - - ), - [scheduledQueryListProps] - ); - - return ( - - {packageInfo && } - - ); -}; - -export const AddScheduledQueryGroupPage = React.memo(AddScheduledQueryGroupPageComponent); diff --git a/x-pack/plugins/osquery/public/routes/scheduled_query_groups/edit/index.tsx b/x-pack/plugins/osquery/public/routes/scheduled_query_groups/edit/index.tsx deleted file mode 100644 index 7d816d3c4f7d4f2..000000000000000 --- a/x-pack/plugins/osquery/public/routes/scheduled_query_groups/edit/index.tsx +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { EuiButtonEmpty, EuiFlexGroup, EuiFlexItem, EuiLoadingContent } from '@elastic/eui'; -import { FormattedMessage } from '@kbn/i18n/react'; -import React, { useMemo } from 'react'; -import { useParams } from 'react-router-dom'; - -import { WithHeaderLayout } from '../../../components/layouts'; -import { useRouterNavigate } from '../../../common/lib/kibana'; -import { ScheduledQueryGroupForm } from '../../../scheduled_query_groups/form'; -import { useScheduledQueryGroup } from '../../../scheduled_query_groups/use_scheduled_query_group'; -import { useBreadcrumbs } from '../../../common/hooks/use_breadcrumbs'; -import { BetaBadge, BetaBadgeRowWrapper } from '../../../components/beta_badge'; - -const EditScheduledQueryGroupPageComponent = () => { - const { scheduledQueryGroupId } = useParams<{ scheduledQueryGroupId: string }>(); - const queryDetailsLinkProps = useRouterNavigate( - `scheduled_query_groups/${scheduledQueryGroupId}` - ); - - const { data } = useScheduledQueryGroup({ scheduledQueryGroupId }); - - useBreadcrumbs('scheduled_query_group_edit', { - scheduledQueryGroupId: data?.id ?? '', - scheduledQueryGroupName: data?.name ?? '', - }); - - const LeftColumn = useMemo( - () => ( - - - - - - - - -

- -

- - - - - ), - [data?.name, queryDetailsLinkProps] - ); - - return ( - - {!data ? ( - - ) : ( - - )} - - ); -}; - -export const EditScheduledQueryGroupPage = React.memo(EditScheduledQueryGroupPageComponent); diff --git a/x-pack/plugins/osquery/public/saved_queries/form/code_editor_field.tsx b/x-pack/plugins/osquery/public/saved_queries/form/code_editor_field.tsx index c70aeae66396e7a..cc64e539e399fe5 100644 --- a/x-pack/plugins/osquery/public/saved_queries/form/code_editor_field.tsx +++ b/x-pack/plugins/osquery/public/saved_queries/form/code_editor_field.tsx @@ -6,18 +6,24 @@ */ import { isEmpty } from 'lodash/fp'; -import { EuiFormRow } from '@elastic/eui'; +import { EuiCodeBlock, EuiFormRow } from '@elastic/eui'; import React from 'react'; +import styled from 'styled-components'; import { OsquerySchemaLink } from '../../components/osquery_schema_link'; import { OsqueryEditor } from '../../editor'; import { FieldHook } from '../../shared_imports'; +const StyledEuiCodeBlock = styled(EuiCodeBlock)` + min-height: 100px; +`; + interface CodeEditorFieldProps { + euiFieldProps?: Record; field: FieldHook; } -const CodeEditorFieldComponent: React.FC = ({ field }) => { +const CodeEditorFieldComponent: React.FC = ({ euiFieldProps, field }) => { const { value, label, labelAppend, helpText, setValue, errors } = field; const error = errors[0]?.message; @@ -30,7 +36,18 @@ const CodeEditorFieldComponent: React.FC = ({ field }) => error={error} fullWidth > - + {euiFieldProps?.disabled ? ( + + {value} + + ) : ( + + )} ); }; diff --git a/x-pack/plugins/osquery/public/saved_queries/form/index.tsx b/x-pack/plugins/osquery/public/saved_queries/form/index.tsx index beff34a8919a074..1d3677e96298e9a 100644 --- a/x-pack/plugins/osquery/public/saved_queries/form/index.tsx +++ b/x-pack/plugins/osquery/public/saved_queries/form/index.tsx @@ -5,90 +5,161 @@ * 2.0. */ -import { EuiFlexGroup, EuiFlexItem, EuiSpacer, EuiTitle, EuiText } from '@elastic/eui'; -import React, { useMemo } from 'react'; +import { + EuiFlexGroup, + EuiFlexItem, + EuiSpacer, + EuiTitle, + EuiText, + EuiButtonEmpty, +} from '@elastic/eui'; +import React, { + useCallback, + useMemo, + useRef, + forwardRef, + useImperativeHandle, + useState, +} from 'react'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { ALL_OSQUERY_VERSIONS_OPTIONS } from '../../scheduled_query_groups/queries/constants'; -import { PlatformCheckBoxGroupField } from '../../scheduled_query_groups/queries/platform_checkbox_group_field'; -import { Field, getUseField, UseField } from '../../shared_imports'; +import { ALL_OSQUERY_VERSIONS_OPTIONS } from '../../packs/queries/constants'; +import { PlatformCheckBoxGroupField } from '../../packs/queries/platform_checkbox_group_field'; +import { Field, getUseField, UseField, useFormData } from '../../shared_imports'; import { CodeEditorField } from './code_editor_field'; +import { + ECSMappingEditorField, + ECSMappingEditorFieldRef, +} from '../../packs/queries/lazy_ecs_mapping_editor_field'; +import { PlaygroundFlyout } from './playground_flyout'; export const CommonUseField = getUseField({ component: Field }); interface SavedQueryFormProps { viewMode?: boolean; + hasPlayground?: boolean; + isValid?: boolean; } +export interface SavedQueryFormRefObject { + validateEcsMapping: ECSMappingEditorFieldRef['validate']; +} + +const SavedQueryFormComponent = forwardRef( + ({ viewMode, hasPlayground, isValid }, ref) => { + const [playgroundVisible, setPlaygroundVisible] = useState(false); + const ecsFieldRef = useRef(); + + const euiFieldProps = useMemo( + () => ({ + isDisabled: !!viewMode, + }), + [viewMode] + ); + + const [{ query }] = useFormData({ watch: ['query'] }); -const SavedQueryFormComponent: React.FC = ({ viewMode }) => { - const euiFieldProps = useMemo( - () => ({ - isDisabled: !!viewMode, - }), - [viewMode] - ); + const handleHidePlayground = useCallback(() => setPlaygroundVisible(false), []); - return ( - <> - - - - - - - - - -
+ const handleTogglePlayground = useCallback( + () => setPlaygroundVisible((prevValue) => !prevValue), + [] + ); + + useImperativeHandle( + ref, + () => ({ + validateEcsMapping: () => { + if (ecsFieldRef.current) { + return ecsFieldRef.current.validate(); + } + return Promise.resolve(false); + }, + }), + [] + ); + + return ( + <> + + + + + + + + + + + + {!viewMode && hasPlayground && ( + + + + Test configuration + + + + )} + + + + +
+ +
+ + -
- - - + + + + + + + + - - - - - - - - - - - - - - - - - ); -}; + + + + + + {playgroundVisible && } + + ); + } +); export const SavedQueryForm = React.memo(SavedQueryFormComponent); diff --git a/x-pack/plugins/osquery/public/saved_queries/form/playground_flyout.tsx b/x-pack/plugins/osquery/public/saved_queries/form/playground_flyout.tsx new file mode 100644 index 000000000000000..5e8bb725dd5a22e --- /dev/null +++ b/x-pack/plugins/osquery/public/saved_queries/form/playground_flyout.tsx @@ -0,0 +1,61 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { EuiFlyout, EuiFlyoutHeader, EuiTitle, EuiFlyoutBody } from '@elastic/eui'; +import React from 'react'; +import styled from 'styled-components'; +import { FormattedMessage } from '@kbn/i18n/react'; + +import { LiveQuery } from '../../live_queries'; +import { useFormData } from '../../shared_imports'; + +const StyledEuiFlyoutHeader = styled(EuiFlyoutHeader)` + &.euiFlyoutHeader.euiFlyoutHeader--hasBorder { + padding-top: 21px; + padding-bottom: 20px; + } +`; + +interface PlaygroundFlyoutProps { + enabled?: boolean; + onClose: () => void; +} + +const PlaygroundFlyoutComponent: React.FC = ({ enabled, onClose }) => { + // eslint-disable-next-line @typescript-eslint/naming-convention + const [{ query, ecs_mapping, savedQueryId }] = useFormData({ + watch: ['query', 'ecs_mapping', 'savedQueryId'], + }); + + return ( + + + +
+ +
+ + + + + + + ); +}; + +export const PlaygroundFlyout = React.memo(PlaygroundFlyoutComponent); diff --git a/x-pack/plugins/osquery/public/saved_queries/form/use_saved_query_form.tsx b/x-pack/plugins/osquery/public/saved_queries/form/use_saved_query_form.tsx index eed16d84278b85e..3fd2275477ebfab 100644 --- a/x-pack/plugins/osquery/public/saved_queries/form/use_saved_query_form.tsx +++ b/x-pack/plugins/osquery/public/saved_queries/form/use_saved_query_form.tsx @@ -5,27 +5,33 @@ * 2.0. */ -import { isArray } from 'lodash'; +import { isArray, isEmpty, map } from 'lodash'; import uuid from 'uuid'; import { produce } from 'immer'; +import { RefObject, useMemo } from 'react'; -import { useMemo } from 'react'; import { useForm } from '../../shared_imports'; -import { createFormSchema } from '../../scheduled_query_groups/queries/schema'; -import { ScheduledQueryGroupFormData } from '../../scheduled_query_groups/queries/use_scheduled_query_group_query_form'; +import { createFormSchema } from '../../packs/queries/schema'; +import { PackFormData } from '../../packs/queries/use_pack_query_form'; import { useSavedQueries } from '../use_saved_queries'; +import { SavedQueryFormRefObject } from '.'; const SAVED_QUERY_FORM_ID = 'savedQueryForm'; interface UseSavedQueryFormProps { defaultValue?: unknown; handleSubmit: (payload: unknown) => Promise; + savedQueryFormRef: RefObject; } -export const useSavedQueryForm = ({ defaultValue, handleSubmit }: UseSavedQueryFormProps) => { +export const useSavedQueryForm = ({ + defaultValue, + handleSubmit, + savedQueryFormRef, +}: UseSavedQueryFormProps) => { const { data } = useSavedQueries({}); const ids: string[] = useMemo( - () => data?.savedObjects.map((obj) => obj.attributes.id) ?? [], + () => map(data?.saved_objects, 'attributes.id') ?? [], [data] ); const idSet = useMemo>(() => { @@ -42,13 +48,18 @@ export const useSavedQueryForm = ({ defaultValue, handleSubmit }: UseSavedQueryF id: SAVED_QUERY_FORM_ID + uuid.v4(), schema: formSchema, onSubmit: async (formData, isValid) => { + const ecsFieldValue = await savedQueryFormRef?.current?.validateEcsMapping(); + if (isValid) { - return handleSubmit(formData); + try { + await handleSubmit({ + ...formData, + ...(isEmpty(ecsFieldValue) ? {} : { ecs_mapping: ecsFieldValue }), + }); + // eslint-disable-next-line no-empty + } catch (e) {} } }, - options: { - stripEmptyFields: false, - }, // @ts-expect-error update types defaultValue, serializer: (payload) => @@ -67,19 +78,26 @@ export const useSavedQueryForm = ({ defaultValue, handleSubmit }: UseSavedQueryF draft.version = draft.version[0]; } } + if (isEmpty(draft.ecs_mapping)) { + // @ts-expect-error update types + delete draft.ecs_mapping; + } + // @ts-expect-error update types + draft.interval = draft.interval + ''; return draft; }), // @ts-expect-error update types deserializer: (payload) => { - if (!payload) return {} as ScheduledQueryGroupFormData; + if (!payload) return {} as PackFormData; return { id: payload.id, description: payload.description, query: payload.query, - interval: payload.interval ? parseInt(payload.interval, 10) : undefined, + interval: payload.interval ?? 3600, platform: payload.platform, version: payload.version ? [payload.version] : [], + ecs_mapping: payload.ecs_mapping ?? {}, }; }, }); diff --git a/x-pack/plugins/osquery/public/saved_queries/saved_queries_dropdown.tsx b/x-pack/plugins/osquery/public/saved_queries/saved_queries_dropdown.tsx index fc7cee2fc804cd4..7a652720e9cb140 100644 --- a/x-pack/plugins/osquery/public/saved_queries/saved_queries_dropdown.tsx +++ b/x-pack/plugins/osquery/public/saved_queries/saved_queries_dropdown.tsx @@ -7,25 +7,15 @@ import { find } from 'lodash/fp'; import { EuiCodeBlock, EuiFormRow, EuiComboBox, EuiTextColor } from '@elastic/eui'; -import React, { - forwardRef, - useCallback, - useEffect, - useImperativeHandle, - useMemo, - useState, -} from 'react'; +import React, { useCallback, useEffect, useMemo, useState } from 'react'; import { SimpleSavedObject } from 'kibana/public'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { useHistory, useLocation } from 'react-router-dom'; import styled from 'styled-components'; +import deepEqual from 'fast-deep-equal'; import { useSavedQueries } from './use_saved_queries'; - -export interface SavedQueriesDropdownRef { - clearSelection: () => void; -} +import { useFormData } from '../shared_imports'; const TextTruncate = styled.div` overflow: hidden; @@ -51,28 +41,33 @@ interface SavedQueriesDropdownProps { ) => void; } -const SavedQueriesDropdownComponent = forwardRef< - SavedQueriesDropdownRef, - SavedQueriesDropdownProps ->(({ disabled, onChange }, ref) => { - const { replace } = useHistory(); - const location = useLocation(); +const SavedQueriesDropdownComponent: React.FC = ({ + disabled, + onChange, +}) => { const [selectedOptions, setSelectedOptions] = useState([]); + // eslint-disable-next-line @typescript-eslint/naming-convention + const [{ query, ecs_mapping, savedQueryId }] = useFormData({ + watch: ['ecs_mapping', 'query', 'savedQueryId'], + }); + const { data } = useSavedQueries({}); const queryOptions = useMemo( () => - data?.savedObjects?.map((savedQuery) => ({ + // @ts-expect-error update types + data?.saved_objects?.map((savedQuery) => ({ label: savedQuery.attributes.id ?? '', value: { - savedObjectId: savedQuery.id, + savedQueryId: savedQuery.id, id: savedQuery.attributes.id, description: savedQuery.attributes.description, query: savedQuery.attributes.query, + ecs_mapping: savedQuery.attributes.ecs_mapping, }, })) ?? [], - [data?.savedObjects] + [data?.saved_objects] ); const handleSavedQueryChange = useCallback( @@ -85,15 +80,16 @@ const SavedQueriesDropdownComponent = forwardRef< const selectedSavedQuery = find( ['attributes.id', newSelectedOptions[0].value.id], - data?.savedObjects + data?.saved_objects ); if (selectedSavedQuery) { - onChange(selectedSavedQuery.attributes); + onChange({ ...selectedSavedQuery.attributes, savedQueryId: selectedSavedQuery.id }); } + setSelectedOptions(newSelectedOptions); }, - [data?.savedObjects, onChange] + [data?.saved_objects, onChange] ); const renderOption = useCallback( @@ -111,29 +107,29 @@ const SavedQueriesDropdownComponent = forwardRef< [] ); - const clearSelection = useCallback(() => setSelectedOptions([]), []); - useEffect(() => { - const savedQueryId = location.state?.form?.savedQueryId; - if (savedQueryId) { - const savedQueryOption = find(['value.savedObjectId', savedQueryId], queryOptions); + const savedQueryOption = find(['value.savedQueryId', savedQueryId], queryOptions); if (savedQueryOption) { handleSavedQueryChange([savedQueryOption]); } + } + }, [savedQueryId, handleSavedQueryChange, queryOptions]); - replace({ state: null }); + useEffect(() => { + if ( + selectedOptions.length && + // @ts-expect-error update types + (selectedOptions[0].value.savedQueryId !== savedQueryId || + // @ts-expect-error update types + selectedOptions[0].value.query !== query || + // @ts-expect-error update types + !deepEqual(selectedOptions[0].value.ecs_mapping, ecs_mapping)) + ) { + setSelectedOptions([]); } - }, [handleSavedQueryChange, replace, location.state, queryOptions]); - - useImperativeHandle( - ref, - () => ({ - clearSelection, - }), - [clearSelection] - ); + }, [ecs_mapping, query, savedQueryId, selectedOptions]); return ( ); -}); +}; export const SavedQueriesDropdown = React.memo(SavedQueriesDropdownComponent); diff --git a/x-pack/plugins/osquery/public/saved_queries/saved_query_flyout.tsx b/x-pack/plugins/osquery/public/saved_queries/saved_query_flyout.tsx index 8c35a359a9bafe4..2c1d00ac1031db3 100644 --- a/x-pack/plugins/osquery/public/saved_queries/saved_query_flyout.tsx +++ b/x-pack/plugins/osquery/public/saved_queries/saved_query_flyout.tsx @@ -17,12 +17,12 @@ import { EuiButtonEmpty, EuiButton, } from '@elastic/eui'; -import React, { useCallback } from 'react'; +import React, { useCallback, useRef } from 'react'; import { FormattedMessage } from '@kbn/i18n/react'; import { Form } from '../shared_imports'; import { useSavedQueryForm } from './form/use_saved_query_form'; -import { SavedQueryForm } from './form'; +import { SavedQueryForm, SavedQueryFormRefObject } from './form'; import { useCreateSavedQuery } from './use_create_saved_query'; interface AddQueryFlyoutProps { @@ -31,6 +31,7 @@ interface AddQueryFlyoutProps { } const SavedQueryFlyoutComponent: React.FC = ({ defaultValue, onClose }) => { + const savedQueryFormRef = useRef(null); const createSavedQueryMutation = useCreateSavedQuery({ withRedirect: false }); const handleSubmit = useCallback( @@ -40,6 +41,7 @@ const SavedQueryFlyoutComponent: React.FC = ({ defaultValue const { form } = useSavedQueryForm({ defaultValue, + savedQueryFormRef, handleSubmit, }); const { submit, isSubmitting } = form; @@ -59,7 +61,7 @@ const SavedQueryFlyoutComponent: React.FC = ({ defaultValue - + @@ -67,7 +69,7 @@ const SavedQueryFlyoutComponent: React.FC = ({ defaultValue @@ -75,7 +77,7 @@ const SavedQueryFlyoutComponent: React.FC = ({ defaultValue diff --git a/x-pack/plugins/osquery/public/saved_queries/use_create_saved_query.ts b/x-pack/plugins/osquery/public/saved_queries/use_create_saved_query.ts index ddc25630079cd33..c736cdf9c354576 100644 --- a/x-pack/plugins/osquery/public/saved_queries/use_create_saved_query.ts +++ b/x-pack/plugins/osquery/public/saved_queries/use_create_saved_query.ts @@ -9,7 +9,6 @@ import { useMutation, useQueryClient } from 'react-query'; import { i18n } from '@kbn/i18n'; import { useKibana } from '../common/lib/kibana'; -import { savedQuerySavedObjectType } from '../../common/types'; import { PLUGIN_ID } from '../../common'; import { pagePathGetters } from '../common/page_paths'; import { SAVED_QUERIES_ID } from './constants'; @@ -23,48 +22,22 @@ export const useCreateSavedQuery = ({ withRedirect }: UseCreateSavedQueryProps) const queryClient = useQueryClient(); const { application: { navigateToApp }, - savedObjects, - security, + http, notifications: { toasts }, } = useKibana().services; const setErrorToast = useErrorToast(); return useMutation( - async (payload) => { - const currentUser = await security.authc.getCurrentUser(); - - if (!currentUser) { - throw new Error('CurrentUser is missing'); - } - // @ts-expect-error update types - const payloadId = payload.id; - const conflictingEntries = await savedObjects.client.find({ - type: savedQuerySavedObjectType, - search: payloadId, - searchFields: ['id'], - }); - if (conflictingEntries.savedObjects.length) { - throw new Error(`Saved query with id ${payloadId} already exists.`); - } - return savedObjects.client.create(savedQuerySavedObjectType, { - // @ts-expect-error update types - ...payload, - created_by: currentUser.username, - created_at: new Date(Date.now()).toISOString(), - updated_by: currentUser.username, - updated_at: new Date(Date.now()).toISOString(), - }); - }, + (payload) => + http.post('/internal/osquery/saved_query', { + body: JSON.stringify(payload), + }), { - onError: (error) => { - if (error instanceof Error) { - return setErrorToast(error, { - title: 'Saved query creation error', - toastMessage: error.message, - }); - } - // @ts-expect-error update types - setErrorToast(error, { title: error.body.error, toastMessage: error.body.message }); + onError: (error: { body: { error: string; message: string } }) => { + setErrorToast(error, { + title: error.body.error, + toastMessage: error.body.message, + }); }, onSuccess: (payload) => { queryClient.invalidateQueries(SAVED_QUERIES_ID); diff --git a/x-pack/plugins/osquery/public/saved_queries/use_delete_saved_query.ts b/x-pack/plugins/osquery/public/saved_queries/use_delete_saved_query.ts index b2fee8b25f7a4fa..de03b834f5e6a78 100644 --- a/x-pack/plugins/osquery/public/saved_queries/use_delete_saved_query.ts +++ b/x-pack/plugins/osquery/public/saved_queries/use_delete_saved_query.ts @@ -9,7 +9,6 @@ import { useMutation, useQueryClient } from 'react-query'; import { i18n } from '@kbn/i18n'; import { useKibana } from '../common/lib/kibana'; -import { savedQuerySavedObjectType } from '../../common/types'; import { PLUGIN_ID } from '../../common'; import { pagePathGetters } from '../common/page_paths'; import { SAVED_QUERIES_ID } from './constants'; @@ -23,15 +22,17 @@ export const useDeleteSavedQuery = ({ savedQueryId }: UseDeleteSavedQueryProps) const queryClient = useQueryClient(); const { application: { navigateToApp }, - savedObjects, + http, notifications: { toasts }, } = useKibana().services; const setErrorToast = useErrorToast(); - return useMutation(() => savedObjects.client.delete(savedQuerySavedObjectType, savedQueryId), { - onError: (error) => { - // @ts-expect-error update types - setErrorToast(error, { title: error.body.error, toastMessage: error.body.message }); + return useMutation(() => http.delete(`/internal/osquery/saved_query/${savedQueryId}`), { + onError: (error: { body: { error: string; message: string } }) => { + setErrorToast(error, { + title: error.body.error, + toastMessage: error.body.message, + }); }, onSuccess: () => { queryClient.invalidateQueries(SAVED_QUERIES_ID); diff --git a/x-pack/plugins/osquery/public/saved_queries/use_saved_queries.ts b/x-pack/plugins/osquery/public/saved_queries/use_saved_queries.ts index bb5a73d9d50fa94..22ed81a62a5b3d3 100644 --- a/x-pack/plugins/osquery/public/saved_queries/use_saved_queries.ts +++ b/x-pack/plugins/osquery/public/saved_queries/use_saved_queries.ts @@ -8,7 +8,7 @@ import { useQuery } from 'react-query'; import { useKibana } from '../common/lib/kibana'; -import { savedQuerySavedObjectType } from '../../common/types'; +import { useErrorToast } from '../common/hooks/use_error_toast'; import { SAVED_QUERIES_ID } from './constants'; export const useSavedQueries = ({ @@ -18,29 +18,24 @@ export const useSavedQueries = ({ sortField = 'updated_at', sortDirection = 'desc', }) => { - const { savedObjects } = useKibana().services; + const { http } = useKibana().services; + const setErrorToast = useErrorToast(); return useQuery( [SAVED_QUERIES_ID, { pageIndex, pageSize, sortField, sortDirection }], - async () => - savedObjects.client.find<{ - id: string; - description?: string; - query: string; - updated_at: string; - updated_by: string; - created_at: string; - created_by: string; - }>({ - type: savedQuerySavedObjectType, - page: pageIndex + 1, - perPage: pageSize, - sortField, + () => + http.get('/internal/osquery/saved_query', { + query: { pageIndex, pageSize, sortField, sortDirection }, }), { keepPreviousData: true, - // Refetch the data every 10 seconds - refetchInterval: isLive ? 5000 : false, + refetchInterval: isLive ? 10000 : false, + onError: (error: { body: { error: string; message: string } }) => { + setErrorToast(error, { + title: error.body.error, + toastMessage: error.body.message, + }); + }, } ); }; diff --git a/x-pack/plugins/osquery/public/saved_queries/use_saved_query.ts b/x-pack/plugins/osquery/public/saved_queries/use_saved_query.ts index 5b736c2cb3217a5..04d7a9b505372c3 100644 --- a/x-pack/plugins/osquery/public/saved_queries/use_saved_query.ts +++ b/x-pack/plugins/osquery/public/saved_queries/use_saved_query.ts @@ -9,7 +9,6 @@ import { useQuery } from 'react-query'; import { PLUGIN_ID } from '../../common'; import { useKibana } from '../common/lib/kibana'; -import { savedQuerySavedObjectType } from '../../common/types'; import { pagePathGetters } from '../common/page_paths'; import { useErrorToast } from '../common/hooks/use_error_toast'; import { SAVED_QUERY_ID } from './constants'; @@ -21,18 +20,13 @@ interface UseSavedQueryProps { export const useSavedQuery = ({ savedQueryId }: UseSavedQueryProps) => { const { application: { navigateToApp }, - savedObjects, + http, } = useKibana().services; const setErrorToast = useErrorToast(); return useQuery( [SAVED_QUERY_ID, { savedQueryId }], - async () => - savedObjects.client.get<{ - id: string; - description?: string; - query: string; - }>(savedQuerySavedObjectType, savedQueryId), + () => http.get(`/internal/osquery/saved_query/${savedQueryId}`), { keepPreviousData: true, onSuccess: (data) => { @@ -44,9 +38,11 @@ export const useSavedQuery = ({ savedQueryId }: UseSavedQueryProps) => { navigateToApp(PLUGIN_ID, { path: pagePathGetters.saved_queries() }); } }, - onError: (error) => { - // @ts-expect-error update types - setErrorToast(error, { title: error.body.error, toastMessage: error.body.message }); + onError: (error: { body: { error: string; message: string } }) => { + setErrorToast(error, { + title: error.body.error, + toastMessage: error.body.message, + }); }, } ); diff --git a/x-pack/plugins/osquery/public/saved_queries/use_scheduled_query_group.ts b/x-pack/plugins/osquery/public/saved_queries/use_scheduled_query_group.ts deleted file mode 100644 index 93d552b3f71f3aa..000000000000000 --- a/x-pack/plugins/osquery/public/saved_queries/use_scheduled_query_group.ts +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { useQuery } from 'react-query'; - -import { useKibana } from '../common/lib/kibana'; -import { GetOnePackagePolicyResponse, packagePolicyRouteService } from '../../../fleet/common'; -import { OsqueryManagerPackagePolicy } from '../../common/types'; - -interface UseScheduledQueryGroup { - scheduledQueryGroupId: string; - skip?: boolean; -} - -export const useScheduledQueryGroup = ({ - scheduledQueryGroupId, - skip = false, -}: UseScheduledQueryGroup) => { - const { http } = useKibana().services; - - return useQuery< - Omit & { item: OsqueryManagerPackagePolicy }, - unknown, - OsqueryManagerPackagePolicy - >( - ['scheduledQueryGroup', { scheduledQueryGroupId }], - () => http.get(packagePolicyRouteService.getInfoPath(scheduledQueryGroupId)), - { - keepPreviousData: true, - enabled: !skip, - select: (response) => response.item, - } - ); -}; diff --git a/x-pack/plugins/osquery/public/saved_queries/use_update_saved_query.ts b/x-pack/plugins/osquery/public/saved_queries/use_update_saved_query.ts index 954b984d0c312d6..b2e23163a74c81e 100644 --- a/x-pack/plugins/osquery/public/saved_queries/use_update_saved_query.ts +++ b/x-pack/plugins/osquery/public/saved_queries/use_update_saved_query.ts @@ -9,7 +9,6 @@ import { useMutation, useQueryClient } from 'react-query'; import { i18n } from '@kbn/i18n'; import { useKibana } from '../common/lib/kibana'; -import { savedQuerySavedObjectType } from '../../common/types'; import { PLUGIN_ID } from '../../common'; import { pagePathGetters } from '../common/page_paths'; import { SAVED_QUERIES_ID, SAVED_QUERY_ID } from './constants'; @@ -23,54 +22,22 @@ export const useUpdateSavedQuery = ({ savedQueryId }: UseUpdateSavedQueryProps) const queryClient = useQueryClient(); const { application: { navigateToApp }, - savedObjects, - security, notifications: { toasts }, + http, } = useKibana().services; const setErrorToast = useErrorToast(); return useMutation( - async (payload) => { - const currentUser = await security.authc.getCurrentUser(); - - if (!currentUser) { - throw new Error('CurrentUser is missing'); - } - - // @ts-expect-error update types - const payloadId = payload.id; - const conflictingEntries = await savedObjects.client.find({ - type: savedQuerySavedObjectType, - search: payloadId, - searchFields: ['id'], - }); - const conflictingObjects = conflictingEntries.savedObjects; - // we some how have more than one object with the same id - const updateConflicts = - conflictingObjects.length > 1 || - // or the one we conflict with isn't the same one we are updating - (conflictingObjects.length && conflictingObjects[0].id !== savedQueryId); - if (updateConflicts) { - throw new Error(`Saved query with id ${payloadId} already exists.`); - } - - return savedObjects.client.update(savedQuerySavedObjectType, savedQueryId, { - // @ts-expect-error update types - ...payload, - updated_by: currentUser.username, - updated_at: new Date(Date.now()).toISOString(), - }); - }, + (payload) => + http.put(`/internal/osquery/saved_query/${savedQueryId}`, { + body: JSON.stringify(payload), + }), { - onError: (error) => { - if (error instanceof Error) { - return setErrorToast(error, { - title: 'Saved query update error', - toastMessage: error.message, - }); - } - // @ts-expect-error update types - setErrorToast(error, { title: error.body.error, toastMessage: error.body.message }); + onError: (error: { body: { error: string; message: string } }) => { + setErrorToast(error, { + title: error.body.error, + toastMessage: error.body.message, + }); }, onSuccess: (payload) => { queryClient.invalidateQueries(SAVED_QUERIES_ID); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/active_state_switch.tsx b/x-pack/plugins/osquery/public/scheduled_query_groups/active_state_switch.tsx deleted file mode 100644 index 7f26534626b125c..000000000000000 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/active_state_switch.tsx +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { produce } from 'immer'; -import { EuiSwitch, EuiLoadingSpinner } from '@elastic/eui'; -import React, { useCallback, useState } from 'react'; -import { useMutation, useQueryClient } from 'react-query'; -import styled from 'styled-components'; -import { i18n } from '@kbn/i18n'; - -import { - PackagePolicy, - UpdatePackagePolicy, - packagePolicyRouteService, -} from '../../../fleet/common'; -import { useKibana } from '../common/lib/kibana'; -import { useAgentStatus } from '../agents/use_agent_status'; -import { useAgentPolicy } from '../agent_policies/use_agent_policy'; -import { ConfirmDeployAgentPolicyModal } from './form/confirmation_modal'; -import { useErrorToast } from '../common/hooks/use_error_toast'; - -const StyledEuiLoadingSpinner = styled(EuiLoadingSpinner)` - margin-right: ${({ theme }) => theme.eui.paddingSizes.s}; -`; - -interface ActiveStateSwitchProps { - disabled?: boolean; - item: PackagePolicy; -} - -const ActiveStateSwitchComponent: React.FC = ({ item }) => { - const queryClient = useQueryClient(); - const { - application: { - capabilities: { osquery: permissions }, - }, - http, - notifications: { toasts }, - } = useKibana().services; - const setErrorToast = useErrorToast(); - const [confirmationModal, setConfirmationModal] = useState(false); - - const hideConfirmationModal = useCallback(() => setConfirmationModal(false), []); - - const { data: agentStatus } = useAgentStatus({ policyId: item.policy_id }); - const { data: agentPolicy } = useAgentPolicy({ policyId: item.policy_id }); - - const { isLoading, mutate } = useMutation( - ({ id, ...payload }: UpdatePackagePolicy & { id: string }) => - http.put(packagePolicyRouteService.getUpdatePath(id), { - body: JSON.stringify(payload), - }), - { - onSuccess: (response) => { - queryClient.invalidateQueries('scheduledQueries'); - setErrorToast(); - toasts.addSuccess( - response.item.enabled - ? i18n.translate( - 'xpack.osquery.scheduledQueryGroup.table.activatedSuccessToastMessageText', - { - defaultMessage: 'Successfully activated {scheduledQueryGroupName}', - values: { - scheduledQueryGroupName: response.item.name, - }, - } - ) - : i18n.translate( - 'xpack.osquery.scheduledQueryGroup.table.deactivatedSuccessToastMessageText', - { - defaultMessage: 'Successfully deactivated {scheduledQueryGroupName}', - values: { - scheduledQueryGroupName: response.item.name, - }, - } - ) - ); - }, - onError: (error) => { - // @ts-expect-error update types - setErrorToast(error, { title: error.body.error, toastMessage: error.body.message }); - }, - } - ); - - const handleToggleActive = useCallback(() => { - const updatedPolicy = produce< - UpdatePackagePolicy & { id: string }, - Omit & - Partial<{ - revision: number; - updated_at: string; - updated_by: string; - created_at: string; - created_by: string; - }> - >(item, (draft) => { - delete draft.revision; - delete draft.updated_at; - delete draft.updated_by; - delete draft.created_at; - delete draft.created_by; - - draft.enabled = !item.enabled; - draft.inputs[0].streams.forEach((stream) => { - delete stream.compiled_stream; - }); - - return draft; - }); - - mutate(updatedPolicy); - hideConfirmationModal(); - }, [hideConfirmationModal, item, mutate]); - - const handleToggleActiveClick = useCallback(() => { - if (agentStatus?.total) { - return setConfirmationModal(true); - } - - handleToggleActive(); - }, [agentStatus?.total, handleToggleActive]); - - return ( - <> - {isLoading && } - - {confirmationModal && agentStatus?.total && ( - - )} - - ); -}; - -export const ActiveStateSwitch = React.memo(ActiveStateSwitchComponent); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/form/index.tsx b/x-pack/plugins/osquery/public/scheduled_query_groups/form/index.tsx deleted file mode 100644 index bcc82c5f27c99a1..000000000000000 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/form/index.tsx +++ /dev/null @@ -1,411 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { mapKeys } from 'lodash'; -import { merge } from 'lodash/fp'; -import { - EuiFlexGroup, - EuiFlexItem, - EuiButtonEmpty, - EuiButton, - EuiDescribedFormGroup, - EuiSpacer, - EuiBottomBar, - EuiHorizontalRule, -} from '@elastic/eui'; -import React, { useCallback, useMemo, useState } from 'react'; -import { useMutation, useQueryClient } from 'react-query'; -import { produce } from 'immer'; -import { i18n } from '@kbn/i18n'; -import { FormattedMessage } from '@kbn/i18n/react'; - -import { PLUGIN_ID } from '../../../common'; -import { OsqueryManagerPackagePolicy } from '../../../common/types'; -import { - AgentPolicy, - PackagePolicyPackage, - packagePolicyRouteService, -} from '../../../../fleet/common'; -import { - Form, - useForm, - useFormData, - getUseField, - Field, - FIELD_TYPES, - fieldValidators, -} from '../../shared_imports'; -import { useKibana, useRouterNavigate } from '../../common/lib/kibana'; -import { PolicyIdComboBoxField } from './policy_id_combobox_field'; -import { QueriesField } from './queries_field'; -import { ConfirmDeployAgentPolicyModal } from './confirmation_modal'; -import { useAgentPolicies } from '../../agent_policies'; -import { useErrorToast } from '../../common/hooks/use_error_toast'; - -const GhostFormField = () => <>; - -const FORM_ID = 'scheduledQueryForm'; - -const CommonUseField = getUseField({ component: Field }); - -interface ScheduledQueryGroupFormProps { - defaultValue?: OsqueryManagerPackagePolicy; - packageInfo?: PackagePolicyPackage; - editMode?: boolean; -} - -const ScheduledQueryGroupFormComponent: React.FC = ({ - defaultValue, - packageInfo, - editMode = false, -}) => { - const queryClient = useQueryClient(); - const { - application: { navigateToApp }, - http, - notifications: { toasts }, - } = useKibana().services; - const setErrorToast = useErrorToast(); - const [showConfirmationModal, setShowConfirmationModal] = useState(false); - const handleHideConfirmationModal = useCallback(() => setShowConfirmationModal(false), []); - - const { data: agentPolicies } = useAgentPolicies(); - const agentPoliciesById = mapKeys(agentPolicies, 'id'); - const agentPolicyOptions = useMemo( - () => - agentPolicies?.map((agentPolicy) => ({ - key: agentPolicy.id, - label: agentPolicy.id, - })) ?? [], - [agentPolicies] - ); - - const cancelButtonProps = useRouterNavigate( - `scheduled_query_groups/${editMode ? defaultValue?.id : ''}` - ); - - const { mutateAsync } = useMutation( - (payload: Record) => - editMode && defaultValue?.id - ? http.put(packagePolicyRouteService.getUpdatePath(defaultValue.id), { - body: JSON.stringify(payload), - }) - : http.post(packagePolicyRouteService.getCreatePath(), { - body: JSON.stringify(payload), - }), - { - onSuccess: (data) => { - if (!editMode) { - navigateToApp(PLUGIN_ID, { path: `scheduled_query_groups/${data.item.id}` }); - toasts.addSuccess( - i18n.translate('xpack.osquery.scheduledQueryGroup.form.createSuccessToastMessageText', { - defaultMessage: 'Successfully scheduled {scheduledQueryGroupName}', - values: { - scheduledQueryGroupName: data.item.name, - }, - }) - ); - return; - } - - queryClient.invalidateQueries([ - 'scheduledQueryGroup', - { scheduledQueryGroupId: data.item.id }, - ]); - setErrorToast(); - navigateToApp(PLUGIN_ID, { path: `scheduled_query_groups/${data.item.id}` }); - toasts.addSuccess( - i18n.translate('xpack.osquery.scheduledQueryGroup.form.updateSuccessToastMessageText', { - defaultMessage: 'Successfully updated {scheduledQueryGroupName}', - values: { - scheduledQueryGroupName: data.item.name, - }, - }) - ); - }, - onError: (error) => { - // @ts-expect-error update types - setErrorToast(error, { title: error.body.error, toastMessage: error.body.message }); - }, - } - ); - - const { form } = useForm< - Omit & { - policy_id: string; - }, - Omit & { - policy_id: string[]; - namespace: string[]; - } - >({ - id: FORM_ID, - schema: { - name: { - type: FIELD_TYPES.TEXT, - label: i18n.translate('xpack.osquery.scheduledQueryGroup.form.nameFieldLabel', { - defaultMessage: 'Name', - }), - validations: [ - { - validator: fieldValidators.emptyField( - i18n.translate( - 'xpack.osquery.scheduledQueryGroup.form.nameFieldRequiredErrorMessage', - { - defaultMessage: 'Name is a required field', - } - ) - ), - }, - ], - }, - description: { - type: FIELD_TYPES.TEXT, - label: i18n.translate('xpack.osquery.scheduledQueryGroup.form.descriptionFieldLabel', { - defaultMessage: 'Description', - }), - }, - namespace: { - type: FIELD_TYPES.COMBO_BOX, - label: i18n.translate('xpack.osquery.scheduledQueryGroup.form.namespaceFieldLabel', { - defaultMessage: 'Namespace', - }), - }, - policy_id: { - type: FIELD_TYPES.COMBO_BOX, - label: i18n.translate('xpack.osquery.scheduledQueryGroup.form.agentPolicyFieldLabel', { - defaultMessage: 'Agent policy', - }), - validations: [ - { - validator: fieldValidators.emptyField( - i18n.translate( - 'xpack.osquery.scheduledQueryGroup.form.policyIdFieldRequiredErrorMessage', - { - defaultMessage: 'Agent policy is a required field', - } - ) - ), - }, - ], - }, - }, - onSubmit: (payload, isValid) => { - if (!isValid) return Promise.resolve(); - const formData = produce(payload, (draft) => { - if (draft.inputs?.length) { - draft.inputs[0].streams?.forEach((stream) => { - delete stream.compiled_stream; - - // we don't want to send id as null when creating the policy - if (stream.id == null) { - // @ts-expect-error update types - delete stream.id; - } - }); - } - - return draft; - }); - return mutateAsync(formData); - }, - options: { - stripEmptyFields: false, - }, - deserializer: (payload) => ({ - ...payload, - policy_id: payload.policy_id.length ? [payload.policy_id] : [], - namespace: [payload.namespace], - }), - serializer: (payload) => ({ - ...payload, - policy_id: payload.policy_id[0], - namespace: payload.namespace[0], - }), - defaultValue: merge( - { - name: '', - description: '', - enabled: true, - policy_id: '', - namespace: 'default', - output_id: '', - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion - package: packageInfo!, - inputs: [ - { - type: 'osquery', - enabled: true, - streams: [], - }, - ], - }, - defaultValue ?? {} - ), - }); - - const { setFieldValue, submit, isSubmitting } = form; - - const policyIdEuiFieldProps = useMemo( - () => ({ isDisabled: !!defaultValue, options: agentPolicyOptions }), - [defaultValue, agentPolicyOptions] - ); - - const [ - { - name: queryName, - package: { version: integrationPackageVersion } = { version: undefined }, - policy_id: policyId, - }, - ] = useFormData({ - form, - watch: ['name', 'package', 'policy_id'], - }); - - const currentPolicy = useMemo(() => { - if (!policyId) { - return { - agentCount: 0, - agentPolicy: {} as AgentPolicy, - }; - } - - const currentAgentPolicy = agentPoliciesById[policyId[0]]; - return { - agentCount: currentAgentPolicy?.agents ?? 0, - agentPolicy: currentAgentPolicy, - }; - }, [agentPoliciesById, policyId]); - - const handleNameChange = useCallback( - (newName: string) => { - if (queryName === '') { - setFieldValue('name', newName); - } - }, - [setFieldValue, queryName] - ); - - const handleSaveClick = useCallback(() => { - if (currentPolicy.agentCount) { - setShowConfirmationModal(true); - return; - } - - submit().catch((error) => { - form.reset({ resetValues: false }); - setErrorToast(error, { title: error.name, toastMessage: error.message }); - }); - }, [currentPolicy.agentCount, submit, form, setErrorToast]); - - const handleConfirmConfirmationClick = useCallback(() => { - submit().catch((error) => { - form.reset({ resetValues: false }); - setErrorToast(error, { title: error.name, toastMessage: error.message }); - }); - setShowConfirmationModal(false); - }, [submit, form, setErrorToast]); - - return ( - <> -
- - -

- } - fullWidth - description={ - - } - > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - {showConfirmationModal && ( - - )} - - ); -}; - -export const ScheduledQueryGroupForm = React.memo(ScheduledQueryGroupFormComponent); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/form/queries_field.tsx b/x-pack/plugins/osquery/public/scheduled_query_groups/form/queries_field.tsx deleted file mode 100644 index 7eec37d62d52e48..000000000000000 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/form/queries_field.tsx +++ /dev/null @@ -1,334 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { findIndex, forEach, pullAt, pullAllBy } from 'lodash'; -import { EuiFlexGroup, EuiFlexItem, EuiButton, EuiSpacer } from '@elastic/eui'; -import { produce } from 'immer'; -import React, { useCallback, useMemo, useState } from 'react'; -import { FormattedMessage } from '@kbn/i18n/react'; -import { satisfies } from 'semver'; - -import { - OsqueryManagerPackagePolicyInputStream, - OsqueryManagerPackagePolicyInput, -} from '../../../common/types'; -import { OSQUERY_INTEGRATION_NAME } from '../../../common'; -import { FieldHook } from '../../shared_imports'; -import { ScheduledQueryGroupQueriesTable } from '../scheduled_query_group_queries_table'; -import { QueryFlyout } from '../queries/query_flyout'; -import { OsqueryPackUploader } from './pack_uploader'; -import { getSupportedPlatforms } from '../queries/platforms/helpers'; - -interface QueriesFieldProps { - handleNameChange: (name: string) => void; - field: FieldHook; - integrationPackageVersion?: string | undefined; - scheduledQueryGroupId: string; -} - -interface GetNewStreamProps { - id: string; - interval: string; - query: string; - platform?: string | undefined; - version?: string | undefined; - scheduledQueryGroupId?: string; - ecs_mapping?: Record< - string, - { - field: string; - } - >; -} - -interface GetNewStreamReturn extends Omit { - id?: string | null; -} - -const getNewStream = (payload: GetNewStreamProps) => - produce( - { - data_stream: { type: 'logs', dataset: `${OSQUERY_INTEGRATION_NAME}.result` }, - enabled: true, - id: payload.scheduledQueryGroupId - ? `osquery-${OSQUERY_INTEGRATION_NAME}.result-${payload.scheduledQueryGroupId}` - : null, - vars: { - id: { type: 'text', value: payload.id }, - interval: { - type: 'integer', - value: payload.interval, - }, - query: { type: 'text', value: payload.query }, - }, - }, - (draft) => { - if (payload.platform && draft.vars) { - draft.vars.platform = { type: 'text', value: payload.platform }; - } - if (payload.version && draft.vars) { - draft.vars.version = { type: 'text', value: payload.version }; - } - if (payload.ecs_mapping && draft.vars) { - draft.vars.ecs_mapping = { - value: payload.ecs_mapping, - }; - } - return draft; - } - ); - -const QueriesFieldComponent: React.FC = ({ - field, - handleNameChange, - integrationPackageVersion, - scheduledQueryGroupId, -}) => { - const [showAddQueryFlyout, setShowAddQueryFlyout] = useState(false); - const [showEditQueryFlyout, setShowEditQueryFlyout] = useState(-1); - const [tableSelectedItems, setTableSelectedItems] = useState< - OsqueryManagerPackagePolicyInputStream[] - >([]); - - const handleShowAddFlyout = useCallback(() => setShowAddQueryFlyout(true), []); - const handleHideAddFlyout = useCallback(() => setShowAddQueryFlyout(false), []); - const handleHideEditFlyout = useCallback(() => setShowEditQueryFlyout(-1), []); - - const { setValue } = field; - - const handleDeleteClick = useCallback( - (stream: OsqueryManagerPackagePolicyInputStream) => { - const streamIndex = findIndex(field.value[0].streams, [ - 'vars.id.value', - stream.vars?.id.value, - ]); - - if (streamIndex > -1) { - setValue( - produce((draft) => { - pullAt(draft[0].streams, [streamIndex]); - - return draft; - }) - ); - } - }, - [field.value, setValue] - ); - - const handleEditClick = useCallback( - (stream: OsqueryManagerPackagePolicyInputStream) => { - const streamIndex = findIndex(field.value[0].streams, [ - 'vars.id.value', - stream.vars?.id.value, - ]); - - setShowEditQueryFlyout(streamIndex); - }, - [field.value] - ); - - const handleEditQuery = useCallback( - (updatedQuery) => - new Promise((resolve) => { - if (showEditQueryFlyout >= 0) { - setValue( - produce((draft) => { - // @ts-expect-error update - draft[0].streams[showEditQueryFlyout].vars.id.value = updatedQuery.id; - // @ts-expect-error update - draft[0].streams[showEditQueryFlyout].vars.interval.value = updatedQuery.interval; - // @ts-expect-error update - draft[0].streams[showEditQueryFlyout].vars.query.value = updatedQuery.query; - - if (updatedQuery.platform?.length) { - // @ts-expect-error update - draft[0].streams[showEditQueryFlyout].vars.platform = { - type: 'text', - value: updatedQuery.platform, - }; - } else { - // @ts-expect-error update - delete draft[0].streams[showEditQueryFlyout].vars.platform; - } - - if (updatedQuery.version?.length) { - // @ts-expect-error update - draft[0].streams[showEditQueryFlyout].vars.version = { - type: 'text', - value: updatedQuery.version, - }; - } else { - // @ts-expect-error update - delete draft[0].streams[showEditQueryFlyout].vars.version; - } - - if (updatedQuery.ecs_mapping) { - // @ts-expect-error update - draft[0].streams[showEditQueryFlyout].vars.ecs_mapping = { - value: updatedQuery.ecs_mapping, - }; - } else { - // @ts-expect-error update - delete draft[0].streams[showEditQueryFlyout].vars.ecs_mapping; - } - - return draft; - }) - ); - } - - handleHideEditFlyout(); - resolve(); - }), - [handleHideEditFlyout, setValue, showEditQueryFlyout] - ); - - const handleAddQuery = useCallback( - (newQuery) => - new Promise((resolve) => { - setValue( - produce((draft) => { - draft[0].streams.push( - // @ts-expect-error update - getNewStream({ - ...newQuery, - scheduledQueryGroupId, - }) - ); - return draft; - }) - ); - handleHideAddFlyout(); - resolve(); - }), - [handleHideAddFlyout, scheduledQueryGroupId, setValue] - ); - - const handleDeleteQueries = useCallback(() => { - setValue( - produce((draft) => { - pullAllBy(draft[0].streams, tableSelectedItems, 'vars.id.value'); - - return draft; - }) - ); - setTableSelectedItems([]); - }, [setValue, tableSelectedItems]); - - const handlePackUpload = useCallback( - (parsedContent, packName) => { - /* Osquery scheduled packs are supported since osquery_manager@0.5.0 */ - const isOsqueryPackSupported = integrationPackageVersion - ? satisfies(integrationPackageVersion, '>=0.5.0') - : false; - - setValue( - produce((draft) => { - forEach(parsedContent.queries, (newQuery, newQueryId) => { - draft[0].streams.push( - // @ts-expect-error update - getNewStream({ - id: isOsqueryPackSupported ? newQueryId : `pack_${packName}_${newQueryId}`, - interval: newQuery.interval ?? parsedContent.interval, - query: newQuery.query, - version: newQuery.version ?? parsedContent.version, - platform: getSupportedPlatforms(newQuery.platform ?? parsedContent.platform), - scheduledQueryGroupId, - }) - ); - }); - - return draft; - }) - ); - - if (isOsqueryPackSupported) { - handleNameChange(packName); - } - }, - [handleNameChange, integrationPackageVersion, scheduledQueryGroupId, setValue] - ); - - const tableData = useMemo( - () => (field.value.length ? field.value[0].streams : []), - [field.value] - ); - - const uniqueQueryIds = useMemo( - () => - field.value && field.value[0].streams.length - ? field.value[0].streams.reduce((acc, stream) => { - if (stream.vars?.id.value) { - acc.push(stream.vars?.id.value); - } - - return acc; - }, [] as string[]) - : [], - [field.value] - ); - - return ( - <> - - - {!tableSelectedItems.length ? ( - - - - ) : ( - - - - )} - - - - {field.value && field.value[0].streams?.length ? ( - - ) : null} - - {} - {showAddQueryFlyout && ( - - )} - {showEditQueryFlyout != null && showEditQueryFlyout >= 0 && ( - - )} - - ); -}; - -export const QueriesField = React.memo(QueriesFieldComponent); diff --git a/x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_groups.ts b/x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_groups.ts deleted file mode 100644 index 01b67a3d5164a08..000000000000000 --- a/x-pack/plugins/osquery/public/scheduled_query_groups/use_scheduled_query_groups.ts +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { produce } from 'immer'; -import { useQuery } from 'react-query'; - -import { useKibana } from '../common/lib/kibana'; -import { ListResult, PackagePolicy, PACKAGE_POLICY_SAVED_OBJECT_TYPE } from '../../../fleet/common'; -import { OSQUERY_INTEGRATION_NAME } from '../../common'; - -export const useScheduledQueryGroups = () => { - const { http } = useKibana().services; - - return useQuery>( - ['scheduledQueries'], - () => - http.get('/internal/osquery/scheduled_query_group', { - query: { - page: 1, - perPage: 10000, - kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name: ${OSQUERY_INTEGRATION_NAME}`, - }, - }), - { - keepPreviousData: true, - select: produce((draft: ListResult) => { - draft.items = draft.items.filter( - (item) => - !( - item.inputs[0].streams.length === 1 && - !item.inputs[0].streams[0].compiled_stream.query - ) - ); - }), - } - ); -}; diff --git a/x-pack/plugins/osquery/public/shared_imports.ts b/x-pack/plugins/osquery/public/shared_imports.ts index ea9daf334844a95..8ffdc387bf76eb3 100644 --- a/x-pack/plugins/osquery/public/shared_imports.ts +++ b/x-pack/plugins/osquery/public/shared_imports.ts @@ -34,6 +34,7 @@ export { ComboBoxField, ToggleField, SelectField, + JsonEditorField, } from '../../../../src/plugins/es_ui_shared/static/forms/components'; export { fieldValidators } from '../../../../src/plugins/es_ui_shared/static/forms/helpers'; export { ERROR_CODE } from '../../../../src/plugins/es_ui_shared/static/forms/helpers/field_validators/types'; diff --git a/x-pack/plugins/osquery/server/config.ts b/x-pack/plugins/osquery/server/config.ts index 1fd4b5dbe5ac2dc..88bdc368a0bba8a 100644 --- a/x-pack/plugins/osquery/server/config.ts +++ b/x-pack/plugins/osquery/server/config.ts @@ -10,7 +10,7 @@ import { TypeOf, schema } from '@kbn/config-schema'; export const ConfigSchema = schema.object({ actionEnabled: schema.boolean({ defaultValue: false }), savedQueries: schema.boolean({ defaultValue: true }), - packs: schema.boolean({ defaultValue: false }), + packs: schema.boolean({ defaultValue: true }), }); export type ConfigType = TypeOf; diff --git a/x-pack/plugins/osquery/server/create_config.ts b/x-pack/plugins/osquery/server/create_config.ts index d52f299a692cf5d..6e4a4e7742f7ae4 100644 --- a/x-pack/plugins/osquery/server/create_config.ts +++ b/x-pack/plugins/osquery/server/create_config.ts @@ -9,6 +9,5 @@ import { PluginInitializerContext } from 'kibana/server'; import { ConfigType } from './config'; -export const createConfig = (context: PluginInitializerContext): Readonly => { - return context.config.get(); -}; +export const createConfig = (context: PluginInitializerContext): Readonly => + context.config.get(); diff --git a/x-pack/plugins/osquery/server/lib/saved_query/saved_object_mappings.ts b/x-pack/plugins/osquery/server/lib/saved_query/saved_object_mappings.ts index 537b6d7874ab8ae..a633fe4923aebdc 100644 --- a/x-pack/plugins/osquery/server/lib/saved_query/saved_object_mappings.ts +++ b/x-pack/plugins/osquery/server/lib/saved_query/saved_object_mappings.ts @@ -41,6 +41,10 @@ export const savedQuerySavedObjectMappings: SavedObjectsType['mappings'] = { interval: { type: 'keyword', }, + ecs_mapping: { + type: 'object', + enabled: false, + }, }, }; @@ -63,22 +67,38 @@ export const packSavedObjectMappings: SavedObjectsType['mappings'] = { type: 'date', }, created_by: { - type: 'text', + type: 'keyword', }, updated_at: { type: 'date', }, updated_by: { - type: 'text', + type: 'keyword', + }, + enabled: { + type: 'boolean', }, queries: { properties: { - name: { + id: { type: 'keyword', }, + query: { + type: 'text', + }, interval: { type: 'text', }, + platform: { + type: 'keyword', + }, + version: { + type: 'keyword', + }, + ecs_mapping: { + type: 'object', + enabled: false, + }, }, }, }, diff --git a/x-pack/plugins/osquery/server/plugin.ts b/x-pack/plugins/osquery/server/plugin.ts index 420fc429f97f461..1bb394843e5b7e6 100644 --- a/x-pack/plugins/osquery/server/plugin.ts +++ b/x-pack/plugins/osquery/server/plugin.ts @@ -7,6 +7,7 @@ import { i18n } from '@kbn/i18n'; import { + ASSETS_SAVED_OBJECT_TYPE, PACKAGE_POLICY_SAVED_OBJECT_TYPE, AGENT_POLICY_SAVED_OBJECT_TYPE, PACKAGES_SAVED_OBJECT_TYPE, @@ -47,8 +48,12 @@ const registerFeatures = (features: SetupPlugins['features']) => { app: [PLUGIN_ID, 'kibana'], catalogue: [PLUGIN_ID], savedObject: { - all: [PACKAGE_POLICY_SAVED_OBJECT_TYPE], - read: [PACKAGES_SAVED_OBJECT_TYPE, AGENT_POLICY_SAVED_OBJECT_TYPE], + all: [ + PACKAGE_POLICY_SAVED_OBJECT_TYPE, + ASSETS_SAVED_OBJECT_TYPE, + AGENT_POLICY_SAVED_OBJECT_TYPE, + ], + read: [PACKAGES_SAVED_OBJECT_TYPE], }, ui: ['write'], }, @@ -129,6 +134,7 @@ const registerFeatures = (features: SetupPlugins['features']) => { groupType: 'mutually_exclusive', privileges: [ { + api: [`${PLUGIN_ID}-writeSavedQueries`], id: 'saved_queries_all', includeIn: 'all', name: 'All', @@ -139,6 +145,7 @@ const registerFeatures = (features: SetupPlugins['features']) => { ui: ['writeSavedQueries', 'readSavedQueries'], }, { + api: [`${PLUGIN_ID}-readSavedQueries`], id: 'saved_queries_read', includeIn: 'read', name: 'Read', @@ -153,9 +160,8 @@ const registerFeatures = (features: SetupPlugins['features']) => { ], }, { - // TODO: Rename it to "Packs" as part of https://github.com/elastic/kibana/pull/107345 - name: i18n.translate('xpack.osquery.features.scheduledQueryGroupsSubFeatureName', { - defaultMessage: 'Scheduled query groups', + name: i18n.translate('xpack.osquery.features.packsSubFeatureName', { + defaultMessage: 'Packs', }), privilegeGroups: [ { @@ -167,7 +173,11 @@ const registerFeatures = (features: SetupPlugins['features']) => { includeIn: 'all', name: 'All', savedObject: { - all: [packSavedObjectType], + all: [ + PACKAGE_POLICY_SAVED_OBJECT_TYPE, + ASSETS_SAVED_OBJECT_TYPE, + packSavedObjectType, + ], read: [], }, ui: ['writePacks', 'readPacks'], diff --git a/x-pack/plugins/osquery/server/routes/action/create_action_route.ts b/x-pack/plugins/osquery/server/routes/action/create_action_route.ts index aed6c34d33f94ce..656f05f76031ab2 100644 --- a/x-pack/plugins/osquery/server/routes/action/create_action_route.ts +++ b/x-pack/plugins/osquery/server/routes/action/create_action_route.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { pickBy } from 'lodash'; import uuid from 'uuid'; import moment from 'moment-timezone'; @@ -68,10 +69,12 @@ export const createActionRoute = (router: IRouter, osqueryContext: OsqueryAppCon input_type: 'osquery', agents: selectedAgents, user_id: currentUser, - data: { + data: pickBy({ id: uuid.v4(), query: request.body.query, - }, + saved_query_id: request.body.saved_query_id, + ecs_mapping: request.body.ecs_mapping, + }), }; const actionResponse = await esClient.index<{}, {}>({ index: '.fleet-actions', diff --git a/x-pack/plugins/osquery/server/routes/fleet_wrapper/get_agent_policies.ts b/x-pack/plugins/osquery/server/routes/fleet_wrapper/get_agent_policies.ts index 08b5b4314f1f189..accfc2d9ef4dae6 100644 --- a/x-pack/plugins/osquery/server/routes/fleet_wrapper/get_agent_policies.ts +++ b/x-pack/plugins/osquery/server/routes/fleet_wrapper/get_agent_policies.ts @@ -7,8 +7,14 @@ import bluebird from 'bluebird'; import { schema } from '@kbn/config-schema'; -import { GetAgentPoliciesResponseItem, AGENT_SAVED_OBJECT_TYPE } from '../../../../fleet/common'; -import { PLUGIN_ID } from '../../../common'; +import { filter, uniq, map } from 'lodash'; +import { satisfies } from 'semver'; +import { + GetAgentPoliciesResponseItem, + PACKAGE_POLICY_SAVED_OBJECT_TYPE, + PackagePolicy, +} from '../../../../fleet/common'; +import { OSQUERY_INTEGRATION_NAME, PLUGIN_ID } from '../../../common'; import { IRouter } from '../../../../../../src/core/server'; import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; @@ -25,31 +31,33 @@ export const getAgentPoliciesRoute = (router: IRouter, osqueryContext: OsqueryAp async (context, request, response) => { const soClient = context.core.savedObjects.client; const esClient = context.core.elasticsearch.client.asInternalUser; + const agentService = osqueryContext.service.getAgentService(); + const agentPolicyService = osqueryContext.service.getAgentPolicyService(); + const packagePolicyService = osqueryContext.service.getPackagePolicyService(); - // TODO: Use getAgentPoliciesHandler from x-pack/plugins/fleet/server/routes/agent_policy/handlers.ts - const body = await osqueryContext.service.getAgentPolicyService()?.list(soClient, { - ...(request.query || {}), - perPage: 100, - }); + const { items: packagePolicies } = (await packagePolicyService?.list(soClient, { + kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name:${OSQUERY_INTEGRATION_NAME}`, + perPage: 1000, + page: 1, + })) ?? { items: [] as PackagePolicy[] }; + const supportedPackagePolicyIds = filter(packagePolicies, (packagePolicy) => + satisfies(packagePolicy.package?.version ?? '', '>=0.6.0') + ); + const agentPolicyIds = uniq(map(supportedPackagePolicyIds, 'policy_id')); + const agentPolicies = await agentPolicyService?.getByIds(soClient, agentPolicyIds); - if (body?.items) { + if (agentPolicies?.length) { await bluebird.map( - body.items, + agentPolicies, (agentPolicy: GetAgentPoliciesResponseItem) => - osqueryContext.service - .getAgentService() - ?.listAgents(esClient, { - showInactive: false, - perPage: 0, - page: 1, - kuery: `${AGENT_SAVED_OBJECT_TYPE}.policy_id:${agentPolicy.id}`, - }) + agentService + ?.getAgentStatusForAgentPolicy(esClient, agentPolicy.id) .then(({ total: agentTotal }) => (agentPolicy.agents = agentTotal)), { concurrency: 10 } ); } - return response.ok({ body }); + return response.ok({ body: agentPolicies }); } ); }; diff --git a/x-pack/plugins/osquery/server/routes/index.ts b/x-pack/plugins/osquery/server/routes/index.ts index c927c711a23cbcc..b32f0c5578207dd 100644 --- a/x-pack/plugins/osquery/server/routes/index.ts +++ b/x-pack/plugins/osquery/server/routes/index.ts @@ -12,23 +12,13 @@ import { initSavedQueryRoutes } from './saved_query'; import { initStatusRoutes } from './status'; import { initFleetWrapperRoutes } from './fleet_wrapper'; import { initPackRoutes } from './pack'; -import { initScheduledQueryGroupRoutes } from './scheduled_query_group'; import { initPrivilegesCheckRoutes } from './privileges_check'; export const defineRoutes = (router: IRouter, context: OsqueryAppContext) => { - const config = context.config(); - initActionRoutes(router, context); initStatusRoutes(router, context); - initScheduledQueryGroupRoutes(router, context); + initPackRoutes(router, context); initFleetWrapperRoutes(router, context); initPrivilegesCheckRoutes(router, context); - - if (config.packs) { - initPackRoutes(router); - } - - if (config.savedQueries) { - initSavedQueryRoutes(router); - } + initSavedQueryRoutes(router, context); }; diff --git a/x-pack/plugins/osquery/server/routes/pack/create_pack_route.ts b/x-pack/plugins/osquery/server/routes/pack/create_pack_route.ts index 3707c3d3e91ec3e..16710d578abb7c6 100644 --- a/x-pack/plugins/osquery/server/routes/pack/create_pack_route.ts +++ b/x-pack/plugins/osquery/server/routes/pack/create_pack_route.ts @@ -5,58 +5,142 @@ * 2.0. */ +import moment from 'moment-timezone'; +import { has, mapKeys, set, unset, find } from 'lodash'; import { schema } from '@kbn/config-schema'; +import { produce } from 'immer'; +import { + AGENT_POLICY_SAVED_OBJECT_TYPE, + PACKAGE_POLICY_SAVED_OBJECT_TYPE, + PackagePolicy, +} from '../../../../fleet/common'; import { IRouter } from '../../../../../../src/core/server'; +import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; +import { OSQUERY_INTEGRATION_NAME } from '../../../common'; +import { PLUGIN_ID } from '../../../common'; +import { packSavedObjectType } from '../../../common/types'; +import { convertPackQueriesToSO } from './utils'; -import { packSavedObjectType, savedQuerySavedObjectType } from '../../../common/types'; - -export const createPackRoute = (router: IRouter) => { +export const createPackRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => { router.post( { - path: '/internal/osquery/pack', + path: '/internal/osquery/packs', validate: { - body: schema.object({}, { unknowns: 'allow' }), + body: schema.object( + { + name: schema.string(), + description: schema.maybe(schema.string()), + enabled: schema.maybe(schema.boolean()), + policy_ids: schema.maybe(schema.arrayOf(schema.string())), + queries: schema.recordOf( + schema.string(), + schema.object({ + query: schema.string(), + interval: schema.maybe(schema.number()), + platform: schema.maybe(schema.string()), + version: schema.maybe(schema.string()), + ecs_mapping: schema.maybe( + schema.recordOf( + schema.string(), + schema.object({ + field: schema.string(), + }) + ) + ), + }) + ), + }, + { unknowns: 'allow' } + ), }, + options: { tags: [`access:${PLUGIN_ID}-writePacks`] }, }, async (context, request, response) => { + const esClient = context.core.elasticsearch.client.asCurrentUser; const savedObjectsClient = context.core.savedObjects.client; + const agentPolicyService = osqueryContext.service.getAgentPolicyService(); - // @ts-expect-error update types - const { name, description, queries } = request.body; + const packagePolicyService = osqueryContext.service.getPackagePolicyService(); + const currentUser = await osqueryContext.security.authc.getCurrentUser(request)?.username; - // @ts-expect-error update types - const references = queries.map((savedQuery) => ({ - type: savedQuerySavedObjectType, - id: savedQuery.id, - name: savedQuery.name, - })); - - const { - attributes, - // eslint-disable-next-line @typescript-eslint/no-unused-vars - references: _, - ...restSO - } = await savedObjectsClient.create( + // eslint-disable-next-line @typescript-eslint/naming-convention + const { name, description, queries, enabled, policy_ids } = request.body; + + const conflictingEntries = await savedObjectsClient.find({ + type: packSavedObjectType, + search: name, + searchFields: ['name'], + }); + + if (conflictingEntries.saved_objects.length) { + return response.conflict({ body: `Pack with name "${name}" already exists.` }); + } + + const { items: packagePolicies } = (await packagePolicyService?.list(savedObjectsClient, { + kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name:${OSQUERY_INTEGRATION_NAME}`, + perPage: 1000, + page: 1, + })) ?? { items: [] }; + + const agentPolicies = policy_ids + ? mapKeys(await agentPolicyService?.getByIds(savedObjectsClient, policy_ids), 'id') + : {}; + + const references = policy_ids + ? policy_ids.map((policyId: string) => ({ + id: policyId, + name: agentPolicies[policyId].name, + type: AGENT_POLICY_SAVED_OBJECT_TYPE, + })) + : []; + + const packSO = await savedObjectsClient.create( packSavedObjectType, { name, description, - // @ts-expect-error update types - // eslint-disable-next-line @typescript-eslint/no-unused-vars - queries: queries.map(({ id, query, ...rest }) => rest), + queries: convertPackQueriesToSO(queries), + enabled, + created_at: moment().toISOString(), + created_by: currentUser, + updated_at: moment().toISOString(), + updated_by: currentUser, }, { references, + refresh: 'wait_for', } ); - return response.ok({ - body: { - ...restSO, - ...attributes, - queries, - }, - }); + if (enabled && policy_ids?.length) { + await Promise.all( + policy_ids.map((agentPolicyId) => { + const packagePolicy = find(packagePolicies, ['policy_id', agentPolicyId]); + if (packagePolicy) { + return packagePolicyService?.update( + savedObjectsClient, + esClient, + packagePolicy.id, + produce(packagePolicy, (draft) => { + unset(draft, 'id'); + if (!has(draft, 'inputs[0].streams')) { + set(draft, 'inputs[0].streams', []); + } + set(draft, `inputs[0].config.osquery.value.packs.${packSO.attributes.name}`, { + queries, + }); + return draft; + }) + ); + } + }) + ); + } + + // @ts-expect-error update types + packSO.attributes.queries = queries; + + return response.ok({ body: packSO }); } ); }; diff --git a/x-pack/plugins/osquery/server/routes/pack/delete_pack_route.ts b/x-pack/plugins/osquery/server/routes/pack/delete_pack_route.ts index 3e1cf5bfaed026b..aa4496035f774e8 100644 --- a/x-pack/plugins/osquery/server/routes/pack/delete_pack_route.ts +++ b/x-pack/plugins/osquery/server/routes/pack/delete_pack_route.ts @@ -5,37 +5,71 @@ * 2.0. */ +import { has, filter, unset } from 'lodash'; +import { produce } from 'immer'; import { schema } from '@kbn/config-schema'; +import { PACKAGE_POLICY_SAVED_OBJECT_TYPE } from '../../../../fleet/common'; +import { OSQUERY_INTEGRATION_NAME } from '../../../common'; +import { PLUGIN_ID } from '../../../common'; import { IRouter } from '../../../../../../src/core/server'; import { packSavedObjectType } from '../../../common/types'; +import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; -export const deletePackRoute = (router: IRouter) => { +export const deletePackRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => { router.delete( { - path: '/internal/osquery/pack', + path: '/internal/osquery/packs/{id}', validate: { - body: schema.object({}, { unknowns: 'allow' }), + params: schema.object({ + id: schema.string(), + }), }, + options: { tags: [`access:${PLUGIN_ID}-writePacks`] }, }, async (context, request, response) => { + const esClient = context.core.elasticsearch.client.asCurrentUser; const savedObjectsClient = context.core.savedObjects.client; + const packagePolicyService = osqueryContext.service.getPackagePolicyService(); - // @ts-expect-error update types - const { packIds } = request.body; + const currentPackSO = await savedObjectsClient.get<{ name: string }>( + packSavedObjectType, + request.params.id + ); + + await savedObjectsClient.delete(packSavedObjectType, request.params.id, { + refresh: 'wait_for', + }); + + const { items: packagePolicies } = (await packagePolicyService?.list(savedObjectsClient, { + kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name:${OSQUERY_INTEGRATION_NAME}`, + perPage: 1000, + page: 1, + })) ?? { items: [] }; + const currentPackagePolicies = filter(packagePolicies, (packagePolicy) => + has(packagePolicy, `inputs[0].config.osquery.value.packs.${currentPackSO.attributes.name}`) + ); await Promise.all( - packIds.map( - // @ts-expect-error update types - async (packId) => - await savedObjectsClient.delete(packSavedObjectType, packId, { - refresh: 'wait_for', + currentPackagePolicies.map((packagePolicy) => + packagePolicyService?.update( + savedObjectsClient, + esClient, + packagePolicy.id, + produce(packagePolicy, (draft) => { + unset(draft, 'id'); + unset( + draft, + `inputs[0].config.osquery.value.packs.${[currentPackSO.attributes.name]}` + ); + return draft; }) + ) ) ); return response.ok({ - body: packIds, + body: {}, }); } ); diff --git a/x-pack/plugins/osquery/server/routes/pack/find_pack_route.ts b/x-pack/plugins/osquery/server/routes/pack/find_pack_route.ts index d4f4adfc24e3e8b..24891b1d9f664c7 100644 --- a/x-pack/plugins/osquery/server/routes/pack/find_pack_route.ts +++ b/x-pack/plugins/osquery/server/routes/pack/find_pack_route.ts @@ -5,19 +5,32 @@ * 2.0. */ -import { find, map, uniq } from 'lodash/fp'; +import { filter, map } from 'lodash'; import { schema } from '@kbn/config-schema'; +import { AGENT_POLICY_SAVED_OBJECT_TYPE } from '../../../../fleet/common'; import { IRouter } from '../../../../../../src/core/server'; -import { packSavedObjectType, savedQuerySavedObjectType } from '../../../common/types'; +import { packSavedObjectType } from '../../../common/types'; +import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; +import { PLUGIN_ID } from '../../../common'; -export const findPackRoute = (router: IRouter) => { +// eslint-disable-next-line @typescript-eslint/no-unused-vars +export const findPackRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => { router.get( { - path: '/internal/osquery/pack', + path: '/internal/osquery/packs', validate: { - query: schema.object({}, { unknowns: 'allow' }), + query: schema.object( + { + pageIndex: schema.maybe(schema.string()), + pageSize: schema.maybe(schema.number()), + sortField: schema.maybe(schema.string()), + sortOrder: schema.maybe(schema.string()), + }, + { unknowns: 'allow' } + ), }, + options: { tags: [`access:${PLUGIN_ID}-readPacks`] }, }, async (context, request, response) => { const savedObjectsClient = context.core.savedObjects.client; @@ -25,77 +38,30 @@ export const findPackRoute = (router: IRouter) => { const soClientResponse = await savedObjectsClient.find<{ name: string; description: string; - queries: Array<{ name: string; interval: string }>; + queries: Array<{ name: string; interval: number }>; + policy_ids: string[]; }>({ type: packSavedObjectType, - // @ts-expect-error update types - page: parseInt(request.query.pageIndex ?? 0, 10) + 1, - // @ts-expect-error update types + page: parseInt(request.query.pageIndex ?? '0', 10) + 1, perPage: request.query.pageSize ?? 20, - // @ts-expect-error update types sortField: request.query.sortField ?? 'updated_at', // @ts-expect-error update types - sortOrder: request.query.sortDirection ?? 'desc', + sortOrder: request.query.sortOrder ?? 'desc', }); - const packs = soClientResponse.saved_objects.map(({ attributes, references, ...rest }) => ({ - ...rest, - ...attributes, - queries: - attributes.queries?.map((packQuery) => { - const queryReference = find(['name', packQuery.name], references); + soClientResponse.saved_objects.map((pack) => { + const policyIds = map( + filter(pack.references, ['type', AGENT_POLICY_SAVED_OBJECT_TYPE]), + 'id' + ); - if (queryReference) { - return { - ...packQuery, - id: queryReference?.id, - }; - } - - return packQuery; - }) ?? [], - })); - - const savedQueriesIds = uniq( // @ts-expect-error update types - packs.reduce((acc, savedQuery) => [...acc, ...map('id', savedQuery.queries)], []) - ); - - const { saved_objects: savedQueries } = await savedObjectsClient.bulkGet( - savedQueriesIds.map((queryId) => ({ - type: savedQuerySavedObjectType, - id: queryId, - })) - ); - - const packsWithSavedQueriesQueries = packs.map((pack) => ({ - ...pack, - // @ts-expect-error update types - queries: pack.queries.reduce((acc, packQuery) => { - // @ts-expect-error update types - const savedQuerySO = find(['id', packQuery.id], savedQueries); - - // @ts-expect-error update types - if (savedQuerySO?.attributes?.query) { - return [ - ...acc, - { - ...packQuery, - // @ts-expect-error update types - query: find(['id', packQuery.id], savedQueries).attributes.query, - }, - ]; - } - - return acc; - }, []), - })); + pack.policy_ids = policyIds; + return pack; + }); return response.ok({ - body: { - ...soClientResponse, - saved_objects: packsWithSavedQueriesQueries, - }, + body: soClientResponse, }); } ); diff --git a/x-pack/plugins/osquery/server/routes/pack/index.ts b/x-pack/plugins/osquery/server/routes/pack/index.ts index 6df7ce6c71f70bb..7e7d338de2358e3 100644 --- a/x-pack/plugins/osquery/server/routes/pack/index.ts +++ b/x-pack/plugins/osquery/server/routes/pack/index.ts @@ -6,6 +6,7 @@ */ import { IRouter } from '../../../../../../src/core/server'; +import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; import { createPackRoute } from './create_pack_route'; import { deletePackRoute } from './delete_pack_route'; @@ -13,10 +14,10 @@ import { findPackRoute } from './find_pack_route'; import { readPackRoute } from './read_pack_route'; import { updatePackRoute } from './update_pack_route'; -export const initPackRoutes = (router: IRouter) => { - createPackRoute(router); - deletePackRoute(router); - findPackRoute(router); - readPackRoute(router); - updatePackRoute(router); +export const initPackRoutes = (router: IRouter, context: OsqueryAppContext) => { + createPackRoute(router, context); + deletePackRoute(router, context); + findPackRoute(router, context); + readPackRoute(router, context); + updatePackRoute(router, context); }; diff --git a/x-pack/plugins/osquery/server/routes/pack/read_pack_route.ts b/x-pack/plugins/osquery/server/routes/pack/read_pack_route.ts index 82cc44dc3948747..066938603a2d680 100644 --- a/x-pack/plugins/osquery/server/routes/pack/read_pack_route.ts +++ b/x-pack/plugins/osquery/server/routes/pack/read_pack_route.ts @@ -5,19 +5,27 @@ * 2.0. */ -import { find, map } from 'lodash/fp'; +import { filter, map } from 'lodash'; import { schema } from '@kbn/config-schema'; +import { PLUGIN_ID } from '../../../common'; +import { AGENT_POLICY_SAVED_OBJECT_TYPE } from '../../../../fleet/common'; import { IRouter } from '../../../../../../src/core/server'; -import { savedQuerySavedObjectType, packSavedObjectType } from '../../../common/types'; +import { packSavedObjectType } from '../../../common/types'; +import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; +import { convertSOQueriesToPack } from './utils'; -export const readPackRoute = (router: IRouter) => { +// eslint-disable-next-line @typescript-eslint/no-unused-vars +export const readPackRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => { router.get( { - path: '/internal/osquery/pack/{id}', + path: '/internal/osquery/packs/{id}', validate: { - params: schema.object({}, { unknowns: 'allow' }), + params: schema.object({ + id: schema.string(), + }), }, + options: { tags: [`access:${PLUGIN_ID}-readPacks`] }, }, async (context, request, response) => { const savedObjectsClient = context.core.savedObjects.client; @@ -25,60 +33,22 @@ export const readPackRoute = (router: IRouter) => { const { attributes, references, ...rest } = await savedObjectsClient.get<{ name: string; description: string; - queries: Array<{ name: string; interval: string }>; - }>( - packSavedObjectType, - // @ts-expect-error update types - request.params.id - ); + queries: Array<{ + id: string; + name: string; + interval: number; + ecs_mapping: Record; + }>; + }>(packSavedObjectType, request.params.id); - const queries = - attributes.queries?.map((packQuery) => { - const queryReference = find(['name', packQuery.name], references); - - if (queryReference) { - return { - ...packQuery, - id: queryReference?.id, - }; - } - - return packQuery; - }) ?? []; - - const queriesIds = map('id', queries); - - const { saved_objects: savedQueries } = await savedObjectsClient.bulkGet<{}>( - queriesIds.map((queryId) => ({ - type: savedQuerySavedObjectType, - id: queryId, - })) - ); - - // @ts-expect-error update types - const queriesWithQueries = queries.reduce((acc, query) => { - // @ts-expect-error update types - const querySavedObject = find(['id', query.id], savedQueries); - // @ts-expect-error update types - if (querySavedObject?.attributes?.query) { - return [ - ...acc, - { - ...query, - // @ts-expect-error update types - query: querySavedObject.attributes.query, - }, - ]; - } - - return acc; - }, []); + const policyIds = map(filter(references, ['type', AGENT_POLICY_SAVED_OBJECT_TYPE]), 'id'); return response.ok({ body: { ...rest, ...attributes, - queries: queriesWithQueries, + queries: convertSOQueriesToPack(attributes.queries), + policy_ids: policyIds, }, }); } diff --git a/x-pack/plugins/osquery/server/routes/pack/update_pack_route.ts b/x-pack/plugins/osquery/server/routes/pack/update_pack_route.ts index edf0cfc2f2f0c34..1abdec17a922b08 100644 --- a/x-pack/plugins/osquery/server/routes/pack/update_pack_route.ts +++ b/x-pack/plugins/osquery/server/routes/pack/update_pack_route.ts @@ -5,59 +5,295 @@ * 2.0. */ +import moment from 'moment-timezone'; +import { set, unset, has, difference, filter, find, map, mapKeys, pickBy, uniq } from 'lodash'; import { schema } from '@kbn/config-schema'; - +import { produce } from 'immer'; +import { + AGENT_POLICY_SAVED_OBJECT_TYPE, + PACKAGE_POLICY_SAVED_OBJECT_TYPE, + PackagePolicy, +} from '../../../../fleet/common'; import { IRouter } from '../../../../../../src/core/server'; -import { packSavedObjectType, savedQuerySavedObjectType } from '../../../common/types'; -export const updatePackRoute = (router: IRouter) => { +import { OSQUERY_INTEGRATION_NAME } from '../../../common'; +import { packSavedObjectType } from '../../../common/types'; +import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; +import { PLUGIN_ID } from '../../../common'; +import { convertSOQueriesToPack, convertPackQueriesToSO } from './utils'; + +export const updatePackRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => { router.put( { - path: '/internal/osquery/pack/{id}', + path: '/internal/osquery/packs/{id}', validate: { - params: schema.object({}, { unknowns: 'allow' }), - body: schema.object({}, { unknowns: 'allow' }), + params: schema.object( + { + id: schema.string(), + }, + { unknowns: 'allow' } + ), + body: schema.object( + { + name: schema.maybe(schema.string()), + description: schema.maybe(schema.string()), + enabled: schema.maybe(schema.boolean()), + policy_ids: schema.maybe(schema.arrayOf(schema.string())), + queries: schema.maybe( + schema.recordOf( + schema.string(), + schema.object({ + query: schema.string(), + interval: schema.maybe(schema.number()), + platform: schema.maybe(schema.string()), + version: schema.maybe(schema.string()), + ecs_mapping: schema.maybe( + schema.recordOf( + schema.string(), + schema.object({ + field: schema.string(), + }) + ) + ), + }) + ) + ), + }, + { unknowns: 'allow' } + ), }, + options: { tags: [`access:${PLUGIN_ID}-writePacks`] }, }, async (context, request, response) => { + const esClient = context.core.elasticsearch.client.asCurrentUser; const savedObjectsClient = context.core.savedObjects.client; + const agentPolicyService = osqueryContext.service.getAgentPolicyService(); + const packagePolicyService = osqueryContext.service.getPackagePolicyService(); + const currentUser = await osqueryContext.security.authc.getCurrentUser(request)?.username; + + // eslint-disable-next-line @typescript-eslint/naming-convention + const { name, description, queries, enabled, policy_ids } = request.body; + + const currentPackSO = await savedObjectsClient.get<{ name: string; enabled: boolean }>( + packSavedObjectType, + request.params.id + ); + + if (name) { + const conflictingEntries = await savedObjectsClient.find({ + type: packSavedObjectType, + search: name, + searchFields: ['name'], + }); - // @ts-expect-error update types - const { name, description, queries } = request.body; + if ( + filter(conflictingEntries.saved_objects, (packSO) => packSO.id !== currentPackSO.id) + .length + ) { + return response.conflict({ body: `Pack with name "${name}" already exists.` }); + } + } - // @ts-expect-error update types - const updatedReferences = queries.map((savedQuery) => ({ - type: savedQuerySavedObjectType, - id: savedQuery.id, - name: savedQuery.name, - })); + const { items: packagePolicies } = (await packagePolicyService?.list(savedObjectsClient, { + kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name:${OSQUERY_INTEGRATION_NAME}`, + perPage: 1000, + page: 1, + })) ?? { items: [] }; + const currentPackagePolicies = filter(packagePolicies, (packagePolicy) => + has(packagePolicy, `inputs[0].config.osquery.value.packs.${currentPackSO.attributes.name}`) + ); + const agentPolicies = policy_ids + ? mapKeys(await agentPolicyService?.getByIds(savedObjectsClient, policy_ids), 'id') + : {}; + const agentPolicyIds = Object.keys(agentPolicies); - // eslint-disable-next-line @typescript-eslint/no-unused-vars - const { attributes, references, ...restSO } = await savedObjectsClient.update( + await savedObjectsClient.update( packSavedObjectType, - // @ts-expect-error update types request.params.id, { - name, - description, - // @ts-expect-error update types - // eslint-disable-next-line @typescript-eslint/no-unused-vars - queries: queries.map(({ id, query, ...rest }) => rest), + enabled, + ...pickBy({ + name, + description, + queries: queries && convertPackQueriesToSO(queries), + updated_at: moment().toISOString(), + updated_by: currentUser, + }), }, - { - references: updatedReferences, - } + policy_ids + ? { + refresh: 'wait_for', + references: policy_ids.map((id) => ({ + id, + name: agentPolicies[id].name, + type: AGENT_POLICY_SAVED_OBJECT_TYPE, + })), + } + : { + refresh: 'wait_for', + } ); - return response.ok({ - body: { - ...restSO, - ...attributes, - // @ts-expect-error update types - // eslint-disable-next-line @typescript-eslint/no-unused-vars - queries: queries.map(({ id, ...rest }) => rest), - }, - }); + const currentAgentPolicyIds = map( + filter(currentPackSO.references, ['type', AGENT_POLICY_SAVED_OBJECT_TYPE]), + 'id' + ); + + const updatedPackSO = await savedObjectsClient.get<{ + name: string; + enabled: boolean; + queries: Record; + }>(packSavedObjectType, request.params.id); + + updatedPackSO.attributes.queries = convertSOQueriesToPack(updatedPackSO.attributes.queries); + + if (enabled == null && !currentPackSO.attributes.enabled) { + return response.ok({ body: updatedPackSO }); + } + + if (enabled != null && enabled !== currentPackSO.attributes.enabled) { + if (enabled) { + const policyIds = policy_ids ? agentPolicyIds : currentAgentPolicyIds; + + await Promise.all( + policyIds.map((agentPolicyId) => { + const packagePolicy = find(packagePolicies, ['policy_id', agentPolicyId]); + + if (packagePolicy) { + return packagePolicyService?.update( + savedObjectsClient, + esClient, + packagePolicy.id, + produce(packagePolicy, (draft) => { + unset(draft, 'id'); + if (!has(draft, 'inputs[0].streams')) { + set(draft, 'inputs[0].streams', []); + } + set( + draft, + `inputs[0].config.osquery.value.packs.${updatedPackSO.attributes.name}`, + { + queries: updatedPackSO.attributes.queries, + } + ); + return draft; + }) + ); + } + }) + ); + } else { + await Promise.all( + currentAgentPolicyIds.map((agentPolicyId) => { + const packagePolicy = find(currentPackagePolicies, ['policy_id', agentPolicyId]); + if (!packagePolicy) return; + + return packagePolicyService?.update( + savedObjectsClient, + esClient, + packagePolicy.id, + produce(packagePolicy, (draft) => { + unset(draft, 'id'); + unset( + draft, + `inputs[0].config.osquery.value.packs.${currentPackSO.attributes.name}` + ); + return draft; + }) + ); + }) + ); + } + } else { + const agentPolicyIdsToRemove = uniq(difference(currentAgentPolicyIds, agentPolicyIds)); + const agentPolicyIdsToUpdate = uniq( + difference(currentAgentPolicyIds, agentPolicyIdsToRemove) + ); + const agentPolicyIdsToAdd = uniq(difference(agentPolicyIds, currentAgentPolicyIds)); + + await Promise.all( + agentPolicyIdsToRemove.map((agentPolicyId) => { + const packagePolicy = find(currentPackagePolicies, ['policy_id', agentPolicyId]); + if (packagePolicy) { + return packagePolicyService?.update( + savedObjectsClient, + esClient, + packagePolicy.id, + produce(packagePolicy, (draft) => { + unset(draft, 'id'); + unset( + draft, + `inputs[0].config.osquery.value.packs.${currentPackSO.attributes.name}` + ); + return draft; + }) + ); + } + }) + ); + + await Promise.all( + agentPolicyIdsToUpdate.map((agentPolicyId) => { + const packagePolicy = find(packagePolicies, ['policy_id', agentPolicyId]); + + if (packagePolicy) { + return packagePolicyService?.update( + savedObjectsClient, + esClient, + packagePolicy.id, + produce(packagePolicy, (draft) => { + unset(draft, 'id'); + if (updatedPackSO.attributes.name !== currentPackSO.attributes.name) { + unset( + draft, + `inputs[0].config.osquery.value.packs.${currentPackSO.attributes.name}` + ); + } + + set( + draft, + `inputs[0].config.osquery.value.packs.${updatedPackSO.attributes.name}`, + { + queries: updatedPackSO.attributes.queries, + } + ); + return draft; + }) + ); + } + }) + ); + + await Promise.all( + agentPolicyIdsToAdd.map((agentPolicyId) => { + const packagePolicy = find(packagePolicies, ['policy_id', agentPolicyId]); + + if (packagePolicy) { + return packagePolicyService?.update( + savedObjectsClient, + esClient, + packagePolicy.id, + produce(packagePolicy, (draft) => { + unset(draft, 'id'); + if (!(draft.inputs.length && draft.inputs[0].streams.length)) { + set(draft, 'inputs[0].streams', []); + } + set( + draft, + `inputs[0].config.osquery.value.packs.${updatedPackSO.attributes.name}`, + { + queries: updatedPackSO.attributes.queries, + } + ); + return draft; + }) + ); + } + }) + ); + } + + return response.ok({ body: updatedPackSO }); } ); }; diff --git a/x-pack/plugins/osquery/server/routes/pack/utils.ts b/x-pack/plugins/osquery/server/routes/pack/utils.ts new file mode 100644 index 000000000000000..004ba7c6d270025 --- /dev/null +++ b/x-pack/plugins/osquery/server/routes/pack/utils.ts @@ -0,0 +1,42 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { pick, reduce } from 'lodash'; +import { convertECSMappingToArray, convertECSMappingToObject } from '../utils'; + +// @ts-expect-error update types +export const convertPackQueriesToSO = (queries) => + reduce( + queries, + (acc, value, key) => { + const ecsMapping = value.ecs_mapping && convertECSMappingToArray(value.ecs_mapping); + acc.push({ + id: key, + ...pick(value, ['query', 'interval', 'platform', 'version']), + ...(ecsMapping ? { ecs_mapping: ecsMapping } : {}), + }); + return acc; + }, + // eslint-disable-next-line @typescript-eslint/no-explicit-any + [] as Array> + ); + +// @ts-expect-error update types +export const convertSOQueriesToPack = (queries) => + reduce( + queries, + // eslint-disable-next-line @typescript-eslint/naming-convention + (acc, { id: queryId, ecs_mapping, ...query }) => { + acc[queryId] = { + ...query, + ecs_mapping: convertECSMappingToObject(ecs_mapping), + }; + return acc; + }, + // eslint-disable-next-line @typescript-eslint/no-explicit-any + {} as Record + ); diff --git a/x-pack/plugins/osquery/server/routes/saved_query/create_saved_query_route.ts b/x-pack/plugins/osquery/server/routes/saved_query/create_saved_query_route.ts index fe8220c559de8ec..5c65ebf1a701e0b 100644 --- a/x-pack/plugins/osquery/server/routes/saved_query/create_saved_query_route.ts +++ b/x-pack/plugins/osquery/server/routes/saved_query/create_saved_query_route.ts @@ -5,6 +5,7 @@ * 2.0. */ +import { pickBy } from 'lodash'; import { IRouter } from '../../../../../../src/core/server'; import { PLUGIN_ID } from '../../../common'; import { @@ -13,8 +14,10 @@ import { } from '../../../common/schemas/routes/saved_query/create_saved_query_request_schema'; import { savedQuerySavedObjectType } from '../../../common/types'; import { buildRouteValidation } from '../../utils/build_validation/route_validation'; +import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; +import { convertECSMappingToArray } from '../utils'; -export const createSavedQueryRoute = (router: IRouter) => { +export const createSavedQueryRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => { router.post( { path: '/internal/osquery/saved_query', @@ -29,19 +32,43 @@ export const createSavedQueryRoute = (router: IRouter) => { async (context, request, response) => { const savedObjectsClient = context.core.savedObjects.client; - const { id, description, platform, query, version, interval } = request.body; + // eslint-disable-next-line @typescript-eslint/naming-convention + const { id, description, platform, query, version, interval, ecs_mapping } = request.body; - const savedQuerySO = await savedObjectsClient.create(savedQuerySavedObjectType, { - id, - description, - query, - platform, - version, - interval, + const currentUser = await osqueryContext.security.authc.getCurrentUser(request)?.username; + + const conflictingEntries = await savedObjectsClient.find({ + type: savedQuerySavedObjectType, + search: id, + searchFields: ['id'], }); + if (conflictingEntries.saved_objects.length) { + return response.conflict({ body: `Saved query with id "${id}" already exists.` }); + } + + const savedQuerySO = await savedObjectsClient.create( + savedQuerySavedObjectType, + pickBy({ + id, + description, + query, + platform, + version, + interval, + ecs_mapping: convertECSMappingToArray(ecs_mapping), + created_by: currentUser, + created_at: new Date().toISOString(), + updated_by: currentUser, + updated_at: new Date().toISOString(), + }) + ); + return response.ok({ - body: savedQuerySO, + body: pickBy({ + ...savedQuerySO, + ecs_mapping, + }), }); } ); diff --git a/x-pack/plugins/osquery/server/routes/saved_query/delete_saved_query_route.ts b/x-pack/plugins/osquery/server/routes/saved_query/delete_saved_query_route.ts index a34db8c11ddc3d3..6c36d965d2314e5 100644 --- a/x-pack/plugins/osquery/server/routes/saved_query/delete_saved_query_route.ts +++ b/x-pack/plugins/osquery/server/routes/saved_query/delete_saved_query_route.ts @@ -13,30 +13,23 @@ import { savedQuerySavedObjectType } from '../../../common/types'; export const deleteSavedQueryRoute = (router: IRouter) => { router.delete( { - path: '/internal/osquery/saved_query', + path: '/internal/osquery/saved_query/{id}', validate: { - body: schema.object({}, { unknowns: 'allow' }), + params: schema.object({ + id: schema.string(), + }), }, options: { tags: [`access:${PLUGIN_ID}-writeSavedQueries`] }, }, async (context, request, response) => { const savedObjectsClient = context.core.savedObjects.client; - // @ts-expect-error update types - const { savedQueryIds } = request.body; - - await Promise.all( - savedQueryIds.map( - // @ts-expect-error update types - async (savedQueryId) => - await savedObjectsClient.delete(savedQuerySavedObjectType, savedQueryId, { - refresh: 'wait_for', - }) - ) - ); + await savedObjectsClient.delete(savedQuerySavedObjectType, request.params.id, { + refresh: 'wait_for', + }); return response.ok({ - body: savedQueryIds, + body: {}, }); } ); diff --git a/x-pack/plugins/osquery/server/routes/saved_query/find_saved_query_route.ts b/x-pack/plugins/osquery/server/routes/saved_query/find_saved_query_route.ts index 79d6927d067228c..e6ce8b0f768cca7 100644 --- a/x-pack/plugins/osquery/server/routes/saved_query/find_saved_query_route.ts +++ b/x-pack/plugins/osquery/server/routes/saved_query/find_saved_query_route.ts @@ -9,33 +9,56 @@ import { schema } from '@kbn/config-schema'; import { PLUGIN_ID } from '../../../common'; import { IRouter } from '../../../../../../src/core/server'; import { savedQuerySavedObjectType } from '../../../common/types'; +import { convertECSMappingToObject } from '../utils'; export const findSavedQueryRoute = (router: IRouter) => { router.get( { path: '/internal/osquery/saved_query', validate: { - query: schema.object({}, { unknowns: 'allow' }), + query: schema.object( + { + pageIndex: schema.maybe(schema.string()), + pageSize: schema.maybe(schema.number()), + sortField: schema.maybe(schema.string()), + sortOrder: schema.maybe(schema.string()), + }, + { unknowns: 'allow' } + ), }, options: { tags: [`access:${PLUGIN_ID}-readSavedQueries`] }, }, async (context, request, response) => { const savedObjectsClient = context.core.savedObjects.client; - const savedQueries = await savedObjectsClient.find({ + const savedQueries = await savedObjectsClient.find<{ + ecs_mapping: Array<{ field: string; value: string }>; + }>({ type: savedQuerySavedObjectType, - // @ts-expect-error update types - page: parseInt(request.query.pageIndex, 10) + 1, - // @ts-expect-error update types + page: parseInt(request.query.pageIndex ?? '0', 10) + 1, perPage: request.query.pageSize, - // @ts-expect-error update types sortField: request.query.sortField, // @ts-expect-error update types - sortOrder: request.query.sortDirection, + sortOrder: request.query.sortDirection ?? 'desc', + }); + + const savedObjects = savedQueries.saved_objects.map((savedObject) => { + // eslint-disable-next-line @typescript-eslint/naming-convention + const ecs_mapping = savedObject.attributes.ecs_mapping; + + if (ecs_mapping) { + // @ts-expect-error update types + savedObject.attributes.ecs_mapping = convertECSMappingToObject(ecs_mapping); + } + + return savedObject; }); return response.ok({ - body: savedQueries, + body: { + ...savedQueries, + saved_objects: savedObjects, + }, }); } ); diff --git a/x-pack/plugins/osquery/server/routes/saved_query/index.ts b/x-pack/plugins/osquery/server/routes/saved_query/index.ts index fa905c37387ddef..1a8c43599b2615b 100644 --- a/x-pack/plugins/osquery/server/routes/saved_query/index.ts +++ b/x-pack/plugins/osquery/server/routes/saved_query/index.ts @@ -12,11 +12,12 @@ import { deleteSavedQueryRoute } from './delete_saved_query_route'; import { findSavedQueryRoute } from './find_saved_query_route'; import { readSavedQueryRoute } from './read_saved_query_route'; import { updateSavedQueryRoute } from './update_saved_query_route'; +import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; -export const initSavedQueryRoutes = (router: IRouter) => { - createSavedQueryRoute(router); +export const initSavedQueryRoutes = (router: IRouter, context: OsqueryAppContext) => { + createSavedQueryRoute(router, context); deleteSavedQueryRoute(router); findSavedQueryRoute(router); readSavedQueryRoute(router); - updateSavedQueryRoute(router); + updateSavedQueryRoute(router, context); }; diff --git a/x-pack/plugins/osquery/server/routes/saved_query/read_saved_query_route.ts b/x-pack/plugins/osquery/server/routes/saved_query/read_saved_query_route.ts index 4157ed15823051b..3308a8023dd9ea4 100644 --- a/x-pack/plugins/osquery/server/routes/saved_query/read_saved_query_route.ts +++ b/x-pack/plugins/osquery/server/routes/saved_query/read_saved_query_route.ts @@ -9,24 +9,32 @@ import { schema } from '@kbn/config-schema'; import { PLUGIN_ID } from '../../../common'; import { IRouter } from '../../../../../../src/core/server'; import { savedQuerySavedObjectType } from '../../../common/types'; +import { convertECSMappingToObject } from '../utils'; export const readSavedQueryRoute = (router: IRouter) => { router.get( { path: '/internal/osquery/saved_query/{id}', validate: { - params: schema.object({}, { unknowns: 'allow' }), + params: schema.object({ + id: schema.string(), + }), }, options: { tags: [`access:${PLUGIN_ID}-readSavedQueries`] }, }, async (context, request, response) => { const savedObjectsClient = context.core.savedObjects.client; - const savedQuery = await savedObjectsClient.get( - savedQuerySavedObjectType, + const savedQuery = await savedObjectsClient.get<{ + ecs_mapping: Array<{ field: string; value: string }>; + }>(savedQuerySavedObjectType, request.params.id); + + if (savedQuery.attributes.ecs_mapping) { // @ts-expect-error update types - request.params.id - ); + savedQuery.attributes.ecs_mapping = convertECSMappingToObject( + savedQuery.attributes.ecs_mapping + ); + } return response.ok({ body: savedQuery, diff --git a/x-pack/plugins/osquery/server/routes/saved_query/update_saved_query_route.ts b/x-pack/plugins/osquery/server/routes/saved_query/update_saved_query_route.ts index 8edf95e3115430b..c0148087ee8c993 100644 --- a/x-pack/plugins/osquery/server/routes/saved_query/update_saved_query_route.ts +++ b/x-pack/plugins/osquery/server/routes/saved_query/update_saved_query_route.ts @@ -5,43 +5,104 @@ * 2.0. */ +import { filter, pickBy } from 'lodash'; import { schema } from '@kbn/config-schema'; + import { PLUGIN_ID } from '../../../common'; import { IRouter } from '../../../../../../src/core/server'; import { savedQuerySavedObjectType } from '../../../common/types'; +import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; +import { convertECSMappingToArray, convertECSMappingToObject } from '../utils'; -export const updateSavedQueryRoute = (router: IRouter) => { +export const updateSavedQueryRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => { router.put( { path: '/internal/osquery/saved_query/{id}', validate: { - params: schema.object({}, { unknowns: 'allow' }), - body: schema.object({}, { unknowns: 'allow' }), + params: schema.object({ + id: schema.string(), + }), + body: schema.object( + { + id: schema.string(), + query: schema.string(), + description: schema.maybe(schema.string()), + interval: schema.maybe(schema.number()), + platform: schema.maybe(schema.string()), + version: schema.maybe(schema.string()), + ecs_mapping: schema.maybe( + schema.recordOf( + schema.string(), + schema.object({ + field: schema.string(), + }) + ) + ), + }, + { unknowns: 'allow' } + ), }, options: { tags: [`access:${PLUGIN_ID}-writeSavedQueries`] }, }, async (context, request, response) => { const savedObjectsClient = context.core.savedObjects.client; + const currentUser = await osqueryContext.security.authc.getCurrentUser(request)?.username; + + const { + id, + description, + platform, + query, + version, + interval, + // eslint-disable-next-line @typescript-eslint/naming-convention + ecs_mapping, + } = request.body; - // @ts-expect-error update types - const { id, description, platform, query, version, interval } = request.body; + const conflictingEntries = await savedObjectsClient.find<{ id: string }>({ + type: savedQuerySavedObjectType, + search: id, + searchFields: ['id'], + }); - const savedQuerySO = await savedObjectsClient.update( + if ( + filter(conflictingEntries.saved_objects, (soObject) => soObject.id !== request.params.id) + .length + ) { + return response.conflict({ body: `Saved query with id "${id}" already exists.` }); + } + + const updatedSavedQuerySO = await savedObjectsClient.update( savedQuerySavedObjectType, - // @ts-expect-error update types request.params.id, - { + pickBy({ id, description, platform, query, version, interval, + ecs_mapping: convertECSMappingToArray(ecs_mapping), + updated_by: currentUser, + updated_at: new Date().toISOString(), + }), + { + refresh: 'wait_for', } ); + if (ecs_mapping || updatedSavedQuerySO.attributes.ecs_mapping) { + // @ts-expect-error update types + updatedSavedQuerySO.attributes.ecs_mapping = + ecs_mapping || + (updatedSavedQuerySO.attributes.ecs_mapping && + // @ts-expect-error update types + convertECSMappingToObject(updatedSavedQuerySO.attributes.ecs_mapping)) || + {}; + } + return response.ok({ - body: savedQuerySO, + body: updatedSavedQuerySO, }); } ); diff --git a/x-pack/plugins/osquery/server/routes/scheduled_query_group/create_scheduled_query_route.ts b/x-pack/plugins/osquery/server/routes/scheduled_query_group/create_scheduled_query_route.ts deleted file mode 100644 index 831fb30f6e32041..000000000000000 --- a/x-pack/plugins/osquery/server/routes/scheduled_query_group/create_scheduled_query_route.ts +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { schema } from '@kbn/config-schema'; -import { PLUGIN_ID } from '../../../common'; -import { IRouter } from '../../../../../../src/core/server'; -import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; - -export const createScheduledQueryRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => { - router.post( - { - path: '/internal/osquery/scheduled_query_group', - validate: { - body: schema.object({}, { unknowns: 'allow' }), - }, - options: { tags: [`access:${PLUGIN_ID}-writePacks`] }, - }, - async (context, request, response) => { - const esClient = context.core.elasticsearch.client.asCurrentUser; - const savedObjectsClient = context.core.savedObjects.client; - const packagePolicyService = osqueryContext.service.getPackagePolicyService(); - const integration = await packagePolicyService?.create( - savedObjectsClient, - esClient, - // @ts-expect-error update types - request.body - ); - - return response.ok({ - body: integration, - }); - } - ); -}; diff --git a/x-pack/plugins/osquery/server/routes/scheduled_query_group/delete_scheduled_query_route.ts b/x-pack/plugins/osquery/server/routes/scheduled_query_group/delete_scheduled_query_route.ts deleted file mode 100644 index c914512bb155e13..000000000000000 --- a/x-pack/plugins/osquery/server/routes/scheduled_query_group/delete_scheduled_query_route.ts +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { schema } from '@kbn/config-schema'; -import { PLUGIN_ID } from '../../../common'; -import { IRouter } from '../../../../../../src/core/server'; -import { savedQuerySavedObjectType } from '../../../common/types'; - -export const deleteSavedQueryRoute = (router: IRouter) => { - router.delete( - { - path: '/internal/osquery/scheduled_query_group', - validate: { - body: schema.object({}, { unknowns: 'allow' }), - }, - options: { tags: [`access:${PLUGIN_ID}-writePacks`] }, - }, - async (context, request, response) => { - const savedObjectsClient = context.core.savedObjects.client; - - // @ts-expect-error update types - const { savedQueryIds } = request.body; - - await Promise.all( - savedQueryIds.map( - // @ts-expect-error update types - async (savedQueryId) => - await savedObjectsClient.delete(savedQuerySavedObjectType, savedQueryId, { - refresh: 'wait_for', - }) - ) - ); - - return response.ok({ - body: savedQueryIds, - }); - } - ); -}; diff --git a/x-pack/plugins/osquery/server/routes/scheduled_query_group/find_scheduled_query_group_route.ts b/x-pack/plugins/osquery/server/routes/scheduled_query_group/find_scheduled_query_group_route.ts deleted file mode 100644 index 15c45e09b1bfdc7..000000000000000 --- a/x-pack/plugins/osquery/server/routes/scheduled_query_group/find_scheduled_query_group_route.ts +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { schema } from '@kbn/config-schema'; -import { PLUGIN_ID, OSQUERY_INTEGRATION_NAME } from '../../../common'; -import { IRouter } from '../../../../../../src/core/server'; -import { PACKAGE_POLICY_SAVED_OBJECT_TYPE } from '../../../../fleet/common'; -import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; - -export const findScheduledQueryGroupRoute = ( - router: IRouter, - osqueryContext: OsqueryAppContext -) => { - router.get( - { - path: '/internal/osquery/scheduled_query_group', - validate: { - query: schema.object({}, { unknowns: 'allow' }), - }, - options: { tags: [`access:${PLUGIN_ID}-readPacks`] }, - }, - async (context, request, response) => { - const kuery = `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.attributes.package.name: ${OSQUERY_INTEGRATION_NAME}`; - const packagePolicyService = osqueryContext.service.getPackagePolicyService(); - const policies = await packagePolicyService?.list(context.core.savedObjects.client, { - kuery, - }); - - return response.ok({ - body: policies, - }); - } - ); -}; diff --git a/x-pack/plugins/osquery/server/routes/scheduled_query_group/index.ts b/x-pack/plugins/osquery/server/routes/scheduled_query_group/index.ts deleted file mode 100644 index 416981a5cb5f2ec..000000000000000 --- a/x-pack/plugins/osquery/server/routes/scheduled_query_group/index.ts +++ /dev/null @@ -1,23 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { IRouter } from '../../../../../../src/core/server'; - -import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; -// import { createScheduledQueryRoute } from './create_scheduled_query_route'; -// import { deleteScheduledQueryRoute } from './delete_scheduled_query_route'; -import { findScheduledQueryGroupRoute } from './find_scheduled_query_group_route'; -import { readScheduledQueryGroupRoute } from './read_scheduled_query_group_route'; -// import { updateScheduledQueryRoute } from './update_scheduled_query_route'; - -export const initScheduledQueryGroupRoutes = (router: IRouter, context: OsqueryAppContext) => { - // createScheduledQueryRoute(router); - // deleteScheduledQueryRoute(router); - findScheduledQueryGroupRoute(router, context); - readScheduledQueryGroupRoute(router, context); - // updateScheduledQueryRoute(router); -}; diff --git a/x-pack/plugins/osquery/server/routes/scheduled_query_group/read_scheduled_query_group_route.ts b/x-pack/plugins/osquery/server/routes/scheduled_query_group/read_scheduled_query_group_route.ts deleted file mode 100644 index de8125aab5b2977..000000000000000 --- a/x-pack/plugins/osquery/server/routes/scheduled_query_group/read_scheduled_query_group_route.ts +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { schema } from '@kbn/config-schema'; -import { PLUGIN_ID } from '../../../common'; -import { IRouter } from '../../../../../../src/core/server'; -import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; - -export const readScheduledQueryGroupRoute = ( - router: IRouter, - osqueryContext: OsqueryAppContext -) => { - router.get( - { - path: '/internal/osquery/scheduled_query_group/{id}', - validate: { - params: schema.object({}, { unknowns: 'allow' }), - }, - options: { tags: [`access:${PLUGIN_ID}-readPacks`] }, - }, - async (context, request, response) => { - const savedObjectsClient = context.core.savedObjects.client; - const packagePolicyService = osqueryContext.service.getPackagePolicyService(); - - const scheduledQueryGroup = await packagePolicyService?.get( - savedObjectsClient, - // @ts-expect-error update types - request.params.id - ); - - return response.ok({ - body: { item: scheduledQueryGroup }, - }); - } - ); -}; diff --git a/x-pack/plugins/osquery/server/routes/scheduled_query_group/update_scheduled_query_route.ts b/x-pack/plugins/osquery/server/routes/scheduled_query_group/update_scheduled_query_route.ts deleted file mode 100644 index 2a6e7a33fcddd90..000000000000000 --- a/x-pack/plugins/osquery/server/routes/scheduled_query_group/update_scheduled_query_route.ts +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { schema } from '@kbn/config-schema'; -import { PLUGIN_ID } from '../../../common'; -import { IRouter } from '../../../../../../src/core/server'; -import { savedQuerySavedObjectType } from '../../../common/types'; - -export const updateSavedQueryRoute = (router: IRouter) => { - router.put( - { - path: '/internal/osquery/saved_query/{id}', - validate: { - params: schema.object({}, { unknowns: 'allow' }), - body: schema.object({}, { unknowns: 'allow' }), - }, - options: { tags: [`access:${PLUGIN_ID}-writePacks`] }, - }, - async (context, request, response) => { - const savedObjectsClient = context.core.savedObjects.client; - - // @ts-expect-error update types - const { name, description, query } = request.body; - - const savedQuerySO = await savedObjectsClient.update( - savedQuerySavedObjectType, - // @ts-expect-error update types - request.params.id, - { - name, - description, - query, - } - ); - - return response.ok({ - body: savedQuerySO, - }); - } - ); -}; diff --git a/x-pack/plugins/osquery/server/routes/status/create_status_route.ts b/x-pack/plugins/osquery/server/routes/status/create_status_route.ts index 0a527424f9f42ca..aa4e3cb36b4c90f 100644 --- a/x-pack/plugins/osquery/server/routes/status/create_status_route.ts +++ b/x-pack/plugins/osquery/server/routes/status/create_status_route.ts @@ -5,9 +5,18 @@ * 2.0. */ +import { produce } from 'immer'; +import { satisfies } from 'semver'; +import { filter, reduce, mapKeys, each, set, unset, uniq, map, has } from 'lodash'; +import { packSavedObjectType } from '../../../common/types'; +import { + PACKAGE_POLICY_SAVED_OBJECT_TYPE, + AGENT_POLICY_SAVED_OBJECT_TYPE, +} from '../../../../fleet/common'; import { PLUGIN_ID, OSQUERY_INTEGRATION_NAME } from '../../../common'; import { IRouter } from '../../../../../../src/core/server'; import { OsqueryAppContext } from '../../lib/osquery_app_context_services'; +import { convertPackQueriesToSO } from '../pack/utils'; export const createStatusRoute = (router: IRouter, osqueryContext: OsqueryAppContext) => { router.get( @@ -17,12 +26,171 @@ export const createStatusRoute = (router: IRouter, osqueryContext: OsqueryAppCon options: { tags: [`access:${PLUGIN_ID}-read`] }, }, async (context, request, response) => { + const esClient = context.core.elasticsearch.client.asInternalUser; const soClient = context.core.savedObjects.client; + const packageService = osqueryContext.service.getPackageService(); + const packagePolicyService = osqueryContext.service.getPackagePolicyService(); + const agentPolicyService = osqueryContext.service.getAgentPolicyService(); const packageInfo = await osqueryContext.service .getPackageService() ?.getInstallation({ savedObjectsClient: soClient, pkgName: OSQUERY_INTEGRATION_NAME }); + if (packageInfo?.install_version && satisfies(packageInfo?.install_version, '<0.6.0')) { + try { + const policyPackages = await packagePolicyService?.list(soClient, { + kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name:${OSQUERY_INTEGRATION_NAME}`, + perPage: 10000, + page: 1, + }); + + const migrationObject = reduce( + policyPackages?.items, + (acc, policy) => { + if (acc.agentPolicyToPackage[policy.policy_id]) { + acc.packagePoliciesToDelete.push(policy.id); + } else { + acc.agentPolicyToPackage[policy.policy_id] = policy.id; + } + + const packagePolicyName = policy.name; + const currentOsqueryManagerNamePacksCount = filter( + Object.keys(acc.packs), + (packName) => packName.startsWith('osquery_manager') + ).length; + + const packName = packagePolicyName.startsWith('osquery_manager') + ? `osquery_manager-1_${currentOsqueryManagerNamePacksCount + 1}` + : packagePolicyName; + + if (has(policy, 'inputs[0].streams[0]')) { + if (!acc.packs[packName]) { + acc.packs[packName] = { + policy_ids: [policy.policy_id], + enabled: !packName.startsWith('osquery_manager'), + name: packName, + description: policy.description, + queries: reduce( + policy.inputs[0].streams, + (queries, stream) => { + if (stream.compiled_stream?.id) { + const { id: queryId, ...query } = stream.compiled_stream; + queries[queryId] = query; + } + return queries; + }, + {} as Record + ), + }; + } else { + // @ts-expect-error update types + acc.packs[packName].policy_ids.push(policy.policy_id); + } + } + + return acc; + }, + { + packs: {} as Record, + agentPolicyToPackage: {} as Record, + packagePoliciesToDelete: [] as string[], + } + ); + + await packageService?.ensureInstalledPackage({ + esClient, + savedObjectsClient: soClient, + pkgName: OSQUERY_INTEGRATION_NAME, + }); + + // updatePackagePolicies + await Promise.all( + map(migrationObject.agentPolicyToPackage, async (value, key) => { + const agentPacks = filter(migrationObject.packs, (pack) => + // @ts-expect-error update types + pack.policy_ids.includes(key) + ); + await packagePolicyService?.upgrade(soClient, esClient, [value]); + const packagePolicy = await packagePolicyService?.get(soClient, value); + + if (packagePolicy) { + return packagePolicyService?.update( + soClient, + esClient, + packagePolicy.id, + produce(packagePolicy, (draft) => { + unset(draft, 'id'); + + set(draft, 'name', 'osquery_manager-1'); + + set(draft, 'inputs[0]', { + enabled: true, + policy_template: 'osquery_manager', + streams: [], + type: 'osquery', + }); + + each(agentPacks, (agentPack) => { + // @ts-expect-error update types + set(draft, `inputs[0].config.osquery.value.packs.${agentPack.name}`, { + // @ts-expect-error update types + queries: agentPack.queries, + }); + }); + + return draft; + }) + ); + } + }) + ); + + const agentPolicyIds = uniq(map(policyPackages?.items, 'policy_id')); + const agentPolicies = mapKeys( + await agentPolicyService?.getByIds(soClient, agentPolicyIds), + 'id' + ); + + await Promise.all( + map(migrationObject.packs, async (packObject) => { + await soClient.create( + packSavedObjectType, + { + // @ts-expect-error update types + name: packObject.name, + // @ts-expect-error update types + description: packObject.description, + // @ts-expect-error update types + queries: convertPackQueriesToSO(packObject.queries), + // @ts-expect-error update types + enabled: packObject.enabled, + created_at: new Date().toISOString(), + created_by: 'system', + updated_at: new Date().toISOString(), + updated_by: 'system', + }, + { + // @ts-expect-error update types + references: packObject.policy_ids.map((policyId: string) => ({ + id: policyId, + name: agentPolicies[policyId].name, + type: AGENT_POLICY_SAVED_OBJECT_TYPE, + })), + refresh: 'wait_for', + } + ); + }) + ); + + await packagePolicyService?.delete( + soClient, + esClient, + migrationObject.packagePoliciesToDelete + ); + // eslint-disable-next-line no-empty + } catch (e) {} + } + return response.ok({ body: packageInfo }); } ); diff --git a/x-pack/plugins/osquery/server/routes/utils.ts b/x-pack/plugins/osquery/server/routes/utils.ts new file mode 100644 index 000000000000000..136cbc190e46c86 --- /dev/null +++ b/x-pack/plugins/osquery/server/routes/utils.ts @@ -0,0 +1,26 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { pick, reduce } from 'lodash'; + +export const convertECSMappingToArray = (ecsMapping: Record | undefined) => + ecsMapping + ? Object.entries(ecsMapping).map((item) => ({ + value: item[0], + ...item[1], + })) + : undefined; + +export const convertECSMappingToObject = (ecsMapping: Array<{ field: string; value: string }>) => + reduce( + ecsMapping, + (acc, value) => { + acc[value.value] = pick(value, 'field'); + return acc; + }, + {} as Record + ); diff --git a/x-pack/plugins/osquery/server/saved_objects.ts b/x-pack/plugins/osquery/server/saved_objects.ts index 9f93ea5ccd6de12..27e7dd28ce6640b 100644 --- a/x-pack/plugins/osquery/server/saved_objects.ts +++ b/x-pack/plugins/osquery/server/saved_objects.ts @@ -22,10 +22,7 @@ export const initSavedObjects = ( const config = osqueryContext.config(); savedObjects.registerType(usageMetricType); - - if (config.savedQueries) { - savedObjects.registerType(savedQueryType); - } + savedObjects.registerType(savedQueryType); if (config.packs) { savedObjects.registerType(packType); diff --git a/x-pack/plugins/osquery/server/search_strategy/osquery/factory/actions/details/index.ts b/x-pack/plugins/osquery/server/search_strategy/osquery/factory/actions/details/index.ts index a288d621350d43c..057af159a5e3ea3 100644 --- a/x-pack/plugins/osquery/server/search_strategy/osquery/factory/actions/details/index.ts +++ b/x-pack/plugins/osquery/server/search_strategy/osquery/factory/actions/details/index.ts @@ -17,9 +17,7 @@ import { OsqueryFactory } from '../../types'; import { buildActionDetailsQuery } from './query.action_details.dsl'; export const actionDetails: OsqueryFactory = { - buildDsl: (options: ActionDetailsRequestOptions) => { - return buildActionDetailsQuery(options); - }, + buildDsl: (options: ActionDetailsRequestOptions) => buildActionDetailsQuery(options), parse: async ( options: ActionDetailsRequestOptions, response: IEsSearchResponse diff --git a/x-pack/plugins/osquery/server/search_strategy/osquery/index.ts b/x-pack/plugins/osquery/server/search_strategy/osquery/index.ts index 2fa9ee04ab5345b..6242d91b7b94beb 100644 --- a/x-pack/plugins/osquery/server/search_strategy/osquery/index.ts +++ b/x-pack/plugins/osquery/server/search_strategy/osquery/index.ts @@ -48,14 +48,12 @@ export const osquerySearchStrategyProvider = ( deps ) .pipe( - map((response) => { - return { - ...response, - ...{ - rawResponse: shimHitsTotal(response.rawResponse), - }, - }; - }), + map((response) => ({ + ...response, + ...{ + rawResponse: shimHitsTotal(response.rawResponse), + }, + })), mergeMap((esSearchRes) => queryFactory.parse(request, esSearchRes)) ); }, diff --git a/x-pack/plugins/osquery/server/utils/build_validation/route_validation.ts b/x-pack/plugins/osquery/server/utils/build_validation/route_validation.ts index 9a7129ea0e17602..a0c797193a0c354 100644 --- a/x-pack/plugins/osquery/server/utils/build_validation/route_validation.ts +++ b/x-pack/plugins/osquery/server/utils/build_validation/route_validation.ts @@ -8,8 +8,7 @@ import { fold } from 'fp-ts/lib/Either'; import { pipe } from 'fp-ts/lib/pipeable'; import * as rt from 'io-ts'; -import { formatErrors } from '../../../common/format_errors'; -import { exactCheck } from '../../../common/exact_check'; +import { formatErrors, exactCheck } from '@kbn/securitysolution-io-ts-utils'; import { RouteValidationFunction, RouteValidationResultFactory, diff --git a/x-pack/plugins/osquery/server/utils/runtime_types.ts b/x-pack/plugins/osquery/server/utils/runtime_types.ts index 8daf1ce4debefdb..492cbf07cdeb6bf 100644 --- a/x-pack/plugins/osquery/server/utils/runtime_types.ts +++ b/x-pack/plugins/osquery/server/utils/runtime_types.ts @@ -62,9 +62,10 @@ const getProps = ( return codec.props; case 'IntersectionType': { const iTypes = codec.types as rt.HasProps[]; - return iTypes.reduce((props, type) => { - return Object.assign(props, getProps(type) as rt.Props); - }, {} as rt.Props) as rt.Props; + return iTypes.reduce( + (props, type) => Object.assign(props, getProps(type) as rt.Props), + {} as rt.Props + ) as rt.Props; } default: return null; @@ -76,8 +77,8 @@ const getExcessProps = ( props: rt.Props | rt.RecordC, // eslint-disable-next-line @typescript-eslint/no-explicit-any r: any -): string[] => { - return Object.keys(r).reduce((acc, k) => { +): string[] => + Object.keys(r).reduce((acc, k) => { const codecChildren = get(props, [k]); const childrenProps = getProps(codecChildren); const childrenObject = r[k] as Record; @@ -98,7 +99,6 @@ const getExcessProps = ( } return acc; }, []); -}; export const excess = < C extends rt.InterfaceType | GenericIntersectionC | rt.PartialType diff --git a/x-pack/plugins/security_solution/server/endpoint/mocks.ts b/x-pack/plugins/security_solution/server/endpoint/mocks.ts index 0b4060a7e024fb5..39833b6e995d121 100644 --- a/x-pack/plugins/security_solution/server/endpoint/mocks.ts +++ b/x-pack/plugins/security_solution/server/endpoint/mocks.ts @@ -119,6 +119,7 @@ export const createMockEndpointAppContextServiceStartContract = export const createMockPackageService = (): jest.Mocked => { return { getInstallation: jest.fn(), + ensureInstalledPackage: jest.fn(), }; }; diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index d67126fdad4bb95..0445d9de0634eb2 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -19021,14 +19021,11 @@ "xpack.osquery.addSavedQuery.form.saveQueryButtonLabel": "クエリを保存", "xpack.osquery.addSavedQuery.pageTitle": "保存されたクエリの追加", "xpack.osquery.addSavedQuery.viewSavedQueriesListTitle": "すべての保存されたクエリを表示", - "xpack.osquery.addScheduledQueryGroup.pageTitle": "スケジュールされたクエリグループを追加", - "xpack.osquery.addScheduledQueryGroup.viewScheduledQueryGroupsListTitle": "すべてのスケジュールされたクエリグループを表示", "xpack.osquery.agent_groups.fetchError": "エージェントグループの取得中にエラーが発生しました", "xpack.osquery.agent_policies.fetchError": "エージェントポリシーの取得中にエラーが発生しました", "xpack.osquery.agent_policy_details.fetchError": "エージェントポリシー詳細の取得中にエラーが発生しました", "xpack.osquery.agent_status.fetchError": "エージェントステータスの取得中にエラーが発生しました", "xpack.osquery.agentDetails.fetchError": "エージェント詳細の取得中にエラーが発生しました", - "xpack.osquery.agentPolicy.confirmModalCalloutDescription": "選択されたエージェントポリシー {policyName} が一部のエージェントですでに使用されていることを Fleet が検出しました。このアクションの結果として、Fleetはこのポリシーで使用されているすべてのエージェントに更新をデプロイします。", "xpack.osquery.agentPolicy.confirmModalCancelButtonLabel": "キャンセル", "xpack.osquery.agentPolicy.confirmModalConfirmButtonLabel": "変更を保存してデプロイ", "xpack.osquery.agentPolicy.confirmModalDescription": "続行していいですか?", @@ -19047,17 +19044,13 @@ "xpack.osquery.appNavigation.liveQueriesLinkText": "ライブクエリ", "xpack.osquery.appNavigation.manageIntegrationButton": "統合を管理", "xpack.osquery.appNavigation.savedQueriesLinkText": "保存されたクエリ", - "xpack.osquery.appNavigation.scheduledQueryGroupsLinkText": "スケジュールされたクエリグループ", "xpack.osquery.appNavigation.sendFeedbackButton": "フィードバックを送信", - "xpack.osquery.breadcrumbs.addScheduledQueryGroupsPageTitle": "追加", "xpack.osquery.breadcrumbs.appTitle": "Osquery", - "xpack.osquery.breadcrumbs.editScheduledQueryGroupsPageTitle": "編集", "xpack.osquery.breadcrumbs.liveQueriesPageTitle": "ライブクエリ", "xpack.osquery.breadcrumbs.newLiveQueryPageTitle": "新規", "xpack.osquery.breadcrumbs.newSavedQueryPageTitle": "新規", "xpack.osquery.breadcrumbs.overviewPageTitle": "概要", "xpack.osquery.breadcrumbs.savedQueriesPageTitle": "保存されたクエリ", - "xpack.osquery.breadcrumbs.scheduledQueryGroupsPageTitle": "スケジュールされたクエリグループ", "xpack.osquery.common.tabBetaBadgeLabel": "ベータ", "xpack.osquery.common.tabBetaBadgeTooltipContent": "この機能は現在開発中です。他にも機能が追加され、機能によっては変更されるものもあります。", "xpack.osquery.editSavedQuery.deleteSavedQueryButtonLabel": "クエリを削除", @@ -19067,16 +19060,12 @@ "xpack.osquery.editSavedQuery.pageTitle": "Edit \"{savedQueryId}\"", "xpack.osquery.editSavedQuery.successToastMessageText": "\"{savedQueryName}\"クエリが正常に更新されました", "xpack.osquery.editSavedQuery.viewSavedQueriesListTitle": "すべての保存されたクエリを表示", - "xpack.osquery.editScheduledQuery.pageTitle": "{queryName}を編集", - "xpack.osquery.editScheduledQuery.viewScheduledQueriesListTitle": "{queryName}詳細を表示", "xpack.osquery.features.liveQueriesSubFeatureName": "ライブクエリ", "xpack.osquery.features.osqueryFeatureName": "Osquery", "xpack.osquery.features.runSavedQueriesPrivilegeName": "保存されたクエリを実行", "xpack.osquery.features.savedQueriesSubFeatureName": "保存されたクエリ", - "xpack.osquery.features.scheduledQueryGroupsSubFeatureName": "スケジュールされたクエリグループ", "xpack.osquery.fleetIntegration.runLiveQueriesButtonText": "ライブクエリを実行", "xpack.osquery.fleetIntegration.saveIntegrationCalloutTitle": "次のオプションにアクセスするには、統合を保存します", - "xpack.osquery.fleetIntegration.scheduleQueryGroupsButtonText": "クエリグループをスケジュール", "xpack.osquery.liveQueriesHistory.newLiveQueryButtonLabel": "新しいライブクエリ", "xpack.osquery.liveQueriesHistory.pageTitle": "ライブクエリ履歴", "xpack.osquery.liveQuery.queryForm.largeQueryError": "クエリが大きすぎます(最大{maxLength}文字)", @@ -19117,13 +19106,13 @@ "xpack.osquery.packUploader.unsupportedFileTypeText": "ファイルタイプ{fileType}はサポートされていません。{supportedFileTypes}構成ファイルをアップロードしてください", "xpack.osquery.permissionDeniedErrorMessage": "このページへのアクセスが許可されていません。", "xpack.osquery.permissionDeniedErrorTitle": "パーミッションが拒否されました", + "xpack.osquery.queryFlyoutForm.addFormTitle": "次のクエリを関連付ける", + "xpack.osquery.queryFlyoutForm.editFormTitle": "クエリの編集", "xpack.osquery.results.errorSearchDescription": "すべての結果検索でエラーが発生しました", "xpack.osquery.results.failSearchDescription": "結果を取得できませんでした", "xpack.osquery.results.fetchError": "結果の取得中にエラーが発生しました", "xpack.osquery.savedQueries.dropdown.searchFieldLabel": "保存されたクエリから構築(任意)", "xpack.osquery.savedQueries.dropdown.searchFieldPlaceholder": "保存されたクエリの検索", - "xpack.osquery.savedQueries.form.scheduledQueryGroupConfigSection.description": "次のリストのオプションは任意であり、クエリがスケジュールされたクエリグループに割り当てられるときにのみ適用されます。", - "xpack.osquery.savedQueries.form.scheduledQueryGroupConfigSection.title": "スケジュールされたクエリグループ構成", "xpack.osquery.savedQueries.table.actionsColumnTitle": "アクション", "xpack.osquery.savedQueries.table.createdByColumnTitle": "作成者", "xpack.osquery.savedQueries.table.descriptionColumnTitle": "説明", @@ -19134,73 +19123,6 @@ "xpack.osquery.savedQueryList.pageTitle": "保存されたクエリ", "xpack.osquery.savedQueryList.queriesTable.editActionAriaLabel": "{savedQueryName}を編集", "xpack.osquery.savedQueryList.queriesTable.runActionAriaLabel": "{savedQueryName}を実行", - "xpack.osquery.scheduledQueryDetails.pageTitle": "{queryName}詳細", - "xpack.osquery.scheduledQueryDetails.viewAllScheduledQueriesListTitle": "すべてのスケジュールされたクエリグループを表示", - "xpack.osquery.scheduledQueryDetailsPage.editQueryButtonLabel": "編集", - "xpack.osquery.scheduledQueryGroup.form.agentPolicyFieldLabel": "エージェントポリシー", - "xpack.osquery.scheduledQueryGroup.form.cancelButtonLabel": "キャンセル", - "xpack.osquery.scheduledQueryGroup.form.createSuccessToastMessageText": "正常に{scheduledQueryGroupName}をスケジュールしました", - "xpack.osquery.scheduledQueryGroup.form.descriptionFieldLabel": "説明", - "xpack.osquery.scheduledQueryGroup.form.ecsMappingSection.description": "次のフィールドを使用して、このクエリの結果をiECSフィールドにマッピングします。", - "xpack.osquery.scheduledQueryGroup.form.ecsMappingSection.title": "ECSマッピング", - "xpack.osquery.scheduledQueryGroup.form.nameFieldLabel": "名前", - "xpack.osquery.scheduledQueryGroup.form.nameFieldRequiredErrorMessage": "名前は必須フィールドです", - "xpack.osquery.scheduledQueryGroup.form.namespaceFieldLabel": "名前空間", - "xpack.osquery.scheduledQueryGroup.form.policyIdFieldRequiredErrorMessage": "エージェントポリシーは必須フィールドです", - "xpack.osquery.scheduledQueryGroup.form.saveQueryButtonLabel": "クエリを保存", - "xpack.osquery.scheduledQueryGroup.form.settingsSectionDescriptionText": "スケジュールされたクエリグループには、設定された間隔で実行され、エージェントポリシーに関連付けられている1つ以上のクエリが含まれています。スケジュールされたクエリグループを定義するときには、新しいOsquery Managerポリシーとして追加されます。", - "xpack.osquery.scheduledQueryGroup.form.settingsSectionTitleText": "スケジュールされたクエリグループ設定", - "xpack.osquery.scheduledQueryGroup.form.updateSuccessToastMessageText": "正常に{scheduledQueryGroupName}を更新しました", - "xpack.osquery.scheduledQueryGroup.queriesForm.addQueryButtonLabel": "クエリを追加", - "xpack.osquery.scheduledQueryGroup.queriesTable.actionsColumnTitle": "アクション", - "xpack.osquery.scheduledQueryGroup.queriesTable.deleteActionAriaLabel": "{queryName}を削除", - "xpack.osquery.scheduledQueryGroup.queriesTable.editActionAriaLabel": "{queryName}を編集", - "xpack.osquery.scheduledQueryGroup.queriesTable.idColumnTitle": "ID", - "xpack.osquery.scheduledQueryGroup.queriesTable.intervalColumnTitle": "間隔", - "xpack.osquery.scheduledQueryGroup.queriesTable.osqueryVersionAllLabel": "すべて", - "xpack.osquery.scheduledQueryGroup.queriesTable.platformColumnTitle": "プラットフォーム", - "xpack.osquery.scheduledQueryGroup.queriesTable.queryColumnTitle": "クエリ", - "xpack.osquery.scheduledQueryGroup.queriesTable.versionColumnTitle": "最低Osqueryバージョン", - "xpack.osquery.scheduledQueryGroup.queriesTable.viewDiscoverResultsActionAriaLabel": "Discoverに表示", - "xpack.osquery.scheduledQueryGroup.queriesTable.viewLensResultsActionAriaLabel": "Lensで表示", - "xpack.osquery.scheduledQueryGroup.queriesTable.viewResultsColumnTitle": "結果を表示", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.addECSMappingRowButtonAriaLabel": "ECSマッピング行を追加", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.cancelButtonLabel": "キャンセル", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.deleteECSMappingRowButtonAriaLabel": "ECSマッピング行を削除", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.descriptionFieldLabel": "説明", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.ecsFieldLabel": "ECSフィールド", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.ecsFieldRequiredErrorMessage": "ECSフィールドは必須です。", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.emptyIdError": "IDが必要です", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.emptyQueryError": "クエリは必須フィールドです", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.idFieldLabel": "ID", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.intervalFieldLabel": "間隔", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.invalidIdError": "文字は英数字、_、または-でなければなりません", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.invalidIntervalField": "正の間隔値が必要です", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.osqueryResultFieldLabel": "Osquery結果", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.osqueryResultFieldRequiredErrorMessage": "Osquery結果は必須です。", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.osqueryResultFieldValueMissingErrorMessage": "現在のクエリは{columnName}フィールドを返しません", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.platformFieldLabel": "プラットフォーム", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.platformLinusLabel": "macOS", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.platformMacOSLabel": "Linux", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.platformWindowsLabel": "Windows", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.queryFieldLabel": "クエリ", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.saveButtonLabel": "保存", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.uniqueIdError": "IDは一意でなければなりません", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.versionFieldLabel": "最低Osqueryバージョン", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.versionFieldOptionalLabel": "(オプション)", - "xpack.osquery.scheduledQueryGroup.table.activatedSuccessToastMessageText": "正常に{scheduledQueryGroupName}をアクティブ化しました", - "xpack.osquery.scheduledQueryGroup.table.deactivatedSuccessToastMessageText": "正常に{scheduledQueryGroupName}を非アクティブ化しました", - "xpack.osquery.scheduledQueryGroups.table.activeColumnTitle": "アクティブ", - "xpack.osquery.scheduledQueryGroups.table.createdByColumnTitle": "作成者", - "xpack.osquery.scheduledQueryGroups.table.nameColumnTitle": "名前", - "xpack.osquery.scheduledQueryGroups.table.numberOfQueriesColumnTitle": "クエリ数", - "xpack.osquery.scheduledQueryGroups.table.policyColumnTitle": "ポリシー", - "xpack.osquery.scheduledQueryList.addScheduledQueryButtonLabel": "スケジュールされたクエリグループを追加", - "xpack.osquery.scheduledQueryList.pageTitle": "スケジュールされたクエリグループ", - "xpack.osquery.scheduleQueryGroup.kpis.policyLabelText": "ポリシー", - "xpack.osquery.scheduleQueryGroup.queryFlyoutForm.addFormTitle": "次のクエリを関連付ける", - "xpack.osquery.scheduleQueryGroup.queryFlyoutForm.editFormTitle": "クエリの編集", - "xpack.osquery.scheduleQueryGroup.queryFlyoutForm.unsupportedPlatformAndVersionFieldsCalloutTitle": "プラットフォームおよびバージョンフィールドは{version}以降で使用できます", "xpack.osquery.viewSavedQuery.pageTitle": "\"{savedQueryId}\" details", "xpack.painlessLab.apiReferenceButtonLabel": "API リファレンス", "xpack.painlessLab.context.defaultLabel": "スクリプト結果は文字列に変換されます", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 598a5c24bdee268..210392d11514e80 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -19296,14 +19296,11 @@ "xpack.osquery.addSavedQuery.form.saveQueryButtonLabel": "保存查询", "xpack.osquery.addSavedQuery.pageTitle": "添加已保存查询", "xpack.osquery.addSavedQuery.viewSavedQueriesListTitle": "查看所有已保存查询", - "xpack.osquery.addScheduledQueryGroup.pageTitle": "添加已计划查询组", - "xpack.osquery.addScheduledQueryGroup.viewScheduledQueryGroupsListTitle": "查看所有已计划查询组", "xpack.osquery.agent_groups.fetchError": "提取代理组时出错", "xpack.osquery.agent_policies.fetchError": "提取代理策略时出错", "xpack.osquery.agent_policy_details.fetchError": "提取代理策略详情时出错", "xpack.osquery.agent_status.fetchError": "提取代理状态时出错", "xpack.osquery.agentDetails.fetchError": "提取代理详细信息时出错", - "xpack.osquery.agentPolicy.confirmModalCalloutDescription": "Fleet 检测到您的部分代理已在使用选定代理策略 {policyName}。由于此操作,Fleet 会将更新部署到使用此策略的所有代理。", "xpack.osquery.agentPolicy.confirmModalCalloutTitle": "此操作将更新 {agentCount, plural, other {# 个代理}}", "xpack.osquery.agentPolicy.confirmModalCancelButtonLabel": "取消", "xpack.osquery.agentPolicy.confirmModalConfirmButtonLabel": "保存并部署更改", @@ -19323,17 +19320,13 @@ "xpack.osquery.appNavigation.liveQueriesLinkText": "实时查询", "xpack.osquery.appNavigation.manageIntegrationButton": "管理集成", "xpack.osquery.appNavigation.savedQueriesLinkText": "已保存查询", - "xpack.osquery.appNavigation.scheduledQueryGroupsLinkText": "已计划查询组", "xpack.osquery.appNavigation.sendFeedbackButton": "发送反馈", - "xpack.osquery.breadcrumbs.addScheduledQueryGroupsPageTitle": "添加", "xpack.osquery.breadcrumbs.appTitle": "Osquery", - "xpack.osquery.breadcrumbs.editScheduledQueryGroupsPageTitle": "编辑", "xpack.osquery.breadcrumbs.liveQueriesPageTitle": "实时查询", "xpack.osquery.breadcrumbs.newLiveQueryPageTitle": "新建", "xpack.osquery.breadcrumbs.newSavedQueryPageTitle": "新建", "xpack.osquery.breadcrumbs.overviewPageTitle": "概览", "xpack.osquery.breadcrumbs.savedQueriesPageTitle": "已保存查询", - "xpack.osquery.breadcrumbs.scheduledQueryGroupsPageTitle": "已计划查询组", "xpack.osquery.common.tabBetaBadgeLabel": "公测版", "xpack.osquery.common.tabBetaBadgeTooltipContent": "我们正在开发此功能。将会有更多的功能,某些功能可能有变更。", "xpack.osquery.createScheduledQuery.agentPolicyAgentsCountText": "{count, plural, other {# 个代理}}已注册", @@ -19344,16 +19337,12 @@ "xpack.osquery.editSavedQuery.pageTitle": "编辑“{savedQueryId}”", "xpack.osquery.editSavedQuery.successToastMessageText": "已成功更新“{savedQueryName}”查询", "xpack.osquery.editSavedQuery.viewSavedQueriesListTitle": "查看所有已保存查询", - "xpack.osquery.editScheduledQuery.pageTitle": "编辑 {queryName}", - "xpack.osquery.editScheduledQuery.viewScheduledQueriesListTitle": "查看 {queryName} 详细信息", "xpack.osquery.features.liveQueriesSubFeatureName": "实时查询", "xpack.osquery.features.osqueryFeatureName": "Osquery", "xpack.osquery.features.runSavedQueriesPrivilegeName": "运行已保存查询", "xpack.osquery.features.savedQueriesSubFeatureName": "已保存查询", - "xpack.osquery.features.scheduledQueryGroupsSubFeatureName": "已计划查询组", "xpack.osquery.fleetIntegration.runLiveQueriesButtonText": "运行实时查询", "xpack.osquery.fleetIntegration.saveIntegrationCalloutTitle": "保存用于访问如下选项的集成", - "xpack.osquery.fleetIntegration.scheduleQueryGroupsButtonText": "计划查询组", "xpack.osquery.liveQueriesHistory.newLiveQueryButtonLabel": "新建实时查询", "xpack.osquery.liveQueriesHistory.pageTitle": "实时查询历史记录", "xpack.osquery.liveQuery.queryForm.largeQueryError": "查询过大(最多 {maxLength} 个字符)", @@ -19395,14 +19384,14 @@ "xpack.osquery.packUploader.unsupportedFileTypeText": "文件类型 {fileType} 不受支持,请上传 {supportedFileTypes} 配置文件", "xpack.osquery.permissionDeniedErrorMessage": "您无权访问此页面。", "xpack.osquery.permissionDeniedErrorTitle": "权限被拒绝", + "xpack.osquery.queryFlyoutForm.addFormTitle": "附加下一个查询", + "xpack.osquery.queryFlyoutForm.editFormTitle": "编辑查询", "xpack.osquery.results.errorSearchDescription": "搜索所有结果时发生错误", "xpack.osquery.results.failSearchDescription": "无法获取结果", "xpack.osquery.results.fetchError": "提取结果时出错", "xpack.osquery.results.multipleAgentsResponded": "{agentsResponded, plural, other {# 个代理已}}响应,未报告任何 osquery 数据。", "xpack.osquery.savedQueries.dropdown.searchFieldLabel": "从已保存查询构建(可选)", "xpack.osquery.savedQueries.dropdown.searchFieldPlaceholder": "搜索已保存查询", - "xpack.osquery.savedQueries.form.scheduledQueryGroupConfigSection.description": "下面所列选项是可选的,只在查询分配给已计划查询组时应用。", - "xpack.osquery.savedQueries.form.scheduledQueryGroupConfigSection.title": "已计划查询组配置", "xpack.osquery.savedQueries.table.actionsColumnTitle": "操作", "xpack.osquery.savedQueries.table.createdByColumnTitle": "创建者", "xpack.osquery.savedQueries.table.descriptionColumnTitle": "描述", @@ -19413,74 +19402,6 @@ "xpack.osquery.savedQueryList.pageTitle": "已保存查询", "xpack.osquery.savedQueryList.queriesTable.editActionAriaLabel": "编辑 {savedQueryName}", "xpack.osquery.savedQueryList.queriesTable.runActionAriaLabel": "运行 {savedQueryName}", - "xpack.osquery.scheduledQueryDetails.pageTitle": "{queryName} 详细信息", - "xpack.osquery.scheduledQueryDetails.viewAllScheduledQueriesListTitle": "查看所有已计划查询组", - "xpack.osquery.scheduledQueryDetailsPage.editQueryButtonLabel": "编辑", - "xpack.osquery.scheduledQueryGroup.form.agentPolicyFieldLabel": "代理策略", - "xpack.osquery.scheduledQueryGroup.form.cancelButtonLabel": "取消", - "xpack.osquery.scheduledQueryGroup.form.createSuccessToastMessageText": "已成功计划 {scheduledQueryGroupName}", - "xpack.osquery.scheduledQueryGroup.form.descriptionFieldLabel": "描述", - "xpack.osquery.scheduledQueryGroup.form.ecsMappingSection.description": "使用下面的字段将此查询的结果映射到 ECS 字段。", - "xpack.osquery.scheduledQueryGroup.form.ecsMappingSection.title": "ECS 映射", - "xpack.osquery.scheduledQueryGroup.form.nameFieldLabel": "名称", - "xpack.osquery.scheduledQueryGroup.form.nameFieldRequiredErrorMessage": "“名称”是必填字段", - "xpack.osquery.scheduledQueryGroup.form.namespaceFieldLabel": "命名空间", - "xpack.osquery.scheduledQueryGroup.form.policyIdFieldRequiredErrorMessage": "“代理策略”是必填字段", - "xpack.osquery.scheduledQueryGroup.form.saveQueryButtonLabel": "保存查询", - "xpack.osquery.scheduledQueryGroup.form.settingsSectionDescriptionText": "已计划查询组包含一个或多个以设置的时间间隔运行且与代理策略关联的查询。定义已计划查询组时,其将添加为新的 Osquery Manager 策略。", - "xpack.osquery.scheduledQueryGroup.form.settingsSectionTitleText": "已计划查询组设置", - "xpack.osquery.scheduledQueryGroup.form.updateSuccessToastMessageText": "已成功更新 {scheduledQueryGroupName}", - "xpack.osquery.scheduledQueryGroup.queriesForm.addQueryButtonLabel": "添加查询", - "xpack.osquery.scheduledQueryGroup.queriesTable.actionsColumnTitle": "操作", - "xpack.osquery.scheduledQueryGroup.queriesTable.deleteActionAriaLabel": "删除 {queryName}", - "xpack.osquery.scheduledQueryGroup.queriesTable.editActionAriaLabel": "编辑 {queryName}", - "xpack.osquery.scheduledQueryGroup.queriesTable.idColumnTitle": "ID", - "xpack.osquery.scheduledQueryGroup.queriesTable.intervalColumnTitle": "时间间隔 (s)", - "xpack.osquery.scheduledQueryGroup.queriesTable.osqueryVersionAllLabel": "全部", - "xpack.osquery.scheduledQueryGroup.queriesTable.platformColumnTitle": "平台", - "xpack.osquery.scheduledQueryGroup.queriesTable.queryColumnTitle": "查询", - "xpack.osquery.scheduledQueryGroup.queriesTable.versionColumnTitle": "最低 Osquery 版本", - "xpack.osquery.scheduledQueryGroup.queriesTable.viewDiscoverResultsActionAriaLabel": "在 Discover 中查看", - "xpack.osquery.scheduledQueryGroup.queriesTable.viewLensResultsActionAriaLabel": "在 Lens 中查看", - "xpack.osquery.scheduledQueryGroup.queriesTable.viewResultsColumnTitle": "查看结果", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.addECSMappingRowButtonAriaLabel": "添加 ECS 映射行", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.cancelButtonLabel": "取消", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.deleteECSMappingRowButtonAriaLabel": "删除 ECS 映射行", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.descriptionFieldLabel": "描述", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.ecsFieldLabel": "ECS 字段", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.ecsFieldRequiredErrorMessage": "ECS 字段必填。", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.emptyIdError": "“ID”必填", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.emptyQueryError": "“查询”是必填字段", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.idFieldLabel": "ID", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.intervalFieldLabel": "时间间隔 (s)", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.invalidIdError": "字符必须是数字字母、_ 或 -", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.invalidIntervalField": "时间间隔值必须为正数", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.osqueryResultFieldLabel": "Osquery 结果", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.osqueryResultFieldRequiredErrorMessage": "Osquery 结果必填。", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.osqueryResultFieldValueMissingErrorMessage": "当前查询不返回 {columnName} 字段", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.platformFieldLabel": "平台", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.platformLinusLabel": "macOS", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.platformMacOSLabel": "Linux", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.platformWindowsLabel": "Windows", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.queryFieldLabel": "查询", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.saveButtonLabel": "保存", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.uniqueIdError": "ID 必须唯一", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.versionFieldLabel": "最低 Osquery 版本", - "xpack.osquery.scheduledQueryGroup.queryFlyoutForm.versionFieldOptionalLabel": "(可选)", - "xpack.osquery.scheduledQueryGroup.table.activatedSuccessToastMessageText": "已成功激活 {scheduledQueryGroupName}", - "xpack.osquery.scheduledQueryGroup.table.deactivatedSuccessToastMessageText": "已成功停用 {scheduledQueryGroupName}", - "xpack.osquery.scheduledQueryGroup.table.deleteQueriesButtonLabel": "删除 {queriesCount, plural, other {# 个查询}}", - "xpack.osquery.scheduledQueryGroups.table.activeColumnTitle": "活动", - "xpack.osquery.scheduledQueryGroups.table.createdByColumnTitle": "创建者", - "xpack.osquery.scheduledQueryGroups.table.nameColumnTitle": "名称", - "xpack.osquery.scheduledQueryGroups.table.numberOfQueriesColumnTitle": "查询数目", - "xpack.osquery.scheduledQueryGroups.table.policyColumnTitle": "策略", - "xpack.osquery.scheduledQueryList.addScheduledQueryButtonLabel": "添加已计划查询组", - "xpack.osquery.scheduledQueryList.pageTitle": "已计划查询组", - "xpack.osquery.scheduleQueryGroup.kpis.policyLabelText": "策略", - "xpack.osquery.scheduleQueryGroup.queryFlyoutForm.addFormTitle": "附加下一个查询", - "xpack.osquery.scheduleQueryGroup.queryFlyoutForm.editFormTitle": "编辑查询", - "xpack.osquery.scheduleQueryGroup.queryFlyoutForm.unsupportedPlatformAndVersionFieldsCalloutTitle": "{version} 提供平台和版本字段", "xpack.osquery.viewSavedQuery.pageTitle": "“{savedQueryId}”详细信息", "xpack.painlessLab.apiReferenceButtonLabel": "API 参考", "xpack.painlessLab.context.defaultLabel": "脚本结果将转换成字符串", diff --git a/yarn.lock b/yarn.lock index 9cba714293ff99d..e5e2f59359c9f9c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -24090,10 +24090,10 @@ react-popper@^2.2.4: react-fast-compare "^3.0.1" warning "^4.0.2" -react-query@^3.21.1: - version "3.21.1" - resolved "https://registry.yarnpkg.com/react-query/-/react-query-3.21.1.tgz#8fe4df90bf6c6a93e0552ea9baff211d1b28f6e0" - integrity sha512-aKFLfNJc/m21JBXJk7sR9tDUYPjotWA4EHAKvbZ++GgxaY+eI0tqBxXmGBuJo0Pisis1W4pZWlZgoRv9yE8yjA== +react-query@^3.27.0: + version "3.27.0" + resolved "https://registry.yarnpkg.com/react-query/-/react-query-3.27.0.tgz#77c76377ae41d180c4718da07ef72df82e07306b" + integrity sha512-2MR5LBXnR6OMXQVLcv/57x1zkDNj6gK5J5mtjGi6pu0aQ6Y4jGQysVvkrAErMKMZJVZELFcYGA8LsGIHzlo/zg== dependencies: "@babel/runtime" "^7.5.5" broadcast-channel "^3.4.1" From d08f091d4a6583ca027be5aa0aaf30abbb9a359f Mon Sep 17 00:00:00 2001 From: Shahzad Date: Mon, 18 Oct 2021 10:35:02 +0200 Subject: [PATCH 15/50] [Uptime] Added uptime query inspector panel (#115170) --- .../scripts/upload-telemetry-data/index.ts | 3 +- .../utils/get_inspect_response.ts | 49 ++++++++++++------- .../utils/unwrap_es_response.ts | 0 .../series_editor/use_filter_values.ts | 6 ++- .../shared/field_value_suggestions/index.tsx | 3 ++ .../shared/field_value_suggestions/types.ts | 2 + .../context/inspector/inspector_context.tsx | 7 +++ .../public/hooks/use_es_search.ts | 46 ++++++++++++++--- .../public/hooks/use_values_list.ts | 7 ++- x-pack/plugins/observability/public/index.ts | 5 +- x-pack/plugins/observability/server/index.ts | 7 ++- .../annotations/create_annotations_client.ts | 2 +- x-pack/plugins/uptime/kibana.json | 1 + x-pack/plugins/uptime/public/apps/plugin.ts | 2 + .../plugins/uptime/public/apps/uptime_app.tsx | 10 ++-- .../public/apps/uptime_page_template.tsx | 8 ++- .../certificates/use_cert_search.ts | 16 +++--- .../common/header/action_menu_content.tsx | 2 + .../common/header/inspector_header_link.tsx | 39 +++++++++++++++ .../components/monitor/ml/ml_flyout.test.tsx | 3 ++ .../use_step_waterfall_metrics.test.tsx | 3 +- .../step_detail/use_step_waterfall_metrics.ts | 5 +- .../overview/filter_group/filter_group.tsx | 9 +++- .../monitor_list/use_monitor_histogram.ts | 11 +++-- x-pack/plugins/uptime/public/routes.tsx | 6 +++ .../uptime/public/state/api/snapshot.test.ts | 1 + .../plugins/uptime/public/state/api/utils.ts | 18 +++++-- x-pack/plugins/uptime/server/lib/lib.ts | 30 +++++++++++- .../server/lib/requests/get_ping_histogram.ts | 2 +- .../lib/requests/get_snapshot_counts.ts | 9 ++-- .../requests/search/find_potential_matches.ts | 2 +- .../lib/requests/search/query_context.ts | 4 +- .../search/refine_potential_matches.ts | 2 +- .../rest_api/index_state/get_index_status.ts | 7 +-- .../server/rest_api/monitors/monitor_list.ts | 1 - .../rest_api/monitors/monitor_locations.ts | 1 - .../rest_api/monitors/monitor_status.ts | 1 - .../rest_api/monitors/monitors_details.ts | 1 - .../rest_api/monitors/monitors_durations.ts | 1 - .../rest_api/pings/get_ping_histogram.ts | 1 - .../uptime/server/rest_api/pings/get_pings.ts | 1 - .../pings/journey_screenshot_blocks.ts | 3 -- .../rest_api/pings/journey_screenshots.ts | 4 -- .../uptime/server/rest_api/pings/journeys.ts | 2 - .../rest_api/snapshot/get_snapshot_count.ts | 1 - .../synthetics/last_successful_step.ts | 1 - .../rest_api/telemetry/log_page_view.ts | 1 - .../server/rest_api/uptime_route_wrapper.ts | 11 ++++- 48 files changed, 266 insertions(+), 91 deletions(-) rename x-pack/plugins/observability/{server => common}/utils/get_inspect_response.ts (79%) rename x-pack/plugins/observability/{server => common}/utils/unwrap_es_response.ts (100%) create mode 100644 x-pack/plugins/uptime/public/components/common/header/inspector_header_link.tsx diff --git a/x-pack/plugins/apm/scripts/upload-telemetry-data/index.ts b/x-pack/plugins/apm/scripts/upload-telemetry-data/index.ts index c900123c6cee973..6397c79ce4ffbf9 100644 --- a/x-pack/plugins/apm/scripts/upload-telemetry-data/index.ts +++ b/x-pack/plugins/apm/scripts/upload-telemetry-data/index.ts @@ -17,8 +17,7 @@ import { argv } from 'yargs'; import { Logger } from 'kibana/server'; // eslint-disable-next-line @kbn/eslint/no-restricted-paths import { CollectTelemetryParams } from '../../server/lib/apm_telemetry/collect_data_telemetry'; -// eslint-disable-next-line @kbn/eslint/no-restricted-paths -import { unwrapEsResponse } from '../../../observability/server/utils/unwrap_es_response'; +import { unwrapEsResponse } from '../../../observability/common/utils/unwrap_es_response'; import { downloadTelemetryTemplate } from '../shared/download-telemetry-template'; import { mergeApmTelemetryMapping } from '../../common/apm_telemetry'; import { generateSampleDocuments } from './generate-sample-documents'; diff --git a/x-pack/plugins/observability/server/utils/get_inspect_response.ts b/x-pack/plugins/observability/common/utils/get_inspect_response.ts similarity index 79% rename from x-pack/plugins/observability/server/utils/get_inspect_response.ts rename to x-pack/plugins/observability/common/utils/get_inspect_response.ts index a6792e0cac5fd0d..55d84b622dc2c6f 100644 --- a/x-pack/plugins/observability/server/utils/get_inspect_response.ts +++ b/x-pack/plugins/observability/common/utils/get_inspect_response.ts @@ -8,8 +8,8 @@ import { i18n } from '@kbn/i18n'; import type { KibanaRequest } from 'kibana/server'; import type { RequestStatistics, RequestStatus } from '../../../../../src/plugins/inspector'; -import { WrappedElasticsearchClientError } from '../index'; import { InspectResponse } from '../../typings/common'; +import { WrappedElasticsearchClientError } from './unwrap_es_response'; /** * Get statistics to show on inspector tab. @@ -29,19 +29,26 @@ function getStats({ kibanaRequest: KibanaRequest; }) { const stats: RequestStatistics = { - kibanaApiQueryParameters: { - label: i18n.translate('xpack.observability.inspector.stats.kibanaApiQueryParametersLabel', { - defaultMessage: 'Kibana API query parameters', - }), - description: i18n.translate( - 'xpack.observability.inspector.stats.kibanaApiQueryParametersDescription', - { - defaultMessage: - 'The query parameters used in the Kibana API request that initiated the Elasticsearch request.', + ...(kibanaRequest.query + ? { + kibanaApiQueryParameters: { + label: i18n.translate( + 'xpack.observability.inspector.stats.kibanaApiQueryParametersLabel', + { + defaultMessage: 'Kibana API query parameters', + } + ), + description: i18n.translate( + 'xpack.observability.inspector.stats.kibanaApiQueryParametersDescription', + { + defaultMessage: + 'The query parameters used in the Kibana API request that initiated the Elasticsearch request.', + } + ), + value: JSON.stringify(kibanaRequest.query, null, 2), + }, } - ), - value: JSON.stringify(kibanaRequest.query, null, 2), - }, + : {}), kibanaApiRoute: { label: i18n.translate('xpack.observability.inspector.stats.kibanaApiRouteLabel', { defaultMessage: 'Kibana API route', @@ -93,11 +100,17 @@ function getStats({ } if (esResponse?.hits?.total !== undefined) { - const total = esResponse.hits.total as { - relation: string; - value: number; - }; - const hitsTotalValue = total.relation === 'eq' ? `${total.value}` : `> ${total.value}`; + let hitsTotalValue; + + if (typeof esResponse.hits.total === 'number') { + hitsTotalValue = esResponse.hits.total; + } else { + const total = esResponse.hits.total as { + relation: string; + value: number; + }; + hitsTotalValue = total.relation === 'eq' ? `${total.value}` : `> ${total.value}`; + } stats.hitsTotal = { label: i18n.translate('xpack.observability.inspector.stats.hitsTotalLabel', { diff --git a/x-pack/plugins/observability/server/utils/unwrap_es_response.ts b/x-pack/plugins/observability/common/utils/unwrap_es_response.ts similarity index 100% rename from x-pack/plugins/observability/server/utils/unwrap_es_response.ts rename to x-pack/plugins/observability/common/utils/unwrap_es_response.ts diff --git a/x-pack/plugins/observability/public/components/shared/exploratory_view/series_editor/use_filter_values.ts b/x-pack/plugins/observability/public/components/shared/exploratory_view/series_editor/use_filter_values.ts index 8c659db559d6863..e84f79f88298c1b 100644 --- a/x-pack/plugins/observability/public/components/shared/exploratory_view/series_editor/use_filter_values.ts +++ b/x-pack/plugins/observability/public/components/shared/exploratory_view/series_editor/use_filter_values.ts @@ -12,7 +12,10 @@ import { useAppIndexPatternContext } from '../hooks/use_app_index_pattern'; import { ESFilter } from '../../../../../../../../src/core/types/elasticsearch'; import { PersistableFilter } from '../../../../../../lens/common'; -export function useFilterValues({ field, series, baseFilters }: FilterProps, query?: string) { +export function useFilterValues( + { field, series, baseFilters, label }: FilterProps, + query?: string +) { const { indexPatterns } = useAppIndexPatternContext(series.dataType); const queryFilters: ESFilter[] = []; @@ -28,6 +31,7 @@ export function useFilterValues({ field, series, baseFilters }: FilterProps, que return useValuesList({ query, + label, sourceField: field, time: series.time, keepHistory: true, diff --git a/x-pack/plugins/observability/public/components/shared/field_value_suggestions/index.tsx b/x-pack/plugins/observability/public/components/shared/field_value_suggestions/index.tsx index 1c5da15dd33dfb9..ccb2ea2932f5d35 100644 --- a/x-pack/plugins/observability/public/components/shared/field_value_suggestions/index.tsx +++ b/x-pack/plugins/observability/public/components/shared/field_value_suggestions/index.tsx @@ -33,6 +33,7 @@ export function FieldValueSuggestions({ required, allowExclusions = true, cardinalityField, + inspector, asCombobox = true, onChange: onSelectionChange, }: FieldValueSuggestionsProps) { @@ -44,7 +45,9 @@ export function FieldValueSuggestions({ sourceField, filters, time, + inspector, cardinalityField, + label, keepHistory: true, }); diff --git a/x-pack/plugins/observability/public/components/shared/field_value_suggestions/types.ts b/x-pack/plugins/observability/public/components/shared/field_value_suggestions/types.ts index b6de2bafdd85205..6f6d520a831549e 100644 --- a/x-pack/plugins/observability/public/components/shared/field_value_suggestions/types.ts +++ b/x-pack/plugins/observability/public/components/shared/field_value_suggestions/types.ts @@ -8,6 +8,7 @@ import { PopoverAnchorPosition } from '@elastic/eui'; import { Dispatch, SetStateAction } from 'react'; import { ESFilter } from 'src/core/types/elasticsearch'; +import { IInspectorInfo } from '../../../../../../../src/plugins/data/common'; interface CommonProps { selectedValue?: string[]; @@ -37,6 +38,7 @@ export type FieldValueSuggestionsProps = CommonProps & { onChange: (val?: string[], excludedValue?: string[]) => void; filters: ESFilter[]; time?: { from: string; to: string }; + inspector?: IInspectorInfo; }; export type FieldValueSelectionProps = CommonProps & { diff --git a/x-pack/plugins/observability/public/context/inspector/inspector_context.tsx b/x-pack/plugins/observability/public/context/inspector/inspector_context.tsx index 1d9bd95fa08fa63..56498fcaecd5c14 100644 --- a/x-pack/plugins/observability/public/context/inspector/inspector_context.tsx +++ b/x-pack/plugins/observability/public/context/inspector/inspector_context.tsx @@ -23,6 +23,13 @@ const value: InspectorContextValue = { export const InspectorContext = createContext(value); +export type AddInspectorRequest = ( + result: FetcherResult<{ + mainStatisticsData?: { _inspect?: InspectResponse }; + _inspect?: InspectResponse; + }> +) => void; + export function InspectorContextProvider({ children }: { children: ReactNode }) { const history = useHistory(); const { inspectorAdapters } = value; diff --git a/x-pack/plugins/observability/public/hooks/use_es_search.ts b/x-pack/plugins/observability/public/hooks/use_es_search.ts index 70ffdbba22c5881..bf96cf2c1f2c5c6 100644 --- a/x-pack/plugins/observability/public/hooks/use_es_search.ts +++ b/x-pack/plugins/observability/public/hooks/use_es_search.ts @@ -9,27 +9,61 @@ import { estypes } from '@elastic/elasticsearch'; import { DataPublicPluginStart } from '../../../../../src/plugins/data/public'; import { ESSearchResponse } from '../../../../../src/core/types/elasticsearch'; import { useKibana } from '../../../../../src/plugins/kibana_react/public'; -import { isCompleteResponse } from '../../../../../src/plugins/data/common'; -import { useFetcher } from './use_fetcher'; +import { IInspectorInfo, isCompleteResponse } from '../../../../../src/plugins/data/common'; +import { FETCH_STATUS, useFetcher } from './use_fetcher'; +import { useInspectorContext } from '../context/inspector/use_inspector_context'; +import { getInspectResponse } from '../../common/utils/get_inspect_response'; export const useEsSearch = ( params: TParams, - fnDeps: any[] + fnDeps: any[], + options: { inspector?: IInspectorInfo; name: string } ) => { const { services: { data }, } = useKibana<{ data: DataPublicPluginStart }>(); + const { name } = options ?? {}; + + const { addInspectorRequest } = useInspectorContext(); + const { data: response = {}, loading } = useFetcher(() => { if (params.index) { + const startTime = Date.now(); return new Promise((resolve) => { const search$ = data.search - .search({ - params, - }) + .search( + { + params, + }, + {} + ) .subscribe({ next: (result) => { if (isCompleteResponse(result)) { + if (addInspectorRequest) { + addInspectorRequest({ + data: { + _inspect: [ + getInspectResponse({ + startTime, + esRequestParams: params, + esResponse: result.rawResponse, + esError: null, + esRequestStatus: 1, + operationName: name, + kibanaRequest: { + route: { + path: '/internal/bsearch', + method: 'POST', + }, + } as any, + }), + ], + }, + status: FETCH_STATUS.SUCCESS, + }); + } // Final result resolve(result); search$.unsubscribe(); diff --git a/x-pack/plugins/observability/public/hooks/use_values_list.ts b/x-pack/plugins/observability/public/hooks/use_values_list.ts index 7f52fff55e70629..e2268f7b8524423 100644 --- a/x-pack/plugins/observability/public/hooks/use_values_list.ts +++ b/x-pack/plugins/observability/public/hooks/use_values_list.ts @@ -10,16 +10,19 @@ import { useEffect, useState } from 'react'; import useDebounce from 'react-use/lib/useDebounce'; import { ESFilter } from '../../../../../src/core/types/elasticsearch'; import { createEsParams, useEsSearch } from './use_es_search'; +import { IInspectorInfo } from '../../../../../src/plugins/data/common'; import { TRANSACTION_URL } from '../components/shared/exploratory_view/configurations/constants/elasticsearch_fieldnames'; export interface Props { sourceField: string; + label: string; query?: string; indexPatternTitle?: string; filters?: ESFilter[]; time?: { from: string; to: string }; keepHistory?: boolean; cardinalityField?: string; + inspector?: IInspectorInfo; } export interface ListItem { @@ -60,6 +63,7 @@ export const useValuesList = ({ query = '', filters, time, + label, keepHistory, cardinalityField, }: Props): { values: ListItem[]; loading?: boolean } => { @@ -131,7 +135,8 @@ export const useValuesList = ({ }, }, }), - [debouncedQuery, from, to, JSON.stringify(filters), indexPatternTitle, sourceField] + [debouncedQuery, from, to, JSON.stringify(filters), indexPatternTitle, sourceField], + { name: `get${label.replace(/\s/g, '')}ValuesList` } ); useEffect(() => { diff --git a/x-pack/plugins/observability/public/index.ts b/x-pack/plugins/observability/public/index.ts index 22ad95b96f41fd0..2dd380c3b768309 100644 --- a/x-pack/plugins/observability/public/index.ts +++ b/x-pack/plugins/observability/public/index.ts @@ -83,5 +83,8 @@ export type { export { createObservabilityRuleTypeRegistryMock } from './rules/observability_rule_type_registry_mock'; export type { ExploratoryEmbeddableProps } from './components/shared/exploratory_view/embeddable/embeddable'; -export { InspectorContextProvider } from './context/inspector/inspector_context'; +export { + InspectorContextProvider, + AddInspectorRequest, +} from './context/inspector/inspector_context'; export { useInspectorContext } from './context/inspector/use_inspector_context'; diff --git a/x-pack/plugins/observability/server/index.ts b/x-pack/plugins/observability/server/index.ts index 1e811e0a5278cb0..77595d118709391 100644 --- a/x-pack/plugins/observability/server/index.ts +++ b/x-pack/plugins/observability/server/index.ts @@ -13,9 +13,12 @@ import { PluginConfigDescriptor, PluginInitializerContext } from 'src/core/serve import { ObservabilityPlugin, ObservabilityPluginSetup } from './plugin'; import { createOrUpdateIndex, Mappings } from './utils/create_or_update_index'; import { ScopedAnnotationsClient } from './lib/annotations/bootstrap_annotations'; -import { unwrapEsResponse, WrappedElasticsearchClientError } from './utils/unwrap_es_response'; +import { + unwrapEsResponse, + WrappedElasticsearchClientError, +} from '../common/utils/unwrap_es_response'; export { rangeQuery, kqlQuery } from './utils/queries'; -export { getInspectResponse } from './utils/get_inspect_response'; +export { getInspectResponse } from '../common/utils/get_inspect_response'; export * from './types'; diff --git a/x-pack/plugins/observability/server/lib/annotations/create_annotations_client.ts b/x-pack/plugins/observability/server/lib/annotations/create_annotations_client.ts index 39a594dcc86ca95..98e8908cd60a533 100644 --- a/x-pack/plugins/observability/server/lib/annotations/create_annotations_client.ts +++ b/x-pack/plugins/observability/server/lib/annotations/create_annotations_client.ts @@ -17,7 +17,7 @@ import { } from '../../../common/annotations'; import { createOrUpdateIndex } from '../../utils/create_or_update_index'; import { mappings } from './mappings'; -import { unwrapEsResponse } from '../../utils/unwrap_es_response'; +import { unwrapEsResponse } from '../../../common/utils/unwrap_es_response'; type CreateParams = t.TypeOf; type DeleteParams = t.TypeOf; diff --git a/x-pack/plugins/uptime/kibana.json b/x-pack/plugins/uptime/kibana.json index 3124324d90389dd..409436d734011cc 100644 --- a/x-pack/plugins/uptime/kibana.json +++ b/x-pack/plugins/uptime/kibana.json @@ -14,6 +14,7 @@ "requiredPlugins": [ "alerting", "embeddable", + "inspector", "features", "licensing", "triggersActionsUi", diff --git a/x-pack/plugins/uptime/public/apps/plugin.ts b/x-pack/plugins/uptime/public/apps/plugin.ts index ed936fe16498354..124de9a60110cb6 100644 --- a/x-pack/plugins/uptime/public/apps/plugin.ts +++ b/x-pack/plugins/uptime/public/apps/plugin.ts @@ -42,6 +42,7 @@ import { LazySyntheticsPolicyEditExtension, } from '../components/fleet_package'; import { LazySyntheticsCustomAssetsExtension } from '../components/fleet_package/lazy_synthetics_custom_assets_extension'; +import { Start as InspectorPluginStart } from '../../../../../src/plugins/inspector/public'; export interface ClientPluginsSetup { data: DataPublicPluginSetup; @@ -56,6 +57,7 @@ export interface ClientPluginsStart { triggersActionsUi: TriggersAndActionsUIPublicPluginStart; fleet?: FleetStart; observability: ObservabilityPublicStart; + inspector: InspectorPluginStart; } export interface UptimePluginServices extends Partial { diff --git a/x-pack/plugins/uptime/public/apps/uptime_app.tsx b/x-pack/plugins/uptime/public/apps/uptime_app.tsx index 73f228f62154004..991657f25802908 100644 --- a/x-pack/plugins/uptime/public/apps/uptime_app.tsx +++ b/x-pack/plugins/uptime/public/apps/uptime_app.tsx @@ -33,6 +33,7 @@ import { ActionMenu } from '../components/common/header/action_menu'; import { EuiThemeProvider } from '../../../../../src/plugins/kibana_react/common'; import { Storage } from '../../../../../src/plugins/kibana_utils/public'; import { UptimeIndexPatternContextProvider } from '../contexts/uptime_index_pattern_context'; +import { InspectorContextProvider } from '../../../observability/public'; export interface UptimeAppColors { danger: string; @@ -110,6 +111,7 @@ const Application = (props: UptimeAppProps) => { ...plugins, storage, data: startPlugins.data, + inspector: startPlugins.inspector, triggersActionsUi: startPlugins.triggersActionsUi, observability: startPlugins.observability, }} @@ -126,9 +128,11 @@ const Application = (props: UptimeAppProps) => { className={APP_WRAPPER_CLASS} application={core.application} > - - - + + + + + diff --git a/x-pack/plugins/uptime/public/apps/uptime_page_template.tsx b/x-pack/plugins/uptime/public/apps/uptime_page_template.tsx index 817bbf9bedcb1ba..c6eaeb78a7c1eda 100644 --- a/x-pack/plugins/uptime/public/apps/uptime_page_template.tsx +++ b/x-pack/plugins/uptime/public/apps/uptime_page_template.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import React, { useMemo } from 'react'; +import React, { useEffect, useMemo } from 'react'; import styled from 'styled-components'; import { EuiPageHeaderProps } from '@elastic/eui'; import { CERTIFICATES_ROUTE, OVERVIEW_ROUTE } from '../../common/constants'; @@ -15,6 +15,7 @@ import { useNoDataConfig } from './use_no_data_config'; import { EmptyStateLoading } from '../components/overview/empty_state/empty_state_loading'; import { EmptyStateError } from '../components/overview/empty_state/empty_state_error'; import { useHasData } from '../components/overview/empty_state/use_has_data'; +import { useInspectorContext } from '../../../observability/public'; interface Props { path: string; @@ -39,6 +40,11 @@ export const UptimePageTemplateComponent: React.FC = ({ path, pageHeader, const noDataConfig = useNoDataConfig(); const { loading, error, data } = useHasData(); + const { inspectorAdapters } = useInspectorContext(); + + useEffect(() => { + inspectorAdapters.requests.reset(); + }, [inspectorAdapters.requests]); if (error) { return ; diff --git a/x-pack/plugins/uptime/public/components/certificates/use_cert_search.ts b/x-pack/plugins/uptime/public/components/certificates/use_cert_search.ts index 22531faff2da198..c4379e550b47a0a 100644 --- a/x-pack/plugins/uptime/public/components/certificates/use_cert_search.ts +++ b/x-pack/plugins/uptime/public/components/certificates/use_cert_search.ts @@ -7,7 +7,7 @@ import { useSelector } from 'react-redux'; import { useContext } from 'react'; -import { useEsSearch, createEsParams } from '../../../../observability/public'; +import { createEsParams, useEsSearch } from '../../../../observability/public'; import { CertResult, GetCertsParams, Ping } from '../../../common/runtime_types'; @@ -48,13 +48,13 @@ export const useCertSearch = ({ body: searchBody, }); - const { data: result, loading } = useEsSearch(esParams, [ - settings.settings?.heartbeatIndices, - size, - pageIndex, - lastRefresh, - search, - ]); + const { data: result, loading } = useEsSearch( + esParams, + [settings.settings?.heartbeatIndices, size, pageIndex, lastRefresh, search], + { + name: 'getTLSCertificates', + } + ); return result ? { ...processCertsResult(result), loading } : { certs: [], total: 0, loading }; }; diff --git a/x-pack/plugins/uptime/public/components/common/header/action_menu_content.tsx b/x-pack/plugins/uptime/public/components/common/header/action_menu_content.tsx index c459fe46da9758f..21ef3428696e9e2 100644 --- a/x-pack/plugins/uptime/public/components/common/header/action_menu_content.tsx +++ b/x-pack/plugins/uptime/public/components/common/header/action_menu_content.tsx @@ -18,6 +18,7 @@ import { useGetUrlParams } from '../../../hooks'; import { ToggleAlertFlyoutButton } from '../../overview/alerts/alerts_containers'; import { SETTINGS_ROUTE } from '../../../../common/constants'; import { stringifyUrlParams } from '../../../lib/helper/stringify_url_params'; +import { InspectorHeaderLink } from './inspector_header_link'; import { monitorStatusSelector } from '../../../state/selectors'; const ADD_DATA_LABEL = i18n.translate('xpack.uptime.addDataButtonLabel', { @@ -107,6 +108,7 @@ export function ActionMenuContent(): React.ReactElement { > {ADD_DATA_LABEL} + ); } diff --git a/x-pack/plugins/uptime/public/components/common/header/inspector_header_link.tsx b/x-pack/plugins/uptime/public/components/common/header/inspector_header_link.tsx new file mode 100644 index 000000000000000..8f787512aaf9d38 --- /dev/null +++ b/x-pack/plugins/uptime/public/components/common/header/inspector_header_link.tsx @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { EuiHeaderLink } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import React from 'react'; +import { useKibana } from '../../../../../../../src/plugins/kibana_react/public'; +import { enableInspectEsQueries, useInspectorContext } from '../../../../../observability/public'; +import { ClientPluginsStart } from '../../../apps/plugin'; + +export function InspectorHeaderLink() { + const { + services: { inspector, uiSettings }, + } = useKibana(); + + const { inspectorAdapters } = useInspectorContext(); + + const isInspectorEnabled = uiSettings?.get(enableInspectEsQueries); + + const inspect = () => { + inspector.open(inspectorAdapters); + }; + + if (!isInspectorEnabled) { + return null; + } + + return ( + + {i18n.translate('xpack.uptime.inspectButtonText', { + defaultMessage: 'Inspect', + })} + + ); +} diff --git a/x-pack/plugins/uptime/public/components/monitor/ml/ml_flyout.test.tsx b/x-pack/plugins/uptime/public/components/monitor/ml/ml_flyout.test.tsx index d066bf416e08382..29c4a852e208bda 100644 --- a/x-pack/plugins/uptime/public/components/monitor/ml/ml_flyout.test.tsx +++ b/x-pack/plugins/uptime/public/components/monitor/ml/ml_flyout.test.tsx @@ -33,6 +33,7 @@ describe('ML Flyout component', () => { spy1.mockReturnValue(false); const value = { + isDevMode: true, basePath: '', dateRangeStart: DATE_RANGE_START, dateRangeEnd: DATE_RANGE_END, @@ -48,6 +49,7 @@ describe('ML Flyout component', () => { onClose={onClose} canCreateMLJob={true} /> + uptime/public/state/api/utils.ts ); @@ -57,6 +59,7 @@ describe('ML Flyout component', () => { it('able to create job if valid license is available', async () => { const value = { + isDevMode: true, basePath: '', dateRangeStart: DATE_RANGE_START, dateRangeEnd: DATE_RANGE_END, diff --git a/x-pack/plugins/uptime/public/components/monitor/synthetics/step_detail/use_step_waterfall_metrics.test.tsx b/x-pack/plugins/uptime/public/components/monitor/synthetics/step_detail/use_step_waterfall_metrics.test.tsx index 8b23d867572f3d2..441ede99fd8b40c 100644 --- a/x-pack/plugins/uptime/public/components/monitor/synthetics/step_detail/use_step_waterfall_metrics.test.tsx +++ b/x-pack/plugins/uptime/public/components/monitor/synthetics/step_detail/use_step_waterfall_metrics.test.tsx @@ -87,7 +87,8 @@ describe('useStepWaterfallMetrics', () => { }, index: 'heartbeat-*', }, - ['heartbeat-*', '44D-444FFF-444-FFF-3333', true] + ['heartbeat-*', '44D-444FFF-444-FFF-3333', true], + { name: 'getWaterfallStepMetrics' } ); expect(result.current).toEqual({ loading: false, diff --git a/x-pack/plugins/uptime/public/components/monitor/synthetics/step_detail/use_step_waterfall_metrics.ts b/x-pack/plugins/uptime/public/components/monitor/synthetics/step_detail/use_step_waterfall_metrics.ts index cf60f6d7d5567b7..ad2762826c91faf 100644 --- a/x-pack/plugins/uptime/public/components/monitor/synthetics/step_detail/use_step_waterfall_metrics.ts +++ b/x-pack/plugins/uptime/public/components/monitor/synthetics/step_detail/use_step_waterfall_metrics.ts @@ -57,7 +57,10 @@ export const useStepWaterfallMetrics = ({ checkGroup, hasNavigationRequest, step }, }) : {}, - [heartbeatIndices, checkGroup, hasNavigationRequest] + [heartbeatIndices, checkGroup, hasNavigationRequest], + { + name: 'getWaterfallStepMetrics', + } ); if (!hasNavigationRequest) { diff --git a/x-pack/plugins/uptime/public/components/overview/filter_group/filter_group.tsx b/x-pack/plugins/uptime/public/components/overview/filter_group/filter_group.tsx index 3980b4bf9d3da79..835cbb806014298 100644 --- a/x-pack/plugins/uptime/public/components/overview/filter_group/filter_group.tsx +++ b/x-pack/plugins/uptime/public/components/overview/filter_group/filter_group.tsx @@ -8,9 +8,10 @@ import React, { useCallback, useState } from 'react'; import { EuiFilterGroup } from '@elastic/eui'; import styled from 'styled-components'; +import { capitalize } from 'lodash'; import { useFilterUpdate } from '../../../hooks/use_filter_update'; import { useSelectedFilters } from '../../../hooks/use_selected_filters'; -import { FieldValueSuggestions } from '../../../../../observability/public'; +import { FieldValueSuggestions, useInspectorContext } from '../../../../../observability/public'; import { SelectedFilters } from './selected_filters'; import { useIndexPattern } from '../../../contexts/uptime_index_pattern_context'; import { useGetUrlParams } from '../../../hooks'; @@ -34,6 +35,8 @@ export const FilterGroup = () => { const { dateRangeStart, dateRangeEnd } = useGetUrlParams(); + const { inspectorAdapters } = useInspectorContext(); + const { filtersList } = useSelectedFilters(); const indexPattern = useIndexPattern(); @@ -67,6 +70,10 @@ export const FilterGroup = () => { filters={[]} cardinalityField="monitor.id" time={{ from: dateRangeStart, to: dateRangeEnd }} + inspector={{ + adapter: inspectorAdapters.requests, + title: 'get' + capitalize(label) + 'FilterValues', + }} /> ))} diff --git a/x-pack/plugins/uptime/public/components/overview/monitor_list/use_monitor_histogram.ts b/x-pack/plugins/uptime/public/components/overview/monitor_list/use_monitor_histogram.ts index e1ef3d9efee8968..a3985fe5ccca5fb 100644 --- a/x-pack/plugins/uptime/public/components/overview/monitor_list/use_monitor_histogram.ts +++ b/x-pack/plugins/uptime/public/components/overview/monitor_list/use_monitor_histogram.ts @@ -37,10 +37,13 @@ export const useMonitorHistogram = ({ items }: { items: MonitorSummary[] }) => { monitorIds ); - const { data, loading } = useEsSearch(queryParams, [ - JSON.stringify(monitorIds), - lastRefresh, - ]); + const { data, loading } = useEsSearch( + queryParams, + [JSON.stringify(monitorIds), lastRefresh], + { + name: 'getMonitorDownHistory', + } + ); const histogramBuckets = data?.aggregations?.histogram.buckets ?? []; const simplified = histogramBuckets.map((histogramBucket) => { diff --git a/x-pack/plugins/uptime/public/routes.tsx b/x-pack/plugins/uptime/public/routes.tsx index 9f7310b43e5561e..54f2110c88bc42b 100644 --- a/x-pack/plugins/uptime/public/routes.tsx +++ b/x-pack/plugins/uptime/public/routes.tsx @@ -39,6 +39,8 @@ import { StepDetailPageRightSideItem, } from './pages/synthetics/step_detail_page'; import { UptimePageTemplateComponent } from './apps/uptime_page_template'; +import { apiService } from './state/api/utils'; +import { useInspectorContext } from '../../observability/public'; interface RouteProps { path: string; @@ -178,6 +180,10 @@ const RouteInit: React.FC> = }; export const PageRouter: FC = () => { + const { addInspectorRequest } = useInspectorContext(); + + apiService.addInspectorRequest = addInspectorRequest; + return ( {Routes.map( diff --git a/x-pack/plugins/uptime/public/state/api/snapshot.test.ts b/x-pack/plugins/uptime/public/state/api/snapshot.test.ts index 6c10bd0fa3cb759..38be97d74844f57 100644 --- a/x-pack/plugins/uptime/public/state/api/snapshot.test.ts +++ b/x-pack/plugins/uptime/public/state/api/snapshot.test.ts @@ -18,6 +18,7 @@ describe('snapshot API', () => { get: jest.fn(), fetch: jest.fn(), } as any; + apiService.addInspectorRequest = jest.fn(); fetchMock = jest.spyOn(apiService.http, 'fetch'); mockResponse = { up: 3, down: 12, total: 15 }; }); diff --git a/x-pack/plugins/uptime/public/state/api/utils.ts b/x-pack/plugins/uptime/public/state/api/utils.ts index 91e017292d00f9c..d10064f1ff7a130 100644 --- a/x-pack/plugins/uptime/public/state/api/utils.ts +++ b/x-pack/plugins/uptime/public/state/api/utils.ts @@ -9,7 +9,7 @@ import { PathReporter } from 'io-ts/lib/PathReporter'; import { isRight } from 'fp-ts/lib/Either'; import { HttpFetchQuery, HttpSetup } from 'src/core/public'; import * as t from 'io-ts'; -import { startsWith } from 'lodash'; +import { FETCH_STATUS, AddInspectorRequest } from '../../../../observability/public'; function isObject(value: unknown) { const type = typeof value; @@ -43,6 +43,7 @@ export const formatErrors = (errors: t.Errors): string[] => { class ApiService { private static instance: ApiService; private _http!: HttpSetup; + private _addInspectorRequest!: AddInspectorRequest; public get http() { return this._http; @@ -52,6 +53,14 @@ class ApiService { this._http = httpSetup; } + public get addInspectorRequest() { + return this._addInspectorRequest; + } + + public set addInspectorRequest(addInspectorRequest: AddInspectorRequest) { + this._addInspectorRequest = addInspectorRequest; + } + private constructor() {} static getInstance(): ApiService { @@ -63,15 +72,14 @@ class ApiService { } public async get(apiUrl: string, params?: HttpFetchQuery, decodeType?: any, asResponse = false) { - const debugEnabled = - sessionStorage.getItem('uptime_debug') === 'true' && startsWith(apiUrl, '/api/uptime'); - const response = await this._http!.fetch({ path: apiUrl, - query: { ...params, ...(debugEnabled ? { _inspect: true } : {}) }, + query: params, asResponse, }); + this.addInspectorRequest?.({ data: response, status: FETCH_STATUS.SUCCESS, loading: false }); + if (decodeType) { const decoded = decodeType.decode(response); if (isRight(decoded)) { diff --git a/x-pack/plugins/uptime/server/lib/lib.ts b/x-pack/plugins/uptime/server/lib/lib.ts index 9b8ea6b98c8be47..eb2ad9ce21b9e17 100644 --- a/x-pack/plugins/uptime/server/lib/lib.ts +++ b/x-pack/plugins/uptime/server/lib/lib.ts @@ -18,6 +18,9 @@ import { UMLicenseCheck } from './domains'; import { UptimeRequests } from './requests'; import { savedObjectsAdapter } from './saved_objects'; import { ESSearchResponse } from '../../../../../src/core/types/elasticsearch'; +import { RequestStatus } from '../../../../../src/plugins/inspector'; +import { getInspectResponse } from '../../../observability/server'; +import { InspectResponse } from '../../../observability/typings/common'; export interface UMDomainLibs { requests: UptimeRequests; @@ -45,6 +48,8 @@ export interface CountResponse { export type UptimeESClient = ReturnType; +export const inspectableEsQueriesMap = new WeakMap(); + export function createUptimeESClient({ esClient, request, @@ -59,7 +64,8 @@ export function createUptimeESClient({ return { baseESClient: esClient, async search( - params: TParams + params: TParams, + operationName?: string ): Promise<{ body: ESSearchResponse }> { let res: any; let esError: any; @@ -70,11 +76,33 @@ export function createUptimeESClient({ const esParams = { index: dynamicSettings!.heartbeatIndices, ...params }; const startTime = process.hrtime(); + const startTimeNow = Date.now(); + + let esRequestStatus: RequestStatus = RequestStatus.PENDING; + try { res = await esClient.search(esParams); + esRequestStatus = RequestStatus.OK; } catch (e) { esError = e; + esRequestStatus = RequestStatus.ERROR; } + + const inspectableEsQueries = inspectableEsQueriesMap.get(request!); + if (inspectableEsQueries) { + inspectableEsQueries.push( + getInspectResponse({ + esError, + esRequestParams: esParams, + esRequestStatus, + esResponse: res.body, + kibanaRequest: request!, + operationName: operationName ?? '', + startTime: startTimeNow, + }) + ); + } + if (_inspect && request) { debugESCall({ startTime, request, esError, operationName: 'search', params: esParams }); } diff --git a/x-pack/plugins/uptime/server/lib/requests/get_ping_histogram.ts b/x-pack/plugins/uptime/server/lib/requests/get_ping_histogram.ts index 107a0f29e55fac1..600a335effe2ce1 100644 --- a/x-pack/plugins/uptime/server/lib/requests/get_ping_histogram.ts +++ b/x-pack/plugins/uptime/server/lib/requests/get_ping_histogram.ts @@ -87,7 +87,7 @@ export const getPingHistogram: UMElasticsearchQueryFn { diff --git a/x-pack/plugins/uptime/server/lib/requests/get_snapshot_counts.ts b/x-pack/plugins/uptime/server/lib/requests/get_snapshot_counts.ts index aef01f29f4d5760..ee4e3eb96eb5af0 100644 --- a/x-pack/plugins/uptime/server/lib/requests/get_snapshot_counts.ts +++ b/x-pack/plugins/uptime/server/lib/requests/get_snapshot_counts.ts @@ -43,9 +43,12 @@ export const getSnapshotCount: UMElasticsearchQueryFn => { - const { body: res } = await context.search({ - body: statusCountBody(await context.dateAndCustomFilters(), context), - }); + const { body: res } = await context.search( + { + body: statusCountBody(await context.dateAndCustomFilters(), context), + }, + 'geSnapshotCount' + ); return ( (res.aggregations?.counts?.value as Snapshot) ?? { diff --git a/x-pack/plugins/uptime/server/lib/requests/search/find_potential_matches.ts b/x-pack/plugins/uptime/server/lib/requests/search/find_potential_matches.ts index 179e9e809e59b99..d0d8e61d02181ab 100644 --- a/x-pack/plugins/uptime/server/lib/requests/search/find_potential_matches.ts +++ b/x-pack/plugins/uptime/server/lib/requests/search/find_potential_matches.ts @@ -40,7 +40,7 @@ const query = async (queryContext: QueryContext, searchAfter: any, size: number) body, }; - const response = await queryContext.search(params); + const response = await queryContext.search(params, 'getMonitorList-potentialMatches'); return response; }; diff --git a/x-pack/plugins/uptime/server/lib/requests/search/query_context.ts b/x-pack/plugins/uptime/server/lib/requests/search/query_context.ts index 0bc503093f13153..84c170363b1eef3 100644 --- a/x-pack/plugins/uptime/server/lib/requests/search/query_context.ts +++ b/x-pack/plugins/uptime/server/lib/requests/search/query_context.ts @@ -43,8 +43,8 @@ export class QueryContext { this.query = query; } - async search(params: TParams) { - return this.callES.search(params); + async search(params: TParams, operationName?: string) { + return this.callES.search(params, operationName); } async count(params: any): Promise { diff --git a/x-pack/plugins/uptime/server/lib/requests/search/refine_potential_matches.ts b/x-pack/plugins/uptime/server/lib/requests/search/refine_potential_matches.ts index 3ba2a90d0763568..f8357e80665739e 100644 --- a/x-pack/plugins/uptime/server/lib/requests/search/refine_potential_matches.ts +++ b/x-pack/plugins/uptime/server/lib/requests/search/refine_potential_matches.ts @@ -165,5 +165,5 @@ export const query = async ( }, }; - return await queryContext.search(params); + return await queryContext.search(params, 'getMonitorList-refinePotentialMatches'); }; diff --git a/x-pack/plugins/uptime/server/rest_api/index_state/get_index_status.ts b/x-pack/plugins/uptime/server/rest_api/index_state/get_index_status.ts index 29a7a06f1530a25..66f6d597344b6ba 100644 --- a/x-pack/plugins/uptime/server/rest_api/index_state/get_index_status.ts +++ b/x-pack/plugins/uptime/server/rest_api/index_state/get_index_status.ts @@ -5,7 +5,6 @@ * 2.0. */ -import { schema } from '@kbn/config-schema'; import { UMServerLibs } from '../../lib/lib'; import { UMRestApiRouteFactory } from '../types'; import { API_URLS } from '../../../common/constants'; @@ -13,11 +12,7 @@ import { API_URLS } from '../../../common/constants'; export const createGetIndexStatusRoute: UMRestApiRouteFactory = (libs: UMServerLibs) => ({ method: 'GET', path: API_URLS.INDEX_STATUS, - validate: { - query: schema.object({ - _inspect: schema.maybe(schema.boolean()), - }), - }, + validate: {}, handler: async ({ uptimeEsClient }): Promise => { return await libs.requests.getIndexStatus({ uptimeEsClient }); }, diff --git a/x-pack/plugins/uptime/server/rest_api/monitors/monitor_list.ts b/x-pack/plugins/uptime/server/rest_api/monitors/monitor_list.ts index 36bc5a80ef47a16..df8463786449ba1 100644 --- a/x-pack/plugins/uptime/server/rest_api/monitors/monitor_list.ts +++ b/x-pack/plugins/uptime/server/rest_api/monitors/monitor_list.ts @@ -21,7 +21,6 @@ export const createMonitorListRoute: UMRestApiRouteFactory = (libs) => ({ statusFilter: schema.maybe(schema.string()), query: schema.maybe(schema.string()), pageSize: schema.number(), - _inspect: schema.maybe(schema.boolean()), }), }, options: { diff --git a/x-pack/plugins/uptime/server/rest_api/monitors/monitor_locations.ts b/x-pack/plugins/uptime/server/rest_api/monitors/monitor_locations.ts index 77f265d0b81e873..de102f153d650d4 100644 --- a/x-pack/plugins/uptime/server/rest_api/monitors/monitor_locations.ts +++ b/x-pack/plugins/uptime/server/rest_api/monitors/monitor_locations.ts @@ -18,7 +18,6 @@ export const createGetMonitorLocationsRoute: UMRestApiRouteFactory = (libs: UMSe monitorId: schema.string(), dateStart: schema.string(), dateEnd: schema.string(), - _inspect: schema.maybe(schema.boolean()), }), }, handler: async ({ uptimeEsClient, request }): Promise => { diff --git a/x-pack/plugins/uptime/server/rest_api/monitors/monitor_status.ts b/x-pack/plugins/uptime/server/rest_api/monitors/monitor_status.ts index 94b50386ac2161a..ac5133fbb7b4e07 100644 --- a/x-pack/plugins/uptime/server/rest_api/monitors/monitor_status.ts +++ b/x-pack/plugins/uptime/server/rest_api/monitors/monitor_status.ts @@ -18,7 +18,6 @@ export const createGetStatusBarRoute: UMRestApiRouteFactory = (libs: UMServerLib monitorId: schema.string(), dateStart: schema.string(), dateEnd: schema.string(), - _inspect: schema.maybe(schema.boolean()), }), }, handler: async ({ uptimeEsClient, request }): Promise => { diff --git a/x-pack/plugins/uptime/server/rest_api/monitors/monitors_details.ts b/x-pack/plugins/uptime/server/rest_api/monitors/monitors_details.ts index 50712153a5fea54..64e9ed504e7cd7a 100644 --- a/x-pack/plugins/uptime/server/rest_api/monitors/monitors_details.ts +++ b/x-pack/plugins/uptime/server/rest_api/monitors/monitors_details.ts @@ -18,7 +18,6 @@ export const createGetMonitorDetailsRoute: UMRestApiRouteFactory = (libs: UMServ monitorId: schema.string(), dateStart: schema.maybe(schema.string()), dateEnd: schema.maybe(schema.string()), - _inspect: schema.maybe(schema.boolean()), }), }, handler: async ({ uptimeEsClient, context, request }): Promise => { diff --git a/x-pack/plugins/uptime/server/rest_api/monitors/monitors_durations.ts b/x-pack/plugins/uptime/server/rest_api/monitors/monitors_durations.ts index e94198ee4e0632e..8dd9fbb7adb0019 100644 --- a/x-pack/plugins/uptime/server/rest_api/monitors/monitors_durations.ts +++ b/x-pack/plugins/uptime/server/rest_api/monitors/monitors_durations.ts @@ -19,7 +19,6 @@ export const createGetMonitorDurationRoute: UMRestApiRouteFactory = (libs: UMSer monitorId: schema.string(), dateStart: schema.string(), dateEnd: schema.string(), - _inspect: schema.maybe(schema.boolean()), }), }, handler: async ({ uptimeEsClient, request }): Promise => { diff --git a/x-pack/plugins/uptime/server/rest_api/pings/get_ping_histogram.ts b/x-pack/plugins/uptime/server/rest_api/pings/get_ping_histogram.ts index db111390cfaf781..439975a0f521587 100644 --- a/x-pack/plugins/uptime/server/rest_api/pings/get_ping_histogram.ts +++ b/x-pack/plugins/uptime/server/rest_api/pings/get_ping_histogram.ts @@ -21,7 +21,6 @@ export const createGetPingHistogramRoute: UMRestApiRouteFactory = (libs: UMServe filters: schema.maybe(schema.string()), bucketSize: schema.maybe(schema.string()), query: schema.maybe(schema.string()), - _inspect: schema.maybe(schema.boolean()), }), }, handler: async ({ uptimeEsClient, request }): Promise => { diff --git a/x-pack/plugins/uptime/server/rest_api/pings/get_pings.ts b/x-pack/plugins/uptime/server/rest_api/pings/get_pings.ts index abb2c85f9ea0c7f..2be838c5e8658b2 100644 --- a/x-pack/plugins/uptime/server/rest_api/pings/get_pings.ts +++ b/x-pack/plugins/uptime/server/rest_api/pings/get_pings.ts @@ -24,7 +24,6 @@ export const createGetPingsRoute: UMRestApiRouteFactory = (libs: UMServerLibs) = size: schema.maybe(schema.number()), sort: schema.maybe(schema.string()), status: schema.maybe(schema.string()), - _inspect: schema.maybe(schema.boolean()), }), }, handler: async ({ uptimeEsClient, request, response }): Promise => { diff --git a/x-pack/plugins/uptime/server/rest_api/pings/journey_screenshot_blocks.ts b/x-pack/plugins/uptime/server/rest_api/pings/journey_screenshot_blocks.ts index 3127c34590ef5cb..4b06a13d29f4eec 100644 --- a/x-pack/plugins/uptime/server/rest_api/pings/journey_screenshot_blocks.ts +++ b/x-pack/plugins/uptime/server/rest_api/pings/journey_screenshot_blocks.ts @@ -22,9 +22,6 @@ export const createJourneyScreenshotBlocksRoute: UMRestApiRouteFactory = (libs: body: schema.object({ hashes: schema.arrayOf(schema.string()), }), - query: schema.object({ - _inspect: schema.maybe(schema.boolean()), - }), }, handler: async ({ request, response, uptimeEsClient }) => { const { hashes: blockIds } = request.body; diff --git a/x-pack/plugins/uptime/server/rest_api/pings/journey_screenshots.ts b/x-pack/plugins/uptime/server/rest_api/pings/journey_screenshots.ts index 5f0825279ecfaea..3e71051816d30f1 100644 --- a/x-pack/plugins/uptime/server/rest_api/pings/journey_screenshots.ts +++ b/x-pack/plugins/uptime/server/rest_api/pings/journey_screenshots.ts @@ -26,10 +26,6 @@ export const createJourneyScreenshotRoute: UMRestApiRouteFactory = (libs: UMServ params: schema.object({ checkGroup: schema.string(), stepIndex: schema.number(), - _inspect: schema.maybe(schema.boolean()), - }), - query: schema.object({ - _inspect: schema.maybe(schema.boolean()), }), }, handler: async ({ uptimeEsClient, request, response }) => { diff --git a/x-pack/plugins/uptime/server/rest_api/pings/journeys.ts b/x-pack/plugins/uptime/server/rest_api/pings/journeys.ts index 284feda2c662b64..7c3dcdfbe845c19 100644 --- a/x-pack/plugins/uptime/server/rest_api/pings/journeys.ts +++ b/x-pack/plugins/uptime/server/rest_api/pings/journeys.ts @@ -22,7 +22,6 @@ export const createJourneyRoute: UMRestApiRouteFactory = (libs: UMServerLibs) => syntheticEventTypes: schema.maybe( schema.oneOf([schema.arrayOf(schema.string()), schema.string()]) ), - _inspect: schema.maybe(schema.boolean()), }), }, handler: async ({ uptimeEsClient, request, response }): Promise => { @@ -59,7 +58,6 @@ export const createJourneyFailedStepsRoute: UMRestApiRouteFactory = (libs: UMSer validate: { query: schema.object({ checkGroups: schema.arrayOf(schema.string()), - _inspect: schema.maybe(schema.boolean()), }), }, handler: async ({ uptimeEsClient, request, response }): Promise => { diff --git a/x-pack/plugins/uptime/server/rest_api/snapshot/get_snapshot_count.ts b/x-pack/plugins/uptime/server/rest_api/snapshot/get_snapshot_count.ts index 67b106fdf681401..2fae13db7fa0dfa 100644 --- a/x-pack/plugins/uptime/server/rest_api/snapshot/get_snapshot_count.ts +++ b/x-pack/plugins/uptime/server/rest_api/snapshot/get_snapshot_count.ts @@ -19,7 +19,6 @@ export const createGetSnapshotCount: UMRestApiRouteFactory = (libs: UMServerLibs dateRangeEnd: schema.string(), filters: schema.maybe(schema.string()), query: schema.maybe(schema.string()), - _inspect: schema.maybe(schema.boolean()), }), }, handler: async ({ uptimeEsClient, request }): Promise => { diff --git a/x-pack/plugins/uptime/server/rest_api/synthetics/last_successful_step.ts b/x-pack/plugins/uptime/server/rest_api/synthetics/last_successful_step.ts index cb90de50e251087..5d1407a8679c8f7 100644 --- a/x-pack/plugins/uptime/server/rest_api/synthetics/last_successful_step.ts +++ b/x-pack/plugins/uptime/server/rest_api/synthetics/last_successful_step.ts @@ -22,7 +22,6 @@ export const createLastSuccessfulStepRoute: UMRestApiRouteFactory = (libs: UMSer monitorId: schema.string(), stepIndex: schema.number(), timestamp: schema.string(), - _inspect: schema.maybe(schema.boolean()), }), }, handler: async ({ uptimeEsClient, request, response }) => { diff --git a/x-pack/plugins/uptime/server/rest_api/telemetry/log_page_view.ts b/x-pack/plugins/uptime/server/rest_api/telemetry/log_page_view.ts index 088cf494efbf73f..ec7de05dd2cf1f5 100644 --- a/x-pack/plugins/uptime/server/rest_api/telemetry/log_page_view.ts +++ b/x-pack/plugins/uptime/server/rest_api/telemetry/log_page_view.ts @@ -22,7 +22,6 @@ export const createLogPageViewRoute: UMRestApiRouteFactory = () => ({ autoRefreshEnabled: schema.boolean(), autorefreshInterval: schema.number(), refreshTelemetryHistory: schema.maybe(schema.boolean()), - _inspect: schema.maybe(schema.boolean()), }), }, handler: async ({ savedObjectsClient, uptimeEsClient, request }): Promise => { diff --git a/x-pack/plugins/uptime/server/rest_api/uptime_route_wrapper.ts b/x-pack/plugins/uptime/server/rest_api/uptime_route_wrapper.ts index 24e501a1bddb83b..ddde993cc9c7051 100644 --- a/x-pack/plugins/uptime/server/rest_api/uptime_route_wrapper.ts +++ b/x-pack/plugins/uptime/server/rest_api/uptime_route_wrapper.ts @@ -6,10 +6,11 @@ */ import { UMKibanaRouteWrapper } from './types'; -import { createUptimeESClient } from '../lib/lib'; +import { createUptimeESClient, inspectableEsQueriesMap } from '../lib/lib'; // eslint-disable-next-line @kbn/eslint/no-restricted-paths import { KibanaResponse } from '../../../../../src/core/server/http/router'; +import { enableInspectEsQueries } from '../../../observability/common'; export const uptimeRouteWrapper: UMKibanaRouteWrapper = (uptimeRoute) => ({ ...uptimeRoute, @@ -20,11 +21,18 @@ export const uptimeRouteWrapper: UMKibanaRouteWrapper = (uptimeRoute) => ({ const { client: esClient } = context.core.elasticsearch; const { client: savedObjectsClient } = context.core.savedObjects; + const isInspectorEnabled = await context.core.uiSettings.client.get( + enableInspectEsQueries + ); + const uptimeEsClient = createUptimeESClient({ request, savedObjectsClient, esClient: esClient.asCurrentUser, }); + if (isInspectorEnabled) { + inspectableEsQueriesMap.set(request, []); + } const res = await uptimeRoute.handler({ uptimeEsClient, @@ -41,6 +49,7 @@ export const uptimeRouteWrapper: UMKibanaRouteWrapper = (uptimeRoute) => ({ return response.ok({ body: { ...res, + ...(isInspectorEnabled ? { _inspect: inspectableEsQueriesMap.get(request) } : {}), }, }); }, From 27c7c6fd82f804e1f5c130a4033844fd58bd4673 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alejandro=20Fern=C3=A1ndez=20G=C3=B3mez?= Date: Mon, 18 Oct 2021 12:19:57 +0200 Subject: [PATCH 16/50] [RAC] Link inventory alerts to the right inventory view (#113553) Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../infra/common/alerting/metrics/types.ts | 25 ++++++++++ .../inventory/rule_data_formatters.ts | 37 ++++++++++++++- .../public/pages/link_to/link_to_metrics.tsx | 2 + .../pages/link_to/redirect_to_inventory.tsx | 47 +++++++++++++++++++ .../inventory_metric_threshold_executor.ts | 19 ++------ ...r_inventory_metric_threshold_alert_type.ts | 26 +++++++--- .../inventory_metric_threshold/types.ts | 4 +- 7 files changed, 135 insertions(+), 25 deletions(-) create mode 100644 x-pack/plugins/infra/public/pages/link_to/redirect_to_inventory.tsx diff --git a/x-pack/plugins/infra/common/alerting/metrics/types.ts b/x-pack/plugins/infra/common/alerting/metrics/types.ts index 2e8ad1de3413cf9..9e8935ddb996881 100644 --- a/x-pack/plugins/infra/common/alerting/metrics/types.ts +++ b/x-pack/plugins/infra/common/alerting/metrics/types.ts @@ -5,7 +5,10 @@ * 2.0. */ import * as rt from 'io-ts'; +import { Unit } from '@elastic/datemath'; import { ANOMALY_THRESHOLD } from '../../infra_ml'; +import { InventoryItemType, SnapshotMetricType } from '../../inventory_models/types'; +import { SnapshotCustomMetricInput } from '../../http_api'; // TODO: Have threshold and inventory alerts import these types from this file instead of from their // local directories @@ -54,3 +57,25 @@ export interface MetricAnomalyParams { threshold: Exclude; influencerFilter: rt.TypeOf | undefined; } + +// Types for the executor + +export interface InventoryMetricConditions { + metric: SnapshotMetricType; + timeSize: number; + timeUnit: Unit; + sourceId?: string; + threshold: number[]; + comparator: Comparator; + customMetric?: SnapshotCustomMetricInput; + warningThreshold?: number[]; + warningComparator?: Comparator; +} + +export interface InventoryMetricThresholdParams { + criteria: InventoryMetricConditions[]; + filterQuery?: string; + nodeType: InventoryItemType; + sourceId?: string; + alertOnNoData?: boolean; +} diff --git a/x-pack/plugins/infra/public/alerting/inventory/rule_data_formatters.ts b/x-pack/plugins/infra/public/alerting/inventory/rule_data_formatters.ts index 30e0de940219107..ee27f1ff099253a 100644 --- a/x-pack/plugins/infra/public/alerting/inventory/rule_data_formatters.ts +++ b/x-pack/plugins/infra/public/alerting/inventory/rule_data_formatters.ts @@ -5,15 +5,48 @@ * 2.0. */ -import { ALERT_REASON } from '@kbn/rule-data-utils'; +import { ALERT_REASON, ALERT_RULE_PARAMS, TIMESTAMP } from '@kbn/rule-data-utils'; +import { encode } from 'rison-node'; +import { stringify } from 'query-string'; import { ObservabilityRuleTypeFormatter } from '../../../../observability/public'; +import { InventoryMetricThresholdParams } from '../../../common/alerting/metrics'; export const formatReason: ObservabilityRuleTypeFormatter = ({ fields }) => { const reason = fields[ALERT_REASON] ?? '-'; - const link = '/app/metrics/inventory'; // TODO https://github.com/elastic/kibana/issues/106497 + const ruleParams = parseRuleParams(fields[ALERT_RULE_PARAMS]); + + let link = '/app/metrics/link-to/inventory?'; + + if (ruleParams) { + const linkToParams: Record = { + nodeType: ruleParams.nodeType, + timestamp: Date.parse(fields[TIMESTAMP]), + customMetric: '', + }; + + // We always pick the first criteria metric for the URL + const criteria = ruleParams.criteria[0]; + if (criteria.customMetric && criteria.customMetric.id !== 'alert-custom-metric') { + const customMetric = encode(criteria.customMetric); + linkToParams.customMetric = customMetric; + linkToParams.metric = customMetric; + } else { + linkToParams.metric = encode({ type: criteria.metric }); + } + + link += stringify(linkToParams); + } return { reason, link, }; }; + +function parseRuleParams(params?: string): InventoryMetricThresholdParams | undefined { + try { + return typeof params === 'string' ? JSON.parse(params) : undefined; + } catch (_) { + return; + } +} diff --git a/x-pack/plugins/infra/public/pages/link_to/link_to_metrics.tsx b/x-pack/plugins/infra/public/pages/link_to/link_to_metrics.tsx index 8304e1cdb7262be..05a099441b699c4 100644 --- a/x-pack/plugins/infra/public/pages/link_to/link_to_metrics.tsx +++ b/x-pack/plugins/infra/public/pages/link_to/link_to_metrics.tsx @@ -10,6 +10,7 @@ import { match as RouteMatch, Redirect, Route, Switch } from 'react-router-dom'; import { RedirectToNodeDetail } from './redirect_to_node_detail'; import { RedirectToHostDetailViaIP } from './redirect_to_host_detail_via_ip'; +import { RedirectToInventory } from './redirect_to_inventory'; import { inventoryModels } from '../../../common/inventory_models'; interface LinkToPageProps { @@ -29,6 +30,7 @@ export const LinkToMetricsPage: React.FC = (props) => { path={`${props.match.url}/host-detail-via-ip/:hostIp`} component={RedirectToHostDetailViaIP} /> + ); diff --git a/x-pack/plugins/infra/public/pages/link_to/redirect_to_inventory.tsx b/x-pack/plugins/infra/public/pages/link_to/redirect_to_inventory.tsx new file mode 100644 index 000000000000000..37ddbacf72488d8 --- /dev/null +++ b/x-pack/plugins/infra/public/pages/link_to/redirect_to_inventory.tsx @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { parse } from 'query-string'; +import { Redirect, RouteComponentProps } from 'react-router-dom'; + +// FIXME what would be the right way to build this query string? +const QUERY_STRING_TEMPLATE = + "?waffleFilter=(expression:'',kind:kuery)&waffleTime=(currentTime:{timestamp},isAutoReloading:!f)&waffleOptions=(accountId:'',autoBounds:!t,boundsOverride:(max:1,min:0),customMetrics:!({customMetric}),customOptions:!(),groupBy:!(),legend:(palette:cool,reverseColors:!f,steps:10),metric:{metric},nodeType:{nodeType},region:'',sort:(by:name,direction:desc),timelineOpen:!f,view:map)"; + +export const RedirectToInventory: React.FC = ({ location }) => { + const parsedQueryString = parseQueryString(location.search); + + const inventoryQueryString = QUERY_STRING_TEMPLATE.replace( + /{(\w+)}/g, + (_, key) => parsedQueryString[key] || '' + ); + + return ; +}; + +function parseQueryString(search: string): Record { + if (search.length === 0) { + return {}; + } + + const obj = parse(search.substring(1)); + + // Force all values into string. If they are empty don't create the keys + for (const key in obj) { + if (Object.hasOwnProperty.call(obj, key)) { + if (!obj[key]) { + delete obj[key]; + } + if (Array.isArray(obj.key)) { + obj[key] = obj[key]![0]; + } + } + } + + return obj as Record; +} diff --git a/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/inventory_metric_threshold_executor.ts b/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/inventory_metric_threshold_executor.ts index 72d9ea9e39defb3..5cd093c6f1472de 100644 --- a/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/inventory_metric_threshold_executor.ts +++ b/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/inventory_metric_threshold_executor.ts @@ -11,7 +11,7 @@ import { ALERT_REASON, ALERT_RULE_PARAMS } from '@kbn/rule-data-utils'; import moment from 'moment'; import { getCustomMetricLabel } from '../../../../common/formatters/get_custom_metric_label'; import { toMetricOpt } from '../../../../common/snapshot_metric_i18n'; -import { AlertStates, InventoryMetricConditions } from './types'; +import { AlertStates } from './types'; import { ActionGroupIdsOf, ActionGroup, @@ -20,10 +20,11 @@ import { RecoveredActionGroup, } from '../../../../../alerting/common'; import { AlertInstance, AlertTypeState } from '../../../../../alerting/server'; -import { InventoryItemType, SnapshotMetricType } from '../../../../common/inventory_models/types'; +import { SnapshotMetricType } from '../../../../common/inventory_models/types'; import { InfraBackendLibs } from '../../infra_types'; import { METRIC_FORMATTERS } from '../../../../common/formatters/snapshot_metric_formats'; import { createFormatter } from '../../../../common/formatters'; +import { InventoryMetricThresholdParams } from '../../../../common/alerting/metrics'; import { buildErrorAlertReason, buildFiredAlertReason, @@ -33,19 +34,10 @@ import { } from '../common/messages'; import { evaluateCondition } from './evaluate_condition'; -interface InventoryMetricThresholdParams { - criteria: InventoryMetricConditions[]; - filterQuery: string | undefined; - nodeType: InventoryItemType; - sourceId?: string; - alertOnNoData?: boolean; -} - type InventoryMetricThresholdAllowedActionGroups = ActionGroupIdsOf< typeof FIRED_ACTIONS | typeof WARNING_ACTIONS >; -export type InventoryMetricThresholdAlertTypeParams = Record; export type InventoryMetricThresholdAlertTypeState = AlertTypeState; // no specific state used export type InventoryMetricThresholdAlertInstanceState = AlertInstanceState; // no specific state used export type InventoryMetricThresholdAlertInstanceContext = AlertInstanceContext; // no specific instance context used @@ -64,14 +56,13 @@ type InventoryMetricThresholdAlertInstanceFactory = ( export const createInventoryMetricThresholdExecutor = (libs: InfraBackendLibs) => libs.metricsRules.createLifecycleRuleExecutor< - InventoryMetricThresholdAlertTypeParams, + InventoryMetricThresholdParams & Record, InventoryMetricThresholdAlertTypeState, InventoryMetricThresholdAlertInstanceState, InventoryMetricThresholdAlertInstanceContext, InventoryMetricThresholdAllowedActionGroups >(async ({ services, params }) => { - const { criteria, filterQuery, sourceId, nodeType, alertOnNoData } = - params as InventoryMetricThresholdParams; + const { criteria, filterQuery, sourceId, nodeType, alertOnNoData } = params; if (criteria.length === 0) throw new Error('Cannot execute an alert with 0 conditions'); const { alertWithLifecycle, savedObjectsClient } = services; const alertInstanceFactory: InventoryMetricThresholdAlertInstanceFactory = (id, reason) => diff --git a/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/register_inventory_metric_threshold_alert_type.ts b/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/register_inventory_metric_threshold_alert_type.ts index 5d516f3591419ac..77c85967e64f676 100644 --- a/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/register_inventory_metric_threshold_alert_type.ts +++ b/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/register_inventory_metric_threshold_alert_type.ts @@ -5,7 +5,8 @@ * 2.0. */ -import { schema } from '@kbn/config-schema'; +import { schema, Type } from '@kbn/config-schema'; +import { Unit } from '@elastic/datemath'; import { i18n } from '@kbn/i18n'; import { PluginSetupContract } from '../../../../../alerting/server'; import { @@ -26,21 +27,32 @@ import { metricActionVariableDescription, thresholdActionVariableDescription, } from '../common/messages'; +import { + SnapshotMetricTypeKeys, + SnapshotMetricType, + InventoryItemType, +} from '../../../../common/inventory_models/types'; +import { + SNAPSHOT_CUSTOM_AGGREGATIONS, + SnapshotCustomAggregation, +} from '../../../../common/http_api/snapshot_api'; const condition = schema.object({ threshold: schema.arrayOf(schema.number()), - comparator: oneOfLiterals(Object.values(Comparator)), - timeUnit: schema.string(), + comparator: oneOfLiterals(Object.values(Comparator)) as Type, + timeUnit: schema.string() as Type, timeSize: schema.number(), - metric: schema.string(), + metric: oneOfLiterals(Object.keys(SnapshotMetricTypeKeys)) as Type, warningThreshold: schema.maybe(schema.arrayOf(schema.number())), - warningComparator: schema.maybe(oneOfLiterals(Object.values(Comparator))), + warningComparator: schema.maybe(oneOfLiterals(Object.values(Comparator))) as Type< + Comparator | undefined + >, customMetric: schema.maybe( schema.object({ type: schema.literal('custom'), id: schema.string(), field: schema.string(), - aggregation: schema.string(), + aggregation: oneOfLiterals(SNAPSHOT_CUSTOM_AGGREGATIONS) as Type, label: schema.maybe(schema.string()), }) ), @@ -59,7 +71,7 @@ export async function registerMetricInventoryThresholdAlertType( params: schema.object( { criteria: schema.arrayOf(condition), - nodeType: schema.string(), + nodeType: schema.string() as Type, filterQuery: schema.maybe( schema.string({ validate: validateIsStringElasticsearchJSONFilter }) ), diff --git a/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/types.ts b/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/types.ts index 120fa47c079ab71..829f34d42ee0395 100644 --- a/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/types.ts +++ b/x-pack/plugins/infra/server/lib/alerting/inventory_metric_threshold/types.ts @@ -8,9 +8,9 @@ import { Unit } from '@elastic/datemath'; import { SnapshotCustomMetricInput } from '../../../../common/http_api/snapshot_api'; import { SnapshotMetricType } from '../../../../common/inventory_models/types'; -import { Comparator, AlertStates } from '../common/types'; +import { Comparator, AlertStates, Aggregators } from '../common/types'; -export { Comparator, AlertStates }; +export { Comparator, AlertStates, Aggregators }; export const METRIC_INVENTORY_THRESHOLD_ALERT_TYPE_ID = 'metrics.alert.inventory.threshold'; From c6be6c019c8e0dec92d951f9f28755490285e207 Mon Sep 17 00:00:00 2001 From: Anton Dosov Date: Mon, 18 Oct 2021 13:20:44 +0200 Subject: [PATCH 17/50] [kibanaUtils] Don't import full `semver` client side (#114986) --- .eslintrc.js | 165 ++++++++++-------- packages/kbn-optimizer/limits.yml | 4 +- .../common/saved_dashboard_references.ts | 4 +- .../persistable_state/migrate_to_latest.ts | 2 +- .../agent_enrollment_flyout/steps.tsx | 8 +- .../helpers/setup_environment.tsx | 2 +- .../public/application/app_context.tsx | 2 +- .../helpers/setup_environment.tsx | 2 +- .../fields/edit_field/edit_field.tsx | 2 +- .../fields/field_types/boolean_type.tsx | 2 +- .../fields/field_types/date_type.tsx | 2 +- .../fields/field_types/flattened_type.tsx | 2 +- .../fields/field_types/index.ts | 2 +- .../fields/field_types/ip_type.tsx | 2 +- .../fields/field_types/keyword_type.tsx | 2 +- .../fields/field_types/numeric_type.tsx | 2 +- .../fields/field_types/range_type.tsx | 2 +- .../fields/field_types/text_type.tsx | 2 +- .../fields/field_types/token_count_type.tsx | 2 +- .../public/application/index.tsx | 2 +- .../public/application/lib/indices.ts | 2 +- .../application/mount_management_section.ts | 2 +- .../store/selectors/indices_filter.test.ts | 2 +- .../plugins/index_management/public/plugin.ts | 2 +- ...managed_policy_create_import_extension.tsx | 2 +- 25 files changed, 119 insertions(+), 104 deletions(-) diff --git a/.eslintrc.js b/.eslintrc.js index 98ce9bb4bad967b..60f3ae1528fbcc9 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -156,6 +156,78 @@ const DEV_PATTERNS = [ 'x-pack/plugins/*/server/scripts/**/*', ]; +/** Restricted imports with suggested alternatives */ +const RESTRICTED_IMPORTS = [ + { + name: 'lodash', + importNames: ['set', 'setWith'], + message: 'Please use @elastic/safer-lodash-set instead', + }, + { + name: 'lodash.set', + message: 'Please use @elastic/safer-lodash-set instead', + }, + { + name: 'lodash.setwith', + message: 'Please use @elastic/safer-lodash-set instead', + }, + { + name: 'lodash/set', + message: 'Please use @elastic/safer-lodash-set instead', + }, + { + name: 'lodash/setWith', + message: 'Please use @elastic/safer-lodash-set instead', + }, + { + name: 'lodash/fp', + importNames: ['set', 'setWith', 'assoc', 'assocPath'], + message: 'Please use @elastic/safer-lodash-set instead', + }, + { + name: 'lodash/fp/set', + message: 'Please use @elastic/safer-lodash-set instead', + }, + { + name: 'lodash/fp/setWith', + message: 'Please use @elastic/safer-lodash-set instead', + }, + { + name: 'lodash/fp/assoc', + message: 'Please use @elastic/safer-lodash-set instead', + }, + { + name: 'lodash/fp/assocPath', + message: 'Please use @elastic/safer-lodash-set instead', + }, + { + name: 'lodash', + importNames: ['template'], + message: 'lodash.template is unsafe, and not compatible with our content security policy.', + }, + { + name: 'lodash.template', + message: 'lodash.template is unsafe, and not compatible with our content security policy.', + }, + { + name: 'lodash/template', + message: 'lodash.template is unsafe, and not compatible with our content security policy.', + }, + { + name: 'lodash/fp', + importNames: ['template'], + message: 'lodash.template is unsafe, and not compatible with our content security policy.', + }, + { + name: 'lodash/fp/template', + message: 'lodash.template is unsafe, and not compatible with our content security policy.', + }, + { + name: 'react-use', + message: 'Please use react-use/lib/{method} instead.', + }, +]; + module.exports = { root: true, @@ -668,81 +740,7 @@ module.exports = { 'no-restricted-imports': [ 2, { - paths: [ - { - name: 'lodash', - importNames: ['set', 'setWith'], - message: 'Please use @elastic/safer-lodash-set instead', - }, - { - name: 'lodash.set', - message: 'Please use @elastic/safer-lodash-set instead', - }, - { - name: 'lodash.setwith', - message: 'Please use @elastic/safer-lodash-set instead', - }, - { - name: 'lodash/set', - message: 'Please use @elastic/safer-lodash-set instead', - }, - { - name: 'lodash/setWith', - message: 'Please use @elastic/safer-lodash-set instead', - }, - { - name: 'lodash/fp', - importNames: ['set', 'setWith', 'assoc', 'assocPath'], - message: 'Please use @elastic/safer-lodash-set instead', - }, - { - name: 'lodash/fp/set', - message: 'Please use @elastic/safer-lodash-set instead', - }, - { - name: 'lodash/fp/setWith', - message: 'Please use @elastic/safer-lodash-set instead', - }, - { - name: 'lodash/fp/assoc', - message: 'Please use @elastic/safer-lodash-set instead', - }, - { - name: 'lodash/fp/assocPath', - message: 'Please use @elastic/safer-lodash-set instead', - }, - { - name: 'lodash', - importNames: ['template'], - message: - 'lodash.template is unsafe, and not compatible with our content security policy.', - }, - { - name: 'lodash.template', - message: - 'lodash.template is unsafe, and not compatible with our content security policy.', - }, - { - name: 'lodash/template', - message: - 'lodash.template is unsafe, and not compatible with our content security policy.', - }, - { - name: 'lodash/fp', - importNames: ['template'], - message: - 'lodash.template is unsafe, and not compatible with our content security policy.', - }, - { - name: 'lodash/fp/template', - message: - 'lodash.template is unsafe, and not compatible with our content security policy.', - }, - { - name: 'react-use', - message: 'Please use react-use/lib/{method} instead.', - }, - ], + paths: RESTRICTED_IMPORTS, }, ], 'no-restricted-modules': [ @@ -835,6 +833,23 @@ module.exports = { ], }, }, + { + files: ['**/common/**/*.{js,mjs,ts,tsx}', '**/public/**/*.{js,mjs,ts,tsx}'], + rules: { + 'no-restricted-imports': [ + 2, + { + paths: [ + ...RESTRICTED_IMPORTS, + { + name: 'semver', + message: 'Please use "semver/*/{function}" instead', + }, + ], + }, + ], + }, + }, /** * APM and Observability overrides diff --git a/packages/kbn-optimizer/limits.yml b/packages/kbn-optimizer/limits.yml index acce34d2673e160..d1491ba63e6e608 100644 --- a/packages/kbn-optimizer/limits.yml +++ b/packages/kbn-optimizer/limits.yml @@ -8,7 +8,7 @@ pageLoadAssetSize: console: 46091 core: 435325 crossClusterReplication: 65408 - dashboard: 374194 + dashboard: 186763 dashboardEnhanced: 65646 devTools: 38637 discover: 99999 @@ -99,7 +99,7 @@ pageLoadAssetSize: expressionMetricVis: 23121 visTypeMetric: 23332 bfetch: 22837 - kibanaUtils: 97808 + kibanaUtils: 79713 data: 491273 dataViews: 41532 expressions: 140958 diff --git a/src/plugins/dashboard/common/saved_dashboard_references.ts b/src/plugins/dashboard/common/saved_dashboard_references.ts index 95c141b5d4e7b89..4b3a379068c4875 100644 --- a/src/plugins/dashboard/common/saved_dashboard_references.ts +++ b/src/plugins/dashboard/common/saved_dashboard_references.ts @@ -5,7 +5,7 @@ * in compliance with, at your election, the Elastic License 2.0 or the Server * Side Public License, v 1. */ -import Semver from 'semver'; +import semverGt from 'semver/functions/gt'; import { SavedObjectAttributes, SavedObjectReference } from '../../../core/types'; import { DashboardContainerStateWithType, DashboardPanelState } from './types'; import { EmbeddablePersistableStateService } from '../../embeddable/common/types'; @@ -23,7 +23,7 @@ export interface SavedObjectAttributesAndReferences { } const isPre730Panel = (panel: Record): boolean => { - return 'version' in panel ? Semver.gt('7.3.0', panel.version) : true; + return 'version' in panel ? semverGt('7.3.0', panel.version) : true; }; function dashboardAttributesToState(attributes: SavedObjectAttributes): { diff --git a/src/plugins/kibana_utils/common/persistable_state/migrate_to_latest.ts b/src/plugins/kibana_utils/common/persistable_state/migrate_to_latest.ts index 9481e333819bd53..98d1f6da2918f47 100644 --- a/src/plugins/kibana_utils/common/persistable_state/migrate_to_latest.ts +++ b/src/plugins/kibana_utils/common/persistable_state/migrate_to_latest.ts @@ -6,7 +6,7 @@ * Side Public License, v 1. */ -import { compare } from 'semver'; +import compare from 'semver/functions/compare'; import { SerializableRecord } from '@kbn/utility-types'; import { VersionedState, MigrateFunctionsObject } from './types'; diff --git a/x-pack/plugins/fleet/public/components/agent_enrollment_flyout/steps.tsx b/x-pack/plugins/fleet/public/components/agent_enrollment_flyout/steps.tsx index 42746229e5acea3..03b0cc52c53f8f0 100644 --- a/x-pack/plugins/fleet/public/components/agent_enrollment_flyout/steps.tsx +++ b/x-pack/plugins/fleet/public/components/agent_enrollment_flyout/steps.tsx @@ -9,7 +9,9 @@ import React, { useCallback, useMemo } from 'react'; import { EuiText, EuiButton, EuiSpacer } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; import { i18n } from '@kbn/i18n'; -import semver from 'semver'; +import semverMajor from 'semver/functions/major'; +import semverMinor from 'semver/functions/minor'; +import semverPatch from 'semver/functions/patch'; import type { AgentPolicy } from '../../types'; import { useKibanaVersion } from '../../hooks'; @@ -21,9 +23,7 @@ export const DownloadStep = () => { const kibanaVersion = useKibanaVersion(); const kibanaVersionURLString = useMemo( () => - `${semver.major(kibanaVersion)}-${semver.minor(kibanaVersion)}-${semver.patch( - kibanaVersion - )}`, + `${semverMajor(kibanaVersion)}-${semverMinor(kibanaVersion)}-${semverPatch(kibanaVersion)}`, [kibanaVersion] ); return { diff --git a/x-pack/plugins/index_management/__jest__/client_integration/helpers/setup_environment.tsx b/x-pack/plugins/index_management/__jest__/client_integration/helpers/setup_environment.tsx index 9f8199215df5b9e..1682431900a84f1 100644 --- a/x-pack/plugins/index_management/__jest__/client_integration/helpers/setup_environment.tsx +++ b/x-pack/plugins/index_management/__jest__/client_integration/helpers/setup_environment.tsx @@ -9,7 +9,7 @@ import React from 'react'; import axios from 'axios'; import axiosXhrAdapter from 'axios/lib/adapters/xhr'; import { merge } from 'lodash'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { notificationServiceMock, diff --git a/x-pack/plugins/index_management/public/application/app_context.tsx b/x-pack/plugins/index_management/public/application/app_context.tsx index f562ab9d15a8b95..5cd0864a4df2105 100644 --- a/x-pack/plugins/index_management/public/application/app_context.tsx +++ b/x-pack/plugins/index_management/public/application/app_context.tsx @@ -7,7 +7,7 @@ import React, { createContext, useContext } from 'react'; import { ScopedHistory } from 'kibana/public'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { ManagementAppMountParams } from 'src/plugins/management/public'; import { UsageCollectionSetup } from 'src/plugins/usage_collection/public'; diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/__jest__/client_integration/helpers/setup_environment.tsx b/x-pack/plugins/index_management/public/application/components/mappings_editor/__jest__/client_integration/helpers/setup_environment.tsx index 5e3ae3c1544aef2..d80712dfa0fea5b 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/__jest__/client_integration/helpers/setup_environment.tsx +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/__jest__/client_integration/helpers/setup_environment.tsx @@ -6,7 +6,7 @@ */ import React from 'react'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; /* eslint-disable-next-line @kbn/eslint/no-restricted-paths */ import '../../../../../../../../../../src/plugins/es_ui_shared/public/components/code_editor/jest_mock'; diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/edit_field/edit_field.tsx b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/edit_field/edit_field.tsx index a751dc3fa72a503..aa6a5e7981cbc8e 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/edit_field/edit_field.tsx +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/edit_field/edit_field.tsx @@ -19,7 +19,7 @@ import { EuiSpacer, EuiCallOut, } from '@elastic/eui'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { documentationService } from '../../../../../../services/documentation'; import { Form, FormHook, FormDataProvider } from '../../../../shared_imports'; diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/boolean_type.tsx b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/boolean_type.tsx index ad7f7e6d93c412c..0ec89de1daf19c0 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/boolean_type.tsx +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/boolean_type.tsx @@ -6,7 +6,7 @@ */ import React from 'react'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { i18n } from '@kbn/i18n'; diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/date_type.tsx b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/date_type.tsx index ea71e7fcce5d27b..db68b14e62ee855 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/date_type.tsx +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/date_type.tsx @@ -6,7 +6,7 @@ */ import React from 'react'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { i18n } from '@kbn/i18n'; import { NormalizedField, Field as FieldType } from '../../../../types'; diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/flattened_type.tsx b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/flattened_type.tsx index 0f58c75ca9cb7e8..aadc64392db5140 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/flattened_type.tsx +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/flattened_type.tsx @@ -7,7 +7,7 @@ import React from 'react'; import { i18n } from '@kbn/i18n'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { NormalizedField, Field as FieldType } from '../../../../types'; import { UseField, Field } from '../../../../shared_imports'; diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/index.ts b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/index.ts index f62a19e55a8352e..9f1bb05a5b64675 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/index.ts +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/index.ts @@ -6,7 +6,7 @@ */ import { ComponentType } from 'react'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { MainType, SubType, DataType, NormalizedField, NormalizedFields } from '../../../../types'; diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/ip_type.tsx b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/ip_type.tsx index 3ea56805829d517..82ca1cd02d2e17c 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/ip_type.tsx +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/ip_type.tsx @@ -6,7 +6,7 @@ */ import React from 'react'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { NormalizedField, Field as FieldType } from '../../../../types'; import { getFieldConfig } from '../../../../lib'; diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/keyword_type.tsx b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/keyword_type.tsx index 9d820c1b07636e2..543a2d3520b72a8 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/keyword_type.tsx +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/keyword_type.tsx @@ -6,7 +6,7 @@ */ import React from 'react'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { i18n } from '@kbn/i18n'; import { documentationService } from '../../../../../../services/documentation'; diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/numeric_type.tsx b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/numeric_type.tsx index 7035a730f15f4bc..764db2744f43f21 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/numeric_type.tsx +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/numeric_type.tsx @@ -7,7 +7,7 @@ import React from 'react'; import { i18n } from '@kbn/i18n'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { NormalizedField, Field as FieldType, ComboBoxOption } from '../../../../types'; import { getFieldConfig } from '../../../../lib'; diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/range_type.tsx b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/range_type.tsx index 9b8dae490d8192c..b9fb4950c9a19c2 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/range_type.tsx +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/range_type.tsx @@ -6,7 +6,7 @@ */ import React from 'react'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { NormalizedField, diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/text_type.tsx b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/text_type.tsx index 6857e20dc1ec408..329c896e5252880 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/text_type.tsx +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/text_type.tsx @@ -8,7 +8,7 @@ import React from 'react'; import { EuiSpacer, EuiDualRange, EuiFormRow, EuiCallOut } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { documentationService } from '../../../../../../services/documentation'; import { NormalizedField, Field as FieldType } from '../../../../types'; diff --git a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/token_count_type.tsx b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/token_count_type.tsx index 3c0e8a28f309048..cc7816d55cec931 100644 --- a/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/token_count_type.tsx +++ b/x-pack/plugins/index_management/public/application/components/mappings_editor/components/document_fields/fields/field_types/token_count_type.tsx @@ -6,7 +6,7 @@ */ import React from 'react'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { i18n } from '@kbn/i18n'; import { documentationService } from '../../../../../../services/documentation'; diff --git a/x-pack/plugins/index_management/public/application/index.tsx b/x-pack/plugins/index_management/public/application/index.tsx index fc64dad0ae7baa0..b7a4bd21351473d 100644 --- a/x-pack/plugins/index_management/public/application/index.tsx +++ b/x-pack/plugins/index_management/public/application/index.tsx @@ -8,7 +8,7 @@ import React from 'react'; import { Provider } from 'react-redux'; import { render, unmountComponentAtNode } from 'react-dom'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { CoreStart, CoreSetup } from '../../../../../src/core/public'; diff --git a/x-pack/plugins/index_management/public/application/lib/indices.ts b/x-pack/plugins/index_management/public/application/lib/indices.ts index fc93aa6f5444894..6d4bbc992a21c55 100644 --- a/x-pack/plugins/index_management/public/application/lib/indices.ts +++ b/x-pack/plugins/index_management/public/application/lib/indices.ts @@ -4,7 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { MAJOR_VERSION } from '../../../common'; import { Index } from '../../../common'; diff --git a/x-pack/plugins/index_management/public/application/mount_management_section.ts b/x-pack/plugins/index_management/public/application/mount_management_section.ts index 71e0f8036543031..48508695bfc98cb 100644 --- a/x-pack/plugins/index_management/public/application/mount_management_section.ts +++ b/x-pack/plugins/index_management/public/application/mount_management_section.ts @@ -6,7 +6,7 @@ */ import { i18n } from '@kbn/i18n'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { CoreSetup } from 'src/core/public'; import { ManagementAppMountParams } from 'src/plugins/management/public'; import { UsageCollectionSetup } from 'src/plugins/usage_collection/public'; diff --git a/x-pack/plugins/index_management/public/application/store/selectors/indices_filter.test.ts b/x-pack/plugins/index_management/public/application/store/selectors/indices_filter.test.ts index b32f2736a96840b..bdb531e41abb222 100644 --- a/x-pack/plugins/index_management/public/application/store/selectors/indices_filter.test.ts +++ b/x-pack/plugins/index_management/public/application/store/selectors/indices_filter.test.ts @@ -4,7 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { MAJOR_VERSION } from '../../../../common'; import { ExtensionsService } from '../../../services'; diff --git a/x-pack/plugins/index_management/public/plugin.ts b/x-pack/plugins/index_management/public/plugin.ts index b7e810b15dbf930..4e123b6f474f81e 100644 --- a/x-pack/plugins/index_management/public/plugin.ts +++ b/x-pack/plugins/index_management/public/plugin.ts @@ -6,7 +6,7 @@ */ import { i18n } from '@kbn/i18n'; -import { SemVer } from 'semver'; +import SemVer from 'semver/classes/semver'; import { CoreSetup, PluginInitializerContext } from '../../../../src/core/public'; import { setExtensionsService } from './application/store/selectors/extension_service'; diff --git a/x-pack/plugins/osquery/public/fleet_integration/osquery_managed_policy_create_import_extension.tsx b/x-pack/plugins/osquery/public/fleet_integration/osquery_managed_policy_create_import_extension.tsx index 2eddb5d6e932a4e..752e95b70efacba 100644 --- a/x-pack/plugins/osquery/public/fleet_integration/osquery_managed_policy_create_import_extension.tsx +++ b/x-pack/plugins/osquery/public/fleet_integration/osquery_managed_policy_create_import_extension.tsx @@ -6,7 +6,7 @@ */ import { get, isEmpty, unset, set } from 'lodash'; -import { satisfies } from 'semver'; +import satisfies from 'semver/functions/satisfies'; import { EuiFlexGroup, EuiFlexItem, From 3cfa21db3986e29f0a8dc6c353b5f4311dd6f02b Mon Sep 17 00:00:00 2001 From: Dario Gieselaar Date: Mon, 18 Oct 2021 13:44:30 +0200 Subject: [PATCH 18/50] [APM] generator: support error events and application metrics (#115311) --- .../src/lib/apm_error.ts | 30 +++++++++ .../src/lib/base_span.ts | 4 +- .../elastic-apm-generator/src/lib/entity.ts | 20 +++++- .../elastic-apm-generator/src/lib/instance.ts | 20 +++++- .../src/lib/metricset.ts | 15 +++-- .../src/lib/output/to_elasticsearch_output.ts | 3 +- .../elastic-apm-generator/src/lib/span.ts | 4 +- .../src/lib/transaction.ts | 34 +++++++++- .../src/lib/utils/generate_id.ts | 12 ++-- .../src/scripts/examples/01_simple_trace.ts | 28 ++++++-- .../05_transactions_with_errors.test.ts | 66 +++++++++++++++++++ .../scenarios/06_application_metrics.test.ts | 64 ++++++++++++++++++ 12 files changed, 273 insertions(+), 27 deletions(-) create mode 100644 packages/elastic-apm-generator/src/lib/apm_error.ts create mode 100644 packages/elastic-apm-generator/src/test/scenarios/05_transactions_with_errors.test.ts create mode 100644 packages/elastic-apm-generator/src/test/scenarios/06_application_metrics.test.ts diff --git a/packages/elastic-apm-generator/src/lib/apm_error.ts b/packages/elastic-apm-generator/src/lib/apm_error.ts new file mode 100644 index 000000000000000..5a48093a26db23e --- /dev/null +++ b/packages/elastic-apm-generator/src/lib/apm_error.ts @@ -0,0 +1,30 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ + +import { Fields } from './entity'; +import { Serializable } from './serializable'; +import { generateLongId, generateShortId } from './utils/generate_id'; + +export class ApmError extends Serializable { + constructor(fields: Fields) { + super({ + ...fields, + 'processor.event': 'error', + 'processor.name': 'error', + 'error.id': generateShortId(), + }); + } + + serialize() { + const [data] = super.serialize(); + data['error.grouping_key'] = generateLongId( + this.fields['error.grouping_name'] || this.fields['error.exception']?.[0]?.message + ); + return [data]; + } +} diff --git a/packages/elastic-apm-generator/src/lib/base_span.ts b/packages/elastic-apm-generator/src/lib/base_span.ts index 6288c16d339b626..f762bf730a71779 100644 --- a/packages/elastic-apm-generator/src/lib/base_span.ts +++ b/packages/elastic-apm-generator/src/lib/base_span.ts @@ -10,7 +10,7 @@ import { Fields } from './entity'; import { Serializable } from './serializable'; import { Span } from './span'; import { Transaction } from './transaction'; -import { generateTraceId } from './utils/generate_id'; +import { generateLongId } from './utils/generate_id'; export class BaseSpan extends Serializable { private readonly _children: BaseSpan[] = []; @@ -19,7 +19,7 @@ export class BaseSpan extends Serializable { super({ ...fields, 'event.outcome': 'unknown', - 'trace.id': generateTraceId(), + 'trace.id': generateLongId(), 'processor.name': 'transaction', }); } diff --git a/packages/elastic-apm-generator/src/lib/entity.ts b/packages/elastic-apm-generator/src/lib/entity.ts index 2a4beee652cf74c..bf8fc10efd3a7eb 100644 --- a/packages/elastic-apm-generator/src/lib/entity.ts +++ b/packages/elastic-apm-generator/src/lib/entity.ts @@ -6,6 +6,19 @@ * Side Public License, v 1. */ +export type ApplicationMetricFields = Partial<{ + 'system.process.memory.size': number; + 'system.memory.actual.free': number; + 'system.memory.total': number; + 'system.cpu.total.norm.pct': number; + 'system.process.memory.rss.bytes': number; + 'system.process.cpu.total.norm.pct': number; +}>; + +export interface Exception { + message: string; +} + export type Fields = Partial<{ '@timestamp': number; 'agent.name': string; @@ -14,6 +27,10 @@ export type Fields = Partial<{ 'ecs.version': string; 'event.outcome': string; 'event.ingested': number; + 'error.id': string; + 'error.exception': Exception[]; + 'error.grouping_name': string; + 'error.grouping_key': string; 'host.name': string; 'metricset.name': string; 'observer.version': string; @@ -46,7 +63,8 @@ export type Fields = Partial<{ 'span.destination.service.response_time.count': number; 'span.self_time.count': number; 'span.self_time.sum.us': number; -}>; +}> & + ApplicationMetricFields; export class Entity { constructor(public readonly fields: Fields) { diff --git a/packages/elastic-apm-generator/src/lib/instance.ts b/packages/elastic-apm-generator/src/lib/instance.ts index 4218a9e23f4b4fd..3570f497c905552 100644 --- a/packages/elastic-apm-generator/src/lib/instance.ts +++ b/packages/elastic-apm-generator/src/lib/instance.ts @@ -6,7 +6,9 @@ * Side Public License, v 1. */ -import { Entity } from './entity'; +import { ApmError } from './apm_error'; +import { ApplicationMetricFields, Entity } from './entity'; +import { Metricset } from './metricset'; import { Span } from './span'; import { Transaction } from './transaction'; @@ -27,4 +29,20 @@ export class Instance extends Entity { 'span.subtype': spanSubtype, }); } + + error(message: string, type?: string, groupingName?: string) { + return new ApmError({ + ...this.fields, + 'error.exception': [{ message, ...(type ? { type } : {}) }], + 'error.grouping_name': groupingName || message, + }); + } + + appMetrics(metrics: ApplicationMetricFields) { + return new Metricset({ + ...this.fields, + 'metricset.name': 'app', + ...metrics, + }); + } } diff --git a/packages/elastic-apm-generator/src/lib/metricset.ts b/packages/elastic-apm-generator/src/lib/metricset.ts index f7abec6fde95856..c1ebbea31312378 100644 --- a/packages/elastic-apm-generator/src/lib/metricset.ts +++ b/packages/elastic-apm-generator/src/lib/metricset.ts @@ -6,12 +6,15 @@ * Side Public License, v 1. */ +import { Fields } from './entity'; import { Serializable } from './serializable'; -export class Metricset extends Serializable {} - -export function metricset(name: string) { - return new Metricset({ - 'metricset.name': name, - }); +export class Metricset extends Serializable { + constructor(fields: Fields) { + super({ + 'processor.event': 'metric', + 'processor.name': 'metric', + ...fields, + }); + } } diff --git a/packages/elastic-apm-generator/src/lib/output/to_elasticsearch_output.ts b/packages/elastic-apm-generator/src/lib/output/to_elasticsearch_output.ts index b4cae1b41b9a654..d90ce8e01f83d10 100644 --- a/packages/elastic-apm-generator/src/lib/output/to_elasticsearch_output.ts +++ b/packages/elastic-apm-generator/src/lib/output/to_elasticsearch_output.ts @@ -25,7 +25,8 @@ export function toElasticsearchOutput(events: Fields[], versionOverride?: string const document = {}; // eslint-disable-next-line guard-for-in for (const key in values) { - set(document, key, values[key as keyof typeof values]); + const val = values[key as keyof typeof values]; + set(document, key, val); } return { _index: `apm-${versionOverride || values['observer.version']}-${values['processor.event']}`, diff --git a/packages/elastic-apm-generator/src/lib/span.ts b/packages/elastic-apm-generator/src/lib/span.ts index 36f7f44816d01d9..3c8d90f56b78e67 100644 --- a/packages/elastic-apm-generator/src/lib/span.ts +++ b/packages/elastic-apm-generator/src/lib/span.ts @@ -8,14 +8,14 @@ import { BaseSpan } from './base_span'; import { Fields } from './entity'; -import { generateEventId } from './utils/generate_id'; +import { generateShortId } from './utils/generate_id'; export class Span extends BaseSpan { constructor(fields: Fields) { super({ ...fields, 'processor.event': 'span', - 'span.id': generateEventId(), + 'span.id': generateShortId(), }); } diff --git a/packages/elastic-apm-generator/src/lib/transaction.ts b/packages/elastic-apm-generator/src/lib/transaction.ts index f615f4671099692..3a8d32e1843f840 100644 --- a/packages/elastic-apm-generator/src/lib/transaction.ts +++ b/packages/elastic-apm-generator/src/lib/transaction.ts @@ -6,22 +6,48 @@ * Side Public License, v 1. */ +import { ApmError } from './apm_error'; import { BaseSpan } from './base_span'; import { Fields } from './entity'; -import { generateEventId } from './utils/generate_id'; +import { generateShortId } from './utils/generate_id'; export class Transaction extends BaseSpan { private _sampled: boolean = true; + private readonly _errors: ApmError[] = []; constructor(fields: Fields) { super({ ...fields, 'processor.event': 'transaction', - 'transaction.id': generateEventId(), + 'transaction.id': generateShortId(), 'transaction.sampled': true, }); } + parent(span: BaseSpan) { + super.parent(span); + + this._errors.forEach((error) => { + error.fields['trace.id'] = this.fields['trace.id']; + error.fields['transaction.id'] = this.fields['transaction.id']; + error.fields['transaction.type'] = this.fields['transaction.type']; + }); + + return this; + } + + errors(...errors: ApmError[]) { + errors.forEach((error) => { + error.fields['trace.id'] = this.fields['trace.id']; + error.fields['transaction.id'] = this.fields['transaction.id']; + error.fields['transaction.type'] = this.fields['transaction.type']; + }); + + this._errors.push(...errors); + + return this; + } + duration(duration: number) { this.fields['transaction.duration.us'] = duration * 1000; return this; @@ -35,11 +61,13 @@ export class Transaction extends BaseSpan { serialize() { const [transaction, ...spans] = super.serialize(); + const errors = this._errors.flatMap((error) => error.serialize()); + const events = [transaction]; if (this._sampled) { events.push(...spans); } - return events; + return events.concat(errors); } } diff --git a/packages/elastic-apm-generator/src/lib/utils/generate_id.ts b/packages/elastic-apm-generator/src/lib/utils/generate_id.ts index 6c8b33fc190773e..cc372a56209aace 100644 --- a/packages/elastic-apm-generator/src/lib/utils/generate_id.ts +++ b/packages/elastic-apm-generator/src/lib/utils/generate_id.ts @@ -12,14 +12,14 @@ let seq = 0; const namespace = 'f38d5b83-8eee-4f5b-9aa6-2107e15a71e3'; -function generateId() { - return uuidv5(String(seq++), namespace).replace(/-/g, ''); +function generateId(seed?: string) { + return uuidv5(seed ?? String(seq++), namespace).replace(/-/g, ''); } -export function generateEventId() { - return generateId().substr(0, 16); +export function generateShortId(seed?: string) { + return generateId(seed).substr(0, 16); } -export function generateTraceId() { - return generateId().substr(0, 32); +export function generateLongId(seed?: string) { + return generateId(seed).substr(0, 32); } diff --git a/packages/elastic-apm-generator/src/scripts/examples/01_simple_trace.ts b/packages/elastic-apm-generator/src/scripts/examples/01_simple_trace.ts index 7aae2986919c87d..f6aad154532c280 100644 --- a/packages/elastic-apm-generator/src/scripts/examples/01_simple_trace.ts +++ b/packages/elastic-apm-generator/src/scripts/examples/01_simple_trace.ts @@ -14,11 +14,11 @@ export function simpleTrace(from: number, to: number) { const range = timerange(from, to); - const transactionName = '100rpm (80% success) failed 1000ms'; + const transactionName = '240rpm/60% 1000ms'; const successfulTraceEvents = range - .interval('30s') - .rate(40) + .interval('1s') + .rate(3) .flatMap((timestamp) => instance .transaction(transactionName) @@ -38,21 +38,39 @@ export function simpleTrace(from: number, to: number) { ); const failedTraceEvents = range - .interval('30s') - .rate(10) + .interval('1s') + .rate(1) .flatMap((timestamp) => instance .transaction(transactionName) .timestamp(timestamp) .duration(1000) .failure() + .errors( + instance.error('[ResponseError] index_not_found_exception').timestamp(timestamp + 50) + ) .serialize() ); + const metricsets = range + .interval('30s') + .rate(1) + .flatMap((timestamp) => + instance + .appMetrics({ + 'system.memory.actual.free': 800, + 'system.memory.total': 1000, + 'system.cpu.total.norm.pct': 0.6, + 'system.process.cpu.total.norm.pct': 0.7, + }) + .timestamp(timestamp) + .serialize() + ); const events = successfulTraceEvents.concat(failedTraceEvents); return [ ...events, + ...metricsets, ...getTransactionMetrics(events), ...getSpanDestinationMetrics(events), ...getBreakdownMetrics(events), diff --git a/packages/elastic-apm-generator/src/test/scenarios/05_transactions_with_errors.test.ts b/packages/elastic-apm-generator/src/test/scenarios/05_transactions_with_errors.test.ts new file mode 100644 index 000000000000000..289fdfa6cf5658b --- /dev/null +++ b/packages/elastic-apm-generator/src/test/scenarios/05_transactions_with_errors.test.ts @@ -0,0 +1,66 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ +import { pick } from 'lodash'; +import { service } from '../../index'; +import { Instance } from '../../lib/instance'; + +describe('transactions with errors', () => { + let instance: Instance; + const timestamp = new Date('2021-01-01T00:00:00.000Z').getTime(); + + beforeEach(() => { + instance = service('opbeans-java', 'production', 'java').instance('instance'); + }); + it('generates error events', () => { + const events = instance + .transaction('GET /api') + .timestamp(timestamp) + .errors(instance.error('test error').timestamp(timestamp)) + .serialize(); + + const errorEvents = events.filter((event) => event['processor.event'] === 'error'); + + expect(errorEvents.length).toEqual(1); + + expect( + pick(errorEvents[0], 'processor.event', 'processor.name', 'error.exception', '@timestamp') + ).toEqual({ + 'processor.event': 'error', + 'processor.name': 'error', + '@timestamp': timestamp, + 'error.exception': [{ message: 'test error' }], + }); + }); + + it('sets the transaction and trace id', () => { + const [transaction, error] = instance + .transaction('GET /api') + .timestamp(timestamp) + .errors(instance.error('test error').timestamp(timestamp)) + .serialize(); + + const keys = ['transaction.id', 'trace.id', 'transaction.type']; + + expect(pick(error, keys)).toEqual({ + 'transaction.id': transaction['transaction.id'], + 'trace.id': transaction['trace.id'], + 'transaction.type': 'request', + }); + }); + + it('sets the error grouping key', () => { + const [, error] = instance + .transaction('GET /api') + .timestamp(timestamp) + .errors(instance.error('test error').timestamp(timestamp)) + .serialize(); + + expect(error['error.grouping_name']).toEqual('test error'); + expect(error['error.grouping_key']).toMatchInlineSnapshot(`"8b96fa10a7f85a5d960198627bf50840"`); + }); +}); diff --git a/packages/elastic-apm-generator/src/test/scenarios/06_application_metrics.test.ts b/packages/elastic-apm-generator/src/test/scenarios/06_application_metrics.test.ts new file mode 100644 index 000000000000000..59ca8f0edbe88b3 --- /dev/null +++ b/packages/elastic-apm-generator/src/test/scenarios/06_application_metrics.test.ts @@ -0,0 +1,64 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0 and the Server Side Public License, v 1; you may not use this file except + * in compliance with, at your election, the Elastic License 2.0 or the Server + * Side Public License, v 1. + */ +import { pick } from 'lodash'; +import { service } from '../../index'; +import { Instance } from '../../lib/instance'; + +describe('application metrics', () => { + let instance: Instance; + const timestamp = new Date('2021-01-01T00:00:00.000Z').getTime(); + + beforeEach(() => { + instance = service('opbeans-java', 'production', 'java').instance('instance'); + }); + it('generates application metricsets', () => { + const events = instance + .appMetrics({ + 'system.memory.actual.free': 80, + 'system.memory.total': 100, + }) + .timestamp(timestamp) + .serialize(); + + const appMetrics = events.filter((event) => event['processor.event'] === 'metric'); + + expect(appMetrics.length).toEqual(1); + + expect( + pick( + appMetrics[0], + '@timestamp', + 'agent.name', + 'container.id', + 'metricset.name', + 'processor.event', + 'processor.name', + 'service.environment', + 'service.name', + 'service.node.name', + 'system.memory.actual.free', + 'system.memory.total' + ) + ).toEqual({ + '@timestamp': timestamp, + 'metricset.name': 'app', + 'processor.event': 'metric', + 'processor.name': 'metric', + 'system.memory.actual.free': 80, + 'system.memory.total': 100, + ...pick( + instance.fields, + 'agent.name', + 'container.id', + 'service.environment', + 'service.name', + 'service.node.name' + ), + }); + }); +}); From c3ff2b0c7f98367439cd166fde1681a81a809006 Mon Sep 17 00:00:00 2001 From: Paul Tavares <56442535+paul-tavares@users.noreply.github.com> Date: Mon, 18 Oct 2021 08:03:09 -0400 Subject: [PATCH 19/50] [Security Solution][Endpoint] Change `trustedAppByPolicyEnabled` flag to `true` by default (#115264) * set `trustedAppsByPolicyEnabled` flag to true by default * Adjust server tests --- .../plugins/security_solution/common/experimental_features.ts | 2 +- .../server/fleet_integration/fleet_integration.test.ts | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/x-pack/plugins/security_solution/common/experimental_features.ts b/x-pack/plugins/security_solution/common/experimental_features.ts index 148390324c13f8f..14b1bf8dc22dd40 100644 --- a/x-pack/plugins/security_solution/common/experimental_features.ts +++ b/x-pack/plugins/security_solution/common/experimental_features.ts @@ -16,7 +16,7 @@ export const allowedExperimentalValues = Object.freeze({ ruleRegistryEnabled: false, tGridEnabled: true, tGridEventRenderedViewEnabled: true, - trustedAppsByPolicyEnabled: false, + trustedAppsByPolicyEnabled: true, excludePoliciesInFilterEnabled: false, uebaEnabled: false, disableIsolationUIPendingStatuses: false, diff --git a/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts b/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts index d0bbb3b346ea89f..2f31f54143f7453 100644 --- a/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts +++ b/x-pack/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts @@ -343,9 +343,10 @@ describe('ingest_integration tests ', () => { }); }); - it("doesn't remove policy from trusted app FF disabled", async () => { + it("doesn't remove policy from trusted app if feature flag is disabled", async () => { await invokeDeleteCallback({ ...allowedExperimentalValues, + trustedAppsByPolicyEnabled: false, // since it was changed to `true` by default }); expect(exceptionListClient.findExceptionListItem).toHaveBeenCalledTimes(0); From 596b2e3460417ace6f7d130470dbdc5bd75c3807 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Mon, 18 Oct 2021 14:15:16 +0200 Subject: [PATCH 20/50] [Security Solutions] host isolation exception licensing checks (#114970) Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../public/app/translations.ts | 2 +- .../index.test.tsx | 19 +++- .../use_navigation_items.tsx | 13 +-- .../host_isolation_exceptions/service.ts | 11 +++ .../view/components/form_flyout.test.tsx | 1 + .../view/components/form_flyout.tsx | 5 - .../view/hooks.test.ts | 54 ++++++++++ .../host_isolation_exceptions/view/hooks.ts | 35 ++++++- .../host_isolation_exceptions_list.test.tsx | 48 +++++++-- .../view/host_isolation_exceptions_list.tsx | 98 +++++++++++-------- 10 files changed, 220 insertions(+), 66 deletions(-) create mode 100644 x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/hooks.test.ts diff --git a/x-pack/plugins/security_solution/public/app/translations.ts b/x-pack/plugins/security_solution/public/app/translations.ts index da680bf45dc8d28..e383725a7e40c91 100644 --- a/x-pack/plugins/security_solution/public/app/translations.ts +++ b/x-pack/plugins/security_solution/public/app/translations.ts @@ -65,7 +65,7 @@ export const EVENT_FILTERS = i18n.translate( export const HOST_ISOLATION_EXCEPTIONS = i18n.translate( 'xpack.securitySolution.search.administration.hostIsolationExceptions', { - defaultMessage: 'Host Isolation Exceptions', + defaultMessage: 'Host isolation exceptions', } ); export const DETECT = i18n.translate('xpack.securitySolution.navigation.detect', { diff --git a/x-pack/plugins/security_solution/public/common/components/navigation/use_security_solution_navigation/index.test.tsx b/x-pack/plugins/security_solution/public/common/components/navigation/use_security_solution_navigation/index.test.tsx index 29861b14341472f..396f431a3232de2 100644 --- a/x-pack/plugins/security_solution/public/common/components/navigation/use_security_solution_navigation/index.test.tsx +++ b/x-pack/plugins/security_solution/public/common/components/navigation/use_security_solution_navigation/index.test.tsx @@ -18,12 +18,15 @@ import { UrlInputsModel } from '../../../store/inputs/model'; import { useRouteSpy } from '../../../utils/route/use_route_spy'; import { useIsExperimentalFeatureEnabled } from '../../../hooks/use_experimental_features'; import { TestProviders } from '../../../mock'; +import { useCanSeeHostIsolationExceptionsMenu } from '../../../../management/pages/host_isolation_exceptions/view/hooks'; jest.mock('../../../lib/kibana/kibana_react'); jest.mock('../../../lib/kibana'); jest.mock('../../../hooks/use_selector'); jest.mock('../../../hooks/use_experimental_features'); jest.mock('../../../utils/route/use_route_spy'); +jest.mock('../../../../management/pages/host_isolation_exceptions/view/hooks'); + describe('useSecuritySolutionNavigation', () => { const mockUrlState = { [CONSTANTS.appQuery]: { query: 'host.name:"security-solution-es"', language: 'kuery' }, @@ -75,6 +78,7 @@ describe('useSecuritySolutionNavigation', () => { (useIsExperimentalFeatureEnabled as jest.Mock).mockReturnValue(false); (useDeepEqualSelector as jest.Mock).mockReturnValue({ urlState: mockUrlState }); (useRouteSpy as jest.Mock).mockReturnValue(mockRouteSpy); + (useCanSeeHostIsolationExceptionsMenu as jest.Mock).mockReturnValue(true); (useKibana as jest.Mock).mockReturnValue({ services: { @@ -240,7 +244,7 @@ describe('useSecuritySolutionNavigation', () => { "href": "securitySolution/host_isolation_exceptions", "id": "host_isolation_exceptions", "isSelected": false, - "name": "Host Isolation Exceptions", + "name": "Host isolation exceptions", "onClick": [Function], }, ], @@ -264,6 +268,19 @@ describe('useSecuritySolutionNavigation', () => { expect(result.current.items[2].items[2].id).toEqual(SecurityPageName.ueba); }); + it('should omit host isolation exceptions if hook reports false', () => { + (useCanSeeHostIsolationExceptionsMenu as jest.Mock).mockReturnValueOnce(false); + const { result } = renderHook<{}, KibanaPageTemplateProps['solutionNav']>( + () => useSecuritySolutionNavigation(), + { wrapper: TestProviders } + ); + expect( + result.current?.items + .find((item) => item.id === 'manage') + ?.items?.find((item) => item.id === 'host_isolation_exceptions') + ).toBeUndefined(); + }); + describe('Permission gated routes', () => { describe('cases', () => { it('should display the cases navigation item when the user has read permissions', () => { diff --git a/x-pack/plugins/security_solution/public/common/components/navigation/use_security_solution_navigation/use_navigation_items.tsx b/x-pack/plugins/security_solution/public/common/components/navigation/use_security_solution_navigation/use_navigation_items.tsx index 976f15586b555ca..a1be69dd077ade4 100644 --- a/x-pack/plugins/security_solution/public/common/components/navigation/use_security_solution_navigation/use_navigation_items.tsx +++ b/x-pack/plugins/security_solution/public/common/components/navigation/use_security_solution_navigation/use_navigation_items.tsx @@ -14,6 +14,7 @@ import { PrimaryNavigationItemsProps } from './types'; import { useGetUserCasesPermissions } from '../../../lib/kibana'; import { useNavigation } from '../../../lib/kibana/hooks'; import { NavTab } from '../types'; +import { useCanSeeHostIsolationExceptionsMenu } from '../../../../management/pages/host_isolation_exceptions/view/hooks'; export const usePrimaryNavigationItems = ({ navTabs, @@ -62,8 +63,9 @@ export const usePrimaryNavigationItems = ({ function usePrimaryNavigationItemsToDisplay(navTabs: Record) { const hasCasesReadPermissions = useGetUserCasesPermissions()?.read; - return useMemo( - () => [ + const canSeeHostIsolationExceptions = useCanSeeHostIsolationExceptionsMenu(); + return useMemo(() => { + return [ { id: 'main', name: '', @@ -87,10 +89,9 @@ function usePrimaryNavigationItemsToDisplay(navTabs: Record) { navTabs.endpoints, navTabs.trusted_apps, navTabs.event_filters, - navTabs.host_isolation_exceptions, + ...(canSeeHostIsolationExceptions ? [navTabs.host_isolation_exceptions] : []), ], }, - ], - [navTabs, hasCasesReadPermissions] - ); + ]; + }, [navTabs, hasCasesReadPermissions, canSeeHostIsolationExceptions]); } diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/service.ts b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/service.ts index b58c2d901c2cc35..957fd2d4485bc75 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/service.ts +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/service.ts @@ -8,6 +8,7 @@ import { CreateExceptionListItemSchema, ExceptionListItemSchema, + ExceptionListSummarySchema, FoundExceptionListItemSchema, UpdateExceptionListItemSchema, } from '@kbn/securitysolution-io-ts-list-types'; @@ -112,3 +113,13 @@ export async function updateOneHostIsolationExceptionItem( body: JSON.stringify(exception), }); } +export async function getHostIsolationExceptionSummary( + http: HttpStart +): Promise { + return http.get(`${EXCEPTION_LIST_URL}/summary`, { + query: { + list_id: ENDPOINT_HOST_ISOLATION_EXCEPTIONS_LIST_ID, + namespace_type: 'agnostic', + }, + }); +} diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form_flyout.test.tsx b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form_flyout.test.tsx index 4ab4ed785e49171..3f0a8b9990b839b 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form_flyout.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form_flyout.test.tsx @@ -18,6 +18,7 @@ import uuid from 'uuid'; import { createEmptyHostIsolationException } from '../../utils'; jest.mock('../../service.ts'); +jest.mock('../../../../../common/hooks/use_license'); describe('When on the host isolation exceptions flyout form', () => { let mockedContext: AppContextTestRender; diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form_flyout.tsx b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form_flyout.tsx index 799e327a3fb4ca8..14e976226c47049 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form_flyout.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form_flyout.tsx @@ -52,9 +52,7 @@ import { HostIsolationExceptionsForm } from './form'; export const HostIsolationExceptionsFormFlyout: React.FC<{}> = memo(() => { const dispatch = useDispatch>(); const toasts = useToasts(); - const location = useHostIsolationExceptionsSelector(getCurrentLocation); - const creationInProgress = useHostIsolationExceptionsSelector((state) => isLoadingResourceState(state.form.status) ); @@ -62,11 +60,8 @@ export const HostIsolationExceptionsFormFlyout: React.FC<{}> = memo(() => { isLoadedResourceState(state.form.status) ); const creationFailure = useHostIsolationExceptionsSelector(getFormStatusFailure); - const exceptionToEdit = useHostIsolationExceptionsSelector(getExceptionToEdit); - const navigateCallback = useHostIsolationExceptionsNavigateCallback(); - const history = useHistory(); const [formHasError, setFormHasError] = useState(true); diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/hooks.test.ts b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/hooks.test.ts new file mode 100644 index 000000000000000..6a4e0cb8401495f --- /dev/null +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/hooks.test.ts @@ -0,0 +1,54 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { useLicense } from '../../../../common/hooks/use_license'; +import { useCanSeeHostIsolationExceptionsMenu } from './hooks'; +import { renderHook } from '@testing-library/react-hooks'; +import { TestProviders } from '../../../../common/mock'; +import { getHostIsolationExceptionSummary } from '../service'; + +jest.mock('../../../../common/hooks/use_license'); +jest.mock('../service'); + +const getHostIsolationExceptionSummaryMock = getHostIsolationExceptionSummary as jest.Mock; + +describe('host isolation exceptions hooks', () => { + const isPlatinumPlusMock = useLicense().isPlatinumPlus as jest.Mock; + describe('useCanSeeHostIsolationExceptionsMenu', () => { + beforeEach(() => { + isPlatinumPlusMock.mockReset(); + }); + it('should return true if the license is platinum plus', () => { + isPlatinumPlusMock.mockReturnValue(true); + const { result } = renderHook(() => useCanSeeHostIsolationExceptionsMenu(), { + wrapper: TestProviders, + }); + expect(result.current).toBe(true); + }); + + it('should return false if the license is lower platinum plus and there are not existing host isolation items', () => { + isPlatinumPlusMock.mockReturnValue(false); + getHostIsolationExceptionSummaryMock.mockReturnValueOnce({ total: 0 }); + const { result } = renderHook(() => useCanSeeHostIsolationExceptionsMenu(), { + wrapper: TestProviders, + }); + expect(result.current).toBe(false); + }); + + it('should return true if the license is lower platinum plus and there are existing host isolation items', async () => { + isPlatinumPlusMock.mockReturnValue(false); + getHostIsolationExceptionSummaryMock.mockReturnValueOnce({ total: 11 }); + const { result, waitForNextUpdate } = renderHook( + () => useCanSeeHostIsolationExceptionsMenu(), + { + wrapper: TestProviders, + } + ); + await waitForNextUpdate(); + expect(result.current).toBe(true); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/hooks.ts b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/hooks.ts index db9ec467e717016..4b6129785c84acb 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/hooks.ts +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/hooks.ts @@ -4,15 +4,18 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import { useCallback } from 'react'; +import { useCallback, useEffect, useState } from 'react'; import { useSelector } from 'react-redux'; import { useHistory } from 'react-router-dom'; +import { useHttp } from '../../../../common/lib/kibana/hooks'; +import { useLicense } from '../../../../common/hooks/use_license'; import { State } from '../../../../common/store'; import { MANAGEMENT_STORE_GLOBAL_NAMESPACE, MANAGEMENT_STORE_HOST_ISOLATION_EXCEPTIONS_NAMESPACE, } from '../../../common/constants'; import { getHostIsolationExceptionsListPath } from '../../../common/routing'; +import { getHostIsolationExceptionSummary } from '../service'; import { getCurrentLocation } from '../store/selector'; import { HostIsolationExceptionsPageLocation, HostIsolationExceptionsPageState } from '../types'; @@ -36,3 +39,33 @@ export function useHostIsolationExceptionsNavigateCallback() { [history, location] ); } + +/** + * Checks if the current user should be able to see the host isolation exceptions + * menu item based on their current license level and existing excepted items. + */ +export function useCanSeeHostIsolationExceptionsMenu() { + const license = useLicense(); + const http = useHttp(); + + const [hasExceptions, setHasExceptions] = useState(license.isPlatinumPlus()); + + useEffect(() => { + async function checkIfHasExceptions() { + try { + const summary = await getHostIsolationExceptionSummary(http); + if (summary?.total > 0) { + setHasExceptions(true); + } + } catch (error) { + // an error will ocurr if the exception list does not exist + setHasExceptions(false); + } + } + if (!license.isPlatinumPlus()) { + checkIfHasExceptions(); + } + }, [http, license]); + + return hasExceptions; +} diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.test.tsx b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.test.tsx index 9de3d83ed8babd4..a7dfb66b022352c 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.test.tsx @@ -14,9 +14,12 @@ import { AppContextTestRender, createAppRootMockRenderer } from '../../../../com import { isFailedResourceState, isLoadedResourceState } from '../../../state'; import { getHostIsolationExceptionItems } from '../service'; import { HostIsolationExceptionsList } from './host_isolation_exceptions_list'; +import { useLicense } from '../../../../common/hooks/use_license'; jest.mock('../../../../common/components/user_privileges/use_endpoint_privileges'); + jest.mock('../service'); +jest.mock('../../../../common/hooks/use_license'); const getHostIsolationExceptionItemsMock = getHostIsolationExceptionItems as jest.Mock; @@ -25,9 +28,13 @@ describe('When on the host isolation exceptions page', () => { let renderResult: ReturnType; let history: AppContextTestRender['history']; let waitForAction: AppContextTestRender['middlewareSpy']['waitForAction']; + let mockedContext: AppContextTestRender; + + const isPlatinumPlusMock = useLicense().isPlatinumPlus as jest.Mock; + beforeEach(() => { getHostIsolationExceptionItemsMock.mockReset(); - const mockedContext = createAppRootMockRenderer(); + mockedContext = createAppRootMockRenderer(); ({ history } = mockedContext); render = () => (renderResult = mockedContext.render()); waitForAction = mockedContext.middlewareSpy.waitForAction; @@ -106,17 +113,38 @@ describe('When on the host isolation exceptions page', () => { ).toEqual(' Server is too far away'); }); }); - it('should show the create flyout when the add button is pressed', () => { - render(); - act(() => { - userEvent.click(renderResult.getByTestId('hostIsolationExceptionsListAddButton')); + describe('is license platinum plus', () => { + beforeEach(() => { + isPlatinumPlusMock.mockReturnValue(true); + }); + it('should show the create flyout when the add button is pressed', () => { + render(); + act(() => { + userEvent.click(renderResult.getByTestId('hostIsolationExceptionsListAddButton')); + }); + expect(renderResult.getByTestId('hostIsolationExceptionsCreateEditFlyout')).toBeTruthy(); + }); + it('should show the create flyout when the show location is create', () => { + history.push(`${HOST_ISOLATION_EXCEPTIONS_PATH}?show=create`); + render(); + expect(renderResult.getByTestId('hostIsolationExceptionsCreateEditFlyout')).toBeTruthy(); + expect(renderResult.queryByTestId('hostIsolationExceptionsCreateEditFlyout')).toBeTruthy(); }); - expect(renderResult.getByTestId('hostIsolationExceptionsCreateEditFlyout')).toBeTruthy(); }); - it('should show the create flyout when the show location is create', () => { - history.push(`${HOST_ISOLATION_EXCEPTIONS_PATH}?show=create`); - render(); - expect(renderResult.getByTestId('hostIsolationExceptionsCreateEditFlyout')).toBeTruthy(); + describe('is not license platinum plus', () => { + beforeEach(() => { + isPlatinumPlusMock.mockReturnValue(false); + }); + it('should not show the create flyout if the user navigates to the create url', () => { + history.push(`${HOST_ISOLATION_EXCEPTIONS_PATH}?show=create`); + render(); + expect(renderResult.queryByTestId('hostIsolationExceptionsCreateEditFlyout')).toBeFalsy(); + }); + it('should not show the create flyout if the user navigates to the edit url', () => { + history.push(`${HOST_ISOLATION_EXCEPTIONS_PATH}?show=edit`); + render(); + expect(renderResult.queryByTestId('hostIsolationExceptionsCreateEditFlyout')).toBeFalsy(); + }); }); }); }); diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.tsx b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.tsx index 3c634a917c0cef6..f4a89e89a9f67ed 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.tsx @@ -7,11 +7,13 @@ import { ExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; import { i18n } from '@kbn/i18n'; -import React, { Dispatch, useCallback } from 'react'; +import React, { Dispatch, useCallback, useEffect } from 'react'; import { EuiButton, EuiSpacer } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; import { useDispatch } from 'react-redux'; +import { useHistory } from 'react-router-dom'; import { ExceptionItem } from '../../../../common/components/exceptions/viewer/exception_item'; +import { useLicense } from '../../../../common/hooks/use_license'; import { getCurrentLocation, getItemToDelete, @@ -37,6 +39,7 @@ import { DELETE_HOST_ISOLATION_EXCEPTION_LABEL, EDIT_HOST_ISOLATION_EXCEPTION_LABEL, } from './components/translations'; +import { getEndpointListPath } from '../../../common/routing'; type HostIsolationExceptionPaginatedContent = PaginatedContentProps< Immutable, @@ -51,10 +54,16 @@ export const HostIsolationExceptionsList = () => { const location = useHostIsolationExceptionsSelector(getCurrentLocation); const dispatch = useDispatch>(); const itemToDelete = useHostIsolationExceptionsSelector(getItemToDelete); - - const showFlyout = !!location.show; - const navigateCallback = useHostIsolationExceptionsNavigateCallback(); + const history = useHistory(); + const license = useLicense(); + const showFlyout = license.isPlatinumPlus() && !!location.show; + + useEffect(() => { + if (!isLoading && listItems.length === 0 && !license.isPlatinumPlus()) { + history.replace(getEndpointListPath({ name: 'endpointList' })); + } + }, [history, isLoading, license, listItems.length]); const handleOnSearch = useCallback( (query: string) => { @@ -63,34 +72,35 @@ export const HostIsolationExceptionsList = () => { [navigateCallback] ); - const handleItemComponentProps = (element: ExceptionListItemSchema): ArtifactEntryCardProps => ({ - item: element, - 'data-test-subj': `hostIsolationExceptionsCard`, - actions: [ - { - icon: 'trash', - onClick: () => { - navigateCallback({ - show: 'edit', - id: element.id, - }); - }, - 'data-test-subj': 'editHostIsolationException', - children: EDIT_HOST_ISOLATION_EXCEPTION_LABEL, + function handleItemComponentProps(element: ExceptionListItemSchema): ArtifactEntryCardProps { + const editAction = { + icon: 'trash', + onClick: () => { + navigateCallback({ + show: 'edit', + id: element.id, + }); }, - { - icon: 'trash', - onClick: () => { - dispatch({ - type: 'hostIsolationExceptionsMarkToDelete', - payload: element, - }); - }, - 'data-test-subj': 'deleteHostIsolationException', - children: DELETE_HOST_ISOLATION_EXCEPTION_LABEL, + 'data-test-subj': 'editHostIsolationException', + children: EDIT_HOST_ISOLATION_EXCEPTION_LABEL, + }; + const deleteAction = { + icon: 'trash', + onClick: () => { + dispatch({ + type: 'hostIsolationExceptionsMarkToDelete', + payload: element, + }); }, - ], - }); + 'data-test-subj': 'deleteHostIsolationException', + children: DELETE_HOST_ISOLATION_EXCEPTION_LABEL, + }; + return { + item: element, + 'data-test-subj': `hostIsolationExceptionsCard`, + actions: license.isPlatinumPlus() ? [editAction, deleteAction] : [deleteAction], + }; + } const handlePaginatedContentChange: HostIsolationExceptionPaginatedContent['onChange'] = useCallback( @@ -121,18 +131,22 @@ export const HostIsolationExceptionsList = () => { /> } actions={ - - - + license.isPlatinumPlus() ? ( + + + + ) : ( + [] + ) } > {showFlyout && } From fe979e4932858ebe78c36e6af73efa58dcfca701 Mon Sep 17 00:00:00 2001 From: Garrett Spong Date: Mon, 18 Oct 2021 06:20:40 -0600 Subject: [PATCH 21/50] [Security Solution] Migrates siem-detection-engine-rule-status alertId to saved object references array (#114585) ## Summary Resolves (a portion of) https://github.com/elastic/kibana/issues/107068 for the `siem-detection-engine-rule-status` type by migrating the `alertId` to be within the `SO references[]`. Based on: https://github.com/elastic/kibana/pull/113577 * Migrates the legacy `siem-detection-engine-rule-status` `alertId` to saved object references array * Adds an e2e test for `siem-detection-engine-rule-status` * Breaks out `siem-detection-engine-rule-status` & `security-rule` SO's to their own dedicated files/directories, and cleaned up typings/imports Before migration you can observe the existing data structure of `siem-detection-engine-rule-status` via Dev tools as follows: ``` GET .kibana/_search { "size": 10000, "query": { "term": { "type": { "value": "siem-detection-engine-rule-status" } } } } ``` ``` JSON { "_index" : ".kibana-spong_8.0.0_001", "_id" : "siem-detection-engine-rule-status:d580f1a0-2afe-11ec-8621-8d6bfcdfd75e", "_score" : 2.150102, "_source" : { "siem-detection-engine-rule-status" : { "alertId" : "d62d2980-27c4-11ec-92b0-f7b47106bb35", <-- alertId which we want in the references array and removed "statusDate" : "2021-10-12T01:50:52.898Z", "status" : "failed", "lastFailureAt" : "2021-10-12T01:50:52.898Z", "lastSuccessAt" : "2021-10-12T01:18:29.195Z", "lastFailureMessage" : "6 minutes (385585ms) were not queried between this rule execution and the last execution, so signals may have been missed. Consider increasing your look behind time or adding more Kibana instances. name: \"I am the Host who Names!\" id: \"d62d2980-27c4-11ec-92b0-f7b47106bb35\" rule id: \"214ccef6-e98e-493a-98c5-5bcc2d497b79\" signals index: \".siem-signals-spong-default\"", "lastSuccessMessage" : "succeeded", "gap" : "6 minutes", "lastLookBackDate" : "2021-10-07T23:43:27.961Z" }, "type" : "siem-detection-engine-rule-status", "references" : [ ], "coreMigrationVersion" : "7.14.0", "updated_at" : "2021-10-12T01:50:53.404Z" } } ``` Post migration the data structure should be updated as follows: ``` JSON { "_index": ".kibana-spong_8.0.0_001", "_id": "siem-detection-engine-rule-status:d580f1a0-2afe-11ec-8621-8d6bfcdfd75e", "_score": 2.1865466, "_source": { "siem-detection-engine-rule-status": { "statusDate": "2021-10-12T01:50:52.898Z", <-- alertId is no more! "status": "failed", "lastFailureAt": "2021-10-12T01:50:52.898Z", "lastSuccessAt": "2021-10-12T01:18:29.195Z", "lastFailureMessage": "6 minutes (385585ms) were not queried between this rule execution and the last execution, so signals may have been missed. Consider increasing your look behind time or adding more Kibana instances. name: \"I am the Host who Names!\" id: \"d62d2980-27c4-11ec-92b0-f7b47106bb35\" rule id: \"214ccef6-e98e-493a-98c5-5bcc2d497b79\" signals index: \".siem-signals-spong-default\"", "lastSuccessMessage": "succeeded", "gap": "6 minutes", "lastLookBackDate": "2021-10-07T23:43:27.961Z" }, "type": "siem-detection-engine-rule-status", "references": [ { "id": "d62d2980-27c4-11ec-92b0-f7b47106bb35", <-- previous alertId has been converted to references[] "type": "alert", "name": "alert_0" } ], "migrationVersion": { "siem-detection-engine-rule-status": "7.16.0" }, "coreMigrationVersion": "8.0.0", "updated_at": "2021-10-12T01:50:53.406Z" } }, ``` #### Manual testing --- There are e2e tests but for any manual testing or verification you can do the following: ##### Manual upgrade test If you have a 7.15.0 system and can migrate it forward that is the most straight forward way to ensure this does migrate correctly. You should see that the `Rule Monitoring` table and Rule Details `Failure History` table continue to function without error. ##### Downgrade via script and test migration on kibana reboot If you have a migrated `Rule Status SO` and want to test the migration, you can run the below script to downgrade the status SO then restart Kibana and observe the migration on startup. Note: Since this PR removes the mapping, you would need to [update the SO mapping](https://github.com/elastic/kibana/pull/114585/files#r729386126) to include `alertId` again else you will receive a strict/dynamic mapping error. ```json # Replace id w/ correct Rule Status SO id of existing migrated object POST .kibana/_update/siem-detection-engine-rule-status:d580ca91-2afe-11ec-8621-8d6bfcdfd75e { "script" : { "source": """ ctx._source.migrationVersion['siem-detection-engine-rule-status'] = "7.15.0"; ctx._source['siem-detection-engine-rule-status'].alertId = ctx._source.references[0].id; ctx._source.references.remove(0); """, "lang": "painless" } } ``` Restart Kibana and now it should be migrated correctly and you shouldn't see any errors in your console. You should also see that the `Rule Monitoring` table and Rule Details `Failure History` table continue to function without error. ### Checklist Delete any items that are not applicable to this PR. - [ ] ~[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials~ - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios ### For maintainers - [x] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) Co-authored-by: Georgii Gorbachev Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../aggregations/aggs_types/bucket_aggs.ts | 5 +- .../routes/__mocks__/request_responses.ts | 20 ++- .../rules/add_prepackaged_rules_route.ts | 2 +- .../get_prepackaged_rules_status_route.ts | 2 +- .../lib/detection_engine/routes/utils.test.ts | 8 +- .../event_log_adapter/event_log_adapter.ts | 4 +- .../rule_status_saved_objects_client.ts | 87 ++++++++----- .../saved_objects_adapter.ts | 72 +++++++---- .../rule_execution_log/types.ts | 1 + .../rules/delete_rules.test.ts | 1 - .../lib/detection_engine/rules/enable_rule.ts | 1 + .../rules/get_prepackaged_rules.ts | 2 +- .../legacy_rule_status/legacy_migrations.ts | 115 ++++++++++++++++++ ...egacy_rule_status_saved_object_mappings.ts | 73 +++++++++++ .../rules/legacy_rule_status/legacy_utils.ts | 17 +++ .../rule_asset_saved_object_mappings.ts | 32 +++++ .../rule_asset_saved_objects_client.ts | 6 +- .../rules/saved_object_mappings.ts | 97 --------------- .../lib/detection_engine/rules/types.ts | 2 - .../signals/__mocks__/es_results.ts | 14 ++- .../security_solution/server/saved_objects.ts | 9 +- .../security_and_spaces/tests/migrations.ts | 27 ++++ .../security_solution/migrations/data.json | 34 +++++- 23 files changed, 441 insertions(+), 190 deletions(-) create mode 100644 x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_migrations.ts create mode 100644 x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_rule_status_saved_object_mappings.ts create mode 100644 x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_utils.ts create mode 100644 x-pack/plugins/security_solution/server/lib/detection_engine/rules/rule_asset/rule_asset_saved_object_mappings.ts rename x-pack/plugins/security_solution/server/lib/detection_engine/rules/{ => rule_asset}/rule_asset_saved_objects_client.ts (88%) delete mode 100644 x-pack/plugins/security_solution/server/lib/detection_engine/rules/saved_object_mappings.ts diff --git a/src/core/server/saved_objects/service/lib/aggregations/aggs_types/bucket_aggs.ts b/src/core/server/saved_objects/service/lib/aggregations/aggs_types/bucket_aggs.ts index cf27505e8f073cc..f85576aa64451fb 100644 --- a/src/core/server/saved_objects/service/lib/aggregations/aggs_types/bucket_aggs.ts +++ b/src/core/server/saved_objects/service/lib/aggregations/aggs_types/bucket_aggs.ts @@ -16,6 +16,7 @@ import { sortOrderSchema } from './common_schemas'; * - filter * - histogram * - nested + * - reverse_nested * - terms * * Not implemented: @@ -37,7 +38,6 @@ import { sortOrderSchema } from './common_schemas'; * - parent * - range * - rare_terms - * - reverse_nested * - sampler * - significant_terms * - significant_text @@ -76,6 +76,9 @@ export const bucketAggsSchemas: Record = { nested: s.object({ path: s.string(), }), + reverse_nested: s.object({ + path: s.maybe(s.string()), + }), terms: s.object({ field: s.maybe(s.string()), collect_mode: s.maybe(s.string()), diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts index 200246ba1a36714..9d1cd3cbca3fba4 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts @@ -479,7 +479,6 @@ export const getRuleExecutionStatuses = (): Array< type: 'my-type', id: 'e0b86950-4e9f-11ea-bdbd-07b56aa159b3', attributes: { - alertId: '04128c15-0d1b-4716-a4c5-46997ac7f3bc', statusDate: '2020-02-18T15:26:49.783Z', status: RuleExecutionStatus.succeeded, lastFailureAt: undefined, @@ -492,7 +491,13 @@ export const getRuleExecutionStatuses = (): Array< bulkCreateTimeDurations: ['800.43'], }, score: 1, - references: [], + references: [ + { + id: '04128c15-0d1b-4716-a4c5-46997ac7f3bc', + type: 'alert', + name: 'alert_0', + }, + ], updated_at: '2020-02-18T15:26:51.333Z', version: 'WzQ2LDFd', }, @@ -500,7 +505,6 @@ export const getRuleExecutionStatuses = (): Array< type: 'my-type', id: '91246bd0-5261-11ea-9650-33b954270f67', attributes: { - alertId: '1ea5a820-4da1-4e82-92a1-2b43a7bece08', statusDate: '2020-02-18T15:15:58.806Z', status: RuleExecutionStatus.failed, lastFailureAt: '2020-02-18T15:15:58.806Z', @@ -514,7 +518,13 @@ export const getRuleExecutionStatuses = (): Array< bulkCreateTimeDurations: ['800.43'], }, score: 1, - references: [], + references: [ + { + id: '1ea5a820-4da1-4e82-92a1-2b43a7bece08', + type: 'alert', + name: 'alert_0', + }, + ], updated_at: '2020-02-18T15:15:58.860Z', version: 'WzMyLDFd', }, @@ -523,7 +533,6 @@ export const getRuleExecutionStatuses = (): Array< export const getFindBulkResultStatus = (): FindBulkExecutionLogResponse => ({ '04128c15-0d1b-4716-a4c5-46997ac7f3bd': [ { - alertId: '04128c15-0d1b-4716-a4c5-46997ac7f3bd', statusDate: '2020-02-18T15:26:49.783Z', status: RuleExecutionStatus.succeeded, lastFailureAt: undefined, @@ -538,7 +547,6 @@ export const getFindBulkResultStatus = (): FindBulkExecutionLogResponse => ({ ], '1ea5a820-4da1-4e82-92a1-2b43a7bece08': [ { - alertId: '1ea5a820-4da1-4e82-92a1-2b43a7bece08', statusDate: '2020-02-18T15:15:58.806Z', status: RuleExecutionStatus.failed, lastFailureAt: '2020-02-18T15:15:58.806Z', diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts index 0048c735b0a7c7f..fed34743e220aa8 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts @@ -31,7 +31,7 @@ import { updatePrepackagedRules } from '../../rules/update_prepacked_rules'; import { getRulesToInstall } from '../../rules/get_rules_to_install'; import { getRulesToUpdate } from '../../rules/get_rules_to_update'; import { getExistingPrepackagedRules } from '../../rules/get_existing_prepackaged_rules'; -import { ruleAssetSavedObjectsClientFactory } from '../../rules/rule_asset_saved_objects_client'; +import { ruleAssetSavedObjectsClientFactory } from '../../rules/rule_asset/rule_asset_saved_objects_client'; import { buildSiemResponse } from '../utils'; import { RulesClient } from '../../../../../../alerting/server'; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.ts index 9a06928eee233f6..a18507eea4977e5 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.ts @@ -20,7 +20,7 @@ import { getRulesToUpdate } from '../../rules/get_rules_to_update'; import { findRules } from '../../rules/find_rules'; import { getLatestPrepackagedRules } from '../../rules/get_prepackaged_rules'; import { getExistingPrepackagedRules } from '../../rules/get_existing_prepackaged_rules'; -import { ruleAssetSavedObjectsClientFactory } from '../../rules/rule_asset_saved_objects_client'; +import { ruleAssetSavedObjectsClientFactory } from '../../rules/rule_asset/rule_asset_saved_objects_client'; import { buildFrameworkRequest } from '../../../timeline/utils/common'; import { ConfigType } from '../../../../config'; import { SetupPlugins } from '../../../../plugin'; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/utils.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/utils.test.ts index 10472fe1c0a0393..6ddeeaa5ea1c2b8 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/utils.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/utils.test.ts @@ -136,16 +136,16 @@ describe.each([ describe('mergeStatuses', () => { it('merges statuses and converts from camelCase saved object to snake_case HTTP response', () => { + // const statusOne = exampleRuleStatus(); statusOne.attributes.status = RuleExecutionStatus.failed; const statusTwo = exampleRuleStatus(); statusTwo.attributes.status = RuleExecutionStatus.failed; const currentStatus = exampleRuleStatus(); const foundRules = [currentStatus.attributes, statusOne.attributes, statusTwo.attributes]; - const res = mergeStatuses(currentStatus.attributes.alertId, foundRules, { + const res = mergeStatuses(currentStatus.references[0].id, foundRules, { 'myfakealertid-8cfac': { current_status: { - alert_id: 'myfakealertid-8cfac', status_date: '2020-03-27T22:55:59.517Z', status: RuleExecutionStatus.succeeded, last_failure_at: null, @@ -163,7 +163,6 @@ describe.each([ expect(res).toEqual({ 'myfakealertid-8cfac': { current_status: { - alert_id: 'myfakealertid-8cfac', status_date: '2020-03-27T22:55:59.517Z', status: 'succeeded', last_failure_at: null, @@ -179,7 +178,6 @@ describe.each([ }, 'f4b8e31d-cf93-4bde-a265-298bde885cd7': { current_status: { - alert_id: 'f4b8e31d-cf93-4bde-a265-298bde885cd7', status_date: '2020-03-27T22:55:59.517Z', status: 'succeeded', last_failure_at: null, @@ -193,7 +191,6 @@ describe.each([ }, failures: [ { - alert_id: 'f4b8e31d-cf93-4bde-a265-298bde885cd7', status_date: '2020-03-27T22:55:59.517Z', status: 'failed', last_failure_at: null, @@ -206,7 +203,6 @@ describe.each([ last_look_back_date: null, // NOTE: This is no longer used on the UI, but left here in case users are using it within the API }, { - alert_id: 'f4b8e31d-cf93-4bde-a265-298bde885cd7', status_date: '2020-03-27T22:55:59.517Z', status: 'failed', last_failure_at: null, diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/event_log_adapter/event_log_adapter.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/event_log_adapter/event_log_adapter.ts index 086cc12788a40a4..a3fb50f1f6b0b9c 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/event_log_adapter/event_log_adapter.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/event_log_adapter/event_log_adapter.ts @@ -42,7 +42,7 @@ export class EventLogAdapter implements IRuleExecutionLogClient { } public async update(args: UpdateExecutionLogArgs) { - const { attributes, spaceId, ruleName, ruleType } = args; + const { attributes, spaceId, ruleId, ruleName, ruleType } = args; await this.savedObjectsAdapter.update(args); @@ -51,7 +51,7 @@ export class EventLogAdapter implements IRuleExecutionLogClient { this.eventLogClient.logStatusChange({ ruleName, ruleType, - ruleId: attributes.alertId, + ruleId, newStatus: attributes.status, spaceId, }); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/saved_objects_adapter/rule_status_saved_objects_client.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/saved_objects_adapter/rule_status_saved_objects_client.ts index 720659b72194fc0..66b646e96ea53bb 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/saved_objects_adapter/rule_status_saved_objects_client.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/saved_objects_adapter/rule_status_saved_objects_client.ts @@ -5,27 +5,33 @@ * 2.0. */ -import { get } from 'lodash'; import { - SavedObjectsClientContract, SavedObject, - SavedObjectsUpdateResponse, + SavedObjectsClientContract, + SavedObjectsCreateOptions, SavedObjectsFindOptions, + SavedObjectsFindOptionsReference, SavedObjectsFindResult, -} from '../../../../../../../../src/core/server'; -import { ruleStatusSavedObjectType } from '../../rules/saved_object_mappings'; + SavedObjectsUpdateResponse, +} from 'kibana/server'; +import { get } from 'lodash'; +// eslint-disable-next-line no-restricted-imports +import { legacyRuleStatusSavedObjectType } from '../../rules/legacy_rule_status/legacy_rule_status_saved_object_mappings'; import { IRuleStatusSOAttributes } from '../../rules/types'; -import { buildChunkedOrFilter } from '../../signals/utils'; export interface RuleStatusSavedObjectsClient { find: ( options?: Omit ) => Promise>>; findBulk: (ids: string[], statusesPerId: number) => Promise; - create: (attributes: IRuleStatusSOAttributes) => Promise>; + create: ( + attributes: IRuleStatusSOAttributes, + options: SavedObjectsCreateOptions + ) => Promise>; update: ( id: string, - attributes: Partial + attributes: Partial, + options: SavedObjectsCreateOptions ) => Promise>; delete: (id: string) => Promise<{}>; } @@ -35,7 +41,7 @@ export interface FindBulkResponse { } /** - * @pdeprecated Use RuleExecutionLogClient instead + * @deprecated Use RuleExecutionLogClient instead */ export const ruleStatusSavedObjectsClientFactory = ( savedObjectsClient: SavedObjectsClientContract @@ -43,7 +49,7 @@ export const ruleStatusSavedObjectsClientFactory = ( find: async (options) => { const result = await savedObjectsClient.find({ ...options, - type: ruleStatusSavedObjectType, + type: legacyRuleStatusSavedObjectType, }); return result.saved_objects; }, @@ -51,47 +57,64 @@ export const ruleStatusSavedObjectsClientFactory = ( if (ids.length === 0) { return {}; } - const filter = buildChunkedOrFilter(`${ruleStatusSavedObjectType}.attributes.alertId`, ids); + const references = ids.map((alertId) => ({ + id: alertId, + type: 'alert', + })); const order: 'desc' = 'desc'; const aggs = { - alertIds: { - terms: { - field: `${ruleStatusSavedObjectType}.attributes.alertId`, - size: ids.length, + references: { + nested: { + path: `${legacyRuleStatusSavedObjectType}.references`, }, aggs: { - most_recent_statuses: { - top_hits: { - sort: [ - { - [`${ruleStatusSavedObjectType}.statusDate`]: { - order, + alertIds: { + terms: { + field: `${legacyRuleStatusSavedObjectType}.references.id`, + size: ids.length, + }, + aggs: { + rule_status: { + reverse_nested: {}, + aggs: { + most_recent_statuses: { + top_hits: { + sort: [ + { + [`${legacyRuleStatusSavedObjectType}.statusDate`]: { + order, + }, + }, + ], + size: statusesPerId, + }, }, }, - ], - size: statusesPerId, + }, }, }, }, }, }; const results = await savedObjectsClient.find({ - filter, + hasReference: references, aggs, - type: ruleStatusSavedObjectType, + type: legacyRuleStatusSavedObjectType, perPage: 0, }); - const buckets = get(results, 'aggregations.alertIds.buckets'); + const buckets = get(results, 'aggregations.references.alertIds.buckets'); return buckets.reduce((acc: Record, bucket: unknown) => { const key = get(bucket, 'key'); - const hits = get(bucket, 'most_recent_statuses.hits.hits'); + const hits = get(bucket, 'rule_status.most_recent_statuses.hits.hits'); // eslint-disable-next-line @typescript-eslint/no-explicit-any - const statuses = hits.map((hit: any) => hit._source['siem-detection-engine-rule-status']); - acc[key] = statuses; + acc[key] = hits.map((hit: any) => hit._source[legacyRuleStatusSavedObjectType]); return acc; }, {}); }, - create: (attributes) => savedObjectsClient.create(ruleStatusSavedObjectType, attributes), - update: (id, attributes) => savedObjectsClient.update(ruleStatusSavedObjectType, id, attributes), - delete: (id) => savedObjectsClient.delete(ruleStatusSavedObjectType, id), + create: (attributes, options) => { + return savedObjectsClient.create(legacyRuleStatusSavedObjectType, attributes, options); + }, + update: (id, attributes, options) => + savedObjectsClient.update(legacyRuleStatusSavedObjectType, id, attributes, options), + delete: (id) => savedObjectsClient.delete(legacyRuleStatusSavedObjectType, id), }); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/saved_objects_adapter/saved_objects_adapter.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/saved_objects_adapter/saved_objects_adapter.ts index ca806bd58e3690a..9db7afce62ee4a0 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/saved_objects_adapter/saved_objects_adapter.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/saved_objects_adapter/saved_objects_adapter.ts @@ -5,9 +5,12 @@ * 2.0. */ -import { SavedObject } from 'src/core/server'; +import { SavedObject, SavedObjectReference } from 'src/core/server'; import { SavedObjectsClientContract } from '../../../../../../../../src/core/server'; import { RuleExecutionStatus } from '../../../../../common/detection_engine/schemas/common/schemas'; +// eslint-disable-next-line no-restricted-imports +import { legacyGetRuleReference } from '../../rules/legacy_rule_status/legacy_utils'; + import { IRuleStatusSOAttributes } from '../../rules/types'; import { RuleStatusSavedObjectsClient, @@ -51,7 +54,7 @@ export class SavedObjectsAdapter implements IRuleExecutionLogClient { sortField: 'statusDate', sortOrder: 'desc', search: ruleId, - searchFields: ['alertId'], + searchFields: ['references.id'], }); } @@ -59,8 +62,9 @@ export class SavedObjectsAdapter implements IRuleExecutionLogClient { return this.ruleStatusClient.findBulk(ruleIds, logsCount); } - public async update({ id, attributes }: UpdateExecutionLogArgs) { - await this.ruleStatusClient.update(id, attributes); + public async update({ id, attributes, ruleId }: UpdateExecutionLogArgs) { + const references: SavedObjectReference[] = [legacyGetRuleReference(ruleId)]; + await this.ruleStatusClient.update(id, attributes, { references }); } public async delete(id: string) { @@ -68,31 +72,39 @@ export class SavedObjectsAdapter implements IRuleExecutionLogClient { } public async logExecutionMetrics({ ruleId, metrics }: LogExecutionMetricsArgs) { + const references: SavedObjectReference[] = [legacyGetRuleReference(ruleId)]; const [currentStatus] = await this.getOrCreateRuleStatuses(ruleId); - await this.ruleStatusClient.update(currentStatus.id, { - ...currentStatus.attributes, - ...convertMetricFields(metrics), - }); + await this.ruleStatusClient.update( + currentStatus.id, + { + ...currentStatus.attributes, + ...convertMetricFields(metrics), + }, + { references } + ); } private createNewRuleStatus = async ( ruleId: string ): Promise> => { + const references: SavedObjectReference[] = [legacyGetRuleReference(ruleId)]; const now = new Date().toISOString(); - return this.ruleStatusClient.create({ - alertId: ruleId, - statusDate: now, - status: RuleExecutionStatus['going to run'], - lastFailureAt: null, - lastSuccessAt: null, - lastFailureMessage: null, - lastSuccessMessage: null, - gap: null, - bulkCreateTimeDurations: [], - searchAfterTimeDurations: [], - lastLookBackDate: null, - }); + return this.ruleStatusClient.create( + { + statusDate: now, + status: RuleExecutionStatus['going to run'], + lastFailureAt: null, + lastSuccessAt: null, + lastFailureMessage: null, + lastSuccessMessage: null, + gap: null, + bulkCreateTimeDurations: [], + searchAfterTimeDurations: [], + lastLookBackDate: null, + }, + { references } + ); }; private getOrCreateRuleStatuses = async ( @@ -112,6 +124,8 @@ export class SavedObjectsAdapter implements IRuleExecutionLogClient { }; public async logStatusChange({ newStatus, ruleId, message, metrics }: LogStatusChangeArgs) { + const references: SavedObjectReference[] = [legacyGetRuleReference(ruleId)]; + switch (newStatus) { case RuleExecutionStatus['going to run']: case RuleExecutionStatus.succeeded: @@ -119,10 +133,14 @@ export class SavedObjectsAdapter implements IRuleExecutionLogClient { case RuleExecutionStatus['partial failure']: { const [currentStatus] = await this.getOrCreateRuleStatuses(ruleId); - await this.ruleStatusClient.update(currentStatus.id, { - ...currentStatus.attributes, - ...buildRuleStatusAttributes(newStatus, message, metrics), - }); + await this.ruleStatusClient.update( + currentStatus.id, + { + ...currentStatus.attributes, + ...buildRuleStatusAttributes(newStatus, message, metrics), + }, + { references } + ); return; } @@ -137,8 +155,8 @@ export class SavedObjectsAdapter implements IRuleExecutionLogClient { }; // We always update the newest status, so to 'persist' a failure we push a copy to the head of the list - await this.ruleStatusClient.update(currentStatus.id, failureAttributes); - const lastStatus = await this.ruleStatusClient.create(failureAttributes); + await this.ruleStatusClient.update(currentStatus.id, failureAttributes, { references }); + const lastStatus = await this.ruleStatusClient.create(failureAttributes, { references }); // drop oldest failures const oldStatuses = [lastStatus, ...ruleStatuses].slice(MAX_RULE_STATUSES); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/types.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/types.ts index e38f974ddee2e6d..564145cfc5d1f83 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/types.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rule_execution_log/types.ts @@ -53,6 +53,7 @@ export interface LogStatusChangeArgs { export interface UpdateExecutionLogArgs { id: string; attributes: IRuleStatusSOAttributes; + ruleId: string; ruleName: string; ruleType: string; spaceId: string; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/delete_rules.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/delete_rules.test.ts index f8e1f873377a982..2d82cd7f8732af7 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/delete_rules.test.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/delete_rules.test.ts @@ -26,7 +26,6 @@ describe('deleteRules', () => { type: '', references: [], attributes: { - alertId: 'alertId', statusDate: '', lastFailureAt: null, lastFailureMessage: null, diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/enable_rule.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/enable_rule.ts index 2f3d05e0c958609..b75a1b0d80e9a0e 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/enable_rule.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/enable_rule.ts @@ -44,6 +44,7 @@ export const enableRule = async ({ const currentStatusToDisable = ruleCurrentStatus[0]; await ruleStatusClient.update({ id: currentStatusToDisable.id, + ruleId: rule.id, ruleName: rule.name, ruleType: rule.alertTypeId, attributes: { diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_prepackaged_rules.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_prepackaged_rules.ts index 6fe326a8d85a32e..8116a42f4282735 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_prepackaged_rules.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/get_prepackaged_rules.ts @@ -18,7 +18,7 @@ import { // TODO: convert rules files to TS and add explicit type definitions import { rawRules } from './prepackaged_rules'; -import { RuleAssetSavedObjectsClient } from './rule_asset_saved_objects_client'; +import { RuleAssetSavedObjectsClient } from './rule_asset/rule_asset_saved_objects_client'; import { IRuleAssetSOAttributes } from './types'; import { SavedObjectAttributes } from '../../../../../../../src/core/types'; import { ConfigType } from '../../../config'; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_migrations.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_migrations.ts new file mode 100644 index 000000000000000..92d7487be0cdb6a --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_migrations.ts @@ -0,0 +1,115 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { + SavedObjectMigrationFn, + SavedObjectReference, + SavedObjectSanitizedDoc, + SavedObjectUnsanitizedDoc, +} from 'kibana/server'; +import { isString } from 'lodash/fp'; +import { truncateMessage } from '../../rule_execution_log'; +import { IRuleSavedAttributesSavedObjectAttributes } from '../types'; +// eslint-disable-next-line no-restricted-imports +import { legacyGetRuleReference } from './legacy_utils'; + +export const truncateMessageFields: SavedObjectMigrationFn> = (doc) => { + const { lastFailureMessage, lastSuccessMessage, ...restAttributes } = doc.attributes; + + return { + ...doc, + attributes: { + lastFailureMessage: truncateMessage(lastFailureMessage), + lastSuccessMessage: truncateMessage(lastSuccessMessage), + ...restAttributes, + }, + references: doc.references ?? [], + }; +}; + +/** + * This side-car rule status SO is deprecated and is to be replaced by the RuleExecutionLog on Event-Log and + * additional fields on the Alerting Framework Rule SO. + * + * @deprecated Remove this once we've fully migrated to event-log and no longer require addition status SO (8.x) + */ +export const legacyRuleStatusSavedObjectMigration = { + '7.15.2': truncateMessageFields, + '7.16.0': ( + doc: SavedObjectUnsanitizedDoc + ): SavedObjectSanitizedDoc => { + return legacyMigrateRuleAlertIdSOReferences(doc); + }, +}; + +/** + * This migrates alertId within legacy `siem-detection-engine-rule-status` to saved object references on an upgrade. + * We only migrate alertId if we find these conditions: + * - alertId is a string and not null, undefined, or malformed data. + * - The existing references do not already have a alertId found within it. + * + * Some of these issues could crop up during either user manual errors of modifying things, earlier migration + * issues, etc... so we are safer to check them as possibilities + * + * @deprecated Remove this once we've fully migrated to event-log and no longer require addition status SO (8.x) + * @param doc The document having an alertId to migrate into references + * @returns The document migrated with saved object references + */ +export const legacyMigrateRuleAlertIdSOReferences = ( + doc: SavedObjectUnsanitizedDoc +): SavedObjectSanitizedDoc => { + const { references } = doc; + + // Isolate alertId from the doc + const { alertId, ...attributesWithoutAlertId } = doc.attributes; + const existingReferences = references ?? []; + + if (!isString(alertId)) { + // early return if alertId is not a string as expected + return { ...doc, references: existingReferences }; + } else { + const alertReferences = legacyMigrateAlertId({ + alertId, + existingReferences, + }); + + return { + ...doc, + attributes: { + ...attributesWithoutAlertId.attributes, + }, + references: [...existingReferences, ...alertReferences], + }; + } +}; + +/** + * This is a helper to migrate "alertId" + * + * @deprecated Remove this once we've fully migrated to event-log and no longer require addition status SO (8.x) + * + * @param existingReferences The existing saved object references + * @param alertId The alertId to migrate + * + * @returns The savedObjectReferences migrated + */ +export const legacyMigrateAlertId = ({ + existingReferences, + alertId, +}: { + existingReferences: SavedObjectReference[]; + alertId: string; +}): SavedObjectReference[] => { + const existingReferenceFound = existingReferences.find((reference) => { + return reference.id === alertId && reference.type === 'alert'; + }); + if (existingReferenceFound) { + return []; + } else { + return [legacyGetRuleReference(alertId)]; + } +}; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_rule_status_saved_object_mappings.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_rule_status_saved_object_mappings.ts new file mode 100644 index 000000000000000..3fe3fc06cc7d6f1 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_rule_status_saved_object_mappings.ts @@ -0,0 +1,73 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { SavedObjectsType } from 'kibana/server'; +// eslint-disable-next-line no-restricted-imports +import { legacyRuleStatusSavedObjectMigration } from './legacy_migrations'; + +/** + * This side-car rule status SO is deprecated and is to be replaced by the RuleExecutionLog on Event-Log and + * additional fields on the Alerting Framework Rule SO. + * + * @deprecated Remove this once we've fully migrated to event-log and no longer require addition status SO (8.x) + */ +export const legacyRuleStatusSavedObjectType = 'siem-detection-engine-rule-status'; + +/** + * This side-car rule status SO is deprecated and is to be replaced by the RuleExecutionLog on Event-Log and + * additional fields on the Alerting Framework Rule SO. + * + * @deprecated Remove this once we've fully migrated to event-log and no longer require addition status SO (8.x) + */ +export const ruleStatusSavedObjectMappings: SavedObjectsType['mappings'] = { + properties: { + status: { + type: 'keyword', + }, + statusDate: { + type: 'date', + }, + lastFailureAt: { + type: 'date', + }, + lastSuccessAt: { + type: 'date', + }, + lastFailureMessage: { + type: 'text', + }, + lastSuccessMessage: { + type: 'text', + }, + lastLookBackDate: { + type: 'date', + }, + gap: { + type: 'text', + }, + bulkCreateTimeDurations: { + type: 'float', + }, + searchAfterTimeDurations: { + type: 'float', + }, + }, +}; + +/** + * This side-car rule status SO is deprecated and is to be replaced by the RuleExecutionLog on Event-Log and + * additional fields on the Alerting Framework Rule SO. + * + * @deprecated Remove this once we've fully migrated to event-log and no longer require addition status SO (8.x) + */ +export const legacyRuleStatusType: SavedObjectsType = { + name: legacyRuleStatusSavedObjectType, + hidden: false, + namespaceType: 'single', + mappings: ruleStatusSavedObjectMappings, + migrations: legacyRuleStatusSavedObjectMigration, +}; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_utils.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_utils.ts new file mode 100644 index 000000000000000..62de5ce59123036 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/legacy_rule_status/legacy_utils.ts @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/** + * Given an id this returns a legacy rule reference. + * @param id The id of the alert + * @deprecated Remove this once we've fully migrated to event-log and no longer require addition status SO (8.x) + */ +export const legacyGetRuleReference = (id: string) => ({ + id, + type: 'alert', + name: 'alert_0', +}); diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/rule_asset/rule_asset_saved_object_mappings.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/rule_asset/rule_asset_saved_object_mappings.ts new file mode 100644 index 000000000000000..e2941b503664b60 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/rule_asset/rule_asset_saved_object_mappings.ts @@ -0,0 +1,32 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { SavedObjectsType } from '../../../../../../../../src/core/server'; + +export const ruleAssetSavedObjectType = 'security-rule'; + +export const ruleAssetSavedObjectMappings: SavedObjectsType['mappings'] = { + dynamic: false, + properties: { + name: { + type: 'keyword', + }, + rule_id: { + type: 'keyword', + }, + version: { + type: 'long', + }, + }, +}; + +export const ruleAssetType: SavedObjectsType = { + name: ruleAssetSavedObjectType, + hidden: false, + namespaceType: 'agnostic', + mappings: ruleAssetSavedObjectMappings, +}; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/rule_asset_saved_objects_client.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/rule_asset/rule_asset_saved_objects_client.ts similarity index 88% rename from x-pack/plugins/security_solution/server/lib/detection_engine/rules/rule_asset_saved_objects_client.ts rename to x-pack/plugins/security_solution/server/lib/detection_engine/rules/rule_asset/rule_asset_saved_objects_client.ts index ac0969dfc975d02..c594385dce22b11 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/rule_asset_saved_objects_client.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/rule_asset/rule_asset_saved_objects_client.ts @@ -9,9 +9,9 @@ import { SavedObjectsClientContract, SavedObjectsFindOptions, SavedObjectsFindResponse, -} from '../../../../../../../src/core/server'; -import { ruleAssetSavedObjectType } from '../rules/saved_object_mappings'; -import { IRuleAssetSavedObject } from '../rules/types'; +} from 'kibana/server'; +import { ruleAssetSavedObjectType } from './rule_asset_saved_object_mappings'; +import { IRuleAssetSavedObject } from '../types'; const DEFAULT_PAGE_SIZE = 100; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/saved_object_mappings.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/saved_object_mappings.ts deleted file mode 100644 index d347fccf6b77b9e..000000000000000 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/saved_object_mappings.ts +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { SavedObjectsType, SavedObjectMigrationFn } from 'kibana/server'; -import { truncateMessage } from '../rule_execution_log'; - -export const ruleStatusSavedObjectType = 'siem-detection-engine-rule-status'; - -export const ruleStatusSavedObjectMappings: SavedObjectsType['mappings'] = { - properties: { - alertId: { - type: 'keyword', - }, - status: { - type: 'keyword', - }, - statusDate: { - type: 'date', - }, - lastFailureAt: { - type: 'date', - }, - lastSuccessAt: { - type: 'date', - }, - lastFailureMessage: { - type: 'text', - }, - lastSuccessMessage: { - type: 'text', - }, - lastLookBackDate: { - type: 'date', - }, - gap: { - type: 'text', - }, - bulkCreateTimeDurations: { - type: 'float', - }, - searchAfterTimeDurations: { - type: 'float', - }, - }, -}; - -const truncateMessageFields: SavedObjectMigrationFn> = (doc) => { - const { lastFailureMessage, lastSuccessMessage, ...restAttributes } = doc.attributes; - - return { - ...doc, - attributes: { - lastFailureMessage: truncateMessage(lastFailureMessage), - lastSuccessMessage: truncateMessage(lastSuccessMessage), - ...restAttributes, - }, - references: doc.references ?? [], - }; -}; - -export const type: SavedObjectsType = { - name: ruleStatusSavedObjectType, - hidden: false, - namespaceType: 'single', - mappings: ruleStatusSavedObjectMappings, - migrations: { - '7.15.2': truncateMessageFields, - }, -}; - -export const ruleAssetSavedObjectType = 'security-rule'; - -export const ruleAssetSavedObjectMappings: SavedObjectsType['mappings'] = { - dynamic: false, - properties: { - name: { - type: 'keyword', - }, - rule_id: { - type: 'keyword', - }, - version: { - type: 'long', - }, - }, -}; - -export const ruleAssetType: SavedObjectsType = { - name: ruleAssetSavedObjectType, - hidden: false, - namespaceType: 'agnostic', - mappings: ruleAssetSavedObjectMappings, -}; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/types.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/types.ts index 8adf19a53f92bbe..53a83d61da78dbc 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/rules/types.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/rules/types.ts @@ -111,7 +111,6 @@ export type RuleAlertType = SanitizedAlert; // eslint-disable-next-line @typescript-eslint/no-explicit-any export interface IRuleStatusSOAttributes extends Record { - alertId: string; // created alert id. statusDate: StatusDate; lastFailureAt: LastFailureAt | null | undefined; lastFailureMessage: LastFailureMessage | null | undefined; @@ -125,7 +124,6 @@ export interface IRuleStatusSOAttributes extends Record { } export interface IRuleStatusResponseAttributes { - alert_id: string; // created alert id. status_date: StatusDate; last_failure_at: LastFailureAt | null | undefined; last_failure_message: LastFailureMessage | null | undefined; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/__mocks__/es_results.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/__mocks__/es_results.ts index 207ea497c7e8ef6..078d36a99ad176b 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/__mocks__/es_results.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/__mocks__/es_results.ts @@ -18,7 +18,8 @@ import type { import { SavedObject } from '../../../../../../../../src/core/server'; import { loggingSystemMock } from '../../../../../../../../src/core/server/mocks'; import { IRuleStatusSOAttributes } from '../../rules/types'; -import { ruleStatusSavedObjectType } from '../../rules/saved_object_mappings'; +// eslint-disable-next-line no-restricted-imports +import { legacyRuleStatusSavedObjectType } from '../../rules/legacy_rule_status/legacy_rule_status_saved_object_mappings'; import { getListArrayMock } from '../../../../../common/detection_engine/schemas/types/lists.mock'; import { RulesSchema } from '../../../../../common/detection_engine/schemas/response'; import { RuleParams } from '../../schemas/rule_schemas'; @@ -725,10 +726,9 @@ export const sampleRuleGuid = '04128c15-0d1b-4716-a4c5-46997ac7f3bd'; export const sampleIdGuid = 'e1e08ddc-5e37-49ff-a258-5393aa44435a'; export const exampleRuleStatus: () => SavedObject = () => ({ - type: ruleStatusSavedObjectType, + type: legacyRuleStatusSavedObjectType, id: '042e6d90-7069-11ea-af8b-0f8ae4fa817e', attributes: { - alertId: 'f4b8e31d-cf93-4bde-a265-298bde885cd7', statusDate: '2020-03-27T22:55:59.517Z', status: RuleExecutionStatus.succeeded, lastFailureAt: null, @@ -740,7 +740,13 @@ export const exampleRuleStatus: () => SavedObject = () searchAfterTimeDurations: [], lastLookBackDate: null, }, - references: [], + references: [ + { + id: 'f4b8e31d-cf93-4bde-a265-298bde885cd7', + type: 'alert', + name: 'alert_0', + }, + ], updated_at: '2020-03-27T22:55:59.577Z', version: 'WzgyMiwxXQ==', }); diff --git a/x-pack/plugins/security_solution/server/saved_objects.ts b/x-pack/plugins/security_solution/server/saved_objects.ts index 1523b3ddf4cbfe7..53618d738984be0 100644 --- a/x-pack/plugins/security_solution/server/saved_objects.ts +++ b/x-pack/plugins/security_solution/server/saved_objects.ts @@ -8,10 +8,9 @@ import { CoreSetup } from '../../../../src/core/server'; import { noteType, pinnedEventType, timelineType } from './lib/timeline/saved_object_mappings'; -import { - type as ruleStatusType, - ruleAssetType, -} from './lib/detection_engine/rules/saved_object_mappings'; +// eslint-disable-next-line no-restricted-imports +import { legacyRuleStatusType } from './lib/detection_engine/rules/legacy_rule_status/legacy_rule_status_saved_object_mappings'; +import { ruleAssetType } from './lib/detection_engine/rules/rule_asset/rule_asset_saved_object_mappings'; // eslint-disable-next-line no-restricted-imports import { legacyType as legacyRuleActionsType } from './lib/detection_engine/rule_actions/legacy_saved_object_mappings'; import { type as signalsMigrationType } from './lib/detection_engine/migrations/saved_objects'; @@ -24,7 +23,7 @@ const types = [ noteType, pinnedEventType, legacyRuleActionsType, - ruleStatusType, + legacyRuleStatusType, ruleAssetType, timelineType, exceptionsArtifactType, diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts index 4c0f21df8c0ffee..6d1d64a04cd9309 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts @@ -86,6 +86,33 @@ export default ({ getService }: FtrProviderContext): void => { '7d' ); }); + + it('migrates legacy siem-detection-engine-rule-status to use saved object references', async () => { + const response = await es.get<{ + 'siem-detection-engine-rule-status': { + alertId: string; + }; + references: [{}]; + }>({ + index: '.kibana', + id: 'siem-detection-engine-rule-status:d62d2980-27c4-11ec-92b0-f7b47106bb35', + }); + expect(response.statusCode).to.eql(200); + + // references exist and are expected values + expect(response.body._source?.references).to.eql([ + { + name: 'alert_0', + id: 'fb1046a0-0452-11ec-9b15-d13d79d162f3', + type: 'alert', + }, + ]); + + // alertId no longer exist + expect(response.body._source?.['siem-detection-engine-rule-status'].alertId).to.eql( + undefined + ); + }); }); }); }; diff --git a/x-pack/test/functional/es_archives/security_solution/migrations/data.json b/x-pack/test/functional/es_archives/security_solution/migrations/data.json index 7b8d81135065dc8..97a2596f9dba1c5 100644 --- a/x-pack/test/functional/es_archives/security_solution/migrations/data.json +++ b/x-pack/test/functional/es_archives/security_solution/migrations/data.json @@ -1,4 +1,4 @@ -{ + { "type": "doc", "value": { "id": "siem-detection-engine-rule-actions:fce024a0-0452-11ec-9b15-d13d79d162f3", @@ -29,3 +29,35 @@ } } } + +{ + "type": "doc", + "value": { + "id": "siem-detection-engine-rule-status:d62d2980-27c4-11ec-92b0-f7b47106bb35", + "index": ".kibana_1", + "source": { + "siem-detection-engine-rule-status": { + "alertId": "fb1046a0-0452-11ec-9b15-d13d79d162f3", + "statusDate": "2021-10-11T20:51:26.622Z", + "status": "succeeded", + "lastFailureAt": "2021-10-11T18:10:08.982Z", + "lastSuccessAt": "2021-10-11T20:51:26.622Z", + "lastFailureMessage": "4 days (323690920ms) were not queried between this rule execution and the last execution, so signals may have been missed. Consider increasing your look behind time or adding more Kibana instances. name: \"Threshy\" id: \"fb1046a0-0452-11ec-9b15-d13d79d162f3\" rule id: \"b789c80f-f6d8-41f1-8b4f-b4a23342cde2\" signals index: \".siem-signals-spong-default\"", + "lastSuccessMessage": "succeeded", + "gap": "4 days", + "bulkCreateTimeDurations": [ + "34.49" + ], + "searchAfterTimeDurations": [ + "62.58" + ], + "lastLookBackDate": null + }, + "type": "siem-detection-engine-rule-status", + "references": [], + "coreMigrationVersion": "7.14.0", + "updated_at": "2021-10-11T20:51:26.657Z" + } + } +} + From c80b96c5c1d4dcc16db9978e5ea1f9afa2c2a88d Mon Sep 17 00:00:00 2001 From: Sergi Massaneda Date: Mon, 18 Oct 2021 14:50:03 +0200 Subject: [PATCH 22/50] [Cases] ServiceNow connectors UI changes (#114234) * POC * Before and after saving connector callbacks * Draft callbacks on SN * Migrate legacy connectors * Add deprecated connector * Fix callbacks types * Pass isEdit to connector forms * Get application info hook * Validate instance on save * Support both legacy and new app * Seperate SIR * Log application version & and throw otherwise * Deprecated tooltip cases * Deprecated tooltip alerts * Improve message * Improve translation * Change to elastic table & fix types * Add callbacks to add modal * Pass new props to tests * Change health api url to production * Better installation message * Migrate connectors functionality * Change migration version to 7.16 * Fix bug * Improve message * Use feature flag * Create credentials component * Add form to migration modal * Improve installation callout * Improve deprecated callout * Improve modal * Improve application required modal * Improve SN form * Support both connectors * Support correlation attributes * Use same component for SIR * Prevent using legacy connectors when creating a case * Add observables * Unique observables * Push only if there are observables * Change labels to plural * Pass correlation ID and value * Show errors on the callout * Improve alerts tooltip * Improve cases tooltip * Warning callout on cases configuration page * Fix tooltip content * Add help text * Change from string to array * Fix i18n * Fix spelling * Update incidents for ITSM * Update incidents for SIR * Fix types * Fix backend tests * Fix frontend tests * Add service tests * Fix i18n * Fix cypress test * Improve ServiceNow intergration tests * Fix cases integration tests * Fix triggers actions ui end to end test * Fix tests * Rename modal * Show error message on modal * Create useOldConnector helper * Show the update incident toggle only on new connectors * Add observables for old connectors * Fix error when obs are empty * Enable SIR for alerts * Fix types * Improve combineObservables * Add test for the sir api * Add test for the sir service * Add documentation * PR feedback * Improve cases deprecated callouts * Improve observables format * Add integration tests for SIR * Fix doc error * Add config tests * Add getIncident tests * Add util tests * Add migration tests * Add tests for connectors and improve callouts * Add more tests * Add more UI tests * update connector modal to flyout * PR feedback * Test CI * restore auth callout * edit connector form spacing * Improve integration tests * Add 8 pixels to the left of the connector icon * update switch to checkboxes * case detail ui * Seperate ServiceNow integration tests * Remove observables fields * Add correlation values * Fix merge * add deprecated text in the dropdown * update card icon to the right * new update connetor test and other tests fixes * PR feedback * Remove observables from docs * Remove unused translations * Using eui theme for styling * Content feeback * Add more unit tests * Fix i18n * Fix types * Fixes * Fixes * test properly * fix duplicated translation * Simplify tooltip * Writing feedback Co-authored-by: Christos Nasikas Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Jonathan Buttner --- .../action-types/servicenow-sir.asciidoc | 6 +- .../action-types/servicenow.asciidoc | 2 + .../images/servicenow-sir-params-test.png | Bin 46762 -> 194080 bytes .../public/doc_links/doc_links_service.ts | 1 + .../configure_cases/connectors.test.tsx | 8 +- .../connectors_dropdown.test.tsx | 12 +- .../configure_cases/connectors_dropdown.tsx | 16 +- .../configure_cases/translations.ts | 8 +- .../public/components/connectors/card.tsx | 26 +- .../connectors/deprecated_callout.test.tsx | 8 +- .../connectors/deprecated_callout.tsx | 5 +- .../servicenow_itsm_case_fields.tsx | 2 +- .../servicenow/servicenow_sir_case_fields.tsx | 2 +- .../translations/translations/ja-JP.json | 4 - .../translations/translations/zh-CN.json | 4 - .../application_required_callout.tsx | 2 +- .../builtin_action_types/servicenow/config.ts | 9 - .../servicenow/credentials.tsx | 161 +------- .../servicenow/credentials_api_url.tsx | 89 +++++ .../servicenow/credentials_auth.tsx | 110 ++++++ .../servicenow/deprecated_callout.test.tsx | 2 +- .../servicenow/deprecated_callout.tsx | 24 +- .../servicenow/helpers.ts | 2 + .../servicenow/installation_callout.test.tsx | 2 +- .../servicenow/servicenow_connectors.test.tsx | 353 +++++++++++++++--- .../servicenow/servicenow_connectors.tsx | 64 ++-- .../servicenow_itsm_params.test.tsx | 33 +- .../servicenow/servicenow_itsm_params.tsx | 82 ++-- .../servicenow/servicenow_sir_params.test.tsx | 41 +- .../servicenow/servicenow_sir_params.tsx | 128 +++---- .../servicenow/sn_store_button.test.tsx | 30 +- .../servicenow/sn_store_button.tsx | 12 +- .../servicenow/translations.ts | 93 +---- .../servicenow/update_connector.test.tsx | 181 +++++++++ .../servicenow/update_connector.tsx | 208 +++++++++++ .../servicenow/update_connector_modal.tsx | 156 -------- .../components/actions_connectors_list.tsx | 47 ++- 37 files changed, 1245 insertions(+), 688 deletions(-) delete mode 100644 x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/config.ts create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/credentials_api_url.tsx create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/credentials_auth.tsx create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/update_connector.test.tsx create mode 100644 x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/update_connector.tsx delete mode 100644 x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/update_connector_modal.tsx diff --git a/docs/management/connectors/action-types/servicenow-sir.asciidoc b/docs/management/connectors/action-types/servicenow-sir.asciidoc index 4556746284d5bd1..2fa49fe552c2ebb 100644 --- a/docs/management/connectors/action-types/servicenow-sir.asciidoc +++ b/docs/management/connectors/action-types/servicenow-sir.asciidoc @@ -72,13 +72,11 @@ image::management/connectors/images/servicenow-sir-params-test.png[ServiceNow Se ServiceNow SecOps actions have the following configuration properties. Short description:: A short description for the incident, used for searching the contents of the knowledge base. -Source Ips:: A list of source IPs related to the incident. The IPs will be added as observables to the security incident. -Destination Ips:: A list of destination IPs related to the incident. The IPs will be added as observables to the security incident. -Malware URLs:: A list of malware URLs related to the incident. The URLs will be added as observables to the security incident. -Malware Hashes:: A list of malware hashes related to the incident. The hashes will be added as observables to the security incident. Priority:: The priority of the incident. Category:: The category of the incident. Subcategory:: The subcategory of the incident. +Correlation ID:: All actions sharing this ID will be associated with the same ServiceNow security incident. If an incident exists in ServiceNow with the same correlation ID the security incident will be updated. Default value: `:`. +Correlation Display:: A descriptive label of the alert for correlation purposes in ServiceNow. Description:: The details about the incident. Additional comments:: Additional information for the client, such as how to troubleshoot the issue. diff --git a/docs/management/connectors/action-types/servicenow.asciidoc b/docs/management/connectors/action-types/servicenow.asciidoc index cf5244a9e3f9e19..f7c3187f3f024c1 100644 --- a/docs/management/connectors/action-types/servicenow.asciidoc +++ b/docs/management/connectors/action-types/servicenow.asciidoc @@ -76,6 +76,8 @@ Severity:: The severity of the incident. Impact:: The effect an incident has on business. Can be measured by the number of affected users or by how critical it is to the business in question. Category:: The category of the incident. Subcategory:: The category of the incident. +Correlation ID:: All actions sharing this ID will be associated with the same ServiceNow incident. If an incident exists in ServiceNow with the same correlation ID the incident will be updated. Default value: `:`. +Correlation Display:: A descriptive label of the alert for correlation purposes in ServiceNow. Short description:: A short description for the incident, used for searching the contents of the knowledge base. Description:: The details about the incident. Additional comments:: Additional information for the client, such as how to troubleshoot the issue. diff --git a/docs/management/connectors/images/servicenow-sir-params-test.png b/docs/management/connectors/images/servicenow-sir-params-test.png index 80103a4272bfacd0a6ccb23bb138b98efe327f51..a2bf8761a88240ff2ac77f2a342d14d2bba4119a 100644 GIT binary patch literal 194080 zcmeFZWmFu&x;9Eka18_q?hu^dF2RDkTL>=05ZnpDLxMAeAOi$LlB0^0?4hx+G9RUFWOa8UA1_A;y83F?8 z94az!#c?B-7y$u&#a2p6OIBSX;R;r>h2%gtMl5v2EIJx?RK&D;b^R^yDPFey3k-pP{ZqF5@F)USe3QFde@CdjF68X zzGzXQB+_&KG*=-8@#!ArS~VI4`C7s|*`jE;v|J@F9}*cLTS9ReVrZAV=8?4N z+J|!@h3@3koV(4R*Wmtv1l0{rIYN0Vv?%FnK4*U%F2WFI{RA#X-?)(GcX#gy`-03F zl36V2Rk)(pC<_--1Q{LTG(!R%EXjz4z2h#&-sj6hSU+lQC?uADi64qpT2Hk8{sM+5 zW=Jfqi%ZVmFW5OF7|%K!j-Ga8#stIj%C7WpebEPI24_^Bvu>MS5mYAnSbo@gW4WJN zaCJ$up`~QoT**hVEdFMIQFfaHa>?Wp!A+ZRdp$&zWBe6AXMshEVx*wu=>WIVX0Wsp z7wTil_tCl;(cW)?5YDT~H+YGVfBwknhD?{eKe;@! z*PpY`P!dZm5StT$p&f4qQEmlYB#;9Yftrd;I_OC`f>R)Z1$80^@?Zx^3=Vn+Vfo{P z4}L2M0*FyTni<%skCWPYoiG-VU@I@T5L;FVo+DDWqdt)o2**^XBJacH3UZ*53xDJ# z^+@gcGc->4(D}Xf;>ar^0iEo6M)YZFUaDnHG;TYDmqIKPUZ!68br!H`|QR{OD!(7pX5KL)uEhxkSg0BD=@R3HA6L zIQbr>L>Y%JhA#${^zgkktPq_sBg4)Ms_O7s?R-a;ikTEWA0iyu6mH*j`b%t8`ykX) z&X-E;DMx2nH_=-3FOHS@1HX%>AA~wStw^FW9-u0srJ$jpVFe2Zn{=Y82iZuT(8%JC zN7#qce`o%s{R{t>FaZI9Ie|xF1M{oINoIOxMy=8!*CJmA+qhzRRt-FPl{sl4B|AD% zx)$2_{tXLLXBvIkCFxQsQwDL`0F9jdxq?btMQQWbn;g6@Y#_~)@S}Kix}sb#{BWycEgt9 zM|1J4l%%@S3s&@`$|&a;=fp9^ZVk442Rosf81K}%SL9=36V6i~Ck?W+bKOjeB15y1 z$7iaQ=B(zJ3{YT$JU6yOw%4|#x!TJ1DQD_FjkRTbrcDw}22IBBNNi(92}UXFB9*ie zP2=j)nmwb%?nWQCvK?%dJeBj*ku(#|n~4)S@AC8-lk6p~mdD<8r=h1M)1l{9h*fD;!&a2TY(r~9(<#%* z=Y}?hksU&F@8{2mtQx+K5_Sb zN`YbJykngTa^lmDnZEkHsCVZsrtAJAH&tOpVMA*Py_D&->BQ-BqHt^dpozMErAkcwdx&Fp)6-TgTZ2 zqFC(MLE4mWFVr!$x@6zD5P;dD$Mv`(mOvngYr z`B?jy{xWS>bb237ano`DhhV9Yx`Qrs+F9!LZA|ry1R7(T4mWVH#S^YGW)d0;EUR`m zS`5n#r45B@uN*`*vegp|C#pbawR5l&7}EUmzFz&BY=z5VYufj;qcmfBGy2meB@fUn zuL1K55XUh~(NamBPuE_wkEhSv+0|ajTwYt5({d7Jh`87cWp!KaLUZ#4!kNTKAQ6f= z4&UAPi-KP(1)H%5t@d z(h(ScGn%9;iOs%aKG7Pt?b$Ab4*M?|OBFEXhu9@eVNas%H16Q<7>)*~+S(mB$bFtj483DISG{<;IzI%E8%jsMFy9156ob=of1Rfa$|hngjG^yz)^i!ZQQsS zus`Q_c4G*0nKKlAD@5VS;N~v6BDxju+oTdEvww61uE2$N^wZS_U+Qq_@ZiGRtS zGfZe1w(JM@nmFziT}an$lMf(;4f{y?t1np3=>FWF32>xxTG<=);_xwzF#U|VaaVc> z-AO>N6$+gO0|ILz|X+^t>a!E7cIx|+|}?^YsyNoPrj@d*~i;`);*gW9Pdo8 zWC^2x$tt!Q_<=46uV4{0ikY}Bbg75x2qCNjyaey-!eTE49wDG}N#SlP4^6KjD*NJp z!oN@zc^MQP$%3FAPD1)w?=wQG1mw~VVZ!&(bJEBxzej(5XB*w&*%rpHNweZ{8NU@{ zdbWS^sGS$#Ks!tA(;xL0trXH9{ZJ*$&%PUpGa&cz_lRJ<*XO&E*vmt?rN-yJGxfgC zLpCQ62nyH{e>5mVsY-IVYy&{vkCuA!R?5l<%)mJ+!jnfN2uQ%$Bj6+Ui1a_tWgopj zc>Is+hzJN_wg^xD^^6K|y#I>Nh@n$aQHeNPSP5xJ%l<1l@Jp1&#?{qHh=aq!!-L&}n;q_R@i-U`c4S0gh#mmvv%#+R0h4!DB{6{|0mM-Sbwob0LU`ML^e9hj1-CRX!XzpM1 zpMU=>r=_Ruzu)BO@~>(E738?T!|{@xljA@029k>0Ulmfb^|W-*m$n4~Z3etUjEjqp zPvjp7{;ymAe&v5js`u}tFM0WR{%g|za_he*)poITmI8x-m%57m+hG4n{9kYWE1?L- zeck^{Tl}-3|8W&)X)$yWj{mfp762oebL(vn)9kNzxre3_V_=sBb`78*-hN}-YQ<`_#+h&9PM$Nr%4B!^!H_Ze=s z2NODKB$aXkjrY@-#uMfiHYb-4+$vUFRaHZO%7u@IkBt}s!}edMI^Fd(^+%j383rRg zdV(u~@RzRx2`ZAnAQW%1j|hmURPP`DYD5Tp%#Zl@`>39*5-Te&sj>c+!F|qwkIx^@ z{hzP>-z@&!c>miL|NmRGD>4`xQZ8AeUjD{kwBCtca%Dv!%2*4F1vOWMDTdQ>W0NIUQ<4m`g6T`DJ3d!Cu-zm8yu zXN0J#TL)QYLBFV-!aMoVlA`|l?0aFvyuV5f&- zeGF}<{m*Ds4|+s~^huMYOEp5xJE&xvz--p2nZ~4W&?iOviY+ zr212Vi)}2ay1&nrP7H5Ih4O{cn`hq$q67xXd@%j{#EK~0?mmJ%X-Ob(Z|*xkbwtE4 zqQo_Uzo*E`cn_M%_<&rK&!sAbf*AI~liR8P??!D7fA2R_Zr6<{>aaD_kkp&`IIt`7 z6Kd~&Z^3^X7q|P#P$#k?(S+E2{wR?QZGX@GqTqc|dB>RLKcA%gpPtNoFKiZ+GoK!e z{REp(#{cQxT@82OK`<7iw9RHqV&%=#-$Z}y>yO0oJY#{^-w>gZqmr?DU(@`%7XR&R zMGnypZwnX}uhrD-fPo}g?_)(N6g-I>C{-UJ_&2Wy45vPhgTwHbM=68?!359hcOur= z(6p`RCeTU?(F21NDct}5%J)G3eS*FBLLKGr6?kHVjw?|A+l=w=T@SUM7I2zTcy531 za1!k~2>+if45JaEZkb6utz6VVmGvl{btzdKjn|PAxvJ&g`hQ?Pqr?jCX%DN0>EUlC z=-`(Me9Y;YJP(}h*>5SCpRoRx?$I3{mD9nY=k0z#nB_5~#6;YFwG*sRktNeSw}(T@ zH&9{Tt2|$}TsDX;`p^hlAfR$`(j8Ddy%u!Z8uxh5YE=DQtI+?Zk;}GIFU-&G?Y1lNC#Y3r zNwv98xy3-j&)RUeCt2AD=iUiqeC#9-bYv>c-uXu-AO9&XX!Zd&mugfz~=C+OpaRShpSe_B=-Ke z9F`NeQ(X6xFYj`D^E(NLQxw$HV%+ZR%hu1XQpf^s+@x#4%ha13sYx+0F3zi+ND)LF z>F!Gtaa@)PH;sc3CboBLJvAnBp1SE`e$0S%AU7!3JDcjz^hWp7uXKv(N@Kaow6-6{ zUI$)ZW=luB#RHnW?yJZ8V!qj9`O=yaLf(ztwq>fen_5*BsNgp!zhCG{9HWP0f0}UK zGZq7BJO-t$qts|haYDC!F|VVEOp~c%{cP_V=BcB#Ue!Ji`>BBf&Aij&?vKQZZFSBY zL)4c`eJozpqYf=w&gXlgv*qvN^IcLWH!#uA1X-e`r0#ez@!X;cwVCCAeUC6bd3N>A zuG#(1OwOIK`gylLthL_xw2)5mtCmKd3cc-Eb}UzpqI}1POL|}wsEn>h`rO>!z$?96 z%E?6CmF}|j`(|C7&qv5_mX)tgY)^fPT$4586sz8O=(qajxI;}`^C?8VdA!<`St9Tm zqeOf!)FAA}?7|+fSbRoR1x#40a*|jYCIwIXHsb^tN%lkTqP^@N7Ek41aZYpjzjs;%fbe%!H$*k6&PZM^F!9hM7_b5PVz#`#$Swv_x zD-527jEbi`vuY`4&d-n%eFhb^E*+2g-ugLLnMD51-;d6AOc&-MxTu5E*Ot~M(R#UI zc(d9x{_$?F?+bNMwarhhuY9(whiknq`iqI@JBfoQ85WlxwYjd>V%d9*kXSSsK2LW> z{Zbjt+e`LELQmP__$E4JA`nn&)Z}h_bw-+xf|yHi$L26q9N{Zq^XAJ<6-Ww+9+;fn zyaQ&Zw0CRlCSy!Qo8+VZ%)&ex7IfBl13F$Mb6ckyuI0Q+a|g}8hP&@84t;q^J{Q&J zW2`(@daKN#SKeoq)!iDhasIGn{ud@OMPMSA|* z1}5c{nu$)qUbSEF)8&3rFVi}~584k5&p?T%_Y>snwomP=9YH8#dHV?Z4Libh-bEX6 zdev{zmA(kb)II_8idy|^2JaHn#c8M2T*;tdKHnKvohmg3*ZX_$B@A1@R(&U#6T6B_ zZ#&zxcimMe7aHv(L|;Hf?L+S;L0ewkC1xizu!OIW-KX(2n8!?1>`iMqVpzpD@kCkW zuY*9Zf#L8j>U0dG3UV)^Kba7nsnFD|qbQt*I$YQP96M;aI_u7zPyeL5x6oj*vl&ls zjcwlkR6Q_=k%8A+)o_A0hi(-nHuHxFbpxfKOQIGF7YA)z%-ALRdOH$)?a6(Z4N9kPc;&h2UZnPhy^*_7Y^ zMl(lY-D&1@mp|LHpUcGS0JL1s7}!n#7lfsU-2y!=B{7b>T$O! z*JU(?HmXu}NjE`C4_eyC-4H?E5!vDRH5qhW4q;AY>7O=L_PE&d2bzD!py$)A^j97} zv90L*c1a}Wuse~hgCFoS*t|yTTY_;xM2D6mI~OE6r5Fi+ao4_eztWK^`(D2BOa3MB zygKytVy&_2RBzO!774$%D!4P{{AxIbKS!ydZlTe7p`|Vqo0t`}42JzMMnpluLw^XP zF5m)~<8gnAwhbgALrWzuS<2f z*1&gpO$WO#W!`uKGqw2?Kk^1+CTsi3TLD-y=!J=yXzY-$O1eIjHZ6no^A5396`CF= z2d8NBCVe}92DMy4p=|WsYH{h+Q3oUG5qjJr8jHr1>VNx6r;za4ak+tZIp8knTJWoUbaz_pFIj z0DuxI6J(G2pNlwfUm*4ata?`G5Z~EHdZOaEhW4&u6w$}&y_F>&Tn8_vR6~(vL4B<@slHDGhyxu zjjk@UTGTo3Is>KLJGLpVnqS*3rMJe7S4t3c;#}plEM>ym+}qHPSH3eR9M%JvFnpy_ z2yGaS;LzrZ<4VTT0P~5}Bl%>moQ3+s=-YzISW296#xxH%l{4!9wm!Q5d66fPfJRox z>w8Na8;x=j-vY#x0i&>XG8-c2Z;%tFMOO>NdoNs^0sKbZ`pr#y9KA$N6be;mu!Rh!^@#|{7Up*f= z9)~d~8xBlCYXw`FPpRBi-nU{02(~#co{yDES?Bc@kgKyf>D73DcHJ9Ww1rNj;C~Y% zXL@N)LWviaD#`-ZF5EbwuDxLlygI#;*x=CneIjByoXRj+sPk^7?cI3v)st~-;afH} zFj+o7jzdy8A_@W5(Da5yc>sL9m$Gi_*n6hdvdN_SwV8f}Zv`m!R`>K0{TUx%i!Y)- zbR|`H&*z&`mpjCi)NwWxALlOj|!~8+T~Y5f&-G{4O7CvT(cd*qSYT;KCF)huI5HAlNdiGn8PEP!Rx0 zWTn=>8NaPZ+L{U_7@~`%aH%i(+7F2$Z3&68MP5Y0%ALZ%hwDPurcB8S)g4W-cQ>3PdhP$027=@5h+62Tpws{`m zPPMY>&JTaBgRpfNDi`I4<+Z^UVF$WPkb#}D@8T4P1(xFn^9ANU#3vocD+(==859G; zDK8BCNNlI3M<}lwud1UPdxGHS2AjxgM5_aaFw;7#8~`5iR^?dl`&U}@b5$8P23-|- z%+nY1lTAo>+R=cj)-Mk6ukzjxofUA+tKt^G9;09@d^Xt6*A9~jc_ChGx`vB6t3#I2 zlE?*K@|~yIZEW0R!&&blDFe`Nf9Iu3N$*@)ePiAb1Ht)k6Ayyy{M{?h3tZd9!jK#K zo%v`A(YWTzC0B3L!a9u!GNM{Vy}+&ym&>nbxpF`_X5 zOkcN`hbE`BJ)L%M$uF5bbKLYy6_d0b7n_QbmM6{%)^CpX`|A5OYxv3e^n#w8G6dQ6 zR_51EyhWqNc3gZryM9Wl@$Kyoy)>WU zo%Jj+Gjn}l=CukK1`Dd(I8KSBO*UJS&eL>V^{)jGGelvtIC1*4JI=q+hM9X!~UAuOcR+z(ajqf&4>`8c`}_g!e72DHGr zHdWAV=m6~nfIU9%Xj}FqnF`o{d;kd`1R@ZI11)}49lIVcR|{syKk7aF)?aGgw%euO zW@CASuV5#I^ia~7jjGFwV#?zxURFKyr|zv5>jY^t=hdi3yl!!;j=k* zZ8kCvniW$;42urMOe(V;erc~WkjO@R+{U|XEl5@DwBCMeN+)yl8?y6@+3ESwPb%B# zDK9-sP%y#&4WSSM-{Xgm1qP9@4dy|#oScq22+$h*)$#0I_^N*{S(F=3SVJZ@AroUo z-rS-VYJnl>9R8wC5;&9-zPLNeD2mC2MV(%!5xxA!DTo-JJPrp_5@#-YPB?8ZFwI2F%`6=`u8=9S@5T^LU1D zd)<%f58LGsJo-Vww5E3ds3*EO8zAvh3-^)ZO^(;AS@gs1+m@?XWVh$N{_?2;72{_{ zej9ya003vquX{%Gw!$x^bJDXwzIf7NYRO0hjm#+di}DdDVA1UJc{J(tE`Fq86tH9; zN*2{*Zqfd!k@#@@wHVPKUm*X@ihA60Z@^c+%{MKMtBJRhX<2&!aO>!Lep~H%50}dZ5bp5}w$)Z`JGB4NAK$h)A}#czIP z+ll8ni$_eEbm5J72bkO)wnTdmW_Gho+%HBS$GuRe$%8L0W_BW<;?6ttL-(=t>)aD( z*`@S9e+3T)291hiSj}XD^2;;j&P%7>24ImHg|JVJw5=!l+R3kz9jw+iLYdWe!G;XGPZ3%@b@Lbe)H4+ey6w zOf#32ImIr#FCL%fN@aN-mQV*XS7Fi2oord&q{gi)BhT|wHVf)k3)LC;5(pFB|Cx|@G~Lu;NlyO-8`}#LKYREsiGb_&oRm)K)ySOcd?FCjQ`|EW z1Vwh%nB+Lq7Z{#jZca77G+7mFU<{P1+iN+IFB~2@ADORNKOP-oEUTTkgYU0t)HWZM za14r_+KZzABtr@I?nCfk4_!LBef69Aw^K1Uo7q=TaL1UWq8F@C`=o(rLIlgY%rwqb zUUNHMmT_#u1>k-DOfkf>1DI}CdThs&*Q0Cc2IWMRNuME0XPw#g^*6t+#S|C*eD}#; zMeWqZZ9ArIjy1o1X!nmJxi0r_;OF#)QPWCiA{-xqF#wydqt{LMRe^Ku?sCY8hP&6^ z$5q_-FS}hmLQl5oT{e`iS^*f5qklYg)i@h~O@6H$$KW^VkYwV1bA{EPvag&6hlyLR zl?8V7smcx#jkof+sX?VQpfX22zqUP%TYdGh@7%thXdJcPHg@Ux;0gF1Z9h-G>UJG> zS?^0X{!r(@xoFL_P`@o_JK30KIlel58?W~S8(aF>L*z$2HGrg0_^kle1M=YC0GkV~?hFSyTMqVJgEs|WMMWs%SR@ni5o^6$y%d7p zO3YftzpB$RDX|E7JL;;sCtEV3DgyAkOdq4@#tY7S3%j`1i4-4Ry?G<9?qVijC`QgJ zD+aZrK>Tt8KcI8EIGaZr3s`w$okU}X6wYQ?m#Cb=mqGzPJHrYLVj>86$jD}>xB|hC ze!~_^DVTj+#3HG)x%sy7n4gVx8h>gZB}gm|yy3rF{j~@MfQas~HTKgf6vA6Uw_^aX+ieA= z?fz|U>*D!Z7GiFTn34`sdLS@Y+kJJl)*GGU(4fE`z1U!0v|3MeSj&T(%=lT%ZKpbc z)p*Id0K09c>~hldRM-&0YRsURR2l<#N5we0h|^2KiLyEN++oc(@XO*cOBSJ)(aE5T zn>JXi=ix8G)SbOWpE<^lOK})P>_UGuk?f8Vzid7l zUIE;fc!uJUxxt}CYvtZILiv`f~c@!bS$ z)`?Gt1)(T}oq=GHT`eV7-xz4!YxBbfBZ-EIcpIuL)p5ex(s|`VF>huxejnK1C4Xar z`cZ%D{p6Bw&6KZK(LD4;Y?4#w9*$y@Hw}b-PGOxS^M{}B(k?c-b0xs-fu5%iEH`HB zz-^gr5Uf+GyWO%}#eru`tTI!}tK6j{~~}ZZp5>5vcSqky+D)%St&AY}lR$XMjAgcA2S2PC5{nV#J|z ziV!8}f>DUV@=)5Q>llm*WC9Uws#W~-{ADqy0OfF}v;*okF@u!#dE#xB_lz zl5h^}ZOw%NxTlnI^4sLjaoAvcrXa<(3DRjdXT-NY0D;WBdpo#2PF?BQuaO5f%Qv5( zTM$PA$8G)mX883-0NVd!qsnNlyg8F6I3>CQf}wFG;-KTHb;J2XtCb&B9^yb4Ex87y z%i>}+nxFvIcGd3Q7CR+6-r?A6slmLoiK(`q@5yWcg0lTTR%yuwOsm^x7jSOL1cF1w zVv+ZGA>~WeXwlm%l8>{^QFYC+Y87iuZj)jZMm0r}l!Y8`e)Q(<^jBZgZVUA2 z{OmrLy&_fJ-;u_azO<`bYLciicTMQAx8UZEUN;Co+h!7N^x!Q~U3oL`>LL0~;yFNR znIU-j)RjF(al5hWH0M2h=Lu=tZ)N*gqdLlJ+_-SU2}Z`=2?URClvn^UNaayWL%m!j zrkjomkiO^Cr0GaBv9L+5|4UJkFyfs;)nnhbTVeTFk%r6#cd6l!pE>rb_ncs@fYC0& zKvFyq@y}OvcW}>WL%}W_1v=fS?oBC!IDb_In>+@v(L_sTCxR|M!#rHSmXs%-u`3i4A{~LJ|1tH}8&4LC?1w6JVL^N5jbH`;o*RLU z8*E9D4~$*QvwOBbL_B`aC9&_~|BWkuj}KIYk@Kmx2oM4wKIjND0k`T`F>vj~M;q7r z0C3{c{TA`23_dK@pT!UZ8*BL1oF|&C9oeYj)?zhCq{*n5Hdlk$BzEcgX`CNrqU#vo zI7oNq!6M!#uc3oxe=Z_a?y^M9Low&(k&4o8C)@l|N^8N3jr2vjWwH8In*%@1dyTXS zc;#eUJeFfMaun)|t!p*?NNoDYEa!rImW5zRLMqBC3t3*8wrXwZ*@{V1#Y|Gkj7v#1 z{e>9MSnX^^-Pa}}Xz^HdSnXrI+tW5r5vM@#M02^@7{CM05*gMRhtTer`2pCs*lk#6 z;u@*#wow)O#0yw1S!rWh+LeY*l^DGK$|D)-?7;`{u#s%ftGr*8AF}}y0{SdYy zVP(Tz&s`JU_|F^@3^TXxx3BEytymgdHsc^{Uv2NK>>GW@f#t{KPR;s{OmWtf&}I6_ z4aNSrZY;|Ood8t^Kzbn_h@oO(CAw^mD8BB~_d2OFoUi>5NklfZG&M z-5aEv1{VV;yD^@d*eS9!Cag+(2Vc2BGbgUv;BMg(!z-GD?jyg`-L0Q`W_wO#(t4Z~ zF`KumAN%KOgZd1_(BE_QGSdSh#zQ@dHOX8u=(~QIJ)`5@r00!Xf<=2J7;`OdhacQ2 zyT_D2XylFUl~Ku;+*Cf~@ThQq0@K1%HYNB&80??do&fSiDFjR|W9f$|!hc+&$^uvo z8iOxq4-f?ZTEL?sJVFdZcy7@c{#R*~gfs@OfOIt{?0*ntAppgF#M$Ti^nro@&*BA! z6H+;a+nCMC{k^yd_ZEH=vrY3iodN>lQ#L@7@w2n~e^7lP01)*_JJq<%12Kw!6_3W? zeLHnlh%M#ci;Dm-38?QSb0hz50qJVM0@4`c|AYSP5fxBegdioNzgr;O2CzUlVXoib zi;E}$6c+(Gnf>nqp#SYK50DJ^L+gJ#%)=e{e>=?o8#+vQR?zj%HD zy~QR*WfJ}bfRAlS#aJzV*yQgep5Y$A{~=&F>Izk!yW_hT%B=tHkH0Fn7)jN4wiwM7 zmu5F@E&d)!#DR`EeXO_uEC7M{ktQI-S#uhumBWk&oVWZxV`^=N=h5WH1w4)?>24_m z(};DBi*XBO>-<_*OrG)g$~Lv0P;12F0Q6Y4Fm|7bJ~-GC@~a`vdjc8dVNddY6Vabs z0Fa4EhhoF^0QJJI1~UMIxXx3`zJ2fdJ($FyxLrw*cD4;@HRKzsZRx?S{8)aaYOSe5 zDZ+zlg!!b*j$>mo(j7j>6P7lZG&DkKX;S*Q>!lPZrRKj@3pU$q02;*TF{#GFp$ z`RyHx^pYPgxL}c^(xP9YhX!>`MP z4eB0y(Sxp7L-*=z7d1k0;C*WD0IujaEf1%jnXM4jyE976q#>n1yU<*TY3sELl1cnf zVBvZ^{Wo;9GK%O=Ebz~$@9m$E9?-yVG>!AcI@2vZQ?iLtKSuq!Ta>N>29@Wu^oj{F zDg5C3W#*~h{gQ=V5z-$^D|b37t6iX>k3sYHc@)M3mIoq=rOWTFm-^K<6(XJ&YCEmR zQO}sQIMw=TikAU&BCFW-U_ZMsYTri;Gd;Uy-fy07f5Zg@G{(+u_~Q8Y?SWuNSzo49 zK%X@hhQS>L2jJcW&S~Tli{F zF?^aN4r55Re7pi6>dJB5*3igxwH>cRy^lBCv+#=eSKxC;<7ze9%GWzs5nN| zS0&2N*p2iGb&K9E))uFV2S^ff=raf0dg(dZQUD@8!vtMz*yr$jHGt0}wa5 zcA?hQ)iqM&@BOyB+CA0MOZUBrjz*AvvViT!eEBbIinoB)P6cLgm7A>GRJ*TOtXE+% z9-Xodr{wDkLcz%~g_?x&W4@At_92644gkU405Rz34=Mlc&rP$wM3%hYBZ-O%2`?Ca zX312gYE*gBto5i)%z0CBTa8pgiW13Ys}viYb51LFCJW^Ot?S2GH{N_xRp-qSOM$7% z!^%C3!OI(%$Jxd>m)CH>Ib>(K5a**}ZbDRGkl%8EptteVjl2A-(uH_?4+{CpCl&NT z?nWiA3f6}m%I0+W9f|~>`-?c~pV=J03^r=vNV@f+iul!&aMHgfzjuO`<9Jvd>LfLc z#N|BuwBha`qWBJ$m06NK=M}l`E0*k5(kZFr0QzC}_yMrjPKk8Q>{Rc%9ruh?Yr!nl zU;LnmPVwxz19~&k6?PX_$E?f$tnJtxba`DRAIimh=vp)d!U7XLXSN|_rqgS_FqDU~ zrd)$l~wLkUNSMe?gc_f&THOzzx97p6rb; zmoML@60ks$-kHnE0|C4fV>^{l2SJmnvW;?4Ks5|g{xWq%%6Vqa=QD*_V6@HF^^ybL z%4zh864d;9#R=}8&y!ZKt76)^sYPSIb8+Mazs5V+VZnBDr)Xse+PqUOwWkiLqL)3f z89QGj8!MkU4p=*{&d8L$D;X&?9GutbXH6?2-o&ohvv_#Zm-thF8In}STLd(9T|Z8? zmb9N0Enkl~u82AxB<)2fil& zs@vgEX>&?+wQl?B#BhnLD2!VLD{0Uc8dxybn zw?fF#y2aAMCiJdAJFoP1n+h(-II(Kyk6zOp%U@R0TEtJrZrVVTGpL1n{28r9z3J|P z#;II5r?mhvtWdk?bp>7y`I3X$jc&Xpc>b)aD|4p=)vXvE4FnlHr zy$qGIXy70d`oo9>5P`3tBJoqu8-_M$qwQ7;I^h_7B#U*~Vp3Q%l;mt(AxVw!l<6&- zeQpc!yRDM|=#7Rjo()uEAc?8s+HW=L%r+-%s?knnn7G1ROVI1!A|ipbT6x(z09!l1 zRFaLn$SM{>z`e73{qVMhfcv(R^s}-CIFZnbxi)b0X_ZhYxuavTansUj)hlK-y=tdY zv82GO!OIb2Z-FOxwO}0q3^Ed42P)WnTiGzuJDCYz)S@=SH79NBQ8NA^nFB!bV=>C% zQ*t`ti@^fnsC6{d0Tc@W!eR_U#;MSn449OHmsu$#eLy-MTp!fUHoe0k+vrpy@B_Hm zIu`HqJ!<_LwarjI6j{iSLA}dScGoz1+JQMRgu zp!64>IfV}N2k?r-d-MzKl^=iUmRRjP&8c3zsJX6$TSricHg1~^7NJ}NidnXoZ@-uG(9$bFTrPrtwwikAGurA9 zv^*8yv6-1zJysipuqXWL{%BApqpW6}t;f{WskrR5+I)yu&ht#8wLg-;$DVjDxAlzmSKo=d?2d`FyCSx*HrULjs!kV<#JLmV!mUOOO^VK?^a8_-@R z4m~dGYE$fdf`)0iI$I7E&V18>SZQ_Y9L6B_{3OK5LrOQ{90^RjLFU-e}f^zCJD5W}x))^eitZ;h%K-iwi zOj~WXBE1LF_e%EU7+gT14loR4JZZs(Evp$DF6FFCKtyNW&ulxT?K+gvsXRcK+V;cD z)iwGVA?cZETqHk*US#C&*Ua2P1V8GUhDBb?-!|JVTI=^0BVmVBwK0P&l;}dLmnY=O z7*lE|fMD(GgUAOWKe+jb{saP_o(n4EDnrel53-Ot?BJ$R52geV?h4 zTPkH7eN$<7N&<6H@7V?FelR&?tD&4y*5TlldsA@vF|o*U?DweB<|wCd&wQYiMKj0H z6?x*|0u~uXh*%Ao4oS1~UmTV25_+YCSz%Rou+ zkX5gZ?ydSSx&l**&+_O=0eo*hlnah^nsjK#jtr`N;@281P+_hJ>~oR1LGs(1J|Zow z^J}ZYBJ_s>$f;319Q+FB4Ul#itOLTmn3VfN(cUf-rGn{kVau5=%p4)dgbO$`m{=KIuT;D^+ z=HC~CRNkq~kuA06D&WcSVX|3@I_y`Fj@=XmIq$FH+b35g)j_NU5~z)=&>nhO$fP zbctDmALpx57pT(AvJ2OuDCQ~=(`o}8%jn|hqv2}>45v`y$7F!|_-oRy_EuBOc%zgS z^`FK1_{69Ey+Vnz^OPfqVG;4Uef5V?9j_ZIEwgRZL5M3xg1_sQ&-ynt^X9RGJcXUY zKb?nUcKMgD0?N@1ofkjGF9bPxpStGwGIeQr@|rn#>0)3zB&D2F3`V1H3__O6`Y5d( zBhYzL*-Sl{UVyE9CL2@QJN~EHE~BU1b@n4RbZ&dOtj=|JZq_w?c*A6CvI+o2r`MXV z&R_)%2oq9n^YY=^UA%U!Y$(_y;{9)vi)R+Yc3M5VB#n0s6N?5{y8;Tdci*DPu_Enc zde@M+os@sq$n^(34m%@n>YJ16v0mfNb}8mYst{Kx?v-&eB$YLeF9T z>YJGcs7kGKJ}^iqz@mwRmErbi7pV1B(UMa+7P7*I3WMf6>9UfydXnM!tC|M#(!Od+ z6%vM29oVdjP)RKsSpp))LvuP6#)a|98@{9uBr8HS_VUpb#&n7stXK2cc`9jyr%v9p zM~T>LZ9da{_XyQQ%zZ)HuN7fl!4H0tK(W|l5Xt9wrEXBer{Zi>pdpjYZJ%qxSP4k? z{4~IBLsxd8bjnx0=uUC}@xK5H^Xu?>qEe_d#avRSJNTR~TqmA~)uGu<6|;AR`R9ir zFuy0xR?Y=ce&+#=y_St8A!aAlp7pQX4c(tiI$V?8h2`G`hlYMcr~lKH0PJSK>yGRn zqsJ(QyAdEaN@ zXgdGYFL9hEN=)&L4JZD>O@9P@mBsYkrT6Ti8jWyHt$V;Cw*NauHV1ka@ZN51r9Wlt z?NJ$I<79aNNu&P@;a!ORSzr*1>}lxZ*@vh_iFQ?_Yj!8kqu&uc4iieiiWKJBH(}bd z+~6|p8cWFhsv zMBH&v=$@qS#QcYkm?sL*!%G44bn(D+o4DmmODh59R> zS2e5>(7oHv)F*>t2Tx;ZL*)kv?u6s28_s>j*V(e@c=Cae#+X8-Vf39{L=X;AJXgsBf<+EFu%=Co< zyd(k)J1aqOxNX&R_FPH`_L}+w%03bQBQ0b=#J zo3y3!40<16G4T=Z^56UX0SV)EUKEV(U6!=QT?+$b=c>%|$Z`G^F9X!ZMQsL|+Ag4_ zalh}k{92craqMbqIV?rII0XsY9wmu0_=(lcLiv82Z_8yu*JiZVBCvK;j6^5Sv7N;X z<;Q1*iJ<#2v$#W(%J|X~isq~#e~1Wp5=K*AdD}weDw~PTOgG#611x^W(K`S6aCofP z?LwbuOO8IHYyA+(j_{}r?_jsR!#(>xma{&Xv<~bw!4s9mluzW!$$lMclp=A}rkXV~ z&nX4MYq>A<2T25^W{=VhCy?ySg9O8iXTA}wGQjgjA%U^-q9f4LXQb~Ob zkG@F(2em`-A#ZF3TmXulsLO)gmZA}bvZG4O@LH<6hov|yIv$X<9mWMP^&HjtXfwn^ z$&q^pE=IN4k|u&nv*Rre2VYKAIjp5J1=A|@-h6Yr?Q*lrZm%u+!oZyEN2fKvbVVwe zlJqcOTNOFnixPe_)_3!rnCC{lNbf}LS@~7@k6nw(yZ!f$A{FVlNlq(*+-k*WkS_17Ypj_g>1|0HS>S=SxMhPcu?O2jcN)<45vXDEM z+;u#02RH2ydT9HQ)5PBt3KIF4(3I{otv$viW{Z$UDP*n#;P|IQbE40;6#E^KU;pMF ze1T8=Z1?Uv_YQu%e{{4?%de@LFONyDBHxx)@>u@TuK}15&n6f1ud9Ep>@L?+$%?id z)hqjv;EEHi zNm>B5W5zp%2l6z6yNTbOQiB^F4cMO`IA8|KETix9kL=*0o;UH%0RVP;^phTg@PiSY zh6B=c@{N$_gQH&AuYYU605;i>CF9!P% z!VmB7cQaNFKPrFzT|O*>K12RPa+Vj501tmZfM3HE@HT4iX0;r7{{5o&-SC!kOgis> zA=xL10c$<+w$J$Zhpy!W!FE=?@m~o4Wjup!*ExUp_=h&cTm2!d=Z~G{bQj$~{QU%G z*RLJ>&?k$4Ccq6ALwJ1T&WeE5(m?6x@%s4rKLqp%waW7T$4Bn}i|L|$dKEYPOlM~3 zyx*y4w(3WrY)6hyN*O$0s}QF?IRTU&Or-iJO!j9}D9Vot2}3;I?sg#JBIeNcoDX!d z$&`rB32Mxj3^+VJ>)N%CCbT~CH{9eV%NHzb`=c;s!2iGd0rV#k!3z^;Y5XL&YO~)Q z5!y+(FOncgJPhtRJHhfF#^vv0q2b?kbad7JZ(RQW6qf_) z{&NB}?X>1gtv%;()BUl#4of4as$6y>$DqsjA|!Vxg!*%xW#$nNlVP)zGKMf6Ja4-6TPf@CfC(4p*ZXK7`?lpozVULiTd1St^-orG>oQ zvb>`Cz^x;Jh2P1r-D!fGz@6QgJn2|6Id^V#8Lh%3y?*OUkJzXFbf+7Zk2qgV(x(+4 zuVtLfAUQ2H`QhQY>t@d&w=0)|>d6+Qo*T>8$j_%g%6S*>098J|(IyaoZaGidukRUL zN6g0TdF*LQ30Dt5Q}ct| zAr?JSg!M_%NoabF>FPU$gvVzn7k&XNc6{u^&`+o0UWu1IpQoEQxUJTd@`~q3+3c@$ zWbzbV=OLzTugFjJ@#iTBQsq&(gu`{zt(v*>J^!U+D3=Z%Fc)(SmtCeEGUB$}QZ_o+ zNarqe?^>povN`@8GbH!|In1N^uY|jv@8l0mR^`4^Z8kqUzB0LJdU}t+{uPNM|4V0? zJ6V$2_ZRT*UkWevYEem!kRrY!2h>kY&^@;gM?I$0Wxrdrg6wEVIWZk5LzKOT%XQlR zuMEzinXCDi!tiy~-owc*SWRyh`h-rY8LZru_;OP`GE*_8J$9lbuK2|fuWNbrbehwz z_iQP$?dra{Fmuvlt+OXBn0+BqrG!X&5ixxJyf?#WgM66uXY99e3|l(B~ml0xPy}3JBax(Q^|e_khOCwmSU&QPD&b zOU*Z=?#KJI7q!@JD|Zl?v&Ha5dZ7;ZXp`G^v+yDfcEb|=dN`k6p<&(ZCb4`RJ14%e zQHiO1jrU*Vmn7)yPlMh{ObMm44kJ^3r*`Ckf<1Z3oal&*)7S2F+Ox?I%X8g4e_>CNmyuiOGxwSoa{gCo?XVX1yc`i@V_el<9 znfK$CbS}E-5U{-z0ll{7=K*}HQ0-)?gvXcj*$pTQkb<56nS|aA3^`J8FO@A3^B0xa;lb-pQZb6uJ6ts@nlpX!@mALjH%&i^ zAa+7`fCsyEq7G4&PcZ>wbJ9k*l$(4_WUdV&bn+$$@})VDMZ2q<3VM?SjnOO^6}2c@CGZW*%txg9c}T?$7?TF?cfg{<9;19hP3UvQNHgpy$SgTOU;tT?9QH zBTiJL+DUkl)tLyao^*Ouzb?lH#wezBh;LwsNLJ%g9=2CDY>aH;%*gO)Rp-MFB z51;r`0h8(y8o@Q+n-QzYk)#0nT%2D-*=FA{8Qol51xl%QROuWO({%n=wX*`SvVi_- zr{%uPUqXM3i7J^7&9w9jF|3Bkj&N0VFD5ye&I2U=|oAX{#$OIq}N;IHp;#gHhOxw zZJ>FQNprh~gL+L$zxVUGC4;t{HvsmkDo0bP=4)RHzSOwAZ)?-)Pi}`BM`dLDa3w*< z*nJMY^)VPBA=iWCv4IJBRh;?H{v77$O}mAH5OO@)*Ol1aF;r;4#ZvBRz>!q>?D-Cs zUm>nDP%h=Ybm&bEJ>DxDE-|Lh`IW7F#$C~ahu*qBt9LZKM{9+&!)Syv_jiT4=to2g zcCMz6cg*)@#g^T(O#jt(uBK?*AlX3Aq&8@5@yf>kFyaTu30Mo};r>ag!$A4lHN$IGAc&qz=K6c5y-4e)PHum#WYRNXXCF1AL*vld!IQebR7L>bHAPD!pL?-8U%N^- z-$CtRs+Uj#zjG9-e5lUw$L%YIuxqMjE??fbOS5U_K4ytGsN3ODTgdkmMN8`PhR;j! zlS8bGSEpIIS2hGhg;SJ-OX~~NlkJD6y%0$AXoO@GA;QJApkC5?-W zd&3r+S4O+^OC4f`7rV?$v4+^uHCVEUyF4N34Tkp*!kx96M+WVl4u81k@{mo_l;B*{ zPgJ9wf-rgmrjh{R$hAcBKF&bT8Mta*5Ra|%u^T6>zek8Xr5`|BsD1fz_p5dIO_ju3 ziAeh1G$jA?Z%N$FBkS4l0+Tkq#S=54<<`N35)2%XOB@+ql95X(kbfSpbj7DtH5%xJ zveZ1PyPQ`W7E$?OnZx~U*X?C3``D-j?H|fdX!7&7`!GZHd*<@Q9}UBX3#~ zMH!GTJ`Xs{pyz2VdoEERMbV?A7E)GoT3IlZU9H$XPK1b4nS$yWs<aA)1Ep7sof{S9~6j_gSy>gOLi6FHmhh%X5K zSXWdkcr3{)m%rbY^T{`XC-dcL=`ow~zK?T`T&)`ir@R^zmr zi{rSKk*5J1JJ7Q5#k#WDxO{{6pl=#lu6L9+7x3kYaN>6hrqHPhk63i03{u zkqTOz$TZv!?ApFka_K9tz`Z#Yd11#zSy*$XlKv1*Ae*Z(kn}a?3H@U9chts<;O#DF zlh82xyB#P}!5^|&JGd5(6IM&2UIrDZOmo*O8}@8y3`^^?M<1Ivaow#*I)tnuGrmfl-)@5H zxydWScbY{zvW2y)B#yy?1<@m2V~VOyS20yu>_${rud8hv3yBx&K$y?eI~tRJ^_U5{ zz~oc!<A0kupYY@P!cZr>C70*p%B=!qL)JYs|E%9+|MFA6V(;d$>Y`IG^ilFw>aBPaMXpi^ z`e}IPaM|vKT_+t*ghZEFL#ljap2@>#0%GqnDWQX~pL`~mK|2v7`2ofZ`5^e=HJgTe z{%2;|$2r|W52E)n;Ul>54^#Ut4yboV&Y1N(l0ko!h4WR`+Kzk7ch9q;eSNz|i`H;8 z@c~$_xT_qaA4Bg~5MA(i#LK$K9IyW@9vJ>rAH1d_e|{rHs5DDqepEgnS;n<~&jHq7 zRRqm<;OHhDc!L>o8%+2-#b{U@#dv|Qrg%^(kvGn~#`$@sQ!lH}Y-a)sa?@)p zdu~;>?`Clqxzarclysj?zS>WV`Y`LFss~|v>(QNwqC)~IuiPto-UlkcJgt((!JEOL zjA+DE3D479U71+NzEf>pb=Vlt3Z1p@G0s$kEqQkO52D{fho%(LC$;?vH>PJ&{XbtI zMumenLO|MRNONfgD|>kJ%j+BT%<^Ma;q4Hwtq-q@FIQv86eHto^aNVk=Pu4qbXG;} zQgRQO9zhQe@uZfAYoSX80ADAQS<700#1=e9i3 zBp~7=y8namf&yBs?y13d;CxUm^dd*qnXBYOIJ$E@oZ8{b%=9OT&eOzjXrXY4D&hlj z5EnO*y{OH4!lzb4IdeK$@9D2{c(s&rX5Xn=cmWB;4ArO@mRx42xsr+z_OP6M+@tJ- zVD{R%jc_rXXsqQx&0kIj-bD@< z9V&2pbPASIS{DS*V)htT zlMyo|Yo^bUZ)-27y2g8XCR)?uoDUc|_8_0H?2`HukdE9fq@IR`hPiy)j=Nm%7tJNM zD+S!iQ?4I7ea!tpL$6PzhCZkQ#4@Q-*(tnWB*qB3uL0ej(c0dxL>CxoQpAUHR^O`4 zsiU=A@>KegFPG35|MD~y|Fhv+eAZ|RsJy3F>9(mYO zjU0VBC#e8Wxi)mft{CbF9ydytZs0VPtTkjI|7s;3+L@EH*mr-(SrYXr-W^i=4& zzqnU>b7-SJUa@susGemb`xTk}tDDcA)4N(NRv+#ye-Bs9|A^bQ7|o0o8Qs4gUPH>+ zJ0G*TfU+jyWl(bbE)c~;e=_KPTAcN%r)IMTz8gHD_fb~2B82*M4}bK8n^LZ3 z!GbOP$0%`eXul5Cx)|gBjRSsb-NGtIGp3!=z?3`n$U?-op>ED4_VR z4ozNkcQhYXyCZaF@PPv%)eHDy-d7Bh<80^B=sDD2PP0?UU4$tTCw%{bM8>9FD^`g0 z2>9+BTZ9z>DRXsxT;Fr=YAGw9ic_R>I>?oo2JYZ>USeUTVAaaqn{RCfN~%PLN{Q? zo$ItX*jQQ*a>tp)s!|cmH?_CJ$b+%9y2bhW+NBKDW)kk10)g7xZw7J6Cxc#!>7~C* zCwQiP7+~@>s<~K}10CVmcobkD$0X4}PohmgdRNvNBTARzGX?Y7TB=!!(PDWWY?&;j z7YS*3PwY{q(XuAz;2H@XsJ9xhy3T8oov%~Me{V=R#MeJex%&}`Trm?0NT{41KHG=1G#0ejxD~SyXkdEPBAYhg5L!mBLSuprjg%4))gR z#lNb2*GFC_;$_mrzf#bdgoA8vHJZ`~9j*0@~p5B+V3 zIn*m|`U4nvzT*Zac^|5vN=Oy8gJP^(YdU*5Ac+~QtyJXIm?E>C{x;QmFGUH445;K3 z*7pbpI9<*eRiy^M^d56@%QEO|2olkS!&X|n7{?TLeAimkDO79j^qDj0$$39ryOw|0 zya!si!_*7a=}pA8UJ_CT)`{FFydbB|ZG)}+`}LVP9D zBX378F(+2b(7I~_=MA}1Uj%=fY5Zm3P>@1l&}doBq67A(u?49sA9-xv8{l__-cn13 zXG*WAEw>xxm!XoWN#04Fa6YB>m@s03tR}lw+-%MfTtw7E{H}200-6cEfP)K&6MHYH zr7W_>+P1m}E6z`%w`2Q}Sh2&9SlV_;B^qanfM-K_o<*;(iSeehTbQ@^&-cz;KODP2 zTcFQ2WRx-_q;&rjsan?8h^!hX$F8}FZv8Xlw_{u>nk@k&Ge$4>Ua!(y|0=s1*D{sI zc$&0b+-HGtlY-FJ-B7V*QBGC@(nVVAt+feg%bFP9E7c!?FW}BSWST{WNS?6@nmd;@+ zUN-u&I$o~4mz)wtZ|~3)g38N(M>S9Ld{vd~RCdZ;@T~hg2&VTfZsL{7LFs)A%yUu6 zF02Kmf>rRkLtj5`t95PUkS?7M6yKcI9L73U;T=Q;acW%%%{n|>Zyxy zK^^o>GI;VKBfD5D*TL7$92~81(Il_>o$uPP4EUQ2&DthQ~z-1lGAwmcL=;!_0%$~D{1PB><>UM@-(UE z=$*v!rC88W*L|>P$1MODq=nNt!B%q*S+QKVt-3zTK#!Z7a8K7cr&GejOA(qg)FV4u zVas2$3CZvV`9#Z6`NV5{KJmfi`=xn^sSI~-lm1U|CK^6VHp(Ucdf8FZ+}-+n=2zAC zX0TVTsfY<$aoe&n&D?bJ8snC*wwGEgAqSU*dbvGk)mhaton)iI;#P)1m^0+#qy35M zd|;w(-Jz?G8+RoO=O<7lGq>HBwkI6sP2=0i6L>nvwe;x|xD9OgJD9fDW*np19wf5m zI%bisn#_?d^+85k!fE3_3sB&wr7x%W`op~rCtzKCp9Of$C4h*$F%;&#UtV+YbKEXL z$hx94nNN#bj}TZWqB^(`V}^Nhmez&4FV5_RZ$Qi)Ml#B}zD;|$P{Zu4+eYiQ7E6FM zxt;O~i`$^x_|BWLM|FYbu&YZG<&xYcub?j_c^N~$t-{ysYNS{X&8@rN!D~gFBIfpq z_BnXHx9EX%-?g>)c~xb^sRCHKq6iI?j-M{<)XjzR=O5NOn!QTvD1#`#*S5WtbJq{ zTz?#T^-C8KH}tdh>U}H}-eTdq`u##Y%8w06sQE-6t=3)YzE2GRo$iA;S1jtgDuk~$~`?z<>Iwlpq{HQ+B+ldPXxvui7$Vg4EMR}w|YrS zww%j;wvDN^d2P=?avY7k(bli2?keVL)kyL-q;`Pxm*EuAh1j;}tSy@N4`{4^~Ot&6r>B5t=X2pinm z&0Y0Sqk*Mtw(DKuXqrpFs%JqO@UcG2^=j>H07^|IqpiQ=Gnf$aj*b8dL%JGQZ0vO& zbLqW9UZr;jQz6VzoCehqea#yaV?;6@M9c~kY<5W4jBOYH5d}rs8Gyh&`B772+Ac#B zMZNxvkm`n3D?Q9Qpeq2ra6*hiztXnuN71+Fr`I7S??mhouIAn#!s~FxHx93mJeKD5 z2Z?C*p3^7F3S6EVIdgY(3$?cmZ)lJ%vCCoKEtC`fj?(`6eBbI1V-D{%a;de#F&kcscXAV4)jt?qi|eR) zH6nLUoOfW~f1Fx#tBaB9@-AxKY@&R%knFaLLaX<@vixq~({Z{p|CmU=65Pb;xxS6n zFoZ&Au@UnXrS^}VF9!wWR%+w3UMH=54ERib62UT`+V`EF!kbR~G?naqS;{V}N^f_( zcQ+LVtX#LlwC^mY>0o#j`!W?B9@tAczOGSnKxH)j+LAT~EkCzwWk=n@?hOzdOUayf z;{YCxm~YJTGSnAGi)}*ny;hpLa=xv>p&|}a?K)L*2YYK=b0RC_ZaX>3y~T~+;Xy5P z6P>}=rXDkC|AS{~sG^I=B_Jh%R%B{GD7l0)l(Wcei$SXH4lZRv3yn99%8bzRJG~o2 zH+Y)(3vq(y^$>%F*J~tg5|fZve0Xv&>Np+v;!Gz81XH)W*+xCE6y_L|b#uW0bl`KO z!97U#m3$aRjB^K+%TsV20cW2LbyXU|1J|K;X=1|qFfL7?W8E@(rlf;&EjKKey=p=A zsrhpU(Hi$l5K+zO%&!c}EG8p61)jhsP@q@7oLA8yzVB4d>qfWfq+m$&HAO%V82p#i zn{lGvYhU>-H??mE$HafCdWHP*eQ{L#UUwIL75kXdcTYPHQUX$2xr%?t9O=r>rC0kl zCehMFT*59YFD^YAKfJ={sL&T8lxF2wLAk%uLc2*OU8Lm2XjrKV0J!VC_P(I8!0qL& zroRM#G>6fObM6z?GF`dZq!>izcIA-omRe@nI%fBU=v*!O?k}LX;N62VM9E+eH3ahR z(f3Sv)@w5R?o%(K1OZy8Q*8(J8cYfLOHbefZNZ15#=r!sF_Hcbal33%_2o_#iwgs? z_(%`r>9hrU7T@fz!bTU>N9Db_O`%!@l|)wb>_zQmr9k7Je>d82?!AKP7l51zL#H`T zS`!#6r3>5aC?d?1t7fgbNxxAEl?a;#7f1HHxDI@5!Rf(-yhAMRblSQ5^gOkk`0Ocv z*E^*zQ+ZXGH+MB1>Qa=XjezQ4#zS;SQn$=vwx4BMG$H!g@JG2!rKBhOZ&Y}s;nv<2GKu_=5L|zVRgCieC5{{f zJ(4K>2=%orgP%Hu{lov{mamvhlPmrtmYJ`Ug69mVL_O3=sUhq{q%<+W^AR$u*a~{8 z?r~XbZle!N+BLKcnCJVl!sk%YOLvsuwa7%0`Q;1Z+Bl!qYHYN_g!^0@-_SI$@0QAK zK11c_XndnM3vpR^yD(m(vbivR+ehb9f)B_0XIe%a0G+HrrVOiq_V}#ZJ&EsquoL^M zYh2>^Gvk()-cZeEqIJI1z}>a)L=^ZbTCL- zKJ@85ROz-}D6K~#4h}kK$lv=Ic^qsVypcA}L$B5E@50PGBBs1{J-gtGR=aj0NzNCJ zG;2Mlkc|bL#mqy`29NFilq=7DzNyz(YUBo0IP@to5hclsxS~Rwr1+u}K%k+*2aSOx&G$aQp|C zFAHXYU-TW%vW;)1gsyrFl4*Tu4J5--HN)1S0rNGg5o;k<>2`+nN@Ry;EHm4!m+=9QT8OkoKwT6E#=+mcdv~~RG^1* zFInXWH}F$ebD$_T(6p2p<6L#^xOZ}bpp7}=CIM;4_8fv`<_-C-X)d{!Aiyq5whY~% z5KDcrAl`x)1J18+>2(U*q>mqnASHq2&B@31e9L#{N+nAsJ7`UZE*!r7CS@>JxAQbd zgCVcKX3^*LjmsKw(MMg2^GoiPuI|T6VQ-IkxK#hwKePD%U=7J@1eTD=NoWm`j}V*Q<{s;4fm9#*a4US_aNcNpKHPXUh>zjh zu#egugU3pdPC8%Kqh?mmF}1{AXI2>uO_$gVO_yEjVAh*GHd2zW5Q9(eOWng2=Fge-#_`lpU z%tLURilF|q`Ah!+Wf{nw&-5o=TOB)bd0FveDo?sZx>+W#srNwewC|&1hZ1q~%vr(H zwJzo_PYF>Gq-P(275;wPvK{y_Ow?bWdYpLo^C#I4$Not&fY-$)h!oo)<-qGZ;T62HDvpkNxjFh0R982RE*4IgnZR48Z?ulK~{-bjA* z_5o8IT(p>m3(xy_p%~hL0X@HZ>*^i=@3>8WIw2d2fGo;#EIZYl`nWVq!hz%>FygyB z5Y%35oucEO8VK&i1k}T=nnNj~&#cY44Z;)xtOxUBJu&>t-s#(GW(vWVo4qmLb&H|< zggMSC2FS(|lPY=sLZk0G$KJ9Yk&MqE%f6l^au7`RW0<5Xd4?i!-->MULL?J^Z;^dd zgIzBOw?1<+=wUHlP{}9*CE?h!E0XZ@iego}iG+|GUE$GL;#1fy2tMg~tZ>QxBC5tN zC5BV&6RtyNV}+zGnx)dtTmSZ1!IvST!#|#E|M;$Q|J>my3XRRs6d66yKVTAm$HYJhQ;^g%FHcnt(KwX5q-9CPEctnx|`t@%eig z73sA7os!yx;l%vUPe$^_b2q6!IRT0ICz4W(yKpOOGZUi!#7}UDm)w$!NEQ^BId72*Vxk|QoDucU^XJ#1! z77bu&78^g2Kr0?D6^^QOP0^2?VXK<|a^Iox{F#iVf=c^BMfzU zeH5Lj%e=rMbGMsfK$T-WQ5*Z5Rg*8yO~<84+eGWxva${7NB4`H-7A2rbuMqP=-{j|O^0|bM~jx_?g z>V-@h^07`K;IdgJB^s;gh0>#ZFksQkv4Fy*VGz_;<%~g+V~&Eg2#aD~yPhv-c4~_YoVx6pYQnWs0!DT*9h^1nwZo_(3CR@bDbVu7R5@WNPz=kclqCD~G!?ki z$J%)WVMZiaTR6j6v)-$a-s68h!#HRYzY1M7@)z4RmSVtVRZVO|FT6eLOZ~Y|5uJ|& zt_+Wgy8)Ft_g*|{B$QjyuTqRG74ulnp8l%UiVE)t6zixcNc!$@*5;U149Bmw$StW&f5w zrWgSR4n=^HIm!${ps`>(lMPF_Uw zL&;I4=F#9@@Zd206+MPCRQ2Nrv1QiiM^}A5G+~#uXTG<*iA&^LB4K5jy!iRk5#%;_ zeXN@JJv;9?el>oIlkfDE?6?}<)^FMOe#uLq=;z9&O*)20CCLD}kylj53FgRm9SWP& zgP+ime!0yU$tB}&l=j_^2yufplVTd`qvvTY==#h%SD#U`PTGHKlC#9Q5xL{W1K=$W z^aKHS+LIGf8z*}*C=0%D%Ri`g!CAYhWCJ4>e`xykXBqwEvqnIV!r8S!}cW!5o8Y9UIe6v2fIb; zHKmygV^z1O^@+!W$?UJ)bx^N;!2c2*t*lVyuzk7b(gmR0^p$iQwZLKR9vb1L2D~i) z$H63DBGnXj5M;6?4LY&&Y5+Ix8D7iHy;(HpbGYxCI$*oU!Lw#wa`VZe!qDm*W`!ieP%h2O2d$k%tQDh9%gr+cYy~uV+LiO>HQHS=kv>5 zvhNPf*RI#*O$p>oOcz#}c(LiCfB61h6c=KPw=n1^B`+Q%{YDQK=83QP9kcOzc2lxy zn^KWGiF`b#sfyA1fR+*7Cow)yT)|hhoRz2fh0Vu(OBUR|sh#iO`l*}#6cCjC61jHx zog$JBPvCa0u90iq^goY{|KxAz)c);;y`cMQIvLj^-E~2PwD6%PV!3wAYDS^;?cMj! zCQ6$5&&sDSQrKtv_%P}Ke+QyN4hTyZPLBcXzH;=(+1II!52O^AYS;Y(Tzo%!_gWB; zy000s;Q9E%y4f2-t9>fm)|+FmaG7(oqE;XKtFkI~Rl7F*-_XQ`iybtfTr)b>M0#vMNpo%%865j|YZvRP0Ned3vyhJ7UL1_rBgraoRj<%D z1v=O8IlTepeI1^xwy)A8ExFi%nj*!wckXIdU47~LvxRSRc_tpSV7?-RAwX#2Hj=8wk``?=}X8Eb7 zkhVF2#lIO3@Xv6TH@68JW(KEL-Jt|UoJgZ~s3u1tPYGHfq9Nu*F z)wUHfb_a+FZIU!spW)2!hq+>Z)bzT}mgBWOoiLupJfL{YA~`xSP4+%XKzb7U3mp8t z^5n7vM=G2hn*<(ycz6l@h=?akC9=fSn1B@cYxE40wgTt2*);O$)FxI7*F@;*i`(bGjmo6(7SA(O3};TRGySBo++IT>yz&}lVx_7FLr?9< zM+e>5hFkwpMZq`zRyF9foF!7ZdUO&h2wFB#5g7XY0thSAL9P*^T}1{&+$`THKh`~C zMq9dmK1Ir*S00PI%DF0nmV857=1AdXcq&zj{X9i zZz*oaY=7wpffC?L zWXJLGnMeVMuvJzc+xS~?nTAVqF3$2aQx6Xh9+Y@&n8Uf={gRv}`4Ctk{k=%O->`qh z%hBHuzoYQ|0l4PEDbuYZu4uZe#@e$2*ommbq57-S96x@I2RPt>&T1+dOeV=sN8eas zX^20cSswq+meu7+1x0?#8Y|`~3x25@MSDv*3j;t9Vv4ji@J=rG1h9`>r1rjKsZ;G# z#p_*GWgflk>(3uTHrbs_k-%fRDx$?30PbFmO)ALw(0RY%co-MVW3=y|$pLAX-SGuO#pv|^4rMpk0tG(&ghfk^qsDb0o z=^|o5rneDSjxzJp*?0Y_E@HdR66H|~QAw$;o+bJ%pYujrr1zZGtAsMTs)x5JU4%xB z*SN?A{RIUYV_jWV zxHMW=i&LlmS)@tl+a9ujd=))Lci<3{sYg{P6@L6ivTKyt!4<7I$g3D{1g(PI(e3ye z)k{DMdc{V8DsOm<<`@=1_5pr}8aBg|CtVU5)4u)_Q~T#BJ3zmAZ?skP%{Li#SVQGy z2}&9HOp~K*9F<;VaD9AX@0wy^wL;5gfcM&AVo>cOxNdrgm*zLAdm9 zyTpP=VI2V}@bcD>RnK2VZt7+e)_HEkoa6jRra3v1UaK*_xSpdKqtsy2ifW6#SsgljG-2asavAInCl-Gfgt5J+NPC=mDcGF+)r(w$ z@K?3ggI&OGf@saMb{G*pE@!t17H0SNpM#zf_+3gUU=Ct8fl1Ggz5Q)HM-AU^60}?> zFc)@B)oQqh@y~qTn|w7fzZ&!l*IZ`y&(}lT69clF9~OThns2Xcg2ApY;?iDU7oNcK zGkb16OY;jt=Qk(-yJDys zQ(|2sk9p>jC*u?jJ<=3HbHOUWN=1avu9F#y`S%D&Ay)72X9!ON4W4|yLYpVJZ?clC zPH5W8oN@Aw{WFkC0b+i*;YY;wSC!lbK;Xp647F34c@Z;raVO?uJB7Ht!uCxzh0#*c)Ge!^4>=M$_)e zCrf%O;|I_=exbv?HE+yOqIWPfzotuIhE4wXGsAR&@T(MYu#<k~yCw5Gyl;pHHx$9dxa(n%@sZ3NIy0iB|r&fce}h~1SDoxKABR{gD; zMQrUyGuU*O@JQ0*M8F;D=pv`ysS(WgOBgC7aA%lqcIMD)bZF(rfOO{^D~~Yq`?pIs zRf9J7+)Fd0g1^l=)nhg^?@zO;WyvVM$|thsp8sDZKsYbFn{Z6~<6FD^FdMz;Z=qb9 z1w$fN@-z$ZS|sufVxzM62-S>`-Wn~Hs-2&CroWTms%5iHC@7_;`!sHgV#Wdhybzty zq1no7-Q+*SH*Ui>?@&`wka2I{BMo=ivMTS3C|(nZyb1E6;;6^*EBSq&fs-a~mZMh2 zR{fTda;6e&+A}{#yLeUd`m;Aq!yleUvy$jw_7U4(tW|d^ROx3Hj@+YtCBEVF}vFoTW2)KW_vEh#{^sN z?P5RMv~nd%$kA*UX0^=3%AuBY1$R`>eqZ3%#lx6T+;Wy(fB&}ENoN& zAlp0+g4c-uOFWxETJWlPdCURKx$sbqD|*wjNujbC^5p3f2Yd93hx<4q%h5uAwLu{HkK!>WH9yoxzrE{N!ERXF1np#y zwv7T6|J)B4sJElO3dx&39rkypG#fK25C zJwB&Vzz9((>-oj^7=MvFJbCJT@SMl=t0$_sdWiD4k1?dJe2sa;}}N1Zwc02&fufJzS7uOVbcSFFTCOHVHd$J6f;n#_24hs8v~9H z`dW(|c@mA)6p{dvrx2v9(sn_7k51InDL&|i_}g2R2ZJ$|tBOPBi;f2PV%P>V8?kn< zgDL8*HPyp&3GSeo2sbcJ(r>WZ$YlBCY9Ue`^%SlmSOg}tTT$Xe{82w^WV6-M5pAFy zNTi>C*WNxxpwj)jE}mb#>>(F+M5fi{j<1J{hJRIiuUx1G3)PU9Zma(w6n^(`bCY{D zoX<4MWed3D=42Rxo{g}Pvy_Iu< zKlC?uLb1TWptCwtV<;cX&bkx&6mT}2Lq%vhJbXv%Bf_9%;G6+t`l#M^84er67kEZK zyI;k|-)Q??HES(Wg^QlwbCVgk2ZuwLjWl03(;um05rt#?Ja^-#wqweU0mtS+7ZK~|axtNs?! z+7|Cq3b)(cwBv|gbSW975^@-x6(D1Oth`t?0l0A;a~&FplWd9ER|aVkinzV)wdO>^ zdA!PH%b#bPWnF5fJ?;{0L>8UoG4DO$Z0?Mz-k?NT!qnnB2TSA2N9NNQX$G~4Va{!C zQvs^wR;Ih2-NuNCY7GZnT%Jv1idt61HmGf98ZU^KAa08qBHpA*63%Cm-HK3Io$H`* zfN~(f&7PR+Pl;&8ke(~e6dmP5`o>1Mv{268#`{-sqDB_`B?ehTy{>u4kFy=+o0X1| zpI!h<@=C<_7cQT(Fz%ThYO77(ZD5UKLrN)Pu*F=gYli7Nw8e&%tL)Tg0ii{3y`GhK zM@svI_wMvo@%K$$(|~j6TZYJKDifP6@2s80#o-m$IIm|#UO_E;^MVb|+tM$7C9RoO zdrs7}l1n4^CBDtWMA&SNASLp~x`4aP#*NM0!JzKF8;R!rM_u7bR|2-FRGm>&TInuyEIXo0+eWQ)ur7_b(AhmzOC@h@ z$9OK$%me;O(lG7`SNMlfw|#Tq-G1cEj&V}F@$4?6NM{w?qvZYmp7EEk%FtQ|K@0Pe zE)2qPj??jN>0ncNQ5}R|GpN?(hV{i(u9U!8!fX6a5hiU8v5uVMTcGfsUSWX*P3zq` z-*3|SBQmWek$G=i3AUPv$IPjOR-?zKf45YrX9ouLXLWr&E+`JrVgNVcJvwo){60M6 z(RUs-Ys*h~#D_)}HQn#&=5khYAd8;Sw(+LCKtOtz`Qnzm?>KV9VMx;k7tvROV z&<9_yR!v9o%yql$)PkmGe-S5IRB`Uq;_v3%*;o=*TSohgEMU^`<+Km!*zig$3b ztwWMXhC0FnTZhXq#kkDc>ugPUv05?f3WV-f>t_0}0MzesuIZ%0e#Z0nJbia9FUq1N zw{V$nXl;A(9Uo?dzA^T?<}ykd-Vki6hwloXM-~}izJab5 zNgg;zZJ(|Wc@e^EQ@8BORwz=eSmx|o57@VKv&G%tVBMf@xZd7D4Y&^3Hmi%;zWd$F znrOXIYcb#DFzLC;Lw?Yc$m^i_MvflVZ&?!N&Bsl>z7(c!bMb3w&QRyP+I>g`-=mV7 zieY7Btg6}*<&X}gRkQPF`Rq_5a@q^7`8CGEd*cDZfUS%Wz&gYI$m=NfGkJf!qecf` zvKM^*?Io}EgnS%_-V`p|rHatWDJD?ov+ywBDzMjo^lskBzjm;ipzPsTi{1&C*f-gG zIkaH4e*oHc(KFq;2sJq0P=x>-w5A@T#V@lrw@cMc2o0~jM5{&kJ8b{H?HJl}%iG<# zo`rWZVhnj>-cI%8P`(c3<%I-M>%<=xELV>L8hpUHa=`EM<`)%REZhmmATkWaz(B4> zxz8n|%ubt4G6BQ%DcIo117UsIj|jhHh_k%eSNIi&i9f*Sg4#S+zjc4DKzd`PX=sa- zqfCBj=4lU`Z>4{L$Y)+o#L)#*|6!$|7=P@6ILSor+=9wDEv^unpJmrVG)Tcq@2soqE2v z+*2h%#62V@YNXs+zFauBoyNM%PdUgGQn@ky3{}AbEZUuLXluAIf>*9k|Y*VASyXSkwG#=h5`zT z-+8g^?(cT_^>5bPnOS${{^43IEZ%z0IXgc4+51EXvt{jN;Y{IQavSE-gZxQpKCeu$ zEWCa0=AARY)6`i~rNCZnwnhOJv*bMY7-uvj_a*EZ)FEO zICgTKuCQr$=`F@mF*aA`W|8uxziK=gIb^*Tl;P5h#)^QUkY%qo7W0Zyhj#!6FZT3F zcdcm!x^G`v=o~wvORnM}sknTr=418Uc}WwTdb5}5lYG;H-;7lO0I#i4Y`ORoU(Tr4 zOw)Six?bbvUK;W}-m1T(RY%4&nmJQKd#`_%NbsCQ+(h)e*#4s&XRKM4!&XuEEBbML zdEA)}oz|6JUAVB-=8`12(nvvPr$U@gr&rb8*TeR6juTaWfj8!yMy~Rk_ngSkEb;Wq zcu{QKxp^WDGok4C;?a`o+iAyK4EROs>Xf?KC6^_bu!>7ITWRb>_s~^$daP6NVqbw_>drd2?A&{&=QpER0c!@U z`s***I2JrM^V2SJ3{(SA-LPvaZyvecE2b4(ttu$H9LE{Awxpw65nq1%L3e| zLHfe!CWp*-dz?yN3!`aDpSlMpNobCEb46bvh~`NUMW=^fe)@#Y5)3eb@Bhjt&-+N_ z{ZyyQ>P&#oam>S#)RXpdwW2vWvrl403KQv?Q#;@5_#T&EF|&wwN~>(boLAH=I|csh z!F+tV0u4J=Hk$+nRByqpX3C4jr$?UnhLzTol??AIO779x?|@R7X!7t-qV=Sn?Hr$4 z()Gw?_@YUSh?T$BVwDG0xM7x`{ZX#BhNxSPt`S0OpvrLXy~MW*?CM1o=wY4w(W*|H zO5uKd+DDjn?MU3QHGdGHZyFHoLBm!;t7w zE~X3NlF#KS$sCXp1fvz2p-scTW>&Nd4l2^Gw$aAAC)#AEj`a>zy2)k>ps(4qtnHri zGVtQs*^6@5hU389@WN+S{UkDK3r9TEX1a?cuE4uU1{>V^~$9W~hdbwpxN z9CLq-!YcMigUI=g57+V{WrZwUBo1Q>7TLo1KISu1Z)&1T<}XIySEZD9&3bN=q^?n7 z&fb%LvLa(jqm3=DHsbe59Ru}?I0ptA@0Y#a5ow~b2p06fBYAr3sY^A^rH`;D&o|08 zS1kRuI@u`lNaf=7>|ies$v}Rm&QBXAsUh~%Tb9ohGx*#(>Ozw{rt(eG9@;BvKMwW+ z4c6^g%kcA!lmp7Tv(+1cUT&%Lh0bALD)iB_Xq$2d?3z1WT7yQCVjcDN+nCK&%x2y< z5JA3hY5_Ngf4Yax>BK}<((d6l!c)m4A1h3h^&le#dnaAy;xYJ_;v3=0dREUQ8wE85 z!I&qVIllJUhLb}NyP_1nWCY}2Gud=x^U`FqgIn0`DWI0v*-{_gV{4sDb===aC^Yc* z+)HmEM3ou^JgJW(pK=*N8(V0W#`FM#*kiTNyPKy*Vr-^)h?k1uMJDAl)DkP_O<#eI z_OI#fh8P}~v|YMx3!#rMp?R@Yx~`nxgoX-Iqh4M2Mf6WDwm7;V#?FS6hMAO$ou5}z zCI_O9qxO#btqQju0jfsDT$5PKDT!af^jB*(anRW;xV_P!k6A(Pfi4T7L$Ql}ZY zyn<+qU5g1?{??e_S)`R)!Ks)X49|mY0y;wWlRT~0^X?92qNPu#)NHw~)8V3f-z_(n zmXnMz(d^>iH}YHwig=M;CE|0-Xr5;2Yuw z7^oSqrFN}FRMEOAfk`E%=>A(|OZ+v5@U`@vz*&Hl%rC?Qfh(A0<13Fg=XQVGPZnEo ztx#j49Y156pUU%UmbXQ#;@;%FcgTD)T@hz*4ddo$LrT>g4Rwe#Q-xW4ET8$rSM*xJ zF;RhRTrFN@5W95~(ZXZ0INS(3#S0c0Sp4Vv$QbpkDeFh4m3L}f7}C*mfVA$ z`n?cJI!i5R&U#pP&W6(}Z^C^Da6M-(mBWNzSxl$W*qqzrJPTQjh~VIMhv@of0l8Jm ztCr4~_Uj_|?nIa#elP~g%{^AJTCJJA{DC+x@tx18j#5P~<$6N(t{T}I!|2N|w1~dh z27I(_HOX~Y^xznK?%pi6G3NG*3O*vV&kNREr8gz(GA&G;fZE4O;%yn6cV^m?()de# zg;mZn$JB#+Ivq%EY77d~qQUry46{3NQ)1k`JsTiTy)nm+@D*(@!S(YUDiJREcsS@r zFt2DdUte5j&6|0RHSyhD2h)}Skk$HW<$=i-n~Wot1B+U+d1c1U8Wn@PG7g4nhn{z$ zb@rofer~T66_+UzrmeJ>Dl+Z=R93oN*EY5^GMJ}6U;3ED$!hhK#v;y_||xqaYaZUHcrT6Wa>VOdSXL zs*>}A4!Vm)%p8K)WQ%4NgK$&iskPxIyK*p-z&w{B-lLxSx>4re=b(U2&@JLnKJ@WV z=Pcfvo^@<<($JxYzf-=G_Rg6$rmhXGzPHh(xXW~*GqcC#G=XWSJml7RV<@h3E%Fzi_#`kd`B_)RVHlvboy;h- zzw<%S3r$@-+BKr_{^i*t`Kj^tUyFV5V3vbW!));o-2jJXY2my=tk4*3l7e{>U8ivr zzlZgmJyl&VE7e1>(Ca&+fGhwmuHJ&+{mo5H;NM z2pCgn(TB(aeC2Bw06j+`yJa=<>3)f$_b%Yie2lvCiLZ@KRRXupBznSzuXA;4(zfkp zSzI>TYsVL~g)?u&N=I}wdcbt~o&X}{t0Hk7b*c^O%F~bY8^?K4I+jo81$56Y#LDKq zVlshQxTmU40tCbPD@rh!PLw(N9Gd#t=);UJ@`6LG1J(WX_Hgvu?~@}gVLf$yem3QItM@iF)r+6#4EZZG1S9r*O`qD@54O za`=M^G)>t=GJ4+p-JD0Z3(}*Nep*OgEskTLTjdOv^!?+za=9-cPJU6w>jh_^Hybwj zTH99`d%IrG37Q=>jKy)&MB9pAOMNH;6egb0^Iq;FhP+TQH~ScKf^i}}Z~$WW2XB3| zwY3OPLkg5mKPBS`s!F4Kh0f4{2;D|}aXsF^rul4GIDtEDA7!_gVZ(}<;OIAZou8oI zG+Z9dN6n3vdOKOeoO;%#n@dDX;)p_m7(!@YRagu%9Veq-O+VlMtvQvc4`kGz(5H7z z3&U0D{X@h;`2C_IZXCX1+#YO!sR=GJ#T6vU_#cr21Ne-N9{1m(PrXj;RJro$hI0%! z4S|;eqxVZJqe5G}u|ezZ)rca~;U?`%J$%|qNmEq?M1n)*&aXBx8Zuz0&-2^WJh!vk zDH*37mu5=KO~;5t)r;6dQYR!O4k4DM+5x5ITRghB$>?xGJ>MW`Go#yG!wnb39eXeZ z=BAf9G<<6$-chgtPxIT=@U-t76ht+RgCqcyxAZd3hTh2rL+d0n;`uv9l66Y0 zDqspXocC^5Z@YKy_g9eF3TM7QRKpT^UFp{S>zPmZ9%LR3{q>QQ)GM82-;1pB zBEJR@5uKnL2)Xl0L2CA7$8~el#Anaeza{XlG!1zyF|$a$?|(evMjzQPY+^E9J^jti z7#m|#tx&9PAbIK#(GgUBTh9<5IGv6- zbU1IuQPrsuB}$Q=yVtZ8kA8x>eteMn{;PG3d*RA%+B=}C@GPoN2k(Yw_WL^GH z$-u)rmf{CuXy#b>N58Rf&3*duxPH6m>StCOdf^hwQmph;j~27ArS%-#k zCGvv(tP6$M5ELb{PvwmuJ?pTOH^!+qLNXn>TpKu9(77M3W1jK;myMQ@k!y|^G(RS{ z2Z>x?9rv0pJ{4Lgg;K44uOYM$*OL>}&s-mwHhzd^7d3QyEf>r{v&WlR9l{iyW z$51XfurQ#XMpvp>fzHwOo(!{HC}4RO0}?(o(ye`e(4l2vooUaZRji$J=G+Lm8^6B0WNY#+@eQf z`h6OTtMrn5xP?MhOsBbFQ{=U=jgP*lHZp&IP)Z7y48|_>J7jumJxDJjp>6_lgrRri zz07b1{?L0iB|{>|7x_)x4Sx|RK@Acbh+>coRUz3M5aad<|`m*90qP@ljW%Sd%DS8tz8rE1i{7t>T3BY+`**b)q?6&a5Vps>Mko z9z`)Sl8-$}Imyjke3dKYitmZJMZHbNIBIBI#*Zp=vaEq{097TE?=wtu! z-JjGXgI*10E9H`85=580zw~eU%-lvqM6kHH@rjqgZ03HI8$Fsv6WHofr!BPmyz^q; zs5sQK$Yrnc2xa6;+Cx^*;_vrkEB+8by{|`((DEoiVy8%oAPF}nayqhDvCl9j0u=@vk3l=2yxL{ zXh+(V{e7unRIJVa!3O@2{0^{)sIfdA+AiDAcg&doVkQ54SsxV&aB?rbzuMjz>ax9a zribveq~6Md-EMxjs1i1IzbJF;e#B>m|7d!De<(Rv_3Mj9Lg{0nJ{@v@Y{$R+z`=2G zG?WT|1$CVi@$!u^;U}3I9Xf<)nn{CBg%oi~|L?l}eMM-n&*-aj){m%Qx3Z{VPR|!E z5nSpaB6Fc{Q&L}T@1q!5QsVyHgTG3IhPsr$wDEct$#H&K9;N8N$>PEGybS{q!;_T2 zL#rgnPy5?5{=YuqFaF5%EV->|VS2?QBcXFS=0aVUPcq2_kxC&s4J6s~1Px`jdy^ z56+|GvN4z1Ul#GFcjc}+@+l;Nd>o$iDVUT=f||}B&X?+XvN3YivHZL`*;=!>W~4>1 zMCbgv#*V{LS{@X%L8U5rW8kojpAy`p=8N3!O&^xq1KP)Y6PX%oq&+p7#T>94L}Y~m zsM+E!VPc`j{uN(sS$8tV$iME8Q1K8JcGC|v%NHEC^lon1Zl$l54sK7!Xs1g1%3QBu zJRA@05V6sN8G7+@qdLB`e=g`xG11#0e#uIovp(#>5Oy80I8@`i;G5(;nrx*%sLvM&4vL6r+9OWgNfPY}#}f(KuDNX$sv)Ujtx=d{Aa+a|K$`Y6 z%KTB9(*Ay>f%_7rb)Hn$2=7Z|HBmw6`luixTpf0BKBZf&JQzrNKe3?_0sK?Bj`q-3 zdteEgv3d0g?oHb{qNPgFt0Zi5!cAzC@a2BLDf1T&(fx`yz@O9t^A^}^>pJCEii#|l z0MA{!#Y;%?ni;u0zs)SqSu7#wZ>`Lvh+nB@^!;@-R9}G#mZ8bsW6Ns5G4^G8nB?pW zQYx4kvl^jeYHK0_Eoo$}$aRGor7k-)=ZsdqwTu?NX=Y$ezFt8k&h&oer;T@=3Q_`H z=s#c2M1vx6YxS118)qYjI9xflv&s7mFqNmlyX5GgfXwhdAiNchM2eF8DsBoyuplbx zLx`6SVPkFM{Ip=%X9+J`o&~5@ALD7@u^>B^bKXLz4yj$k*!+tHA){w}4w$@8!Ec^O zfBGTx=Ym?ACje*u}j$4TYqV`jk3#A zjRAyxf|LU>u@Ij#w5nl9aFwAQX+BEug`+irTPT=d8Vy|mO7g95e@ zVE$lnqL6z4?_r#2O2{p}{Q^unwdh467}e5&O;Wl?ifDS)PQaV!9XsucDekQuL(ow# zR<5-y1BQuWccG4+&(T^DFiToNZ1!6|AdDz<8^U9KLE(}%M{z{8hS4zcyYU7-&*38h zMXY&wh1{2vJ!fkY#Au;rJ1kA&*uk+x1Vfbd_2Y*SW+IhwFwW7o=gE7)K<@f-AWw`j zL8uaNpT=@Nan6H`T6Xp4NrktqN{0lr-1{dHdBIodRBJGav^y#rp(H9YxJX6okc!8k!JaAQ#2EL$h`~vwCGl{ zJOVbnDS$}4+{I$XEQCrlH!&eXLav7KE}t>SXs8{ehcVPJbD`uiJp!Iq@Ai3e+sFqp zxn-@IKtCkDhc%Fs>?9=lK2$fPYV`dtq*5(j0-iuR{6IiajD!U=QvXP*QH_2eM+xzC ztb;sUe5j=KG>*~cmd|D8gMbZ@ zl~*ldS=cO);{OCi!p)Xi%LX1ouIw*8mkJ%087CnV6ZzmMcoW8B)Fo*1EZb)O-Zwr7 z(@Ue=NiA=0R2_4SGP-?7OJH8}J$u#*3re(j=WEF24bj!YE4xwiMEdD};2S ziJPeS5W;(J$FEyOlS2$U=m6$I=$K*!J%1CRf?cu$%bg2QDiVhsG*T>Mq|MI6`aufcJM{9=_lOt7f`m;QZ>E%0P2wv!O3R`7JiX`4nEz2aV3dT*Z>c{$QQy%Q z5?dgV0|FBTO;Vr*#@YSzmIQ*uF3L!7L!Ya_fMucl2hW3C0e`>TPgqn?%R04x6D9sc&gzMM$*m)>(T;QG7A^`W|} zXMUV^D$Zqid21pBu{{;Db!W3vQBs`NvF-ZnOH{nhgO>(UjeVb>y1JSeK$K$m<{!m^ zyZA5+l&rn_JlC4pVbFV|2!K_fw4sOuI3S?k+JqcXB;%1(;~M=2Iv0`%9e1+|q-ISb zolIjTlruU(@i<5WnjR7~@BXJFH4Y*CC^XVN-++G3J@g(1Tpl8%F$F0``adg%Ui&Qy zSRUy3N)zb>sUtu+%Go?8Xhw)p2r@Fz@Jd>6(NXINt;Bf@3C|BH4y}9w zzKJ{O7aWCl^QBQh47Ljx^7w##$Oj!>5%48EZi#{3bNQn!@SgsF4~QIe znG93)2ZTS-K>)-!$$xrDr|PobHN3sPW)p_cvYvfD&0id{yZ$ff-GLL-OQoDqd+dH=#ly^+O4$DK%ut2PkTns^N!@rW4l<2$|K8)geFTC4 z4Wneqp%FF^US$14c+vERhz?95UdWeDL$1B#Z6RK3;#Dl$|3qU$5~1zff9aHRqwP$c zpz;DFbcX+4=u*$mT(C{YBJfz`{v*C}dbv}Wv*53s|H&4eJ$d#0@(umv(T}h98m%iZ zB~auM?!{TXHE!E+m!%ssf`socud?U$SjC`4&j-b$-@TTMe}ekvb>knbQO>XVsLcVt ztlV<*%-ymd)+EC|d+_=ZTKgNyr68u9Q2!@2WIL+kHW`+`dXL>795GgT&iU)6Ov z5piHEGlF?jY$$9al`=9q6~XgBi1b~l2}YHX8AlD;#+FeqQkNko)y`jw*ypa4G z1MFuVN@H)?%ebzV38J1ENdL?)OTA?~@(J+D;^DJ#Z7H%5`3p)3W`CxQ-;+=7#gd;sO6G*n zG)aM6=wVn>m6jN~~CC1|2QFE1$A3RV%@GR*|FZQ{0J-3JQ-*hE4 zy(Hw=p46;UxWZ=wmZt_7{Bv*Z`PWlKiLTG}d$}hl$$D0UYX(TaZ4P%I8^R`>jjz=bo@sum~^@`u!Ep)4U|>Ni_J+9>(~%F zK?y4jLTS3xTeBku#;D^AFIjy_SDy2)we|`&@i%14J9y{V{t6EJ!9lK=qlIF;24*vy zAiUYvFH!{HS&z~92VZ4KItOovGg++GuP!@ELoE)e(h8)^sGF?73ldBWpVaUj2y(!F z5Vfel%PmvK3;6a(o;GsHA`h&!{&1Nw2M^7TT&IKW@(#$3H?%XW9zn(->@FHimXf=$ zI=s9*mj6KCbIg$OPn_saH&?SxK7&q?jjUoN7gt3NC%P=Dr#7%{HG#Z`k(X2nq!~SP z02`FXxPMD8(4RptNnicUli3%nPJZ^tMf2yDgf@=*{L%7rhy2yfmH!LgcMcK%qBddS zK3H|>_n=$)*gU-XTF?Dm4+7vYfQ$8_iML4Yqw~Gzd_mGf{Qnmxei5oJ*QxHDag=AN zjX=Wz$W0eM@@VJJjL#J+JRgx3(01CW{u7S;a08)OHY zWerP)vVD6cG~tZ}AoXLR$G4FOcsElDfm{_@Bfz`Caqj%*9p@8jSebAr^m!WuY(Bf87QBq=B0Iis*lj34i?$zn_Cv#og~xuJ0H%aOU8hI00AM~iNqrH zMlm_1Bn~b8ADRMJrT0PzT48xks8skC@_W6&p-L#!FuvFEntYN!6`f`BY(P+QcbQ2a zc^C$>soGEx+DT`sg$>vYRHOLZH$aMu7~0&j`><4vLzRpSi0rO*z0Op0pXxV3x$6$( zyL7sOw7obSo0T!Sx<3fAVpksJWYeR9vS zq~DlSQDQ}H26Rdk+uRc{V7|V)G*NAHFF017!EQ0Hg^VTM@m}##@PG|WmZR+P1yN_M53^I6nR~h%JPhs| zbLR~bry{$Tw_CZ+3ZQL$AtDL@5qE9+ZGye`=8W&u>D4iXh*8ITPxUW@Ik(RMUm>eW zNX;oMZ2lPAVimS}8GoGNO@mg+R_rZG?Mq_#I(RJryJ_6lXHGkhSoQKGjr+XQbJP$R z9Hp5w7Mt$X^$@4U6`oa67Fz5}lHSMfHMZ`3HO~q!<^XLUIwcJb&v7E0`+G~WW6$@+ z)E5`g#j;zUdV6g?C%qGiNAwba$cf1#RX`9%)enW28DniKs6?F_MhVb=#g!ZRp>{Sc zPN_#Mz==FuXX;cp-siA4!{*RZ&2o#V^jEJKn@x=EqOghoYsGCNAzbX*S1SI>Ame9Wt*tj^b}NR>yHsk^Qhz{79``J*kOOR&-* zZ<%coV|}r`Z^*{CADsu_NcRz5MRA=YT;(|t< zXHAH&EXjx-HQ1C~W*LjN$c?c~KpPGa0FR`e)VySd#JS-2Fb?;weS-*=BohJ)6dv)OAXzu7T2Ouc}3|+J!{u(q`o4d;o_(bDNG6v_uYJnWM(I4eA2&zof<# zH(K@?Vi}(C_o|7DX^H8~x=?Cs?Y$jA?(dHE#OzZ~MH&XL8k!%5%{oK?_R?~*jrEz^ zLDc7ig?2;BsbGaIXqG{jeaTwTjY|#_U--P`#j;(wG<>#Z1mRd>f=`$Kw|%J#jm zoRtZ2_=RAxcN}Lg(Hl1ApkL@VWCul7=@Smln=V1y+V4s4i zXaE8nrVt{6HkyvBJ<-6R+2Pb=8-O$PXfOiIs5Pz++_do8=SJAAq&;z$k)8~x_0sCK zq4&QyEfn>Jz#kfO)?ol|?GugF1#geByop8U#xznPG5pq9eN+(g5#8G6fc431fxmJ> zY%U{*&x$Y-9HzphyY=sE8OVYeQ-I*U>5j^GU=!VI8%aB)aBK5ptD;cu$&-#GLS2nK z0Sz$^YZ#3c2DeIMzJ|OExlumaJMFx)l@u%?pyl}`WfK2LMV)PTWyj(x^lHN%d#tqH zeT;F#IJ3jBl_wTCh2Egem$K22!K-U*Oh$50Tx?^VSAQ?h=AqXxpo$IWR^RN_`-wb% zfaLj?AM)&&tO?2>wR5`aIq6^W&HD`2mWn(q?*ofoa|lT`pIxQWAT7r;y1YRua6(aH z`(gk7@rp%SZ|A{lal;-{>eJ7Z;cmCfBqiR@7Rb=EmRcN!;TG2>Y-bpcySOiP5rfw8 ztTohgmN+GP(W7E5xQ(M@(@3GRLCSf7x*bvqg08jcB`|kU4|1S5dFCN%Eb;g;zuckn zu%`tI(j)!GG09Wld}tk)6DOw|$O1Mf4g7C580{a1pUEwoD!0diA}1wh)i;+(=OiK+ zSJk?`+C=!h4VJR?T~5Ex~VTsYtrp`X~GJ8rmnm?=>-LO;SXJj;Da* zlEk&qP*3J!d=U`#<65U7y_WnHMV_YGTn<;N-cOfMflMK5NeR6MoB^GPryNr*TPRrO=Szf zFHfPju8%v4d-oEl3qaNNQg*>7)mmvX@iXymoBihSUAz5vBRcmV>pF5_y@35~idVCI zZj=e;bo2LWi32-vTYq|Ksn2>}bcy6dBit>_88;rd=Ix}i)l!P=Hbc@8R(^Fz`I!KO z1Q7KMe`zLQQz8L^M&mq$L5wZIkzT(gQ3UeqUK{Nox44%)*$E0mb};-GeNc+XQ$Sqp zwaDA(wym#`9l!tvIePneT+2#S8a){>v1!V>q6CV;W8bI~(cuz2zjC4a0flxk_@l3+4qU#1lj-(L;xzo~OK!c< z^ZI@HV;Ho-^(kpGVb=Be-n=3FUud$EX?nY?+4e-Gr5F>0hll~*4>U+0XwVC9K-yrG z?rxj9X87q@?{PAiwB!ZqolOkQ4mLq@9gsJp6Ht8x6E9l5s&-@XYpo0*vT2{?wLwm_ zH`sS8h#3 znJg~19mY~_Tq-aA5Gt8KAky=R(uSlBaAp9`M3vEFT|MScgQAy2XPtez;IDAWnUH31 zzlOg1m;iJ}5MoB9=0YJfS|eTC-K#Z_tB=5xlCmVMuQ}r?A=u?_g}|DoE08Db|A8B2 z`Nfclj?dUGRr%iY@uSeVyz#(s4cyu zBmNa*wxS*^JPAeTSqC7UNqT!ygTFpQ&}r2wLB`!0W69bk7pP zX}7Nr1zIAiz1;oPP2!BuUinOlN`QIt8{b(P2!l=amnMezmLS7^BqqT2CgWaVGg>*6 zQJ$QjRiWl2_a$3lp1t788eekGI3Y)MMpU!aKS3r7{uX%3V-LSaJU6yOHhsxt!aw@= z<2Fxvxnn;Qn-dK8r3{ZqP+wyv;qXSjyp9llF~ViSVI5w=rvU7LAs}rT|upO6$;mp`_>nw$vRS&zTm#4odCELI=28Vi*!qCwDEs?uzGf!A2e6*n}d zzq@q;faE61g^cpV1otXh;bM=YtH_{|Fg ze776z(vq~7D;Rlo30jUeS|YYa{mp9e#$P*{?NoTN>cEVA5;PJjawkQAn$5%1i_PtT ztlF*2$IWX+@Dbc`M{fsH(+qQ&cYGS*osP2Tne`ONSy=%_%MRcr8kPR2(NYPLiBCaT zp_C?1g5?judP{D&0!A6}uP5Z$IK+0zc~gMDKXkxP%<8dq#RMhl-#G0UH6q!>cb;%r z(%wh#1x-eU zCk4zq&{6mT))jPa|AtRSZps5y#$f^9E93W3iEoquDd#7|UOr&dgXm5|tk8d;9~}8V z&hz}Q#SZ{^h2D}E?4<8;7q7(hbT{Sy=Vw*2m=4C>HzVRc(SDRdwT$&@GB+# z8|tO;`2ZguFs{AmB+L{2R+>b>)1?t3n|oeW>w1kobDR(`Q$7cA@V{Z-Hk~74qhZWd zzFo^gD$;d~MgmhH!I?{f2w~rx-2r9dT_q?e{VCgkH>{?MSj3S;K+6U5#Ge{4(cXxD z7hRz2|Av_ub!W8m2wkd6J|hg6FhiE4@8n-7-2kEV6rrX79~JT$z*<`UEM5CTSI7H3 zdoyjv14O~)5dHGcjn8xTud{)vYgr8GKmgf9AWANlbcK!-X3|M7RW z^iRpC8Anqu&9upV^cMo8k)Sw0V|&V^yL*r2j1WB$jP6z{#sVm%4Mev9st-UF{bfxCe?TQixJ}1%IL=e>6UMDgb$sk5n4gs*NZ7qw7pQkyr@wFnU0?$y z%>H|SjDIEe0hFvoCh0Darpi7Jy54$bWzJMnU-yvji|pZ}e`Mji#wRGMLqcsBv(g)MH65uHTEC3-4x zf+--mX?Bea)2DMG2nMQhmnG_{tMp_eg=r(#X!xQ0eD+Ur78#Ai70>&-h8*KuPhltO z2?qG7tKtUVB0=j+!5znu{v&{_1s({IwaDQLT-I}BIq_qmAI2qz0e-;A zkarGSUnBi{-hYJQ%x?sH1Uuy}9-{(mWJ*vt(mX~ze!RYcbpz8`_}MbjDB3Icu%ZS? z_&WrQWDn@MEE#H@`h7BnwGc&bYvmd(VJJar;%K=u=8QXKG4;+moAt~16psnT8kTUd zk5SJ7eML!-3U>FMmAG-!2kv*oA^=E{c*$8}xU7HU>Z%^$niC)SjFOlj+c7EtFH#t@ zy{8^Ot2SO@v;*OHyT8ZyRN4Fd4QkS!3eki!^v)YKHldw2HaZ!U0YY#il=1rS7(eK3CWI0K+|UZF+={}fG!y8@BT_{9P3JQN0mWZ@ z0G=3iE6j!=1Z0ATeI)|T=}Ec=Q0}Xr^(W_mj#xlY`d*C= zy+knEhak@%!zMuDZTbk6$oVRc@V81yks=0Z??AcRx8x#1)W3u60FCW0z5fS}bLB}k z(~nsIP}}!|K$g;H6U`{`Ho=&rYu3g9PBdWMHIg?{O|sx z(-rXgP7n(fsdo)!0u*0`pLXs{|J{H2vOk{==w!`42l%7HJyF8PU-bS7@NzT%Ep$Js z0RL-*?!N`?uY%_IoBMPe)Be>vhe)+W!Eo-NP5+!1hcOHyl z>Y4TWON}RTm?%VIGY=}o)FSbFuC6nn596x1@d@_a4>#QCDi+Hv5GfHF=9zKhG&Yr| zgN0Vpx>um8w0@!=MYhhspXT{r>v(c+K77MQ_%Vf;<2v4Wn)m8z+6+MinP;HSuzL|- zH-JLG&v7zvbIY+lm9*n-eWl;MJ%ZYw*BOLdC>4 z@D7*KzN@ibJ+rTIYelF3*tB#2n_hXbLv!HBo=XT0dCK-}9GA326i);XAc}i;%++i^ z9(^IhUUiOh7gIkrhG59p$*yQY>(@+1Jj|1v1#P7)VQUgU%KJX7goEJXicU;juQQ$1C0hRsr!4x-Hu0|(0Wy$5Y(v3T?j4?cJ z@#HD4qWkXZITO4N32r-4+*?6{C@@fn^b}X+{Q%u9_ss?Mjpqq8hw1W=o9+Sq=gowF zr*EMK9a_&~m8wF2i$9Xjd=`yY}sMETUHjF8-21QsQd9)c)$= z6d2mnm7;+Jy}4sP#~C#c@Su}QR%$H1p*k#a7HDJ2>qhK}t_fjee-_$$kAHc-4iS-v}BU5x?4>q63SJ4Dr zP{D-P1I$N8Y|08MOYZe1XF%^vLYKEfe>E2~d^LAv{0y&Mr{U|lqqO7v0{~^B2Hkd& zpcLVSQbm^Ejs$nFcaF{HPB?8c)q6nnIr2PpO3j7Bu~WKg0-)2YcG4xR+~$gN_3B*K zBu)qJWjoVTJWyxRHD1o6Bh$;Nc)oXXMJq|U+=o>MyI4Iy_SJeL_tu14os@hfKF+B} z9d)msAFFh0FAy*$yXnh2Hv>*H)k-qBa_{0s6yLyQ%B!oF@NiJu@yc6}%$P^FC&?f@ zfXwDqu9{yESx1eFe%$p#*@w9_kX2xZakaR5Cugm2j;C^goaJ|1D{Ya}@gCA(CVef| z1j;p7al1**jv0 z5hV1D<+w_oh2S`4z~u;?T(r~jbsXaG=18gg-qwWTGhZ^{%B`m>uEktdO#%biV`&Yv z=Sv2hW9(HM3{$+#=nC0$FSweyQyJ`6Z4M(zlpc!im!3wx)Y`2WdB)|va*8gd7J>5j zV_4Wky>lJ)!l1|FtSGhDWAgF6f|;9Sw9B~ntj@(reL{OL3v12N5*}4#p@+RnwNck( z7*2zDUISCHmRo^x9w<$j*$333T4PPiN5u*Dt6X1O)vPv(GrcxCb`Hi;MOzdf^-|ca zU(rwdb-wN|%fD#M73;8=mle0~y^yFN=ulTv%TYS4(M1~5XO;3U)RE*~ox6c7SEnnUZ#9{$~Oe=8?Cmu;BDVMbrZp9a5E>Wu3Q)OH?bqs4V5WsORSrSZ0i ziSoN>?9Y<*`iBKd$!d%j+f*LQEsga?vl%rP2U}e;wI5uO%)(Jbd@}rFH&F~*g9U087Jk7QlB*-!3Ha#>}GO)xtLXGqg z+em=>@gvK1TxTaE8og+&mxFBEmpEBVJNL)k^76+syPH)K)ZuKw_5D{<>iUcd^@=Eoe~1(R+PM&>wc2%J_?~ ziDb1M+JKYb7JHpha=ZG%Iu7;O9fLglfTp%)Ug&Qj>ESntJO}POf5C$iz=T8<#GI3i z?$u#WEh!4_{h+FC=ccCbH`%DY!W>H~uwx9d+LR;8=eJzDUcaDG8D9nMZ_4(2F}Wrd zl0wHk4Mt6rWOL*j0Iw*y&wd`mywPJ1Z+i2=pe6;g3y73-dGkpFor?GhlA=1KBnL!i ztT3#jNfAJQ8^|alxl_0OXTodB1v01Mq)t${2O0SabDBzvZJ!lZ92EqQ*-}e%#deS2 zccv9|l;0bs#lhP+FOtKb=>lGGV@0uo@W%RF;6sc_UDuqeiCU#JJ4af)y@9%*L9p;t z`qSeGIy=V?3-1qQ$O@ z6Lk-leN?s1)4Pr)&PCcK35>R_1X_4HDmS%68ilI^N3O%LSdNRIt7^cnr~i7{t9R82 z?7>{oq>CU~;JHJ={3^N}b-zgO?k1e;zi8&Rt4ro5JZ)E0!fJR-PYX4lajthh&5J~?eG;Oa)v}-sD{?W#p#@l(9E3*U)S>U%+ z6MN5#r<>pU5z?#lcOPlK!F~0K@GI`oC|q!F75A+b7+4G)R?&IQ;9BEdpOh?dcJTwC zZH7D!iUUG$tD%W{&+(0N&I zd@@P!76UitqQQJLsf2quFI0&=`5m@P$l- zwd&Bf-xkY5tPWZ>Dm1;htiv1gTEy8cH{)zlB8+Or0+>QFbkatzSN3>&Cj?+v;|kPO}~Z6x}O_xy%~c8)zvx%eSzzMioz_F=Y4x6i5BW z&ilp^Z5+c|XM*2|w&UH6VRZHgdg)pL3Je*4cq}rrWq%-jPvL&d_URa8^+)DzelIY- zv0>#0F8G&xU6b8Js7vRuO>wsiDk@D;@u+R6hEp_DvC(}{Q=dPz!m_*Ahjk%fiOpyPz@R|A*skLCjA3CC#}c+dO7?8@+D z@GA-WG363#T@$wos-GWdoh5Ev>S2^T?AO(}! zu-hdvsXfN5UB_qzhD}k+1E&V&T)XHm9TPQZW8z$?++W*DO4Ka19s`#&oGNze&aK$| zx*XQ6lH-+S^+(dN4*-FW6p3otLtT$X;Xf-`SVTCQlow(r1hCfZ|&}EgS;I!imo6*ujn#m4$?{Uw6~0*a)S2$^X+`nvyf&AT{!H&;8o@zZ!@da_k4F_c zp7@N_SMriOD-vT|@Up}~$zorrZbbi&#H%TpXr*Bd!QggjQ1`L;ZrO*_d+HgptwB+F z*g-GN?Zf+BfIe=Vo!T1R#czf&l%GfnY!UKWbwYKljEfj6?2d)NPwsCu93D#`6BGL4 z4r5>$B@Y@8y2D`NHd}9U4+J^d@7)J*KD)<2k@P4S9C^Dj! zceUqeRx?kq(}iI1sr1a&ZvqCt7`9ez=6F9z&>9IjYx`k4Toc7vv3RWvGc)3#|fD451+H0apmwHv+*8UEXba%Dh_df;ndzDvR3pyLtr$2 zNkS5aptrYmmrdI!8NfX3))Up+_dih-N9W|k=HjifS&;CuB+KyJYGA?dnW}#iDbf5>d`{I_`e)@@H?{?Z z)Tx91zX6vkI`!F4S~-Wq3*142fu9$)KTDYuv85Kjh&u-0y@*5E>j3sgJz5HfwKK>2?`MCZ`4AKVegG=rzJ`ssu}lB zW=T6%=H_|XxRaR84X&UC@LLHU$wZtHdmgK(XHRxGAt`*S?H2WS`|Ztc@_$Abqylj!LposwiqWkNEqSw-9D?S z?I^-4Q?)Oq4>#YPUHda{c#(GGJf+iFhRwT4xnL^iogk=QiPA^a@+9mly(2D=TGb6? zXzg^c%JMguKwIRI;pp0&r`z~dNr^4a>GIKgZ@qFpg#Ffqj4+sSbq$$=_s9p)$KwYNP?#mVLu?cXZ zg&Y$d@*JI8T_Qk_@Z3)9y{g(?Rzk~fONub-Ldn5!i>kF8@iq|g(NvcX)m79OT)~!B zmzf3JDw$ZdTXfD6PyJz-rPxn&LFwL_!q~Hk5X|~?1C3s|nmN=w&@O^^9s2*+d+Vqu z+qQ4?1_MP26+xv9P*S902oaS=kZ$Q1KpKV=WE3Q%yF^{)M`wb$P3`{%xK)^%NH9p~@p<6to<{`Je3r;iX#Eu(yvi_!=KI%|ec`#)SM z=zYXAe`haT+xr$JLE$uBW9vWh!5@ofn-&hYZ;)1#;@%;d(s3o$EXa;ud-05d7`6XG zRpD`?RgBta?e(@Aau5vC+MM)jbD1)ymM5#Cxmg}I{7xw9MbgtS<*s79Rrvn4hl|S3 zq|jGXw;9QE{Xs@cu~2|bzcTOTvi-n~63c_1K1X<(>U$==HACy@>*5zd!!mBY_TU=p zy;uL-Cax$s0l*6qPpQt6F$59Y???30@V(d%>kC>Myv10{hitugiJ?eob1Y0j$)SGC ztis{(Yi$keDv*qJt(|WnIs<}IclNcRA&S7$+oL?%n6ZVLS0C7(BiVCu4I3FMuHA2@ zm)`@$mBwLGuA-Gd-45RVc;NVZMBFoo&QHvqs{8qT;t5r zD@Qf6>U*(82jB1b_rZLeG1et^?7c;pV5LcV;`0^HpE!F3&#H(S=dC0Moc$q)&7B2b z*GxacT$7$nMYS=<1?Uv}Ea0LKwLu1%QNMz2n!@seJvr&vUWY5cQZc%WH!^4a=S=cc zzUx8d$ZG<~{--ro9oQA!a6$pv7`du%zWpC^Yx&EDNDyZG2+28%sfzngMsgq;%Y96H zOLkhl6uAOPl1N!tTTN5ySj5AP27=7#fznS9g&Kj_j;)fBeB-?lk+7GIzB9!~SOO6; zd`#*4ycCYJ6Bp^T3mhv^KjDX>HKnNNUt?7}#Hyt*b7Zj%U!$&dcT<`|WAu-21Y5(E z^Kqjj{atMsP3oZosBjQ;@!OZw-xW7L*_U?fN10!za9-4mnfytvxN4T}*D@8RPS&St z7h`GHc-ty7yFzTc-L6JHS-a!bdE!m#S6FjHDI5(6+p7W$B~SK-aPzmi^Q4_m%AzJB~fGk@ehBnZl2c z$bRN*XN~!C?$}D2TwoD@6$)%zc&-Pkl?M-c?kp|Z<0vvUP}ihs#CUISe}XNSLqJHb zK|03eswIm}zz-_Lwoj|t8f&0)!&J?yd*@Uh>W7R9%;sbeD>INe4eFg4s&5h(B)KB*_?qtv9Ro7>c}S2 zPlS3Z$ooz6SH;h^{xseZO#%ZpGw8zSG?#B#YnJ_N&dk*L>g#tC=yII;+o|_7%$f4W zu_wC4T}aV&zj%1Q{c3#1{FMjKZuqr9fS!YTUV0)4!MFK`dnXl z@T1K0CG9~@b7tu`lY?!gK7?6qwd1g?=?C^(Ka+yG*It9|g3-vQ{d9L7CM8yicjd{# z_}K-?fz6rcesSdwi%-4bW#l~{wnn$yY`<>sY~kwBZB2z~kkxE|E%|A&dP$C?d?oW=N z8A2{?e@!o8A)ety8PLA01WN2{gZ-Z+y&MQdi9cN?$jfAyl3?YyAdl4Lf6#t|-a8(kl=-`2O7AR> zjXv82M<93jTY0~YG_O4HvvoGn{6gx$v^#Q68<;Te+a2xhk9l5magl|F8S|c({h5^1 z-S!xi5bNOIQd6?4#>+S~N+-|JC!to7mkflVOY5-sF8d)wKt9i6LnD+SD&pX%`sN6s! z7%DeGIxKAb^p}rYObKu*@5fnjDV>Rl%IRL4j?#GoBYFb6H`}1Rhe9SR`Y$~g`{$8* zyB?^MRK9A@V_ ze8lcxWmd<(9!5fI9wYb=d0cR|WPU;6z0gZ3Idr$ORqwg^StLAg#>J}zm zaeK01!_Pvc{ZP=(WsxFak)M6MJJ+1q2=+ufQBa-4`T3sSn%zYL9oxMXwJ`-=knMCe zXW*?0$(xaEJ7cM7 z4RA_lvaBA;Wq%Hc+1^IQz~p{~;?sj%oF|~d&r^z6yW*dT+_615&66mWSX5xEg#NDu^eQ&5U;g3HKtE#1tu%gw_~z-FGU9Qs+%VY9a% zx%8%-V!b{m#zVI|gkDifi3FcZtvlClrS+o>)z>gX^Uykvr2xM)nk_%k{0BZKZMxm7 zh^fZM(_Q)->VkW)Ol*xuTMI=Fv-?Vu^gCkj_z*Kbs=jqgEa|DQEdN~*y^RE;p(26H zruPPOc1o@~KYSNT;Hp{e=-V32&Z_j|$Jx6X5feU%LHxRHF}#Y?9Y?%3%$`>Y^k*tE zt1wJdE-5~v$&kIbO5HITNXQzRL!W702`UXzEWx%tnyz25pM6x^36JZJt|ySVCFn46 zcS-;8KUjY{Z{DwQt7%OzA2xw?-Mtzh*_J0%gGz*W*PIiuThgrKxJN!DtNF9*pQj^^ zHYxc=ocfRE2-8>%+5$x`ku>Q?LFXOWk`W59XA*Jz!o=Z}J9fbG8;s>|S)E0>xoN|MK3yS-DqME6f1F=P!H>tIpz*KP16w~^7x$U~uK49*H!N+EDn1+nj$WZ5sj*JCZa9yQNX9PX#?^WW2c{-8}dp+Sm;`Zq?PJ4T%Y z)BK=DfU{2QcleJa0S3Sr%f~)Fqbv|9 zeAJ)+#&r)WR-a!4|GM4*k;^c*yhrB7d;&k<)4_>?*3Vy%*UZ0bAh_gcTy<3U>|#^0 z%}7|>5$AJRb?-Ep$()>Wl$WQrW^rC@BYe4*{O&N5rH;aF%cN~8u(lZ^9d@Mx^rfg z2lzK_&9yrwUZ#QmnAaRu+^=*OOqr!Cgf%@PpHA1ytoE2ls>dm_8;~)w`?)$H;`9`A zkoO;h7^*8=70sI#59699#_O6_d+8N(f`MkJ07}Dt^c+3AtI)$#x%etjg_3$E24>p_ zBLZSYnB{>lXA2*zty%T%=9?#dBpL(CfEhvke5`g)cWLK-yl}+m)@P5z_vsBmH0`5y zW7SiEHPtC*BNY?!dWXtZ@@hY_(<88~i0WkqZ_J&(t|o{m+`TG^9O_Me8e3#Q|0)E%XzvBEi}17QU&R%|wHm~f zs~w?vYIokTx1KRB&X7+QyN=iK_hPKw*-dbDd*|5;UVSxIE^(5#sE}_%Xy39Ph?ny9 zcG+F9aVawB_wn~VITUwX>VO=GYN;(=x?Gy$TdqbY-iz4yvA0SgWTq^ZT<;jvs?>-X zHMG4X1LHFT`9ECM&9l2;bwW^7oaZ*QC0#xHKYQGSiq4zK2+u=hSUH)$S@jheKm@Ze zXkjTsH5A)hl2u|9Q9uu_#xJBJSGeV*MZh?Bs&RU9U z%@xQObQW!~&B}}wZT;-)5%QobGO(KSn^Ze_%>Cy@PedUpIFy+1tzpJkslhOs@o|PY?j_8O5)=f@nc-y0vFutJk7)%uY#jd)o0Wv>?*=7$N7PU-23qE=n~ zRNac$P*QQ7SFz6Pgdzi-7rts|PpCWKqo6jdq{679ui20kH@g<#lYau5w5Lo6;PRP$ z--ma^b&*5ZMn$XVCr$G>&z|mfDmKsgrC|r36w4{G?oUGG=?d9mQkoBtgV8zsQWThZ zmwlrig{;_RwrTLd0W-K5A2n;D)12&t=_` zx`^3FD|fCUgBG%MA_B039&>+oPXU-JUkJpOwh$FbV1lKxs~Isn;l1%|MMRDCTW7%X%F zzkD}yzGksvk3e%*Dx;zq1#Jw76N&@AmY=1-gnP1|-$}tQgW1N|_!Q>-4en(4?k|JB z*+5>Mq68tDTf@0}Y5Fk@eJ4T92>4R<}W&?JpKmZ-3afHc}6Q2JQ z01S1d4M64-lmX0o#`dqNfmm7m{7hM<3z(_VA5RSw;-)Z1pr;0eg<-nWiM@INJ{j8E zEP}b`4tLOl$V>hn1i*j5Z7_(}UxR?Eo%k%7GE6v_LD0VpW?TFo1kG{JaFZ=of5ylL z-*LbLJ2EY57;TkM^Y|6j-&0jqEfIb)X5KAGZCo_Hj9dlu zQb~cIN``)Ayj=YhI=)B&-o2O+d z#LbbOp2c}9! z1$+A}NpEHD^&IHyfP8j5JwNvoAbH7$#&PO|wEdQYh z#Fl`H|9HY&SO`*~nUZIZMLqB*v>JAoT4J=kC}$@EsENK}@GJb{mvjhdy#V8+1(&|~ zSc)9Iu>SXT3_L6Li<7Blfy|5mjFj{xMng|>JBkmMEW-$iXuMIn{T6`as1Q?enM0`La^FR&AV z`-HMPr)JmEsCdsz#O&~En5MWt#lf3LJRf9BU>pNMcgD5u{e@EW0SmupWOwoRjO6@& zqYTsOjJk1&W~j3h&ysGuy1=J~Uk5DC5-r+WWuEem6I~C6Vwr;GCylse7vEh_t6`AEKmx1li|mbdSN60w`cL6;6>iVrk&zI z#YmSqWiSpj0Y1Nn7X34{DroyVX_2>ujS)=Zld-$tMM?fJ+t@Mq`N*IEY&t7)+D zUtFod9Lj}B6FZ=ZJ#SdWb2B3CHbtc<58_y$*rQz))(Q=Ci!Bgk| zg-*&D1L*&6>Esm+KzjY_%~PkRK@)%cR;D$2CBK!Y{{!X!2g?5d$d~^)lmqz@@C$_m zHT=Io2+c1*KO8i_IJP2Kat*-TxiJqAfLGQMLd&0Gl(Cv)7E_9T1*pFdp5dd-1ZE_s zcR3%3d4!d8Q*SU}TZI+{N9O+si~n|&s6x^6QqEQ*!VJrKJV@{FK>*cbKR^$1<8%-f z^dN<}QQGZT-rYpDNri`c8y*-6-b>3!7K=hTiG!J=_(Lw14b(T5=hZ-S9uC| z??9_c_<;Na63-J3HyLs)Ds%pp6af!M&+Gc>yz+^_yjqN>5;60tI+m0((2ECB@AnD9 z=fJvP)$rFKpguS}T>gHT2WAlTFN+FXzXw5^BY?1o(l|AoOoF0~o#48H{TZh7VVEWeQ|B=@U!xBJ20Et#cYEvS~3XA&3VOyhJKR%2I>x=J?+8L8B}Y;II=Xwjr%^$ zztF)*_HKe?XG3$97>^i~XxL2@g1kt3+vmg+AyGZOjZGN1zjxIFsk{!;Z#ZuwRz$!- z7mL<&!+z_z`0%$rVJ-C{^vR(P16i86sZ*yLNJXgQe(q8j4s*&)6-)<(^^;jNhREuan_77glhUz{cJsQ(6@DEh240CSD!AeKb5zuP={LU8GVA*>{{saK}5#DS&4v3HnzH9Y14Fgw2m zX6KR{5VEW%6HdJu>;&=k=INwW$ zLtwDWO-VacxTCb7#`*_+Co2RW!}>P5d#@<16+=`%&Ih`Aq;UX?ELxbP$U4gIQ}XcJ zYr#MwmCWmNhJ`7)q^8}7yz?i3^yxl!(IB0ey2n=XV2O28bQ{W0O_7h*7gKn~3=|5m1Tm z7d_u;0(z-Q(?mevySM+giI|50PqiZ$IChPQ=40%K|LUTkiaR$uF`n*xY_p+waLQ5t z^}~~eXkQBwScA|8fvi)*<;k&}t_v5C2a!th{vMN-Yha(zb}A2PZwz<%w<`)< zg9PA~9GjMByuA@7D$mG{1K}D-MB{ z3|24@gskr!g4ABUwn+9mo5j2aeA!~-5L{O(X z?SUhdN1nwdPknv*>tJ-jA7Ub8b$2rAFeWuz94MX2by%MSAs|8L@i@GdB}3b$Bw~0Z zi5XRh7M(!8Oc-d{5Ypx@W|X@=bHtciwHs+#)a7OQ<0CW$6gWvKnpqobn~ZY}WzXz~ zNY51-Y|i(#93^v|L4$^S^woH{M_L8ogO*%(ML`-cp98AAYpv_quP3DM#6y`rj@X$$ zV6;QX+m6_faF=Zg$)<>XJ`e8)kp|&X4R)IH-_LK~@%O`BItS?@w;j-6s?E~0XfHJA2+ho?8I5t>7Df&gCo31~ClXwT zA}E-AN!f98nNTzRWA@?|8Uv64GY`D^?_VxbiXZH5`c%i6LRUHjj=r~77Fohc4;JOP zZ(5f*e-@13+X)-zL5E?@Sy;ll9LIEW4@Qb1d#yp1pRxAJm;VG&#NWQq8Jhwjts$Vi zu@fK>{*a~W{aZ;JN)9fyF@A_%n7WGYugj~3EfG_Xqsm4^)4qcan-tOO zDPbEQK{?s-^^OpN^jPSoixKR{>qO?)bJn7@qaaFYS*`qT`!zIh$G-s<*p-)_zisu} zF<+AWAxw&zLA%d%O>AbVp}GSQJNa2kCuF%k4<$OB0wmsf{Jf>)a8MlfXoL+~uIaKP zKk70wqU8*zZ)(`8UF?3Qz@(-X63=XKA-Co}qw3OhjbboC^`6@8q&Qa=F7g9yWml~} z(J@Q&k?EE3!sXm+(p(y5kXf>S=BrPhc9c{zt znQGa#v)tdoynHY4o0oqjUK_2{d9{gB%=tku^B#TK1615lS!bDXyJ8uu1b~EIpVAZ; z8Tq*ZuV4L6Be|VKcXPXXMZ{>P&hT2g98DBOsr<;6sdK08tSv9m`5Up0Yx(1E^GwNW zxf;2*_Lsg#Ce0r~m1e^u zzeHvatKaorySMMA(Cy}-;luwKvhzi!;K24P=^KODk%mb>caJlEUU;0L7k>!^1EXFD zy}#`eWUs>2?Hjhz{37+~Za z3n!9k2{D=EI~KQo-V=nCSZl_=*MV^a@oH!ib&))+?;+82dQiQmK?jo4)6`&X@|M## z)7~l?AgyxFl39Ps4&t@8WIDRJUa?rz4>Ws(~%^Y##z$b8v77P28SMl{+cvefM`Fq!e)8gVnqp9 z9-bqi`2@1pZ+7p-pV8})jEYDINp1d)LwN;ih)8d%%Wfn1?mv{v4PnlBq0oJ49TGoy zV65@Ro9~HyDi(Ypw^GHHt^9f)aaKqKtHC)4RV?X2)j~vke`bTcuk%9jhcoAQL%S$o z$OTkar6K`ma?mEdzXJ^cy`#qUYBOisIc)rj7*uwQ*;P?7ahKx@*5V-qani zV;iu=Z~2hQUw*vbH~Vv751zyQdNnG+U9)+-e6HF9j(?NrGVRTpsA9X!!>)wzW|QU+ zH(~!+=gF^O8W+P=iigxSoOgECZd*0B72)MJ5ExZ*C?ZNkAcz{&5UHhhDMkBa;rm}6 zBn`vZzln`X#uJ!5Zd+J~0D1Y=hoOLhbO+WB;#GC>gBOaqFDv~h0NGw7$@X1v2~)c= zX_rS&9B2&C5dhlC3Tq&>$n%ed^`fqlDHt0nK*qy;e_cC^|4S zl6Jy>u1Bx8S-#Ffgi&QNc&%|M@s=K{ikM05ew@U%`HIeNcZ#@VLst5tzNN~OAV|l- z0&@h{D(lX;2f-Am&VP}kp90?l2k$b!dFe<=w-W;DQJTchelZDYt&6xLOY=DPRnCqN zb1m+-_FPaRZ9E%-CtE#5$j53cdE_9 zyPf^|+wr1f&Xi}}@cFb{2Q6C|ulngN_eQYld)EjVrIDJKagE;UZKXlFYtlh_eT&>Q(rW61pvU&4+rgIjjq`GFtQa1o|M>7m#P)2` z5Y55&oDM!UGm{aMnco+arlz z+f&sm)n!)$D+ZBHPgx#P-g+gEo@oZFSxspkt5_#34jc7$Fc zW(Y<~5Lh_-bsLOZ%e@|25jiLoj1y2Z_IuoLRaNjEZa{K;}f7>0C{_7edZv|NL>pN=lwQp^i)tdX>RMq;%A*p2E z@vGTYQ!dYO(^yeKz;nyFHJ_FyOSRb8rrxoVl2_p1gB9-d{!SWV8l1Y6gPQ8-2WQIQ z-i4wT>m2+E(d;&V&vHi(a9hLEAC%T^mSBmV7v!yfU6 zEIlBXw)-mKhg+)FAN9{iRgy!ktBC7l1G_Scw*J*9`iJItZ+(&vOxNC*AvYpzG}BWz zt7k?XwyNJ0wsVh>w`k>Khain!^TEpKrj48k{8d#+MrIeVqZu!)sX+77jJwaIV9BqY!iTnF7Uv>6rK1)BG(Ig-h$YW!S zGbSncqR*hZq%`@zt zeF-63l+tk6WJe342XqmB6OQ%>ondw|*Zq9Uu@%@b|02A*Y=(`~Q&J4NWisQK>+7&y z9FOz4K(9p?fwV2j44mdUJJ=)byH?|%5NPE$%8Xz)r>GJNv%ab?1P?;sH2gDQ<2VZS z=aF*RgLv1$EF8&Q{2v2 z#tQfuPMvjlHcWnnaYKnj0gE=`VK*p>iQkD8lJ@(ad!=69jl3o$sPGe9%NAwAPw z(KcZg70kN}RBc*F#gC7?U*V7lSc(rz)qV4Nf z3k+9Z4Qe;4t9QLLuUyEhEa9x+*Q|n|@D%w+;H2giA`~~unFb4L+KvvAa|68sdiiW4 zrQ<(|!sI|dw)_2sypG6-3cVq(eyax=2dcMbvKqvVm=9kD@#EC)wX5c&35z0D=9c7P z66@H};qjgabhU^3)x4>y-*JB1TV#Q_{@nel#uI$_V_zVcma~X&!q-bjl{owKwcoe$ zM{w$Xse(-6n&`}L^zew;u zt6J{y=ep3Y^NU8)H+nM^f`I##emdKP8?|lA6pZ*v>WG6l|- z^3VR`FxA^X;=ffPMLMhLx|7ZrYO4Wy#ew+8rbC>P*Nyg*6FAApEAYzYbp9vHKH|)C zI`ah&4HFQ-(~vaxw-h9Htm^FxO`!bP)S=|;Yf~yA0TV%S4@M5^GNzvKkZGPliv~Oo z?UKY93Kv3#Iqql6B#@kGDX#Q`_iHKT(n)pcuPLi(k9PY*RV0>N$A!w%kFx6w4l>2V z)~BBT%AIkDQ%)n0w#CIE^Kl&SUgI1#yxJz96mIA;v@Adikr+C7^qb+vGXRLADLK<1 z@UAEJx@do_q>Z$f2kQjoKm&3yFV}%y-H&JbY$?6-H}1{gAicS6y|wWM|L>WpcxJRv zmWDjb(iT&Gb$ID`>h^9&Lr=k z7&mkt&K+({v5Z;ozo)IF?6vts<;?PcZ*B*4{rhP4QDd)sCYrG=%KXl*rRp~K?7KVo zLC+{DZU*~mR5G>xU<~4@T4Gk;D`o3Yj>D4{$d(%?b&37)Ym9vx-|EP^)Bm1XLt3Sx zM@(exsFTTuSyxu%#%?C_`33^S@*l(Ob9$}OA}zYdf^a!pFZo>~$A`>lw)(cxH}b6P zy_(S=Y3??gwjbJ7*59x5&dG31LrF_DDnAT87-Cm|`|LQ+zpNZ;Yfu+1zLbGKLqz_{ z;Cm-*n5C#C&w>66G?!AsqdmL-*8sI{{T{yE$HR%nI9#t0-o)`h@!b0l&1Y#BJ3fp= zbe`L87ZSeex4C^yx?E?j{7KqY&*k*w8M38Uq}kWV#b~PzhZfANEAchqp)3ODD{Xd# z;EA~AnIpB%aurOo5%}rJdz?FLSN$?MYMMTn%#WlNEpfB6RND?en9I{tXRhFy*dDr$ zkP?uLjn0!|te4w}?W-t}6Yb!3tev$`ok&QRu%MramiXL4Q6N~_OC4R5>AJyxuvEEx zt%Ma~J#0I1#4%faJ!WI<>9&ivEzCc3hWEE7pm&e(@F)xDBV3IPb4Sw8j%wpjre;M3 zawDX6c;$#<^LpsE1uyS@m6pb$#Z<9+k*?^(!}Ot?+I{a#Tu?a)^#)GiQZ(LCZsj5T zbUEy2(Qne>QR`+b#lJALpIf`CP(LMt@J8_!x7{%7XbWfQfs&BNvRAcV7h4sIJBQ@o zyh+FN*0(si>Q%F&&_3=3$aR;TPVM0O{){c}7_lKQ zX}jE^0~e6DQZX#gq^=vFDH5iKh+0X?~*1RcV!g1qP%W8u+Yh(f+VWJSEp=eOwh9?Q>lz; zcilHC7-2(Jv0>w@C{Fz1Uz`0@)L2NL=xa{S%+41w4Kc7{_S`yB(OpyyG91iCL9(7K z8|_h*@z0PQY^{HbdQb3?=A!kR)lZFa)-zG_9bL+PP`(D^*{j?@fvvuu&Y&q4l z*tq`jN(ICJK@KKbaXne^M47%!UV&}A#jT_nZpRm3ezHy#ZKW}T-8M&j_+oIWp*;!u z_4uHMY*R<}Z8}B5C7@U}H z1-zH)QqxA^tj-pbG)nqUm^7F~SR==}c?{Z&Zp5GvM_MzBm%{bCkI(1V;UP#9sxsUg z3)TJ|X^Y9TQzL*MZCYQ*Zm#s7_!dMHK-UCh6dw6UEY2Q$!`u7YzgFuK67il%9)=jN zu}5!YTjM?P^q<%>t>`-sUqkMVY>hH^e$y_)x;0{FbdGGJ(Y|tdMO9w=S`RxSq^khs zPUA!l#Wx}yy}O--MOAbk=*}MBNUG!*I-O}OlRddzR zcAsk&ovtLdyfG&JRDT?I&BDOcBQP!qv(1bjNxTU2iOkvFV$X5DwiH5cW&l5fzk5}_ z43F51bk0Xe|9;Xqd})Q{@AIf_5?6Tmvj*o_szp_8kU>ELVC8P)!U+39?Y)?dw+SnS zAtiTMBNCYhfWTkl*_PO0s$VwXxry=_QWZz0XUc61`TR;n>#TMRd zzdvBG&Fnnap^=Fyz?Z&fgvM2*OA=Ph3#0kZp$5NC$PL6;Xx-~>1$GQxX*mXFV)&Sv zXulQJ{T)NuDYbMJg(D6ee5bpc#VchfWrDM zx+%39_BtjDZLjq`7^&IBy1oC8>JNT#`f;tmtn!5m0+UKOG5$xoZ|IX|HW21=t=${_ zSF+e#B_q~g^|ph!T!t18Ow;PljwNGxt#EJ%>Xp*B!KAhTg0^k&d9Q{4lejUYx6icyIL>9phPQMy$;Q7n<+ zCTtXIRaUcM&$BrPi(tKoLk94Rd0wOUmxyLow>CWDj}PbxFd#hxE;5kshSRR6- z@f&(SN_p$m`Jun0t(ZKw5*n~Y(q{cfXu6;>cZVz_dN1_6sqqR5y?8X9!A)VUDRL0O zyTv@hfUId~xIMRNbmryQjc&8W z-!PNZ_)cnKPk_v#GvBHKG2f}f^DUQOjY+NSp|<+=m}>@3&I-%sjfsQy2v*vv$UiwV zx{_`v27py&B@$=wuhF`Mc9wMQU$$K<2I*QQ*_5E}8P%3*nYungeD_R&R9DHX*F%Y2 zP-LN8(X%%t<;4b>CECSdP&PM0e6Cqm4X))k_#-!KMpyjD>(1F9;%IkZ-yJ}`(sKYu!0PkW!H2SJ?G6dE%T{TmBTG^hFi!!`G z`Rv-o1tKU{sW1)gjUvfC$z3n+SaW-^(&e5Gu0~{sEi=Bk-S9=) z^39a%7VkJblY}qMt@c3JQY!Ib?Ne7QF3`^RRdkunM@U4v*7v2fFIT$i*6XJ@bQq1_ z=Xnb+>HY;D8}$dgAZCen1X9gEqXvwv=k4nKx^iZ^n0minCK+ zzI)>N^Vi!Bp?;Ic#+4eR^^O`mDG0kVPB={hzI4}9XJAMI*4_%8 zIhM`F!xbXvMy7{U*V&dxAL@N!Gi%<1u70VxoQ53c7Pp4&)wr`WIln#_-+n|+%jGC- z7~@Gfyy%b;xlnz*#vt*qLelzZVwb5MlD2t`LR#K~d;;g5x;gCQ?CVV~6o0pawFDw@ zX)Z9kT|20wi2ZXay{5wpKkNm@ZwE+=B9wkAuA0Z&(r+@gZt80LxpEXj?&;` z#;K5~8y1}jjz!hku58cat8+F*f-EZK5Kj-xYZxbNrTW|Z?skbF`i z6n&t0mS(8>qW>+zP^1`0WJ3nDJPjBh#g{`{V?VF_TfxKqF_iXWz6z$mGV%*PG0?_ zVt_4D`eSa*AL3<8BK4d{54h% zgZj0Z!)4Jy*Q0|sdcaw8y(hqCA(-B z?MqSWvgRL@EEO|UXU971tLE}m-Ymup25i8(sA%p-X2Y~*4n3)olf{Y}5BvM?Dupib zES{$!q{1Pyes@4;?(f{7)`7nS%Q$vqO;b}T*#IYBQ(*_+O{c@n{;_16s0KM`pzWZ? zooB!^OCDkCZ2h%-#_qLE>P-3!X{^{nY~kJySmL4A=2Z38sC3y3Y;%!GQOzZtk%s2e zZB=N{Y$``1nR9S7tX*052SmNwifP^@pSA?C1bcr-+Bw&!YIe1HYx4-#cECu{4&vCM zW^q_v&_omU?&8(=7e5TPdF+e`@9rkQ_R641hs>3qo}r1D1#;G2OJ%4d$~Z4^q2`rcw!TeU`-_P}16mD{+{ry-j- zpejCdNGg4^if`3^ z-RZ@%*hd}2sbOxaX_P1Kf{QKIun}o{o`o#dNtEgyoWw!E-)Tj=eBxV_dbxS+q1r9B zf$z?o?i5C@vd>tmJx3m~kJ&~+CxKjPg;Z8ghgv}4^F-Ast%M!=Yn+S=r(*6g(QhK{ z%K7$&XU7*_H z<{;L{y4WAQKI`A!<)xGHG<@lMzeNEKtNGRU4wc^z2#v$wGee!Ohvf#kEsUiXh|>^T z264_;7U`>?+v|O*=2H~66S3fWEul>;jV0oS&lgILYSt{fKEGYYnFJn7!gX7*ZHtR> z>=#!1NOPMNR1aDhrR~T|1Ra229qV8?c_0-3HCCL)ij_ZO*hyTQaAsY)v2xsdq=s#Y z8;{uY47cqVPyatn2U~bSbn+RVBrPdn>Jb|{)%=Twge`W`VUy9$TRyRB8Ezg-{yg)K zc#THFOZ(IWZ}+%)@KaG(8fvf1`eBte-%KMpKd^Wh@jLn?KoS686Y~r(x@ml#FkL^h zhu5zeL}=Ox<5K5UMK~Ko+xUeKD~XKGpLj)r-a*6(+;BT_((aQ6r)+p!SSGOyltjV!zNL#NlEv9r_=~+UPw0Cja2; znGrQat#joy;L(21+-=1DM<zm=3ZQ~WRkj$&E8A7GLuhBwV#Z6PXtyz>;0+EO zdG=xt_{6sYz52UMx|S;Y$2!N*s#|N6RDIo2^$AB$qNTY@{s3@ z6qi?Al7vYHEf-)NM(Ur6V@n~iu}9gZco!ym@wAj3LO;xN z;v|d(f=Vgw(9a2;cnAV0rLPbWo_Eh^8(=uMNKQ``eNff>Gj&VfV7E)SP+rioznj9GFD21&3tXzPpKi)WrC>`;qxhx z8_}|m!nxP%V{eye`9#nHi>-hNT2_34)KssnnIX$z9*L8RR6_LmlFN#Qg%#mx{;1w< z;~Yav4!}yR4k7x>Oi!(MBh?}ScsGfSq;VX%h=vBFcl*{sV{Hk$agpvkZDFGypFY0K zj@%9{WsEX53uMJXEbxpdj3u|DbZ-UMsj?0sw32)|aJ@c0XlEZ-@8uLa++Xj|(j3Z6 z06ht8<)2zXYE=3%Y64c}He*YLq@l>(G3!iSBe(L>)IfyRfP} ztMI$)2F)AMK7}3DdTnQt!pUwGeBRI>0xrP7(P8mY^^7UnnBgv)wq+2Ia+60_CgT-@ z@NqC-yc)1Q60h~dG8Wy>l%B?U)uSJ0;3agxYM5)D|8-ilT6c3GWsq3XhH>|DGE}7} zM6<-C2Kudo0yxkDVpJBFY$J@HOO|%8Q-gV#`zp&sY)T3J

o?LeGDRBKoXxv+T*5)aV$_r z;QAA)$V6lqI`opb_RbNJfd>Kq5LPNt$mBCA1d2M`?yg1y|=NM?JMA2}?Q z&v;zx%2$E@oDYn>NkD%uM796d^o<~iUDcqw8nlvv&ON^UAx?192v(QsnwIhwrx=@ zs^&EX8V%<2HP$zB7jkMJ+=x`DwVSujAai_9dZ3h;e!Dzm7Q6X%5{SbW?HE1K-OT8% zQwAOBovUHKVZWv<43C4lEJ0?#Zr7p;2%{t%%1l2UWskFuWwf8Zy0} zLUXkP^jJ-N*3F3yFQGz)m&Q}+k~NO(y@hpNMMKk2n7Hdob#H79yRdUTFjbv&= ze`Lr*404mWXlqOd#Ug68(j6SUP^Pbk@B5sPt%mKVGAW&lCBh zD#F0WK3Ah!A6ms6kog;?!S~k$wLme6E&+Ol+)%yg?8AHFlG44`GvCnXsuX*(8Ox~N zGF74ty$Xs{{FUYfz{Y(iTj80qa=D`~1A${E;5jH$kzA0wAA76dxT-+M#OE`S)z?l_ zTvx9s8F^h%F&;%}=2?`(WK2N)itd5^_lPGj4m0-V%|Aiaf;E?Bztd+*!fYdMq7LHD zwY(aO&7R!^iS%;9f3nuDP;~y6^m8&|r9>f|^?=l!%SA{;^6Qa-P3w3_R0HSzG)z?o zBI>-p53PwiWrv52m$4{+p-iuwz5ePt0AKdw0C&PJ7PCzG-1#ei=P@x|Vqg`fKgf2d zXcblop$pM#(I@>zlLj2WYBj9frg8A`)zrx`C+B$+GahMEo~yX0ufS{$)E8rxPL|cvk-3^OgxHUwfp!o=cQ=L zP?h_SEM>;DTm?!V*EEobW%K!uhjkzPulmu(gI(kD~ujIsr=%BEznp zrR@95{Oze2hRPEb%M=HzaCMhbH`iDQrAbh`5POAQPIB~|rKq%3JJD{ia2gIoYD&(? zJoz(tz)8+*y_Ag7h>u>!4m>jPkZ~YsihxbDugWrxY$`k~_+Q)pG)MJ2Mf!!jlj%Hn(vd%V(Jug6M!nm z;lGW+*7@Vn)DnQbdk-Yj{No6xtvM;Kfr$fR?44UiRj%|Ev4sxDM$Su@*|`d z1+pEmQl~e6Ui4}K>8VY6x|gF#iRIwmZwl_?#G!wP?krOLT=N6V;#SJ{H;dKm-0^6f z-3=B4vZE&ejv7e3{Vyi#i8}|9Y&XvGQh>*Cr{S5UIol7&Hqz4;ubFuiwI*F7FCND5pJ4hb<{z++0S)te%+*({kH#w^`-Qb2ae-? zns2G{@j~waTtr9be^Zu?{i991?o<EFE~F=7ROi`D#>C<<9f4VvJ%7Ab(~=`-}kcwsN?Z`i z{GUPr0wjT-@Xy(MQWWgHqoMK#)T44hi{n8S14`%rp<*)z%6DVuFGK(rw)xq+gaghT zlkvW8$cx{4CjS;qc}>wQHkJpFz|Ea1T*9D-LE7$09YgKbrIfA;8=kSyPOK`=!3&Ud zObQHA!C42CauVA+W37371%rn+PBx($vtkP;fjD$1V2xZbN24VcP`mSNvGTShc7@p9 zuIaHr?Wo{|uXEj&ja{iNW=L#_aF5#V_JZRSfk7es1|3^-qIbzH3F{FW<1%XH5Z~Zef2%_#4lh7oNEYQ3)rqrIP(Y|y<0LWQ? z*l~bfA#6B1wdd_D>dp19n$2M{kvoZR7%2HJ_3TZP71&H&7_eQICy`#7>P-V5f9`w( z!7x8nSZ~$rsxpXv#I*xJfu~%5%)J(uYo;G^WO?dK+=@2u7()iOZ})+0qp+Uwlb3gM zvV7o2)74v;9Kr_p>CPE>8^PDprnMXb`%Juzr3S5(@J3KGeG$`7$52+6W{5jn^tY0{ z=2dG$Hdr0>d4e@S`0pZ%9UdEY8-C*LIa@paU7`KFT2wQ(l;LQJ+)52W{nE9dg0iy^SK+S6M4iNEzCb>>D|^T)m^XQuUxPO>DcIf4D*& z`t;Yhbott7ALaLDc8}mi)LwP%%u7aSL_?Ct4TZg3wbINXN2IELsX~oUA46=ETE9S` zD3GrIRJlh)D5}zlSrLq#H<`3SKHyolxNvmdogkBHqD8pNLa&?vXkM^skl0;1>dV4j zZCq7RFcoERYUeHx#b#pln7LhwQ4>`-3$VOSqvBipRG!NXiR`E3*I&Qws@kdGu6r*7 zry~0T1at;B${w7_TKkH=j~(0170!1`uF_m0>q(<9a3GWy<%2l zWz)+XZL!)ud#A)8f8SvVCDL*C{?|Q0qncWWa@aWU9A-vrYc4%0P?@W8FY0cl zE;`3;UA?88?$>@kqwK2m7~pi%4cHZ;&4{~OYxq$(zu^Pb-p)E6|4ZYvWC#lS>H~B5 zZ@sN%3wi_)J!n+S?%TXQJG^BmvsYQz)vKGN5Z&@k3mT1a8&bY;j4Qmv@IkIXJK(1b z6->35W8;cd9f_7+m}46&b!BkqC@vq_C2Ufg0)&S~OJDHW1kep}VLw@9@a z0}Rkq{XSLDNxg=OU7`<7$zsS2dYv-aD^;#F3$20nHI#ZfU9J@DU8BdqkAKj!UjP;@ z(2EfHy$47FuRPxJ?8I%`#P_hD8Dsb>*lF!C?e^FDAxbTdeB?sRvL~vKeXH&Qs_@{Bj=96R6Dac;+ zXv>qZj%Uk86&pv~JV#$7*TU{+;F7G%?+z6l1Ie*QNisH=^!(>fW}`lRbS9ts@?hiF zSg&}%U^3^8RBCt#7;sZn(b*oD0BMk6YIMNoh4R9r~(uE=j0+uy4W2A*1X<(7oMEyWu?l_fNc303nVgmc&kM;%783pJVFS zOS478sN$O|J=dq2`1eHnH}dKRV^V_Ug4`z*Lf9a+Q{rX6e&#Hx-~rm8B}zCVe;U2K z4FA=6j8)P=3KSmgkm%lzb*GB$$}{COpD37lEkTJA4~XkY?o%PqG-}6E$HGnBk4j9| z3PI}R^uQ*@9V?s28T&B;U)IPluJUT`ZY>)Aaxe3>NlyyJ54ZGjv;M~;UV z#f8&{KJUd`UTzdc5&1xIHj;c@*Bb0_^CTa9)M18xEs*0pG2*%+1Ii)v*o~m_(KPif zBMB8no%I`gz4gDwda0X1L(sS)6Qkof$j2e_7f#Cp!$$ZqoV52YiEq!&_w}IMP4b*Q zz8g^dqr4DHqNB^Dz7ZOg5~Jv>a-avw%1_%zF~gv+5p&U?LcL_Px?JrS`=Z1~G=2F- zJht? zhRm5n=d|6OFAIz|#ML_t%~C^l=VOVV?GUtG3C|i*+s}=CaCE{i`IM`r#lv`~TTBrp zmlu#~ps1#z$FzlUUm{5g8#p4xkGP}^hVdzm0NSacV}OfdqWWQ)*vRg0-|_TZf@}`= zO^R4rH07|NE;g}LC&h#Af^8lQ8GU*(LaEf%^7Tydz&Z@(#S!2R2!i zGxN;g&NswLNG||Pms=gG)!dfaNsTr>pQIjR#X{)}kSvZr7Yr6|)-TAE_%@c=IM`aLzYt{5AWJHv$ zH#ax^xVrL|jsNNdetNP2Ipl8U8e@jt3CBlDsjdJl zVA8{?L=_;KZU*}N(s_yOuC+Ldt<|aox^nqQh{V`#f!sU20%W*Mv0mxb7CHTyjWYZQ zbpT-yC85$BeqQZ*yHffJ0fYq?E|c(FyW~=1AI__VpB{ui`*t$!?4yHVr6)7GOf1mx ziRaa`W1))XIuw7B`7e@xhpCbWVd^BT(U_DZ*nZF^xA)Oc0TVJ>VvK{1<&8bA;F2e) z0aTly51FDk?TSuwZRcE^T^LtnM`u8PjfVzdxy_y07f8?o>VP@Q2y0Fr@-R6 znG&A+p5E1EaBimj5a^>jqq>9Rze(6$@b&0C)QIKdDbb%xxiMH+qp7^5DW&9+;63uZ zY6KZ#wcuzwuIR;IM+R}9?LQr6&kL}qU{u}YIZo)HXn4X+g~6w^3CIe1O$@`DO!7VR(~TF zc#MN8BpDM;#64bw5)PQ&%9Vm)nc1ZeL5Uu_wGY{M@AjlR8Vs2lNthNpI2&*U8m|_2tvtRo{-`3c~`R*l`ia7%qPDLm+)#{JB!7k_>Y|(6*0!9J&I9#grZ#~c3=TMuJPqpX)vggxtj&D4NhSm1M6Xkm;3%~ML zJ*>SZvmJx0{W!}otGwm5FrrdT+#Y&}JW+>ufujI`x)0BA7t3u|Dh`E4(JmW!U%axu z@oA}nFzdUBFE}PW?1Mj&FT<-TJ9oW&BitC5=fJ6XI-B;Bamg4sB~vd-7Kj>Y^O!rs zP9<0VGC|EkV;?Mp^@~W5n+wb)`zeuAnS+AAX;Hw@{C4AalzjZJC|RN(WT*?;$3Hk4 zX-PWjX~k_+9pjL_;=v}5VL%tQ8uX$77iQAbPYLY~@;Nry&}-) znu>Zucn7cHH`b|=bfgz_y5dnxM8G=LTb`E+&aZ=5aq>g2eIRe#@cjt(A;E-PoVv{T zH&^*PgK@@(AcpXFm~+-S*IyTo z5!|z>dpKinSC{52}C&THhQgkZ(0&|d`4ICk6F?NF`xf|;+0B=$a5vA?L7#Fa!B^i6yY}Thyi>tNsGGvhxXch&%d{rfT5@S#xgtLo0*!oY zw}=$aGL{>68hU+3V0GCJ9=sTk33%(ObYy_TQok*#bR7gfS~*Cf#m>DFjGJx5=r|Q{ z(lsz*giunnaLoiTX-^C*IZwAruE&ZIBVH8(F9bZSBcI?cTI zsbGKdE!iP{7I7y8iVb%|AP~3u@%N&e@*6mrFcNd#4=C9I8}pnB2S!9XaU@eIXgJKp z4mk$+v!Hv?Hl<1MQR!KjDkOINtKB6v$Z6kYBh|eead5l0lO&)T@A-psZ{=6!jbEC6 z{)&z~e08EBeh#K#i;u5K(6x}?k2=A?H#sL~E z+`xgu3ew_{Q+rH4NONvJ=X1h40Ii(=VXc@$E042I&x<#~_!?=*27K04}FdQa-{eEOb zu)7E>`zd+s`g#*%TSd#p-gD1}s}8t;c|%y8k+RDx8uTeGLUtR{#L+6Iy8srnQ~JX5 zs!8N>HAA!Y)raW`?vb|Yp`Vnd_)NnqoHTXQ(0mCu6;)67S@+CtU$N5`ULplW-54)Hg(_Ea5g1rIPc5u6dukf z;M8u?MO3rqLZ1$C!RzYU`^DUd-x%9tuF#(i%nhW%@PWSarAAZJsT{Dp$Eyou3LbmH z5az1s51{kj*?5KP+F)1rjQ%RbH+>-vc)1e2eJu37Bw-c$5^@8c;p7_?A`h4}B{9l%)Be(Z7*= z^s6IMu~xk$Ri1TU>{jO7ZGAFod;Zzmw?JsGUgkwkPs6@MOGd3y`xjpkxY@ZN95E}c z0BU-be<}L{4#8}#f_N2+*Jkxa>7@>y!)S)`?11*Y_7R^Nl{@xi>Mt? z8)#ixbO?D;?o3&q_nEURPDw9eDRj9W^y)JgqIE^-D*^}Xo@XALUJ5GKB{!hJ5t z&YT=22_vV~=V9>$T1&`}6&05f{giIp2zuYaXKP3VGH{JGWIoRJ5R~{wOi`j~{Q%0e zL3(G#T~@`RN^;>>fWmSzV!Mey$>PlxyYSdb#slJqxpZtc#3Zc370)mj`E5uPW5vdkL)e=DA~KZyHhoWx))V!am}C~53?&|R|%#}D}B+p z@_HMJTS)C=UxNHptGFD6gXoB_zmPad^hMwixfVU=xrM&mcD%9sT$l2EU#{pj(qQ4F zwW5_h1$%%sjWh-F63ZXo{H7Z?5tQCRG}6yJkjJR|-khOFmIMVl_v-C2u5~*2B8ePr z(xMB3?#_jJj@vg%z<7x~k2Yw2`T7(Fv8*{dj#N@QJ?OKoe6UKvUR21;+)G|J7*w_S z>PH6S(@(~MoGsD0q0<0K{O*Eo5n*EM1U9W0%KfQspi+JjNC;-z0L>?AJGR3yM@#E7UHp^oK=Mzx#B5G%?uVf5Y_b&um4E|rZb==pGIEa9vBq=<2Ss=_i-qSdAw@()k0+jrDG-Wqo-4TqJf>`5(Vw#rHB?>DQ}&z4aB>b1aysb;Tw~u}erc)0(ROFvG^X{E2$x zgFA@3Yt$#};hWY!;ulsoy5oB~-!@~?)G5md8G&U-3f%cx?GCMn%PV@}mmZJWjH!ft-+bx1 zG`t;_E7HhZE)0iqgwH3qk3_gm3l7qXNQ0VD_Jr_TCfEwg*WN*9$2jg=W-Bew-6#i% zLHBm9n=5_UD{f{D*DDFUeG??%zuTuMi!6FNSb{wE;7PNWLES<*2e~A>vsWvmn*~C< zphgV{=G?mr_X^^9$BtjrKMilETBdRSQr3t;xeNtu+-H>t91x9?Ro{?Poj zo{Pd}1&hdiykg)gI~#M9#nnZ*;=6cTtzRMTCWd(RFa{*QhoV;87yq*{W*|)yogBT z3;fPHUm?rhSG}|J*vGX$6*B4tRR4>C5|fcAvfn!?+OKXRgdrTS;$v2t+>pE}uu<`2 zp{JOC8!C8K#rNT;4dGdz3EMogY8J?@3A=7eLOg1t&q#i0v9>^}a1I!DX~5>$*5!Wz z4s@0M90eJIoxPIO1mGH_#Ox)9#pnX7&X3O!dKL3uGR;89Q<$_mm%d$Ecargbb&YqZ zVj+K;dMqz|FJTj+G}$)n(_R%;_^4Vd3J%=M7oKqs4w?g;%f4E$D{pXD^EeqIRD8-@ z`Zj1;#AHTCT~!Mod3%hSW3VyF`ncyHSh^Wnxh6EkJ;dlIsw8(pytoZdxOdY5?|J^M8l zNcvSn%VjMKToO;zLfFhY#w-^1{942x4@^m*o)vPJJ#1brr+pmS( z@6+DS25;>WIk?8FtTckE2~_>~PI6$_8y|r-;X~~^Fg}n#_CIy<#YHg;;M;b5>RbE{ z^4!vST)w79tmBQjg+;SL-AJ(#<~o(+MjFgg{9Fiq%fwOWw)@q>vl438cH}LB%xrvrC6D~{ zaL`}SAu1Vre7~|OjW*EY-RY(F#F-42U=a5Or4qZBD+e-L8q2e zpnod3)$1E!M^K~q5S|i;_bNp;DOc$>g-SJQjP<> z=QVr|VbUv0dZq<^IVv&$cSk$3cf`N;%?JAhx*eh1c?U?F5ZDuXAp&H)H zMsIqfBoY<2BE`MN(Ge^mBw7Tl<=i9YyNdVK$ z`ejum7GT$Nd}RZVAp!{AQY+{Fx!-Gm(|hW4F@c+$o@Yd)PSNp*PMu;3H{x!W&ICD) zY_<}sHC5oqtcYID`?j^Xx2V0cCfSa(i2;+|sYfzneifiF&Xmi*=*iOYByBT@_?h8` z_X94)I=$~hqG9r#Y}5MiujYZXd0Gh0LG?2dpOen&aF6)Dd@AL$&i7$}5k-({u;@A_ z$$EJ(fc)+%u8?hvniTzfB@ZJ*aKAEeDF03?t0N(M^X9W-h=(lG2PJ|g5g_jSu>BGl z;<%$|UG0?Ym8ruw;YBy6nX;g%esW zs2cBOA8rD*S&u!;U}q)J-M$y$otwLgThC=|FG3wEUf5fm#V>X!fKS&CwWH{}3?c&dC8IBz*D?cTzigr$|R5?ut2 z0Yoml9y``1gE=Q+Adc0By~XjEGK)`!ql7a+Axkxf0i3%WrdU!Rmz0>A&v=y^9Grr8 zUV&yW%>y&<<2!7c)))Z%h$g{J_CU*3^=#-xcsuhu#%nb^lj@$V^l4m@>_>fXp5L46 zeAL1wWfxh68`OE!qupVu@6x)ZovNl*^N{V`072j=Na+MFR9(H5HV5o=9-9#()-jB_e^}>>e(6@ z`Dj4acRX{SNkv@TBPHiMtkeIX8U4{%JOX5e>7lcwrs3L0Jg!KJ?6|Kxjw!7K(;wce9QkB?Q{ z0oRJHw6wSJpD_V{%$R%svB_h(90~^_|NR^k;Zw^4m|C$!AJAstvfG{f6A=lJ??3#+hZ5vX(wYGW&j$DnJd@i079v48>g)e@cg#BHpr6dhn znxV7<33$jdl;9?H{SIZ6Its-lnnz4|GqZtkDT zo6Ri|fd}I9*Y=0paTuc^dmIe;gfVHjS*O6x5jp*j$MXI4SThzr!~rDy8_#WEeYWgJ zoQ4Wj>*AhdDMs%Cw91haF0Ax9Y?ADs$H#Ig50={BjHSPtU=oXjrOLN{B$75vlW(!p z(|^vuHkg6Vf6jnf&l!5YawUuSn`0=8fMbYI+Mt8Qzj~6!%)%jhD_HlX0&8zs?T9k2 zadEWJ89fT{qQGM`(>g16fM-5;F*Gb+gL${SqH#|?e#M{V=TWeuSB!#`zVyLj3LmDL znK?{wS@HDI{yk%6CvOggi@-&Vg;H-tg$7aI741UckYJS}P?o_PGG;S>cCr6;%J8}6 zf$JevdE1PzBVl+kcJ0cbx{u#&%^nZxf))ACZ@s_Se&a!vMa1HrHk;sjg5zKh`2;;sd0rZuUsbDR?^{Z1(veP?9`?YJtHp+QmV2ukNv# zr*2X63(hXx8atrg+;s4FiSVs<+434FkW{j{i&6R#zxT>%VtL@>Q(XVwK

}*>kZ4 zcHe_iz*{}>|M~!6`(GfV#~*H|+R#y-A1sj6VUAmEJ9BFF?sjN5`e6Sb^5-D8?Q@Kp z5`x@(qJv5vA>K>1iw##Ev}lPs_TX0^6ik0gJFnb<_5a5I;rmBOihVvAg0#)6&x-CE zlProqXnVhThQ4_N-&L$#SZ~bp=;8tV@VLM{xpjQE#=K{o&zY>BiRR{``tM$C^9&G7 zD(w;$jeOcuq?zf-|D5@&+!Zx^I>B~RUnY0FrM6EjE2xnU60K+*&v#pCfo_X+hIZ}L zU|fVfPkQ{{o2Z%APD)82`?4#WRLr)~d9_o~1PyGEleyaY=d@tLzgtgoADr(Pa#`&b zsBKsH+VVgQb#?s3b7RMycnyOB7oxs^L%wS1Fto(y`L~MyO))aG-ThLBLPA5V#joD1 z{PepScX=}2hNCPa=3SgF{n`3{{CVi%(&4x;LEAn){Al3_*>V~qm>$j7`%B?ON8RuZ z+VP$u_s<8et{t)RpVa_V1Jrl=PbqM`ZtkO_%6dYB&p!sX9S0$A#wCV7^CD0|K7?+R zh@D=3fc{~G6xrHK#9-P_k#6BhF>pphDZfKI{^PVOU%eVUI|nxq7dKx|b5R|NG(AjL zu>cxzZGK@27b&bwU?wKIo~%4@N|g1+OaN^&s@$kcytFAwn3YcnB5zJ4JqF-F!DC3~ zh$lMot^ZDYg+_sIoo?q%Ub;WyyZT}F=qXWMb=>f$*LSlGM}F7|7`ZT<^OqmBdqtDe z>&3(dHVm0m#lho{saG!$<&koUN5ILl{BAB?=8$1rS1a?&#OTyz`*mGatx-N%<1=JO zP{+IfOjykl|LsapS4)#`!+&h28_y_IQ?*1SCHA8h;#ajh10El2 z!B?*i!P}P-EnoR5HF~ZBCmeX-&mQKVJ{bFc@bvc&ZgUcX|2_4e$B(*3ff9X2V)Ssis)@6#p&J&**LEDs_`Q-6&$AvW@PA zv+3+5r9ZxC>*{8YUSRY!5^j*p0i6RcFc#S)w;Du8@#xItoWLwUnhtO%7&UfUGnG7Q zZt|<+J-IWpV`RA+K*1drM9`mT}(t}@klNCA37@J?lny2l2E zph?<_Be!kncyqdM=*Da8h=Sh0r=r*1v(n4*jJ(gEB-kAPJS5&N438k-!y(=!{lZ$x zSmO;zy7#bGc-Ub+d*p%;4jHS~RW5=_{i{S7e!Lt}n2o?YL7DJr`CKuX@5|!$5w*SG9VIj;Ts>lD zqdsyXt8As;XDXol`a zXyz}Y1xdPNq6z(I@pcN?5`Ta6Wx#Mlr7z0udpWxO34%c1++N~7U7-h+H>yr5<%30t zj`SN!ytr{dtow7zl2N<|cwPPzQ#~Z(sCe!jXnQC^Er;|;dRg!kt1Bmu^PfnWH-6wB zbbsO0bV0kt#b`N`cyo6}M+<0Is;cQyn*(70`7_PsevN4}irTu#(fBlVn6J!gXy?5TX zFHb-nxVjdC$_kfJlWM*pKC+#>d7-(J`krLnmRUW371778Rk3#a&cz99J1!sX`g%p4 zO=dVu&OC{jrw%U2_-p8?lvLKAstb&}4})%Xr9Tmhw+pOmwS-7M{<$**6qQZX{dK@urk3b%sWjg}sZtaD-BQB1_mF28^rVbtsc5PibLj)ddD+#zdt%Px zvO6wMioUk1sb5~OcHX-@W1sLkuHf5JK-}zc?ZKj`8|Y?pY|&1#Lie;a&my`YS|-iQ zJ34wI{%(YJJzs&aVd6AviM76wguykuYnNkYs?&3Ar=BL)vwBUd3azTNPJ6{p5v#%$ z9BR?cgVZz0Y;tI`FsttMoEhi%twheEcFvDGpXwNuZMUj4C56VRof8OF3OXS>S0iYg z-#=M{PwVTX>?}MGnwn8wF#k50Wf!M3uN%4kwr#D?C(G)6uVZs$uCKAFyDQ3OD%F#a z<;6qXLeJlgJltwIE0w-W4B6erQ)TFUsw{fFN`N)wD9OG_DsEo>OA4fx& zIO3EHZiD3ac)w5MF=s~iZ1_F7?1jDdQ(bQ=Yu&E5KPi!3_e~>STh@G&va>GklS9wL!t9ph}OL6|bW<_T_ zf@l?}Co8`Q6`mUN!T)GtpSh76JY-C4YLU+8Xbq89KYlfO&NJ9bSO2OLS>Nj*U(}uIuQ7^G$^5EwDgxAj_p%YmEu$IM9X zn;A<|=-<5~`-aU-K7qYJUt8p@WQum2;LWE?pGK!ERu{N8EV7WvrvXmFA@SBSaacXJ zV1f!|(6ILf5;`gcNgxc+FV%lSvX-OG^e7~Se`P&SDz36}=vT0}5vP#cqig*TpP4=a z73@PBlqOIW<3h*XO9~t@zFVc~v};~qg;(X~r5;nV*Q=X|RH@thS)qG!I{3fldi$oa zJfxY=t#=&uN|6{5m3#b+3)V5^yB7d72ZOGf`L$qCOLaR{Aq4~c4#vJY-Hid?E6|M- zy`GMk-mkLOu#YVtX2}qEFAj6tXTJ{9f^vly!PY{pNNRGs&VD+;AkktwakH_sz{UsW z*NUo2V1nJ8^q$3a@5y~f2S4pu`~-2ZA4k8%5t`e}(F^X~ST)`T&gErpy0NN_DXx(x z)IRm8_BgFFO?6{(%CK50Oh%<$gWPFSA>=>(P;TpeKV3hXgt4wl&u8I!yqGDy-W~s)cR$>(xh;&Mb%{en=hkt#1pk`H&(mEB_GR2 zy<%1VS8%lxmHb{9w1SbAWBr^?sXaRHhU_r<@N#S0YAp1a^yLPfF4Kwh9mlnur0L%F zHIR0=oR?4vtx%62%5C&hG7jlRiB|Y!*0&?~~U-g42ZMz>f@Z*c3Y`ov)FB8b96Ot)QmM>9; zE%bio_Np^L9D3FBQKsDWXA`WWTDTRa@6#GFqF-cyaQ1TfwmkC2jpOU=romg6_{d$u zbe7mf4uCU>cfc>Lv#BbHKaH@E8{TVkG_FZof3kBccb$GsK|Cu+=?WP&CWaoKI&e_~ z?f!VAOTysApt6W2)!`*0r;pR~2vPDMEQWvCkHn4^lY?tIw^v zf5dL?-{f~}rDwZq(T*H5s@0|rD^lVRGb8cfsrS{RO zj>Ls*%2^dRsav}*Q(!G}F@hn*=o9_B!>0mFthZ;&d7rTkE4;)enQ*U)mA9$ccV+ zCYe%0>F5p;wT5nWxcBVpvCZV}znERU{ddsK*NH%=P@cA3$vG*3VxOp5e;{8k4 zLaiNe+LmAYDfzwyXG=+gj@suVG>lnjYy~0M(xIrSo9fJ7cG_F z4IajXoxcfUqrt6JB5bA|UO0?$xI%{5i?e%8tKk#a*xUWX^)$ZwmYjh&yTn-@XrJ{Y z4&z zr$J0O0c&i3Qa{MD?Dt6h+fnJK58E(4a&1O^j0=s~mecfSW{=-%AmD9xXk;gQ8u)0H z`|T?%&ILhIof)XKm$Ph2-84vU?Uh*Z<;*IIKtj+l;1 zunIcYrH=T(`xD7K2HQ})H(9<^ewdnA!RyeU2mI)Z3~@Y(MapvNM79lJfkJ1&hBpfp z>Ro#OxQYsFaGBDrEr$vp)s6nmUtfKxH`!!VBwFf5H=OA+^;9)wvVz`Q9Ie*7^uY9G zi3d471>4DcsnCCIWoa<2n!L@KEwGM=l$_w}*a)SOwswB*y6&7X@8)Y*)@I>VRzWV?E?ISA@zuv= zKfXNCRrP0=|*ATAcypKx%~Y3*&z_PPX17cSX}&l#eR zSc=ErInTeYTK`JW2;s<`buso_rL1tY!F#tmBE%5kI+m1Y6yoS@7d2iKKlNK z)ZS@4(Jv5Qma?wDeAY6C$NN$7eA>g+YB`(B6c~? zYA`hkuoDl6+Z13$k7MUnTBzZo;%E(D`#NH`_ApG$mw}^N4H59lE(8Tt8QGOxm|LON zxV-w-;=SiyKA%^@Jl&eE`_m~(CKnH`s@35^Gft}~cETyx0I}yBu$W&9Hs!0&W1~_E zX}CAV{8JjGFi)d%hr_b(o(4Bw(uaqtlfG0{4BI0!GsDv}NY)}zqEB1L&<_Q!2ibZRjZFm?zFKmqSCdA+ z?aIFotNs3A{VQG7D4!Az^;V=6xAmWH#I^F%n$6D8V(s8HwQzA{6)SJbsQD_(^^tdw zon1(=dwuAwEt$6aJ16JZHxzn9ZxMeMZKB_-1Ly0VEn`wFd9i!7R7)Fvw5H9mCV4Yq z!o0iJ-VI6g3ux;|M;Z*{-r>zk;pL-Bh+ADe5xfR7{AtaOaL2sDQOG9QeC+li;E@xQ z0_Gy7COEHXHb=FIoWVj-VD45})cbfFO`uMdRhO}l`E{Hf>n7%;TxK3Q{hp-cIR(k$ zb4BtP>?N6!C%8~cSw{lk>^-#URp7ku%pg;7NB5!Ntann9^8(Zz*}cpydBg@DU%~9< z<2W2{%>wPg-j>OEQv4yufBg|9JBWh6Q%OBy3h*5g>M(1555MmC z!q)WXS%$2vOixMnk918Z7v_Hc}gyY#76R~s&Nj+Bd)$@Wkydey9uL*f7m$&jXZ%sxE2QQYRWuyL`tK`5VV|0yw2(z z6!shjX7YFJ!(Z4fKy7j=FB99dAk#AjrNyE3JLYs86Zj7PN|pFSdf6AutE!jd+2-)^ zZ1aOI<;?5C)sO2ut27A%@?m|szHj086C3^N`U-VbLs;NH9AttR3&mR*ByZE&6O$u8 zqDwj4cV9%EAIlAaxn=4*EkCDLd-6Ehez#p{ig`W3DH|-Y1ZZ>Q_1`aL%s;(4LbyE z1Lb_T58G%NcB*TNDW^`@gE?8X19he=w>C&{v48sJ+^+iz<-K2KKC!3K$4qyj<+iwQ znJw}157)$zNQGoo$p`UKJngZolNdT%BWBM!w=!18y>X5S>;m1-1ueN6Dkfd~{tH}i zlzKg(NL#NE8@vwuD=w2%>c{m0wSy);wQXe0`leFkzV;o(+O(&ZzoZFW{Z`<8W z(KCF1`^*Q~WL4LJ$VBVJE)x;2_2FW$Uh{NwT}z2H4*4!(WC?@sS_T8!ysA`aFJ6yd zwr^CwPAjb*SEcW8I$RRy{Pp?B=IK&CsNzu~-cOt!eRfK>MzPSK4Q}_Us?7ya#O+zC zGatA9KwBd7213?JqcBZEAX#`2uaG;VTN>N9Y*FOXX>St@RJ1qcX7S(ICcieMTiAcw zt=yihkUIUY#614#>Vy;Pmc8yY!tK{mzLX5PXT ziaqj9(oX=b3>-W`tsBlYon0IZkUFyKlsdDx0gmSmfxUg6VajjToeQ-P2{N6-6mF1E z*BxT|_+!kZLyI!Y@&8%MlWr)cn{M9*4o zSo`~0YUOvZ7d1+hyBW9HQ!Y*LK(a02##K=sDizBA}n=kcE;~9}k>urP=xrnKsGGH{XWX9ca7A#2!#rpgJBDQxk%G zvLriKUfq6*Joka1cR#ODnsRKhbYTe+9V(ij-no1|-r~-%>AceJqa0y-{j1voi~=1# zKiFzS40!ZwOur>$Pr@yrhVtb2Eq+dIBhHGHmuO$u`mim?A1HF6BOtA=^9*+-2i>(i zC%gEZ=4z~aMFhq^q?Mw!3*9y5s>{YRnJ=nEIPdscx@+ORYu+LH=d9MTUpb(=eLpwI z_`T}*$`#_!D{p89t$5~&t>@hCe{n`1myZ+fz%6BE1p_dAXHH$-g8YWJ6>hb59OX%- zTDmN$!Q7Z_aYQmZbIdVcK@>Wp3q9MpY?0;DiG9xL{d!bU|MTvY=w4`aD?Dse6-`w> zbPPT{uRm+~eF!Kf2`NMW!>*CcTw^e(kR6xY&+SkTut6HnIPsemM;d2A8i@D9_|6Bj zM0-iLsAZh|K7s3aRNK;PSFEKFEpSI2Ckg4j5Ig?R&Agk?V;cA+F8volYh}5){o?D1 z*E1d^j(dG?*+`*>pyeyxg*S6Y`92h8#*YZ}ensuv6<+8uc!7&mWaX-;W_~GRof9kD z)6!7f4z7vKVPV5+RjG8xh@fKJN>I$J5)^Uk%;#UWQ+!CcgVm+IwSYKXq3pvSgathA z-`*MDV;4S2z|U)>JuK_@680iY6;Evr&(AQ`yNmZOb7PX2_!!N4wp|2m$(>wn@8QBC$-x>XrbafIS|F1PlU~Dm$w~z;+nuZ|0?KT)x{&%0bJ$9sh1w04jYrM9voY{ z-2{7a=%+9_C8_MnURf6yQT3=*|Nmp}Jp-D|x_05Qq9Wjo1q($iAR)|MMVfmlNu1|0!ow)p@+~y354{sZ+OO;XN=Ez|9szj-gEee zxY_qEYp=b^wXQAjDklG^DPg^yV#lW4Y?q;RG*Ym8_sL3%ig=6jZcNWWe3fp3VLrq2Eks629FZ ze*Y@@_`B}B$n9$*@=`aZ^49(RcKmT!J}?0*wdOg54LDaWwlc6{&8FK&$V$i%S=1FP z7^%GbRNxlDHR2?P5QZU|msco4;Hffj!U@DO9$7l#>oRpqCv^k4gNWdB0yb`GTfKxX;$f506) zUoe~yix|5y?MbdXyCDBZa)BOl2rQKZn&?1MfY#36e>RwZNZN}4t=7Xm5K3f&c!kS9 zPwbz<>3?C%PJpc&^Icf>kpHmk`xlm-v6$h2g#X9t{rKdc{-XmhCfc_6pEnPNZ&{n^uBpJ)T}@m_j)3dpW!g>C2eKmKzP_ebxyxAR-I+=c*!T9KRTesWX( zTmr+(w*k;C>%R>f^4npdkLk-6POzM0_z&peUvpmkDe?Vp+aN3jG@lTCq~mYDZBf=f ze)NLYgH1ojUH>*Wpyb;;7XgBQLp1%Yo38;`sm@&!I}JhzhBuX0{&DcHa)m#;`%?m! zf#YGeLI#3=SQ#Eze6r}LHY+y(_=h||5S0A4X{Y~zaF$G{F#Lyk`uCr9K3@fD6I2-g zM<`L9;z1ILG)*H~)V>AeE}w&JPXhv4-t|^&=BjB@WaHq2A#@EW%fD!espI*k( zRk>BfFg0BI+JG;4Q+02eS)oz%A^QnL^8-)9uHha#IS6b1_Y3x4|Gd8!m>9>q7vO8A z<-Oyc0d>nEePgFdwEA*(zd~-Pq88VmRP8sU*HGt>mc6{&l{W<@&csBe$ZUB1j zZXt2c zxq><;-Eky_<(fV|H-ZQ*nyQR>8MRr&0yz`H3 z&R(PSEs0*4ea}Lo!~(alByo*V_V7ClZ8Zz85(?@i24!TZ$FUD+Z{j=>lr6yrNyP)V zt2NiLBk}mdf%=_ob}t;(aF@_^;8ifKHCYRX-E)Hn7-?gmx4 z5$!p8;}1^qw9$We>Ntv}Zwr+`Nd!h52mvph>*B@r5^wdNG%WF>33Vv|JftlK)myJN z7y0T0T9NKld*SQ5)m@F}J21PlY&qh*pQmo7Ub}fo$eM14e~h*x806t?>cTP)OE)zs zwz;F?G)(3WGExz{gIx#TUX*tqp-uz(g6bG}v13cidh{}uXda$#hsZuYe)Y4vsMv~- z`lORjw&wXKkIKe6QX3e>@E34;b$*$Y1U7NHe+HVJl^k)v9Ja>^NuUEp~ctWX_fx{+lhPh@=}`JSd|86y`hmmB1UiRLIayYT(f1*c4y_D+dlsOn^_riDX|WB`Be`! zfyARa>+{U?4MNY0$5|sD^%q?T#h2Z8xy8eJUXXVv-mp|Ka8rFxOWPGOCBpsO7#f3p zug(W|^f%{fu<1s?OMeiO`{I3n+$>%|(b@{|gf>mRn;COHUT_AJ+;XRmZ%6cwPF!OM zc**IT@7t0SfxEALtM2vK7!?)Ol-Sn${+4w#0>!*lRV$s>xo0!AT~||h=5o;3D(MS| z>6&o|oPZ|tbUH2p9oHN!-bd7 z7ksQv8*Mq!rRolzm}0q(W3F3%SdXTj40_+T)v2RCMpQ=7!Yx7gm`-Dj(nj%u6HUaD z!nFI~-4o?ub-sm1pX9BFg5^ENj8*IGL&g2}0`kGBZiQdyb}09ezj^_2`RQVL*)1fa zYZJ+hePSZb@9=~I<6BYlQDy9TTR1z?Kr{R3Z%X}uAtu5@0yETI+bUbt+P?nE#+T*W zY<*`4$WcC(i4WFARMqUS`_HdPFiMM_8}jY1vZY1d4RZNKosE@I)w?E#)R<+xNEaRy!`eK#V zDR(~l^2=@F>Ba03-CV`{zKy@Kk)cxoc{)%*$VYqS*WanhH>NKW-CP`|D{Mt$me=#t zJry($;}P-u)X?%+n!fB`i3a9jp={ z@))0;o|3RW_AN`0aLd<#bZh2`$H|Dg^srkNPa4fXSnDVV1i^ZhNzUzWRNjjqS?;;9 zoh5f$P}85LJWlU|pA36gz5b4pIjU_-V$hff9E5uJyWQB0!dtz7Yy+h_o7=;Wi&hKm z3iccm#OS;_$>WVl*mwo@iWYLpcP3lE@?e!voK#OwK+MA#$G5O!Qz|iie}hWGP)mzYY}A zUSqawyjJ-*O1|xz?Iq~S8C&X*Scb$mXa4)0Y>qQBAE!&ih%-y9cj1la)K* zI@oTi7lvM*U1OMaU5}v&=5+!U-LH}SB(MIfXiyk#`5VaXW3%59k7jynmvT$ zoGj!Ye5FM{uE=*OOxEJ4PWXY}^G_=}w(p^D15^WZ;d&TNEt!G=dD+qgcj0a(A$1zN z_K(9i{T?X6UWeal4x1l}dFWwsO8C2ulf1i_hexT{>(%#AHzcJ;-d*01K6toigLjeV zY{~g_GBT~>9Rfk@`n_o;SFOmKm&g%M(v1-B>3R4oGuV3};7x>VP;lK`F7FLqh0_K6 zfO|DG%(k#-5uan!4Cor&uv3-(ni?E`$@OOMuW3uM`VC-pB;khXZy4V>ZI!J4ZQYD0 z1ymTnaAPLf9`Mt#L=cw_Y4x=c1FFk|DOoeKt6BHpmD*26zK{D#hj-?7Np=%&THO#f z(vIOjn5e~Pho3$9L`de!yDJ?`8t=foqC}e=Yid%9S~qA`I7Ydxl>;8@8F=8Ch-9r8 zv$eaO*nb&3EI-=#+t(;KE)?(GbPt>8)TL_9xwI@q3R_^L$zbwg$x8h=il*_X((sg1 zXXNz=d$YA^vI$St^VF3Ja5uWD(NL6FeL*%ml|E_>kMXe^HHG8)ujjAkar*EE{aA$c zFt1?snrKD4UEm%LJ%~X}bZuz)t&EBB!6nnwD2As{zN@55x83AYS$Mkb_1M`CohO!?0I~MObCX7Q!)?9 zb<}t68Yq-JKUkz6S4Lry6M=c8aObzOZm))}~2+?RqaNxIK#FTV4g zSA*+}HeX(qxK?>!XFnfTzh}+BQOGWjUbM>%x~pE=f9+f2&2CF6Dp<)biT*vIBDM;} zdV=yuw@YKZFyIt66WQo%!-2AedH&dT3s{~XZR}3f_QxMy%Vr9 z_!wZS5FQkG@S*Wrizc;88Zzln;ZS|;HUC&?VA|IoB=D`>oQnbmyA;u4E5pk|h#q_6 zw@-%wc;i>4HPxxmmZ&U-*2D?}?kapWMy%tM(r1&}#Oen+T^pWlIVB=i@yO2nv@`z7 z`e4|>v)$Y0awER>_;@I@E}Ylx^#P^FZ(?jLfJH8|yL*SEfd(s9$?w_dmyDw;Om1I6 zA8)dX-_>z%ZD=B=^r*aJyMW3TJGmFcG>w7RM$*N!5G6`Z!@apc2ljd%zKmgKz4l%3 zZjQ2bG(}YIw7Js#muB|g-`|f#%tg6ej_4^Z#h_Sw5p?x1Yp+DtGn^F6_Ase(u^XI2 zrBhyvWDrVDtU!-v(@2gHo!9VpogGEpQcBcMO&-D zxw~;Ya~1-QDCnls1qFO!7rd{;Mny^LMo5R|*f&SNs1Om~eU)sgRB%_Z$YcBpdB_t` zX(c(dy+7LJQg4!V{mB87+|DgJ>E~1QEv-gOrS>ZCmhX`x=3Vv}me6SSPIfvj?fMuv zo{#NQqsLz`Owvs+zd85nq@~>6=77$ro0yU0q5I9DFMj387ajvL_TcS8tZmJvKn;ID z+ksuNk^7Z!`v^o;zeeTFpOK6)2$uG%8m67k7a)X=kU%7X(mdNzdni_!iMaHOplc0y z=Spm#$Y;?rIF@nAVO0ss>5*v*>!h05+Y6FWhkB(X&nK@}{nh9U7ow)c3*jxXv;U#G z$qq`urYuC{{#&AOV!%}ReX$H`A#v~v*-2WE9pwKJ)mr}_gtuPeqFWzt!iR0(0(e{q zAZPHd{J@jXd)D)#IH2s>`7gn^lPNEsTQiil?O8~sSyMe_Zk$t#qd!UcrHCJS5$WBR z?=^MR@a=`Ql4kEegh`v|=)~Av>4l_uYSDk=%Q>uZzDY5uE<7ztvHEEtk1O|0`OV)< z_C*=m#YRV)=CU{Gv3JtuAV}|dF6@#@qGGb+^C#l1Powg?8f0yEJ+P?_3p3oSd-~xY zk5j@{1pdO<%D}J6bz~UJ%jeY?%^aZ&NpJIDB%R4E7a7#my}u498e(Rdvp;9WZ@+Ok z>s?O^{>djh*5&!Z>_k3KkM{1hdmk(}bnrTnDb*5COqH>$xHEWVnVQGg>GNL$i={ly zWm4BY+PB4_HT{ugik8nr^nHbtfqSxh%(YWD+@4AERJ`MBpTrEnm52!_FhO zfBV}HackdQ$q|p!@U!*qZrW_uFnMusON{IpT}6v;Z5PewWNm{=d+!L+h*~{QaXO6& zTACKN;XM4dnBoI*x8|A-I$U~R@iLp#w@PsRjj+G>`{PSbRyJtBPt>C1;LGv|eh)&a#BDIsu?7r8Zf*Hv}wbId=kVwmC1y}z|< zV{Z*LP0i`VNO$jXbkDDd_;T@cN$_UnmG;z1LAN!i!*pa&Seev$Fkg zhjZoSx(iAx85MGW+lL?Pg;*1|AH6riWbDl10wfx8A z|Mr91Zn@R`<=@9Xu)@1c@iw$$EBVVt!q=hOy33D(Kib6ok0f?F-zeO(99>#yr2KhW zgdYt0)mH8sw#;9vWAE?EE4!0ECY*_Rq9HU*mT}&vRvN{1Nds?}CXDN>6ZJqb0Hgqpr_-iL>JO&D8c%kA^@Ezsvhq0dVR1$Zwm75Dvj+XKyi z>yQ0MYyDUEKM6Fo;w~yrpxrn8YxiHEwc29Z=Jx4gWe=c&OL+g0b9Wde{W| zJYsRDwhocN8PLiw<39foX#Q6h=l=o?9z!TII(X*aZnDL-IAXheIXahjm-Ct;`}?5T zt1!?sfO}IVsHv_PXbS1IWT;mgS!HgQ&zC&t^Yq1&3LSrFsS3Hze>XJ$ipBXK72wej zx|7CT$2P14$5in6!Z8KSPD+BNeB3p<6Vx=~7-$-?4lS<-^;&DrUF*W3&(ALIlvQNP z!cuu~pZ_Un{(+102XhBn!i2k)h+EJS4;GK9kMd(f&~!&7*Xyfm4Wv-+FDew9XsFk) z;vTL$MSwm(x_e=#%H<3emTH{)QUxt6mDa-i!Q3G&@rb*Y*a#id4U5N=;=DBpG*x`e zwQ0fcP}6mb3Z?cC)a#N$<$6q)6zY;fT~esf)wiTjmlW!fh05JRTe47>EYu|n6|&Hm zEYu~Jf63)va`}IXBl$16{7WwXQVew|hPo6(U5cSD#ZZ@$Qe4BWOG&Avq|{PU3QEc? zC8d^r7ZtX(2=Dq|5BEJDa*eEn_7g;Ey1RiU{hRCtV^&d2w}Dan*uo8{}*wn zJ0}MuG;S3=62wt@rhL1E^9b+nrWTA@+yO9b04o2FFiM`~dmXAHb^+kie<@yVdKI*9 z9sND{bY4llW0M8jCwUz@AQiZ=8UI^sWpF7aL(C%T?*Pk~G!3DEz96?+LcQgLIC8smuWUwohSm4Che-g%?>n#Q>eP-j@pQ7wG+d58lD~*1=ctc&X1kFdx#dd> zrT`8Oo|{}@wL6`sc;87mRAY+V+G^eCpt9ivD8)$2Yp3+#wql+FAiMa!&HOg)4&%Mf zLzi{&QMR(WfoN2$iOl5-%3RZCQ1yf9+197B!;cjrl4k;7FU{Z6K4xFzCD`R&+T*YF z!W04}XXT)^#IIyty-2UZHEO4#8S(jPh8cET;Tq1F>yBHMZ^X=hnhKKU5uT=J*AFV` z@^1NDcnMn-gOT0oyvF0$8|TPz4e*$fT?!_mK?R<_A8pyl74+KExADQp0QC|F+S^Qt z@g3b>$J=jy&?|ZcFd<^j0NR~Zgx0!#CD+eJ)$s$dt@e3p)gOs^g0gEUT*r2#=jFyr zm<+3mN!H+Qs?YI)3a31snV|;l7>Ab<<0tZ#3o`YWqj~4F7m)ivRBFkn29-KI$u=$` zfO%s0>{+gh_@Q-`%$Zi_ER#-oM|o7diKN+Bs{HJVmHg*5n(1$hl-KXh%14)9i_8ib z`f3|r?6zLmWg}^^fTm8B|EFXgZ>@QnH`M$X0F}p{FQ+vtF04S{suZ< zU01|88%NL))W-hm_iEH)X83MyGYnQ7)+H z-~0oQT5^bE5&Y`I?$#@YJ8eDaQ$@sy2!2%g?{;<4Taxm%2&=31g35(8oeM=Cpx|T^ zx`sHYr9et5=Y$Ky5nQ#xXUch&eY&P&{(O2IVuCKF_}fBYWke{Q2~NHn+_HWfy;*RuHW}%l)t)u`~iz40i^x(0;5m z{8b}GsL^*>aP9#p`ou?Wg&UAWodNi1@dMZWE`S4lPDAMWp6NY5dB2MVDxd+0#+_2iv7sUYvd*c=b z&9|UZ(G|73lM$(Fe`3Nz%JDT z>9L$$yg;-R*Vc!Uvtqt5J`W;leTo6ESd#J9>?F@i{P@Esk9eD#4k35st=iVmk z@{#*m8T5rRhaAM!mspU`qqWn9o52fa2o@IH?ySWUp|g9q zDnf7pmfpKvYW4AIf|niKe*nDzb(@cdZ}?1I+_m>A9JgX0G&B(IorG8 z9TFxsIz)J(kr(+M1q^T0fW6Q z!v9qST%=&>3@f>}u~g)J?YzbaC?K$~r?+t{1OvO&b^xe7Biy2qxM?ld`X8VQ*6!v8t-nG@76*S^(V0BJV{a(toC_4c&5GSm1vIO4lY6m z)ePN9dcA1R%%)mk!Y15^h1gjplA$TB!MJQ-F-n_7Ts2E5qZc8~u=N+$1^a#s#b;I_ zWi=>bzWQ%IR{Lx7>(@@D!ToH~Ok~D6Ou-~-F?j`PNU6}yr^AF0mhODNE`k&homJXv zm~~;a=nI(ST~a;+XDLMRo2hTYqG(y}4Trg`^otyzP&fQ}Z|_Rd;zyYIjF0kTy!v3l zxdddPTPL+7bf_V&u(_44o|*oo=cU&;pmb^ie1^$I-{~v)X{!{9J!*Hjv+tHB%&fW+ zT(?pA9nUk#pY=jSB>2<|aPXi?Nb!v6akP`qj7idY1J>yLz(uUfb4nGA^+tdG+c{BP zrTm)XguAM8q%v<}oRZ?LhCEt6UEf$&sklwADYwHRv{}OWLk5<`AaLT5a)%zvRCP`G zL`?MpUvSW^){Wtw+56*|%~;|k6Fn%toz4t^@&g-iju8&b8GaHL4>TTbZwnmm((WVDUY6J~&7Ohbt#Q`;LPkxr} z8#fAkq>^JSmaUJo)tO{9!bEPKc8p`L9sN5N85hLrrdAc-N;Mf*9P}`@jrYE;I`N?& zk2O%0G#h_wte00bD4qP6XkVL*l3Mbr~(hIx2{8$C-(3nR=L@Y$YS;{)qrncg@KOSDN}&CKxrBWbiH2= zX#LbJ5qt1|asg%$kuNseYA)sqEi-uw)Pl(ZbJM6eem;v3J1;SBO~{#>at_(f%rRdI;%uMA5!_4D4Ke zW`cit1djQg@(nSkYl}hXBRJDLl_*HoD8KMs|7lYdi%X%T1`MY&1+NfKi#;f}j~vyA z^%<;ddL=@8KnYMPksLhP8XC;p%QPXldx}vx)j!OTNXz2Hk1s-QARMO09A6^)zDLMjER&q5~gu5 zAT%vFo8&!DY3%aEq$Ib9vMWgj!7w6ghGmV5lkv>2djd1y7m}$~K}$$*24zQ?pNX2p zC_7AwMiO$U_PG?kJD7o?fOB1}sl+;35+3X~U+q@D!xYD_XO1>i2`Mjh7q;NE3!X0- zn&lI68T{%9M-iRj0~^MG^f;S|j(T&sM|Ob1>ou)93$?sj+no+(%bQW@O6dtl*!D9_ zV`3GnXP$DKXX5hfCI*3;?uPClq_bm1g8eRSA1;#bq>DY%<{N z@^iUgUIm+~kwi%YE>UEwmT0WvHm6WZW-wwGVzh&>4XeQc+ZBTwuCJnu)-;;2M%0pc zG<%Swd!n3cX|kC(#yB=56=*f@D?W85gn0A0Y2zosGpK2ccZ6{nPZ8`)efcG)$7Vqm zv0lg8UFxK(L?uvPi#7er;V4F-8!~1GNPd?&{Ge4 zVZIZYzU|jz((u0Bj1oHIdFBjk<|v7Xn?FJSY^!M;F9H{x4c&-5i;{Wrscs_!Mr|W0 z=9Spcsb>)`!(Rw{2v;RV+s0eT$kf&Hp)CnTbIYhWva?jORMKwPe6Qq18JenvZ|hM> z<7_6yRw5beH)v0aBl{R22&VNR!G3CQQq5=gTVHwx*ER|&BFqUrZqT3>QRX~Lq=XR^ z+q$#0I9)g0cdBhGxX8sQFx=NXg?umr0rX5}GU_t>s{qRKgD2a`THuZu+$E5H-;OOm z?~c|h9@I-;S&d?u2VoJjfut)fo%zg2^ZA!6nhLvF-SnA(QY&k7HCD84&r{gGo7**5 zfs-}<`ai%W6@=u?Kym z-qw&~V8fFwqTwQxQbsUF1;OXK>XU0cg6$ZZ%)<}&#_u>^a>7v4r6-#qA|MRxyfbhw z_CU&5jOHxq)#yANiMZPChS$Rbs=%i2*jwXtzX`_Fhbqlvc5LcdC)Yx??SBaxtmMz=w3=n6$R9+^3r77Cb!mS7QwZx#z3*78{YL>|w z=!PHIhH7MV63x%kkB7BzbE8|&0#AFV@qVG{mQwow&Ku{gZ~5b=VksfPNQbaGRB;?U z<$}+ufuTCMZwD>!O6^8*RBsdtIb1GsnPaFyctn)4h@R)2R@Y?l_JEzLEb^cWG6hfc zJdF{ua8G%dF@Pe>)7?0XE(y-|*+_PNQlBM#29D~8F)T?kP;n_I#B`1^U+jc=_M}>b z%=vsOubsR?^pj4B_0ge!L2IfG8fk^%!Z6GeRAA}(YPgUoIari6^Ihl0zRj{Q%Ua@4 zz;_EqJFP!IuS`p%sH)Y{S4$79d?Tvc6@>TvkQR5CWuZ8SMi^&A5TRfxOwRNz)ci22R{ri4q##z;hVDi8oRs2!pChuPr7tNe>N9 z%lehE-JOt6IqMiWj}m=E`bvJFWtrFUxE|cT$97^7chfFT*2Sw}z7Z%LjCxF%M!i=?d=fdWsFBTy$!f@&t~wFM8>|ia%89 zU~Lj%+9(g3XI-0zug&|kziO(Av#*Q1tT00K{92)IRy;LHuxN7cEN!^VsjzDoVr=)R zAiOvaKh5J3Pm$M6+4};>;oYRmjhY-n1%;rnPN+e-|8XW-%dT6KR^XEJDQ?0G?S^A? z`Ht}(^!{wkMS}_62cE&%0}Dw5tn>VsEesPs`6*>n&}1xpGo`_^$R;*o$5D&X_Ko$f z5`^p5r+0MG(y8zA#P&lXuZW{o{H{EpxjML;F*VzS^80wpzU!qp!HD!$%`B@yW$eq{ zrn}Tm)^cph8FS+v=e~z90|TF0O)Kjjrsj_A$^-GsS_;ch5xUx^nB-ABYeFr@=M}%c zPsTyP~ zPVO-?zOn-nE||Ma<2gY$jX}QV&B|xUQcr!=I$2Jh!kn9|D=qEbuXp8Jc?a_G3r+7h z!)6)_Xsi*TVMJEW*4uh5PT0z2pY!)r)4j#?@3NSq)_rg46}udY(#|1=`uK%vQ--?5 zAcx<2<1|^s^-Nm0WWNQI`IY3;Qs_kc$|dYudJ-ae`nV7;)k(o1eF`RKJ=3nz*fT9c zB|Y)TSl@>H*=~;a*wecLX9N({@%`B~PXcBv;E=*dd-81N9*J6s5mI*eY%e>^%O>%m zaZ|IhNpaX)Po{ikP|dR^<|!TO#XYn}Jp*LZCl-6g9>xp_PO?>>Vd9K{-s$zk>BKm^ zuUXB*kB`|*G%*}BIse?+XK!_Yk@5i5w=WbE9;8Xn>Ng?GDdy>ms=K_5@rZ@b1>m;jIt%>z&vS?=d z%@ZEtG`-a=O25@HzkI3osOL9sf5V2~m{jj47XecC!%82%>Wvifs5>{Rk|&jf&S4tK zv)$AZTo9kdv-E8f5ilEOkCwSf6%ZW4{7_zU5qYx04?%$J`ty~VV1=49nL8Wfn7%~n z{wnJ^x~0={leiA70rBdRyh zhVCV@{I+DjC}aMdJ2ReIU?HqFd6=h#*fMMR!RBln24+9)%U7)4+)2;%eAge0=-fEk z0c^8XDnupDx0K*?OoUmAsDSVMtC9IH776@BLe4u2#Yp6sM_tGFDFGo`f@C>tzDxj^ zsKG_av`d*+2g8UnM83Snw^(5(?VRKycu6zlwW)4N)9OYI`lN8;wNPl)a3Zr;fMZNh zf_Z(j7BQ}x!6h-_nL;R9ouvB#9Ec7f;oDreL`t1Q)__>*u4pK!YXIr$?kZRj;T*kk#yfd3+kBNgDuRoz7R?@{++_ zlw?j^x>to%G8sW;*mup@0He9GXztE_p>SD?cn><(Y&z-NZY7TrqQ*qL2Za z?Ql4b!!er+{w|2Xfltu)bcedHe`(sKFz4e5PZW0;6 z`9OKmC29y$FkU)5+Zfnc8$|w-vy>BF?3XCW z?J@5^BhbyxRZ8*&TF`x8LA?4cpwwZUWF_3;;=boRLuh+pmGzf^&BnJvQQWy2uE{*X z`4E&uuDl|utR6!B$ZIiKB-x7(h&Ov$CjMqx%cqZlhMF#pbLCR+YAU2U9&Qt@#-2UT0$iZoSp%K zvgw(&IbpJwr|LjPOS7dI41*5R=`rz?COwmsYQdt<&mRm% zUh}D_6WA(>yZ&LW*Tb~G-&Aj=#=y_b&y*dy14X>vLaS!L8#O#+wMbPk8fn-le*WuJ zRnYf6gG4_OC(q~I^k&a*)P2_ZD)Z+t^hC*{=S5f&j-xh4bEy%l`3WlleaVM2jWFQK!)thA*$P_vDCbS zsA5~D|S)LN_a}&TLPJq*!3PCc`8tVc~*5@c(#_|?y6(8I%3<5o; z=v17+4i4%nS~wT-Px7~F+Vx4ho(`wB_f-Uf$f{Eei1n%+R94?kS4u>&MlDEK6vMau z>P$WUV!F#<=EK=AZRAf8JiuT1`#NyVfBsW@R&eDRgmR^41VL_EFlx>f*g^4)c^3iu zBVTnemsNxUg_aciXqJC-KFOZCb?IYvHErBDu}hz zKH$*?9!RWyT45P}e-+oE#C%s`;ws*uB)y?Vy+A?ft)dn}m_dye3vfa&J%1q5GW{fI>xDBr*!8v_TF1-HC-3Q6H33zofsK&4d=5e zpU!p}9GRlU?vycAhDk@lWb0!h`nUaJjGF!zQ=1bvgX3=lm``WI)3?HIu+NTXR3!7_ zug5sLOd&En%~L=wJMIt>WLzO`Jakxtx-a0s9kVHS3~jpfHk)>x_x^gDyWFA+JHMEM zQPYAGT_@!_9VMmP{LX=se7_!Ror`)=D%QGek@87vJLhZst>(Yc-TJ@ae$=vmSEd$i zCVlQ@)CsAYI?c0PvU-D)gvWtndz{yV=Rn!+EHJ%_M;8I&O;aMxyja}P^?v=V!@eC{(JB5DD_soGDCX$cA{+9jWIe?wLf2vQEwZOUX8$JSw?T$s{y9pNt@Qb>4Zq??6+8P@DBK~_*IP z3?oJEe24`Le29Pii{vo7t+iZ?GqD`~eg#)x$cJo*y)ixPufl?7$zRKm+y?=J24Vk$ zJu>sK;pN=9tsg%FVQjo-$utw zp^i^tujDi9Gr^Znh-sleb>WB z%;VK(cSY5z3(G(ER<7#JYi`b&up={k1&HR&h&f-Jd2w_5Xu+H_4y%hABh%6iCY+!4 zf~SsuQD1u_^7b9AV&0d4a@SaxUtZ{nq5LmF_?2t+DSs>6v<}c{PdHcOuPIkMSNoQQ z{OrU3=6{_RYN`n}{oZ@_bLhedxRX=gcnXamFaeB!$j`G4jNw;A$^mPkPIoSLy0biC z@7`ZBe&2Wub*j7ADOz1G;O=^Kk)RMa^x%zLsOjjd#TBSfUl_qJ_=#69j9}~H3M?(_ z(y}f|>yi>!(ydFnb?M4lvIMw4Q?g`WEg4u#cI%Qmu;gVed09)&>rzZ$Db%tQYFUb4 zEd>Ub;;joSuoQ1y3S%#22bPj9P#}FN>B5y%W+|7olp!xs0$hVqvR~e`$|2~wq~24Q{m91H!+KXf#hHv; zl3WFNdPkgxr`MxTaad=3=JM_A{2$IF<`bhe&MI&vCG^h}9KPVN4@S!;TAU8nU^|Rb zKi@Z>d7H_R*A$afUKz6!T9vNo-pNnr8&jur@yU7y0-RA2leS%v7<5`NI^DW@p^j@FA%1#ZTkfj}u&W?Pn80&vuGo*e zH@&OC?ZMc~;H-nbx~%syS%qG<2O&GakM_#}QZr59e8V@URAKyNHqQ#4KtJx|CUm8d zyz5h1Gb*o;PrKG@nnWXl+A5j8wA&)fR-r`#b8R6RY_H$OUwo_fH1Ax!P+)6b*$4Kx&_HK@#NN?%}wMz}h+ zj(5tfUd|XR_En{1z>|y(VkKCG)luV|R%&2j3Sj*4t#ItAE6n`dj%uBWUb#tV`EY0N z(-e2#04%enu*N=M?mh?Fl&Do(&FnIw9=w?O(B#nn}Ot*>C{$9cuJTO4F_bpwT!6z7pYJ@ao9CQNk-k^icgce-Tl4di7hg6wo2sPD7AkxqJK~cx#b@*78FX)pLyu^ zm5-xi%<8`^}Db4LGHb5*a}~6X6)?scKDL= zOf4$eH67{o?L>fnpxG8tMRUhq%G6;&?U{NF-xRxauJ3bzCtRXVzOY}%ZIug375>eLsIaTBgI@bGC=o2)vYmPDhjMQ&0qdGtn z|5XeydClX|#SIe|W#v(tboF|Lx~P#h;bHn+h>GlQiQcEEC#~m40G*YJ**qf-JOlVxqNwD0$wL6 z-k+99A0Y+$qQsd{7~-m|#`hlejWxY0yqoz#YQ{hMI?`RRaN za!$PbDduxWRQrrQ`3B)ap00Du$sPD1a_qNivc~Rp{KcFM@Ic|N@f;!%Z*M*`(j5_( z_j{zO`^|!hg3*r0i5Irq3O8|T%eAJxyi;EHhiA99@qX!cjc{|iv|Zn)hvNa)+wIk_ zwc99d{%e_S8~N&D6^`3hZSvQs7?=$_HO%W zl}oEvRhpG0j5&F6TGI6!4R&nxQ*#LzDt1X%xvqy(v&^Ye_FaVk4-H*Hwz(srot%WgieKNoR?7Xbk+{(_*`%5 z)hG1IyPJh-O?HoG_s=0p$ghIgQeCd(;uCYF1l4XO9F@00h4DGNcE1$0WPk|+2_A*( zQvchJDXR2gNe$?DVVZ?{kU1^+#E`b_Sia$_k}1no==W#OZdu>1VeVz+Lm!lF)VENZ zAHBOpWUk#cIGaJ##7{^Uu%qvkKWCZ4QTPAV^6O zhO|6Wx2e5p{6UO~Vp-`+E0u8LX?0095oY3Pxg&4wGAqm@EL8jYb6VJk&E~44u3&NF zxgAa0Y~#OA70=Q7%n_A}os$SVQd0QabUukg^z_0BeVjVOn3P^f)~0UaNQuIw*||31 zmsO=Xxp~RYjYYi0#z-j`Z6asljvHg#Gm$Y-DBESys^{B#KfGmBT<<2Ll1H&~r(Udb zCVk?SiuY87;Q4%bihf+PPmCyg_+HQn>?~nsBD->XsGF+uBNLBq?DtQ70|7gn z4m6KUAF`=sk-GcHKJy7^{Bqs{lhcIR0&SAnXi3(fqAm?3zS}DdRrTE1eD-}unB@JA zFgMN$YRYBXsKdp*d{_f4;J!4$NjNi<7M&?Lr>{g{Qq{lBc}*U*&;}XH6VdL?mpg(4 z2K&wt)K!JOzkSt;QnhU8MI$uyy8W_7=x5jQ8)(w5wT}iel3W{T?z06R5~8$8bW<4* zLIn_kW1W;b=i0ldo2LhSxV3_@L72$SsZMK2Qd6g-8G2spD z@A;%*I7*`HR#lvqPkmvFuW`E#Q5X*>g*7bMmweXG%L)G5Ewf-=6zEu*ZWbE(5Z4qh zinN9dnSkuINEGXp9X8ZyTT^F<{>^sB=huNkjU)@j@Utp=g|(e%3_d_u8=bcuZdhhj zk%xV%sge&jK0bS*BQ}ilmW8fD;rMMXux3J3w@pd!*ldJW1^1f&Sk zn~3xhdQT#vA|OQ&P&xu4BE8pu2uPRSYv>Rl1QJ5pyW_d%-upY?JHB^}_m6LU-}%qs zAban%W_#wd=A5g0s?W->Mb(1|)Frq0MbxL=v3KXrEz4^WFG9k@IVnrDif!Y&q&v)6 zNnZH-zAM>TL0f~+1(44-iC!Lwv6Al68QF_DoWt!1OPn0`zU3Rciipx7Q$8r}9pvL3 zW)t@xag#oaCboT@SF>n2b{A7I()2K*1*aO|>NiEl9ORn93b&TF*^T$(hb4{x7j0*6 zD*O#Yz&hXMb!bH|sAZuFAMacgx)0}t;%fYQh4Oq0JW%I0yd6i)10^z~tX38`dnWe!>(&fL>*R0@8caNgA7)PN`rY2 z3Y?@awNqkFu_3>o@Kh&3ydIKV8kCcc28j(Bb0?88BF`ZGUKK=U0yBwB6df{l+hJeY zaVU`MvmZ^(N+ER!0?~a#YAI1Y&;m_E2xOFhCtrylT#hw@ptcKVc8dIFKhVMBO!dZ{ zvM17OatD;ie$nCOa64SQ=a78uL>Vv)SgL@Pl`dkXGwH9O{~t|oFRicOl{9vqNViRi zZYfKc{^S^|yjqJA8+bX4u1M$|D8~t0t*QO)E@>V&Z}gsF{#%X{R2Jn*R2#5wo}K$4 z5UbAirD9sYW~X4vt$;IvmM(0abc=w3KiXRk2CqW1yYUlVlcS5CB5J&n+xVzPf7jL~ zicl@SQ*P*Y4xno9ip4f2 zm6BCC<<>@pNv31Dl)c}zXX!2WE-FGXJxriB_(gJ_7b4#xu0BIKUrmp)yd`gDZFNnO zh*JV5*12_*?-5NDeYTP|U|=ZeN8`(z9`%V3PUyqyknCvAKugIvDQ-D3>Emk1>2*Az zrlup%yW3CV6oj_q_L*;T0KmIY?pjrcth+W zA>D@8Ox#eV%g^Wp*T9*+rjuWRy)OTnL=a zNe0}wA7m7Ylk3xg@42;fk39;+eN0Jo_D?}yWdfCr__mh}8rqjQU2#W-NxW$2LVYbD z5Z@?zyY37Ol{gjlIoaW9a2`XRo&shf{m&FHiV}Mw{3UC#rJ)~racasu=WliQPFe#M# zejCN`s?D#VTbc4LMUk$^ogpR@hGM;;_Dd@!UIgQv8cM5_b&Av_8RQT`N(fbe6eMNo zb`z#P^E19~=0+S;C={UeX#70rDtr~P%!y+JJA2+0!i>9h#0$#Vbc(LRAA?|SosG*+ z``L}U^;y)VUp+fp77-+|;{ z{$Ck;2@>9BDYj~Sk|l&fuWPt51hOoFwo`fuqg3vrrPMG}PlHvp)NSG~-ky7VKS{du zxY8tF5-G=R)ITRq2)a?Nlm*Cb#)m&YK&ip-Nw)N;9V!bKrT9G~Bwt|7=E;5t3yozlPp4Dry>L{Powz=jRaSpzf zz75>Kkj1(;S=f>p$cVqYQ-f=LR4zD%5~*wX<5nk14gQZ|& z_gldATa)81vaBpXsz?pD(s*mIEkTR}Hut8ax6QtUolgiWbcwi=Ka>gF@iO1>lq_WE zRB0Ldp+Smfuo71T#mZbta_?=e71CMc?ri)Hxe?DfTt12IW0$!A(+}g5~dzA+cBM!T2QPSPClkgdSMUPo}>;PcO7Hc zX1v7?w$XQLDd>lJtpTDHRmIlE3vA4|dt)gzxg*u#+cl_=d3$hP&q+qtl!&J!B~GHl zOJ%~9Xe>;ecY#Y!-vN^CsysC2R1R%Pe7c3b7sRnux}qV8C4lb%*Hzh2MLp>Um4~hu zSMSt`PWu;((d=v-W7(XY{(2AoC`BIXYe)=J_3+1yL27wB<#6NdE$smwLw=AdWVj4% z$MRI=gO_*W(s}~r+D4KFKgI;6`@AOdtJd8EcegL9SoUN=j_=fBr_kxoY~f$0L7y4lQuYEI17{ zv|;AV;?UV9aZP~MPj=_w;#d|tYA1B55Hx0A;x{uvyksTQ{b=#`TUio-PR z{MgU#vrc>&Bi00s(lqZ*Sk`!a7iE=O(R*hptE1y+(9N~o)gaJY@x6R{ncMVOfP}`5in?xUejxnfR0&qWvc9%e=#6 zS`m+3EAIY?lCQO>n(J-4F{rgM@v) zrLfg*#^>bU3l*%gNwKx;nIW{Wr-Vyx8A0(+Wn7 z{KK~L33OR5ts=~oVH7gp7!;Z>B z3K&`W8_i>Mbk!FVp;jqz6!M2qAkl;jEgEj{@LdQfUrct>9pk)>scAULAhS`TxYtW2 z%w^Mr$C<(IjJg*K95e1_9@pYk%@F050eKQS)|bDSkv}hX`Xvce&L#A^whQ*Hwr#3U zQONXK7vIVDwotVT$gTT)H%3yCEimVFMt4x?F{>oUGWWTeseAdpIs~T_T2B8PNt9~J z&`FdaC4sdS`8FCJKj=49MPn+h6>$hMcX*%R6o%+tCp>F3<(Y`0=0>Ib!?({Z+_%2a z^wMWBK6kHX$^>UKikma~yy%hq1@ZOS@@8&q9)?>6Hs}nHR%~}Dqa@lEs1QBY0tEzU z%3l4;<)9YMF*G6BrCF$V5j$Lrtazr#*!h}Y66F6~q8Aq~mq%S@Ou6E9Na(hT+}%AI z0^mN9C##5U>=K7yILY?lTg^Lra!GyoMpCN>lzPF9?9u+!B26jrbx{!toTguP@!+h zD($2uuBD7r^X5G0SoH->JQp?l-fL`P-agTRBFzNBkeluuUZczxuB!PuR&8ymh7$U4 z=YxC^p1AIf7#JB-XTn_DaslKkYW1XHh6gOii=t#=rRe4z%c+n{j?)-3Vgq|*wnne& zNi2&q^K>zM9NZ)m9x<eKadDnAL-4<8eCCJEYBKt?qt`@IN<_0n)ix)#eAXB>YOBD{;pNHI9caODpQ zA`?9P7yC+%%UKjDnsy#C@yhZTglgl>)JW%W#rn#z@$aQJ-Yje@0j!-0Y%j2 zw^t<#z3Tw@3j~pM;;8z@`+P<$jo*9v2UdT$`@SU<5S>sQmg-;2Bji6%Xad){X~@3u zB&>1R?$P!2<(SnfpmF?>Z3yexZ*i2eM7WlxR-%8K?Q(WjvLG4v(08kK3$F1IxI;`@ zjxb)lY|TTy922mL;xKZkbgbHCj4NSNp%W;1RJA@DP|2E(wjta)phVU^m+Ehcn8NJk zz#yXKedd)CIomRYrQi7WXg17 z72(wwZkA3ww6g*>NnS{SlMlI3Ik*hq#>T!wLw;t%kf~ZD@cC}QQ!ls9DvhR)x2=~~ zgPJKJb(Dy0gxm&jx%k+|I3YI&b3s>MJ_(nAtvuq>D>LZhRYgel+v<~V>C=#r$}R31 zh33&OwwmP=jP|CRIZ?Y&H^J#0Jxkl4il;SUL5$Ej=Cm+y)(660UpJy)))~?Ju9MTYA&q$3Z@pAQdZ(mM239WTNpTp(&{Z?Cz?Wu% z`r2~7NKN}z(^<}ZAjZuoLSJV+Q+&&%N$#9yTnMd&6>i^0=g$x*_Jk_nWFT=5Zku0= zLsgugH$)+(1aRJu|+T*dz|iyzjb3YU-9}W?FfY@9RD=wz2f-6$bAQfVfWfiai2a!*r|K_K`=-@ zI%qS4zlOLI56<*ic%Kz-;(6PlbjNc5bJ4|h<|sm~U9h_2X*p{ykm9%>kmA@=SCw|c z=cLERTcnq-k)dVl2@kkKOE;TZLz;izl9@I{7$3b{00G^c#z3l3*pf*tt8XcTed?M?mX3U!!zgdnje(uuG=zJpq;$1VisggSLXe#P8g; zLlg3GVy+I zg@?4Bi_`ZCkSg^ z3S%23*irjT5p{4TN`E7iO2zC^P!nG7*mXvJ+w_u- z>a`C~*@=JLd64nx=>^-6lZTl?PF|}$epcnubA_izZePl{ed+W)p{b-$5hGVGo{{nD zk!qYocc6${*Lx8Wgc~PiSYo4QV+xwDOKI}cV)1rP+jYqn;1x`KA|tyuY@vGOY?MOd zqP*X25PV#?5a|735`tu}-@1v#TPulG-m#zRf-GaC!+3_Rr)VrXh6}?IijeSecc}1h zQDXcp4cp6*Z;|*f`r*2oCBVBoA1@yt|7#XNQ(Uvp zA|=De4Nd&kopjn7N~yj==xuHaWp3G=(fDRY-YeG)4a!1B8`AUmFYL02+B_P4h$YqH zCODbT-(*h);UBhEMo)d`q-<6XTP`N4V0pqIb$BZxX2A#vgkd9o|B2c9+e%T{E-Tq) zuSwv|fbmNTNS}{t2~2t>P)DxDB`;Ot0$YS?c=_;S%so22{K{t5&T1n$p&+Fki66@U zE>!sIA3w5>eiodL{L3eRsN)17k39=i;*C1P@hc3!W>KbOxPd9|X z$RowpEzkAL!m_nLHuYy~r{~ql`(oEF+A}|+Q+}ETr;s0*+1Td`K$9~H@XzpcAx&k` zQ+@RTG#~QvoU%DBw&r->5U*yPpR~oUNfkb7AhJkK*LtZ;=D3(IWhR&O)L*v2EF_48 z;O?!9RXXQ4y_ix!z(^-4xlC*h1+Y^rH&S~pILh$HDUGeKU*8|D?Jj(3d#V^U?>y|o zJ&PKl`#exPuxOg87gvFQjgmI@RLo(_joufler}(gVd`}nhSm@h-1J<!w|f{EXc_oQM;)d^xSb(5mn(bRk4jx9QCbS z{SW8=KTZMaPoDX-^0aZdwRrYZO4#crzUO&F3AMWO@QI<9%~xq;*2{72ltHV@|MPAC zI=Bt!x}-U9DCo%{Cx3UtL^o1slDWXFjFQ87&IzARb+n-AvtO)IHFX78rK^d1d%H^~ z{Ho4Q8+-9$>h50Js?Ls#xA(p+{pm$NnFOexalRM3Au|*fHg>nhG=|UTM;Qs3m@b~( zW{vx?|1|mM|6Dq=Bzh=l&Qcw*hp({iXKOVda3DAh2*G^Et#mLo9B&W)#^Z0#EKkO|jc*m$23}$7$*-Ph)JU#;_@u=n zf8UK#i_Bz`(fMSj+Xrjw5#8qsoku`gOi>Dr5W7 zyDJ|43qdGkF@IWqs)!s&x@qAgOKOur6EnP!nYP6iTM2F!dmVUTH|(=_<&Pe?*x>SZ zdb0F}mJlj9mI}iNeR!v7;Yj@?x^8Fhn<2DXBDw2V1#F*q4;>0hoQGMhWqjg$Z2(*& z+CMPR6sdM>-Z(Ac7n;|f{Pd|}SA2xv5fGCEYjNgNMQ-|_Ux;&Bj{1DF+p#m6EOAey zf$LQc^{E}a>0-Q>rX!2jY+ov(i&b6}-UPYUyC1-b0yR1cYA26N&hh)j&ZNFn41eo% zuqu4Aq`rDULj=@oeiNj1!tdZeyY%DIrRg7!9&BA}cfPj$c}6qp-oXvh$4?&zp2vAB zp88gXU%u7$=Z1FQ1ob?G%um-j;(YGqS^AyecG@K%GDfvgNtT2%+@U25#nBOq5@ zaHsRVpzN7QmEnVB@LRw!V4=rCqm&F@DyHet2SxqCdhi3EK4oR_K?I04-l7kZ8`NJ!)x4Fgiww&*#Qv{{6nNW)M5LAEC*X?a%#?$r zU}vE45_qfi&&|EJe82_Me{Sw+=kEq2(MB%zk1rLkn`<1bAA1JKGdo^LcA2dER%x`I>UZuR33Vx8d0C ziBRn?y7w1S0PL?3cxy3rb6qojZ_%H)K)0K## zQ$e@$SsAVbi~gc?^AI3P7>zB}{(Q9d4weF7f50e z7j(=`AMS+GQ3UK<5`h~~<4^Vv4JkpPChp5xoE{#^`h9o*^NPQ`QmQZ2GY<;><(dDu z9Psie9TQU^J$-KY@zXY;3TNGyMoUBM6^%BH75DxA2N&RZTw}R_F!x%!G3^jvtIazw z{FY)M_u(ULzyHWJ8hYHUXmC~J#D3Wac%BEGTZ1~)sBE696tPB89F81+c=uAP`#o~; z{)4a6pRWFly+GLNcfO|5>hK-kuyj@P>Y?`xmd`}@pFJs5p8zaPlj_$C4D)6p`yJlN zc)?TvAFA-;sPFdD$B&9H!qoQLvZg%n8c;jnu5RQF+Dl#*V~aXP%Xa86iaYXrl=@9} z;3NM>HbLFV&wxd6S;zFA3Np-}xm3-y81x}Q;l+_BQV)+0mhAs~OJ-o@T%9*Tb~P^p zN9m=&=O>O_znmJY_~Mb8>b^bJ^rU`JFEt40=7@n7I*m?;GT{@o_GAip0A#wev(r;s z-F>|@uAH#%!;Y7j0AJQ3NR>~{JS&58;nG~O3V`ZI^-}Zl1f#mIkL+K~ad&s>PG3+F z0om2QY)q8G{B&oUyaCB_)p~Yzm;*e~wFJP;Ggty10VxIoR04Lb>cm4$z)w7@__#l~ z{p+u(PB3SHmEkbMvQT}p0s(N1C5TFy{g3Cb2A&>nKm~ky?f)mwPyGo?z!!l1y?SX{ zQ`qp_{+Rdn0kB21BL6`NF=tOZe|r1HXTL9Pqr%Db_x~01Y=nTV!bW*=?(={F^Jf4l z_p}2j3kigc1^~7x+ySiR`d2%x{eOIu8Wx^@q{0Cp)?l=I)KVV<5#U0)*nX6)aFJ@W zH~tf7G^v1Fr8Pe8FRT8y4y7gn50Q%hFH9JK1y*MxWQ*Hh@}$o}RkT{F=BopdpC5?) z5B~r}`1_ZuSN7#2*NUkEx1ok>D)RgP^cLIY`)$8Nqa9`tleNChzN@ERaV6xL`5m9E zFaZQQ`eH$!Xc zS~oPJx70pvX`onXdt*pq(9HVL<;AjaZXl6x8T=Z3fN2AG|3{HpArD~Oi2$k&)KQ$E z)DdRhiTSCo-Eha;ewt=|3cgi2>!Z}^S+PoPnazE_Avkby07%BV#^{4fY4ZvnBI!TZ z0D_zko7m5}Kf+V>>{K5W&;UM~s9iY|O9;tQ0#$jrfb9p@SSTy~vplg;FE4KvG>Rv* zu;%0&u9@{viun%(Z5u={nn5<7Zui5E0*TcZ1^@E>Zb09Ts&JqG1e)2SD^48F_on1e z$c}>@o(PX|*^YhC97^Nv_p|{yFHP1OITR0EUFL52dXx@{^0I1rYujgGWj^ISW{pFo zPkn~6N=TU=0@R)Fw+Vs$rW;GeghBlOkw+bnV}8)OK4yN0ImQX(te>rEF`EkY60CgM zjo4I?C5=~nfke{}1?L7iyiJnP7p6YBdBWs?C#z9iEZ?6Ykc&3wWt9<~WX37wY4cs} z?iTy}?rY+?J@A2H^VLq>dk>Z~=_M~S`mUNVHYG}JKyTZ}$n!Ok{ZQ}fvbO)7Lj_86=QyG?dqb@xd^EOV@ZE-t^*i+LJNpVy*>@tMT#d zoUO3W%CC6td0UiWf9s}dvEtJOshd9OM(adKtV<*@jS%^jlh~I# zevzTI#)K}#NTukC?rODbjTmNvWoIq)jjU2tu7tM&SD!g%yW}c$ag}SP@qc&CnjX}} zsm21SNAtgo*AdW+KRS!q%ZA-aELywyQDePFK$8Ofi7dLi=e4$!DDGpACISjg($@c| zijkTAk*NxuiB_$?@QlHv*XXC%y%CE8K1GZD6-8e9`p5eTrZteWuO*48az)mknrHyUGxpfn zH*M|{6=Nle0kM%vXnf9HcRd0!O_1j%i>$T&K7J->-Q+<%@b1jY2T&+FKC%{~D#ZxYZ9>?B3W+5GnPT&;F2 zVMcjW`4jKaSq%&2s>+&npW*?tiyN{6U)Hl=F2LN=8UoSdC+*kp?NJf?j_Z z0EDRP1)kWItFMsXuzewI1zJF@#*PPAD&Ak3Q~;+y~^ zeBbqAKZZtK1E5%7(qB-_&JO`F-U|lw_Sw8G@ug z*78F@qN^)9&}hT|+Cm3ZXzU7pTkGuoPdTbv@X4_SA^p>oDtmo?{el~g*Tdh;M7oqL z116;AAo%+}{9|KHja{36fu%33D_wMwqFr|PNn!x>d^^V+Zv}}t`@|-ZwSsKi>uMtL~b~n<~A5Yfc4dAZ8<;^FQ z64U{R@onMvzdNws0z8=jr91?1k^Mk|orc!P1R`40fHS4w%^Uv@*G6=|Ek?6~t$k~N zjd`-Boo@E35NWC=6bi)sGt~|VOHX-f$XF_TFyiAId4#98TR78k*|eT3#)e>8pN8_x z+s`4{fT@dK{dd3?yx_cKV?ZCK_r#WlA(TlV1U`;^#MN&8z!M)pSOf9p_iK*tk#EN~ zu7(wXiUM8)?(J0#d*-Mi(YFKE+<{ngWwegj*`_*)Z+}=FrTVBA>Hh?5@{||Yxa0A# z`O-p9wO99UcL9$`WO&p-q@3o=bTTbx1Q2cb#dG_s^*|*XU18M;pa>tA+pm4GOy z#rB%kWgtmOJhaLbI-%NlD2&&3btK(ytz;r{X|PmvoK%lg)^?ErjPmzvT%<#*$mQ-R zCt6gs>X(O`_H}YH*m)KbQMG9yXR?UU-uauCdQ)%vO;pFOb5Cok=Aib2ivd0=r~6;#f4P*k z86ho}%q}7i9LfF*icWdIvN&vc?zHnYw#?xDF6#PEQ%U$YXBMCWWX2Cw25bKQ<%bT> zQ*-j3`&4@SUkp%59N^#ll&cx{W$^V|RIj>3Am|8r~K(H@DZ6$IuA&W)u|fU`CkmFf*-KDlDLus zl41S`;4$H*)HE^+pxa{slK=YeKw5Z4H+sK&drJk3w4zk<3gAH#Q$m~$UjVlF6H9LJ zer0X@xyA4Q+2a4VZE>k#qxt$czOdr7d*PW&Kk5#9czE=rE0tqwv#Sr_m~5zQHG|<_ zM8lt4i$GfsHF>W*y0W^O?uW~pPagE&Z#qZX1OZ!BjJJ~P_oWY_l5s>loofle18X`3 zI89XDjT7AY-~ZB5vfrCNXwFTg)j9@XnM(2%wxlxuq-*vWH9M8pv3>zCPVV}-gU7YIO{q>^lIr9KTUHXD?1FO9Z*7r_vu*4p_=Fss6*nWQ!tt(DC&E57nhw{X|p(idO=H?u0Ti z(=fKWY^8+#7BF};s{Zzt*;$)U`S6X39lq`T-+X#$nChNZqXFnnew9pgasGZa&^7PJ zFOKDo*!>B%|1X|KJO_jr@h7cL`^#gk5~`@T{yAX!4|4nGfa$*@?LP-h|7J<4|M=(h z{BN%IpVRaGG5(*^^Zx=B|D2xx5BT%nr9uCkp8r|B@=s~de@9%vpZrrA^dC6(^#5O_ zK{N0i@N$?Gdi%N8~dYR?@$m=b1geg9%CiDJ)R&;E*)v#VH-|8?LX{M ztYeWPKxp!0%PTT=tK3hw{E34eCMa|QY;Bk6X$e_bF((f4s4MM7L&LSpyUxQ5_RVLi zzg*zMt@ZZaK<$rvZvU{-W~yi0&tatW%Q4-k5e56iu}5HHXR02%rp@Ys{QfWB!XG ztfvY($K9)*HkRkJvz3GKzB<#K6>1bo+>+YoSp&Jte}i9t*@=x>s`gQkdi4sv0=Fz- z=r_eMRNk#intg^8Uv=)D5BO^te-lc5(Q)_qr;1{h;-Y4k-ZOOGN!)h`^yk)hO5Iv4$xTS$LxSCuy3FV?VB ze^`gznMGuILULtM!{gDUrC&)^)hl~Mk%xn{O{Qga0lQKJ2gzX^+6`@YZvjYR7D?wv z4h3Z2LSWop^GXiR=;JEAQ$qcY#Q6DW9t~a}^chZ)^C?!*f+r~l*PfN!N&QU2z+)mV z{SvXOYcyHiXj4W%0|eP=|yYOv{L(yKVN>0)>;WN91Wi$-gPL|X@L&S z`?fMTqvZ)4EEdh-0{F{%W*(Mn)!ma<2nQG8r3xI@VRNonZ)kOC0JoISC&>`SvY<93 zNjqFPKEJ#DjI&M6Z!PS8_Y+~GL+NIS0agha!9WG0!wi^(&d@j9N-;HlXRnPu4((LM z9$dMppmPi~`M&rD&@~?H?T3A)UimC%dxcdZrO@Qdc(H1bAHtOu6vcd>97&2>C7&O2 z5GiS_g@}PQfp;_pfzJfN=e|efPar5O!mi&eez^{y4+BBQ@u3NRJf159gbsQ8mTXSr z^2S<=D~B0cRh=qkj=8irmj97&S}Q#+qqjcCbqu$0}wXW;oFv%##eX_iR+F@;=e0R)8l*9$5I<_VZ!jNeN*X zK3}iR_J{f6-d4kEGukhIA}u+;^r_;OZ3fW2`Z#(qNuCtuZTa>2ZIh>2vpYjs63cuZ zt{AY>E1*rj>|tD)CBSg&-@VazkSoy_4ERhZ3G!)(M)#Hg{o@> z?fO5xlXTIl*=oxXo*B@yz zTtMIc$Ez4odHf(HX>wPTL3Wd-aQSM2sI9$!kxkDB@7)eZ zKFnZkEb?(ccz#LNHzEKX);K8C^3d|Vg%8l1qnNne1oUMXk#)9w293NXyq6HTm^D>4 zPQNwuSI%`fb2)jntR%Y$y7fLQJ!0<(m;G%2(pWhp6dCU&yZxh}Vpk%r35ug+`RKJ` zGM0Aq>fBX8uwC<>T%+DNkjgKY=y zZlhbomyJfBHr@df?ihRb2*n#$m+*i|tv*MmH28&OPvjAiDdpdUVE9!QiS^7Yd#YlW z8`7c?-de)m+MmsUD#gEr0RVoo8>N0e%z#2mWg=iu8wb%;oL26rg;31}vkL!htuV*c z)NrgpCU5``+gVkeC2~?q?nDW9%drCkN9R~CQw+&N%w}i7J_b?R-IgOdMt zBf2;g#%fYkl8EYw^)cCBP71VPSRVa+b@~Rrv(jbBN8{l`B!-g(#KT^o?inG4VQ$Lw zy8kMH<2@@KlVG?aU5dU+5q*`HC z-U9T^qQ9p{#H^W(HfO{(ndMbW`{JBfMYCU=3PK~z!W+S^PjWn@W1G>%JpR(K-M|fj zPECu0qUO@2!#d}jD~dNyq(gLe&)qGD`Bk$NtoXr)H4dK&qImyt|GjW|tCnMBSDVW~ z++?kLvb*CW}#~T&E5HY zK__i1MNGow6#c4=WEt*OZ<{*OOoU#GR~>=0(CH{mnd6aXVm94GUL6{|U7uFkEicxf z9};awBz~3LdKJOnbWicXFF*eC%XiC8xXjDt>-MjK!Q;HXIPVP+!N%r}S3;!qktkgC z;urRG$VOgMU179!6AxUxXs*IlEV*D~T5>-1Wk;xM=UA*yti<#UkCpymw++T`z@P)8 zEv)jTN4x2aV#{p!{!fy-k&Ou@VqoRNCzN~UGA?1xX}q?XoS5?m#z+LOQhXhw%Pt2# zj>B#AtXMzY!tib(tvp%4sIc;-DFj?r`0*d(K8q6q;X32RwMqM@!X@J zSl=k7V^`sifT4u6@%@mBwXLaU#%}rYxeL@*Wl2Jiz>x7h`RI~v811(T7a;)`CHn0445WqI1iRQa8cb1~5_c=l_4YX+fMCcXw>P5iGanO5*;y_IqBz==J<{O^g+bb{ zo@=8Voo_@rqgd|r2_CiA;lG&V?eR6I(6u2?qo+_KdP+gM>!2>MfN%loDsk||H}7N+ zMet!r-9tae5g|coSn)z<6UJ+i|Fw{*uypeKP4!l?t2lN^my-ByWjW;m+o5Jl^|6I31iA4wc9$@1~TrvfPEVLb?oJkFxm%E2YW6uXnLJ-i$OFwcgCOigtk8F^cYwc0L zL-&V6;1Ki$RjEC97Yg*pyD|ihf)<2~L3$Gaw)De&3jtP@pGZ{p+|}@OTr3xYR;wHZ z3D!)vpj$Qk9fA|euu7OG&RYCcrMa22{jFlSDL-omU*7NW43V93CcbvRG!C`z+n%qk%bP5x?K z=sD@rV#zT3HeT<*Sk8ABC`Y=0W0zQGL&%zAW?!wFtj4k6v0sj&v(3Uof*~CSAMz9F zlcc62{YRH-+~EBg6|NT5r9-x#;(97-K`ouD;Bnto1QKH=nc1n$Lvf`bl{n4>fwmf= zD6WWNTF}{wjbtBPYQ!vUy>UVTO0@H%TDodDv zbR<4$b0m5e%qTlNHxaipw~Lg&046rzp2+g^C87@yylyI0?z&HUmKIjskjrD=eC@Z} z;=zQ3EMzNMq!{DM`B1xODFVLs{c1j?K9I3_u2nm}L`=SNxf#){E)y&GN)ApY>cbm* z#Y9=Vdj^s1f_M**?^1)RF|08RE_D90eAe!Xj4RS{Mdp2K;=zci?V&Gs|8O-BI0A~o z-G9aqXX<&!*mD(C)lY5{QE9>?`8(0h*BSd?^lPW%u8HrSXkBLVoa5 z=1c+i`7kH%cwG2L^(5BvDHpw;ft88u1XIIc?DO#!Yo&`Eoe42~NmCLnx<)$d(W=WRCVqVu zp)fe_-3VCOCV%%gD(*ltQkKP9f$7%$Zs{p)&v=2g%0LieKl6?AYT-dn)fS-!%MP`Fu>Rgg8NN#PadM5sfsXW@`91|Ao zRqM@nH+g0^BS0gwBx<@+L8+5TH!62heU1NDT0uCAQf?H2dENr~%qgj2b*hB%Lj-s= z`J?0pF{Q*e=M6VUXvPiCqATxNm7DLXj=f+eO3LGd0np0FF>*fQHIy%}3a%w9Yjw9U*DFG>=|d0gDd+~{cV*;HB9N1>B#YGyqEn6>|SNw-EQ4@^UE)uB|wJE;1>S#_E};O!DOC* z5Wn?00bi`cwb=>p>Di`GB*8j~y<3jr|D|lyu8Fdj*PErUM;+A1%k)|uP!M3GPwn0_vVTvyNRgklZy_E|!AacQBIJ@g`+x#yz(vXNsIv?a2b(bElfHa;mDuj4)Ha!;)$fDN z8@49Arou+ttXfj?_7sJY>HSUAl*46;L;)s5pBlV;i|xP&z;2dmcbGxjsv}gf%Ms6* zH=jygg9RezXyQ69>+8R|ewpI2s%5q-tKKI=nwg}g5s2QB!VYU7=^(Ha*x_z=kCrV{ zsRQ|};td#WnRnkDMzN6-dTnoex$jBG7zDu%j7L+8E^Fp#;qbdp-25T}lssL5{yRBD zZ(ePQ0An?&6G4VO`+HiN;2hos%5dMJDInjELDb4td7`4kEeY^Re^r0!fT&<$psHuJ7_@&K(jr z&ha9m*c6SRvDh^SpyJx6xlf&%Q9PmksMV>Ct_03CYF2=bV81AX zs!-(8emuaUeLPi`_&vSpkpiZ084uh`aGG%(7+YmHo`SFC1h$r95nbk*_?B-v^2zm6 zBcI*HmG%;;IqMfWZ`3=T@1}r*7F0<<=9q!y$k=kWBFq9UPqO!I|3_0$xL}n+iSX0bFkt?fshk@)-5A&Hs*9QXqK|s74`5DH%))ikCz%-4`(^rZ!Q9* z_E*&t&&!~S{Bp|u9`6?D+vk?XzgAwkvQ~+s4M|zG?JWfHluvHqhOL$cM^1@Yb-WUo zDmU>o4G+Y0%gIEYdfjYfDi_*p5jS4}XvbV~E)<)M7m*WL3D)-*&;!eur>x)V3?S4PKr zo%?yf9L&UR;uXQ#?IOO}HO{2+Km3eXqt;&ftykqf;abc0-(hnh(Mt$mN~+hZR8O&C zom*GiE;@g2zh+DP4PJ*`0mfHPgs3U!26v~pyXKTivzjG%jrT&hHl#@ht>g;}mFK$r z2MTSFd7=2c>SSp;RGru7>pZ<=4Z1l2U6(c{gf9v+T(2ZxhaLLVSW9cXyip$T;68*; z^I24TZzS;yq2~6&tvEr|L5q6}mD68STDoE6cFXs!!G+2NGZ1*?)f~nie}$;R!U=|I zafs6nF*1-bM9yUy_8*g*0bpiS}Co4YyAI zdm=n#`i$wVO}U9wu!PR}x)`rAuwXNP)8xQKDNs3B>JbvU-N?)|;0elWRfx056oeQ` z#a7Q~joVVGI)SYaDW09PWas${S5mCzw9{vcQ)GCrY9wnFAu^jYuI=#hzzcU<(0h9y zQ(Em{o%4D`LBX1(MaRA8+FFY<9UIAKNPD@1{-akHh3X^)>xeP=N?I9G5SiI@&hSt{ zqO!5x@rn{9!0?mJ8Np|jU~8XhltO73hrxNo2}`x+&Ui6C*k+^Ktj3V>PzKaigS?TD z)zoSxoBia?dS+6i!0 zXN^5MH?M9lo{6%QE%$Kk>8jzew)5+KC3lWI@yakUQel<)wm>v9*z6WOD-fOsjQlbC_TDKs!L4$T5(oZ&49_ zIG19XjfVrW3+VR#)`X}OC6jRpKWBGUhqM5*X)O|cSC}oRB=O~Yy@uwiDdf2t$-Pe+ zqVIt@hX9;9`Qp8*Bb)VBApaN;xSrE0eQBf0pAJsy0 z^6JVWFJP+2r#k^c*fen!Q1o!IA^r3@{{!cH00ovhK=X#AP@Us#W1sFEb|X)zl=bJ( zp>S;mLoX@oWnvspQ?eP<<1sLtFNPfsr29*Oxvh&(T+dTPkQ+?n2nAIQmZ@2vWf%nnm-MlZR zynnV7TQ^O?VL>rhNbUi}$UglTJ1e>Bhim<|8i5W_();^og5OuaI2`w>S?zZSWtTbT zH&4|4Z%&HNJC)Z{LKt_v%XUtl-1zhU(f2Cr-A-HoALG*2;X(NC=`UE1vz-MPM=-|XB2BOK1X@R7v|821b38Pxj4 zd_M3*!uH`@K1KVKxl>jxg$eN}1;6jC>+FnERxEWU3$NXo@UQR!k ze`o8NTjqUvt@_H7H{C$8}Fm!_i~v^0`s=%uW#>!{)W91%U*j+IZSH{wv!h? zo_AOaT;YD@)v4-y9FZ9Snqo9cn$?A6&;XR^uB-yiq^@1J=R4+(Ylx3PbD$c^%T{8~ ewjc-mu|Kk@eC^#1Yv4Ex1B0ilpUXO@geCyy+R^j? literal 46762 zcmb@u2UwHM(l8v9CRIT|=@yE#(0j3g(nLT)=!9NF4ZSE;MLHl zT7!k8q@=)t!eC)xexL=vn>XAY=EV2WBs*r?`@ZVAY2KrZ29XCtY2TqPar|$CF=B}1N=Qd96e}+uK*U9OrowNTuZfAJn7qMse!NIYZ z#NE}kjTa#i+dKF-(eYn9doazdpYw~3j!xo}(h)u(86R^&1O(suhZcV=-Qfj~PfX9u z%oUeZ*gH7G%q+_)>T2tnoZSOPMn;KTnicLTU39g7^7NUqiUtH~sGo$5tDC2Ydrb+^ zlzQ1up&;XmoL~s_O6%=p@$D?@Te(!8A6TB>I=)GflWLxoUNJt>w(#@e+t(&eE>X5W zZ-PLjVagBhJ@Xn{nKX#buVZcBd?gg)e9QH6KPivbOURu#)~P?7)gU zFNE~}D9@WNfc`3%p&-y-CZEy~VH#Yx0 zq?cn7&T8kNjSEObweuI2Z~{d%QWXRb@D^V2p80qY^g@gkTx;y3eE|oREA&XN#CbZJtaBYVKOg~Jz@^{8IBLnN zRRGd3b*4*TgkpES>RBtnXL%Z?1Wge{kXbt_BXB*wfZ{e9kkO&R3q6Hb~upp`ZRmcEhl3(9&BQe(|`(f`%t2FDyl4 zeSA!b@GwA-VYE<>oB&rD1`gtcJz|KTxGwwa_m%8IRJZYAPZ8q*?X?e0Cx;#|7@QeP zLl!HK#&(Gy$QU;iQNsRvKraMSo5*Am>l8#eY^KL3-wpTJB$QFz9`^e-N*J?G?HCa^N`?k2M1g~I(ngbo5TAE6^>F8*?`*nK~CS0L?RDYoJ=whB`z1XCM zhm&cfu1csSvC)CJM*63kDH^#8rE9y=VTFEuJy|cCE&J?!#4 z9jmyqY~<3IndcEDv6rk9xKyjF2RvA>p9Xk7E3$;}p!j4_7Wd-`aJ)!ChhpQbm(?*8 zoSx==UnExQ5R^uuvE8{4zPQ1`i@0SacpJ|>(0*Fe;o<9s)FNT0*}mxLz3*h5MVYhH z%QGi0IIOlON}iA6pFyXI6TAjpH2uoelj$E`*0C3)vh!cC02Mvaw0q|@w~0%T@#C*z|2lRFJmEDxxMWXn)_(w(LHL>E8-BIwg2G8A{;XGv=0kNU?zEx$lW9k+w1D)@C&#P>FhjA zfnF+t5VOaXy0Ld7EBtB0@~*t2&2G-OT0v>@Xsci?l?z@Ol!6P0hr$~~*Ho`_D+HHH z8wJEe3R zU-G~&s6wEb7xcv~b+FaX(UL>UNCmX8dFdfk?^Pf+LI%{NL5!6@(|DJtYtlMeP=zjlQLk8hpPBs{1l?w5=W0qH6-Oo&IJ^X0s# zsV2L@W}d-K|K5TmoSQqit=XW_1Jk?LD$E%Vx_NY~ysz=~j_KylNYwPkpR(lrLs zBc5FS`hc1cV(PH;L#{#P+n_*22}-#ft@?CL-`&Wn_>}T1i}~QNO2|E7o!5z*Vq{r3DE~sb zOgKmGcI>dU{L2*LM1zUWhFD8(C)rdFDxbBsL#$1VHT z;wSHHc95yUiHml1>e08l9^w|h&3&>jr2y25*a#*@YccO;yZ-KjtI14C|7mj_OV%w; zN^2{jI34TwbVCm4J2$KEhOIa&D`_ior1dYZ_BRzozzO$&n$Ldf;oW6C38Yl^qj|(= z+LUW4t~JHj|6n$)4+1SP)H)h)6Vd;AtKcKkJ)ZRdz-DMtphW3RhbbWl_jN4N9=xZL z;du6w@P|7GM5?S3mRyjW&9L0_$-y4iI640WIQMts^QpKcSe2O;i4e3w_UN} zyUSF{1Tdml&}+$u_aDFda&~5vVZtV;oWgOG{La0$P@UMq46WphTr(Ms#}!Ihnzzo@eG}{J zF-syv#K`J#|ILGol6L6W0HlZ8X$6Dg`30-=?LG}alw9R| zZcbuvnEINGF?eNR!x7vyEACyn_ml+Z`6~A3?N=4Kxhaybvwq$qJ{U>-gp-b_w=i(bpPIvj__@*eHA{M#g#QvdGAcFC4mH) zUQ>a?@45tvBR9Por%>zLN8_sx#NRkp?#Ty%+R3mTlQT7S<0xj`8KolG-16@A)>VhC z8or9M#`ew6((__p**a<62l&~jyM$(sAJ1ieU#f&4O;)nl(n~wxCJ-4?L^8zF2R}6n zLueIfQ@Ur}E1usn4?>g(XjnULv$^gdw5OnC;-_5<SC8KZJ45ka!KSuZ7>^VfQ^gV)|{K(fH{;ZI(NKVGIsh4b}$dqGioslFM z%a63K6NOpc8Z8^?($M4QwDozvYLTELoEEO1y|@|R1XD3EiUK#=k11b4VJCm`WRw&F zy^TN3H?pq0Ll!>~KAJ!3<@YsXz#&YLp~tG_(d8ddTC64ZJ)3w%giEgELrFe~i7?8R z<)oRCiKiS^ka~*&AMa)!>P4e+-PR{HdZAl)*BFeh`l`~8UR(@cx6qTDGdPI#q=JZK zpfb6m#9NnNt4rCgvWg!FHM_=}{uCi~PBje$!wS-!975KitLCLVHN{^O72NZ0z0^Tx z-V}oQ7PsBhtCxlG$1W#w)4PS-TRs+q&QB@Lj}|yIcFh*>A>9myRi`ANn&MC8u8w=? z)i8Ra#YyZZ3up)>cSFP`JhMH@O@5{KsYc3*mzq5&Pdyn8L2Sg%bkSmGbP@;p%Q7gn z3U;_?v7h9hNPX4t2{kE9>TO%EzR-}4E+MenuIf7DX;7-`>9bnhZ3p>N|JH5C$LWr^ zc$N<02+jWRli7N&O+M(n+Ox*n3UBtCLv)P3++3pEMM@83s6kI^GFxWf&X+J&4@6(W zE_5Kk9xfAnBYF;NOhH5&*Mkt7ah9GigIv~%!czgL3kzzCV=$2m<;td9p1F~I32E>~ z2V?2dySzt?6B-{tB~ZeX=e2OC+kKC1<2mMHYrOD zNm^bT8$_0FlG9?*tVcDi%4O4+QFwUKzK{fKrFT248Wfbl4n5dvD61Ll)nLsYPHwu% z!sV2N?!`q&8!=#N3JPndYyeIDFkI71T^4DagwDbHcJA)3N)Y0#FFva>8%z|m_NU`} zu5lSPg%KO$YV~~467RSj@k42G9wBI)hMskJQ$rs4%4fc0SF@aAZa3Vtpp))u{{}l$ zm&8}bNvCf$-hM_w653%tnk{))Q$Nk&0%&R48DaALmHU_rk{;--JUb!VFC99y`h+pz zyhmpUYY1d<_!4j5fNOFT7zw5dFX4OSa_h_(J7^jz7C!TGS`m*6or`VxY3ej{go#^G z@TlW!e2ed=h1~MHCwYARRvP;IEZ?cV(dKN!aZ5=_uKd0>D?!wC)aO#3Ld?6fZ2`8| zvBx#fOP!s;3f~y&TMnWmmNsw+vMz7Ii5Em&-#G&$H#4_bo2I=Eprmg*j4GE@6_}Y{)KCYi3m7sPiY!Op=7t96{h}-L<2}P{* z&z$5k)JEP+Y#`d-4yH@6RV#7H?+@Hkw*V31w3XWqlACZi^njVmnkU&^v^=u^)U~2C zYML8_IjoaTl+Y`M*Hpfm<^sNcS?A|dmZaqc$@~63tp9f>_5bE1$4xKn*c`7A5UQd< zr#+ZMoWhb9=8*h{f+Cub{D%g00vi=5@B-$-k3Q0bK`#)LgA^1*^xTx-kB1!!`r{#` z2mSE`5&i!F{|AYGLmz-Q1xi7C+K*PxzRNI7enId*hg@HH%XFjj*32Cm_Um^^xoPqr zW}lvU8nG&)S-6DC(uCdlmmY_=S47Hm4pexiPQp!!);+;R?FJhYVs%T%7^da4R^VLhHDR?iZ#-_5mLmU=S~dRKrmj*I6$Ne z1lp)?_CYdjwuu55o@BUkIB8c9@HVnp7_gX6J0AkCB`$TC(uA@+DC2<)>KPB_%_|Tn#PT`bfw#UuNJ-TAF2_7*io((_>?L;CZvHT z>4`?emM_7BSA}|HLyTCOAA&IBJEY`F}7}W1IK2_L7 zY}L2~OwLaW0F;DLOtdIoE!3ip;se3cSIw@LFsahPF0u9>7eUR3C4{)wSCKmXG=5fM zdkP7#9`MCztbJmQ2k0(zej?TMdM=a&qnUEBpyf9c3v1OAICCWc!QxA6ji54FRAYG` z#myHtYDUzj_rGlI1|p~dCc&<68K*uNwkr?PPMK2oc}z|?X?*;o^hORe9arN&lJ>pV zp+R3s8RP4;&?|wn`IhmS@<|Q6O8?RJO!KSh>(%h2p>Q^R149e%<7FNPy2*oh$2CE# zy|2aCy3q_L$Tnv~Efo0GAS}8b`CD04mc$ur;?=A>L z&4bFM!x$C(WKyyZN?9pTn!7zO-SE=0DrYrvquir0rjWVtlN-CzjAdxCkldN6?i91C z${J_$f?n0P=qDqoj^I8g$@;R;;h(QJ+!hnd`{pyYeN{F)_6G*l7%Gx;s6<&WgPK~% zkfw^x_VIUmOx3?_#jWxdKfHCvP2s2E6TeGqaKfU<#DRGKr#%lj6IXMTpe@_F)-NFD zG-C@|3T3xuO7pzEDz?$KoP1&^M-vHl(DQIQ2!A6n+VO4haHsFDF8WtRUCkUa^pM-P z&5S=>y;|tAD9PpaV5B515r!Wwst`8svK7DwPZT;a7cTkfh+TnjIxLOrQjmgvyaV z+%{9wyGY!;Y|$d#OLy@C$jcPw7?E%^^~644JescJQL{&U0z?VARHJJiw`P%MC*-r# zrCxPah4N^W0+|+oNTVMhQCU(nc9RNts`0sp+DTlrf3C~JxclLi1oq{-snml61Rz;7 zI`x>Q$$vH5n1?TzL`q;-#&YNxxxbvZZj>k%OM>04SC9q$g#nIhCTU#b- zfD=@n~MX=&41u$5;A);691hUc-&ts zO6XpEuq<&TZNppGQb=|fhr0Zv;JND1LQc$^^Aq>JeMR1>od3zCV$5am;9ijHD<_{8 zNZB*;Z3|d-gq16kw4+^$L8l4Z!qGhjdG605cfO*B1T{VzOR!xAftqVHp}eh+ysty- z%08Yt?CsA^=q>Sf#8dDNNW_lrbl5(rPV-D&B=Prp_S9Mn9Zq+r&vhqM|L$+8qRL>k(`bd14@hLnewV0}5>faWT12LDlS~*;dah?Xw*U`* zv-$9l2Ln;mUjN3-y5!-n9;U;NQhs`%2Ah|#{uw^8p^o9P!LTMUV(EG2uh0Yg8khmA z=E>Lc6#e~fP35U@x zr!m2#-+nB@k7HgO3;QnFX=0Llb7j1$6l~uc}`TaGFxJOy7Mpfx|#Xz?}P1jVe#)SwUIC# z+&esYnxFbs|Fcb@eZ#JC8ZIvFly}?g9GQuWn_i z2r?g({=Cz$C2W4rjWd9oG$SWF5?;xn01+NdB5Ot$?Y;|BY$;4p8ymO>+*zSl2GmhB zFvlM0&7FqVBge$=Z#o;nd~d7dl^9yXiRtaSqer{q3eojoO5}&%W0grhO6Y3`>C?{l z3Kw%3K^+hwL?8?3I-Yt1{=Fk3Q=3cpdcvfEHF%F4mZmY@YdN!7CzeyKYB!t^9zUHL z!$zhwXDxF^dlnj^Av_GcZJkT68IIg; z&gbc#mCquB7T{GbP}ZKzn8b-o8g#u=S5hz8;{oQgqmouvo5zy(23WZ@0x~|a*@jpu zbVc8o;+x&G4!SiFm73>0ur>1{=lJ2RR#_|Rb+(l_b)Sk`942$4W#jK{9xzX*An0d1O?>;8JaTVM7xVjr6??8fy*9fSol>mw?~#s4tpIasYw$$FC>M*BLjyP}Br2 znU5V|quJE1bu*Yq;F}3M3ik$YXV5JM0{Mlb`Ec>aK;pvb3ku}Qy;~E{fe75*4Zij= z$lF6;bKQRe8%@~Gz_5G)H|9|j0_GnbHpa1|I;fU^9=K?ACTT9ohtfX;8s{{%ekn@U^Di3IK=BY9Ns9bbyTTq7hdCA`smq%h@0 zlmb#76c@=#zokRzg}MDwW8@msAASdh=C4@df2jQj(0K&%pCry>m3IM`+0zhK!*T7L0xrnST*0Kq=d_Am6lLExIA# z4m8)5B}SJTAfbhp4mKkiG>BUWB4UT0y*EW<4bEIe$N)<|2%kZPz4*J*NSbhk9%%gv zhz=B~_sFEJd7%TwDF$%2?u6M^$=5sPY|i^OgGXr&T;sOox}5!G>AI$_!T7C$9hQC2 zzSR>9@%CQ>mfMSR=Wq^&Cz&;)HF2&iDc|<0L4-&$Y{jwES~vCZ$3P6~V06gt?a&@c z_@Ur#0HPh;JG@Z0a%39WOB-zAEU#7XQ?_RDR6{l)+mA}$FN6FpIvI#!Mm|mrTh#MZ z=4Hd(l$`WH*JQP+;gCi_lj!oGsn0B^nH(V@IzE5}?9gCH60xqEF>}UrG+L=Z%GluJ zdsNW~+MWoRRvKzbK#H9+HOiAOWUSBFI)sPd{i@2tctmH8E=5?O$FS!tQlLX2giIPe zb1e%@Lop|&J$(|uPG5^LD;AB)Dg65iuw9=_H9fVnK+c)l6-iHeY!8MN(|ADcz$7sO7_-Y&r-e0Yn&_ zz-Xv4L;r;*8$3F($I{)cc$=rH-ot!PS6*WzT z{U9f)FBYsL_td`^(=j8QM+VVit<*F!MUK(k0c4AifDSW!I*b(3oJb#fze^V3fzF>B zh*K6Dskwsc8MZ9VNu*;PYrjRM&ovD=>6jW?)HcSeg9AFaaF0g4Ad7H%EbB9zv5rZJ zNIBbOqV3~pri(4-xzfBhtsfrrNi=m7ASp4iCFZqVm2k*V6|8dfy9B`(pq}uYHySo& zF(A1=!2~1Hbx?wI{MonKsEq|?lAZM!}AY1+js$(dw%L@+DVRM1=_Ig3J~4^IPo5o8z*ZLzMWcd1v~4f9=paNtAk!X$eGU$YiZMY z$VzPQR-SSNgz>qGa`UHxiB=hE?=L&7E)JsEa*EoKrR5_>f_0#0AzGik~2Sdc{ zSqUaMxQE`2RAu%h0@xRhSzaju&p=aO5S=4_9zeH4*oow$KW=x@sGf%a2S=v_d?`J%RDLTHYlKv>7 z#A+}Kv}?YLf>2v8_j%6g?45q$9$P(1TkDfu38-Y^uQ9#{=z?~@v0^kCu=&iH60k%6 z3d;Pq+JAciL~j1i@6JOxqzUKH|DpE3YIIKQcTgyZ<6mo7hWbyXrzd%nnsvv=HIQxZ zGYyB<;jEQC|00{a=mrt!w$~)CV9x(^d)um1@1(gVvxoC|AP9Dud0m5r37K}Pl+{Fzh#!QF!kN0IL|$SIj@8> zg`*WK9psqbW}=HPFI=HR5zl+^GHU%2R$4OU0FSr3GL1D)veZ=W>=k{K)1 z=d9dWY25Fss;Bczw-9GmHLlAcz#Qh7&O5D#kJ>4y27TBA6C(%f%Y6%|uzkl1Sd*y` zUjvs#<%I{RA$!KlC?_&V!vkl{@*7M^?=bp`n{a4jXmqBtIL~x@yKT)%?_5=>M)YWk zN3yuQu1|7%{}v5u&4zxxH|}V(U`KXEPsyb$vF}QMvH7?U#*@jV@0K?ZsUFicm<_-s{G^|ukeOBf_s;K_cd(9;PRIg zzi+eKnY^wzjUkXXJoayMZ(f@LdS4M*KERf6fZ zaKp#w$=i!Shg+P|dog6VLc@ef4}Fm$1EMGC`FZuTn#+#l*toU?R#p;Rf97x;A3VD5 zGa$lrQ+(HrP6zKxkhf~N%0lQRifwiZ57;SzZX+pV_X!)7bl0X36Jccg$$~zyZGW+O zHI$|&Yb(t^_QaEMb^BFqi7}3Qh3*mGRceORX1!Z<7@=gA*J}9o(e4hfy8PO$WN=Db zxbW38v}dK1{iI?Zk&gyd0YG>CH*q(i zrEpoAve#}e9d5c;zKKh&{GK{7lNph?Uxij!6Qk<#>~d^&DOPqdezxvirX1%-V&F2u zep;m{B*de&x%<{pNk;smq5GBE*sE@NihfbYDL5$DYvL;% zZp@D#y_pq+j?Pugv=uT#mf}q+GDwzA@8iq%R|2KTAd);gBI#;~Ybd)FVLv^iQ?m*N z6zqMSuwu{XRNGE;<&Fh9KtYu9jE(nqCtzrGhqM}R&Aer#8M>m?k9URn=q7ZS%To*$ zOZn>^7gtf-F~N9?DP>d;-J#}+k}L&8s$!H{Bz+lkgt4PXjv;+ze8*#3H*HiKDX=3C z1~+`k=mE*mqGr4dQI%e#89R?KhdOH)4MUl@g5xv5!+Z@VjBIk;A=Vl4Cu40(*un7Y zSQm8jjRKbmH?M1`+^uHi&9+=jzQ^F|^f<3Xj$2)JaQ&noTM!=q&FidGLJXiT(vmOl z7AMFgO@@^ez&vIfgH5>#L+1qNJLLDQ=h0qDj@H*|-$~psnJgxc;NMCM=oyCZZP}vl z`(lfqg=2Wy7Zm&w(@C)vHV%mO{3O@xw1sy5RR#t^W`NQO8116RJog zozW@%?=4mKx(8DNgGF3kmZ{iwdU?xQ9Ui!S^KKri-IAuJE;@)qRkYqwY0;64wiP4q zyDp&nooUsqb&I$Ma&X~bcd?eRl&w69ByynE@0Y^}m{yp|e4EQoLxafv*~(Ak+Uids zAF5pYRe1;7Qlr#M$F}GO=EHPtz|sga4b_;Oy+D<+BMDs}N$~1X!0ZKyDbx)pdfP@I zn0L{>CdkX+v#aZ?^m#`cbGur_yhZKr=(z;ejgs>iWq=-#Cf#fKzJrS1qmjF2PO1^K zZ%kfi-&pMnLYUcXs)dbtKIRj* z#+6s!c%x^wduDI>Q>)XyNp8bKg>X4#uIjAFqo#1@@V`J zPh|b5b^gvSVll3D<3ws}G4SjG_vDhUhNr0edLr}H2tnZbt2PKBMSS+-aPffS>@=G9 zSnjkZqle7+?8ro%_%a`c?9sec+BONUH5RZl32{ZD86&vFZ4zXqvB4k}DYk$ZsgP10 zw|=0RHQG%j_b0y<8{*1L`Pjg!zXwM}b>mZB?1+6eA(tR{eaw;zX0gU(UsN1l6U!pS< z0vG0&3tOn_^dvLIzQRMfTOSxYm5*`P`X=~iG3;&Q@B6$KTJ7jC%^ufxj6c~HCXb$Y zQpW%+_-I+n1L!*c3{zp3`4a^NN=PkzkWRr6bT#_D`V(SarkW>%mQoHC8&;spD24t@ z+Ua;NW4{yL=x?rNk=X~=P!1kLz7#XwzK3kSp40CtN z{cLk>jrfWmE_=}@oH>0lx}x~@iw_5gxM3jcK-7*tTz^{~>T}JH26fNxaV<-@b;`W| z_r-5q7oVG^W$IuVmI?!P^q}1y!8z?4M=LF+jIBS_ENY^%R9N;X zOxr3vtzg#&;@~F?BE{O$w-}Y28kdc4Z}`^fkMK8d0Vn$PL{69s-Pu#fFlRyOHKG=2 z52qkJ?%+Uo%Cxio}&XR<6diRR>WonIqrj?_pFDw<>B;!}-BZ6+QuM zsI@@oI)CKndu;O`E}d$nib}qUz_Yd03P(mgf<`}@CT3>!k(jzOO=4dU zW$wPuTo4|ZZObZu9gx;lYFk&u+H|;(8pBcN$d7lmY(kRqRFFN`UR**>U!S5rS7e6L zD9&U0iT(6ad(5!8T0%q+(B13(EJCDWZSBeX2K@4JP5PNc;o>&`Y)`JYueT>NN>t9@ zVDGbvwxHEaJmngY%mEIjv%VcQZp(Vy^2PdG5Fb!Za@ntfsIz>CTU(+RC5diPgw=R1 z&4CrV{n=37hv_prC(RK)X^pQ(Ct+#w6p&QnGeKm4VIu_&P@FUDNkH>MW|7svg#rA7 zn)32IhA_`|jLI#v1){1K(SIroEmByTg)hYs+(kbbFv6Z;zCI{UVbsjl9PV2!RBN2= zt4LZ2#>akgNtWI;WG&p@t2s$AE$>=yTIiB=36>8rhrv!PW@$!fxXhH>bE{6DX{q(uiJ;;7D}2v$YEF9X zgRCW*moL%Z)sB>|@45s*-hzVE;}OyfqRljX&)bp#CqD8Yfr0aw(0Qcce1?Eq|J$|y z9WnSj;D3Vu7sNj!4u8l0FYtd0_`gB?_akZ=O#&DN9L?XLql%GeAE5Fq>&bdh5CUKW z<#6NbgyB;(oQV8G9%dN<2XjO9`V6SPbsJMk*RKQx4L5A2Uli5C9`*7DSzkkS`%-;- zn3dwhVwwg+k4?EhUswt^Mi4s!(n7h#Q~IQ>r@GvLf{xAO9Nd{)hmWwE!+ONLQ|&dE zz%0)>KWluiPeJ*=!jN^;3 zVy~6+Sf9S*#BWDO*81Q*5pL(=SmA5WqK_t5BRqWL79#>n64i^Jgxlb{F5B3kxBL|D z+EH%#?d}q6<8`l8QQNDvPkVn2^VV6nUW~YM|Db;9IQYi&Ba$5nWcQY5xJcKwCHE*s z20vq5fG*I&$_ip?Bf?xdaR6k zn%7NacP0u+1KjTh&JCLK=O1+>`s)2W&^?2BkU^Nu`2ATfoCTTIgEeqCQ#t?s=(AN) zBx|09VtSzXo212qpA%CXgW9LI=zz*Z>4@*puVZv1xeft^US#8%?G zAX~zG|10Ney-2n}DKy`9o%G@OTBc#-p7ltpSNSM*n}D^;=d%#^qU};~{r8F7G)D>K z!4K2O&8?Oz*tLN%_9CZdwS<|N_QgfBKprZCI}G6M%beSIyS=L|wCRTYBlFyHF*@&u z`#w8ZZx7e8ou0asPBowyj5}&p0=>RXIg}_gPCw#oC_yhBf>x<)>c@L(CUQNVgG=>(!t{<;M&d0D2eE!dW(7KH}YLu!K>|+uwo`yd1b~F*+m;I zbl4KTW@Ur9DAO16pbm_}AxXq*;eN&U)mKzNDCmb!I43qmbcFPTm$ds$i@jxPkV}W-OYUyliUZfX+}zAj9%x=IrQC4INFu z8kBRQ5nlJ#!n9#tKhgQS{!6{HTMi7dUYV(3p`*WoOgH__9r{k6CClNQj@&&I)Y6=l=i^3WOXoPz8JIynp(Y;s3%ztN=|d0cpx zSL>Ks)77XzFF)C5OOp}4*L7yH2A5AKcXeyC6Z1k^J7^gQFw%{t+Q@OI0% zm6H-QV&^Mj?7=lo7Bz2jjXUs?@;p^xjRzkDZC+n&MX7)}kt9;Zk~+UurRQyoqdD3U zJco)tK``54bzg&eIkR;MZ!gkjUSG1bsu~Rg`+7p&wW4~jPV19HJYw*god=?7s;bah znpn}tuE1q%KgE*tbAEvCC$+(OOi<`>$BG7gST6(cW>NH zAyjlcJL~gZ85d6qd7pD+0~zm?V)LLOqxy!@03QKAm=f>IQhLUL2m)=G(?G0An#aEG zI0f`8&bCden7^$?_vYNZ`3{-QgZyk*gO!1CR8&v=jL07`xC)QhV7R0j{m!xNiNxmO zi{60}c&mH2f4s`~w@Jk@*(n7FgjpATS4iBdR0bJNaM!yF5!Lu@BOp&LuEEQ}Oywkm zgGBWEp}UC1*!~q{N$#jaMpb`{R;BAL)R$v1P2xFkAjEH{*J_POG zxTK1Y-h_#^8A3@GX~t!GL$d?)Yi^X~m8oN^=^zf%Mx0`fhEjKDM~L2x!0`Si@5K9l zRaVluRNV3?K&>_p%@=j5NiIonjazs5^ka|R@Q*t>__BKyUTv$ z%FQm7&y-D)4>*3%lv-tDznkakfr5uxdVD<{vtYxz!FtAY6=X<6Vq}Uhg8a@xIJR#m z3Tx1Z4A)Z0in8Dhp~BnR!z3xs#Nk(qs~8}5Dccv`jAaV%(_AZR8S}xj#SF1roiwB? zc5JQH&|KcqK$ic!?ZeAgyQ~H^ib-aCGcHmw@w3NR(q9tB!g++#qVr4&^<3F?=(w^w z$YXb42wh4;F96&*gì*gfU0rJ&6pFs1OP&s7P@6pXZqHjV%forK+Gd_y$c7>m+ zliC7g_C`lUpaYMawHna!*@-csy9Qqp;cGMydGgD12(!p2L5XJlqvm8TR9fCLQedxH zAHD^F;vNS42(cvI-?2%HDahW9lG`xTTrHsW=RxT;>-UXEx0S>Uq~gRb0l7C%n+MWN zjK_FNy_;P}AD+$2PmrsYkEENuB1%ik8Hn7~ew5NvGa0vjv0QQP`veDyhjiqWUrhXg ziQ~z0E16liho#H%Zosz(h-fZ8qw%+5M+a1=g&jH1(-M1@2z;Y_?0IT8ZcyI9U~D>4m`g?7(2d;fHcK4-)Hg z_1Ir@>-JyQ3tN&sJPL{gRgRx0ykX0Y&rfC!7aTE5Z>NPgc%mB^u&!}&Xq0!a_U>pE zH=VJ&p9;eom2lKV`AyV8)j}c-*72yA#dG3&W&}b#9{5#JQV4=uJ^uYcTwUsLM|FcI z9T;*cC)817#PR)>=wPUIn^M0ecD07F_Gji9BH`<7z#W*kujUsLTx}b*P1@+)#D1J` zJ=Dj06!UoZXfwnzVpn|Ff4yPi6BnQ7LrXypzFSyhkK*sfKR1%AHtbbr{n>L3)(4?E znxDKkLPLg=jW))?D^k+6JeVXLkjOJmh7*m{SW4FzsiafBoTi@Pr4@MeNT%_@TGj_% z$8agygmj;d-Fw;*nV&2K-#i&8!bODSKZslE5GopvUl6~Ss8W<)`7$W2LC_9A9zq8h z&nIsY-%TuZXssWUjSTvH4UFuJ9lqQ}BAbpLx>5E~faWSJ)KW_41)s!HTE?m^!?KJ) z*(n05Lwmcrn&h$DXq(aH!wXW`MR_c7QSr$DQ58KX?G|` z<>P_#ohZVSJj;Xw#a;{UO)7jZJr4PFvty^b(fV;B7N*V+@~78jOFuI8OVVAoM8N=wqZ6t-8uu^ zyS^i3Q$Z;tHn)vrdKC&uokM?D^Gst~cL|!B3yg%#*mIM(kQodYU)Aq04Su z7}T(U;@J=8+k+%O7t%|jMeoSJ3>&>37gFXl42vS6Eq8SH6&rezQM2T{w=C+^P}TPl zDU({ho13OtLj)Oj zv$p!T?*ZvRFsbI*4i~k(j3T3i;6u+qKOdhHi^)%XU5`(EpQqhh znFHfXu)fsZo_j;JAyBvn2J()c-jDl?Fi?+p=^B6eq>ApL#x&!MthJG@x``Wph zhw8gD%?kWS2YJ{lbWpD%YL{ou#fsg@WURmXu?l~P;8WL#V0MU-R97sNYGnh?+44+4 zWr91aE;ch_i0>6be2_ex`efG!`WTw?;elA7JEsnqyg?oWy3O~IhJmQ3G`>fyggkWb zBo=TMghG@noet{s+W9XA>nr{se$x>H4nVfQ1 zH*PVN$@F60+E4#fQOH6MX=wBFvxFMs*?-*YldC7W2f^L>eEcIMn<)_dnp#_gTVAG( z0m#G;!RPpMWg^E*55MqEvw=V~37ms-?pxErJ*vT1vvGd!AX&__pPJ zop5%?d<&i$bhB2D4@7lO_e!*}mzr9SZ(S9#`<$NO(zA+zl6 z=A!q}i?tU)cbi?Cms=Hzrb6{NfBbrt!(&39KrvVjfodMufir7pu|HC=U&p_wE7z+v z*ECY$B%zVZG40Z`xN}q*wV0M++JsoGomqj|Nxn-sqk28hHl>qK$uh7s$7^w)b=0zh z6I(+#Dh?m3mmiPvf89R?f!?AoxJ?csEz(COZnoLH?iy|@u!IpQL3!m8JeR^9l%Z*9 z*Gs`lFn%snm2L9Uv(?gPu2U|345XmvA#@G`R>^q@W3v2$bKwuETP+`z?iBvIPtLp2 zW=F{qw8a4nedPP--idc@9}RY;t%kS$ma^FY$J}>EMfGfJB1jey5fBkjBq&kI851H| zLN`sOiIOu&mLy7))Fc4`iQPbxb7}-6OO6eaL(?Fk$zcw^aPNIH@6Ft|)~s3c2dqq%3hUjd!zu>viN< z>-a*#*8FDqx=9t~3aV<~l{rHsG&tv`T|Rp}rl0H%EM`Sql(-j5g&LFMeW3Vsh4M}U z93bRaJmsI5xwzQfpMLYEyuhN?^Il_rNb1P*BJ@gOmS)A|BC{-S`WdC4FW#?S3&^Nn z@7B@OMX_HdZiA8-GyZZc`yf_;8@k1J+I>}VHcI+XnQrYj9oXCF!xD(O6@3M-{^%NJ zK`w1iCV?TimdbBEg%wQf)6r(QpX(Mzc{Vyj$r%6hRH>K(Mwi#0Bz>NTrSMnF^CM`l zP|i>DI{P`{A>OL9W)yLLhEPb@T2MWglEZt4p&$Kbq7SZ`jbw63N4AycS5!9M~=|A>#LDPVTcFvu)D>Y@-0K53@Q+-6HL?`%nP@N=VHC^8@J? zC*jMAF0{?e+Yhn;KffdrC?iRLe@~Hr44sM__-g-d5ulCJ{%w$}VV5lOf2a7jHG%%$ z8v*_OW!(Q(@$v@zJ<7lC$G=eoG>QH($^f9h|G8M^=$&gM1~f$5?E|MD1w3-i>artGzvc7nR4dGdj4nn|wrzUbDlU;h)Mps{< zZlnDElF^-?SMU^#h&IrZxS1yqer?@kLcB1`QO^@}O|m_3Ir;qQ2U}oXHnaROIq?BQ z{=@ix&A~qm`>z#J zDcW`pFF)z(-DBzJkW2Lb*(s=fu zH6*uA^knkk)baUR0*~de3#Qe8b4#?w_kLH(%k3zY94vD0<`HDp_!V$@nqHRXI7cTO3*uDb- zA3gB-Df7~;48uMfASSWZ+oy=qcf&(N%eg*2VGMj``58oAGrLVkcMsxB4m))d_qzRs zzvcvbiVCHy%Zy{C_dW$CVCIi8w`ja2S>NaFWUwu zB}NGc>`cR~Ea0qrt*rFyFI=!OOD3gUIYdhz^*JVC>ul+Waqsg3r(?BpA|a^!moZ?4z)jFiVGCPOEd$OR&58HYfw zjG+f+LoNfYSJtJdpG|7+xSkYQ_LiC5{8(!{GE>k{8N#<1nL6~g*2*0&SrKv`%jt15 zs-u9BDFz)NsqKFoaZe0gcyd%D+%l*&glLjyaU~lpn+Tuj`aKyr=BJt4TG0}t-G7)u zegiQ<*sUZ64#9-TBpuy-`}+~-#=6D)8P++oh4_BHFN-4f-ee+865+a@jMd(hcb9C# zqZQ1ykN}^cb4Hg9i;NWSMDd_a*&biTM9N#w4@+zP?@mWn6N?rLdTyZg_vmyT-QRom z?-9MI8tkWC=B_C5y*D{EL1j*G?y=rmQ3ooJl{gX70t+xP#n@Lmtg4P05w@+)G}5h1 zUR5+yt~pmpKh#_eOBy=^6OFmmpX;PYBKcdK`qCSk$N@)}bqnVr68z(tAgzJU;?4yf z+Lcs9vr7916%TdV!^Ie=+LsSy3^Fjo-rn0Bx{jU0C@Yq%NoqPeAx*j9yWC~--sIq> zuagPCGKKFGPk3J-zcFQ-2-SnlryCBFbjsgJw<@^8h&o(ort$;BXV@ZbZ9Wjc-B*%{ zG3*;=`6R8lgB%G|@>P~1*@$rzjy(A;Rz}Rwf#ZSH==WOQ;PxOYo*LpJ8DZIe$9}Y@ z7ZvFG#DW`!`JAhOrpvE#s;gYU5!Z-a)TBaPWqcM`03R&2#cA(``|v`O24?FhwXPp& zEG2RyKb1oN)j>I-({$|Yx4M!v>inu{vN^GxsRQq93p^*IgxTegGY*Zudyo>iB2BXH zxPkz_7Nuer$UHiYN)P|+OY(<&tZctI#EFG!mQjOGq~pet@9jj1J@g5IrdQ<-IH^?5yW0von(gEHC(VKBJLA&{4C2Zr)k-nfbSBwzah zUVu;tJ?!p0YR8jfMigQu!!#8c9tGS!t?IEk}Oai5z~ehva`z?gICVP~%&MX(3BZp!ISecZmrwXt>YLdI*Q zb~>ks=ndt<^*F%=2LU3Y+4bA(LyKq3TdRF-pOLvzUJ|`JGU_jAv{6ij-h(04UC%U^ zP2jIx8reZ(laLrm*=XN%Msb%d4MT-w)g8L`mCyoC@+> zHyqQjUv0GwA*0E13+z0I$DX_{;7$lc02HYMEh@*A)_h*4=tsMH|EAN&K!I0-r;yfT zeP=*AamkdO6yPphNTY7HnoeXFQf!UnPrrrF`$r=c1P+$+dn#5lUMMH8l?&DkFEl*h z<{R8%QYGPXa`w~p5M@K~qC(*XUHW}KO{%RVa6i6@>Oc+D4tsER>|XNDD~L154P|AU z7w1L=-ef<2p7ePBBkkn?M(AMfT-^4MChN^K;7uBe_5mi1y7y8MarpFGy%S z*8V34-M7UvFtL0&y}N^BP`r$w1oh2`U?B}N4sIWRtq6@z?}&LQ8Z^ghUq(92Rh-LF zjpm(?3Lj{bbFl&t5)^G41fpA0kjNnUkYwrkE>O|R*v`S?L)RC0dl ziJ|SHGvA!#X0pqO2YtbgB$~H&wEF>KSTIA&&o~()G95zr9=WLu=|^kE+?_XdgQNuw zfTBLmZ*7QAR`2kS*)yk+3Fuu9X0w0Vd-{7k@7Zwd0VowUB9HdJ1Eb6q6~%w6I9ufsmDl;TwfL zS0wa-Xz_Aw+-wQn(N}gn06G=>#x!gM5_CVms7=RkpApz z7_vtU{d6S9sl061Ys?c0(D3_$;VR$$s-l+s zYX!|i3D7{Pwe8G{i=(+98h2DFU7v4d;BmuC{YXh@l^Z}G)Iue<&sH^*Jei=JY?xp^ z*k$|_8K~TrwJ=~Ow&^iYa&S6}^in!m_17^#Cd9v^W?S+L)rpzijLr070z0i&AjY2A zKWnQD_Y<%ET}aP1+N+h%@)fRAZk<*mOn~lK@{e`4uU=q}S`% zKB(gS6JU=UqX8t=jB8n#V?$c-Or^HtPaMF-1`MwjR8h3ol1&YUtXR6@B%rqa7DCR4 z-qKa`>AgqZksp@acH)|p)0fsv($ZAtm76? zpd-cWOBqfmtCx=)k#xj#+x9sLjdop(!>0zBBL|v%RN&tQ1$W7;BU9-fxYKe;%ighIy%ztEYsCdF9cOVQje(gW%KJ1#1ETxzr58 zX|5weB9NehV76e5;hLZQa2hbHuR+A?pbs;{ThnpW>+)QnhlRz@Uxuu{fCg9eP~RoB z=9t`pRpk3>00TzFpkms`;lI{?T0ueEvPCaJ^AAhp>6(TWV!Ix22Si*i00zD2omm`8 z5-3$OQbG@kd+twO0%R1+~1R=r*;D(~Y~tZ1sZTN!IjC=*8%vsgx@0DiAL1 zJniBsr-r^D)x}qe8cPB9Hc2tr90w1H{>>s9o^qvzofD*@)w~X9dd(Kt~pKcbZJDYW>G2+-Ac7JyJ z)4QHFIj@SW56pH>ViDtRs4h=0Qo9XmxkX!p%;jE1K3hPh9C$douFS#3P0w;xuw$52 zk*`&T{W>`$C6Y1xQY_wen+w#fVW;rsVpNCEvs3J;`@(P8*$K83ho6F7#(b9BITWOL zcrPKZApF?po7LZfX_8Yp4L-2MaB1<2yjdpi`e9Y{g|~)@@9C00*ytzSs3X>`7Ws*` z;d_K4YK-U-j)xL%&p8O8ZgPe$8qkEKAOHCDP=F|=hL$tmC+ACe$uLEGaev^!WC3?* zLb~TxsGW7rtA;LORR--P&V~7GmO@6Lkp{Uz-l>N^MS9itQ>*(fnsNd(9#v*jqjWUe zg;)Mq;{H=-!xg}c|K7UR2q4V)D_+14jdA{rOVyxO3wk8eDCJ9x_g=MSp^EvOjs_M5 zP?)7t%1(!Dng{00mV~` zYo$RYOlN#-2z&2!JiPQFNYreT4;%C-%6k$ zG=q;$JG}znaAYK~kQ>2+LKe2DV9u9=(ruHv>#G)gxwHy*69S%_X7+#G7yyUPUp|+= z*w?@re-p8R!#^q7B;@}%{8!HP<(}~u{rb=C1K2zM-bwzkjr`>X`p44#7w7xZ&GRpZ ze{}i(*+38W* z>CAH92=S0Kx<2RSMPM#qzK`GRlUXIWy!fx13~cCs`tJU8+yTY^cqjj*5_2){F(paI zbipY091r;j+Uvalo>f+_E6QK+LsVH_+by#=RN+9^KqmYmx0p}mb_M(OTV*h^vTJ<+ z%@**3$)YA@)kGvk%~;N6T-|Py-VZpalaL+2MdkWLPM&x0hpKqq3@v|zHVfnvaAF6u zBSMHT#5^=5rJDxzn{DP2@@;t1{l*PmQ{cfkW&v@9Bpz3*IWUMuO zDRWti77tpe0XgxBaqA{p8(L)k_~WFH+5Bh<#pwynww)Ty7aC7KUVJ zgAGX7{co$hl!m)Aw*wBG7EeT;&q%o$Fox7|Z~%HPcwW0iwR9Hjh`Jfc2izPtD4NOu zvt^?=jeQh*cf)FVhK;&KZ#=uJTHM}HR7l<6wAD69ceDtSi9CR+(GA`=7!j6D=j#4u zCt?31w=}8IsdyeDqunmvVGvqrS3Gm$p)_2l8PKX$_p~QbbR2a*rbUT&p2uRiU$U}D zRATlj9^2g!5EiQG&bFCxd2poLPO!TmnSYW0no#=WzQRe7fCsF;wp z?_*onrw0XBy=s!5p*QEd2Njq(xe%M(4Gh2Ja>jyG;AMYB}P(&~Z#RN7UIa22IaXJZ>ei`ycdOrQ?24 z06TifeUx)wiI4l}+gg7Gb$xb0=i;kb6~-vR)neA+N2J58t16Ivz0Uph+v|bfJV~9` zehC(D&5xnV%XLZlp0l0~0>2s%SvR+io(sM!Czi^h~Uj?vA zkO+gKXfyT4yB}|U9ZFV!|7`oh{bKOV7?*-!7jG&!H{lv63ai{i9`Bt_jUPxQ7y9~(#MmJ8B$n}<6PV_ z2U3yGonLDVNiu}4`VO^8`r3tkFQNng#zuVr;xmpDXka}a&z{)WrjWx|+n@q7sYsW( zn@I zOW_aolNq8jS4y(H36JgzHVako3Z=%?3eb%LB-TP~eBvZj?vMFFqXqHAF2LC52%sZp z5kmc}vl7sWlMh4Qja)mwa!mP26!pj9^$cldt%J*bk2?c>1D`X$Hdwd#U|HnHg7`kg z7n}`CeCd#8D_EXipE7EjkU=ih>FWoqn0)M_3t^wb)b@^7gUz%saS_AckB=x@>gE>I zbRf9#m(ntHU>6RAN3c+o-<=N(6J4Bg0G-}?ga)Q$J5gO>%g$}zW0cf*$L}FR`^x+w zJLEAHEQ|9YPM?9;0Eh-3OX5i`U^QVl9ae?Q1=0(+|<>Q;+KdyBeNE6sVQL! z(R-^=ycV2=JS_(rp#R`{?eM#~7c4YKHFPSxy-(9=!cWCi!vQRt6u7|s+$S&!& zDP{vLh+Pxi{S*>Kwu6+~FHtXTc`@W(u3P;-0<+W*tTTr(Pl#bA9^x!9p`* zd;2F_AV~M2KVwlh?=!sdSHYlf19tU2X~lJQo($zmxE8v)t6O9@X5HQ>k0JLOq;a3} z!Q;i=5w<&a<|zJI&>=u(YE8+z8SFTHn_;y)VkeX2s<)Q$r0+$PyG7qM{KoQ4^i*B# zxnGKnqD16dhIA&;@a3tw()?h~8nPbyS`3CbgP-9gws|K8=^$b?DZGwBKA(D)_sv{! z`eWt@v#)IMh|ha;d}5#K#IYRA9zS6))0LFNE+0q>2WTvYZ&}AtWGWE&nZ`&?i-Z^yalGzS3@W9`ys3 zL!V$X0|P~&LUCm}Cnxr*7aQY05W`>VZL8K$Up5p7mXa{($t!*J>LH*-9;d2%-|xGU zGu)X|TxZg_NB53L)1Ikv?0K>7Pu!vC8-FYxr5hjgNqGByG8ztSF$5b4mXqA3uD)HP z&PS!&ahC1rRmH6e4?xRKYOb?NUk_%ueH}@-cL@~ey1LP>kWW1~ZCTBV5Xc^<7XO+4 zQYpV#8&E_3k##^kFOZ6bmH=Mq=;uqRTxPI8KdSRE3TCd5GN1*5sK1n_)L+SitQyFc zEpxKaS7N}B%3EF@YX}Xs;(IO-jr>Q{FUIWMSDg|jvDMaDYwUUMD&qXKIIlQC>%02S z*WtT(z32+sB~b}8YRE)U#U6+eQj*#y3>%|%nOQSgW2(oxCS+&vS0xX{)4;?KoGIv| zuwzRTo@aROR1jZQ52W+fn>U2_5OGy#c*HSpju5+uNv;WB5r0Tq?En$1o zkR4=mYw{b0Eyl~kp_+0+wSg;vz&f#MJP?UKGJDox6FuH+T;cY-|CRki+q{ zR~F0mGK_3nf6Ps0$XMN979$^Q; zyKNUn7P@8L5_5jeQ2_e)5Xp|giA&hTds^!=QP8g!(=;^{uX!?7ZSHnkpoR!&Pb-03 z10$SfG5&5JvxaRL~?A63B7N!9rga9r@j|G{xkH%<|Wp)x%iPuUwIlyYCo=cL^6H^}%~)c+CqSh?mE< z;kE1jAnzZ!Wv4eF5>g8Gah@iHGLg1aF8p@Fw-I}}!pE=L5@<%9%(uL`@0XVzFkQzg znIsvr&hD;w9nI8f1~iOEO0HeMf_I9hfqkOr3?BC_B7ol+hPfKqZbY{(HRmW7bnL5i zB*hwW`Bl3arqUQ{Lgam>l6WVE8)wL{N_Jl6`~`Pwwy?cmaMWqy4g(=xlqNKSKR@&| zLj^ug1S9=Y{@O*wd)S|5^`eTG$K{$&m#s?snr5go{VlpF$^;QtBdkbDFZiOH70Ke` ze)8?L?JJt)7eWT|++9j#+ydK4>z`cT^~SIaq--_Hj4(@gfNTzk@qUZajQ$9cebhFD zDD{sIv36$fx?2~vo)hLyN}KPh?)NsVAl6a9S#qFEY(Xxob>ayrqB5U(al&&`akXLU z!}04`7rN!_)JLTq%vvF>QR@Amo3=T`tbK!_fX?*0JhJYK&+i9hHR?rONI7Xh))P+t z@yW4}?7KK!#Sd34+U2F?@m}e?Rjk_eXR89WyffW@8cA8i5v@Om>S5IqXzF%+>D+H# z``Vt}DaSVbDkAs_UKH>Q;5SqwpDKfdXr=aQ3RE0G}L2?vPwn_<%Dd1O{PRp&&G_xm*s%vv>FS>Gr^KkMWh^~=El z>G2x7r&5O~(In-f!-)FjJanfkB;OYCxOeY?vpCmJhM||oLXr4f#rAiu^?GyiTlBY= zjc&ifYYx}=1odB=)a?-^JHHuJcJ%!sBP2zwVMtiZ6vhXJBsCaJ ze5t=PVbGFROzWid`ysMtqAYtS{#>C;{s$Clhm zj`VbCU}=umyh6Uf!nYvLs4_Jl*_{cp?$aiPooJ~Lv*lBzg@%{E)QpsS<>4Tk>$lgF zd*WPAM9<3SNb%kw$hyn*6KN7`j2?|8RBaJOi#eNl5-7KsaKaTAHhw%i;2x3>UOL9_ zjleOz+$v1DO9+!WMKsmmbbIe$K3>kV^5&h^2^$Q)qMVu$ZB}9-E!xv! zk^W84Sm6g>%P*X8&cn_2X9K=mu?E^beA3T`WS`iR6?`p_^kF`Ieg)4Th*3lSOFET* zyMTxH?qjohCU9!9pPE*zw-}H9*|aUbT28kO(FRL=mFD#dmXWZR5j< z@v1pA_&i7QakLMC+%67N9}K=ez{CTK{Is{JtZILMiwPmDBZ?7kQ?O*FK7kfEG7LFse+{^)+Oe z2q5i{7mZYtl!_599Y}&#tu?c|O8~muqNWQU0pGcr{EyuVNd5yP0rU^{8$MENCT`s($YKOobqL?wkQpay+RYYhn6ALzy>BH#(=a{s9f`Tqc%yi}z86XLw= z@?Q@B#6$o88pylb*Jb1(R{%Kkoeqi_1O);Y@ZMXn`S@HsLwN$Cvv{gqn^@cuF)4-u zKno?|$Qi>~-_J;tJ1+n{J0ElU`cV3PMpp6xA&KuT7H>3O^hyL!K16&DyN>re{2QNN zMYHEqsBH~^arbwq9Ip$_umCoBXL=oadVVb8u6GH{9}-k5%zi7Hxv=uVeZB-Y`J8~$ ze+$+(H3dzjKjh9why{P)B(u$2^Kg9xMThsN%Ul9|Rk3v`p5``EyoR>E2oTrPu8All)d}Ic1uxc*U5}puJ$e2&asp!vx#kYxwEC)CmS={J=19mTte&>O$NGI(7)p*`Bghn|CDq>1zz*yE^9_2W z!w&~Y(6RGF1WmWpy*=Du{k_3#l29L7{@+2a=wzxVaH!V6 z#xum+SF&ysEO~)8KbZ{BaFpDDc~|yh8GNFbeYC#qe@?YQJXSL`r*WK#INN=Z{bF{- z;F;@3Jx;JmkI9o%^SUN!l(4<5-X4b-v@S!YE`qCUThGIoelUE*AP`bsnw8@r){$@b zjA<+)L(5!NWc=WTD48_}v+$Y{#8$fc&;tELEQWyXDvD3VNnD+aJ0C|b zL3riHXcc*Py~oVP16dmQv4TKd{4I{-B%9p+5y7F<-0rXGmO~0>90O}RrhR#lDiAqm zg?oWj%V3SdQMH06NHSJugbue@B2y0#`FA_wy7n3?pOQVcOTjvGukuzN?tuoOXU1@8 z#3H}pSBZ)9>L;Uh6PC3nmK9tU=z=RqK8bTPv-C3gt~uVqfR{#P9l90lh7onvphLa|)-( z_8Cj@f<#D*D7Y9=zn0=uGE|sIP!y*Fv!%GI7Hp)&3-2(_4|3} zsox_-zD+Q@!(4k_U1p_Bs19R(ZTifejCKDsYI;4PuNK1${h5tAAIeQ!$G*lC*FIK( zfCMY5#JQ%b`FHi`)5|?|I0f1ok*3a^-j67?D2=DO@?lZy;)d?G$lWxtvbi zHDSsukGo)4s>G_2=S^km_!EQ0+ajq<1>xiNF1YxQI4Vx4Sqk=5(so|k{gmB~1!u<6 zR4^r|7=)%ZubpwGrqx%;QEYSb0mpq@+|Cqe`20Xa&8@;$kQx>`iy1SM&ErE&RAi1J z1K`>T5p+4}V9k*%Z1&an%(~EuefC*-KKnzI0{X0C5YcZ)3V&kX!pC6pO|y_#s50Y; zKyn?}3lts18Kc-%nKCsk|qLl$dDzJq`zxw7hnc^p}Ou2|A>d2;>p00+J zqNMs{9;GHp(dD1KQHQy#mk*}8)jvTsOz6FBtH!!G&%E;nzvyer>W_=Jl%a-UV>ag} z5#LofmQSbc-c5rzLk*#9ZjF8BKXKJjZML<)7qr}J>+*wRWXyn|i5mbYY9KG*s~^CJ zXwUwUb)?iEkJN-+<9F^G;Bh0lKfKd7WA-XTgpOU!pi_^hT|#LGS?+K^>^`b2m+{&H z!=8aHMW9Q!zgN3$t{P7r+;fD>bL#Uw?<_Y63Tq(PKQy1#ywOu7w4PBE>0r+#FjeeW zj22{y!hGH}E4t^HRS-}23d(4Ay{&wyC|vyILH=+E31eF^vOGd%|AqF_aOf1?5{yJ#t*I1>@0$5=OG1H% zbBm*Qw`E-8^0l<&R^3_w#&A@}!mA&$d^UGExFxX1KB#p>xK_@HPuKJlPqw~dq$d}` z%dCxp1R1wIn&|b3$StWzJg?v8%L(UO(WbbO-y8-wV<(WvF5e> zmvC>`)DTfH+ZICru%qv3DrWPO{$(`W04E}+NB9-z(kVDLR<@A;*ZrCj#oq&dG{<-K`;1e^jXIYDNlrg1@r$0CH5kSGE~iEuKcZo-=R7j+ zcG1F3w;r-&2ReBC2$X{)be?E6gnK5^#N0|T(if#9zlzBXsF=QcHW4n55-d|oGgTcq z7uj$u!wObDrm#=$3G3}U!cc+7XO&~OYoDyKm?CPW-}yj4BAa?+H#M9GWpCf5(H^8& z;nd$?hQ{~r=QD7S!X$n<><>xSB({AKo^4$hqKyyk7X8l59x-QfTRTW2i56`top*5B z#@z`Uk)mXR3XSCo@r2qOn0Yq+NTmV;x()g0_T5m!K-ZcL_OfRc>n8^B4y9ZCiu1DK zIrlXa;B&J4g`CdgBwW*#+;Z{uFvCVvo8+3x`Yuv$4gV^pBLJjpcaBT_;4_0Yb2YY9 z>e_6|3&S>0-hs9~({zphnram6_#G);e`}T;4yy~j5V{_V9*#0N*pEWiRuxnBEcCfb z&}WFDtazm}#coXS@GYP2Q|FiO=ydV193&sqr< zwKG;lKwrCNw2UmXU?YqwMvLoq2i)9e?i9_-o`gD>=yaIZh-Fx6ruyshRmtcFGoE_Z zQ5TzYUw13oP7}5uZSVhF&n>()r>RB1(eK$HvIT9>*0iQ~|Iynoj_4kW=wGS~eF67` zxI$ZetjBdW$iXH)I$`a^?i>2Rz$@y*Vt2=;;(5}?%bRvfw>&_eg_7sG#^qvSa8Pf8 z9uMz&Q;A1fuMx3KH9()egVVlPY$!1kac-shlo3s=^>z^g?)SW zp^5sF&O4Qj2I-wCpIp7@w4;!)r59rn0^g10%W!?&jR&C4mEEvq%;5N&!s1HJ=^gYz zw|$$|JLmpQb{4quXydFpe}FXgXpuVP8M5yo=wRRJk`87~BfB1JuPu!jWzP zBiy6Ek9>EwTT7d;pd&MV>8^}t0KqYbY835x=A!G{U|%0wvEozc4hKk%0l0_<2*<;m zk63y>+AxHd0AznOOjc-K;X`bTDMV^FrOnvQQR`NNrAO2DJ1Qnk?hkYO(E3*I5=f-2 z1zwAI7YP?FJ697uZpXp&cO%+&6*q-Va5&izW8$rEB$ug=^YP>kF?Jl3O|!qwc8)FV znwnQ1Aq z*a+R<%2!|%j33+?5VnIUB^%X9t@5@2#8bC0y$RpViT)VE`S}?& zKJ}ZwQE+Y4#NH6O*=0Z4U{I6jUwG{vMD7mMcA6c8Omhps-JaE$Y4bgoa zVgC0*^7Dsv$}x|A13H8kK0&VUU3^8hd=IC#z0=z5(`I~#Sb@2e z+9Lk8ZD*q`coMjEi-8sIE~49j^VbNul-O;GZH#~(wvEuzG8d`egdYP6cklia_0<1a zPWAd|sRv$P%fUvGsu097P2Uwylw3 z%u;*IiA6h%^<7J6Zz0Nu)$|ZjbA`6KrYrJ@ceIlbQ!rG~d8Kc#+N;MT zfa5l|+|?_6npMs?uK=M<7aPa-&LeB5nN)yK-JisaUy9~E56|1@UfjP_bX91l9NP*Ls&DkYw43N7voABWTzggzFYD$_ z5d9rmfa0s=EezZM=t71S%`=+N05FbKjKXoQ#aGGSr!$){{^V-G|JBg}3E5LX;vLRC z0Xx3=ql(Fdarm;zf@bM9=JN^AfW@=FZ`fs027oyG$C3$1#{R7*d->r%EB;UQe_x2m zBDCfP)*@Hh2MD-|RT#mS+;V3eJYb}v)8B8rZi=bGQTSRb2_akQ=jRTuNvML{Z{VN* zA^oKC!{woEI(jXp)5H5MN9#4Tt#`kfL}i#AnHLSjGtQy=%GZ?k2k5NkP`Msb{HG!l z>A$4N5D%dr3GvXTzVGFH$PnY<4{I=ZKczecBY|sL9bOt=c}llyb?a3F8F$^Laoq2_ zxNASnUsl7|1RD9}oV+r~iin5ZwRY!J2_E+dr|{ zOMLpjE(GycORT1+S9vSoUmevY8ZD?+E%5RD;vD!BUapf<*J-NtC7q_tw`umb)>V8= zFTP^Df0e3qQ$bkf>uSftNRRkY9+`{N`AP5N(-iwSnzraBl^YPh2gsafCZ*?l>l5Cd zy%DVaOL6O(d$xI|V;`SpeH$yc8m z^(t2o@uz2~EI&x9(CU`tiOTSC)lF2Tol5fdOwFBAK4aBkn_?NVszVnoPU_K4#n;zP z+EFfx>nBrI+DUIC(P=ej?>H(g6{mREQkGpc(&TmHn?o&R8?AIs5!}i9#ln>h9Q*4w zC!ShkgSMc!mFn~BsT0XR*4vqxx&>wG+#jdwQNm=YQe;MPB)#b=j#^KR8e)=amCzxR ze%1Az-14AWRYKpz>;t<=2g@e6ye%gvv5~sjxnr}-uh}6t!|sT58+yC6zFNGC`x11# z==_#B2Z+3GLXOSkQ70kT+=4M61ruG!H;Cek;r+z*!H7yGEvT1CwQX9U#6QJWX4>Zy zBd3;9j7`oDvfby|?9Y%1F7VsA{>{he0-;E=q#F6B7E{*|;|XuyOngs1fqyFAS>DDC z6OX=RSzouHPwC_S&FfUxmq#xnMb1t4xJ7x&GEg3VhEYV%&|#ZB5%b7~vgHE67dOIZ zP(jXp5*Z&Cc}4)kX%Yi2*YNzlsSwp`0BG9n&BE8S;Ub@ubVq-Ddu-?JIzmD3DY{F~ z^J^0P%sOpKO-oH{nYY)pw5@#(eZb;hRT3jPncy3_DQ`rWpgy_RDW{n{#W`MgeOypt zCflPJ`xKxq%9mFdN~B2_Jm&~cw5sVB@C8wQY!dS` zeTB1FDwyrOmc+Ffnmf9NwDNJ;b;FdQr5%~%ODATVI?Cu$iV6q+_)1^e)+m8+xV2^Q2V3TwMFJS}+y-J{D23>qgCCF!TJoIRNyjIWcpEOs%a^v&35JSFFY zZ39jILXI=ADgnln5A9NUgfo^icGQM_f=9m-aE*emHTpQ)}Ny-`4a+M>8s9 z--Ku!7;vr4){Nr=c2p@8FG+n7`vj!nQrK)|%O`x+j!?;aS#Sy|&QDY%tio6HB@4nu z;r}}0K8U%kif^qgvOS&CQ;y^5%?xuhVx07kU;Xvs`9zi2k0pKfYs~&;GSQQUIn(4f zAjP)K#6#nRl@e=!pf=WH{|VA*h`hHx$%QQYHoA0QS$}#n5NtH@^h+|vs;{@hi=wEj z)P>=zaZ=fkYvwdl_arvkX7JqxMWw}j7d`!nH_ZDQ_X$r(?dxUcQF!i-wVEOAO^C0= zr@}(T9b%4WS9~bA&AMGm3oz|*t3CbM7R&?~y^zn>v6{Y1p^mF*P@%TO?rTO8NE-;x zs^t8cCXSPs$JtG|((Sy97-m~h>h`=lJQZO#JG+%)PB_@nTxxbND#KVmSLg1CE+a6O zZAcx>?^S`}IR`|(18q9&FQ-jsjREn`o0|DbDOb&I zulQ=$HRy4f(UBQuQThwHQ->>VO3j2*#5rXXl{T*4qrTSi1jf^XE8S00w{~|JQgdb? zyx}4uwZXUC9s*=1gs@#LYjr}=OwpS0Jdx2#M<6fY;hh*LrDS4wlPv46aiPTUj!)p= zDOjhJUaHg6*^t=PC`nkqW@5{qBEH*lexGdW2G@>;PhRjIZc}H*kzd(9Mp|K(NyxbL zQAvM8QC*ilkhE$2pvnbQ$o1WXZzfs^pQN<&f6szzn#ITD1cb~S>=`3V>T2=d z_H}(uY6lz1LUDV)EZ;YK?l7|vR}hb&(v7XXl1Jxa_U6FlOr-{yZ{w(_m@tqTIqA|7>B2gUlWO5tjv1hXm&rfQ{1}%Jh;-@78kp zNLS_lUQUUS@YN{N$pn)Q`DC4HCDV=td(OxcfP$Zoj4;D+6 z^M284=qpn;_oT+-ZCZI z>Ds-1o_(WELg1{0b1`m@`qRw8#o3m5QrhEuF-G$pE3J?M{JsxF{Fs~fBf`go1vBJ4d9SscG9qbA%|Ze&tN)$H2f+I~ zdO|q*c`C4oesKR;_m;j9@E{cRzK@*Hn*|=hsO@CL^=h8jGMAq=UWExW_OON% zJAbvF|H;}18M?ei)`+6wk+wz&!B?;4U4KSa%Sq|CM?NIn8fD3KQM^MJ7U;qKfqvL5 zx;eCCn7ejnVmQlDX^NQVVu~2duTYI$^+ZR?kzTgH#RS=Yd&_xjz_pU`vgwOu|Lir> zd5PEO?|2Od_6NFQvrEl)qMqA{)yfFmJU{CBAKhJfJk;CYR~dy+$r`3j%DyjSt6P&) zsLPD8jgjn8V(deiBq{EbPV3EaprU0-_LyB2VB97JL`$u()Q4Ku19Zo2T2!2EOkE7jG&{GH%JDE zLd=)^NpIgr(9SoxcAL5@bJY^=c&?8G1y{!d`k9lkH^=3LuTdQ1rN z>%pMu+xZk`xmze>`|9pz2XX1npxi;{9&QjPaN&DXxynIIN#n0|^W2z)&b#IF(8XBl zN+b^cwbA_5rH()H*37F*qTlk{SC_QE<+rYSY~;YC5U&D=!MTBH>wo4|xN?(#sZ{Hi5rxSh+20x)+ViSO3rm-#cxbRwMLmk}tx zliQ{f+>4ywSd?`U(ad( zLXL9>8v7@J*ndfs`6sSLQPo*Ew0OJg#?4x_`0-7Pt|9dc}@4rq#|TkxfGNFarIt~qeBkvtTvfl8 zKD^)Hg_cAAS<8_xtD*dQZ8i-~m9*aKBBx7oV9BL=imt ze0srhS%1w{ZOA0gw>966FJ}P{@$nJ3cr-_(70D{)E8J16U|fIpS2rDD?OCi!L~n%m zvIcgcVekSv&}I=O3+VlnCf){pU2fY?K-P6Ut%9-g*{i%M|341QOwrk zAlXAKht>;j8A$f*WR)5!0ncf&YY&puklqu|vyK3u8-3KKhZqOHnWZJ(q+Xp@Br34% z^dRb+IRrZ#kE@I^$w2K1jFw3#a((HcL%gfC&@EMU|VRUg`tNBE9n)F?RX3PmueilISBMmjgucjfgt?cvYPd1b|LZv6}dkg|>-yCvH%0+8!>s zG?6^$SFubO6|XnqsNutxGUIw&{Y3GhQ`vb_`*-*%dA$*d$;%bjQgf%h}XP3k`_1Tg;m4y4Ho2FTZSM)H{s0pmOGbuBnsC#r`F=SWQLbAWv4#tUDe4v``5^a{UKw1DpCV;yy+K}v`du!Vs}>57~=$SBupNrfg-6F_x{ z5WCPGpR5|pxltPPV_w8f;5klDEMwKwWZ6#&QNdVM08Oqen<|OUZJy%YsqP-C5>%}n zz~$;|9Moj3r8n*@Qc;lD(;JaA-fLl!kqgGEsEbTWWp$vmRX~1-MmZ#8D5sk4p~bg- z2w%O!`q^}b$2)w2c?{Qg2XewS^jdgRym!_y<^IYw#lidTOiD{%-Kh|l+%|xU0+U*o zK2xFzDFSA>6P9jwccF?tUh=J(I0xXC9z1^%3w*=D{!;;2(^FfGg|-m1c5M?NvWSJs zfl~PVps%d~ihx=Y&xd^bNdZB;n~s`CA(@#+#fDi6_);rGU!rX{dHgA zO|fmZniN#DDuTrow$5HBMmtpTuO2Q5PKm%AbjQR&pi`B6w2Q};If0!9Q@}8kTmq? zH&8X72MJY_PE`)_lUs`{=lszx1&_J1w+mk8`6b`9@kv=H2QF0m!h@Gp<#RU6&x2v1 z;{4~kkX1URr+n&A%lxFRJx5k3C10|GVGd{c&o?8rsYqh^Q-eQ201aude;!CAW2YV|gY zfgqV*@AiNE`4@8EQSkk_d;Vh?pu_*!2wtCeCClWOBD4t@t zg|o7yNfeY7SDn6q?})x3qf%$)q)Zp&E#ayZxL^QZdk-uXMI$9f7T6QqlE>>Ho0X#p zr&}wZG?J%gR(ejmwzvt$V*3@9iwmgrzot8sTAS!6G`J#NNh@Am4~y@Z8t5)TSREY* z&EBg$(%ZbD&}FfjtHg4#z$5sL3ksLV6dIL>LgGZIn&5b%-#fa7eVcx5YpxRleJ8r! zAlrVh*ZXl#U-d`>)bDYubAbAOmm#o-T*m$s3{kkD9_H9+T+`f^)i;+V93bDi$uoAF zxPJTQeko}`WCqFDy!p2)B8_<`cr%S0jvVXat$rh1dpt|s=p>xc}8-vtgp|O)sU!Jy) zCSS~B4=vwIe|!!gU6;*5MVpn$-A#-Re`V{}8u*LhL%Cz>LiAe2&%cQI3E|x(&1;_h z?&9%6e#!mNU9L1prE8mNc5AK1$%;~yD$3Btmd<0kN}?|qV%hGeGxO$(#fZOHn`pyc zM>~R-lf%ceRjHvriPW|6oICt{ER-0R_N*H$#m#&iDI!N|J{RZOkf|j=EFU&)Y*SrY zFVxUS!W@yVWCfk#f!{9_RV?ahST+=q6y=`Z^03Cq1RADgVfpy)ZR*dd9QZ&+g(%L( zv`ngkP8A;KPm7J%vgFa_CZ}%qEhut#nARcEP+Wk&?!sFtDx_>Q$FK9%uR4(8Y(Ed6 z54ZuNFy<+rRYN+uJ+!C2L%xa|9@9?u5d~Ks++!|;r_~QKbi~ifgh!;_cs|xh^m{sd zfcj1_jiP`i@J|*O_7ctE8K|RlENr-2vmx={dZPkPAZ)k= zrY(XYEiw$LFDq%&uRetLA=kI8<&{^OoI;E#;7Awo6Pbcw>P0)2LPFJxq23@4Tmos)q^ii8iz*n>p%tyIZhh_E5s!JlYWU^t zVs7E1Htc9~@C1aiAv{m@0X^?^1`ki3ZbQ+is47cVmz#32Q+WZo3p|G8jvF9cO@D^V zrOAoX>j4WAFZK)w;v<*I>oo_X`t6k}MI1sel4}_E%KPm*H)k^!ms3}h&#Zf6?bh0j zl5K^Up3QCd^Qsq4vaW>(FMF^h$4sp-71;kmy!Z79{(sNO$B09fU5A{P+Da;+>Z%~> zv?{23KX7=P>1?GFh3x|wEHWxbqMB7(cml@6T9E{NpW|8Tkj$o2e z!(J7E6D+Phw7|D~fALiK<16lahlRh$zZd)qo(%ut;_xFK|K*B5((s2y^#5imTXiE< z$`VgQ_6SCtduDu2y7`t;_#Ho|yz_IxZ|0fI?)PQxVXv=8rt(oR`B&r{JeTc8*17is z#K3UBwE;TYwX(Owf3o+t2 zP*c7dV8mL=$eZ2mcXqEf0OI@0@8fKZzCva)7^OM};6tR@cUQu0 zP=A1-VFyFneFta=09VExMuVMG!!9X7Fm#9C0H6v0bpG{yhkIbhKnLFct1@7zh3~Kv z06YWKhs66l+wMWnUTkG-KNbsMzOON6;RWHE4bkS-hP@y*+?SuIbsVI{_IpR29986& zhDnv`EB1W&I^@!D^7=7~np{25g2YOV^J{i;CtlSp{8){wUxd}(O%e!VzRci&=hH8_ z1cN@7VWWK$TWW*(0zK#A0>+tZl5I=lLZEA{rk!I65{*;XiO5!9n(s}BS-&}=v-6EL z9qqz7;F{KENVD{lmfm;{{I=Gt;UAaDOIgAS9wPv(CY* z-l6Kx7!w<<#GPs?5!qMQ-4w0`ht0w2p2r=&7U*NRb@poe;&G!F0UkPQ3|ArQ6#Mp= z7GwlaHHnSd1e#2Axz(vNo zNs!6-><>e83VdiPmSy`%mOts(zZ`&O5TsyReJ@?t7+V0ExdmZzA@TyG;G zCVL}Fgl$kU;danwU%(zn$TSim08m~@Bmx5;-EyA zo6_Sz=Ph>^Z|I36#86!F7f$oZl<=v|mv4u`luciXysVf2zETaPatfX_ZSZi`wuJNI zvYx=5AbGo}h?RNu`@r@d7Rwq6gon-{daY!6rjO)ES`EuSFZbIPzd-lOy@Yrg8ED$oJdhiKaZ8#)M!B>3^f)(tphL&JN7UhHxpVYg+|DYehF@;W0scp_yh1CZ|jjVZAM_TyY?9mC|_-}EE36-G&@~z=H2CN6C=1JN~w?R7UC=~`O~!s%S;jUUTvkO0;{x{ z#thobSQ|1d6pLKwe#A!&CAq!iZA=oEl~#3mIF?;-E9fl3?fxmm@NejsV+%b|A{Mg8 zliDET{i_%Ykro<%&elOd1!jbDWB81tvA-(^ngVCdy+8MJf!WFs(LC(tRb{C)&z~h} z#dh!R`PvWq$q(=#%+=&-DdeN!@)7$)@pEI*L+sWEB{EYqOO}Vl+l&nnCBfn(k9MBz z5mqThkmm17@G5-Rgyjn(V5dyygjY~=#jMmVtqMp`?G#lWFM8$ms}cy_tua(l#WucE zyaxJ~Kn^$m(T7`^kGA&=avIWsG!-FgF5|KUTQ> zn*{R6P*9*};wx7HNkpJ7VxoDO9(}^_7O-a+v*BFf@c4KoSh=+#!a4nCUx+WJ11#;X zd!c2vgR_>HEoWlhonnXi0(z?i1HaL>sga+!aNPh=#V+}oELNZX-ZNld#C|p@Q-?IR z_NuLb!}uqtJwCSy15sv~38`PIK*m+NH>9~JY42OMg468dN=r12j1Y=Iys}nP;tPNI zy?NM^bIDCt8;KlHV2M&=xyMIzR%{5hdZ3oM(V^NV;Ac!`x1GS^>*k@;z?W3j0cu~) z{-pY>6oBYtD-0DjrXTS$64RVjY#`uqVL{&tH6(WXvPu*x(?kE3$r00a3Mz~QcZS}O z{tUWo`eww=Vj<-=aV^5=zP|kDr0#5)m`uxrgZr-qW9ds7av~9}kJ-)At8gnO>Wfh& z!96*rnkzn)57NxDrJjl|v|px&O8|H209nPL4auo-$*L{7)|nL2C+pKAfgdoyDwU~3 z^~MKjx#u^N*3W+VIiat{ArmX-W`*;1{M_VNinD67urrGjCyvzBxjuL}WSAUSqBhS1 zlA;g4WgL%X@xUNmR_kA+WZ#V(``vZc1(;F0uDs2jSNChLR%G)prVFHBiS7^S9I4hH zJ@i(Q^I^~Ammywwf8udTX@yH6;sX0VsGc^2dg7TeVzP2j5t_j*N6S`#EOEXC+X)2 zrTr!oGf=&3Xc!`S7plJ9WS#_(N(+AHpzQweUTWa8m?1g2O~Lq#rr0oWS@!TysJ<&_ zD=cOua2#AS;F*^<_)>I|w|ztXh4taQ(+5zss3sYHw2T^?{r#y$*^Fxg(5oYO{cMq^ zzw|6FEgQ?RX9=3+rO_Xrrk_9Dz`#A&1h;rtj`{q;@u{cLZ}gHvb&9&Gb;{i~WxvwT zRc`OF?;A64vy1dROou_fbS|fnQywq5z zY7Eo7{<^~4b5%HC#h*RSqLq72`UJ(6t6h;n8ez;zVk^=>*?_fUQyG0UKc}EiDm;ku~k7 z+q7hHM03k+MiNczcKoAX=o?GL7}bvpDDk>pMWbbz1*2S8O%gA0udEQBXn&Lcvk~Lq zkaJfNauyp6#T~xeY%w?;?jL0CkCwTo79Vy*Rfe1RG`2a*O_$yg-#B9$A1~z+9m^iH zY&{OUp4GPLYmOO;Wl&D`tZ^liksbMu*B58z?XGlbfyv3t&D8DFr#o5#1VwKNiH;NY z9Y^Sn;L(-kJ!dupig2s+n%4UWfzoV@N|7H%vhbhw^m33HYwM_@L6zVgl5}wdaQgguD%w4@09l~y57CZ4c`yh# zX?+vzW_MeC75!ree-Vvx!vPDDSRQt7YW)?u!t^z2k1Jo7+p47YQot8Q;@(oDQ>LsF zLJlQZl|#}gRX_9MudJl-0!aP!JU1uL?R7z|&pRFm#&|CS;1T}tFftoZ`%#=y6=fbu zls+t-GFVlc%8ayE=P28dI=Q_}OmJs9?|)_~3om8Jscmf>w*+ z=tnukc^BD(k7XG$W1D)PKd=j}Zcju4d$9SgYx<7C3z&spU%M#sE^fSILjx~B_yh6> z`#InTCQh^4tm<&nb0=t11emLu+fb?dM8jR(5vkCu*xRe{zy+OZhTBBL^J8jmTVf5& ay { } ); - expect(screen.getByText('Deprecated connector type')).toBeInTheDocument(); - expect( - screen.getByText( - 'This connector type is deprecated. Create a new connector or update this connector' - ) - ).toBeInTheDocument(); + expect(screen.getByText('This connector type is deprecated')).toBeInTheDocument(); + expect(screen.getByText('Update this connector, or create a new one.')).toBeInTheDocument(); }); test('it does not shows the deprecated callout when the connector is none', async () => { diff --git a/x-pack/plugins/cases/public/components/configure_cases/connectors_dropdown.test.tsx b/x-pack/plugins/cases/public/components/configure_cases/connectors_dropdown.test.tsx index 34422392b7efa0c..6f05f9f940d25cd 100644 --- a/x-pack/plugins/cases/public/components/configure_cases/connectors_dropdown.test.tsx +++ b/x-pack/plugins/cases/public/components/configure_cases/connectors_dropdown.test.tsx @@ -190,17 +190,17 @@ describe('ConnectorsDropdown', () => { > My Connector + (deprecated) - @@ -293,7 +293,9 @@ describe('ConnectorsDropdown', () => { wrapper: ({ children }) => {children}, }); - const tooltips = screen.getAllByLabelText('Deprecated connector'); + const tooltips = screen.getAllByLabelText( + 'This connector is deprecated. Update it, or create a new one.' + ); expect(tooltips[0]).toBeInTheDocument(); }); }); diff --git a/x-pack/plugins/cases/public/components/configure_cases/connectors_dropdown.tsx b/x-pack/plugins/cases/public/components/configure_cases/connectors_dropdown.tsx index f21b3ab3d544f36..c5fe9c7470745e8 100644 --- a/x-pack/plugins/cases/public/components/configure_cases/connectors_dropdown.tsx +++ b/x-pack/plugins/cases/public/components/configure_cases/connectors_dropdown.tsx @@ -14,6 +14,7 @@ import { ActionConnector } from '../../containers/configure/types'; import * as i18n from './translations'; import { useKibana } from '../../common/lib/kibana'; import { getConnectorIcon, isLegacyConnector } from '../utils'; +import { euiStyled } from '../../../../../../src/plugins/kibana_react/common'; export interface Props { connectors: ActionConnector[]; @@ -57,6 +58,11 @@ const addNewConnector = { 'data-test-subj': 'dropdown-connector-add-connector', }; +const StyledEuiIconTip = euiStyled(EuiIconTip)` + margin-left: ${({ theme }) => theme.eui.euiSizeS} + margin-bottom: 0 !important; +`; + const ConnectorsDropdownComponent: React.FC = ({ connectors, disabled, @@ -87,16 +93,18 @@ const ConnectorsDropdownComponent: React.FC = ({ /> - {connector.name} + + {connector.name} + {isLegacyConnector(connector) && ` (${i18n.DEPRECATED_TOOLTIP_TEXT})`} + {isLegacyConnector(connector) && ( - diff --git a/x-pack/plugins/cases/public/components/configure_cases/translations.ts b/x-pack/plugins/cases/public/components/configure_cases/translations.ts index 4a775c78d4ab87b..26b45a8c3a25068 100644 --- a/x-pack/plugins/cases/public/components/configure_cases/translations.ts +++ b/x-pack/plugins/cases/public/components/configure_cases/translations.ts @@ -163,16 +163,16 @@ export const UPDATE_SELECTED_CONNECTOR = (connectorName: string): string => defaultMessage: 'Update { connectorName }', }); -export const DEPRECATED_TOOLTIP_TITLE = i18n.translate( - 'xpack.cases.configureCases.deprecatedTooltipTitle', +export const DEPRECATED_TOOLTIP_TEXT = i18n.translate( + 'xpack.cases.configureCases.deprecatedTooltipText', { - defaultMessage: 'Deprecated connector', + defaultMessage: 'deprecated', } ); export const DEPRECATED_TOOLTIP_CONTENT = i18n.translate( 'xpack.cases.configureCases.deprecatedTooltipContent', { - defaultMessage: 'Please update your connector', + defaultMessage: 'This connector is deprecated. Update it, or create a new one.', } ); diff --git a/x-pack/plugins/cases/public/components/connectors/card.tsx b/x-pack/plugins/cases/public/components/connectors/card.tsx index 86cd90dafb3763b..ec4b52c54f707d4 100644 --- a/x-pack/plugins/cases/public/components/connectors/card.tsx +++ b/x-pack/plugins/cases/public/components/connectors/card.tsx @@ -6,7 +6,7 @@ */ import React, { memo, useMemo } from 'react'; -import { EuiCard, EuiIcon, EuiLoadingSpinner } from '@elastic/eui'; +import { EuiCard, EuiFlexGroup, EuiFlexItem, EuiIcon, EuiLoadingSpinner } from '@elastic/eui'; import styled from 'styled-components'; import { ConnectorTypes } from '../../../common'; @@ -59,16 +59,20 @@ const ConnectorCardDisplay: React.FC = ({ <> {isLoading && } {!isLoading && ( - + + + + + {icon} + )} ); diff --git a/x-pack/plugins/cases/public/components/connectors/deprecated_callout.test.tsx b/x-pack/plugins/cases/public/components/connectors/deprecated_callout.test.tsx index 6b1475e3c4bd01e..367609df3c887c2 100644 --- a/x-pack/plugins/cases/public/components/connectors/deprecated_callout.test.tsx +++ b/x-pack/plugins/cases/public/components/connectors/deprecated_callout.test.tsx @@ -12,12 +12,8 @@ import { DeprecatedCallout } from './deprecated_callout'; describe('DeprecatedCallout', () => { test('it renders correctly', () => { render(); - expect(screen.getByText('Deprecated connector type')).toBeInTheDocument(); - expect( - screen.getByText( - 'This connector type is deprecated. Create a new connector or update this connector' - ) - ).toBeInTheDocument(); + expect(screen.getByText('This connector type is deprecated')).toBeInTheDocument(); + expect(screen.getByText('Update this connector, or create a new one.')).toBeInTheDocument(); expect(screen.getByTestId('legacy-connector-warning-callout')).toHaveClass( 'euiCallOut euiCallOut--warning' ); diff --git a/x-pack/plugins/cases/public/components/connectors/deprecated_callout.tsx b/x-pack/plugins/cases/public/components/connectors/deprecated_callout.tsx index 937f8406e218ad4..9337f2843506b20 100644 --- a/x-pack/plugins/cases/public/components/connectors/deprecated_callout.tsx +++ b/x-pack/plugins/cases/public/components/connectors/deprecated_callout.tsx @@ -12,15 +12,14 @@ import { i18n } from '@kbn/i18n'; const LEGACY_CONNECTOR_WARNING_TITLE = i18n.translate( 'xpack.cases.connectors.serviceNow.legacyConnectorWarningTitle', { - defaultMessage: 'Deprecated connector type', + defaultMessage: 'This connector type is deprecated', } ); const LEGACY_CONNECTOR_WARNING_DESC = i18n.translate( 'xpack.cases.connectors.serviceNow.legacyConnectorWarningDesc', { - defaultMessage: - 'This connector type is deprecated. Create a new connector or update this connector', + defaultMessage: 'Update this connector, or create a new one.', } ); diff --git a/x-pack/plugins/cases/public/components/connectors/servicenow/servicenow_itsm_case_fields.tsx b/x-pack/plugins/cases/public/components/connectors/servicenow/servicenow_itsm_case_fields.tsx index 096e450c736c18b..e24b25065a1c8ed 100644 --- a/x-pack/plugins/cases/public/components/connectors/servicenow/servicenow_itsm_case_fields.tsx +++ b/x-pack/plugins/cases/public/components/connectors/servicenow/servicenow_itsm_case_fields.tsx @@ -157,7 +157,7 @@ const ServiceNowITSMFieldsComponent: React.FunctionComponent< {showConnectorWarning && ( - + )} diff --git a/x-pack/plugins/cases/public/components/connectors/servicenow/servicenow_sir_case_fields.tsx b/x-pack/plugins/cases/public/components/connectors/servicenow/servicenow_sir_case_fields.tsx index a7b8aa7b27df51a..d502b7382664b62 100644 --- a/x-pack/plugins/cases/public/components/connectors/servicenow/servicenow_sir_case_fields.tsx +++ b/x-pack/plugins/cases/public/components/connectors/servicenow/servicenow_sir_case_fields.tsx @@ -173,7 +173,7 @@ const ServiceNowSIRFieldsComponent: React.FunctionComponent< {showConnectorWarning && ( - + )} diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 0445d9de0634eb2..d95acd2e7d2bcea 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -24915,11 +24915,8 @@ "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.categoryTitle": "カテゴリー", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.commentsTextAreaFieldLabel": "追加のコメント", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.descriptionTextAreaFieldLabel": "説明", - "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.destinationIPTitle": "デスティネーション IP", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.impactSelectFieldLabel": "インパクト", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.invalidApiUrlTextField": "URL が無効です。", - "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.malwareHashTitle": "マルウェアハッシュ", - "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.malwareURLTitle": "マルウェアURL", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.passwordTextFieldLabel": "パスワード", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.prioritySelectFieldLabel": "優先度", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.reenterValuesLabel": "ユーザー名とパスワードは暗号化されます。これらのフィールドの値を再入力してください。", @@ -24929,7 +24926,6 @@ "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.requiredUsernameTextField": "ユーザー名が必要です。", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.requireHttpsApiUrlTextField": "URL は https:// から始める必要があります。", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.severitySelectFieldLabel": "深刻度", - "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.sourceIPTitle": "ソース IP", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.subcategoryTitle": "サブカテゴリー", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.title": "インシデント", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.titleFieldLabel": "短い説明(必須)", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 210392d11514e80..3d11a22b24e1b1a 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -25342,11 +25342,8 @@ "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.categoryTitle": "类别", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.commentsTextAreaFieldLabel": "其他注释", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.descriptionTextAreaFieldLabel": "描述", - "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.destinationIPTitle": "目标 IP", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.impactSelectFieldLabel": "影响", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.invalidApiUrlTextField": "URL 无效。", - "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.malwareHashTitle": "恶意软件哈希", - "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.malwareURLTitle": "恶意软件 URL", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.passwordTextFieldLabel": "密码", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.prioritySelectFieldLabel": "优先级", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.reenterValuesLabel": "用户名和密码已加密。请为这些字段重新输入值。", @@ -25356,7 +25353,6 @@ "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.requiredUsernameTextField": "“用户名”必填。", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.requireHttpsApiUrlTextField": "URL 必须以 https:// 开头。", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.severitySelectFieldLabel": "严重性", - "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.sourceIPTitle": "源 IP", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.subcategoryTitle": "子类别", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.title": "事件", "xpack.triggersActionsUI.components.builtinActionTypes.servicenow.titleFieldLabel": "简短描述(必填)", diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/application_required_callout.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/application_required_callout.tsx index 561dae95fe1b7d6..2faa5a9f4a5e0e0 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/application_required_callout.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/application_required_callout.tsx @@ -35,7 +35,7 @@ const ApplicationRequiredCalloutComponent: React.FC = ({ message }) => { ['action']; @@ -41,24 +30,6 @@ const CredentialsComponent: React.FC = ({ editActionSecrets, editActionConfig, }) => { - const { docLinks } = useKibana().services; - const { apiUrl } = action.config; - const { username, password } = action.secrets; - - const isApiUrlInvalid = isFieldInvalid(apiUrl, errors.apiUrl); - const isUsernameInvalid = isFieldInvalid(username, errors.username); - const isPasswordInvalid = isFieldInvalid(password, errors.password); - - const handleOnChangeActionConfig = useCallback( - (key: string, value: string) => editActionConfig(key, value), - [editActionConfig] - ); - - const handleOnChangeSecretConfig = useCallback( - (key: string, value: string) => editActionSecrets(key, value), - [editActionSecrets] - ); - return ( <> @@ -66,45 +37,13 @@ const CredentialsComponent: React.FC = ({

{i18n.SN_INSTANCE_LABEL}

-

- - {i18n.SETUP_DEV_INSTANCE} - - ), - }} - /> -

- - - - handleOnChangeActionConfig('apiUrl', evt.target.value)} - onBlur={() => { - if (!apiUrl) { - editActionConfig('apiUrl', ''); - } - }} - disabled={isLoading} - /> - + @@ -115,75 +54,15 @@ const CredentialsComponent: React.FC = ({ - - - - - {getEncryptedFieldNotifyLabel( - !action.id, - 2, - action.isMissingSecrets ?? false, - i18n.REENTER_VALUES_LABEL - )} - - - - - - - - handleOnChangeSecretConfig('username', evt.target.value)} - onBlur={() => { - if (!username) { - editActionSecrets('username', ''); - } - }} - disabled={isLoading} - /> - - - - - - - - handleOnChangeSecretConfig('password', evt.target.value)} - onBlur={() => { - if (!password) { - editActionSecrets('password', ''); - } - }} - disabled={isLoading} - /> - - - + + + ); }; diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/credentials_api_url.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/credentials_api_url.tsx new file mode 100644 index 000000000000000..5ddef8bab67006e --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/credentials_api_url.tsx @@ -0,0 +1,89 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { memo, useCallback } from 'react'; +import { FormattedMessage } from '@kbn/i18n/react'; +import { EuiFormRow, EuiLink, EuiFieldText, EuiSpacer } from '@elastic/eui'; +import { useKibana } from '../../../../common/lib/kibana'; +import type { ActionConnectorFieldsProps } from '../../../../types'; +import * as i18n from './translations'; +import type { ServiceNowActionConnector } from './types'; +import { isFieldInvalid } from './helpers'; + +interface Props { + action: ActionConnectorFieldsProps['action']; + errors: ActionConnectorFieldsProps['errors']; + readOnly: boolean; + isLoading: boolean; + editActionConfig: ActionConnectorFieldsProps['editActionConfig']; +} + +const CredentialsApiUrlComponent: React.FC = ({ + action, + errors, + isLoading, + readOnly, + editActionConfig, +}) => { + const { docLinks } = useKibana().services; + const { apiUrl } = action.config; + + const isApiUrlInvalid = isFieldInvalid(apiUrl, errors.apiUrl); + + const onChangeApiUrlEvent = useCallback( + (event?: React.ChangeEvent) => + editActionConfig('apiUrl', event?.target.value ?? ''), + [editActionConfig] + ); + + return ( + <> + +

+ + {i18n.SETUP_DEV_INSTANCE} + + ), + }} + /> +

+ + + + { + if (!apiUrl) { + onChangeApiUrlEvent(); + } + }} + disabled={isLoading} + /> + + + ); +}; + +export const CredentialsApiUrl = memo(CredentialsApiUrlComponent); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/credentials_auth.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/credentials_auth.tsx new file mode 100644 index 000000000000000..c9fccc9faec99ea --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/credentials_auth.tsx @@ -0,0 +1,110 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { memo, useCallback } from 'react'; +import { EuiFormRow, EuiFieldText, EuiFieldPassword } from '@elastic/eui'; +import type { ActionConnectorFieldsProps } from '../../../../types'; +import * as i18n from './translations'; +import type { ServiceNowActionConnector } from './types'; +import { isFieldInvalid } from './helpers'; +import { getEncryptedFieldNotifyLabel } from '../../get_encrypted_field_notify_label'; + +interface Props { + action: ActionConnectorFieldsProps['action']; + errors: ActionConnectorFieldsProps['errors']; + readOnly: boolean; + isLoading: boolean; + editActionSecrets: ActionConnectorFieldsProps['editActionSecrets']; +} + +const NUMBER_OF_FIELDS = 2; + +const CredentialsAuthComponent: React.FC = ({ + action, + errors, + isLoading, + readOnly, + editActionSecrets, +}) => { + const { username, password } = action.secrets; + + const isUsernameInvalid = isFieldInvalid(username, errors.username); + const isPasswordInvalid = isFieldInvalid(password, errors.password); + + const onChangeUsernameEvent = useCallback( + (event?: React.ChangeEvent) => + editActionSecrets('username', event?.target.value ?? ''), + [editActionSecrets] + ); + + const onChangePasswordEvent = useCallback( + (event?: React.ChangeEvent) => + editActionSecrets('password', event?.target.value ?? ''), + [editActionSecrets] + ); + + return ( + <> + + {getEncryptedFieldNotifyLabel( + !action.id, + NUMBER_OF_FIELDS, + action.isMissingSecrets ?? false, + i18n.REENTER_VALUES_LABEL + )} + + + { + if (!username) { + onChangeUsernameEvent(); + } + }} + disabled={isLoading} + /> + + + { + if (!password) { + onChangePasswordEvent(); + } + }} + disabled={isLoading} + /> + + + ); +}; + +export const CredentialsAuth = memo(CredentialsAuthComponent); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/deprecated_callout.test.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/deprecated_callout.test.tsx index 767b38ebcf6adeb..0c125f38516362a 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/deprecated_callout.test.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/deprecated_callout.test.tsx @@ -19,7 +19,7 @@ describe('DeprecatedCallout', () => { wrapper: ({ children }) => {children}, }); - expect(screen.getByText('Deprecated connector type')).toBeInTheDocument(); + expect(screen.getByText('This connector type is deprecated')).toBeInTheDocument(); }); test('it calls onMigrate when pressing the button', () => { diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/deprecated_callout.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/deprecated_callout.tsx index 101d1572a67ad38..faeeaa1bbbffea9 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/deprecated_callout.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/deprecated_callout.tsx @@ -6,7 +6,7 @@ */ import React, { memo } from 'react'; -import { EuiSpacer, EuiCallOut, EuiButtonEmpty } from '@elastic/eui'; +import { EuiSpacer, EuiCallOut, EuiLink } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; @@ -26,23 +26,33 @@ const DeprecatedCalloutComponent: React.FC = ({ onMigrate }) => { title={i18n.translate( 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.deprecatedCalloutTitle', { - defaultMessage: 'Deprecated connector type', + defaultMessage: 'This connector type is deprecated', } )} > + update: ( + {i18n.translate( 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.deprecatedCalloutMigrate', { - defaultMessage: 'update this connector.', + defaultMessage: 'Update this connector,', } )} - + + ), + create: ( + + {i18n.translate( + 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.deprecatedCalloutCreate', + { + defaultMessage: 'or create a new one.', + } + )} + ), }} /> diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/helpers.ts b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/helpers.ts index ca557b31c4f4f31..0134133645bb3f9 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/helpers.ts +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/helpers.ts @@ -14,6 +14,8 @@ import { import { IErrorObject } from '../../../../../public/types'; import { AppInfo, Choice, RESTApiError, ServiceNowActionConnector } from './types'; +export const DEFAULT_CORRELATION_ID = '{{rule.id}}:{{alert.id}}'; + export const choicesToEuiOptions = (choices: Choice[]): EuiSelectOption[] => choices.map((choice) => ({ value: choice.value, text: choice.label })); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/installation_callout.test.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/installation_callout.test.tsx index 8e1c1820920c52a..ee63a546e6aa18d 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/installation_callout.test.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/installation_callout.test.tsx @@ -15,7 +15,7 @@ describe('DeprecatedCallout', () => { render(); expect( screen.getByText( - 'To use this connector, you must first install the Elastic App from the ServiceNow App Store' + 'To use this connector, first install the Elastic app from the ServiceNow app store.' ) ).toBeInTheDocument(); }); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_connectors.test.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_connectors.test.tsx index 02f3ae47728abdb..7c720148780a451 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_connectors.test.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_connectors.test.tsx @@ -6,29 +6,52 @@ */ import React from 'react'; +import { act } from '@testing-library/react'; import { mountWithIntl } from '@kbn/test/jest'; + +import { useKibana } from '../../../../common/lib/kibana'; +import { ActionConnectorFieldsSetCallbacks } from '../../../../types'; +import { updateActionConnector } from '../../../lib/action_connector_api'; import ServiceNowConnectorFields from './servicenow_connectors'; import { ServiceNowActionConnector } from './types'; +import { getAppInfo } from './api'; + jest.mock('../../../../common/lib/kibana'); +jest.mock('../../../lib/action_connector_api'); +jest.mock('./api'); + +const useKibanaMock = useKibana as jest.Mocked; +const getAppInfoMock = getAppInfo as jest.Mock; +const updateActionConnectorMock = updateActionConnector as jest.Mock; describe('ServiceNowActionConnectorFields renders', () => { + const usesTableApiConnector = { + secrets: { + username: 'user', + password: 'pass', + }, + id: 'test', + actionTypeId: '.servicenow', + isPreconfigured: false, + name: 'SN', + config: { + apiUrl: 'https://test/', + isLegacy: true, + }, + } as ServiceNowActionConnector; + + const usesImportSetApiConnector = { + ...usesTableApiConnector, + config: { + ...usesTableApiConnector.config, + isLegacy: false, + }, + } as ServiceNowActionConnector; + test('alerting servicenow connector fields are rendered', () => { - const actionConnector = { - secrets: { - username: 'user', - password: 'pass', - }, - id: 'test', - actionTypeId: '.webhook', - isPreconfigured: false, - name: 'webhook', - config: { - apiUrl: 'https://test/', - }, - } as ServiceNowActionConnector; const wrapper = mountWithIntl( {}} editActionSecrets={() => {}} @@ -41,30 +64,16 @@ describe('ServiceNowActionConnectorFields renders', () => { wrapper.find('[data-test-subj="connector-servicenow-username-form-input"]').length > 0 ).toBeTruthy(); - expect(wrapper.find('[data-test-subj="apiUrlFromInput"]').length > 0).toBeTruthy(); + expect(wrapper.find('[data-test-subj="credentialsApiUrlFromInput"]').length > 0).toBeTruthy(); expect( wrapper.find('[data-test-subj="connector-servicenow-password-form-input"]').length > 0 ).toBeTruthy(); }); test('case specific servicenow connector fields is rendered', () => { - const actionConnector = { - secrets: { - username: 'user', - password: 'pass', - }, - id: 'test', - actionTypeId: '.servicenow', - isPreconfigured: false, - name: 'servicenow', - config: { - apiUrl: 'https://test/', - isLegacy: false, - }, - } as ServiceNowActionConnector; const wrapper = mountWithIntl( {}} editActionSecrets={() => {}} @@ -74,7 +83,8 @@ describe('ServiceNowActionConnectorFields renders', () => { isEdit={false} /> ); - expect(wrapper.find('[data-test-subj="apiUrlFromInput"]').length > 0).toBeTruthy(); + + expect(wrapper.find('[data-test-subj="credentialsApiUrlFromInput"]').length > 0).toBeTruthy(); expect( wrapper.find('[data-test-subj="connector-servicenow-password-form-input"]').length > 0 ).toBeTruthy(); @@ -87,6 +97,7 @@ describe('ServiceNowActionConnectorFields renders', () => { config: {}, secrets: {}, } as ServiceNowActionConnector; + const wrapper = mountWithIntl( { config: {}, secrets: {}, } as ServiceNowActionConnector; + const wrapper = mountWithIntl( { }); test('should display a message on edit to re-enter credentials', () => { - const actionConnector = { - secrets: { - username: 'user', - password: 'pass', - }, - id: 'test', - actionTypeId: '.servicenow', - isPreconfigured: false, - name: 'servicenow', - config: { - apiUrl: 'https://test/', - }, - } as ServiceNowActionConnector; const wrapper = mountWithIntl( {}} editActionSecrets={() => {}} @@ -152,4 +151,268 @@ describe('ServiceNowActionConnectorFields renders', () => { expect(wrapper.find('[data-test-subj="reenterValuesMessage"]').length).toBeGreaterThan(0); expect(wrapper.find('[data-test-subj="rememberValuesMessage"]').length).toEqual(0); }); + + describe('Elastic certified ServiceNow application', () => { + const { services } = useKibanaMock(); + const applicationInfoData = { + name: 'Elastic', + scope: 'x_elas2_inc_int', + version: '1.0.0', + }; + + let beforeActionConnectorSaveFn: () => Promise; + const setCallbacks = (({ + beforeActionConnectorSave, + }: { + beforeActionConnectorSave: () => Promise; + }) => { + beforeActionConnectorSaveFn = beforeActionConnectorSave; + }) as ActionConnectorFieldsSetCallbacks; + + beforeEach(() => { + jest.clearAllMocks(); + }); + + test('should render the correct callouts when the connectors needs the application', () => { + const wrapper = mountWithIntl( + {}} + editActionSecrets={() => {}} + readOnly={false} + setCallbacks={() => {}} + isEdit={false} + /> + ); + expect(wrapper.find('[data-test-subj="snInstallationCallout"]').exists()).toBeTruthy(); + expect(wrapper.find('[data-test-subj="snDeprecatedCallout"]').exists()).toBeFalsy(); + expect(wrapper.find('[data-test-subj="snApplicationCallout"]').exists()).toBeFalsy(); + }); + + test('should render the correct callouts if the connector uses the table API', () => { + const wrapper = mountWithIntl( + {}} + editActionSecrets={() => {}} + readOnly={false} + setCallbacks={() => {}} + isEdit={false} + /> + ); + expect(wrapper.find('[data-test-subj="snInstallationCallout"]').exists()).toBeFalsy(); + expect(wrapper.find('[data-test-subj="snDeprecatedCallout"]').exists()).toBeTruthy(); + expect(wrapper.find('[data-test-subj="snApplicationCallout"]').exists()).toBeFalsy(); + }); + + test('should get application information when saving the connector', async () => { + getAppInfoMock.mockResolvedValue(applicationInfoData); + + const wrapper = mountWithIntl( + {}} + editActionSecrets={() => {}} + readOnly={false} + setCallbacks={setCallbacks} + isEdit={false} + /> + ); + + await act(async () => { + await beforeActionConnectorSaveFn(); + }); + + expect(getAppInfoMock).toHaveBeenCalledTimes(1); + expect(wrapper.find('[data-test-subj="snApplicationCallout"]').exists()).toBeFalsy(); + }); + + test('should NOT get application information when the connector uses the old API', async () => { + const wrapper = mountWithIntl( + {}} + editActionSecrets={() => {}} + readOnly={false} + setCallbacks={setCallbacks} + isEdit={false} + /> + ); + + await act(async () => { + await beforeActionConnectorSaveFn(); + }); + + expect(getAppInfoMock).toHaveBeenCalledTimes(0); + expect(wrapper.find('[data-test-subj="snApplicationCallout"]').exists()).toBeFalsy(); + }); + + test('should render error when save failed', async () => { + expect.assertions(4); + + const errorMessage = 'request failed'; + getAppInfoMock.mockRejectedValueOnce(new Error(errorMessage)); + + const wrapper = mountWithIntl( + {}} + editActionSecrets={() => {}} + readOnly={false} + setCallbacks={setCallbacks} + isEdit={false} + /> + ); + + await expect( + // The async is needed so the act will finished before asserting for the callout + async () => await act(async () => await beforeActionConnectorSaveFn()) + ).rejects.toThrow(errorMessage); + expect(getAppInfoMock).toHaveBeenCalledTimes(1); + + wrapper.update(); + expect(wrapper.find('[data-test-subj="snApplicationCallout"]').exists()).toBeTruthy(); + expect( + wrapper + .find('[data-test-subj="snApplicationCallout"]') + .first() + .text() + .includes(errorMessage) + ).toBeTruthy(); + }); + + test('should render error when the response is a REST api error', async () => { + expect.assertions(4); + + const errorMessage = 'request failed'; + getAppInfoMock.mockResolvedValue({ error: { message: errorMessage }, status: 'failure' }); + + const wrapper = mountWithIntl( + {}} + editActionSecrets={() => {}} + readOnly={false} + setCallbacks={setCallbacks} + isEdit={false} + /> + ); + + await expect( + // The async is needed so the act will finished before asserting for the callout + async () => await act(async () => await beforeActionConnectorSaveFn()) + ).rejects.toThrow(errorMessage); + expect(getAppInfoMock).toHaveBeenCalledTimes(1); + + wrapper.update(); + expect(wrapper.find('[data-test-subj="snApplicationCallout"]').exists()).toBeTruthy(); + expect( + wrapper + .find('[data-test-subj="snApplicationCallout"]') + .first() + .text() + .includes(errorMessage) + ).toBeTruthy(); + }); + + test('should migrate the deprecated connector when the application throws', async () => { + getAppInfoMock.mockResolvedValue(applicationInfoData); + const wrapper = mountWithIntl( + {}} + editActionSecrets={() => {}} + readOnly={false} + setCallbacks={setCallbacks} + isEdit={false} + /> + ); + + expect(wrapper.find('[data-test-subj="update-connector-btn"]').exists()).toBeTruthy(); + wrapper.find('[data-test-subj="update-connector-btn"]').first().simulate('click'); + expect(wrapper.find('[data-test-subj="updateConnectorForm"]').exists()).toBeTruthy(); + + await act(async () => { + // Update the connector + wrapper.find('[data-test-subj="snUpdateInstallationSubmit"]').first().simulate('click'); + }); + + expect(getAppInfoMock).toHaveBeenCalledTimes(1); + expect(updateActionConnectorMock).toHaveBeenCalledWith( + expect.objectContaining({ + id: usesTableApiConnector.id, + connector: { + name: usesTableApiConnector.name, + config: { ...usesTableApiConnector.config, isLegacy: false }, + secrets: usesTableApiConnector.secrets, + }, + }) + ); + + expect(services.notifications.toasts.addSuccess).toHaveBeenCalledWith({ + text: 'Connector has been updated.', + title: 'SN connector updated', + }); + + // The flyout is closed + wrapper.update(); + expect(wrapper.find('[data-test-subj="updateConnectorForm"]').exists()).toBeFalsy(); + }); + + test('should NOT migrate the deprecated connector when there is an error', async () => { + const errorMessage = 'request failed'; + getAppInfoMock.mockRejectedValueOnce(new Error(errorMessage)); + + const wrapper = mountWithIntl( + {}} + editActionSecrets={() => {}} + readOnly={false} + setCallbacks={setCallbacks} + isEdit={false} + /> + ); + + expect(wrapper.find('[data-test-subj="update-connector-btn"]').exists()).toBeTruthy(); + wrapper.find('[data-test-subj="update-connector-btn"]').first().simulate('click'); + expect(wrapper.find('[data-test-subj="updateConnectorForm"]').exists()).toBeTruthy(); + + // The async is needed so the act will finished before asserting for the callout + await act(async () => { + wrapper.find('[data-test-subj="snUpdateInstallationSubmit"]').first().simulate('click'); + }); + + expect(getAppInfoMock).toHaveBeenCalledTimes(1); + expect(updateActionConnectorMock).not.toHaveBeenCalled(); + + expect(services.notifications.toasts.addSuccess).not.toHaveBeenCalled(); + + // The flyout is still open + wrapper.update(); + expect(wrapper.find('[data-test-subj="updateConnectorForm"]').exists()).toBeTruthy(); + + // The error message should be shown to the user + expect( + wrapper + .find('[data-test-subj="updateConnectorForm"] [data-test-subj="snApplicationCallout"]') + .exists() + ).toBeTruthy(); + expect( + wrapper + .find('[data-test-subj="updateConnectorForm"] [data-test-subj="snApplicationCallout"]') + .first() + .text() + .includes(errorMessage) + ).toBeTruthy(); + }); + }); }); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_connectors.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_connectors.tsx index 2cf738c5e0c13ee..20d38cfc7cea81e 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_connectors.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_connectors.tsx @@ -17,7 +17,7 @@ import { useGetAppInfo } from './use_get_app_info'; import { ApplicationRequiredCallout } from './application_required_callout'; import { isRESTApiError, isLegacyConnector } from './helpers'; import { InstallationCallout } from './installation_callout'; -import { UpdateConnectorModal } from './update_connector_modal'; +import { UpdateConnector } from './update_connector'; import { updateActionConnector } from '../../../lib/action_connector_api'; import { Credentials } from './credentials'; @@ -40,7 +40,7 @@ const ServiceNowConnectorFields: React.FC setShowModal(true), []); - const onModalCancel = useCallback(() => setShowModal(false), []); - - const onModalConfirm = useCallback(async () => { - await getApplicationInfo(); - await updateActionConnector({ - http, - connector: { - name: action.name, - config: { apiUrl, isLegacy: false }, - secrets: { username, password }, - }, - id: action.id, - }); - - editActionConfig('isLegacy', false); - setShowModal(false); - - toasts.addSuccess({ - title: i18n.MIGRATION_SUCCESS_TOAST_TITLE(action.name), - text: i18n.MIGRATION_SUCCESS_TOAST_TEXT, - }); + const onMigrateClick = useCallback(() => setShowUpdateConnector(true), []); + const onModalCancel = useCallback(() => setShowUpdateConnector(false), []); + + const onUpdateConnectorConfirm = useCallback(async () => { + try { + await getApplicationInfo(); + + await updateActionConnector({ + http, + connector: { + name: action.name, + config: { apiUrl, isLegacy: false }, + secrets: { username, password }, + }, + id: action.id, + }); + + editActionConfig('isLegacy', false); + setShowUpdateConnector(false); + + toasts.addSuccess({ + title: i18n.UPDATE_SUCCESS_TOAST_TITLE(action.name), + text: i18n.UPDATE_SUCCESS_TOAST_TEXT, + }); + } catch (err) { + /** + * getApplicationInfo may throw an error if the request + * fails or if there is a REST api error. + * + * We silent the errors as a callout will show and inform the user + */ + } }, [ getApplicationInfo, http, @@ -115,8 +125,8 @@ const ServiceNowConnectorFields: React.FC - {showModal && ( - )} diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_itsm_params.test.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_itsm_params.test.tsx index 30e09356e95dd1d..078b5535c16eb96 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_itsm_params.test.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_itsm_params.test.tsx @@ -6,7 +6,7 @@ */ import React from 'react'; -import { mount } from 'enzyme'; +import { mountWithIntl } from '@kbn/test/jest'; import { act } from '@testing-library/react'; import { ActionConnector } from '../../../../types'; @@ -115,13 +115,15 @@ describe('ServiceNowITSMParamsFields renders', () => { }); test('all params fields is rendered', () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); expect(wrapper.find('[data-test-subj="urgencySelect"]').exists()).toBeTruthy(); expect(wrapper.find('[data-test-subj="severitySelect"]').exists()).toBeTruthy(); expect(wrapper.find('[data-test-subj="impactSelect"]').exists()).toBeTruthy(); expect(wrapper.find('[data-test-subj="categorySelect"]').exists()).toBeTruthy(); expect(wrapper.find('[data-test-subj="subcategorySelect"]').exists()).toBeTruthy(); expect(wrapper.find('[data-test-subj="short_descriptionInput"]').exists()).toBeTruthy(); + expect(wrapper.find('[data-test-subj="correlation_idInput"]').exists()).toBeTruthy(); + expect(wrapper.find('[data-test-subj="correlation_displayInput"]').exists()).toBeTruthy(); expect(wrapper.find('[data-test-subj="descriptionTextArea"]').exists()).toBeTruthy(); expect(wrapper.find('[data-test-subj="commentsTextArea"]').exists()).toBeTruthy(); }); @@ -132,7 +134,7 @@ describe('ServiceNowITSMParamsFields renders', () => { // eslint-disable-next-line @typescript-eslint/naming-convention errors: { 'subActionParams.incident.short_description': ['error'] }, }; - const wrapper = mount(); + const wrapper = mountWithIntl(); const title = wrapper.find('[data-test-subj="short_descriptionInput"]').first(); expect(title.prop('isInvalid')).toBeTruthy(); }); @@ -144,10 +146,9 @@ describe('ServiceNowITSMParamsFields renders', () => { ...defaultProps, actionParams: newParams, }; - mount(); + mountWithIntl(); expect(editAction.mock.calls[0][1]).toEqual({ incident: { - correlation_display: 'Alerting', correlation_id: '{{rule.id}}:{{alert.id}}', }, comments: [], @@ -161,18 +162,17 @@ describe('ServiceNowITSMParamsFields renders', () => { ...defaultProps, actionParams: newParams, }; - mount(); + mountWithIntl(); expect(editAction.mock.calls[0][1]).toEqual('pushToService'); }); test('Resets fields when connector changes', () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); expect(editAction.mock.calls.length).toEqual(0); wrapper.setProps({ actionConnector: { ...connector, id: '1234' } }); expect(editAction.mock.calls.length).toEqual(1); expect(editAction.mock.calls[0][1]).toEqual({ incident: { - correlation_display: 'Alerting', correlation_id: '{{rule.id}}:{{alert.id}}', }, comments: [], @@ -180,7 +180,7 @@ describe('ServiceNowITSMParamsFields renders', () => { }); test('it transforms the categories to options correctly', async () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); act(() => { onChoices(useGetChoicesResponse.choices); }); @@ -195,7 +195,7 @@ describe('ServiceNowITSMParamsFields renders', () => { }); test('it transforms the subcategories to options correctly', async () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); act(() => { onChoices(useGetChoicesResponse.choices); }); @@ -210,7 +210,7 @@ describe('ServiceNowITSMParamsFields renders', () => { }); test('it transforms the options correctly', async () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); act(() => { onChoices(useGetChoicesResponse.choices); }); @@ -231,6 +231,11 @@ describe('ServiceNowITSMParamsFields renders', () => { const changeEvent = { target: { value: 'Bug' } } as React.ChangeEvent; const simpleFields = [ { dataTestSubj: 'input[data-test-subj="short_descriptionInput"]', key: 'short_description' }, + { dataTestSubj: 'input[data-test-subj="correlation_idInput"]', key: 'correlation_id' }, + { + dataTestSubj: 'input[data-test-subj="correlation_displayInput"]', + key: 'correlation_display', + }, { dataTestSubj: 'textarea[data-test-subj="descriptionTextArea"]', key: 'description' }, { dataTestSubj: '[data-test-subj="urgencySelect"]', key: 'urgency' }, { dataTestSubj: '[data-test-subj="severitySelect"]', key: 'severity' }, @@ -241,7 +246,7 @@ describe('ServiceNowITSMParamsFields renders', () => { simpleFields.forEach((field) => test(`${field.key} update triggers editAction :D`, () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); const theField = wrapper.find(field.dataTestSubj).first(); theField.prop('onChange')!(changeEvent); expect(editAction.mock.calls[0][1].incident[field.key]).toEqual(changeEvent.target.value); @@ -249,14 +254,14 @@ describe('ServiceNowITSMParamsFields renders', () => { ); test('A comment triggers editAction', () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); const comments = wrapper.find('textarea[data-test-subj="commentsTextArea"]'); expect(comments.simulate('change', changeEvent)); expect(editAction.mock.calls[0][1].comments.length).toEqual(1); }); test('An empty comment does not trigger editAction', () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); const emptyComment = { target: { value: '' } }; const comments = wrapper.find('[data-test-subj="commentsTextArea"] textarea'); expect(comments.simulate('change', emptyComment)); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_itsm_params.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_itsm_params.tsx index 81428cd7f0a731b..09b04f0fa3c485e 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_itsm_params.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_itsm_params.tsx @@ -13,18 +13,19 @@ import { EuiFlexItem, EuiSpacer, EuiTitle, - EuiSwitch, + EuiLink, } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n/react'; + import { useKibana } from '../../../../common/lib/kibana'; import { ActionParamsProps } from '../../../../types'; import { ServiceNowITSMActionParams, Choice, Fields, ServiceNowActionConnector } from './types'; import { TextAreaWithMessageVariables } from '../../text_area_with_message_variables'; import { TextFieldWithMessageVariables } from '../../text_field_with_message_variables'; import { useGetChoices } from './use_get_choices'; -import { choicesToEuiOptions, isLegacyConnector } from './helpers'; +import { choicesToEuiOptions, DEFAULT_CORRELATION_ID, isLegacyConnector } from './helpers'; import * as i18n from './translations'; -import { UPDATE_INCIDENT_VARIABLE, NOT_UPDATE_INCIDENT_VARIABLE } from './config'; const useGetChoicesFields = ['urgency', 'severity', 'impact', 'category', 'subcategory']; const defaultFields: Fields = { @@ -40,11 +41,14 @@ const ServiceNowParamsFields: React.FunctionComponent< ActionParamsProps > = ({ actionConnector, actionParams, editAction, index, errors, messageVariables }) => { const { + docLinks, http, notifications: { toasts }, } = useKibana().services; - const isOldConnector = isLegacyConnector(actionConnector as unknown as ServiceNowActionConnector); + const isDeprecatedConnector = isLegacyConnector( + actionConnector as unknown as ServiceNowActionConnector + ); const actionConnectorRef = useRef(actionConnector?.id ?? ''); const { incident, comments } = useMemo( @@ -57,13 +61,8 @@ const ServiceNowParamsFields: React.FunctionComponent< [actionParams.subActionParams] ); - const hasUpdateIncident = - incident.correlation_id != null && incident.correlation_id === UPDATE_INCIDENT_VARIABLE; - const [updateIncident, setUpdateIncident] = useState(hasUpdateIncident); const [choices, setChoices] = useState(defaultFields); - const correlationID = updateIncident ? UPDATE_INCIDENT_VARIABLE : NOT_UPDATE_INCIDENT_VARIABLE; - const editSubActionProperty = useCallback( (key: string, value: any) => { const newProps = @@ -99,14 +98,6 @@ const ServiceNowParamsFields: React.FunctionComponent< ); }, []); - const onUpdateIncidentSwitchChange = useCallback(() => { - const newCorrelationID = !updateIncident - ? UPDATE_INCIDENT_VARIABLE - : NOT_UPDATE_INCIDENT_VARIABLE; - editSubActionProperty('correlation_id', newCorrelationID); - setUpdateIncident(!updateIncident); - }, [editSubActionProperty, updateIncident]); - const categoryOptions = useMemo(() => choicesToEuiOptions(choices.category), [choices.category]); const urgencyOptions = useMemo(() => choicesToEuiOptions(choices.urgency), [choices.urgency]); const severityOptions = useMemo(() => choicesToEuiOptions(choices.severity), [choices.severity]); @@ -136,7 +127,7 @@ const ServiceNowParamsFields: React.FunctionComponent< editAction( 'subActionParams', { - incident: { correlation_id: correlationID, correlation_display: 'Alerting' }, + incident: { correlation_id: DEFAULT_CORRELATION_ID }, comments: [], }, index @@ -153,7 +144,7 @@ const ServiceNowParamsFields: React.FunctionComponent< editAction( 'subActionParams', { - incident: { correlation_id: correlationID, correlation_display: 'Alerting' }, + incident: { correlation_id: DEFAULT_CORRELATION_ID }, comments: [], }, index @@ -253,6 +244,46 @@ const ServiceNowParamsFields: React.FunctionComponent< + {!isDeprecatedConnector && ( + <> + + + + + + } + > + + + + + + + + + + + + )} - {!isOldConnector && ( - - - - - - )} { }); test('all params fields is rendered', () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); expect(wrapper.find('[data-test-subj="short_descriptionInput"]').exists()).toBeTruthy(); - expect(wrapper.find('[data-test-subj="source_ipInput"]').exists()).toBeTruthy(); - expect(wrapper.find('[data-test-subj="dest_ipInput"]').exists()).toBeTruthy(); - expect(wrapper.find('[data-test-subj="malware_urlInput"]').exists()).toBeTruthy(); - expect(wrapper.find('[data-test-subj="malware_hashInput"]').exists()).toBeTruthy(); + expect(wrapper.find('[data-test-subj="correlation_idInput"]').exists()).toBeTruthy(); + expect(wrapper.find('[data-test-subj="correlation_displayInput"]').exists()).toBeTruthy(); expect(wrapper.find('[data-test-subj="prioritySelect"]').exists()).toBeTruthy(); expect(wrapper.find('[data-test-subj="categorySelect"]').exists()).toBeTruthy(); expect(wrapper.find('[data-test-subj="subcategorySelect"]').exists()).toBeTruthy(); @@ -162,7 +160,7 @@ describe('ServiceNowSIRParamsFields renders', () => { // eslint-disable-next-line @typescript-eslint/naming-convention errors: { 'subActionParams.incident.short_description': ['error'] }, }; - const wrapper = mount(); + const wrapper = mountWithIntl(); const title = wrapper.find('[data-test-subj="short_descriptionInput"]').first(); expect(title.prop('isInvalid')).toBeTruthy(); }); @@ -174,10 +172,9 @@ describe('ServiceNowSIRParamsFields renders', () => { ...defaultProps, actionParams: newParams, }; - mount(); + mountWithIntl(); expect(editAction.mock.calls[0][1]).toEqual({ incident: { - correlation_display: 'Alerting', correlation_id: '{{rule.id}}:{{alert.id}}', }, comments: [], @@ -191,18 +188,17 @@ describe('ServiceNowSIRParamsFields renders', () => { ...defaultProps, actionParams: newParams, }; - mount(); + mountWithIntl(); expect(editAction.mock.calls[0][1]).toEqual('pushToService'); }); test('Resets fields when connector changes', () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); expect(editAction.mock.calls.length).toEqual(0); wrapper.setProps({ actionConnector: { ...connector, id: '1234' } }); expect(editAction.mock.calls.length).toEqual(1); expect(editAction.mock.calls[0][1]).toEqual({ incident: { - correlation_display: 'Alerting', correlation_id: '{{rule.id}}:{{alert.id}}', }, comments: [], @@ -210,7 +206,7 @@ describe('ServiceNowSIRParamsFields renders', () => { }); test('it transforms the categories to options correctly', async () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); act(() => { onChoicesSuccess(choicesResponse.choices); }); @@ -227,7 +223,7 @@ describe('ServiceNowSIRParamsFields renders', () => { }); test('it transforms the subcategories to options correctly', async () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); act(() => { onChoicesSuccess(choicesResponse.choices); }); @@ -250,7 +246,7 @@ describe('ServiceNowSIRParamsFields renders', () => { }); test('it transforms the priorities to options correctly', async () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); act(() => { onChoicesSuccess(choicesResponse.choices); }); @@ -284,11 +280,12 @@ describe('ServiceNowSIRParamsFields renders', () => { const changeEvent = { target: { value: 'Bug' } } as React.ChangeEvent; const simpleFields = [ { dataTestSubj: 'input[data-test-subj="short_descriptionInput"]', key: 'short_description' }, + { dataTestSubj: 'input[data-test-subj="correlation_idInput"]', key: 'correlation_id' }, + { + dataTestSubj: 'input[data-test-subj="correlation_displayInput"]', + key: 'correlation_display', + }, { dataTestSubj: 'textarea[data-test-subj="descriptionTextArea"]', key: 'description' }, - { dataTestSubj: '[data-test-subj="source_ipInput"]', key: 'source_ip' }, - { dataTestSubj: '[data-test-subj="dest_ipInput"]', key: 'dest_ip' }, - { dataTestSubj: '[data-test-subj="malware_urlInput"]', key: 'malware_url' }, - { dataTestSubj: '[data-test-subj="malware_hashInput"]', key: 'malware_hash' }, { dataTestSubj: '[data-test-subj="prioritySelect"]', key: 'priority' }, { dataTestSubj: '[data-test-subj="categorySelect"]', key: 'category' }, { dataTestSubj: '[data-test-subj="subcategorySelect"]', key: 'subcategory' }, @@ -296,7 +293,7 @@ describe('ServiceNowSIRParamsFields renders', () => { simpleFields.forEach((field) => test(`${field.key} update triggers editAction :D`, () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); const theField = wrapper.find(field.dataTestSubj).first(); theField.prop('onChange')!(changeEvent); expect(editAction.mock.calls[0][1].incident[field.key]).toEqual(changeEvent.target.value); @@ -304,14 +301,14 @@ describe('ServiceNowSIRParamsFields renders', () => { ); test('A comment triggers editAction', () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); const comments = wrapper.find('textarea[data-test-subj="commentsTextArea"]'); expect(comments.simulate('change', changeEvent)); expect(editAction.mock.calls[0][1].comments.length).toEqual(1); }); test('An empty comment does not trigger editAction', () => { - const wrapper = mount(); + const wrapper = mountWithIntl(); const emptyComment = { target: { value: '' } }; const comments = wrapper.find('[data-test-subj="commentsTextArea"] textarea'); expect(comments.simulate('change', emptyComment)); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_sir_params.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_sir_params.tsx index 7b7cfc67d99719c..72f6d7635268f35 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_sir_params.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/servicenow_sir_params.tsx @@ -13,8 +13,10 @@ import { EuiFlexItem, EuiSpacer, EuiTitle, - EuiSwitch, + EuiLink, } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n/react'; + import { useKibana } from '../../../../common/lib/kibana'; import { ActionParamsProps } from '../../../../types'; import { TextAreaWithMessageVariables } from '../../text_area_with_message_variables'; @@ -23,8 +25,7 @@ import { TextFieldWithMessageVariables } from '../../text_field_with_message_var import * as i18n from './translations'; import { useGetChoices } from './use_get_choices'; import { ServiceNowSIRActionParams, Fields, Choice, ServiceNowActionConnector } from './types'; -import { choicesToEuiOptions, isLegacyConnector } from './helpers'; -import { UPDATE_INCIDENT_VARIABLE, NOT_UPDATE_INCIDENT_VARIABLE } from './config'; +import { choicesToEuiOptions, isLegacyConnector, DEFAULT_CORRELATION_ID } from './helpers'; const useGetChoicesFields = ['category', 'subcategory', 'priority']; const defaultFields: Fields = { @@ -33,23 +34,18 @@ const defaultFields: Fields = { priority: [], }; -const valuesToString = (value: string | string[] | null): string | undefined => { - if (Array.isArray(value)) { - return value.join(','); - } - - return value ?? undefined; -}; - const ServiceNowSIRParamsFields: React.FunctionComponent< ActionParamsProps > = ({ actionConnector, actionParams, editAction, index, errors, messageVariables }) => { const { + docLinks, http, notifications: { toasts }, } = useKibana().services; - const isOldConnector = isLegacyConnector(actionConnector as unknown as ServiceNowActionConnector); + const isDeprecatedConnector = isLegacyConnector( + actionConnector as unknown as ServiceNowActionConnector + ); const actionConnectorRef = useRef(actionConnector?.id ?? ''); const { incident, comments } = useMemo( @@ -62,13 +58,8 @@ const ServiceNowSIRParamsFields: React.FunctionComponent< [actionParams.subActionParams] ); - const hasUpdateIncident = - incident.correlation_id != null && incident.correlation_id === UPDATE_INCIDENT_VARIABLE; - const [updateIncident, setUpdateIncident] = useState(hasUpdateIncident); const [choices, setChoices] = useState(defaultFields); - const correlationID = updateIncident ? UPDATE_INCIDENT_VARIABLE : NOT_UPDATE_INCIDENT_VARIABLE; - const editSubActionProperty = useCallback( (key: string, value: any) => { const newProps = @@ -104,14 +95,6 @@ const ServiceNowSIRParamsFields: React.FunctionComponent< ); }, []); - const onUpdateIncidentSwitchChange = useCallback(() => { - const newCorrelationID = !updateIncident - ? UPDATE_INCIDENT_VARIABLE - : NOT_UPDATE_INCIDENT_VARIABLE; - editSubActionProperty('correlation_id', newCorrelationID); - setUpdateIncident(!updateIncident); - }, [editSubActionProperty, updateIncident]); - const { isLoading: isLoadingChoices } = useGetChoices({ http, toastNotifications: toasts, @@ -140,7 +123,7 @@ const ServiceNowSIRParamsFields: React.FunctionComponent< editAction( 'subActionParams', { - incident: { correlation_id: correlationID, correlation_display: 'Alerting' }, + incident: { correlation_id: DEFAULT_CORRELATION_ID }, comments: [], }, index @@ -157,7 +140,7 @@ const ServiceNowSIRParamsFields: React.FunctionComponent< editAction( 'subActionParams', { - incident: { correlation_id: correlationID, correlation_display: 'Alerting' }, + incident: { correlation_id: DEFAULT_CORRELATION_ID }, comments: [], }, index @@ -192,46 +175,6 @@ const ServiceNowSIRParamsFields: React.FunctionComponent< /> - - - - - - - - - - - - - - - - + {!isDeprecatedConnector && ( + <> + + + + + + } + > + + + + + + + + + + + + )} - {!isOldConnector && ( - - - - )} ); }; diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/sn_store_button.test.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/sn_store_button.test.tsx index fe73653234170bb..500325202b65171 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/sn_store_button.test.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/sn_store_button.test.tsx @@ -7,21 +7,43 @@ import React from 'react'; import { render, screen } from '@testing-library/react'; -import { SNStoreButton } from './sn_store_button'; +import { SNStoreButton, SNStoreLink } from './sn_store_button'; describe('SNStoreButton', () => { - test('it renders the button', () => { + it('should render the button', () => { render(); expect(screen.getByText('Visit ServiceNow app store')).toBeInTheDocument(); }); - test('it renders a danger button', () => { + it('should render a danger button', () => { render(); expect(screen.getByRole('link')).toHaveClass('euiButton--danger'); }); - test('it renders with correct href', () => { + it('should render with correct href', () => { render(); expect(screen.getByRole('link')).toHaveAttribute('href', 'https://store.servicenow.com/'); }); + + it('should render with target blank', () => { + render(); + expect(screen.getByRole('link')).toHaveAttribute('target', '_blank'); + }); +}); + +describe('SNStoreLink', () => { + it('should render the link', () => { + render(); + expect(screen.getByText('Visit ServiceNow app store')).toBeInTheDocument(); + }); + + it('should render with correct href', () => { + render(); + expect(screen.getByRole('link')).toHaveAttribute('href', 'https://store.servicenow.com/'); + }); + + it('should render with target blank', () => { + render(); + expect(screen.getByRole('link')).toHaveAttribute('target', '_blank'); + }); }); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/sn_store_button.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/sn_store_button.tsx index 5921f679d3f504b..5a33237159a021f 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/sn_store_button.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/sn_store_button.tsx @@ -6,7 +6,7 @@ */ import React, { memo } from 'react'; -import { EuiButtonProps, EuiButton } from '@elastic/eui'; +import { EuiButtonProps, EuiButton, EuiLink } from '@elastic/eui'; import * as i18n from './translations'; @@ -18,10 +18,18 @@ interface Props { const SNStoreButtonComponent: React.FC = ({ color }) => { return ( - + {i18n.VISIT_SN_STORE} ); }; export const SNStoreButton = memo(SNStoreButtonComponent); + +const SNStoreLinkComponent: React.FC = () => ( + + {i18n.VISIT_SN_STORE} + +); + +export const SNStoreLink = memo(SNStoreLinkComponent); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/translations.ts b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/translations.ts index 90292a35a88dfe7..d068b120bd7ce5f 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/translations.ts +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/translations.ts @@ -17,7 +17,7 @@ export const API_URL_LABEL = i18n.translate( export const API_URL_HELPTEXT = i18n.translate( 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.apiUrlHelpText', { - defaultMessage: 'Include the full URL', + defaultMessage: 'Include the full URL.', } ); @@ -60,7 +60,7 @@ export const REMEMBER_VALUES_LABEL = i18n.translate( export const REENTER_VALUES_LABEL = i18n.translate( 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.reenterValuesLabel', { - defaultMessage: 'You will need to re-authenticate each time you edit the connector', + defaultMessage: 'You must authenticate each time you edit the connector.', } ); @@ -99,34 +99,6 @@ export const TITLE_REQUIRED = i18n.translate( } ); -export const SOURCE_IP_LABEL = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.sourceIPTitle', - { - defaultMessage: 'Source IPs', - } -); - -export const SOURCE_IP_HELP_TEXT = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.sourceIPHelpText', - { - defaultMessage: 'List of source IPs (comma, or pipe delimited)', - } -); - -export const DEST_IP_LABEL = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.destinationIPTitle', - { - defaultMessage: 'Destination IPs', - } -); - -export const DEST_IP_HELP_TEXT = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.destIPHelpText', - { - defaultMessage: 'List of destination IPs (comma, or pipe delimited)', - } -); - export const INCIDENT = i18n.translate( 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.title', { @@ -155,34 +127,6 @@ export const COMMENTS_LABEL = i18n.translate( } ); -export const MALWARE_URL_LABEL = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.malwareURLTitle', - { - defaultMessage: 'Malware URLs', - } -); - -export const MALWARE_URL_HELP_TEXT = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.malwareURLHelpText', - { - defaultMessage: 'List of malware URLs (comma, or pipe delimited)', - } -); - -export const MALWARE_HASH_LABEL = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.malwareHashTitle', - { - defaultMessage: 'Malware Hashes', - } -); - -export const MALWARE_HASH_HELP_TEXT = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.malwareHashHelpText', - { - defaultMessage: 'List of malware hashes (comma, or pipe delimited)', - } -); - export const CHOICES_API_ERROR = i18n.translate( 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.unableToGetChoicesMessage', { @@ -249,25 +193,25 @@ export const INSTALLATION_CALLOUT_TITLE = i18n.translate( 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.installationCalloutTitle', { defaultMessage: - 'To use this connector, you must first install the Elastic App from the ServiceNow App Store', + 'To use this connector, first install the Elastic app from the ServiceNow app store.', } ); -export const MIGRATION_SUCCESS_TOAST_TITLE = (connectorName: string) => +export const UPDATE_SUCCESS_TOAST_TITLE = (connectorName: string) => i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.migrationSuccessToastTitle', + 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.updateSuccessToastTitle', { - defaultMessage: 'Migrated connector {connectorName}', + defaultMessage: '{connectorName} connector updated', values: { connectorName, }, } ); -export const MIGRATION_SUCCESS_TOAST_TEXT = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.installationCalloutText', +export const UPDATE_SUCCESS_TOAST_TEXT = i18n.translate( + 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.updateCalloutText', { - defaultMessage: 'Connector has been successfully migrated.', + defaultMessage: 'Connector has been updated.', } ); @@ -299,23 +243,16 @@ export const UNKNOWN = i18n.translate( } ); -export const UPDATE_INCIDENT_LABEL = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.updateIncidentCheckboxLabel', - { - defaultMessage: 'Update incident', - } -); - -export const ON = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.updateIncidentOn', +export const CORRELATION_ID = i18n.translate( + 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.correlationID', { - defaultMessage: 'On', + defaultMessage: 'Correlation ID (optional)', } ); -export const OFF = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.updateIncidentOff', +export const CORRELATION_DISPLAY = i18n.translate( + 'xpack.triggersActionsUI.components.builtinActionTypes.servicenow.correlationDisplay', { - defaultMessage: 'Off', + defaultMessage: 'Correlation display (optional)', } ); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/update_connector.test.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/update_connector.test.tsx new file mode 100644 index 000000000000000..2d95bfa85ceb998 --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/update_connector.test.tsx @@ -0,0 +1,181 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { mountWithIntl } from '@kbn/test/jest'; +import { UpdateConnector, Props } from './update_connector'; +import { ServiceNowActionConnector } from './types'; +jest.mock('../../../../common/lib/kibana'); + +const actionConnector: ServiceNowActionConnector = { + secrets: { + username: 'user', + password: 'pass', + }, + id: 'test', + actionTypeId: '.servicenow', + isPreconfigured: false, + name: 'servicenow', + config: { + apiUrl: 'https://test/', + isLegacy: true, + }, +}; + +const mountUpdateConnector = (props: Partial = {}) => { + return mountWithIntl( + {}} + editActionSecrets={() => {}} + readOnly={false} + isLoading={false} + onConfirm={() => {}} + onCancel={() => {}} + {...props} + /> + ); +}; + +describe('UpdateConnector renders', () => { + it('should render update connector fields', () => { + const wrapper = mountUpdateConnector(); + + expect(wrapper.find('[data-test-subj="snUpdateInstallationCallout"]').exists()).toBeTruthy(); + expect(wrapper.find('[data-test-subj="updateConnectorForm"]').exists()).toBeTruthy(); + expect(wrapper.find('[data-test-subj="credentialsApiUrlFromInput"]').exists()).toBeTruthy(); + expect( + wrapper.find('[data-test-subj="connector-servicenow-username-form-input"]').exists() + ).toBeTruthy(); + expect( + wrapper.find('[data-test-subj="connector-servicenow-password-form-input"]').exists() + ).toBeTruthy(); + }); + + it('should disable inputs on loading', () => { + const wrapper = mountUpdateConnector({ isLoading: true }); + expect( + wrapper.find('[data-test-subj="credentialsApiUrlFromInput"]').first().prop('disabled') + ).toBeTruthy(); + expect( + wrapper + .find('[data-test-subj="connector-servicenow-username-form-input"]') + .first() + .prop('disabled') + ).toBeTruthy(); + expect( + wrapper + .find('[data-test-subj="connector-servicenow-password-form-input"]') + .first() + .prop('disabled') + ).toBeTruthy(); + }); + + it('should set inputs as read-only', () => { + const wrapper = mountUpdateConnector({ readOnly: true }); + + expect( + wrapper.find('[data-test-subj="credentialsApiUrlFromInput"]').first().prop('readOnly') + ).toBeTruthy(); + expect( + wrapper + .find('[data-test-subj="connector-servicenow-username-form-input"]') + .first() + .prop('readOnly') + ).toBeTruthy(); + expect( + wrapper + .find('[data-test-subj="connector-servicenow-password-form-input"]') + .first() + .prop('readOnly') + ).toBeTruthy(); + }); + + it('should disable submit button if errors or fields missing', () => { + const wrapper = mountUpdateConnector({ + errors: { apiUrl: ['some error'], username: [], password: [] }, + }); + + expect( + wrapper.find('[data-test-subj="snUpdateInstallationSubmit"]').first().prop('disabled') + ).toBeTruthy(); + + wrapper.setProps({ ...wrapper.props(), errors: { apiUrl: [], username: [], password: [] } }); + expect( + wrapper.find('[data-test-subj="snUpdateInstallationSubmit"]').first().prop('disabled') + ).toBeFalsy(); + + wrapper.setProps({ + ...wrapper.props(), + action: { ...actionConnector, secrets: { ...actionConnector.secrets, username: undefined } }, + }); + expect( + wrapper.find('[data-test-subj="snUpdateInstallationSubmit"]').first().prop('disabled') + ).toBeTruthy(); + }); + + it('should call editActionConfig when editing api url', () => { + const editActionConfig = jest.fn(); + const wrapper = mountUpdateConnector({ editActionConfig }); + + expect(editActionConfig).not.toHaveBeenCalled(); + wrapper + .find('input[data-test-subj="credentialsApiUrlFromInput"]') + .simulate('change', { target: { value: 'newUrl' } }); + expect(editActionConfig).toHaveBeenCalledWith('apiUrl', 'newUrl'); + }); + + it('should call editActionSecrets when editing username or password', () => { + const editActionSecrets = jest.fn(); + const wrapper = mountUpdateConnector({ editActionSecrets }); + + expect(editActionSecrets).not.toHaveBeenCalled(); + wrapper + .find('input[data-test-subj="connector-servicenow-username-form-input"]') + .simulate('change', { target: { value: 'new username' } }); + expect(editActionSecrets).toHaveBeenCalledWith('username', 'new username'); + + wrapper + .find('input[data-test-subj="connector-servicenow-password-form-input"]') + .simulate('change', { target: { value: 'new pass' } }); + + expect(editActionSecrets).toHaveBeenCalledTimes(2); + expect(editActionSecrets).toHaveBeenLastCalledWith('password', 'new pass'); + }); + + it('should confirm the update when submit button clicked', () => { + const onConfirm = jest.fn(); + const wrapper = mountUpdateConnector({ onConfirm }); + + expect(onConfirm).not.toHaveBeenCalled(); + wrapper.find('[data-test-subj="snUpdateInstallationSubmit"]').first().simulate('click'); + expect(onConfirm).toHaveBeenCalled(); + }); + + it('should cancel the update when cancel button clicked', () => { + const onCancel = jest.fn(); + const wrapper = mountUpdateConnector({ onCancel }); + + expect(onCancel).not.toHaveBeenCalled(); + wrapper.find('[data-test-subj="snUpdateInstallationCancel"]').first().simulate('click'); + expect(onCancel).toHaveBeenCalled(); + }); + + it('should show error message if present', () => { + const applicationInfoErrorMsg = 'some application error'; + const wrapper = mountUpdateConnector({ + applicationInfoErrorMsg, + }); + + expect(wrapper.find('[data-test-subj="snApplicationCallout"]').exists()).toBeTruthy(); + expect(wrapper.find('[data-test-subj="snApplicationCallout"]').first().text()).toContain( + applicationInfoErrorMsg + ); + }); +}); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/update_connector.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/update_connector.tsx new file mode 100644 index 000000000000000..02127eb6ff4f051 --- /dev/null +++ b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/update_connector.tsx @@ -0,0 +1,208 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { memo } from 'react'; +import { + EuiButton, + EuiButtonEmpty, + EuiFlexGroup, + EuiFlexItem, + EuiCallOut, + EuiFlyout, + EuiFlyoutHeader, + EuiTitle, + EuiFlyoutBody, + EuiFlyoutFooter, + EuiSteps, +} from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import { FormattedMessage } from '@kbn/i18n/react'; +import { ActionConnectorFieldsProps } from '../../../../../public/types'; +import { ServiceNowActionConnector } from './types'; +import { CredentialsApiUrl } from './credentials_api_url'; +import { isFieldInvalid } from './helpers'; +import { ApplicationRequiredCallout } from './application_required_callout'; +import { SNStoreLink } from './sn_store_button'; +import { CredentialsAuth } from './credentials_auth'; + +const title = i18n.translate( + 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.updateFormTitle', + { + defaultMessage: 'Update ServiceNow connector', + } +); + +const step1InstallTitle = i18n.translate( + 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.updateFormInstallTitle', + { + defaultMessage: 'Install the Elastic ServiceNow app', + } +); + +const step2InstanceUrlTitle = i18n.translate( + 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.updateFormUrlTitle', + { + defaultMessage: 'Enter your ServiceNow instance URL', + } +); + +const step3CredentialsTitle = i18n.translate( + 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.updateFormCredentialsTitle', + { + defaultMessage: 'Provide authentication credentials', + } +); + +const cancelButtonText = i18n.translate( + 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.cancelButtonText', + { + defaultMessage: 'Cancel', + } +); + +const confirmButtonText = i18n.translate( + 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.confirmButtonText', + { + defaultMessage: 'Update', + } +); + +const warningMessage = i18n.translate( + 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.warningMessage', + { + defaultMessage: 'This updates all instances of this connector and cannot be reversed.', + } +); + +export interface Props { + action: ActionConnectorFieldsProps['action']; + applicationInfoErrorMsg: string | null; + errors: ActionConnectorFieldsProps['errors']; + isLoading: boolean; + readOnly: boolean; + editActionSecrets: ActionConnectorFieldsProps['editActionSecrets']; + editActionConfig: ActionConnectorFieldsProps['editActionConfig']; + onCancel: () => void; + onConfirm: () => void; +} + +const UpdateConnectorComponent: React.FC = ({ + action, + applicationInfoErrorMsg, + errors, + isLoading, + readOnly, + editActionSecrets, + editActionConfig, + onCancel, + onConfirm, +}) => { + const { apiUrl } = action.config; + const { username, password } = action.secrets; + + const hasErrorsOrEmptyFields = + apiUrl === undefined || + username === undefined || + password === undefined || + isFieldInvalid(apiUrl, errors.apiUrl) || + isFieldInvalid(username, errors.username) || + isFieldInvalid(password, errors.password); + + return ( + + + +

{title}

+ + + + } + > + + , + }} + /> + ), + }, + { + title: step2InstanceUrlTitle, + children: ( + + ), + }, + { + title: step3CredentialsTitle, + children: ( + + ), + }, + ]} + /> + + + + {applicationInfoErrorMsg && ( + + )} + + + + + + + + {cancelButtonText} + + + + + {confirmButtonText} + + + + + + ); +}; + +export const UpdateConnector = memo(UpdateConnectorComponent); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/update_connector_modal.tsx b/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/update_connector_modal.tsx deleted file mode 100644 index b9d660f16dff7a9..000000000000000 --- a/x-pack/plugins/triggers_actions_ui/public/application/components/builtin_action_types/servicenow/update_connector_modal.tsx +++ /dev/null @@ -1,156 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React, { memo } from 'react'; -import { - EuiButton, - EuiButtonEmpty, - EuiFlexGroup, - EuiFlexItem, - EuiModal, - EuiModalBody, - EuiModalFooter, - EuiModalHeader, - EuiModalHeaderTitle, - EuiCallOut, - EuiTextColor, - EuiHorizontalRule, -} from '@elastic/eui'; -import { i18n } from '@kbn/i18n'; -import { ActionConnectorFieldsProps } from '../../../../../public/types'; -import { ServiceNowActionConnector } from './types'; -import { Credentials } from './credentials'; -import { isFieldInvalid } from './helpers'; -import { ApplicationRequiredCallout } from './application_required_callout'; - -const title = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.confirmationModalTitle', - { - defaultMessage: 'Update ServiceNow connector', - } -); - -const cancelButtonText = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.cancelButtonText', - { - defaultMessage: 'Cancel', - } -); - -const confirmButtonText = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.confirmButtonText', - { - defaultMessage: 'Update', - } -); - -const calloutTitle = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.modalCalloutTitle', - { - defaultMessage: - 'The Elastic App from the ServiceNow App Store must be installed prior to running the update.', - } -); - -const warningMessage = i18n.translate( - 'xpack.triggersActionsUI.components.builtinActionTypes.serviceNow.modalWarningMessage', - { - defaultMessage: 'This will update all instances of this connector. This can not be reversed.', - } -); - -interface Props { - action: ActionConnectorFieldsProps['action']; - applicationInfoErrorMsg: string | null; - errors: ActionConnectorFieldsProps['errors']; - isLoading: boolean; - readOnly: boolean; - editActionSecrets: ActionConnectorFieldsProps['editActionSecrets']; - editActionConfig: ActionConnectorFieldsProps['editActionConfig']; - onCancel: () => void; - onConfirm: () => void; -} - -const UpdateConnectorModalComponent: React.FC = ({ - action, - applicationInfoErrorMsg, - errors, - isLoading, - readOnly, - editActionSecrets, - editActionConfig, - onCancel, - onConfirm, -}) => { - const { apiUrl } = action.config; - const { username, password } = action.secrets; - - const hasErrorsOrEmptyFields = - apiUrl === undefined || - username === undefined || - password === undefined || - isFieldInvalid(apiUrl, errors.apiUrl) || - isFieldInvalid(username, errors.username) || - isFieldInvalid(password, errors.password); - - return ( - - - -

{title}

- - - - - - - - - - - - - {warningMessage} - - - - - {applicationInfoErrorMsg && ( - - )} - - - - - {cancelButtonText} - - {confirmButtonText} - - - - ); -}; - -export const UpdateConnectorModal = memo(UpdateConnectorModalComponent); diff --git a/x-pack/plugins/triggers_actions_ui/public/application/sections/actions_connectors_list/components/actions_connectors_list.tsx b/x-pack/plugins/triggers_actions_ui/public/application/sections/actions_connectors_list/components/actions_connectors_list.tsx index 04f2334f8e8fa60..844f28f0225477c 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/sections/actions_connectors_list/components/actions_connectors_list.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/sections/actions_connectors_list/components/actions_connectors_list.tsx @@ -5,6 +5,7 @@ * 2.0. */ +import { ClassNames } from '@emotion/react'; import React, { useState, useEffect } from 'react'; import { EuiInMemoryTable, @@ -24,6 +25,7 @@ import { import { i18n } from '@kbn/i18n'; import { omit } from 'lodash'; import { FormattedMessage } from '@kbn/i18n/react'; +import { withTheme, EuiTheme } from '../../../../../../../../src/plugins/kibana_react/common'; import { loadAllActions, loadActionTypes, deleteActions } from '../../../lib/action_connector_api'; import { hasDeleteActionsCapability, @@ -52,6 +54,33 @@ import { // eslint-disable-next-line @kbn/eslint/no-restricted-paths } from '../../../../../../actions/server/constants/connectors'; +const ConnectorIconTipWithSpacing = withTheme(({ theme }: { theme: EuiTheme }) => { + return ( + + {({ css }) => ( + + )} + + ); +}); + const ActionsConnectorsList: React.FunctionComponent = () => { const { http, @@ -204,23 +233,7 @@ const ActionsConnectorsList: React.FunctionComponent = () => { position="right" /> ) : null} - {showLegacyTooltip && ( - - )} + {showLegacyTooltip && } ); From 3b822bea52d04126138ab2fe26f3b6dc2a888a57 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20S=C3=A1nchez?= Date: Mon, 18 Oct 2021 14:54:38 +0200 Subject: [PATCH 23/50] [Security Solution][Endpoint] Adjustments to the implementation of the new artifact card (#114834) * Ui changes and add skeleton when loading policies * Fix tests * Changes in context menu for effect scope * Addjust card header and title * Adjust marging for operator in critera conditions * Fix and adds unit tests * fix multilang key * Fix ts error * Addressed pr comments * Fixes unit tests and changed prop name. Also set max-width to 50% for hover info * Don't render flexItem if no needed * Fixes unit test Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../use_navigate_to_app_event_handler.ts | 7 +- .../artifact_entry_card.test.tsx | 4 +- .../artifact_entry_card.tsx | 5 +- .../components/card_header.tsx | 4 +- .../components/card_section_panel.tsx | 7 +- .../components/card_sub_header.tsx | 18 +- .../components/criteria_conditions.tsx | 10 +- .../components/date_field_value.tsx | 16 +- .../components/effect_scope.tsx | 60 +- .../components/text_value_display.tsx | 27 +- .../components/touched_by_users.tsx | 13 +- .../components/translations.ts | 8 + .../context_menu_item_nav_by_router.tsx | 81 +- .../context_menu_with_router_support.test.tsx | 19 + .../context_menu_with_router_support.tsx | 53 +- .../list/policy_trusted_apps_list.test.tsx | 4 +- .../pages/trusted_apps/store/selectors.ts | 5 + .../__snapshots__/index.test.tsx.snap | 876 +++++++++--------- .../components/trusted_apps_grid/index.tsx | 7 +- 19 files changed, 736 insertions(+), 488 deletions(-) diff --git a/x-pack/plugins/security_solution/public/common/hooks/endpoint/use_navigate_to_app_event_handler.ts b/x-pack/plugins/security_solution/public/common/hooks/endpoint/use_navigate_to_app_event_handler.ts index 05e1c2c4dca816d..ed75e3bbbe926cf 100644 --- a/x-pack/plugins/security_solution/public/common/hooks/endpoint/use_navigate_to_app_event_handler.ts +++ b/x-pack/plugins/security_solution/public/common/hooks/endpoint/use_navigate_to_app_event_handler.ts @@ -37,7 +37,8 @@ export const useNavigateToAppEventHandler = ( options?: NavigateToAppHandlerOptions ): EventHandlerCallback => { const { services } = useKibana(); - const { path, state, onClick, deepLinkId } = options || {}; + const { path, state, onClick, deepLinkId, openInNewTab } = options || {}; + return useCallback( (ev) => { try { @@ -70,8 +71,8 @@ export const useNavigateToAppEventHandler = ( } ev.preventDefault(); - services.application.navigateToApp(appId, { deepLinkId, path, state }); + services.application.navigateToApp(appId, { deepLinkId, path, state, openInNewTab }); }, - [appId, deepLinkId, onClick, path, services.application, state] + [appId, deepLinkId, onClick, path, services.application, state, openInNewTab] ); }; diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.test.tsx b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.test.tsx index 50500a789fd4e15..cadaa375e718f45 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.test.tsx +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.test.tsx @@ -198,7 +198,9 @@ describe.each([ renderResult.getByTestId('testCard-subHeader-effectScope-popupMenu-popoverPanel') ).not.toBeNull(); - expect(renderResult.getByTestId('policyMenuItem').textContent).toEqual('Policy one'); + expect(renderResult.getByTestId('policyMenuItem').textContent).toEqual( + 'Policy oneView details' + ); }); it('should display policy ID if no policy menu item found in `policies` prop', async () => { diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.tsx b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.tsx index bee9a63c9cf69ea..e974557c36e0a3f 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.tsx +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.tsx @@ -33,6 +33,7 @@ export interface CommonArtifactEntryCardProps extends CommonProps { * `Record`. */ policies?: MenuItemPropsByPolicyId; + loadingPoliciesList?: boolean; } export interface ArtifactEntryCardProps extends CommonArtifactEntryCardProps { @@ -50,6 +51,7 @@ export const ArtifactEntryCard = memo( ({ item, policies, + loadingPoliciesList = false, actions, hideDescription = false, hideComments = false, @@ -74,10 +76,11 @@ export const ArtifactEntryCard = memo( createdBy={artifact.created_by} updatedBy={artifact.updated_by} policies={policyNavLinks} + loadingPoliciesList={loadingPoliciesList} data-test-subj={getTestId('subHeader')} /> - + {!hideDescription ? ( diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/card_header.tsx b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/card_header.tsx index 6964f5b339312f7..c1f3f257b278aba 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/card_header.tsx +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/card_header.tsx @@ -24,9 +24,9 @@ export const CardHeader = memo( const getTestId = useTestIdGenerator(dataTestSubj); return ( - + - +

{name}

diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/card_section_panel.tsx b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/card_section_panel.tsx index 1d694ab1771d391..75e55a72f7f07df 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/card_section_panel.tsx +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/card_section_panel.tsx @@ -6,6 +6,7 @@ */ import React, { memo } from 'react'; +import styled from 'styled-components'; import { EuiPanel, EuiPanelProps } from '@elastic/eui'; export type CardSectionPanelProps = Exclude< @@ -13,7 +14,11 @@ export type CardSectionPanelProps = Exclude< 'hasBorder' | 'hasShadow' | 'paddingSize' >; +const StyledEuiPanel = styled(EuiPanel)` + padding: 32px; +`; + export const CardSectionPanel = memo((props) => { - return ; + return ; }); CardSectionPanel.displayName = 'CardSectionPanel'; diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/card_sub_header.tsx b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/card_sub_header.tsx index fd787c01e50ff1c..e502fd741115c63 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/card_sub_header.tsx +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/card_sub_header.tsx @@ -13,10 +13,18 @@ import { useTestIdGenerator } from '../../hooks/use_test_id_generator'; export type SubHeaderProps = TouchedByUsersProps & EffectScopeProps & - Pick; + Pick & { + loadingPoliciesList?: boolean; + }; export const CardSubHeader = memo( - ({ createdBy, updatedBy, policies, 'data-test-subj': dataTestSubj }) => { + ({ + createdBy, + updatedBy, + policies, + loadingPoliciesList = false, + 'data-test-subj': dataTestSubj, + }) => { const getTestId = useTestIdGenerator(dataTestSubj); return ( @@ -29,7 +37,11 @@ export const CardSubHeader = memo( /> - + ); diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/criteria_conditions.tsx b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/criteria_conditions.tsx index 260db313ced362d..c5347542ae8bc9f 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/criteria_conditions.tsx +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/criteria_conditions.tsx @@ -49,6 +49,10 @@ const EuiFlexItemNested = styled(EuiFlexItem)` margin-top: 6px !important; `; +const StyledCondition = styled('span')` + margin-right: 6px; +`; + export type CriteriaConditionsProps = Pick & Pick; @@ -108,7 +112,11 @@ export const CriteriaConditions = memo( {entries.map(({ field, type, value, entries: nestedEntries = [] }) => { return (
- + {CONDITION_AND}} + value={field} + color="subdued" + /> { date: FormattedRelativePreferenceDateProps['value']; type: 'update' | 'create'; @@ -25,10 +30,15 @@ export const DateFieldValue = memo( const getTestId = useTestIdGenerator(dataTestSubj); return ( - - + + - + ` // This should dispaly it as "Applied t o 3 policies", but NOT as a menu with links +const StyledWithContextMenuShiftedWrapper = styled('div')` + margin-left: -10px; +`; + +const StyledEuiButtonEmpty = styled(EuiButtonEmpty)` + height: 10px !important; +`; export interface EffectScopeProps extends Pick { /** If set (even if empty), then effect scope will be policy specific. Else, it shows as global */ policies?: ContextMenuItemNavByRouterProps[]; + loadingPoliciesList?: boolean; } export const EffectScope = memo( - ({ policies, 'data-test-subj': dataTestSubj }) => { + ({ policies, loadingPoliciesList = false, 'data-test-subj': dataTestSubj }) => { const getTestId = useTestIdGenerator(dataTestSubj); const [icon, label] = useMemo(() => { @@ -43,18 +57,24 @@ export const EffectScope = memo( data-test-subj={dataTestSubj} > - + - {label} + {label} ); return policies && policies.length ? ( - - {effectiveScopeLabel} - + + + {effectiveScopeLabel} + + ) : ( effectiveScopeLabel ); @@ -65,22 +85,40 @@ EffectScope.displayName = 'EffectScope'; type WithContextMenuProps = Pick & PropsWithChildren<{ policies: Required['policies']; - }>; + }> & { + loadingPoliciesList?: boolean; + }; export const WithContextMenu = memo( - ({ policies, children, 'data-test-subj': dataTestSubj }) => { + ({ policies, loadingPoliciesList = false, children, 'data-test-subj': dataTestSubj }) => { const getTestId = useTestIdGenerator(dataTestSubj); + const hoverInfo = useMemo( + () => ( + + + + ), + [] + ); return ( 1 ? 'rightCenter' : 'rightUp'} data-test-subj={dataTestSubj} + loading={loadingPoliciesList} + hoverInfo={hoverInfo} button={ - + {children} } + title={POLICY_EFFECT_SCOPE_TITLE(policies.length)} /> ); } diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/text_value_display.tsx b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/text_value_display.tsx index 3843d7992bdf25e..b7e085a1f43c26b 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/text_value_display.tsx +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/text_value_display.tsx @@ -12,23 +12,26 @@ import classNames from 'classnames'; export type TextValueDisplayProps = PropsWithChildren<{ bold?: boolean; truncate?: boolean; + size?: 'xs' | 's' | 'm' | 'relative'; }>; /** * Common component for displaying consistent text across the card. Changes here could impact all of * display of values on the card */ -export const TextValueDisplay = memo(({ bold, truncate, children }) => { - const cssClassNames = useMemo(() => { - return classNames({ - 'eui-textTruncate': truncate, - }); - }, [truncate]); +export const TextValueDisplay = memo( + ({ bold, truncate, size = 's', children }) => { + const cssClassNames = useMemo(() => { + return classNames({ + 'eui-textTruncate': truncate, + }); + }, [truncate]); - return ( - - {bold ? {children} : children} - - ); -}); + return ( + + {bold ? {children} : children} + + ); + } +); TextValueDisplay.displayName = 'TextValueDisplay'; diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/touched_by_users.tsx b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/touched_by_users.tsx index d897b6caaa45d26..6d9be470108f6b3 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/touched_by_users.tsx +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/touched_by_users.tsx @@ -7,10 +7,15 @@ import React, { memo } from 'react'; import { CommonProps, EuiAvatar, EuiBadge, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; +import styled from 'styled-components'; import { CREATED_BY, LAST_UPDATED_BY } from './translations'; import { TextValueDisplay } from './text_value_display'; import { useTestIdGenerator } from '../../hooks/use_test_id_generator'; +const StyledEuiFlexItem = styled(EuiFlexItem)` + margin: 6px; +`; + export interface TouchedByUsersProps extends Pick { createdBy: string; updatedBy: string; @@ -59,10 +64,10 @@ const UserName = memo(({ label, value, 'data-test-subj': dataTest responsive={false} data-test-subj={dataTestSubj} > - + {label} - - + + @@ -75,7 +80,7 @@ const UserName = memo(({ label, value, 'data-test-subj': dataTest {value} - + ); }); diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/translations.ts b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/translations.ts index 512724b66d50e6c..4cdae5238a1ac99 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/translations.ts +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/translations.ts @@ -39,6 +39,14 @@ export const POLICY_EFFECT_SCOPE = (policyCount = 0) => { }); }; +export const POLICY_EFFECT_SCOPE_TITLE = (policyCount = 0) => + i18n.translate('xpack.securitySolution.artifactCard.policyEffectScope.title', { + defaultMessage: 'Applied to the following {count, plural, one {policy} other {policies}}', + values: { + count: policyCount, + }, + }); + export const CONDITION_OPERATOR_TYPE_MATCH = i18n.translate( 'xpack.securitySolution.artifactCard.conditions.matchOperator', { diff --git a/x-pack/plugins/security_solution/public/management/components/context_menu_with_router_support/context_menu_item_nav_by_router.tsx b/x-pack/plugins/security_solution/public/management/components/context_menu_with_router_support/context_menu_item_nav_by_router.tsx index b955d9fe71db76c..1a410c977b0d21a 100644 --- a/x-pack/plugins/security_solution/public/management/components/context_menu_with_router_support/context_menu_item_nav_by_router.tsx +++ b/x-pack/plugins/security_solution/public/management/components/context_menu_with_router_support/context_menu_item_nav_by_router.tsx @@ -6,7 +6,13 @@ */ import React, { memo } from 'react'; -import { EuiContextMenuItem, EuiContextMenuItemProps } from '@elastic/eui'; +import { + EuiContextMenuItem, + EuiContextMenuItemProps, + EuiFlexGroup, + EuiFlexItem, +} from '@elastic/eui'; +import styled from 'styled-components'; import { NavigateToAppOptions } from 'kibana/public'; import { useNavigateToAppEventHandler } from '../../../common/hooks/endpoint/use_navigate_to_app_event_handler'; import { useTestIdGenerator } from '../hooks/use_test_id_generator'; @@ -22,15 +28,42 @@ export interface ContextMenuItemNavByRouterProps extends EuiContextMenuItemProps * is set on the menu component, this prop will be overridden */ textTruncate?: boolean; + /** Displays an additional info when hover an item */ + hoverInfo?: React.ReactNode; children: React.ReactNode; } +const StyledEuiContextMenuItem = styled(EuiContextMenuItem)` + .additional-info { + display: none; + } + &:hover { + .additional-info { + display: block !important; + } + } +`; + +const StyledEuiFlexItem = styled('div')` + max-width: 50%; + padding-right: 10px; +`; + /** * Just like `EuiContextMenuItem`, but allows for additional props to be defined which will * allow navigation to a URL path via React Router */ + export const ContextMenuItemNavByRouter = memo( - ({ navigateAppId, navigateOptions, onClick, textTruncate, children, ...otherMenuItemProps }) => { + ({ + navigateAppId, + navigateOptions, + onClick, + textTruncate, + hoverInfo, + children, + ...otherMenuItemProps + }) => { const handleOnClickViaNavigateToApp = useNavigateToAppEventHandler(navigateAppId ?? '', { ...navigateOptions, onClick, @@ -38,25 +71,37 @@ export const ContextMenuItemNavByRouter = memo( const getTestId = useTestIdGenerator(otherMenuItemProps['data-test-subj']); return ( - - {textTruncate ? ( -
- {children} -
- ) : ( - children - )} - + + {textTruncate ? ( + <> +
+ {children} +
+ {hoverInfo && ( + {hoverInfo} + )} + + ) : ( + <> + {children} + {hoverInfo && ( + {hoverInfo} + )} + + )} + + ); } ); diff --git a/x-pack/plugins/security_solution/public/management/components/context_menu_with_router_support/context_menu_with_router_support.test.tsx b/x-pack/plugins/security_solution/public/management/components/context_menu_with_router_support/context_menu_with_router_support.test.tsx index 8efa320c1789fa6..ae343a57c734ff4 100644 --- a/x-pack/plugins/security_solution/public/management/components/context_menu_with_router_support/context_menu_with_router_support.test.tsx +++ b/x-pack/plugins/security_solution/public/management/components/context_menu_with_router_support/context_menu_with_router_support.test.tsx @@ -130,4 +130,23 @@ describe('When using the ContextMenuWithRouterSupport component', () => { expect.objectContaining({ path: '/one/two/three' }) ); }); + + it('should display loading state', () => { + render({ loading: true }); + clickMenuTriggerButton(); + expect(renderResult.getByTestId('testMenu-item-loading-1')).not.toBeNull(); + expect(renderResult.getByTestId('testMenu-item-loading-2')).not.toBeNull(); + }); + + it('should display view details button when prop', () => { + render({ hoverInfo: 'test' }); + clickMenuTriggerButton(); + expect(renderResult.getByTestId('testMenu-item-1').textContent).toEqual('click me 2test'); + }); + + it("shouldn't display view details button when no prop", () => { + render(); + clickMenuTriggerButton(); + expect(renderResult.getByTestId('testMenu-item-1').textContent).toEqual('click me 2'); + }); }); diff --git a/x-pack/plugins/security_solution/public/management/components/context_menu_with_router_support/context_menu_with_router_support.tsx b/x-pack/plugins/security_solution/public/management/components/context_menu_with_router_support/context_menu_with_router_support.tsx index 6e33ad9218bb648..cc9b652ff9344da 100644 --- a/x-pack/plugins/security_solution/public/management/components/context_menu_with_router_support/context_menu_with_router_support.tsx +++ b/x-pack/plugins/security_solution/public/management/components/context_menu_with_router_support/context_menu_with_router_support.tsx @@ -12,6 +12,8 @@ import { EuiContextMenuPanelProps, EuiPopover, EuiPopoverProps, + EuiPopoverTitle, + EuiLoadingContent, } from '@elastic/eui'; import uuid from 'uuid'; import { @@ -30,6 +32,16 @@ export interface ContextMenuWithRouterSupportProps * overwritten to `true`. Setting this prop's value to `undefined` will suppress the default behaviour. */ maxWidth?: CSSProperties['maxWidth']; + /** + * The max height for the popup menu. Default is `255px`. + */ + maxHeight?: CSSProperties['maxHeight']; + /** + * It makes the panel scrollable + */ + title?: string; + loading?: boolean; + hoverInfo?: React.ReactNode; } /** @@ -38,7 +50,18 @@ export interface ContextMenuWithRouterSupportProps * Menu also supports automatically closing the popup when an item is clicked. */ export const ContextMenuWithRouterSupport = memo( - ({ items, button, panelPaddingSize, anchorPosition, maxWidth = '32ch', ...commonProps }) => { + ({ + items, + button, + panelPaddingSize, + anchorPosition, + maxWidth = '32ch', + maxHeight = '255px', + title, + loading = false, + hoverInfo, + ...commonProps + }) => { const getTestId = useTestIdGenerator(commonProps['data-test-subj']); const [isOpen, setIsOpen] = useState(false); @@ -51,12 +74,22 @@ export const ContextMenuWithRouterSupport = memo { return items.map((itemProps, index) => { + if (loading) { + return ( + + ); + } return ( { handleCloseMenu(); if (itemProps.onClick) { @@ -66,7 +99,7 @@ export const ContextMenuWithRouterSupport = memo ); }); - }, [getTestId, handleCloseMenu, items, maxWidth]); + }, [getTestId, handleCloseMenu, items, maxWidth, loading, hoverInfo]); type AdditionalPanelProps = Partial>; const additionalContextMenuPanelProps = useMemo(() => { @@ -79,8 +112,15 @@ export const ContextMenuWithRouterSupport = memo - + {title ? {title} : null} + ); } diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/list/policy_trusted_apps_list.test.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/list/policy_trusted_apps_list.test.tsx index 316b70064d9db07..232672716f5c502 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/list/policy_trusted_apps_list.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/list/policy_trusted_apps_list.test.tsx @@ -244,11 +244,11 @@ describe('when rendering the PolicyTrustedAppsList', () => { expect( renderResult.getByTestId('policyTrustedAppsGrid-card-header-effectScope-popupMenu-item-0') .textContent - ).toEqual('Endpoint Policy 0'); + ).toEqual('Endpoint Policy 0View details'); expect( renderResult.getByTestId('policyTrustedAppsGrid-card-header-effectScope-popupMenu-item-1') .textContent - ).toEqual('Endpoint Policy 1'); + ).toEqual('Endpoint Policy 1View details'); }); it('should navigate to policy details when clicking policy on assignment context menu', async () => { diff --git a/x-pack/plugins/security_solution/public/management/pages/trusted_apps/store/selectors.ts b/x-pack/plugins/security_solution/public/management/pages/trusted_apps/store/selectors.ts index b8c2018cd87874e..c780f480008792f 100644 --- a/x-pack/plugins/security_solution/public/management/pages/trusted_apps/store/selectors.ts +++ b/x-pack/plugins/security_solution/public/management/pages/trusted_apps/store/selectors.ts @@ -228,6 +228,11 @@ export const listOfPolicies: ( return isLoadedResourceState(policies) ? policies.data.items : []; }); +export const isLoadingListOfPolicies: (state: Immutable) => boolean = + createSelector(policiesState, (policies) => { + return isLoadingResourceState(policies); + }); + export const getMapOfPoliciesById: ( state: Immutable ) => Immutable>> = createSelector( diff --git a/x-pack/plugins/security_solution/public/management/pages/trusted_apps/view/components/trusted_apps_grid/__snapshots__/index.test.tsx.snap b/x-pack/plugins/security_solution/public/management/pages/trusted_apps/view/components/trusted_apps_grid/__snapshots__/index.test.tsx.snap index e2b5ad43e40f248..89b21ae36e8e66a 100644 --- a/x-pack/plugins/security_solution/public/management/pages/trusted_apps/view/components/trusted_apps_grid/__snapshots__/index.test.tsx.snap +++ b/x-pack/plugins/security_solution/public/management/pages/trusted_apps/view/components/trusted_apps_grid/__snapshots__/index.test.tsx.snap @@ -385,10 +385,22 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = ` position: relative; } +.c5 { + padding-top: 2px; +} + +.c6 { + margin: 6px; +} + .c3.artifactEntryCard + .c2.artifactEntryCard { margin-top: 24px; } +.c4 { + padding: 32px; +} + .c0 .trusted-app + .trusted-app { margin-top: 24px; } @@ -411,17 +423,17 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = ` data-test-subj="trustedAppCard" >
Applied globally
@@ -731,7 +743,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = `
Applied globally
@@ -1114,7 +1126,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = `
Applied globally
@@ -1497,7 +1509,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = `
Applied globally
@@ -1880,7 +1892,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = `
Applied globally
@@ -2263,7 +2275,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = `
Applied globally
@@ -2646,7 +2658,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = `
Applied globally
@@ -3029,7 +3041,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = `
Applied globally
@@ -3412,7 +3424,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = `
Applied globally
@@ -3795,7 +3807,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = `
Applied globally
@@ -4178,7 +4190,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = `
Applied globally
@@ -4856,7 +4880,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time
Applied globally
@@ -5239,7 +5263,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time
Applied globally
@@ -5622,7 +5646,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time
Applied globally
@@ -6005,7 +6029,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time
Applied globally
@@ -6388,7 +6412,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time
Applied globally
@@ -6771,7 +6795,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time
Applied globally
@@ -7154,7 +7178,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time
Applied globally
@@ -7537,7 +7561,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time
Applied globally
@@ -7920,7 +7944,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time
Applied globally
@@ -8303,7 +8327,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time
Applied globally
@@ -8938,7 +8974,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not
Applied globally
@@ -9321,7 +9357,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not
Applied globally
@@ -9704,7 +9740,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not
Applied globally
@@ -10087,7 +10123,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not
Applied globally
@@ -10470,7 +10506,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not
Applied globally
@@ -10853,7 +10889,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not
Applied globally
@@ -11236,7 +11272,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not
Applied globally
@@ -11619,7 +11655,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not
Applied globally
@@ -12002,7 +12038,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not
Applied globally
@@ -12385,7 +12421,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not
{ const error = useTrustedAppsSelector(getListErrorMessage); const location = useTrustedAppsSelector(getCurrentLocation); const policyListById = useTrustedAppsSelector(getMapOfPoliciesById); + const loadingPoliciesList = useTrustedAppsSelector(isLoadingListOfPolicies); const handlePaginationChange: PaginatedContentProps< TrustedApp, @@ -129,13 +131,13 @@ export const TrustedAppsGrid = memo(() => { }; policyToNavOptionsMap[policyId] = { - navigateAppId: APP_ID, navigateOptions: { path: policyDetailsPath, state: routeState, }, href: getAppUrl({ path: policyDetailsPath }), children: policyListById[policyId]?.name ?? policyId, + target: '_blank', }; return policyToNavOptionsMap; }, {}); @@ -144,6 +146,7 @@ export const TrustedAppsGrid = memo(() => { cachedCardProps[trustedApp.id] = { item: trustedApp, policies, + loadingPoliciesList, hideComments: true, 'data-test-subj': 'trustedAppCard', actions: [ @@ -177,7 +180,7 @@ export const TrustedAppsGrid = memo(() => { } return cachedCardProps; - }, [dispatch, getAppUrl, history, listItems, location, policyListById]); + }, [dispatch, getAppUrl, history, listItems, location, policyListById, loadingPoliciesList]); const handleArtifactCardProps = useCallback( (trustedApp: TrustedApp) => { From fa183ffc8bd92b01592785013d06e776684cd650 Mon Sep 17 00:00:00 2001 From: Michael Katsoulis Date: Mon, 18 Oct 2021 16:01:52 +0300 Subject: [PATCH 24/50] In case of kubernetes integartion detected return manifest in standalone agent layout instead of policy (#114439) * In case of kubernetes integartion detected return manifest in standalone agent layout instead of policy --- x-pack/plugins/fleet/common/constants/epm.ts | 4 + .../fleet/common/services/agent_cm_to_yaml.ts | 34 +++ .../fleet/common/types/models/agent_cm.ts | 29 +++ .../common/types/rest_spec/agent_policy.ts | 4 + .../standalone_instructions.tsx | 165 ++++++++++--- .../public/hooks/use_request/agent_policy.ts | 2 +- .../server/routes/agent_policy/handlers.ts | 134 +++++++---- .../agent_policies/full_agent_policy.ts | 10 +- .../fleet/server/services/agent_policy.ts | 43 +++- .../server/services/elastic_agent_manifest.ts | 222 ++++++++++++++++++ .../server/types/rest_spec/agent_policy.ts | 1 + 11 files changed, 568 insertions(+), 80 deletions(-) create mode 100644 x-pack/plugins/fleet/common/services/agent_cm_to_yaml.ts create mode 100644 x-pack/plugins/fleet/common/types/models/agent_cm.ts create mode 100644 x-pack/plugins/fleet/server/services/elastic_agent_manifest.ts diff --git a/x-pack/plugins/fleet/common/constants/epm.ts b/x-pack/plugins/fleet/common/constants/epm.ts index 131cc276fc0733b..734d578687bcd44 100644 --- a/x-pack/plugins/fleet/common/constants/epm.ts +++ b/x-pack/plugins/fleet/common/constants/epm.ts @@ -15,6 +15,10 @@ export const FLEET_SERVER_PACKAGE = 'fleet_server'; export const FLEET_ENDPOINT_PACKAGE = 'endpoint'; export const FLEET_APM_PACKAGE = 'apm'; export const FLEET_SYNTHETICS_PACKAGE = 'synthetics'; +export const FLEET_KUBERNETES_PACKAGE = 'kubernetes'; +export const KUBERNETES_RUN_INSTRUCTIONS = + 'kubectl apply -f elastic-agent-standalone-kubernetes.yaml'; +export const STANDALONE_RUN_INSTRUCTIONS = './elastic-agent install'; /* Package rules: diff --git a/x-pack/plugins/fleet/common/services/agent_cm_to_yaml.ts b/x-pack/plugins/fleet/common/services/agent_cm_to_yaml.ts new file mode 100644 index 000000000000000..5987110d7752fbf --- /dev/null +++ b/x-pack/plugins/fleet/common/services/agent_cm_to_yaml.ts @@ -0,0 +1,34 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { safeDump } from 'js-yaml'; + +import type { FullAgentConfigMap } from '../types/models/agent_cm'; + +const CM_KEYS_ORDER = ['apiVersion', 'kind', 'metadata', 'data']; + +export const fullAgentConfigMapToYaml = ( + policy: FullAgentConfigMap, + toYaml: typeof safeDump +): string => { + return toYaml(policy, { + skipInvalid: true, + sortKeys: (keyA: string, keyB: string) => { + const indexA = CM_KEYS_ORDER.indexOf(keyA); + const indexB = CM_KEYS_ORDER.indexOf(keyB); + if (indexA >= 0 && indexB < 0) { + return -1; + } + + if (indexA < 0 && indexB >= 0) { + return 1; + } + + return indexA - indexB; + }, + }); +}; diff --git a/x-pack/plugins/fleet/common/types/models/agent_cm.ts b/x-pack/plugins/fleet/common/types/models/agent_cm.ts new file mode 100644 index 000000000000000..bd8200c96ad88b9 --- /dev/null +++ b/x-pack/plugins/fleet/common/types/models/agent_cm.ts @@ -0,0 +1,29 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { FullAgentPolicy } from './agent_policy'; + +export interface FullAgentConfigMap { + apiVersion: string; + kind: string; + metadata: Metadata; + data: AgentYML; +} + +interface Metadata { + name: string; + namespace: string; + labels: Labels; +} + +interface Labels { + 'k8s-app': string; +} + +interface AgentYML { + 'agent.yml': FullAgentPolicy; +} diff --git a/x-pack/plugins/fleet/common/types/rest_spec/agent_policy.ts b/x-pack/plugins/fleet/common/types/rest_spec/agent_policy.ts index 927368694693a69..0975b1e28fb8bf0 100644 --- a/x-pack/plugins/fleet/common/types/rest_spec/agent_policy.ts +++ b/x-pack/plugins/fleet/common/types/rest_spec/agent_policy.ts @@ -78,3 +78,7 @@ export interface GetFullAgentPolicyRequest { export interface GetFullAgentPolicyResponse { item: FullAgentPolicy; } + +export interface GetFullAgentConfigMapResponse { + item: string; +} diff --git a/x-pack/plugins/fleet/public/components/agent_enrollment_flyout/standalone_instructions.tsx b/x-pack/plugins/fleet/public/components/agent_enrollment_flyout/standalone_instructions.tsx index d7b9ae2aef08a8a..99e8809923140b9 100644 --- a/x-pack/plugins/fleet/public/components/agent_enrollment_flyout/standalone_instructions.tsx +++ b/x-pack/plugins/fleet/public/components/agent_enrollment_flyout/standalone_instructions.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import React, { useState, useEffect, useMemo } from 'react'; +import React, { useState, useEffect } from 'react'; import { EuiSteps, EuiText, @@ -23,16 +23,27 @@ import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; import { safeDump } from 'js-yaml'; -import { useStartServices, useLink, sendGetOneAgentPolicyFull } from '../../hooks'; +import { + useStartServices, + useLink, + sendGetOneAgentPolicyFull, + sendGetOneAgentPolicy, +} from '../../hooks'; import { fullAgentPolicyToYaml, agentPolicyRouteService } from '../../services'; +import type { PackagePolicy } from '../../../common'; + +import { + FLEET_KUBERNETES_PACKAGE, + KUBERNETES_RUN_INSTRUCTIONS, + STANDALONE_RUN_INSTRUCTIONS, +} from '../../../common'; + import { DownloadStep, AgentPolicySelectionStep } from './steps'; import type { BaseProps } from './types'; type Props = BaseProps; -const RUN_INSTRUCTIONS = './elastic-agent install'; - export const StandaloneInstructions = React.memo(({ agentPolicy, agentPolicies }) => { const { getHref } = useLink(); const core = useStartServices(); @@ -40,12 +51,34 @@ export const StandaloneInstructions = React.memo(({ agentPolicy, agentPol const [selectedPolicyId, setSelectedPolicyId] = useState(agentPolicy?.id); const [fullAgentPolicy, setFullAgentPolicy] = useState(); + const [isK8s, setIsK8s] = useState<'IS_LOADING' | 'IS_KUBERNETES' | 'IS_NOT_KUBERNETES'>( + 'IS_LOADING' + ); + const [yaml, setYaml] = useState(''); + const runInstructions = + isK8s === 'IS_KUBERNETES' ? KUBERNETES_RUN_INSTRUCTIONS : STANDALONE_RUN_INSTRUCTIONS; - const downloadLink = selectedPolicyId - ? core.http.basePath.prepend( - `${agentPolicyRouteService.getInfoFullDownloadPath(selectedPolicyId)}?standalone=true` - ) - : undefined; + useEffect(() => { + async function checkifK8s() { + if (!selectedPolicyId) { + return; + } + const agentPolicyRequest = await sendGetOneAgentPolicy(selectedPolicyId); + const agentPol = agentPolicyRequest.data ? agentPolicyRequest.data.item : null; + + if (!agentPol) { + setIsK8s('IS_NOT_KUBERNETES'); + return; + } + const k8s = (pkg: PackagePolicy) => pkg.package?.name === FLEET_KUBERNETES_PACKAGE; + setIsK8s( + (agentPol.package_policies as PackagePolicy[]).some(k8s) + ? 'IS_KUBERNETES' + : 'IS_NOT_KUBERNETES' + ); + } + checkifK8s(); + }, [selectedPolicyId, notifications.toasts]); useEffect(() => { async function fetchFullPolicy() { @@ -53,7 +86,11 @@ export const StandaloneInstructions = React.memo(({ agentPolicy, agentPol if (!selectedPolicyId) { return; } - const res = await sendGetOneAgentPolicyFull(selectedPolicyId, { standalone: true }); + let query = { standalone: true, kubernetes: false }; + if (isK8s === 'IS_KUBERNETES') { + query = { standalone: true, kubernetes: true }; + } + const res = await sendGetOneAgentPolicyFull(selectedPolicyId, query); if (res.error) { throw res.error; } @@ -61,7 +98,6 @@ export const StandaloneInstructions = React.memo(({ agentPolicy, agentPol if (!res.data) { throw new Error('No data while fetching full agent policy'); } - setFullAgentPolicy(res.data.item); } catch (error) { notifications.toasts.addError(error, { @@ -69,10 +105,86 @@ export const StandaloneInstructions = React.memo(({ agentPolicy, agentPol }); } } - fetchFullPolicy(); - }, [selectedPolicyId, notifications.toasts]); + if (isK8s !== 'IS_LOADING') { + fetchFullPolicy(); + } + }, [selectedPolicyId, notifications.toasts, isK8s, core.http.basePath]); + + useEffect(() => { + if (isK8s === 'IS_KUBERNETES') { + if (typeof fullAgentPolicy === 'object') { + return; + } + setYaml(fullAgentPolicy); + } else { + if (typeof fullAgentPolicy === 'string') { + return; + } + setYaml(fullAgentPolicyToYaml(fullAgentPolicy, safeDump)); + } + }, [fullAgentPolicy, isK8s]); + + const policyMsg = + isK8s === 'IS_KUBERNETES' ? ( + ES_USERNAME, + ESPasswordVariable: ES_PASSWORD, + }} + /> + ) : ( + elastic-agent.yml, + ESUsernameVariable: ES_USERNAME, + ESPasswordVariable: ES_PASSWORD, + outputSection: outputs, + }} + /> + ); + + let downloadLink = ''; + if (selectedPolicyId) { + downloadLink = + isK8s === 'IS_KUBERNETES' + ? core.http.basePath.prepend( + `${agentPolicyRouteService.getInfoFullDownloadPath(selectedPolicyId)}?kubernetes=true` + ) + : core.http.basePath.prepend( + `${agentPolicyRouteService.getInfoFullDownloadPath(selectedPolicyId)}?standalone=true` + ); + } + + const downloadMsg = + isK8s === 'IS_KUBERNETES' ? ( + + ) : ( + + ); + + const applyMsg = + isK8s === 'IS_KUBERNETES' ? ( + + ) : ( + + ); - const yaml = useMemo(() => fullAgentPolicyToYaml(fullAgentPolicy, safeDump), [fullAgentPolicy]); const steps = [ DownloadStep(), !agentPolicy @@ -85,16 +197,7 @@ export const StandaloneInstructions = React.memo(({ agentPolicy, agentPol children: ( <> - elastic-agent.yml, - ESUsernameVariable: ES_USERNAME, - ESPasswordVariable: ES_PASSWORD, - outputSection: outputs, - }} - /> + <>{policyMsg} @@ -111,10 +214,7 @@ export const StandaloneInstructions = React.memo(({ agentPolicy, agentPol - + <>{downloadMsg} @@ -133,14 +233,11 @@ export const StandaloneInstructions = React.memo(({ agentPolicy, agentPol children: ( <> - + <>{applyMsg} - {RUN_INSTRUCTIONS} + {runInstructions} - + {(copy) => ( { export const sendGetOneAgentPolicyFull = ( agentPolicyId: string, - query: { standalone?: boolean } = {} + query: { standalone?: boolean; kubernetes?: boolean } = {} ) => { return sendRequest({ path: agentPolicyRouteService.getInfoFullPath(agentPolicyId), diff --git a/x-pack/plugins/fleet/server/routes/agent_policy/handlers.ts b/x-pack/plugins/fleet/server/routes/agent_policy/handlers.ts index b3197d918d2312e..c3da75183f58129 100644 --- a/x-pack/plugins/fleet/server/routes/agent_policy/handlers.ts +++ b/x-pack/plugins/fleet/server/routes/agent_policy/handlers.ts @@ -34,6 +34,7 @@ import type { CopyAgentPolicyResponse, DeleteAgentPolicyResponse, GetFullAgentPolicyResponse, + GetFullAgentConfigMapResponse, } from '../../../common'; import { defaultIngestErrorHandler } from '../../errors'; @@ -232,27 +233,52 @@ export const getFullAgentPolicy: RequestHandler< > = async (context, request, response) => { const soClient = context.core.savedObjects.client; - try { - const fullAgentPolicy = await agentPolicyService.getFullAgentPolicy( - soClient, - request.params.agentPolicyId, - { standalone: request.query.standalone === true } - ); - if (fullAgentPolicy) { - const body: GetFullAgentPolicyResponse = { - item: fullAgentPolicy, - }; - return response.ok({ - body, - }); - } else { - return response.customError({ - statusCode: 404, - body: { message: 'Agent policy not found' }, - }); + if (request.query.kubernetes === true) { + try { + const fullAgentConfigMap = await agentPolicyService.getFullAgentConfigMap( + soClient, + request.params.agentPolicyId, + { standalone: request.query.standalone === true } + ); + if (fullAgentConfigMap) { + const body: GetFullAgentConfigMapResponse = { + item: fullAgentConfigMap, + }; + return response.ok({ + body, + }); + } else { + return response.customError({ + statusCode: 404, + body: { message: 'Agent config map not found' }, + }); + } + } catch (error) { + return defaultIngestErrorHandler({ error, response }); + } + } else { + try { + const fullAgentPolicy = await agentPolicyService.getFullAgentPolicy( + soClient, + request.params.agentPolicyId, + { standalone: request.query.standalone === true } + ); + if (fullAgentPolicy) { + const body: GetFullAgentPolicyResponse = { + item: fullAgentPolicy, + }; + return response.ok({ + body, + }); + } else { + return response.customError({ + statusCode: 404, + body: { message: 'Agent policy not found' }, + }); + } + } catch (error) { + return defaultIngestErrorHandler({ error, response }); } - } catch (error) { - return defaultIngestErrorHandler({ error, response }); } }; @@ -265,27 +291,55 @@ export const downloadFullAgentPolicy: RequestHandler< params: { agentPolicyId }, } = request; - try { - const fullAgentPolicy = await agentPolicyService.getFullAgentPolicy(soClient, agentPolicyId, { - standalone: request.query.standalone === true, - }); - if (fullAgentPolicy) { - const body = fullAgentPolicyToYaml(fullAgentPolicy, safeDump); - const headers: ResponseHeaders = { - 'content-type': 'text/x-yaml', - 'content-disposition': `attachment; filename="elastic-agent.yml"`, - }; - return response.ok({ - body, - headers, - }); - } else { - return response.customError({ - statusCode: 404, - body: { message: 'Agent policy not found' }, + if (request.query.kubernetes === true) { + try { + const fullAgentConfigMap = await agentPolicyService.getFullAgentConfigMap( + soClient, + request.params.agentPolicyId, + { standalone: request.query.standalone === true } + ); + if (fullAgentConfigMap) { + const body = fullAgentConfigMap; + const headers: ResponseHeaders = { + 'content-type': 'text/x-yaml', + 'content-disposition': `attachment; filename="elastic-agent-standalone-kubernetes.yaml"`, + }; + return response.ok({ + body, + headers, + }); + } else { + return response.customError({ + statusCode: 404, + body: { message: 'Agent config map not found' }, + }); + } + } catch (error) { + return defaultIngestErrorHandler({ error, response }); + } + } else { + try { + const fullAgentPolicy = await agentPolicyService.getFullAgentPolicy(soClient, agentPolicyId, { + standalone: request.query.standalone === true, }); + if (fullAgentPolicy) { + const body = fullAgentPolicyToYaml(fullAgentPolicy, safeDump); + const headers: ResponseHeaders = { + 'content-type': 'text/x-yaml', + 'content-disposition': `attachment; filename="elastic-agent.yml"`, + }; + return response.ok({ + body, + headers, + }); + } else { + return response.customError({ + statusCode: 404, + body: { message: 'Agent policy not found' }, + }); + } + } catch (error) { + return defaultIngestErrorHandler({ error, response }); } - } catch (error) { - return defaultIngestErrorHandler({ error, response }); } }; diff --git a/x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.ts b/x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.ts index 561c463b998d42c..60cf9c8d96257b0 100644 --- a/x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.ts +++ b/x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.ts @@ -70,12 +70,14 @@ export async function getFullAgentPolicy( if (!monitoringOutput) { throw new Error(`Monitoring output not found ${monitoringOutputId}`); } - const fullAgentPolicy: FullAgentPolicy = { id: agentPolicy.id, outputs: { ...outputs.reduce((acc, output) => { - acc[getOutputIdForAgentPolicy(output)] = transformOutputToFullPolicyOutput(output); + acc[getOutputIdForAgentPolicy(output)] = transformOutputToFullPolicyOutput( + output, + standalone + ); return acc; }, {}), @@ -179,8 +181,8 @@ function transformOutputToFullPolicyOutput( if (standalone) { delete newOutput.api_key; - newOutput.username = 'ES_USERNAME'; - newOutput.password = 'ES_PASSWORD'; + newOutput.username = '{ES_USERNAME}'; + newOutput.password = '{ES_PASSWORD}'; } return newOutput; diff --git a/x-pack/plugins/fleet/server/services/agent_policy.ts b/x-pack/plugins/fleet/server/services/agent_policy.ts index 6ebe890aeaef209..321bc7f289594d4 100644 --- a/x-pack/plugins/fleet/server/services/agent_policy.ts +++ b/x-pack/plugins/fleet/server/services/agent_policy.ts @@ -13,6 +13,8 @@ import type { SavedObjectsBulkUpdateResponse, } from 'src/core/server'; +import { safeDump } from 'js-yaml'; + import { SavedObjectsErrorHelpers } from '../../../../../src/core/server'; import type { AuthenticatedUser } from '../../../security/server'; @@ -41,6 +43,12 @@ import type { } from '../../common'; import { AgentPolicyNameExistsError, HostedAgentPolicyRestrictionRelatedError } from '../errors'; +import type { FullAgentConfigMap } from '../../common/types/models/agent_cm'; + +import { fullAgentConfigMapToYaml } from '../../common/services/agent_cm_to_yaml'; + +import { elasticAgentManifest } from './elastic_agent_manifest'; + import { getPackageInfo } from './epm/packages'; import { getAgentsByKuery } from './agents'; import { packagePolicyService } from './package_policy'; @@ -49,7 +57,6 @@ import { agentPolicyUpdateEventHandler } from './agent_policy_update'; import { normalizeKuery, escapeSearchQueryPhrase } from './saved_object'; import { appContextService } from './app_context'; import { getFullAgentPolicy } from './agent_policies'; - const SAVED_OBJECT_TYPE = AGENT_POLICY_SAVED_OBJECT_TYPE; class AgentPolicyService { @@ -717,6 +724,40 @@ class AgentPolicyService { return res.body.hits.hits[0]._source; } + public async getFullAgentConfigMap( + soClient: SavedObjectsClientContract, + id: string, + options?: { standalone: boolean } + ): Promise { + const fullAgentPolicy = await getFullAgentPolicy(soClient, id, options); + if (fullAgentPolicy) { + const fullAgentConfigMap: FullAgentConfigMap = { + apiVersion: 'v1', + kind: 'ConfigMap', + metadata: { + name: 'agent-node-datastreams', + namespace: 'kube-system', + labels: { + 'k8s-app': 'elastic-agent', + }, + }, + data: { + 'agent.yml': fullAgentPolicy, + }, + }; + + const configMapYaml = fullAgentConfigMapToYaml(fullAgentConfigMap, safeDump); + const updateManifestVersion = elasticAgentManifest.replace( + 'VERSION', + appContextService.getKibanaVersion() + ); + const fixedAgentYML = configMapYaml.replace('agent.yml:', 'agent.yml: |-'); + return [fixedAgentYML, updateManifestVersion].join('\n'); + } else { + return ''; + } + } + public async getFullAgentPolicy( soClient: SavedObjectsClientContract, id: string, diff --git a/x-pack/plugins/fleet/server/services/elastic_agent_manifest.ts b/x-pack/plugins/fleet/server/services/elastic_agent_manifest.ts new file mode 100644 index 000000000000000..392ee170d02ad9b --- /dev/null +++ b/x-pack/plugins/fleet/server/services/elastic_agent_manifest.ts @@ -0,0 +1,222 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const elasticAgentManifest = ` +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: elastic-agent + namespace: kube-system + labels: + app: elastic-agent +spec: + selector: + matchLabels: + app: elastic-agent + template: + metadata: + labels: + app: elastic-agent + spec: + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule + serviceAccountName: elastic-agent + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet + containers: + - name: elastic-agent + image: docker.elastic.co/beats/elastic-agent:VERSION + args: [ + "-c", "/etc/agent.yml", + "-e", + "-d", "'*'", + ] + env: + - name: ES_USERNAME + value: "elastic" + - name: ES_PASSWORD + value: "changeme" + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + securityContext: + runAsUser: 0 + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 200Mi + volumeMounts: + - name: datastreams + mountPath: /etc/agent.yml + readOnly: true + subPath: agent.yml + - name: proc + mountPath: /hostfs/proc + readOnly: true + - name: cgroup + mountPath: /hostfs/sys/fs/cgroup + readOnly: true + - name: varlibdockercontainers + mountPath: /var/lib/docker/containers + readOnly: true + - name: varlog + mountPath: /var/log + readOnly: true + volumes: + - name: datastreams + configMap: + defaultMode: 0640 + name: agent-node-datastreams + - name: proc + hostPath: + path: /proc + - name: cgroup + hostPath: + path: /sys/fs/cgroup + - name: varlibdockercontainers + hostPath: + path: /var/lib/docker/containers + - name: varlog + hostPath: + path: /var/log +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: elastic-agent +subjects: + - kind: ServiceAccount + name: elastic-agent + namespace: kube-system +roleRef: + kind: ClusterRole + name: elastic-agent + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + namespace: kube-system + name: elastic-agent +subjects: + - kind: ServiceAccount + name: elastic-agent + namespace: kube-system +roleRef: + kind: Role + name: elastic-agent + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: elastic-agent-kubeadm-config + namespace: kube-system +subjects: + - kind: ServiceAccount + name: elastic-agent + namespace: kube-system +roleRef: + kind: Role + name: elastic-agent-kubeadm-config + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: elastic-agent + labels: + k8s-app: elastic-agent +rules: + - apiGroups: [""] + resources: + - nodes + - namespaces + - events + - pods + - services + - configmaps + verbs: ["get", "list", "watch"] + # Enable this rule only if planing to use kubernetes_secrets provider + #- apiGroups: [""] + # resources: + # - secrets + # verbs: ["get"] + - apiGroups: ["extensions"] + resources: + - replicasets + verbs: ["get", "list", "watch"] + - apiGroups: ["apps"] + resources: + - statefulsets + - deployments + - replicasets + verbs: ["get", "list", "watch"] + - apiGroups: ["batch"] + resources: + - jobs + verbs: ["get", "list", "watch"] + - apiGroups: + - "" + resources: + - nodes/stats + verbs: + - get + # required for apiserver + - nonResourceURLs: + - "/metrics" + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: elastic-agent + # should be the namespace where elastic-agent is running + namespace: kube-system + labels: + k8s-app: elastic-agent +rules: + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: ["get", "create", "update"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: elastic-agent-kubeadm-config + namespace: kube-system + labels: + k8s-app: elastic-agent +rules: + - apiGroups: [""] + resources: + - configmaps + resourceNames: + - kubeadm-config + verbs: ["get"] +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: elastic-agent + namespace: kube-system + labels: + k8s-app: elastic-agent +--- +`; diff --git a/x-pack/plugins/fleet/server/types/rest_spec/agent_policy.ts b/x-pack/plugins/fleet/server/types/rest_spec/agent_policy.ts index 714ffab922dd98e..64d142f150bfd0c 100644 --- a/x-pack/plugins/fleet/server/types/rest_spec/agent_policy.ts +++ b/x-pack/plugins/fleet/server/types/rest_spec/agent_policy.ts @@ -56,5 +56,6 @@ export const GetFullAgentPolicyRequestSchema = { query: schema.object({ download: schema.maybe(schema.boolean()), standalone: schema.maybe(schema.boolean()), + kubernetes: schema.maybe(schema.boolean()), }), }; From 7968d9e079401735a662a0c382dbc965e75b890e Mon Sep 17 00:00:00 2001 From: Marco Liberati Date: Mon, 18 Oct 2021 15:30:56 +0200 Subject: [PATCH 25/50] [Lens] Unify invalid state styling on the dimension button (#114825) * :lipstick: Sync the invalid state on the dimension button * :label: Fix type issue Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../editor_frame/config_panel/buttons/dimension_button.tsx | 3 +++ .../editor_frame/config_panel/layer_panel.tsx | 7 +++++++ .../lens/public/indexpattern_datasource/indexpattern.tsx | 7 ++++++- x-pack/plugins/lens/public/mocks.tsx | 1 + x-pack/plugins/lens/public/types.ts | 4 ++++ 5 files changed, 21 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/config_panel/buttons/dimension_button.tsx b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/config_panel/buttons/dimension_button.tsx index 5d9fd1f8b8f13c1..508148be8b2a9cb 100644 --- a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/config_panel/buttons/dimension_button.tsx +++ b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/config_panel/buttons/dimension_button.tsx @@ -25,6 +25,7 @@ export function DimensionButton({ onRemoveClick, accessorConfig, label, + invalid, }: { group: VisualizationDimensionGroupConfig; children: React.ReactElement; @@ -32,6 +33,7 @@ export function DimensionButton({ onRemoveClick: (id: string) => void; accessorConfig: AccessorConfig; label: string; + invalid?: boolean; }) { return ( <> @@ -41,6 +43,7 @@ export function DimensionButton({ onClick={() => onClick(accessorConfig.columnId)} aria-label={triggerLinkA11yText(label)} title={triggerLinkA11yText(label)} + color={invalid || group.invalid ? 'danger' : undefined} > {children} diff --git a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/config_panel/layer_panel.tsx b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/config_panel/layer_panel.tsx index 8d19620cebbdc7a..bdd5d93c2c2c887 100644 --- a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/config_panel/layer_panel.tsx +++ b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/config_panel/layer_panel.tsx @@ -477,6 +477,13 @@ export function LayerPanel( ); removeButtonRef(id); }} + invalid={ + !layerDatasource.isValidColumn( + layerDatasourceState, + layerId, + columnId + ) + } > { + const layer = state.layers[layerId]; + return !isColumnInvalid(layer, columnId, state.indexPatterns[layer.indexPatternId]); + }, + renderDimensionTrigger: ( domElement: Element, props: DatasourceDimensionTriggerProps diff --git a/x-pack/plugins/lens/public/mocks.tsx b/x-pack/plugins/lens/public/mocks.tsx index 989c858b1f29d57..5c285f70b2ed9cd 100644 --- a/x-pack/plugins/lens/public/mocks.tsx +++ b/x-pack/plugins/lens/public/mocks.tsx @@ -159,6 +159,7 @@ export function createMockDatasource(id: string): DatasourceMock { getErrorMessages: jest.fn((_state) => undefined), checkIntegrity: jest.fn((_state) => []), isTimeBased: jest.fn(), + isValidColumn: jest.fn(), }; } diff --git a/x-pack/plugins/lens/public/types.ts b/x-pack/plugins/lens/public/types.ts index 87e2762149acd2c..e207f2938dd3cf2 100644 --- a/x-pack/plugins/lens/public/types.ts +++ b/x-pack/plugins/lens/public/types.ts @@ -281,6 +281,10 @@ export interface Datasource { * Checks if the visualization created is time based, for example date histogram */ isTimeBased: (state: T) => boolean; + /** + * Given the current state layer and a columnId will verify if the column configuration has errors + */ + isValidColumn: (state: T, layerId: string, columnId: string) => boolean; } export interface DatasourceFixAction { From 94285ae01a995c28f74e476ea38485f647593b9c Mon Sep 17 00:00:00 2001 From: Baturalp Gurdin <9674241+suchcodemuchwow@users.noreply.github.com> Date: Mon, 18 Oct 2021 15:38:57 +0200 Subject: [PATCH 26/50] adds [Performance Testing] Nightly Build Job (#114042) Adds auto and manual performance tests If "ITERATION_COUNT_ENV" exist in build job: - Auto Mode: Checks "ITERATION_COUNT_ENV", - Manual Mode: Waits for user input, use provided value to run "n" number of performance tests on parallel - Sends slack notifications when pipeline finished --- .buildkite/pipelines/performance/nightly.yml | 35 +++++++++++++++++++ .../scripts/steps/functional/performance.sh | 20 +++++++++++ .../steps/functional/performance_sub.sh | 17 +++++++++ 3 files changed, 72 insertions(+) create mode 100644 .buildkite/pipelines/performance/nightly.yml create mode 100644 .buildkite/scripts/steps/functional/performance.sh create mode 100644 .buildkite/scripts/steps/functional/performance_sub.sh diff --git a/.buildkite/pipelines/performance/nightly.yml b/.buildkite/pipelines/performance/nightly.yml new file mode 100644 index 000000000000000..aa52fb7a9335c15 --- /dev/null +++ b/.buildkite/pipelines/performance/nightly.yml @@ -0,0 +1,35 @@ +steps: + - block: ":gear: Performance Tests Configuration" + prompt: "Fill out the details for performance test" + fields: + - text: ":arrows_counterclockwise: Iterations" + key: "performance-test-iteration-count" + hint: "How many times you want to run tests? " + required: true + if: build.env('ITERATION_COUNT_ENV') == null + + - label: ":male-mechanic::skin-tone-2: Pre-Build" + command: .buildkite/scripts/lifecycle/pre_build.sh + + - wait + + - label: ":factory_worker: Build Kibana Distribution and Plugins" + command: .buildkite/scripts/steps/build_kibana.sh + agents: + queue: c2-16 + key: build + + - label: ":muscle: Performance Tests" + command: .buildkite/scripts/steps/functional/performance.sh + agents: + queue: ci-group-6 + depends_on: build + concurrency: 50 + concurrency_group: 'performance-test-group' + + - wait: ~ + continue_on_failure: true + + - label: ":male_superhero::skin-tone-2: Post-Build" + command: .buildkite/scripts/lifecycle/post_build.sh + diff --git a/.buildkite/scripts/steps/functional/performance.sh b/.buildkite/scripts/steps/functional/performance.sh new file mode 100644 index 000000000000000..2f1a77690d1538f --- /dev/null +++ b/.buildkite/scripts/steps/functional/performance.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +set -uo pipefail + +if [ -z "${ITERATION_COUNT_ENV+x}" ]; then + ITERATION_COUNT="$(buildkite-agent meta-data get performance-test-iteration-count)" +else + ITERATION_COUNT=$ITERATION_COUNT_ENV +fi + +tput setab 2; tput setaf 0; echo "Performance test will be run at ${BUILDKITE_BRANCH} ${ITERATION_COUNT} times" + +cat << EOF | buildkite-agent pipeline upload +steps: + - command: .buildkite/scripts/steps/functional/performance_sub.sh + parallelism: "$ITERATION_COUNT" +EOF + + + diff --git a/.buildkite/scripts/steps/functional/performance_sub.sh b/.buildkite/scripts/steps/functional/performance_sub.sh new file mode 100644 index 000000000000000..d3e6c0ba7304e0e --- /dev/null +++ b/.buildkite/scripts/steps/functional/performance_sub.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env bash + +set -euo pipefail + +source .buildkite/scripts/common/util.sh + +.buildkite/scripts/bootstrap.sh +.buildkite/scripts/download_build_artifacts.sh + +cd "$XPACK_DIR" + +echo --- Run Performance Tests +checks-reporter-with-killswitch "Run Performance Tests" \ + node scripts/functional_tests \ + --debug --bail \ + --kibana-install-dir "$KIBANA_BUILD_LOCATION" \ + --config test/performance/config.ts; From 8631be0a5a5dc703fc3d72dc2ebd624389888a24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mike=20C=C3=B4t=C3=A9?= Date: Mon, 18 Oct 2021 09:44:09 -0400 Subject: [PATCH 27/50] Initial commit (#115272) --- docs/management/connectors/action-types/pagerduty.asciidoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/management/connectors/action-types/pagerduty.asciidoc b/docs/management/connectors/action-types/pagerduty.asciidoc index db1c4e3932d1481..5e12eddaa5c7740 100644 --- a/docs/management/connectors/action-types/pagerduty.asciidoc +++ b/docs/management/connectors/action-types/pagerduty.asciidoc @@ -68,7 +68,7 @@ PagerDuty actions have the following properties. Severity:: The perceived severity of on the affected system. This can be one of `Critical`, `Error`, `Warning` or `Info`(default). Event action:: One of `Trigger` (default), `Resolve`, or `Acknowledge`. See https://v2.developer.pagerduty.com/docs/events-api-v2#event-action[event action] for more details. -Dedup Key:: All actions sharing this key will be associated with the same PagerDuty alert. This value is used to correlate trigger and resolution. This value is *optional*, and if not set, defaults to `:`. The maximum length is *255* characters. See https://v2.developer.pagerduty.com/docs/events-api-v2#alert-de-duplication[alert deduplication] for details. +Dedup Key:: All actions sharing this key will be associated with the same PagerDuty alert. This value is used to correlate trigger and resolution. This value is *optional*, and if not set, defaults to `:`. The maximum length is *255* characters. See https://v2.developer.pagerduty.com/docs/events-api-v2#alert-de-duplication[alert deduplication] for details. Timestamp:: An *optional* https://v2.developer.pagerduty.com/v2/docs/types#datetime[ISO-8601 format date-time], indicating the time the event was detected or generated. Component:: An *optional* value indicating the component of the source machine that is responsible for the event, for example `mysql` or `eth0`. Group:: An *optional* value indicating the logical grouping of components of a service, for example `app-stack`. From e93765eb07734b179eb3c85b9395c7c919bef427 Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Mon, 18 Oct 2021 15:15:21 +0100 Subject: [PATCH 28/50] skip flaky suite (#115310) --- .../tests/exception_operators_data_types/text.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/text.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/text.ts index a938ee991e1ac90..4e4823fcf747f8f 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/text.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/text.ts @@ -56,7 +56,8 @@ export default ({ getService }: FtrProviderContext) => { await deleteListsIndex(supertest); }); - describe('"is" operator', () => { + // FLAKY: https://github.com/elastic/kibana/issues/115310 + describe.skip('"is" operator', () => { it('should find all the text from the data set when no exceptions are set on the rule', async () => { const rule = getRuleForSignalTesting(['text']); const { id } = await createRule(supertest, rule); From ee317b0417a5f9cd5bfab3dd712219a8e0a12fa7 Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Mon, 18 Oct 2021 15:19:12 +0100 Subject: [PATCH 29/50] skip flaky suite (#115315) --- .../tests/exception_operators_data_types/ip_array.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/ip_array.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/ip_array.ts index d5e9050ed9d410e..147e6058dffa8c2 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/ip_array.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/exception_operators_data_types/ip_array.ts @@ -392,7 +392,8 @@ export default ({ getService }: FtrProviderContext) => { }); }); - describe('"exists" operator', () => { + // FLAKY: https://github.com/elastic/kibana/issues/115315 + describe.skip('"exists" operator', () => { it('will return 1 empty result if matching against ip', async () => { const rule = getRuleForSignalTesting(['ip_as_array']); const { id } = await createRuleWithExceptionEntries(supertest, rule, [ From 69bec12c8975153470a64e71302e2eec88bee050 Mon Sep 17 00:00:00 2001 From: Paul Tavares <56442535+paul-tavares@users.noreply.github.com> Date: Mon, 18 Oct 2021 10:21:20 -0400 Subject: [PATCH 30/50] [Security Solution][Endpoint] Ensure that ArtifactEntryCard component, displays OS localized if artifact is defined for multiple OSs (#115222) * Fix localizing `os` if the artifact is assigned to multiple OSs * Test case to validate that multiple OSs are i18n * updated trusted apps test snapshots --- .../artifact_entry_card.test.tsx | 18 ++++++++++++++++++ .../components/criteria_conditions.tsx | 14 +++++++++----- .../components/artifact_entry_card/types.ts | 2 +- .../utils/map_to_artifact_info.ts | 7 +------ .../__snapshots__/index.test.tsx.snap | 18 +++++++++--------- 5 files changed, 38 insertions(+), 21 deletions(-) diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.test.tsx b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.test.tsx index cadaa375e718f45..36362463b5ea216 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.test.tsx +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/artifact_entry_card.test.tsx @@ -12,6 +12,8 @@ import { act, fireEvent, getByTestId } from '@testing-library/react'; import { AnyArtifact } from './types'; import { isTrustedApp } from './utils'; import { getTrustedAppProviderMock, getExceptionProviderMock } from './test_utils'; +import { OS_LINUX, OS_MAC, OS_WINDOWS } from './components/translations'; +import { TrustedApp } from '../../../../common/endpoint/types'; describe.each([ ['trusted apps', getTrustedAppProviderMock], @@ -111,6 +113,22 @@ describe.each([ ); }); + it('should display multiple OSs in the criteria conditions', () => { + if (isTrustedApp(item)) { + // Trusted apps does not support multiple OS, so this is just so the test will pass + // for the trusted app run (the top level `describe()` uses a `.each()`) + item.os = [OS_LINUX, OS_MAC, OS_WINDOWS].join(', ') as TrustedApp['os']; + } else { + item.os_types = ['linux', 'macos', 'windows']; + } + + render(); + + expect(renderResult.getByTestId('testCard-criteriaConditions').textContent).toEqual( + ` OSIS ${OS_LINUX}, ${OS_MAC}, ${OS_WINDOWS}AND process.hash.*IS 1234234659af249ddf3e40864e9fb241AND process.executable.caselessIS /one/two/three` + ); + }); + it('should NOT show the action menu button if no actions were provided', async () => { render(); const menuButton = await renderResult.queryByTestId('testCard-header-actions-button'); diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/criteria_conditions.tsx b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/criteria_conditions.tsx index c5347542ae8bc9f..743eac7a15458ca 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/criteria_conditions.tsx +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/components/criteria_conditions.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import React, { memo, useCallback } from 'react'; +import React, { memo, useCallback, useMemo } from 'react'; import { CommonProps, EuiExpression, EuiToken, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; import styled from 'styled-components'; import { ListOperatorTypeEnum } from '@kbn/securitysolution-io-ts-list-types'; @@ -28,6 +28,7 @@ import { useTestIdGenerator } from '../../hooks/use_test_id_generator'; const OS_LABELS = Object.freeze({ linux: OS_LINUX, mac: OS_MAC, + macos: OS_MAC, windows: OS_WINDOWS, }); @@ -60,6 +61,12 @@ export const CriteriaConditions = memo( ({ os, entries, 'data-test-subj': dataTestSubj }) => { const getTestId = useTestIdGenerator(dataTestSubj); + const osLabel = useMemo(() => { + return os + .map((osValue) => OS_LABELS[osValue as keyof typeof OS_LABELS] ?? osValue) + .join(', '); + }, [os]); + const getNestedEntriesContent = useCallback( (type: string, nestedEntries: ArtifactInfoEntry[]) => { if (type === 'nested' && nestedEntries.length) { @@ -103,10 +110,7 @@ export const CriteriaConditions = memo(
- +
{entries.map(({ field, type, value, entries: nestedEntries = [] }) => { diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/types.ts b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/types.ts index fe50a15190f1187..0fd3269500f34cf 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/types.ts +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/types.ts @@ -27,7 +27,7 @@ export interface ArtifactInfo 'name' | 'created_at' | 'updated_at' | 'created_by' | 'updated_by' | 'description' | 'comments' > { effectScope: EffectScope; - os: string; + os: string[]; entries: ArtifactInfoEntries[]; } diff --git a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/utils/map_to_artifact_info.ts b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/utils/map_to_artifact_info.ts index 5969cf9d043b406..60224b63f426f8c 100644 --- a/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/utils/map_to_artifact_info.ts +++ b/x-pack/plugins/security_solution/public/management/components/artifact_entry_card/utils/map_to_artifact_info.ts @@ -26,16 +26,11 @@ export const mapToArtifactInfo = (_item: MaybeImmutable): ArtifactI description, comments: isTrustedApp(item) ? [] : item.comments, entries: entries as unknown as ArtifactInfo['entries'], - os: isTrustedApp(item) ? item.os : getOsFromExceptionItem(item), + os: isTrustedApp(item) ? [item.os] : item.os_types ?? [], effectScope: isTrustedApp(item) ? item.effectScope : getEffectScopeFromExceptionItem(item), }; }; -const getOsFromExceptionItem = (item: ExceptionListItemSchema): string => { - // FYI: Exceptions seem to allow for items to be assigned to more than one OS, unlike Event Filters and Trusted Apps - return item.os_types.join(', '); -}; - const getEffectScopeFromExceptionItem = (item: ExceptionListItemSchema): EffectScope => { return tagsToEffectScope(item.tags); }; diff --git a/x-pack/plugins/security_solution/public/management/pages/trusted_apps/view/components/trusted_apps_grid/__snapshots__/index.test.tsx.snap b/x-pack/plugins/security_solution/public/management/pages/trusted_apps/view/components/trusted_apps_grid/__snapshots__/index.test.tsx.snap index 89b21ae36e8e66a..0b1b5d4c5675f2d 100644 --- a/x-pack/plugins/security_solution/public/management/pages/trusted_apps/view/components/trusted_apps_grid/__snapshots__/index.test.tsx.snap +++ b/x-pack/plugins/security_solution/public/management/pages/trusted_apps/view/components/trusted_apps_grid/__snapshots__/index.test.tsx.snap @@ -1176,7 +1176,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = ` - macos + Mac @@ -2325,7 +2325,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = ` - macos + Mac @@ -3474,7 +3474,7 @@ exports[`TrustedAppsGrid renders correctly when loaded data 1`] = ` - macos + Mac @@ -5313,7 +5313,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time - macos + Mac @@ -6462,7 +6462,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time - macos + Mac @@ -7611,7 +7611,7 @@ exports[`TrustedAppsGrid renders correctly when loading data for the second time - macos + Mac @@ -9407,7 +9407,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not - macos + Mac @@ -10556,7 +10556,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not - macos + Mac @@ -11705,7 +11705,7 @@ exports[`TrustedAppsGrid renders correctly when new page and page size set (not - macos + Mac From 8ee08c8168d257ae85ebcdea202b171fd59ffccb Mon Sep 17 00:00:00 2001 From: Paul Tavares <56442535+paul-tavares@users.noreply.github.com> Date: Mon, 18 Oct 2021 10:22:23 -0400 Subject: [PATCH 31/50] [Security Solution][Endpoint] Adjustments to the Policy Details layout for the Trusted Apps tab (#115093) * Add link to view trusted apps list + spacing fixes * tests to cover changes to layout --- .../policy_trusted_apps_layout.test.tsx | 2 +- .../layout/policy_trusted_apps_layout.tsx | 74 +++- .../list/policy_trusted_apps_list.test.tsx | 13 +- .../list/policy_trusted_apps_list.tsx | 385 +++++++++--------- 4 files changed, 273 insertions(+), 201 deletions(-) diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.test.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.test.tsx index d46775d38834b87..e519d19d60fdc61 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.test.tsx @@ -117,7 +117,7 @@ describe.skip('Policy trusted apps layout', () => { await waitForAction('assignedTrustedAppsListStateChanged'); - expect(component.getByTestId('policyDetailsTrustedAppsCount')).not.toBeNull(); + expect(component.getAllByTestId('policyTrustedAppsGrid-card')).toHaveLength(10); }); it('should hide assign button on empty state with unassigned policies when downgraded to a gold or below license', async () => { diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.tsx index 2421602f4e5af40..a3f1ed215286a55 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.tsx @@ -7,12 +7,16 @@ import React, { useMemo } from 'react'; import { i18n } from '@kbn/i18n'; +import { FormattedMessage } from '@kbn/i18n/react'; import { EuiButton, EuiTitle, EuiPageHeader, EuiPageHeaderSection, EuiPageContent, + EuiText, + EuiSpacer, + EuiLink, } from '@elastic/eui'; import { PolicyTrustedAppsEmptyUnassigned, PolicyTrustedAppsEmptyUnexisting } from '../empty'; import { @@ -21,13 +25,18 @@ import { policyDetails, doesPolicyHaveTrustedApps, doesTrustedAppExistsLoading, + getPolicyTrustedAppsListPagination, } from '../../../store/policy_details/selectors'; import { usePolicyDetailsNavigateCallback, usePolicyDetailsSelector } from '../../policy_hooks'; import { PolicyTrustedAppsFlyout } from '../flyout'; import { PolicyTrustedAppsList } from '../list/policy_trusted_apps_list'; import { useEndpointPrivileges } from '../../../../../../common/components/user_privileges/use_endpoint_privileges'; +import { useAppUrl } from '../../../../../../common/lib/kibana'; +import { APP_ID } from '../../../../../../../common/constants'; +import { getTrustedAppsListPath } from '../../../../../common/routing'; export const PolicyTrustedAppsLayout = React.memo(() => { + const { getAppUrl } = useAppUrl(); const location = usePolicyDetailsSelector(getCurrentArtifactsLocation); const doesTrustedAppExists = usePolicyDetailsSelector(getDoesTrustedAppExists); const isDoesTrustedAppExistsLoading = usePolicyDetailsSelector(doesTrustedAppExistsLoading); @@ -35,6 +44,9 @@ export const PolicyTrustedAppsLayout = React.memo(() => { const navigateCallback = usePolicyDetailsNavigateCallback(); const hasAssignedTrustedApps = usePolicyDetailsSelector(doesPolicyHaveTrustedApps); const { isPlatinumPlus } = useEndpointPrivileges(); + const totalAssignedCount = usePolicyDetailsSelector( + getPolicyTrustedAppsListPagination + ).totalItemCount; const showListFlyout = location.show === 'list'; @@ -78,21 +90,57 @@ export const PolicyTrustedAppsLayout = React.memo(() => { [hasAssignedTrustedApps.loading, isDoesTrustedAppExistsLoading] ); + const aboutInfo = useMemo(() => { + const link = ( + + + + ); + + return ( + + ); + }, [getAppUrl, totalAssignedCount]); + return policyItem ? (
{!displaysEmptyStateIsLoading && !displaysEmptyState ? ( - - - -

- {i18n.translate('xpack.securitySolution.endpoint.policy.trustedApps.layout.title', { - defaultMessage: 'Assigned trusted applications', - })} -

- - - {isPlatinumPlus && assignTrustedAppButton} - + <> + + + +

+ {i18n.translate( + 'xpack.securitySolution.endpoint.policy.trustedApps.layout.title', + { + defaultMessage: 'Assigned trusted applications', + } + )} +

+ + + + + +

{aboutInfo}

+ + + + {isPlatinumPlus && assignTrustedAppButton} + + + + ) : null} { /> ) ) : ( - + )} {isPlatinumPlus && showListFlyout ? : null} diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/list/policy_trusted_apps_list.test.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/list/policy_trusted_apps_list.test.tsx index 232672716f5c502..a8d3cc1505463ca 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/list/policy_trusted_apps_list.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/list/policy_trusted_apps_list.test.tsx @@ -10,7 +10,7 @@ import { createAppRootMockRenderer, } from '../../../../../../common/mock/endpoint'; import { getPolicyDetailsArtifactsListPath } from '../../../../../common/routing'; -import { PolicyTrustedAppsList } from './policy_trusted_apps_list'; +import { PolicyTrustedAppsList, PolicyTrustedAppsListProps } from './policy_trusted_apps_list'; import React from 'react'; import { policyDetailsPageAllApiHttpMocks } from '../../../test_utils'; import { @@ -38,6 +38,7 @@ describe('when rendering the PolicyTrustedAppsList', () => { let render: (waitForLoadedState?: boolean) => Promise>; let mockedApis: ReturnType; let waitForAction: AppContextTestRender['middlewareSpy']['waitForAction']; + let componentRenderProps: PolicyTrustedAppsListProps; const loadedUserEndpointPrivilegesState = ( endpointOverrides: Partial = {} @@ -93,6 +94,7 @@ describe('when rendering the PolicyTrustedAppsList', () => { mockedApis = policyDetailsPageAllApiHttpMocks(appTestContext.coreStart.http); appTestContext.setExperimentalFlag({ trustedAppsByPolicyEnabled: true }); waitForAction = appTestContext.middlewareSpy.waitForAction; + componentRenderProps = {}; render = async (waitForLoadedState: boolean = true) => { appTestContext.history.push( @@ -106,7 +108,7 @@ describe('when rendering the PolicyTrustedAppsList', () => { }) : Promise.resolve(); - renderResult = appTestContext.render(); + renderResult = appTestContext.render(); await trustedAppDataReceived; return renderResult; @@ -135,6 +137,13 @@ describe('when rendering the PolicyTrustedAppsList', () => { ); }); + it('should NOT show total number if `hideTotalShowingLabel` prop is true', async () => { + componentRenderProps.hideTotalShowingLabel = true; + await render(); + + expect(renderResult.queryByTestId('policyDetailsTrustedAppsCount')).toBeNull(); + }); + it('should show card grid', async () => { await render(); diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/list/policy_trusted_apps_list.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/list/policy_trusted_apps_list.tsx index 8ab2f5fd465e06c..f6afd9d5024860e 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/list/policy_trusted_apps_list.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/list/policy_trusted_apps_list.tsx @@ -42,217 +42,232 @@ import { useEndpointPrivileges } from '../../../../../../common/components/user_ const DATA_TEST_SUBJ = 'policyTrustedAppsGrid'; -export const PolicyTrustedAppsList = memo(() => { - const getTestId = useTestIdGenerator(DATA_TEST_SUBJ); - const toasts = useToasts(); - const history = useHistory(); - const { getAppUrl } = useAppUrl(); - const { isPlatinumPlus } = useEndpointPrivileges(); - const policyId = usePolicyDetailsSelector(policyIdFromParams); - const hasTrustedApps = usePolicyDetailsSelector(doesPolicyHaveTrustedApps); - const isLoading = usePolicyDetailsSelector(isPolicyTrustedAppListLoading); - const isTrustedAppExistsCheckLoading = usePolicyDetailsSelector(doesTrustedAppExistsLoading); - const trustedAppItems = usePolicyDetailsSelector(getPolicyTrustedAppList); - const pagination = usePolicyDetailsSelector(getPolicyTrustedAppsListPagination); - const urlParams = usePolicyDetailsSelector(getCurrentArtifactsLocation); - const allPoliciesById = usePolicyDetailsSelector(getTrustedAppsAllPoliciesById); - const trustedAppsApiError = usePolicyDetailsSelector(getPolicyTrustedAppListError); +export interface PolicyTrustedAppsListProps { + hideTotalShowingLabel?: boolean; +} - const [isCardExpanded, setCardExpanded] = useState>({}); - const [trustedAppsForRemoval, setTrustedAppsForRemoval] = useState([]); - const [showRemovalModal, setShowRemovalModal] = useState(false); +export const PolicyTrustedAppsList = memo( + ({ hideTotalShowingLabel = false }) => { + const getTestId = useTestIdGenerator(DATA_TEST_SUBJ); + const toasts = useToasts(); + const history = useHistory(); + const { getAppUrl } = useAppUrl(); + const { isPlatinumPlus } = useEndpointPrivileges(); + const policyId = usePolicyDetailsSelector(policyIdFromParams); + const hasTrustedApps = usePolicyDetailsSelector(doesPolicyHaveTrustedApps); + const isLoading = usePolicyDetailsSelector(isPolicyTrustedAppListLoading); + const isTrustedAppExistsCheckLoading = usePolicyDetailsSelector(doesTrustedAppExistsLoading); + const trustedAppItems = usePolicyDetailsSelector(getPolicyTrustedAppList); + const pagination = usePolicyDetailsSelector(getPolicyTrustedAppsListPagination); + const urlParams = usePolicyDetailsSelector(getCurrentArtifactsLocation); + const allPoliciesById = usePolicyDetailsSelector(getTrustedAppsAllPoliciesById); + const trustedAppsApiError = usePolicyDetailsSelector(getPolicyTrustedAppListError); - const handlePageChange = useCallback( - ({ pageIndex, pageSize }) => { - history.push( - getPolicyDetailsArtifactsListPath(policyId, { - ...urlParams, - // If user changed page size, then reset page index back to the first page - page_index: pageSize !== pagination.pageSize ? 0 : pageIndex, - page_size: pageSize, - }) - ); - }, - [history, pagination.pageSize, policyId, urlParams] - ); + const [isCardExpanded, setCardExpanded] = useState>({}); + const [trustedAppsForRemoval, setTrustedAppsForRemoval] = useState([]); + const [showRemovalModal, setShowRemovalModal] = useState(false); - const handleExpandCollapse = useCallback( - ({ expanded, collapsed }) => { - const newCardExpandedSettings: Record = {}; + const handlePageChange = useCallback( + ({ pageIndex, pageSize }) => { + history.push( + getPolicyDetailsArtifactsListPath(policyId, { + ...urlParams, + // If user changed page size, then reset page index back to the first page + page_index: pageSize !== pagination.pageSize ? 0 : pageIndex, + page_size: pageSize, + }) + ); + }, + [history, pagination.pageSize, policyId, urlParams] + ); - for (const trustedApp of expanded) { - newCardExpandedSettings[trustedApp.id] = true; - } + const handleExpandCollapse = useCallback( + ({ expanded, collapsed }) => { + const newCardExpandedSettings: Record = {}; - for (const trustedApp of collapsed) { - newCardExpandedSettings[trustedApp.id] = false; - } + for (const trustedApp of expanded) { + newCardExpandedSettings[trustedApp.id] = true; + } - setCardExpanded(newCardExpandedSettings); - }, - [] - ); + for (const trustedApp of collapsed) { + newCardExpandedSettings[trustedApp.id] = false; + } - const totalItemsCountLabel = useMemo(() => { - return i18n.translate('xpack.securitySolution.endpoint.policy.trustedApps.list.totalCount', { - defaultMessage: - 'Showing {totalItemsCount, plural, one {# trusted application} other {# trusted applications}}', - values: { totalItemsCount: pagination.totalItemCount }, - }); - }, [pagination.totalItemCount]); + setCardExpanded(newCardExpandedSettings); + }, + [] + ); - const cardProps = useMemo, ArtifactCardGridCardComponentProps>>(() => { - const newCardProps = new Map(); + const totalItemsCountLabel = useMemo(() => { + return i18n.translate('xpack.securitySolution.endpoint.policy.trustedApps.list.totalCount', { + defaultMessage: + 'Showing {totalItemsCount, plural, one {# trusted application} other {# trusted applications}}', + values: { totalItemsCount: pagination.totalItemCount }, + }); + }, [pagination.totalItemCount]); - for (const trustedApp of trustedAppItems) { - const isGlobal = trustedApp.effectScope.type === 'global'; - const viewUrlPath = getTrustedAppsListPath({ id: trustedApp.id, show: 'edit' }); - const assignedPoliciesMenuItems: ArtifactEntryCollapsibleCardProps['policies'] = - trustedApp.effectScope.type === 'global' - ? undefined - : trustedApp.effectScope.policies.reduce< - Required['policies'] - >((byIdPolicies, trustedAppAssignedPolicyId) => { - if (!allPoliciesById[trustedAppAssignedPolicyId]) { - byIdPolicies[trustedAppAssignedPolicyId] = { children: trustedAppAssignedPolicyId }; - return byIdPolicies; - } + const cardProps = useMemo< + Map, ArtifactCardGridCardComponentProps> + >(() => { + const newCardProps = new Map(); - const policyDetailsPath = getPolicyDetailPath(trustedAppAssignedPolicyId); + for (const trustedApp of trustedAppItems) { + const isGlobal = trustedApp.effectScope.type === 'global'; + const viewUrlPath = getTrustedAppsListPath({ id: trustedApp.id, show: 'edit' }); + const assignedPoliciesMenuItems: ArtifactEntryCollapsibleCardProps['policies'] = + trustedApp.effectScope.type === 'global' + ? undefined + : trustedApp.effectScope.policies.reduce< + Required['policies'] + >((byIdPolicies, trustedAppAssignedPolicyId) => { + if (!allPoliciesById[trustedAppAssignedPolicyId]) { + byIdPolicies[trustedAppAssignedPolicyId] = { + children: trustedAppAssignedPolicyId, + }; + return byIdPolicies; + } - const thisPolicyMenuProps: ContextMenuItemNavByRouterProps = { - navigateAppId: APP_ID, - navigateOptions: { - path: policyDetailsPath, - }, - href: getAppUrl({ path: policyDetailsPath }), - children: allPoliciesById[trustedAppAssignedPolicyId].name, - }; + const policyDetailsPath = getPolicyDetailPath(trustedAppAssignedPolicyId); - byIdPolicies[trustedAppAssignedPolicyId] = thisPolicyMenuProps; + const thisPolicyMenuProps: ContextMenuItemNavByRouterProps = { + navigateAppId: APP_ID, + navigateOptions: { + path: policyDetailsPath, + }, + href: getAppUrl({ path: policyDetailsPath }), + children: allPoliciesById[trustedAppAssignedPolicyId].name, + }; - return byIdPolicies; - }, {}); + byIdPolicies[trustedAppAssignedPolicyId] = thisPolicyMenuProps; - const fullDetailsAction: ArtifactCardGridCardComponentProps['actions'] = [ - { - icon: 'controlsHorizontal', - children: i18n.translate( - 'xpack.securitySolution.endpoint.policy.trustedApps.list.viewAction', - { defaultMessage: 'View full details' } - ), - href: getAppUrl({ appId: APP_ID, path: viewUrlPath }), - navigateAppId: APP_ID, - navigateOptions: { path: viewUrlPath }, - 'data-test-subj': getTestId('viewFullDetailsAction'), - }, - ]; - const thisTrustedAppCardProps: ArtifactCardGridCardComponentProps = { - expanded: Boolean(isCardExpanded[trustedApp.id]), - actions: isPlatinumPlus - ? [ - ...fullDetailsAction, - { - icon: 'trash', - children: i18n.translate( - 'xpack.securitySolution.endpoint.policy.trustedApps.list.removeAction', - { defaultMessage: 'Remove from policy' } - ), - onClick: () => { - setTrustedAppsForRemoval([trustedApp]); - setShowRemovalModal(true); + return byIdPolicies; + }, {}); + + const fullDetailsAction: ArtifactCardGridCardComponentProps['actions'] = [ + { + icon: 'controlsHorizontal', + children: i18n.translate( + 'xpack.securitySolution.endpoint.policy.trustedApps.list.viewAction', + { defaultMessage: 'View full details' } + ), + href: getAppUrl({ appId: APP_ID, path: viewUrlPath }), + navigateAppId: APP_ID, + navigateOptions: { path: viewUrlPath }, + 'data-test-subj': getTestId('viewFullDetailsAction'), + }, + ]; + const thisTrustedAppCardProps: ArtifactCardGridCardComponentProps = { + expanded: Boolean(isCardExpanded[trustedApp.id]), + actions: isPlatinumPlus + ? [ + ...fullDetailsAction, + { + icon: 'trash', + children: i18n.translate( + 'xpack.securitySolution.endpoint.policy.trustedApps.list.removeAction', + { defaultMessage: 'Remove from policy' } + ), + onClick: () => { + setTrustedAppsForRemoval([trustedApp]); + setShowRemovalModal(true); + }, + disabled: isGlobal, + toolTipContent: isGlobal + ? i18n.translate( + 'xpack.securitySolution.endpoint.policy.trustedApps.list.removeActionNotAllowed', + { + defaultMessage: + 'Globally applied trusted applications cannot be removed from policy.', + } + ) + : undefined, + toolTipPosition: 'top', + 'data-test-subj': getTestId('removeAction'), }, - disabled: isGlobal, - toolTipContent: isGlobal - ? i18n.translate( - 'xpack.securitySolution.endpoint.policy.trustedApps.list.removeActionNotAllowed', - { - defaultMessage: - 'Globally applied trusted applications cannot be removed from policy.', - } - ) - : undefined, - toolTipPosition: 'top', - 'data-test-subj': getTestId('removeAction'), - }, - ] - : fullDetailsAction, + ] + : fullDetailsAction, - policies: assignedPoliciesMenuItems, - }; + policies: assignedPoliciesMenuItems, + }; - newCardProps.set(trustedApp, thisTrustedAppCardProps); - } + newCardProps.set(trustedApp, thisTrustedAppCardProps); + } - return newCardProps; - }, [allPoliciesById, getAppUrl, getTestId, isCardExpanded, trustedAppItems, isPlatinumPlus]); + return newCardProps; + }, [allPoliciesById, getAppUrl, getTestId, isCardExpanded, trustedAppItems, isPlatinumPlus]); - const provideCardProps = useCallback['cardComponentProps']>( - (item) => { - // eslint-disable-next-line @typescript-eslint/no-non-null-assertion - return cardProps.get(item as Immutable)!; - }, - [cardProps] - ); + const provideCardProps = useCallback['cardComponentProps']>( + (item) => { + // eslint-disable-next-line @typescript-eslint/no-non-null-assertion + return cardProps.get(item as Immutable)!; + }, + [cardProps] + ); - const handleRemoveModalClose = useCallback(() => { - setShowRemovalModal(false); - }, []); + const handleRemoveModalClose = useCallback(() => { + setShowRemovalModal(false); + }, []); - // Anytime a new set of data (trusted apps) is retrieved, reset the card expand state - useEffect(() => { - setCardExpanded({}); - }, [trustedAppItems]); + // Anytime a new set of data (trusted apps) is retrieved, reset the card expand state + useEffect(() => { + setCardExpanded({}); + }, [trustedAppItems]); - // if an error occurred while loading the data, show toast - useEffect(() => { - if (trustedAppsApiError) { - toasts.addError(trustedAppsApiError as unknown as Error, { - title: i18n.translate('xpack.securitySolution.endpoint.policy.trustedApps.list.apiError', { - defaultMessage: 'Error while retrieving list of trusted applications', - }), - }); + // if an error occurred while loading the data, show toast + useEffect(() => { + if (trustedAppsApiError) { + toasts.addError(trustedAppsApiError as unknown as Error, { + title: i18n.translate( + 'xpack.securitySolution.endpoint.policy.trustedApps.list.apiError', + { + defaultMessage: 'Error while retrieving list of trusted applications', + } + ), + }); + } + }, [toasts, trustedAppsApiError]); + + if (hasTrustedApps.loading || isTrustedAppExistsCheckLoading) { + return ( + + + + ); } - }, [toasts, trustedAppsApiError]); - if (hasTrustedApps.loading || isTrustedAppExistsCheckLoading) { return ( - - - - ); - } - - return ( - <> - - {totalItemsCountLabel} - - - + <> + {!hideTotalShowingLabel && ( + + {totalItemsCountLabel} + + )} - + - {showRemovalModal && ( - - )} - - ); -}); + + {showRemovalModal && ( + + )} + + ); + } +); PolicyTrustedAppsList.displayName = 'PolicyTrustedAppsList'; From 96b15f0bd9014ca0c626bb79701e3c6cd4f7ec09 Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Mon, 18 Oct 2021 15:23:24 +0100 Subject: [PATCH 32/50] skip flaky suite (#114745) --- .../apps/discover/value_suggestions_non_timebased.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/test/functional/apps/discover/value_suggestions_non_timebased.ts b/x-pack/test/functional/apps/discover/value_suggestions_non_timebased.ts index cfddd33f4197e71..e8cc34604eabaa0 100644 --- a/x-pack/test/functional/apps/discover/value_suggestions_non_timebased.ts +++ b/x-pack/test/functional/apps/discover/value_suggestions_non_timebased.ts @@ -13,7 +13,8 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { const queryBar = getService('queryBar'); const PageObjects = getPageObjects(['common', 'settings', 'context']); - describe('value suggestions non time based', function describeIndexTests() { + // FLAKY: https://github.com/elastic/kibana/issues/114745 + describe.skip('value suggestions non time based', function describeIndexTests() { before(async function () { await esArchiver.loadIfNeeded( 'test/functional/fixtures/es_archiver/index_pattern_without_timefield' From d93afe82e5f6625917fdf2debcf80d389b214d05 Mon Sep 17 00:00:00 2001 From: Mark Hopkin Date: Mon, 18 Oct 2021 15:26:16 +0100 Subject: [PATCH 33/50] [Fleet] Add agent modal (#114830) * remove toast * add modal * modal interactivity done * remove unused deps * onSaveNavigateTo cannot be a function any more * add util for constructing query string * move to policyId * plumb in queryParams * remove comments * move to strong tag * remove unused translations * fix unit tests * fix types * fix synthetics tests * add API comments * bonus: make package policy buttons uniform size * PR feedback: remove indent level Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../components/index.ts | 1 + .../post_install_add_agent_modal.tsx | 59 +++++++ .../create_package_policy_page/index.tsx | 129 +++++++------- .../create_package_policy_page/types.ts | 8 +- .../utils/append_on_save_query_params.test.ts | 157 ++++++++++++++++++ .../utils/append_on_save_query_params.ts | 61 +++++++ .../create_package_policy_page/utils/index.ts | 8 + .../sections/epm/screens/detail/index.tsx | 13 +- .../components/package_policy_agents_cell.tsx | 2 +- .../detail/policies/package_policies.tsx | 9 +- .../public/types/intra_app_route_state.ts | 22 ++- .../translations/translations/ja-JP.json | 3 - .../translations/translations/zh-CN.json | 3 - .../apps/uptime/synthetics_integration.ts | 2 +- .../synthetics_integration_page.ts | 2 +- 15 files changed, 395 insertions(+), 84 deletions(-) create mode 100644 x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/components/post_install_add_agent_modal.tsx create mode 100644 x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/utils/append_on_save_query_params.test.ts create mode 100644 x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/utils/append_on_save_query_params.ts create mode 100644 x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/utils/index.ts diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/components/index.ts b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/components/index.ts index 14eca1406f6238b..c8b3a21f46ebd63 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/components/index.ts +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/components/index.ts @@ -8,3 +8,4 @@ export { CreatePackagePolicyPageLayout } from './layout'; export { PackagePolicyInputPanel } from './package_policy_input_panel'; export { PackagePolicyInputVarField } from './package_policy_input_var_field'; +export { PostInstallAddAgentModal } from './post_install_add_agent_modal'; diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/components/post_install_add_agent_modal.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/components/post_install_add_agent_modal.tsx new file mode 100644 index 000000000000000..c91b6d348180d2f --- /dev/null +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/components/post_install_add_agent_modal.tsx @@ -0,0 +1,59 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { EuiConfirmModal } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n/react'; + +import type { AgentPolicy, PackageInfo } from '../../../../types'; + +const toTitleCase = (str: string) => str.charAt(0).toUpperCase() + str.substr(1); + +export const PostInstallAddAgentModal: React.FunctionComponent<{ + onConfirm: () => void; + onCancel: () => void; + packageInfo: PackageInfo; + agentPolicy: AgentPolicy; +}> = ({ onConfirm, onCancel, packageInfo, agentPolicy }) => { + return ( + + } + onCancel={onCancel} + onConfirm={onConfirm} + cancelButtonText={ + + } + confirmButtonText={ + + } + buttonColor="primary" + data-test-subj="postInstallAddAgentModal" + > + Elastic Agent, + }} + /> + + ); +}; diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/index.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/index.tsx index ffc9cba90efeaaa..f6ad41f69e99eec 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/index.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/index.tsx @@ -19,15 +19,19 @@ import { EuiFlexGroup, EuiFlexItem, EuiSpacer, - EuiLink, EuiErrorBoundary, } from '@elastic/eui'; import type { EuiStepProps } from '@elastic/eui/src/components/steps/step'; import type { ApplicationStart } from 'kibana/public'; import { safeLoad } from 'js-yaml'; -import { toMountPoint } from '../../../../../../../../../src/plugins/kibana_react/public'; -import type { AgentPolicy, NewPackagePolicy, CreatePackagePolicyRouteState } from '../../../types'; +import type { + AgentPolicy, + NewPackagePolicy, + PackagePolicy, + CreatePackagePolicyRouteState, + OnSaveQueryParamKeys, +} from '../../../types'; import { useLink, useBreadcrumbs, @@ -45,10 +49,11 @@ import type { PackagePolicyEditExtensionComponentProps } from '../../../types'; import { PLUGIN_ID } from '../../../../../../common/constants'; import { pkgKeyFromPackageInfo } from '../../../services'; -import { CreatePackagePolicyPageLayout } from './components'; +import { CreatePackagePolicyPageLayout, PostInstallAddAgentModal } from './components'; import type { EditPackagePolicyFrom, PackagePolicyFormState } from './types'; import type { PackagePolicyValidationResults } from './services'; import { validatePackagePolicy, validationHasErrors } from './services'; +import { appendOnSaveQueryParamsToPath } from './utils'; import { StepSelectAgentPolicy } from './step_select_agent_policy'; import { StepConfigurePackagePolicy } from './step_configure_package'; import { StepDefinePackagePolicy } from './step_define_package_policy'; @@ -105,6 +110,9 @@ export const CreatePackagePolicyPage: React.FunctionComponent = () => { // Agent policy state const [agentPolicy, setAgentPolicy] = useState(); + // only used to store the resulting package policy once saved + const [savedPackagePolicy, setSavedPackagePolicy] = useState(); + // Retrieve agent count const agentPolicyId = agentPolicy?.id; useEffect(() => { @@ -256,9 +264,9 @@ export const CreatePackagePolicyPage: React.FunctionComponent = () => { const savePackagePolicy = useCallback(async () => { setFormState('LOADING'); const result = await sendCreatePackagePolicy(packagePolicy); - setFormState('SUBMITTED'); + setFormState(agentCount ? 'SUBMITTED' : 'SUBMITTED_NO_AGENTS'); return result; - }, [packagePolicy]); + }, [packagePolicy, agentCount]); const doOnSaveNavigation = useRef(true); // Detect if user left page @@ -268,6 +276,39 @@ export const CreatePackagePolicyPage: React.FunctionComponent = () => { }; }, []); + const navigateAddAgent = (policy?: PackagePolicy) => + onSaveNavigate(policy, ['openEnrollmentFlyout']); + + const navigateAddAgentHelp = (policy?: PackagePolicy) => + onSaveNavigate(policy, ['showAddAgentHelp']); + + const onSaveNavigate = useCallback( + (policy?: PackagePolicy, paramsToApply: OnSaveQueryParamKeys[] = []) => { + if (!doOnSaveNavigation.current) { + return; + } + + if (routeState?.onSaveNavigateTo && policy) { + const [appId, options] = routeState.onSaveNavigateTo; + + if (options?.path) { + const pathWithQueryString = appendOnSaveQueryParamsToPath({ + path: options.path, + policy, + mappingOptions: routeState.onSaveQueryParams, + paramsToApply, + }); + handleNavigateTo([appId, { ...options, path: pathWithQueryString }]); + } else { + handleNavigateTo(routeState.onSaveNavigateTo); + } + } else { + history.push(getPath('policy_details', { policyId: agentPolicy!.id })); + } + }, + [agentPolicy, getPath, handleNavigateTo, history, routeState] + ); + const onSubmit = useCallback(async () => { if (formState === 'VALID' && hasErrors) { setFormState('INVALID'); @@ -279,27 +320,14 @@ export const CreatePackagePolicyPage: React.FunctionComponent = () => { } const { error, data } = await savePackagePolicy(); if (!error) { - if (doOnSaveNavigation.current) { - if (routeState && routeState.onSaveNavigateTo) { - handleNavigateTo( - typeof routeState.onSaveNavigateTo === 'function' - ? routeState.onSaveNavigateTo(data!.item) - : routeState.onSaveNavigateTo - ); - } else { - history.push( - getPath('policy_details', { - policyId: agentPolicy!.id, - }) - ); - } - } - - const fromPolicyWithoutAgentsAssigned = from === 'policy' && agentPolicy && agentCount === 0; - - const fromPackageWithoutAgentsAssigned = packageInfo && agentPolicy && agentCount === 0; + setSavedPackagePolicy(data!.item); const hasAgentsAssigned = agentCount && agentPolicy; + if (!hasAgentsAssigned) { + setFormState('SUBMITTED_NO_AGENTS'); + return; + } + onSaveNavigate(data!.item); notifications.toasts.addSuccess({ title: i18n.translate('xpack.fleet.createPackagePolicy.addedNotificationTitle', { @@ -308,40 +336,7 @@ export const CreatePackagePolicyPage: React.FunctionComponent = () => { packagePolicyName: packagePolicy.name, }, }), - text: fromPolicyWithoutAgentsAssigned - ? i18n.translate( - 'xpack.fleet.createPackagePolicy.policyContextAddAgentNextNotificationMessage', - { - defaultMessage: `The policy has been updated. Add an agent to the '{agentPolicyName}' policy to deploy this policy.`, - values: { - agentPolicyName: agentPolicy!.name, - }, - } - ) - : fromPackageWithoutAgentsAssigned - ? toMountPoint( - // To render the link below we need to mount this JSX in the success toast - - {i18n.translate( - 'xpack.fleet.createPackagePolicy.integrationsContextAddAgentLinkMessage', - { defaultMessage: 'add an agent' } - )} - - ), - }} - /> - ) - : hasAgentsAssigned + text: hasAgentsAssigned ? i18n.translate('xpack.fleet.createPackagePolicy.addedNotificationMessage', { defaultMessage: `Fleet will deploy updates to all agents that use the '{agentPolicyName}' policy.`, values: { @@ -362,16 +357,10 @@ export const CreatePackagePolicyPage: React.FunctionComponent = () => { hasErrors, agentCount, savePackagePolicy, - from, + onSaveNavigate, agentPolicy, - packageInfo, notifications.toasts, packagePolicy.name, - getHref, - routeState, - handleNavigateTo, - history, - getPath, ]); const integrationInfo = useMemo( @@ -508,6 +497,14 @@ export const CreatePackagePolicyPage: React.FunctionComponent = () => { onCancel={() => setFormState('VALID')} /> )} + {formState === 'SUBMITTED_NO_AGENTS' && agentPolicy && packageInfo && ( + navigateAddAgent(savedPackagePolicy)} + onCancel={() => navigateAddAgentHelp(savedPackagePolicy)} + /> + )} {packageInfo && ( { + it('should do nothing if no paramsToApply provided', () => { + expect( + appendOnSaveQueryParamsToPath({ path: '/hello', policy: mockPolicy, paramsToApply: [] }) + ).toEqual('/hello'); + }); + it('should do nothing if all params set to false', () => { + const options = { + path: '/hello', + policy: mockPolicy, + mappingOptions: { + showAddAgentHelp: false, + openEnrollmentFlyout: false, + }, + paramsToApply: ['showAddAgentHelp', 'openEnrollmentFlyout'] as OnSaveQueryParamKeys[], + }; + expect(appendOnSaveQueryParamsToPath(options)).toEqual('/hello'); + }); + + it('should append query params if set to true', () => { + const options = { + path: '/hello', + policy: mockPolicy, + mappingOptions: { + showAddAgentHelp: true, + openEnrollmentFlyout: true, + }, + paramsToApply: ['showAddAgentHelp', 'openEnrollmentFlyout'] as OnSaveQueryParamKeys[], + }; + + const hrefOut = appendOnSaveQueryParamsToPath(options); + const [basePath, qs] = parseHref(hrefOut); + expect(basePath).toEqual('/hello'); + expect(qs).toEqual({ showAddAgentHelp: 'true', openEnrollmentFlyout: 'true' }); + }); + it('should append query params if set to true (existing query string)', () => { + const options = { + path: '/hello?world=1', + policy: mockPolicy, + mappingOptions: { + showAddAgentHelp: true, + openEnrollmentFlyout: true, + }, + paramsToApply: ['showAddAgentHelp', 'openEnrollmentFlyout'] as OnSaveQueryParamKeys[], + }; + + const hrefOut = appendOnSaveQueryParamsToPath(options); + const [basePath, qs] = parseHref(hrefOut); + expect(basePath).toEqual('/hello'); + expect(qs).toEqual({ showAddAgentHelp: 'true', openEnrollmentFlyout: 'true', world: '1' }); + }); + + it('should append renamed param', () => { + const options = { + path: '/hello', + policy: mockPolicy, + mappingOptions: { + showAddAgentHelp: { renameKey: 'renamedKey' }, + }, + paramsToApply: ['showAddAgentHelp'] as OnSaveQueryParamKeys[], + }; + + const hrefOut = appendOnSaveQueryParamsToPath(options); + const [basePath, qs] = parseHref(hrefOut); + expect(basePath).toEqual('/hello'); + expect(qs).toEqual({ renamedKey: 'true' }); + }); + + it('should append renamed param (existing param)', () => { + const options = { + path: '/hello?world=1', + policy: mockPolicy, + mappingOptions: { + showAddAgentHelp: { renameKey: 'renamedKey' }, + }, + paramsToApply: ['showAddAgentHelp'] as OnSaveQueryParamKeys[], + }; + + const hrefOut = appendOnSaveQueryParamsToPath(options); + const [basePath, qs] = parseHref(hrefOut); + expect(basePath).toEqual('/hello'); + expect(qs).toEqual({ renamedKey: 'true', world: '1' }); + }); + + it('should append renamed param and policyId', () => { + const options = { + path: '/hello', + policy: mockPolicy, + mappingOptions: { + showAddAgentHelp: { renameKey: 'renamedKey', policyIdAsValue: true }, + }, + paramsToApply: ['showAddAgentHelp'] as OnSaveQueryParamKeys[], + }; + + const hrefOut = appendOnSaveQueryParamsToPath(options); + const [basePath, qs] = parseHref(hrefOut); + expect(basePath).toEqual('/hello'); + expect(qs).toEqual({ renamedKey: mockPolicy.policy_id }); + }); + + it('should append renamed param and policyId (existing param)', () => { + const options = { + path: '/hello?world=1', + policy: mockPolicy, + mappingOptions: { + showAddAgentHelp: { renameKey: 'renamedKey', policyIdAsValue: true }, + }, + paramsToApply: ['showAddAgentHelp'] as OnSaveQueryParamKeys[], + }; + + const hrefOut = appendOnSaveQueryParamsToPath(options); + const [basePath, qs] = parseHref(hrefOut); + expect(basePath).toEqual('/hello'); + expect(qs).toEqual({ renamedKey: mockPolicy.policy_id, world: '1' }); + }); + + it('should append renamed params and policyIds (existing param)', () => { + const options = { + path: '/hello?world=1', + policy: mockPolicy, + mappingOptions: { + showAddAgentHelp: { renameKey: 'renamedKey', policyIdAsValue: true }, + openEnrollmentFlyout: { renameKey: 'renamedKey2', policyIdAsValue: true }, + }, + paramsToApply: ['showAddAgentHelp', 'openEnrollmentFlyout'] as OnSaveQueryParamKeys[], + }; + + const hrefOut = appendOnSaveQueryParamsToPath(options); + const [basePath, qs] = parseHref(hrefOut); + expect(basePath).toEqual('/hello'); + expect(qs).toEqual({ + renamedKey: mockPolicy.policy_id, + renamedKey2: mockPolicy.policy_id, + world: '1', + }); + }); +}); diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/utils/append_on_save_query_params.ts b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/utils/append_on_save_query_params.ts new file mode 100644 index 000000000000000..4b7e3c61806cef6 --- /dev/null +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/utils/append_on_save_query_params.ts @@ -0,0 +1,61 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { parse, stringify } from 'query-string'; + +import type { + CreatePackagePolicyRouteState, + OnSaveQueryParamOpts, + PackagePolicy, + OnSaveQueryParamKeys, +} from '../../../../types'; + +export function appendOnSaveQueryParamsToPath({ + path, + policy, + paramsToApply, + mappingOptions = {}, +}: { + path: string; + policy: PackagePolicy; + paramsToApply: OnSaveQueryParamKeys[]; + mappingOptions?: CreatePackagePolicyRouteState['onSaveQueryParams']; +}) { + const [basePath, queryStringIn] = path.split('?'); + const queryParams = parse(queryStringIn); + + paramsToApply.forEach((paramName) => { + const paramOptions = mappingOptions[paramName]; + if (paramOptions) { + const [paramKey, paramValue] = createQueryParam(paramName, paramOptions, policy.policy_id); + if (paramKey && paramValue) { + queryParams[paramKey] = paramValue; + } + } + }); + + const queryString = stringify(queryParams); + + return basePath + (queryString ? `?${queryString}` : ''); +} + +function createQueryParam( + name: string, + opts: OnSaveQueryParamOpts, + policyId: string +): [string?, string?] { + if (!opts) { + return []; + } + if (typeof opts === 'boolean' && opts) { + return [name, 'true']; + } + + const paramKey = opts.renameKey ? opts.renameKey : name; + const paramValue = opts.policyIdAsValue ? policyId : 'true'; + + return [paramKey, paramValue]; +} diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/utils/index.ts b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/utils/index.ts new file mode 100644 index 000000000000000..15de46e1dc58869 --- /dev/null +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/utils/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { appendOnSaveQueryParamsToPath } from './append_on_save_query_params'; diff --git a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/detail/index.tsx b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/detail/index.tsx index ade290aab4e5e7d..881fc566c932dc8 100644 --- a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/detail/index.tsx +++ b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/detail/index.tsx @@ -250,7 +250,7 @@ export function Detail() { let redirectToPath: CreatePackagePolicyRouteState['onSaveNavigateTo'] & CreatePackagePolicyRouteState['onCancelNavigateTo']; - + let onSaveQueryParams: CreatePackagePolicyRouteState['onSaveQueryParams']; if (agentPolicyIdFromContext) { redirectToPath = [ PLUGIN_ID, @@ -260,6 +260,11 @@ export function Detail() { })[1], }, ]; + + onSaveQueryParams = { + showAddAgentHelp: true, + openEnrollmentFlyout: true, + }; } else { redirectToPath = [ INTEGRATIONS_PLUGIN_ID, @@ -269,10 +274,16 @@ export function Detail() { })[1], }, ]; + + onSaveQueryParams = { + showAddAgentHelp: { renameKey: 'showAddAgentHelpForPolicyId', policyIdAsValue: true }, + openEnrollmentFlyout: { renameKey: 'addAgentToPolicyId', policyIdAsValue: true }, + }; } const redirectBackRouteState: CreatePackagePolicyRouteState = { onSaveNavigateTo: redirectToPath, + onSaveQueryParams, onCancelNavigateTo: [ INTEGRATIONS_PLUGIN_ID, { diff --git a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/detail/policies/components/package_policy_agents_cell.tsx b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/detail/policies/components/package_policy_agents_cell.tsx index e70d10e735571e2..0ecab3290051e44 100644 --- a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/detail/policies/components/package_policy_agents_cell.tsx +++ b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/detail/policies/components/package_policy_agents_cell.tsx @@ -13,7 +13,7 @@ import { FormattedMessage } from '@kbn/i18n/react'; import { LinkedAgentCount, AddAgentHelpPopover } from '../../../../../../components'; const AddAgentButton = ({ onAddAgent }: { onAddAgent: () => void }) => ( - + agentPolicy.id === showAddAgentHelpForPolicyId + )?.packagePolicy?.id; // Handle the "add agent" link displayed in post-installation toast notifications in the case // where a user is clicking the link while on the package policies listing page useEffect(() => { @@ -292,13 +295,13 @@ export const PackagePoliciesPage = ({ name, version }: PackagePoliciesPanelProps name: i18n.translate('xpack.fleet.epm.packageDetails.integrationList.agentCount', { defaultMessage: 'Agents', }), - render({ agentPolicy }: InMemoryPackagePolicyAndAgentPolicy) { + render({ agentPolicy, packagePolicy }: InMemoryPackagePolicyAndAgentPolicy) { return ( setFlyoutOpenForPolicyId(agentPolicy.id)} - hasHelpPopover={showAddAgentHelpForPolicyId === agentPolicy.id} + hasHelpPopover={showAddAgentHelpForPackagePolicyId === packagePolicy.id} /> ); }, @@ -326,7 +329,7 @@ export const PackagePoliciesPage = ({ name, version }: PackagePoliciesPanelProps }, }, ], - [getHref, showAddAgentHelpForPolicyId, viewDataStep] + [getHref, showAddAgentHelpForPackagePolicyId, viewDataStep] ); const noItemsMessage = useMemo(() => { diff --git a/x-pack/plugins/fleet/public/types/intra_app_route_state.ts b/x-pack/plugins/fleet/public/types/intra_app_route_state.ts index 36fd32c2a6584f7..0ea40e6fe569540 100644 --- a/x-pack/plugins/fleet/public/types/intra_app_route_state.ts +++ b/x-pack/plugins/fleet/public/types/intra_app_route_state.ts @@ -7,20 +7,34 @@ import type { ApplicationStart } from 'kibana/public'; -import type { PackagePolicy } from './'; +/** + * Supported query parameters for CreatePackagePolicyRouteState + */ +export type OnSaveQueryParamKeys = 'showAddAgentHelp' | 'openEnrollmentFlyout'; +/** + * Query string parameter options for CreatePackagePolicyRouteState + */ +export type OnSaveQueryParamOpts = + | { + renameKey?: string; // override param name + policyIdAsValue?: boolean; // use policyId as param value instead of true + } + | boolean; /** * Supported routing state for the create package policy page routes */ export interface CreatePackagePolicyRouteState { /** On a successful save of the package policy, use navigate to the given app */ - onSaveNavigateTo?: - | Parameters - | ((newPackagePolicy: PackagePolicy) => Parameters); + onSaveNavigateTo?: Parameters; /** On cancel, navigate to the given app */ onCancelNavigateTo?: Parameters; /** Url to be used on cancel links */ onCancelUrl?: string; + /** supported query params for onSaveNavigateTo path */ + onSaveQueryParams?: { + [key in OnSaveQueryParamKeys]?: OnSaveQueryParamOpts; + }; } /** diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index d95acd2e7d2bcea..27ac5ce5875be13 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -10860,13 +10860,10 @@ "xpack.fleet.createPackagePolicy.cancelButton": "キャンセル", "xpack.fleet.createPackagePolicy.cancelLinkText": "キャンセル", "xpack.fleet.createPackagePolicy.errorOnSaveText": "統合ポリシーにはエラーがあります。保存前に修正してください。", - "xpack.fleet.createPackagePolicy.integrationsContextAddAgentLinkMessage": "エージェントを追加", - "xpack.fleet.createPackagePolicy.integrationsContextaddAgentNextNotificationMessage": "次に、{link}して、データの取り込みを開始します。", "xpack.fleet.createPackagePolicy.pageDescriptionfromPackage": "次の手順に従い、この統合をエージェントポリシーに追加します。", "xpack.fleet.createPackagePolicy.pageDescriptionfromPolicy": "選択したエージェントポリシーの統合を構成します。", "xpack.fleet.createPackagePolicy.pageTitle": "統合の追加", "xpack.fleet.createPackagePolicy.pageTitleWithPackageName": "{packageName}統合の追加", - "xpack.fleet.createPackagePolicy.policyContextAddAgentNextNotificationMessage": "ポリシーが更新されました。エージェントを'{agentPolicyName}'ポリシーに追加して、このポリシーをデプロイします。", "xpack.fleet.createPackagePolicy.saveButton": "統合の保存", "xpack.fleet.createPackagePolicy.stepConfigure.advancedOptionsToggleLinkText": "高度なオプション", "xpack.fleet.createPackagePolicy.stepConfigure.hideStreamsAriaLabel": "{type}入力を非表示", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 3d11a22b24e1b1a..c148a6abbf9e2fb 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -10969,13 +10969,10 @@ "xpack.fleet.createPackagePolicy.cancelButton": "取消", "xpack.fleet.createPackagePolicy.cancelLinkText": "取消", "xpack.fleet.createPackagePolicy.errorOnSaveText": "您的集成策略有错误。请在保存前修复这些错误。", - "xpack.fleet.createPackagePolicy.integrationsContextAddAgentLinkMessage": "添加代理", - "xpack.fleet.createPackagePolicy.integrationsContextaddAgentNextNotificationMessage": "接着,{link}以开始采集数据。", "xpack.fleet.createPackagePolicy.pageDescriptionfromPackage": "按照以下说明将此集成添加到代理策略。", "xpack.fleet.createPackagePolicy.pageDescriptionfromPolicy": "为选定代理策略配置集成。", "xpack.fleet.createPackagePolicy.pageTitle": "添加集成", "xpack.fleet.createPackagePolicy.pageTitleWithPackageName": "添加 {packageName} 集成", - "xpack.fleet.createPackagePolicy.policyContextAddAgentNextNotificationMessage": "策略已更新。将代理添加到“{agentPolicyName}”代理,以部署此策略。", "xpack.fleet.createPackagePolicy.saveButton": "保存集成", "xpack.fleet.createPackagePolicy.stepConfigure.advancedOptionsToggleLinkText": "高级选项", "xpack.fleet.createPackagePolicy.stepConfigure.errorCountText": "{count, plural, other {# 个错误}}", diff --git a/x-pack/test/functional/apps/uptime/synthetics_integration.ts b/x-pack/test/functional/apps/uptime/synthetics_integration.ts index e403c4d25097c8f..bc2d5cdd95e89a8 100644 --- a/x-pack/test/functional/apps/uptime/synthetics_integration.ts +++ b/x-pack/test/functional/apps/uptime/synthetics_integration.ts @@ -166,7 +166,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { const saveButton = await uptimePage.syntheticsIntegration.findSaveButton(); await saveButton.click(); - await testSubjects.missingOrFail('packagePolicyCreateSuccessToast'); + await testSubjects.missingOrFail('postInstallAddAgentModal'); }); }); diff --git a/x-pack/test/functional/page_objects/synthetics_integration_page.ts b/x-pack/test/functional/page_objects/synthetics_integration_page.ts index 5551ea2c3bcd0d3..80c4699f6c21157 100644 --- a/x-pack/test/functional/page_objects/synthetics_integration_page.ts +++ b/x-pack/test/functional/page_objects/synthetics_integration_page.ts @@ -61,7 +61,7 @@ export function SyntheticsIntegrationPageProvider({ * Determines if the policy was created successfully by looking for the creation success toast */ async isPolicyCreatedSuccessfully() { - await testSubjects.existOrFail('packagePolicyCreateSuccessToast'); + await testSubjects.existOrFail('postInstallAddAgentModal'); }, /** From 0928197ad6e7522aac908df6fb985cf83a4e8fd5 Mon Sep 17 00:00:00 2001 From: Thomas Neirynck Date: Mon, 18 Oct 2021 10:33:42 -0400 Subject: [PATCH 34/50] [Fleet] Sample data and copy tweaks (#115078) --- .../server/language_clients/index.ts | 39 +++++-------------- .../custom_integrations/server/plugin.test.ts | 39 +++++-------------- .../sample_data/data_sets/logs/index.ts | 3 +- .../lib/register_with_integrations.ts | 25 ++++++------ .../sample_data/sample_data_registry.test.ts | 24 ++++++++++-- .../sample_data/sample_data_registry.ts | 20 ++++------ .../apis/custom_integration/integrations.ts | 10 ++--- .../data_visualizer/common/constants.ts | 3 -- .../data_visualizer/public/register_home.ts | 12 ++---- .../server/register_custom_integration.ts | 8 +++- .../integrations/layouts/default.tsx | 2 +- .../epm/components/integration_preference.tsx | 2 +- .../epm/screens/home/available_packages.tsx | 2 +- .../layer_template.test.tsx.snap | 4 +- .../layer_template.tsx | 2 +- .../maps/server/tutorials/ems/index.ts | 4 +- .../test/functional/page_objects/gis_page.ts | 2 +- 17 files changed, 82 insertions(+), 119 deletions(-) diff --git a/src/plugins/custom_integrations/server/language_clients/index.ts b/src/plugins/custom_integrations/server/language_clients/index.ts index da61f804b424277..0ce45dbcfcd878e 100644 --- a/src/plugins/custom_integrations/server/language_clients/index.ts +++ b/src/plugins/custom_integrations/server/language_clients/index.ts @@ -23,18 +23,6 @@ interface LanguageIntegration { const ELASTIC_WEBSITE_URL = 'https://www.elastic.co'; const ELASTICSEARCH_CLIENT_URL = `${ELASTIC_WEBSITE_URL}/guide/en/elasticsearch/client`; export const integrations: LanguageIntegration[] = [ - { - id: 'all', - title: i18n.translate('customIntegrations.languageclients.AllTitle', { - defaultMessage: 'Elasticsearch Clients', - }), - euiIconName: 'logoElasticsearch', - description: i18n.translate('customIntegrations.languageclients.AllDescription', { - defaultMessage: - 'Start building your custom application on top of Elasticsearch with the official language clients.', - }), - docUrlTemplate: `${ELASTICSEARCH_CLIENT_URL}/index.html`, - }, { id: 'javascript', title: i18n.translate('customIntegrations.languageclients.JavascriptTitle', { @@ -42,8 +30,7 @@ export const integrations: LanguageIntegration[] = [ }), icon: 'nodejs.svg', description: i18n.translate('customIntegrations.languageclients.JavascriptDescription', { - defaultMessage: - 'Start building your custom application on top of Elasticsearch with the official Node.js client.', + defaultMessage: 'Index data to Elasticsearch with the JavaScript client.', }), docUrlTemplate: `${ELASTICSEARCH_CLIENT_URL}/javascript-api/{branch}/introduction.html`, }, @@ -54,8 +41,7 @@ export const integrations: LanguageIntegration[] = [ }), icon: 'ruby.svg', description: i18n.translate('customIntegrations.languageclients.RubyDescription', { - defaultMessage: - 'Start building your custom application on top of Elasticsearch with the official Ruby client.', + defaultMessage: 'Index data to Elasticsearch with the Ruby client.', }), docUrlTemplate: `${ELASTICSEARCH_CLIENT_URL}/ruby-api/{branch}/ruby_client.html`, }, @@ -66,8 +52,7 @@ export const integrations: LanguageIntegration[] = [ }), icon: 'go.svg', description: i18n.translate('customIntegrations.languageclients.GoDescription', { - defaultMessage: - 'Start building your custom application on top of Elasticsearch with the official Go client.', + defaultMessage: 'Index data to Elasticsearch with the Go client.', }), docUrlTemplate: `${ELASTICSEARCH_CLIENT_URL}/go-api/{branch}/overview.html`, }, @@ -78,8 +63,7 @@ export const integrations: LanguageIntegration[] = [ }), icon: 'dotnet.svg', description: i18n.translate('customIntegrations.languageclients.DotNetDescription', { - defaultMessage: - 'Start building your custom application on top of Elasticsearch with the official .NET client.', + defaultMessage: 'Index data to Elasticsearch with the .NET client.', }), docUrlTemplate: `${ELASTICSEARCH_CLIENT_URL}/net-api/{branch}/index.html`, }, @@ -90,8 +74,7 @@ export const integrations: LanguageIntegration[] = [ }), icon: 'php.svg', description: i18n.translate('customIntegrations.languageclients.PhpDescription', { - defaultMessage: - 'Start building your custom application on top of Elasticsearch with the official .PHP client.', + defaultMessage: 'Index data to Elasticsearch with the PHP client.', }), docUrlTemplate: `${ELASTICSEARCH_CLIENT_URL}/php-api/{branch}/index.html`, }, @@ -102,8 +85,7 @@ export const integrations: LanguageIntegration[] = [ }), icon: 'perl.svg', description: i18n.translate('customIntegrations.languageclients.PerlDescription', { - defaultMessage: - 'Start building your custom application on top of Elasticsearch with the official Perl client.', + defaultMessage: 'Index data to Elasticsearch with the Perl client.', }), docUrlTemplate: `${ELASTICSEARCH_CLIENT_URL}/perl-api/{branch}/index.html`, }, @@ -114,8 +96,7 @@ export const integrations: LanguageIntegration[] = [ }), icon: 'python.svg', description: i18n.translate('customIntegrations.languageclients.PythonDescription', { - defaultMessage: - 'Start building your custom application on top of Elasticsearch with the official Python client.', + defaultMessage: 'Index data to Elasticsearch with the Python client.', }), docUrlTemplate: `${ELASTICSEARCH_CLIENT_URL}/python-api/{branch}/index.html`, }, @@ -126,8 +107,7 @@ export const integrations: LanguageIntegration[] = [ }), icon: 'rust.svg', description: i18n.translate('customIntegrations.languageclients.RustDescription', { - defaultMessage: - 'Start building your custom application on top of Elasticsearch with the official Rust client.', + defaultMessage: 'Index data to Elasticsearch with the Rust client.', }), docUrlTemplate: `${ELASTICSEARCH_CLIENT_URL}/rust-api/{branch}/index.html`, }, @@ -138,8 +118,7 @@ export const integrations: LanguageIntegration[] = [ }), icon: 'java.svg', description: i18n.translate('customIntegrations.languageclients.JavaDescription', { - defaultMessage: - 'Start building your custom application on top of Elasticsearch with the official Java client.', + defaultMessage: 'Index data to Elasticsearch with the Java client.', }), docUrlTemplate: `${ELASTICSEARCH_CLIENT_URL}/java-api-client/{branch}/index.html`, }, diff --git a/src/plugins/custom_integrations/server/plugin.test.ts b/src/plugins/custom_integrations/server/plugin.test.ts index 8dee81ba6cba394..3b18d2e960c2aa9 100644 --- a/src/plugins/custom_integrations/server/plugin.test.ts +++ b/src/plugins/custom_integrations/server/plugin.test.ts @@ -31,23 +31,10 @@ describe('CustomIntegrationsPlugin', () => { test('should register language clients', () => { const setup = new CustomIntegrationsPlugin(initContext).setup(mockCoreSetup); expect(setup.getAppendCustomIntegrations()).toEqual([ - { - id: 'language_client.all', - title: 'Elasticsearch Clients', - description: - 'Start building your custom application on top of Elasticsearch with the official language clients.', - type: 'ui_link', - shipper: 'language_clients', - uiInternalPath: 'https://www.elastic.co/guide/en/elasticsearch/client/index.html', - isBeta: false, - icons: [{ type: 'eui', src: 'logoElasticsearch' }], - categories: ['elastic_stack', 'custom', 'language_client'], - }, { id: 'language_client.javascript', title: 'Elasticsearch JavaScript Client', - description: - 'Start building your custom application on top of Elasticsearch with the official Node.js client.', + description: 'Index data to Elasticsearch with the JavaScript client.', type: 'ui_link', shipper: 'language_clients', uiInternalPath: @@ -59,8 +46,7 @@ describe('CustomIntegrationsPlugin', () => { { id: 'language_client.ruby', title: 'Elasticsearch Ruby Client', - description: - 'Start building your custom application on top of Elasticsearch with the official Ruby client.', + description: 'Index data to Elasticsearch with the Ruby client.', type: 'ui_link', shipper: 'language_clients', uiInternalPath: @@ -72,8 +58,7 @@ describe('CustomIntegrationsPlugin', () => { { id: 'language_client.go', title: 'Elasticsearch Go Client', - description: - 'Start building your custom application on top of Elasticsearch with the official Go client.', + description: 'Index data to Elasticsearch with the Go client.', type: 'ui_link', shipper: 'language_clients', uiInternalPath: @@ -85,8 +70,7 @@ describe('CustomIntegrationsPlugin', () => { { id: 'language_client.dotnet', title: 'Elasticsearch .NET Client', - description: - 'Start building your custom application on top of Elasticsearch with the official .NET client.', + description: 'Index data to Elasticsearch with the .NET client.', type: 'ui_link', shipper: 'language_clients', uiInternalPath: @@ -98,8 +82,7 @@ describe('CustomIntegrationsPlugin', () => { { id: 'language_client.php', title: 'Elasticsearch PHP Client', - description: - 'Start building your custom application on top of Elasticsearch with the official .PHP client.', + description: 'Index data to Elasticsearch with the PHP client.', type: 'ui_link', shipper: 'language_clients', uiInternalPath: @@ -111,8 +94,7 @@ describe('CustomIntegrationsPlugin', () => { { id: 'language_client.perl', title: 'Elasticsearch Perl Client', - description: - 'Start building your custom application on top of Elasticsearch with the official Perl client.', + description: 'Index data to Elasticsearch with the Perl client.', type: 'ui_link', shipper: 'language_clients', uiInternalPath: @@ -124,8 +106,7 @@ describe('CustomIntegrationsPlugin', () => { { id: 'language_client.python', title: 'Elasticsearch Python Client', - description: - 'Start building your custom application on top of Elasticsearch with the official Python client.', + description: 'Index data to Elasticsearch with the Python client.', type: 'ui_link', shipper: 'language_clients', uiInternalPath: @@ -137,8 +118,7 @@ describe('CustomIntegrationsPlugin', () => { { id: 'language_client.rust', title: 'Elasticsearch Rust Client', - description: - 'Start building your custom application on top of Elasticsearch with the official Rust client.', + description: 'Index data to Elasticsearch with the Rust client.', type: 'ui_link', shipper: 'language_clients', uiInternalPath: @@ -150,8 +130,7 @@ describe('CustomIntegrationsPlugin', () => { { id: 'language_client.java', title: 'Elasticsearch Java Client', - description: - 'Start building your custom application on top of Elasticsearch with the official Java client.', + description: 'Index data to Elasticsearch with the Java client.', type: 'ui_link', shipper: 'language_clients', uiInternalPath: diff --git a/src/plugins/home/server/services/sample_data/data_sets/logs/index.ts b/src/plugins/home/server/services/sample_data/data_sets/logs/index.ts index ac783c1a2aba68f..43d42c25574311b 100644 --- a/src/plugins/home/server/services/sample_data/data_sets/logs/index.ts +++ b/src/plugins/home/server/services/sample_data/data_sets/logs/index.ts @@ -20,6 +20,7 @@ const logsDescription = i18n.translate('home.sampleData.logsSpecDescription', { }); const initialAppLinks = [] as AppLinkSchema[]; +export const GLOBE_ICON_PATH = '/plugins/home/assets/sample_data_resources/logs/icon.svg'; export const logsSpecProvider = function (): SampleDatasetSchema { return { id: 'logs', @@ -42,6 +43,6 @@ export const logsSpecProvider = function (): SampleDatasetSchema { }, ], status: 'not_installed', - iconPath: '/plugins/home/assets/sample_data_resources/logs/icon.svg', + iconPath: GLOBE_ICON_PATH, }; }; diff --git a/src/plugins/home/server/services/sample_data/lib/register_with_integrations.ts b/src/plugins/home/server/services/sample_data/lib/register_with_integrations.ts index 96c62b040926c28..e33cd58910fd692 100644 --- a/src/plugins/home/server/services/sample_data/lib/register_with_integrations.ts +++ b/src/plugins/home/server/services/sample_data/lib/register_with_integrations.ts @@ -7,29 +7,26 @@ */ import { CoreSetup } from 'kibana/server'; +import { i18n } from '@kbn/i18n'; import { CustomIntegrationsPluginSetup } from '../../../../../custom_integrations/server'; -import { SampleDatasetSchema } from './sample_dataset_schema'; import { HOME_APP_BASE_PATH } from '../../../../common/constants'; +import { GLOBE_ICON_PATH } from '../data_sets/logs'; export function registerSampleDatasetWithIntegration( customIntegrations: CustomIntegrationsPluginSetup, - core: CoreSetup, - sampleDataset: SampleDatasetSchema + core: CoreSetup ) { customIntegrations.registerCustomIntegration({ - id: sampleDataset.id, - title: sampleDataset.name, - description: sampleDataset.description, + id: 'sample_data_all', + title: i18n.translate('home.sampleData.customIntegrationsTitle', { + defaultMessage: 'Sample Data', + }), + description: i18n.translate('home.sampleData.customIntegrationsDescription', { + defaultMessage: 'Add sample data and assets to Elasticsearch and Kibana.', + }), uiInternalPath: `${HOME_APP_BASE_PATH}#/tutorial_directory/sampleData`, isBeta: false, - icons: sampleDataset.iconPath - ? [ - { - type: 'svg', - src: core.http.basePath.prepend(sampleDataset.iconPath), - }, - ] - : [], + icons: [{ type: 'svg', src: core.http.basePath.prepend(GLOBE_ICON_PATH) }], categories: ['sample_data'], shipper: 'sample_data', }); diff --git a/src/plugins/home/server/services/sample_data/sample_data_registry.test.ts b/src/plugins/home/server/services/sample_data/sample_data_registry.test.ts index 74c4d66c4fb021d..3d836d233d72cfc 100644 --- a/src/plugins/home/server/services/sample_data/sample_data_registry.test.ts +++ b/src/plugins/home/server/services/sample_data/sample_data_registry.test.ts @@ -28,20 +28,36 @@ describe('SampleDataRegistry', () => { }); describe('setup', () => { - test('should register the three sample datasets', () => { + let sampleDataRegistry: SampleDataRegistry; + beforeEach(() => { const initContext = coreMock.createPluginInitializerContext(); - const plugin = new SampleDataRegistry(initContext); - plugin.setup( + sampleDataRegistry = new SampleDataRegistry(initContext); + }); + + test('should register the three sample datasets', () => { + const setup = sampleDataRegistry.setup( mockCoreSetup, mockUsageCollectionPluginSetup, mockCustomIntegrationsPluginSetup ); + const datasets = setup.getSampleDatasets(); + expect(datasets[0].id).toEqual('flights'); + expect(datasets[2].id).toEqual('ecommerce'); + expect(datasets[1].id).toEqual('logs'); + }); + + test('should register the three sample datasets as single card', () => { + sampleDataRegistry.setup( + mockCoreSetup, + mockUsageCollectionPluginSetup, + mockCustomIntegrationsPluginSetup + ); const ids: string[] = mockCustomIntegrationsPluginSetup.registerCustomIntegration.mock.calls.map((args) => { return args[0].id; }); - expect(ids).toEqual(['flights', 'logs', 'ecommerce']); + expect(ids).toEqual(['sample_data_all']); }); }); }); diff --git a/src/plugins/home/server/services/sample_data/sample_data_registry.ts b/src/plugins/home/server/services/sample_data/sample_data_registry.ts index f966a05c1239782..b88f42ca970af84 100644 --- a/src/plugins/home/server/services/sample_data/sample_data_registry.ts +++ b/src/plugins/home/server/services/sample_data/sample_data_registry.ts @@ -28,22 +28,13 @@ export class SampleDataRegistry { constructor(private readonly initContext: PluginInitializerContext) {} private readonly sampleDatasets: SampleDatasetSchema[] = []; - private registerSampleDataSet( - specProvider: SampleDatasetProvider, - core: CoreSetup, - customIntegrations?: CustomIntegrationsPluginSetup - ) { + private registerSampleDataSet(specProvider: SampleDatasetProvider) { let value: SampleDatasetSchema; try { value = sampleDataSchema.validate(specProvider()); } catch (error) { throw new Error(`Unable to register sample dataset spec because it's invalid. ${error}`); } - - if (customIntegrations && core) { - registerSampleDatasetWithIntegration(customIntegrations, core, value); - } - const defaultIndexSavedObjectJson = value.savedObjects.find((savedObjectJson: any) => { return savedObjectJson.type === 'index-pattern' && savedObjectJson.id === value.defaultIndex; }); @@ -86,9 +77,12 @@ export class SampleDataRegistry { ); createUninstallRoute(router, this.sampleDatasets, usageTracker); - this.registerSampleDataSet(flightsSpecProvider, core, customIntegrations); - this.registerSampleDataSet(logsSpecProvider, core, customIntegrations); - this.registerSampleDataSet(ecommerceSpecProvider, core, customIntegrations); + this.registerSampleDataSet(flightsSpecProvider); + this.registerSampleDataSet(logsSpecProvider); + this.registerSampleDataSet(ecommerceSpecProvider); + if (customIntegrations && core) { + registerSampleDatasetWithIntegration(customIntegrations, core); + } return { getSampleDatasets: () => this.sampleDatasets, diff --git a/test/api_integration/apis/custom_integration/integrations.ts b/test/api_integration/apis/custom_integration/integrations.ts index 816e360c5a30bcf..e4797b334a86620 100644 --- a/test/api_integration/apis/custom_integration/integrations.ts +++ b/test/api_integration/apis/custom_integration/integrations.ts @@ -22,12 +22,12 @@ export default function ({ getService }: FtrProviderContext) { expect(resp.body).to.be.an('array'); - // sample data - expect(resp.body.length).to.be.above(14); // at least the language clients + sample data + add data + expect(resp.body.length).to.be(12); - ['flights', 'logs', 'ecommerce'].forEach((sampleData) => { - expect(resp.body.findIndex((c: { id: string }) => c.id === sampleData)).to.be.above(-1); - }); + // Test for sample data card + expect(resp.body.findIndex((c: { id: string }) => c.id === 'sample_data_all')).to.be.above( + -1 + ); }); }); diff --git a/x-pack/plugins/data_visualizer/common/constants.ts b/x-pack/plugins/data_visualizer/common/constants.ts index 5a3a1d8f2e5bf1a..cc661ca6ffeffe8 100644 --- a/x-pack/plugins/data_visualizer/common/constants.ts +++ b/x-pack/plugins/data_visualizer/common/constants.ts @@ -46,7 +46,4 @@ export const applicationPath = `/app/home#/tutorial_directory/${FILE_DATA_VIS_TA export const featureTitle = i18n.translate('xpack.dataVisualizer.title', { defaultMessage: 'Upload a file', }); -export const featureDescription = i18n.translate('xpack.dataVisualizer.description', { - defaultMessage: 'Import your own CSV, NDJSON, or log file.', -}); export const featureId = `file_data_visualizer`; diff --git a/x-pack/plugins/data_visualizer/public/register_home.ts b/x-pack/plugins/data_visualizer/public/register_home.ts index 4f4601ae769777e..9338c93000ec969 100644 --- a/x-pack/plugins/data_visualizer/public/register_home.ts +++ b/x-pack/plugins/data_visualizer/public/register_home.ts @@ -9,13 +9,7 @@ import { i18n } from '@kbn/i18n'; import type { HomePublicPluginSetup } from '../../../../src/plugins/home/public'; import { FeatureCatalogueCategory } from '../../../../src/plugins/home/public'; import { FileDataVisualizerWrapper } from './lazy_load_bundle/component_wrapper'; -import { - featureDescription, - featureTitle, - FILE_DATA_VIS_TAB_ID, - applicationPath, - featureId, -} from '../common'; +import { featureTitle, FILE_DATA_VIS_TAB_ID, applicationPath, featureId } from '../common'; export function registerHomeAddData(home: HomePublicPluginSetup) { home.addData.registerAddDataTab({ @@ -31,7 +25,9 @@ export function registerHomeFeatureCatalogue(home: HomePublicPluginSetup) { home.featureCatalogue.register({ id: featureId, title: featureTitle, - description: featureDescription, + description: i18n.translate('xpack.dataVisualizer.description', { + defaultMessage: 'Import your own CSV, NDJSON, or log file.', + }), icon: 'document', path: applicationPath, showOnHomePage: true, diff --git a/x-pack/plugins/data_visualizer/server/register_custom_integration.ts b/x-pack/plugins/data_visualizer/server/register_custom_integration.ts index 86aa3cd96d6130c..67be78277189b6b 100644 --- a/x-pack/plugins/data_visualizer/server/register_custom_integration.ts +++ b/x-pack/plugins/data_visualizer/server/register_custom_integration.ts @@ -5,14 +5,18 @@ * 2.0. */ +import { i18n } from '@kbn/i18n'; import { CustomIntegrationsPluginSetup } from '../../../../src/plugins/custom_integrations/server'; -import { applicationPath, featureDescription, featureId, featureTitle } from '../common'; +import { applicationPath, featureId, featureTitle } from '../common'; export function registerWithCustomIntegrations(customIntegrations: CustomIntegrationsPluginSetup) { customIntegrations.registerCustomIntegration({ id: featureId, title: featureTitle, - description: featureDescription, + description: i18n.translate('xpack.dataVisualizer.customIntegrationsDescription', { + defaultMessage: + 'Upload data from a CSV, TSV, JSON or other log file to Elasticsearch for analysis.', + }), uiInternalPath: applicationPath, isBeta: false, icons: [ diff --git a/x-pack/plugins/fleet/public/applications/integrations/layouts/default.tsx b/x-pack/plugins/fleet/public/applications/integrations/layouts/default.tsx index 0c46e1af301cf67..d6d6dedf753efb5 100644 --- a/x-pack/plugins/fleet/public/applications/integrations/layouts/default.tsx +++ b/x-pack/plugins/fleet/public/applications/integrations/layouts/default.tsx @@ -41,7 +41,7 @@ export const DefaultLayout: React.FunctionComponent = memo(({ section, ch

diff --git a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/components/integration_preference.tsx b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/components/integration_preference.tsx index ecc5c22c8d8ce5b..4634996d6bc7307 100644 --- a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/components/integration_preference.tsx +++ b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/components/integration_preference.tsx @@ -54,7 +54,7 @@ const title = ( const recommendedTooltip = ( ); diff --git a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/home/available_packages.tsx b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/home/available_packages.tsx index 91b557d0db5b67a..f5c521ebacf16ca 100644 --- a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/home/available_packages.tsx +++ b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/home/available_packages.tsx @@ -181,7 +181,7 @@ export const AvailablePackages: React.FC = memo(() => { let controls = [ - , + , ]; diff --git a/x-pack/plugins/maps/public/classes/layers/choropleth_layer_wizard/__snapshots__/layer_template.test.tsx.snap b/x-pack/plugins/maps/public/classes/layers/choropleth_layer_wizard/__snapshots__/layer_template.test.tsx.snap index 3a301a951ed5718..47dadb1246b38a7 100644 --- a/x-pack/plugins/maps/public/classes/layers/choropleth_layer_wizard/__snapshots__/layer_template.test.tsx.snap +++ b/x-pack/plugins/maps/public/classes/layers/choropleth_layer_wizard/__snapshots__/layer_template.test.tsx.snap @@ -32,7 +32,7 @@ exports[`should render EMS UI when left source is BOUNDARIES_SOURCE.EMS 1`] = ` Array [ Object { "id": "EMS", - "label": "Administrative boundaries from Elastic Maps Service", + "label": "Administrative boundaries from the Elastic Maps Service", }, Object { "id": "ELASTICSEARCH", @@ -85,7 +85,7 @@ exports[`should render elasticsearch UI when left source is BOUNDARIES_SOURCE.EL Array [ Object { "id": "EMS", - "label": "Administrative boundaries from Elastic Maps Service", + "label": "Administrative boundaries from the Elastic Maps Service", }, Object { "id": "ELASTICSEARCH", diff --git a/x-pack/plugins/maps/public/classes/layers/choropleth_layer_wizard/layer_template.tsx b/x-pack/plugins/maps/public/classes/layers/choropleth_layer_wizard/layer_template.tsx index 5bd2b68e61bc4f5..dfca19dbb964b4c 100644 --- a/x-pack/plugins/maps/public/classes/layers/choropleth_layer_wizard/layer_template.tsx +++ b/x-pack/plugins/maps/public/classes/layers/choropleth_layer_wizard/layer_template.tsx @@ -40,7 +40,7 @@ const BOUNDARIES_OPTIONS = [ { id: BOUNDARIES_SOURCE.EMS, label: i18n.translate('xpack.maps.choropleth.boundaries.ems', { - defaultMessage: 'Administrative boundaries from Elastic Maps Service', + defaultMessage: 'Administrative boundaries from the Elastic Maps Service', }), }, { diff --git a/x-pack/plugins/maps/server/tutorials/ems/index.ts b/x-pack/plugins/maps/server/tutorials/ems/index.ts index 94da7c6258faa00..ba8720a7bc8eb37 100644 --- a/x-pack/plugins/maps/server/tutorials/ems/index.ts +++ b/x-pack/plugins/maps/server/tutorials/ems/index.ts @@ -61,11 +61,11 @@ export function emsBoundariesSpecProvider({ return () => ({ id: 'emsBoundaries', name: i18n.translate('xpack.maps.tutorials.ems.nameTitle', { - defaultMessage: 'EMS Boundaries', + defaultMessage: 'Elastic Maps Service', }), category: TutorialsCategory.OTHER, shortDescription: i18n.translate('xpack.maps.tutorials.ems.shortDescription', { - defaultMessage: 'Administrative boundaries from Elastic Maps Service.', + defaultMessage: 'Administrative boundaries from the Elastic Maps Service.', }), longDescription: i18n.translate('xpack.maps.tutorials.ems.longDescription', { defaultMessage: diff --git a/x-pack/test/functional/page_objects/gis_page.ts b/x-pack/test/functional/page_objects/gis_page.ts index 002dc575e956bd9..cd208630656885f 100644 --- a/x-pack/test/functional/page_objects/gis_page.ts +++ b/x-pack/test/functional/page_objects/gis_page.ts @@ -521,7 +521,7 @@ export class GisPageObject extends FtrService { } async selectEMSBoundariesSource() { - this.log.debug(`Select EMS boundaries source`); + this.log.debug(`Select Elastic Maps Service boundaries source`); await this.testSubjects.click('emsBoundaries'); } From 7fe095c2affd543df558de65f97726b8bbf5cc79 Mon Sep 17 00:00:00 2001 From: Esteban Beltran Date: Mon, 18 Oct 2021 16:37:46 +0200 Subject: [PATCH 35/50] [Security Solution] Fix casing for host isolation exceptions name and hide search bar when no entries (#115349) --- .../src/index.ts | 4 +-- .../store/reducer.test.ts | 2 +- .../view/components/delete_modal.test.tsx | 4 +-- .../view/components/delete_modal.tsx | 6 ++-- .../view/components/empty.tsx | 4 +-- .../view/components/form.tsx | 2 +- .../view/components/form_flyout.tsx | 8 ++--- .../view/components/translations.ts | 2 +- .../host_isolation_exceptions_list.test.tsx | 15 +++++++++ .../view/host_isolation_exceptions_list.tsx | 31 +++++++++++-------- .../host_isolation_exceptions/index.ts | 2 +- 11 files changed, 50 insertions(+), 30 deletions(-) diff --git a/packages/kbn-securitysolution-list-constants/src/index.ts b/packages/kbn-securitysolution-list-constants/src/index.ts index 8f5ea4668e00a3d..f0e09ff7bb46182 100644 --- a/packages/kbn-securitysolution-list-constants/src/index.ts +++ b/packages/kbn-securitysolution-list-constants/src/index.ts @@ -73,6 +73,6 @@ export const ENDPOINT_EVENT_FILTERS_LIST_DESCRIPTION = 'Endpoint Security Event export const ENDPOINT_HOST_ISOLATION_EXCEPTIONS_LIST_ID = 'endpoint_host_isolation_exceptions'; export const ENDPOINT_HOST_ISOLATION_EXCEPTIONS_LIST_NAME = - 'Endpoint Security Host Isolation Exceptions List'; + 'Endpoint Security Host isolation exceptions List'; export const ENDPOINT_HOST_ISOLATION_EXCEPTIONS_LIST_DESCRIPTION = - 'Endpoint Security Host Isolation Exceptions List'; + 'Endpoint Security Host isolation exceptions List'; diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/store/reducer.test.ts b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/store/reducer.test.ts index 98b459fac41d38d..17708516763bdd1 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/store/reducer.test.ts +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/store/reducer.test.ts @@ -13,7 +13,7 @@ import { hostIsolationExceptionsPageReducer } from './reducer'; import { getCurrentLocation } from './selector'; import { createEmptyHostIsolationException } from '../utils'; -describe('Host Isolation Exceptions Reducer', () => { +describe('Host isolation exceptions Reducer', () => { let initialState: HostIsolationExceptionsPageState; beforeEach(() => { diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/delete_modal.test.tsx b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/delete_modal.test.tsx index 2118a8de9b9ed71..9cca87bf61d6a24 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/delete_modal.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/delete_modal.test.tsx @@ -104,7 +104,7 @@ describe('When on the host isolation exceptions delete modal', () => { }); expect(coreStart.notifications.toasts.addSuccess).toHaveBeenCalledWith( - '"some name" has been removed from the Host Isolation Exceptions list.' + '"some name" has been removed from the Host isolation exceptions list.' ); }); @@ -129,7 +129,7 @@ describe('When on the host isolation exceptions delete modal', () => { }); expect(coreStart.notifications.toasts.addDanger).toHaveBeenCalledWith( - 'Unable to remove "some name" from the Host Isolation Exceptions list. Reason: That\'s not true. That\'s impossible' + 'Unable to remove "some name" from the Host isolation exceptions list. Reason: That\'s not true. That\'s impossible' ); }); }); diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/delete_modal.tsx b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/delete_modal.tsx index 61b0bb7f930c3c7..51e0ab5a5a15454 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/delete_modal.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/delete_modal.tsx @@ -54,7 +54,7 @@ export const HostIsolationExceptionDeleteModal = memo<{}>(() => { i18n.translate( 'xpack.securitySolution.hostIsolationExceptions.deletionDialog.deleteSuccess', { - defaultMessage: '"{name}" has been removed from the Host Isolation Exceptions list.', + defaultMessage: '"{name}" has been removed from the Host isolation exceptions list.', values: { name: exception?.name }, } ) @@ -72,7 +72,7 @@ export const HostIsolationExceptionDeleteModal = memo<{}>(() => { 'xpack.securitySolution.hostIsolationExceptions.deletionDialog.deleteFailure', { defaultMessage: - 'Unable to remove "{name}" from the Host Isolation Exceptions list. Reason: {message}', + 'Unable to remove "{name}" from the Host isolation exceptions list. Reason: {message}', values: { name: exception?.name, message: deleteError.message }, } ) @@ -86,7 +86,7 @@ export const HostIsolationExceptionDeleteModal = memo<{}>(() => { diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/empty.tsx b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/empty.tsx index eb53268a9fbd883..88cd0abc365cfc6 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/empty.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/empty.tsx @@ -25,7 +25,7 @@ export const HostIsolationExceptionsEmptyState = memo<{ onAdd: () => void }>(({

} @@ -39,7 +39,7 @@ export const HostIsolationExceptionsEmptyState = memo<{ onAdd: () => void }>(({ } diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form.tsx b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form.tsx index 7b13df16da4833f..01fe8583bae606e 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form.tsx @@ -179,7 +179,7 @@ export const HostIsolationExceptionsForm: React.FC<{ diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form_flyout.tsx b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form_flyout.tsx index 14e976226c47049..e87ac2adeab4979 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form_flyout.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/form_flyout.tsx @@ -181,12 +181,12 @@ export const HostIsolationExceptionsFormFlyout: React.FC<{}> = memo(() => { {exception?.item_id ? ( ) : ( )} @@ -206,14 +206,14 @@ export const HostIsolationExceptionsFormFlyout: React.FC<{}> = memo(() => {

) : (

)} diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/translations.ts b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/translations.ts index 207e094453d9057..69f2c7809a52ae8 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/translations.ts +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/components/translations.ts @@ -32,7 +32,7 @@ export const NAME_ERROR = i18n.translate( export const DESCRIPTION_PLACEHOLDER = i18n.translate( 'xpack.securitySolution.hostIsolationExceptions.form.description.placeholder', { - defaultMessage: 'Describe your Host Isolation Exception', + defaultMessage: 'Describe your Host isolation exception', } ); diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.test.tsx b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.test.tsx index a7dfb66b022352c..5113457e5bccc6a 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.test.tsx @@ -67,11 +67,18 @@ describe('When on the host isolation exceptions page', () => { await dataReceived(); expect(renderResult.getByTestId('hostIsolationExceptionsEmpty')).toBeTruthy(); }); + + it('should not display the search bar', async () => { + render(); + await dataReceived(); + expect(renderResult.queryByTestId('searchExceptions')).toBeFalsy(); + }); }); describe('And data exists', () => { beforeEach(async () => { getHostIsolationExceptionItemsMock.mockImplementation(getFoundExceptionListItemSchemaMock); }); + it('should show loading indicator while retrieving data', async () => { let releaseApiResponse: (value?: unknown) => void; @@ -88,6 +95,12 @@ describe('When on the host isolation exceptions page', () => { expect(renderResult.container.querySelector('.euiProgress')).toBeNull(); }); + it('should display the search bar', async () => { + render(); + await dataReceived(); + expect(renderResult.getByTestId('searchExceptions')).toBeTruthy(); + }); + it('should show items on the list', async () => { render(); await dataReceived(); @@ -113,6 +126,7 @@ describe('When on the host isolation exceptions page', () => { ).toEqual(' Server is too far away'); }); }); + describe('is license platinum plus', () => { beforeEach(() => { isPlatinumPlusMock.mockReturnValue(true); @@ -131,6 +145,7 @@ describe('When on the host isolation exceptions page', () => { expect(renderResult.queryByTestId('hostIsolationExceptionsCreateEditFlyout')).toBeTruthy(); }); }); + describe('is not license platinum plus', () => { beforeEach(() => { isPlatinumPlusMock.mockReturnValue(false); diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.tsx b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.tsx index f4a89e89a9f67ed..096575bab360cd4 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.tsx @@ -127,7 +127,7 @@ export const HostIsolationExceptionsList = () => { title={ } actions={ @@ -141,7 +141,7 @@ export const HostIsolationExceptionsList = () => { > ) : ( @@ -151,18 +151,23 @@ export const HostIsolationExceptionsList = () => { > {showFlyout && } - - {itemToDelete ? : null} + + {listItems.length ? ( + + ) : null} + + + items={listItems} ItemComponent={ArtifactEntryCard} diff --git a/x-pack/plugins/security_solution/scripts/endpoint/host_isolation_exceptions/index.ts b/x-pack/plugins/security_solution/scripts/endpoint/host_isolation_exceptions/index.ts index b9b70c4c1da1956..15f0b2f65cb9565 100644 --- a/x-pack/plugins/security_solution/scripts/endpoint/host_isolation_exceptions/index.ts +++ b/x-pack/plugins/security_solution/scripts/endpoint/host_isolation_exceptions/index.ts @@ -31,7 +31,7 @@ export const cli = () => { } }, { - description: 'Load Host Isolation Exceptions', + description: 'Load Host isolation exceptions', flags: { string: ['kibana'], default: { From 512b5f840c40694bec2f4bca9047ab775ee26b88 Mon Sep 17 00:00:00 2001 From: Peter Pisljar Date: Mon, 18 Oct 2021 16:38:38 +0200 Subject: [PATCH 36/50] fixing visualize enbeddableRendered event (#115336) --- src/plugins/vis_default_editor/public/default_editor.tsx | 7 ++++--- .../public/embeddable/visualize_embeddable.ts | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/src/plugins/vis_default_editor/public/default_editor.tsx b/src/plugins/vis_default_editor/public/default_editor.tsx index e9a24d346ff3c85..6619fb3dad9ccbe 100644 --- a/src/plugins/vis_default_editor/public/default_editor.tsx +++ b/src/plugins/vis_default_editor/public/default_editor.tsx @@ -60,9 +60,10 @@ function DefaultEditor({ return; } - embeddableHandler.render(visRef.current); - setTimeout(() => { - eventEmitter.emit('embeddableRendered'); + embeddableHandler.render(visRef.current).then(() => { + setTimeout(async () => { + eventEmitter.emit('embeddableRendered'); + }); }); return () => embeddableHandler.destroy(); diff --git a/src/plugins/visualizations/public/embeddable/visualize_embeddable.ts b/src/plugins/visualizations/public/embeddable/visualize_embeddable.ts index 0c7d58453db69cd..5868489934dc510 100644 --- a/src/plugins/visualizations/public/embeddable/visualize_embeddable.ts +++ b/src/plugins/visualizations/public/embeddable/visualize_embeddable.ts @@ -358,7 +358,7 @@ export class VisualizeEmbeddable this.subscriptions.push(this.handler.loading$.subscribe(this.onContainerLoading)); this.subscriptions.push(this.handler.render$.subscribe(this.onContainerRender)); - this.updateHandler(); + await this.updateHandler(); } public destroy() { From 08dbb54607db12e46ed5b610bba4a387bd3c1d45 Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Mon, 18 Oct 2021 15:49:19 +0100 Subject: [PATCH 37/50] skip flaky suites (#115303) --- .../apps/saved_objects_management/spaces_integration.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/test/functional/apps/saved_objects_management/spaces_integration.ts b/x-pack/test/functional/apps/saved_objects_management/spaces_integration.ts index 62c742e39d02b81..509cfbbab666f39 100644 --- a/x-pack/test/functional/apps/saved_objects_management/spaces_integration.ts +++ b/x-pack/test/functional/apps/saved_objects_management/spaces_integration.ts @@ -31,7 +31,8 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { return bools.every((currBool) => currBool === true); }; - describe('spaces integration', () => { + // FLAKY: https://github.com/elastic/kibana/issues/115303 + describe.skip('spaces integration', () => { before(async () => { await spacesService.create({ id: spaceId, name: spaceId }); await kibanaServer.importExport.load( From 71d79618354d0d8e0fd66eca5b00441fd89ba281 Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Mon, 18 Oct 2021 15:54:35 +0100 Subject: [PATCH 38/50] skip flaky suite (#84992) --- x-pack/test/functional/apps/uptime/ping_redirects.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/test/functional/apps/uptime/ping_redirects.ts b/x-pack/test/functional/apps/uptime/ping_redirects.ts index 03185ac9f146698..748163cb5ec7802 100644 --- a/x-pack/test/functional/apps/uptime/ping_redirects.ts +++ b/x-pack/test/functional/apps/uptime/ping_redirects.ts @@ -19,7 +19,8 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { const monitor = () => uptime.monitor; - describe('Ping redirects', () => { + // FLAKY: https://github.com/elastic/kibana/issues/84992 + describe.skip('Ping redirects', () => { const start = '~ 15 minutes ago'; const end = 'now'; From 2a7ed2e7187edb9d36e3d4eb3575fcf252e774a2 Mon Sep 17 00:00:00 2001 From: Quynh Nguyen <43350163+qn895@users.noreply.github.com> Date: Mon, 18 Oct 2021 10:01:23 -0500 Subject: [PATCH 39/50] [ML] Add context popover for APM latency correlations & failed transactions correlations (#113679) * [ML] Add context popover, api tests, unit tests * [ML] Add sample size context * [ML] Fix translations * [ML] Add tooltip * [ML] Clean up & fix types * [ML] Add spacer, fix popover button * [ML] Add accented highlight, truncation, center alignment * [ML] Bold texts * Change color to primary, add tooltip * Take out sample * Update on add filter callback * Refactor requests body * Fix types, tests * Fix include * Remove isPopulatedObject completely * Fix top values Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../failed_transactions_correlations/types.ts | 2 + .../search_strategies/field_stats_types.ts | 57 ++++++ .../latency_correlations/types.ts | 2 + .../context_popover/context_popover.tsx | 124 +++++++++++++ .../app/correlations/context_popover/index.ts | 8 + .../context_popover/top_values.tsx | 169 +++++++++++++++++ .../failed_transactions_correlations.tsx | 116 ++++++------ .../app/correlations/latency_correlations.tsx | 75 ++++++-- .../server/lib/search_strategies/constants.ts | 7 + ...ransactions_correlations_search_service.ts | 39 +++- ...tions_correlations_search_service_state.ts | 8 + .../latency_correlations_search_service.ts | 18 ++ ...tency_correlations_search_service_state.ts | 7 + .../field_stats/get_boolean_field_stats.ts | 87 +++++++++ .../field_stats/get_field_stats.test.ts | 170 ++++++++++++++++++ .../queries/field_stats/get_fields_stats.ts | 110 ++++++++++++ .../field_stats/get_keyword_field_stats.ts | 87 +++++++++ .../field_stats/get_numeric_field_stats.ts | 130 ++++++++++++++ .../utils/field_stats_utils.ts | 58 ++++++ .../translations/translations/ja-JP.json | 1 - .../translations/translations/zh-CN.json | 1 - .../tests/correlations/failed_transactions.ts | 8 + .../tests/correlations/latency.ts | 9 + 23 files changed, 1214 insertions(+), 79 deletions(-) create mode 100644 x-pack/plugins/apm/common/search_strategies/field_stats_types.ts create mode 100644 x-pack/plugins/apm/public/components/app/correlations/context_popover/context_popover.tsx create mode 100644 x-pack/plugins/apm/public/components/app/correlations/context_popover/index.ts create mode 100644 x-pack/plugins/apm/public/components/app/correlations/context_popover/top_values.tsx create mode 100644 x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_boolean_field_stats.ts create mode 100644 x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_field_stats.test.ts create mode 100644 x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_fields_stats.ts create mode 100644 x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_keyword_field_stats.ts create mode 100644 x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_numeric_field_stats.ts create mode 100644 x-pack/plugins/apm/server/lib/search_strategies/utils/field_stats_utils.ts diff --git a/x-pack/plugins/apm/common/search_strategies/failed_transactions_correlations/types.ts b/x-pack/plugins/apm/common/search_strategies/failed_transactions_correlations/types.ts index 857e1e9dbe95db9..266d7246c35d4f9 100644 --- a/x-pack/plugins/apm/common/search_strategies/failed_transactions_correlations/types.ts +++ b/x-pack/plugins/apm/common/search_strategies/failed_transactions_correlations/types.ts @@ -13,6 +13,7 @@ import { } from '../types'; import { FAILED_TRANSACTIONS_IMPACT_THRESHOLD } from './constants'; +import { FieldStats } from '../field_stats_types'; export interface FailedTransactionsCorrelation extends FieldValuePair { doc_count: number; @@ -42,4 +43,5 @@ export interface FailedTransactionsCorrelationsRawResponse percentileThresholdValue?: number; overallHistogram?: HistogramItem[]; errorHistogram?: HistogramItem[]; + fieldStats?: FieldStats[]; } diff --git a/x-pack/plugins/apm/common/search_strategies/field_stats_types.ts b/x-pack/plugins/apm/common/search_strategies/field_stats_types.ts new file mode 100644 index 000000000000000..d96bb4408f0e896 --- /dev/null +++ b/x-pack/plugins/apm/common/search_strategies/field_stats_types.ts @@ -0,0 +1,57 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { estypes } from '@elastic/elasticsearch'; +import { SearchStrategyParams } from './types'; + +export interface FieldStatsCommonRequestParams extends SearchStrategyParams { + samplerShardSize: number; +} + +export interface Field { + fieldName: string; + type: string; + cardinality: number; +} + +export interface Aggs { + [key: string]: estypes.AggregationsAggregationContainer; +} + +export interface TopValueBucket { + key: string | number; + doc_count: number; +} + +export interface TopValuesStats { + count?: number; + fieldName: string; + topValues: TopValueBucket[]; + topValuesSampleSize: number; + isTopValuesSampled?: boolean; + topValuesSamplerShardSize?: number; +} + +export interface NumericFieldStats extends TopValuesStats { + min: number; + max: number; + avg: number; + median?: number; +} + +export type KeywordFieldStats = TopValuesStats; + +export interface BooleanFieldStats { + fieldName: string; + count: number; + [key: string]: number | string; +} + +export type FieldStats = + | NumericFieldStats + | KeywordFieldStats + | BooleanFieldStats; diff --git a/x-pack/plugins/apm/common/search_strategies/latency_correlations/types.ts b/x-pack/plugins/apm/common/search_strategies/latency_correlations/types.ts index 75d526202bb0825..2eb2b3715945963 100644 --- a/x-pack/plugins/apm/common/search_strategies/latency_correlations/types.ts +++ b/x-pack/plugins/apm/common/search_strategies/latency_correlations/types.ts @@ -11,6 +11,7 @@ import { RawResponseBase, SearchStrategyClientParams, } from '../types'; +import { FieldStats } from '../field_stats_types'; export interface LatencyCorrelation extends FieldValuePair { correlation: number; @@ -40,4 +41,5 @@ export interface LatencyCorrelationsRawResponse extends RawResponseBase { overallHistogram?: HistogramItem[]; percentileThresholdValue?: number; latencyCorrelations?: LatencyCorrelation[]; + fieldStats?: FieldStats[]; } diff --git a/x-pack/plugins/apm/public/components/app/correlations/context_popover/context_popover.tsx b/x-pack/plugins/apm/public/components/app/correlations/context_popover/context_popover.tsx new file mode 100644 index 000000000000000..4a0f7d81e24dc31 --- /dev/null +++ b/x-pack/plugins/apm/public/components/app/correlations/context_popover/context_popover.tsx @@ -0,0 +1,124 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { + EuiButtonIcon, + EuiFlexGroup, + EuiFlexItem, + EuiPopover, + EuiPopoverTitle, + EuiSpacer, + EuiText, + EuiTitle, + EuiToolTip, +} from '@elastic/eui'; +import React, { Fragment, useState } from 'react'; +import { i18n } from '@kbn/i18n'; +import { FormattedMessage } from '@kbn/i18n/react'; +import { FieldStats } from '../../../../../common/search_strategies/field_stats_types'; +import { OnAddFilter, TopValues } from './top_values'; +import { useTheme } from '../../../../hooks/use_theme'; + +export function CorrelationsContextPopover({ + fieldName, + fieldValue, + topValueStats, + onAddFilter, +}: { + fieldName: string; + fieldValue: string | number; + topValueStats?: FieldStats; + onAddFilter: OnAddFilter; +}) { + const [infoIsOpen, setInfoOpen] = useState(false); + const theme = useTheme(); + + if (!topValueStats) return null; + + const popoverTitle = ( + + + +
{fieldName}
+ + + + ); + + return ( + + ) => { + setInfoOpen(!infoIsOpen); + }} + aria-label={i18n.translate( + 'xpack.apm.correlations.fieldContextPopover.topFieldValuesAriaLabel', + { + defaultMessage: 'Show top 10 field values', + } + )} + data-test-subj={'apmCorrelationsContextPopoverButton'} + style={{ marginLeft: theme.eui.paddingSizes.xs }} + /> + + } + isOpen={infoIsOpen} + closePopover={() => setInfoOpen(false)} + anchorPosition="rightCenter" + data-test-subj={'apmCorrelationsContextPopover'} + > + {popoverTitle} + +
+ {i18n.translate( + 'xpack.apm.correlations.fieldContextPopover.fieldTopValuesLabel', + { + defaultMessage: 'Top 10 values', + } + )} +
+ + {infoIsOpen ? ( + <> + + {topValueStats.topValuesSampleSize !== undefined && ( + + + + + + + )} + + ) : null} + + ); +} diff --git a/x-pack/plugins/apm/public/components/app/correlations/context_popover/index.ts b/x-pack/plugins/apm/public/components/app/correlations/context_popover/index.ts new file mode 100644 index 000000000000000..5588328da44527f --- /dev/null +++ b/x-pack/plugins/apm/public/components/app/correlations/context_popover/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { CorrelationsContextPopover } from './context_popover'; diff --git a/x-pack/plugins/apm/public/components/app/correlations/context_popover/top_values.tsx b/x-pack/plugins/apm/public/components/app/correlations/context_popover/top_values.tsx new file mode 100644 index 000000000000000..803b474fe775426 --- /dev/null +++ b/x-pack/plugins/apm/public/components/app/correlations/context_popover/top_values.tsx @@ -0,0 +1,169 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import React from 'react'; +import { + EuiButtonIcon, + EuiFlexGroup, + EuiFlexItem, + EuiProgress, + EuiSpacer, + EuiToolTip, +} from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import { FieldStats } from '../../../../../common/search_strategies/field_stats_types'; +import { asPercent } from '../../../../../common/utils/formatters'; +import { useTheme } from '../../../../hooks/use_theme'; + +export type OnAddFilter = ({ + fieldName, + fieldValue, + include, +}: { + fieldName: string; + fieldValue: string | number; + include: boolean; +}) => void; + +interface Props { + topValueStats: FieldStats; + compressed?: boolean; + onAddFilter?: OnAddFilter; + fieldValue?: string | number; +} + +export function TopValues({ topValueStats, onAddFilter, fieldValue }: Props) { + const { topValues, topValuesSampleSize, count, fieldName } = topValueStats; + const theme = useTheme(); + + if (!Array.isArray(topValues) || topValues.length === 0) return null; + + const sampledSize = + typeof topValuesSampleSize === 'string' + ? parseInt(topValuesSampleSize, 10) + : topValuesSampleSize; + const progressBarMax = sampledSize ?? count; + return ( +
+ {Array.isArray(topValues) && + topValues.map((value) => { + const isHighlighted = + fieldValue !== undefined && value.key === fieldValue; + const barColor = isHighlighted ? 'accent' : 'primary'; + const valueText = + progressBarMax !== undefined + ? asPercent(value.doc_count, progressBarMax) + : undefined; + + return ( + <> + + + + + {value.key} + + } + className="eui-textTruncate" + aria-label={value.key.toString()} + valueText={valueText} + labelProps={ + isHighlighted + ? { + style: { fontWeight: 'bold' }, + } + : undefined + } + /> + + {fieldName !== undefined && + value.key !== undefined && + onAddFilter !== undefined ? ( + <> + { + onAddFilter({ + fieldName, + fieldValue: + typeof value.key === 'number' + ? value.key.toString() + : value.key, + include: true, + }); + }} + aria-label={i18n.translate( + 'xpack.apm.correlations.fieldContextPopover.addFilterAriaLabel', + { + defaultMessage: 'Filter for {fieldName}: "{value}"', + values: { fieldName, value: value.key }, + } + )} + data-test-subj={`apmFieldContextTopValuesAddFilterButton-${value.key}-${value.key}`} + style={{ + minHeight: 'auto', + width: theme.eui.euiSizeL, + paddingRight: 2, + paddingLeft: 2, + paddingTop: 0, + paddingBottom: 0, + }} + /> + { + onAddFilter({ + fieldName, + fieldValue: + typeof value.key === 'number' + ? value.key.toString() + : value.key, + include: false, + }); + }} + aria-label={i18n.translate( + 'xpack.apm.correlations.fieldContextPopover.removeFilterAriaLabel', + { + defaultMessage: 'Filter out {fieldName}: "{value}"', + values: { fieldName, value: value.key }, + } + )} + data-test-subj={`apmFieldContextTopValuesExcludeFilterButton-${value.key}-${value.key}`} + style={{ + minHeight: 'auto', + width: theme.eui.euiSizeL, + paddingTop: 0, + paddingBottom: 0, + paddingRight: 2, + paddingLeft: 2, + }} + /> + + ) : null} + + + ); + })} +
+ ); +} diff --git a/x-pack/plugins/apm/public/components/app/correlations/failed_transactions_correlations.tsx b/x-pack/plugins/apm/public/components/app/correlations/failed_transactions_correlations.tsx index d73ed9d58e526e4..a177733b3ecaf04 100644 --- a/x-pack/plugins/apm/public/components/app/correlations/failed_transactions_correlations.tsx +++ b/x-pack/plugins/apm/public/components/app/correlations/failed_transactions_correlations.tsx @@ -15,12 +15,10 @@ import { EuiFlexItem, EuiSpacer, EuiIcon, - EuiLink, EuiTitle, EuiBetaBadge, EuiBadge, EuiToolTip, - RIGHT_ALIGNMENT, EuiSwitch, EuiIconTip, } from '@elastic/eui'; @@ -45,7 +43,7 @@ import { FETCH_STATUS } from '../../../hooks/use_fetcher'; import { useSearchStrategy } from '../../../hooks/use_search_strategy'; import { ImpactBar } from '../../shared/ImpactBar'; -import { createHref, push } from '../../shared/Links/url_helpers'; +import { push } from '../../shared/Links/url_helpers'; import { CorrelationsTable } from './correlations_table'; import { FailedTransactionsCorrelationsHelpPopover } from './failed_transactions_correlations_help_popover'; @@ -62,6 +60,9 @@ import { CrossClusterSearchCompatibilityWarning } from './cross_cluster_search_w import { CorrelationsProgressControls } from './progress_controls'; import { useLocalStorage } from '../../../hooks/useLocalStorage'; import { useTheme } from '../../../hooks/use_theme'; +import { CorrelationsContextPopover } from './context_popover'; +import { FieldStats } from '../../../../common/search_strategies/field_stats_types'; +import { OnAddFilter } from './context_popover/top_values'; export function FailedTransactionsCorrelations({ onFilter, @@ -81,6 +82,14 @@ export function FailedTransactionsCorrelations({ percentileThreshold: DEFAULT_PERCENTILE_THRESHOLD, } ); + + const fieldStats: Record | undefined = useMemo(() => { + return response.fieldStats?.reduce((obj, field) => { + obj[field.fieldName] = field; + return obj; + }, {} as Record); + }, [response?.fieldStats]); + const progressNormalized = progress.loaded / progress.total; const { overallHistogram, hasData, status } = getOverallHistogram( response, @@ -104,6 +113,28 @@ export function FailedTransactionsCorrelations({ setShowStats(!showStats); }, [setShowStats, showStats]); + const onAddFilter = useCallback( + ({ fieldName, fieldValue, include }) => { + if (include) { + push(history, { + query: { + kuery: `${fieldName}:"${fieldValue}"`, + }, + }); + trackApmEvent({ metric: 'correlations_term_include_filter' }); + } else { + push(history, { + query: { + kuery: `not ${fieldName}:"${fieldValue}"`, + }, + }); + trackApmEvent({ metric: 'correlations_term_exclude_filter' }); + } + onFilter(); + }, + [onFilter, history, trackApmEvent] + ); + const failedTransactionsCorrelationsColumns: Array< EuiBasicTableColumn > = useMemo(() => { @@ -227,7 +258,6 @@ export function FailedTransactionsCorrelations({ )} ), - align: RIGHT_ALIGNMENT, render: (_, { normalizedScore }) => { return ( <> @@ -264,6 +294,17 @@ export function FailedTransactionsCorrelations({ 'xpack.apm.correlations.failedTransactions.correlationsTable.fieldNameLabel', { defaultMessage: 'Field name' } ), + render: (_, { fieldName, fieldValue }) => ( + <> + {fieldName} + + + ), sortable: true, }, { @@ -290,15 +331,15 @@ export function FailedTransactionsCorrelations({ ), icon: 'plusInCircle', type: 'icon', - onClick: (term: FailedTransactionsCorrelation) => { - push(history, { - query: { - kuery: `${term.fieldName}:"${term.fieldValue}"`, - }, - }); - onFilter(); - trackApmEvent({ metric: 'correlations_term_include_filter' }); - }, + onClick: ({ + fieldName, + fieldValue, + }: FailedTransactionsCorrelation) => + onAddFilter({ + fieldName, + fieldValue, + include: true, + }), }, { name: i18n.translate( @@ -311,49 +352,20 @@ export function FailedTransactionsCorrelations({ ), icon: 'minusInCircle', type: 'icon', - onClick: (term: FailedTransactionsCorrelation) => { - push(history, { - query: { - kuery: `not ${term.fieldName}:"${term.fieldValue}"`, - }, - }); - onFilter(); - trackApmEvent({ metric: 'correlations_term_exclude_filter' }); - }, + onClick: ({ + fieldName, + fieldValue, + }: FailedTransactionsCorrelation) => + onAddFilter({ + fieldName, + fieldValue, + include: false, + }), }, ], - name: i18n.translate( - 'xpack.apm.correlations.correlationsTable.actionsLabel', - { defaultMessage: 'Filter' } - ), - render: (_, { fieldName, fieldValue }) => { - return ( - <> - - - -  /  - - - - - ); - }, }, ] as Array>; - }, [history, onFilter, trackApmEvent, showStats]); + }, [fieldStats, onAddFilter, showStats]); useEffect(() => { if (isErrorMessage(progress.error)) { diff --git a/x-pack/plugins/apm/public/components/app/correlations/latency_correlations.tsx b/x-pack/plugins/apm/public/components/app/correlations/latency_correlations.tsx index 167df0fd10b40cb..75af7fae4ce120f 100644 --- a/x-pack/plugins/apm/public/components/app/correlations/latency_correlations.tsx +++ b/x-pack/plugins/apm/public/components/app/correlations/latency_correlations.tsx @@ -53,6 +53,9 @@ import { CorrelationsLog } from './correlations_log'; import { CorrelationsEmptyStatePrompt } from './empty_state_prompt'; import { CrossClusterSearchCompatibilityWarning } from './cross_cluster_search_warning'; import { CorrelationsProgressControls } from './progress_controls'; +import { FieldStats } from '../../../../common/search_strategies/field_stats_types'; +import { CorrelationsContextPopover } from './context_popover'; +import { OnAddFilter } from './context_popover/top_values'; export function LatencyCorrelations({ onFilter }: { onFilter: () => void }) { const { @@ -74,6 +77,13 @@ export function LatencyCorrelations({ onFilter }: { onFilter: () => void }) { progress.isRunning ); + const fieldStats: Record | undefined = useMemo(() => { + return response.fieldStats?.reduce((obj, field) => { + obj[field.fieldName] = field; + return obj; + }, {} as Record); + }, [response?.fieldStats]); + useEffect(() => { if (isErrorMessage(progress.error)) { notifications.toasts.addDanger({ @@ -104,6 +114,28 @@ export function LatencyCorrelations({ onFilter }: { onFilter: () => void }) { const history = useHistory(); const trackApmEvent = useUiTracker({ app: 'apm' }); + const onAddFilter = useCallback( + ({ fieldName, fieldValue, include }) => { + if (include) { + push(history, { + query: { + kuery: `${fieldName}:"${fieldValue}"`, + }, + }); + trackApmEvent({ metric: 'correlations_term_include_filter' }); + } else { + push(history, { + query: { + kuery: `not ${fieldName}:"${fieldValue}"`, + }, + }); + trackApmEvent({ metric: 'correlations_term_exclude_filter' }); + } + onFilter(); + }, + [onFilter, history, trackApmEvent] + ); + const mlCorrelationColumns: Array> = useMemo( () => [ @@ -147,6 +179,17 @@ export function LatencyCorrelations({ onFilter }: { onFilter: () => void }) { 'xpack.apm.correlations.latencyCorrelations.correlationsTable.fieldNameLabel', { defaultMessage: 'Field name' } ), + render: (_, { fieldName, fieldValue }) => ( + <> + {fieldName} + + + ), sortable: true, }, { @@ -172,15 +215,12 @@ export function LatencyCorrelations({ onFilter }: { onFilter: () => void }) { ), icon: 'plusInCircle', type: 'icon', - onClick: (term: LatencyCorrelation) => { - push(history, { - query: { - kuery: `${term.fieldName}:"${term.fieldValue}"`, - }, - }); - onFilter(); - trackApmEvent({ metric: 'correlations_term_include_filter' }); - }, + onClick: ({ fieldName, fieldValue }: LatencyCorrelation) => + onAddFilter({ + fieldName, + fieldValue, + include: true, + }), }, { name: i18n.translate( @@ -193,15 +233,12 @@ export function LatencyCorrelations({ onFilter }: { onFilter: () => void }) { ), icon: 'minusInCircle', type: 'icon', - onClick: (term: LatencyCorrelation) => { - push(history, { - query: { - kuery: `not ${term.fieldName}:"${term.fieldValue}"`, - }, - }); - onFilter(); - trackApmEvent({ metric: 'correlations_term_exclude_filter' }); - }, + onClick: ({ fieldName, fieldValue }: LatencyCorrelation) => + onAddFilter({ + fieldName, + fieldValue, + include: false, + }), }, ], name: i18n.translate( @@ -210,7 +247,7 @@ export function LatencyCorrelations({ onFilter }: { onFilter: () => void }) { ), }, ], - [history, onFilter, trackApmEvent] + [fieldStats, onAddFilter] ); const [sortField, setSortField] = diff --git a/x-pack/plugins/apm/server/lib/search_strategies/constants.ts b/x-pack/plugins/apm/server/lib/search_strategies/constants.ts index 5500e336c354253..5af1b2163072050 100644 --- a/x-pack/plugins/apm/server/lib/search_strategies/constants.ts +++ b/x-pack/plugins/apm/server/lib/search_strategies/constants.ts @@ -81,3 +81,10 @@ export const CORRELATION_THRESHOLD = 0.3; export const KS_TEST_THRESHOLD = 0.1; export const ERROR_CORRELATION_THRESHOLD = 0.02; + +/** + * Field stats/top values sampling constants + */ + +export const SAMPLER_TOP_TERMS_THRESHOLD = 100000; +export const SAMPLER_TOP_TERMS_SHARD_SIZE = 5000; diff --git a/x-pack/plugins/apm/server/lib/search_strategies/failed_transactions_correlations/failed_transactions_correlations_search_service.ts b/x-pack/plugins/apm/server/lib/search_strategies/failed_transactions_correlations/failed_transactions_correlations_search_service.ts index 239cf39f15ffe98..af5e535abdc3f35 100644 --- a/x-pack/plugins/apm/server/lib/search_strategies/failed_transactions_correlations/failed_transactions_correlations_search_service.ts +++ b/x-pack/plugins/apm/server/lib/search_strategies/failed_transactions_correlations/failed_transactions_correlations_search_service.ts @@ -36,6 +36,7 @@ import type { SearchServiceProvider } from '../search_strategy_provider'; import { failedTransactionsCorrelationsSearchServiceStateProvider } from './failed_transactions_correlations_search_service_state'; import { ERROR_CORRELATION_THRESHOLD } from '../constants'; +import { fetchFieldsStats } from '../queries/field_stats/get_fields_stats'; export type FailedTransactionsCorrelationsSearchServiceProvider = SearchServiceProvider< @@ -133,6 +134,7 @@ export const failedTransactionsCorrelationsSearchServiceProvider: FailedTransact state.setProgress({ loadedFieldCandidates: 1 }); let fieldCandidatesFetchedCount = 0; + const fieldsToSample = new Set(); if (params !== undefined && fieldCandidates.length > 0) { const batches = chunk(fieldCandidates, 10); for (let i = 0; i < batches.length; i++) { @@ -150,13 +152,19 @@ export const failedTransactionsCorrelationsSearchServiceProvider: FailedTransact results.forEach((result, idx) => { if (result.status === 'fulfilled') { + const significantCorrelations = result.value.filter( + (record) => + record && + record.pValue !== undefined && + record.pValue < ERROR_CORRELATION_THRESHOLD + ); + + significantCorrelations.forEach((r) => { + fieldsToSample.add(r.fieldName); + }); + state.addFailedTransactionsCorrelations( - result.value.filter( - (record) => - record && - typeof record.pValue === 'number' && - record.pValue < ERROR_CORRELATION_THRESHOLD - ) + significantCorrelations ); } else { // If one of the fields in the batch had an error @@ -184,6 +192,23 @@ export const failedTransactionsCorrelationsSearchServiceProvider: FailedTransact `Identified correlations for ${fieldCandidatesFetchedCount} fields out of ${fieldCandidates.length} candidates.` ); } + + addLogMessage( + `Identified ${fieldsToSample.size} fields to sample for field statistics.` + ); + + const { stats: fieldStats } = await fetchFieldsStats( + esClient, + params, + [...fieldsToSample], + [{ fieldName: EVENT_OUTCOME, fieldValue: EventOutcome.failure }] + ); + + addLogMessage( + `Retrieved field statistics for ${fieldStats.length} fields out of ${fieldsToSample.size} fields.` + ); + + state.addFieldStats(fieldStats); } catch (e) { state.setError(e); } @@ -208,6 +233,7 @@ export const failedTransactionsCorrelationsSearchServiceProvider: FailedTransact errorHistogram, percentileThresholdValue, progress, + fieldStats, } = state.getState(); return { @@ -231,6 +257,7 @@ export const failedTransactionsCorrelationsSearchServiceProvider: FailedTransact overallHistogram, errorHistogram, percentileThresholdValue, + fieldStats, }, }; }; diff --git a/x-pack/plugins/apm/server/lib/search_strategies/failed_transactions_correlations/failed_transactions_correlations_search_service_state.ts b/x-pack/plugins/apm/server/lib/search_strategies/failed_transactions_correlations/failed_transactions_correlations_search_service_state.ts index a2530ea8a400ceb..ed0fe5d6e178bc4 100644 --- a/x-pack/plugins/apm/server/lib/search_strategies/failed_transactions_correlations/failed_transactions_correlations_search_service_state.ts +++ b/x-pack/plugins/apm/server/lib/search_strategies/failed_transactions_correlations/failed_transactions_correlations_search_service_state.ts @@ -8,6 +8,7 @@ import { FailedTransactionsCorrelation } from '../../../../common/search_strategies/failed_transactions_correlations/types'; import type { HistogramItem } from '../../../../common/search_strategies/types'; +import { FieldStats } from '../../../../common/search_strategies/field_stats_types'; interface Progress { started: number; @@ -73,6 +74,11 @@ export const failedTransactionsCorrelationsSearchServiceStateProvider = () => { }; } + const fieldStats: FieldStats[] = []; + function addFieldStats(stats: FieldStats[]) { + fieldStats.push(...stats); + } + const failedTransactionsCorrelations: FailedTransactionsCorrelation[] = []; function addFailedTransactionsCorrelation(d: FailedTransactionsCorrelation) { failedTransactionsCorrelations.push(d); @@ -98,6 +104,7 @@ export const failedTransactionsCorrelationsSearchServiceStateProvider = () => { percentileThresholdValue, progress, failedTransactionsCorrelations, + fieldStats, }; } @@ -115,6 +122,7 @@ export const failedTransactionsCorrelationsSearchServiceStateProvider = () => { setErrorHistogram, setPercentileThresholdValue, setProgress, + addFieldStats, }; }; diff --git a/x-pack/plugins/apm/server/lib/search_strategies/latency_correlations/latency_correlations_search_service.ts b/x-pack/plugins/apm/server/lib/search_strategies/latency_correlations/latency_correlations_search_service.ts index 91f4a0d3349a4a5..4862f7dd1de1a08 100644 --- a/x-pack/plugins/apm/server/lib/search_strategies/latency_correlations/latency_correlations_search_service.ts +++ b/x-pack/plugins/apm/server/lib/search_strategies/latency_correlations/latency_correlations_search_service.ts @@ -36,6 +36,7 @@ import { searchServiceLogProvider } from '../search_service_log'; import type { SearchServiceProvider } from '../search_strategy_provider'; import { latencyCorrelationsSearchServiceStateProvider } from './latency_correlations_search_service_state'; +import { fetchFieldsStats } from '../queries/field_stats/get_fields_stats'; export type LatencyCorrelationsSearchServiceProvider = SearchServiceProvider< LatencyCorrelationsRequestParams, @@ -196,6 +197,7 @@ export const latencyCorrelationsSearchServiceProvider: LatencyCorrelationsSearch `Loaded fractions and totalDocCount of ${totalDocCount}.` ); + const fieldsToSample = new Set(); let loadedHistograms = 0; for await (const item of fetchTransactionDurationHistograms( esClient, @@ -211,6 +213,7 @@ export const latencyCorrelationsSearchServiceProvider: LatencyCorrelationsSearch )) { if (item !== undefined) { state.addLatencyCorrelation(item); + fieldsToSample.add(item.fieldName); } loadedHistograms++; state.setProgress({ @@ -225,6 +228,19 @@ export const latencyCorrelationsSearchServiceProvider: LatencyCorrelationsSearch fieldValuePairs.length } field/value pairs.` ); + + addLogMessage( + `Identified ${fieldsToSample.size} fields to sample for field statistics.` + ); + + const { stats: fieldStats } = await fetchFieldsStats(esClient, params, [ + ...fieldsToSample, + ]); + + addLogMessage( + `Retrieved field statistics for ${fieldStats.length} fields out of ${fieldsToSample.size} fields.` + ); + state.addFieldStats(fieldStats); } catch (e) { state.setError(e); } @@ -251,6 +267,7 @@ export const latencyCorrelationsSearchServiceProvider: LatencyCorrelationsSearch overallHistogram, percentileThresholdValue, progress, + fieldStats, } = state.getState(); return { @@ -270,6 +287,7 @@ export const latencyCorrelationsSearchServiceProvider: LatencyCorrelationsSearch state.getLatencyCorrelationsSortedByCorrelation(), percentileThresholdValue, overallHistogram, + fieldStats, }, }; }; diff --git a/x-pack/plugins/apm/server/lib/search_strategies/latency_correlations/latency_correlations_search_service_state.ts b/x-pack/plugins/apm/server/lib/search_strategies/latency_correlations/latency_correlations_search_service_state.ts index 53f357ed1135fd3..186099e4c307ab3 100644 --- a/x-pack/plugins/apm/server/lib/search_strategies/latency_correlations/latency_correlations_search_service_state.ts +++ b/x-pack/plugins/apm/server/lib/search_strategies/latency_correlations/latency_correlations_search_service_state.ts @@ -10,6 +10,7 @@ import type { LatencyCorrelationSearchServiceProgress, LatencyCorrelation, } from '../../../../common/search_strategies/latency_correlations/types'; +import { FieldStats } from '../../../../common/search_strategies/field_stats_types'; export const latencyCorrelationsSearchServiceStateProvider = () => { let ccsWarning = false; @@ -79,6 +80,10 @@ export const latencyCorrelationsSearchServiceStateProvider = () => { function getLatencyCorrelationsSortedByCorrelation() { return latencyCorrelations.sort((a, b) => b.correlation - a.correlation); } + const fieldStats: FieldStats[] = []; + function addFieldStats(stats: FieldStats[]) { + fieldStats.push(...stats); + } function getState() { return { @@ -90,6 +95,7 @@ export const latencyCorrelationsSearchServiceStateProvider = () => { percentileThresholdValue, progress, latencyCorrelations, + fieldStats, }; } @@ -106,6 +112,7 @@ export const latencyCorrelationsSearchServiceStateProvider = () => { setOverallHistogram, setPercentileThresholdValue, setProgress, + addFieldStats, }; }; diff --git a/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_boolean_field_stats.ts b/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_boolean_field_stats.ts new file mode 100644 index 000000000000000..551ecfe3cd4eadb --- /dev/null +++ b/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_boolean_field_stats.ts @@ -0,0 +1,87 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ElasticsearchClient } from 'kibana/server'; +import { SearchRequest } from '@elastic/elasticsearch/api/types'; +import { estypes } from '@elastic/elasticsearch'; +import { buildSamplerAggregation } from '../../utils/field_stats_utils'; +import { FieldValuePair } from '../../../../../common/search_strategies/types'; +import { + FieldStatsCommonRequestParams, + BooleanFieldStats, + Aggs, + TopValueBucket, +} from '../../../../../common/search_strategies/field_stats_types'; +import { getQueryWithParams } from '../get_query_with_params'; + +export const getBooleanFieldStatsRequest = ( + params: FieldStatsCommonRequestParams, + fieldName: string, + termFilters?: FieldValuePair[] +): SearchRequest => { + const query = getQueryWithParams({ params, termFilters }); + + const { index, samplerShardSize } = params; + + const size = 0; + const aggs: Aggs = { + sampled_value_count: { + filter: { exists: { field: fieldName } }, + }, + sampled_values: { + terms: { + field: fieldName, + size: 2, + }, + }, + }; + + const searchBody = { + query, + aggs: { + sample: buildSamplerAggregation(aggs, samplerShardSize), + }, + }; + + return { + index, + size, + body: searchBody, + }; +}; + +export const fetchBooleanFieldStats = async ( + esClient: ElasticsearchClient, + params: FieldStatsCommonRequestParams, + field: FieldValuePair, + termFilters?: FieldValuePair[] +): Promise => { + const request = getBooleanFieldStatsRequest( + params, + field.fieldName, + termFilters + ); + const { body } = await esClient.search(request); + const aggregations = body.aggregations as { + sample: { + sampled_value_count: estypes.AggregationsFiltersBucketItemKeys; + sampled_values: estypes.AggregationsTermsAggregate; + }; + }; + + const stats: BooleanFieldStats = { + fieldName: field.fieldName, + count: aggregations?.sample.sampled_value_count.doc_count ?? 0, + }; + + const valueBuckets: TopValueBucket[] = + aggregations?.sample.sampled_values?.buckets ?? []; + valueBuckets.forEach((bucket) => { + stats[`${bucket.key.toString()}Count`] = bucket.doc_count; + }); + return stats; +}; diff --git a/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_field_stats.test.ts b/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_field_stats.test.ts new file mode 100644 index 000000000000000..deb89ace47c5dba --- /dev/null +++ b/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_field_stats.test.ts @@ -0,0 +1,170 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ENVIRONMENT_ALL } from '../../../../../common/environment_filter_values'; +import { getNumericFieldStatsRequest } from './get_numeric_field_stats'; +import { getKeywordFieldStatsRequest } from './get_keyword_field_stats'; +import { getBooleanFieldStatsRequest } from './get_boolean_field_stats'; +import { estypes } from '@elastic/elasticsearch'; +import { ElasticsearchClient } from 'kibana/server'; +import { fetchFieldsStats } from './get_fields_stats'; + +const params = { + index: 'apm-*', + start: '2020', + end: '2021', + includeFrozen: false, + environment: ENVIRONMENT_ALL.value, + kuery: '', + samplerShardSize: 5000, +}; + +export const getExpectedQuery = (aggs: any) => { + return { + body: { + aggs, + query: { + bool: { + filter: [ + { term: { 'processor.event': 'transaction' } }, + { + range: { + '@timestamp': { + format: 'epoch_millis', + gte: 1577836800000, + lte: 1609459200000, + }, + }, + }, + ], + }, + }, + }, + index: 'apm-*', + size: 0, + }; +}; + +describe('field_stats', () => { + describe('getNumericFieldStatsRequest', () => { + it('returns request with filter, percentiles, and top terms aggregations ', () => { + const req = getNumericFieldStatsRequest(params, 'url.path'); + + const expectedAggs = { + sample: { + aggs: { + sampled_field_stats: { + aggs: { actual_stats: { stats: { field: 'url.path' } } }, + filter: { exists: { field: 'url.path' } }, + }, + sampled_percentiles: { + percentiles: { + field: 'url.path', + keyed: false, + percents: [50], + }, + }, + sampled_top: { + terms: { + field: 'url.path', + order: { _count: 'desc' }, + size: 10, + }, + }, + }, + sampler: { shard_size: 5000 }, + }, + }; + expect(req).toEqual(getExpectedQuery(expectedAggs)); + }); + }); + describe('getKeywordFieldStatsRequest', () => { + it('returns request with top terms sampler aggregation ', () => { + const req = getKeywordFieldStatsRequest(params, 'url.path'); + + const expectedAggs = { + sample: { + sampler: { shard_size: 5000 }, + aggs: { + sampled_top: { + terms: { field: 'url.path', size: 10, order: { _count: 'desc' } }, + }, + }, + }, + }; + expect(req).toEqual(getExpectedQuery(expectedAggs)); + }); + }); + describe('getBooleanFieldStatsRequest', () => { + it('returns request with top terms sampler aggregation ', () => { + const req = getBooleanFieldStatsRequest(params, 'url.path'); + + const expectedAggs = { + sample: { + sampler: { shard_size: 5000 }, + aggs: { + sampled_value_count: { + filter: { exists: { field: 'url.path' } }, + }, + sampled_values: { terms: { field: 'url.path', size: 2 } }, + }, + }, + }; + expect(req).toEqual(getExpectedQuery(expectedAggs)); + }); + }); + + describe('fetchFieldsStats', () => { + it('returns field candidates and total hits', async () => { + const fieldsCaps = { + body: { + fields: { + myIpFieldName: { ip: {} }, + myKeywordFieldName: { keyword: {} }, + myMultiFieldName: { keyword: {}, text: {} }, + myHistogramFieldName: { histogram: {} }, + myNumericFieldName: { number: {} }, + }, + }, + }; + const esClientFieldCapsMock = jest.fn(() => fieldsCaps); + + const fieldsToSample = Object.keys(fieldsCaps.body.fields); + + const esClientSearchMock = jest.fn( + ( + req: estypes.SearchRequest + ): { + body: estypes.SearchResponse; + } => { + return { + body: { + aggregations: { sample: {} }, + } as unknown as estypes.SearchResponse, + }; + } + ); + + const esClientMock = { + fieldCaps: esClientFieldCapsMock, + search: esClientSearchMock, + } as unknown as ElasticsearchClient; + + const resp = await fetchFieldsStats(esClientMock, params, fieldsToSample); + // Should not return stats for unsupported field types like histogram + const expectedFields = [ + 'myIpFieldName', + 'myKeywordFieldName', + 'myMultiFieldName', + 'myNumericFieldName', + ]; + expect(resp.stats.map((s) => s.fieldName)).toEqual(expectedFields); + expect(esClientFieldCapsMock).toHaveBeenCalledTimes(1); + expect(esClientSearchMock).toHaveBeenCalledTimes(4); + }); + }); +}); diff --git a/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_fields_stats.ts b/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_fields_stats.ts new file mode 100644 index 000000000000000..2e1441ccbd6a12b --- /dev/null +++ b/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_fields_stats.ts @@ -0,0 +1,110 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ElasticsearchClient } from 'kibana/server'; +import { chunk } from 'lodash'; +import { ES_FIELD_TYPES } from '@kbn/field-types'; +import { + FieldValuePair, + SearchStrategyParams, +} from '../../../../../common/search_strategies/types'; +import { getRequestBase } from '../get_request_base'; +import { fetchKeywordFieldStats } from './get_keyword_field_stats'; +import { fetchNumericFieldStats } from './get_numeric_field_stats'; +import { + FieldStats, + FieldStatsCommonRequestParams, +} from '../../../../../common/search_strategies/field_stats_types'; +import { fetchBooleanFieldStats } from './get_boolean_field_stats'; + +export const fetchFieldsStats = async ( + esClient: ElasticsearchClient, + params: SearchStrategyParams, + fieldsToSample: string[], + termFilters?: FieldValuePair[] +): Promise<{ stats: FieldStats[]; errors: any[] }> => { + const stats: FieldStats[] = []; + const errors: any[] = []; + + if (fieldsToSample.length === 0) return { stats, errors }; + + const respMapping = await esClient.fieldCaps({ + ...getRequestBase(params), + fields: fieldsToSample, + }); + + const fieldStatsParams: FieldStatsCommonRequestParams = { + ...params, + samplerShardSize: 5000, + }; + const fieldStatsPromises = Object.entries(respMapping.body.fields) + .map(([key, value], idx) => { + const field: FieldValuePair = { fieldName: key, fieldValue: '' }; + const fieldTypes = Object.keys(value); + + for (const ft of fieldTypes) { + switch (ft) { + case ES_FIELD_TYPES.KEYWORD: + case ES_FIELD_TYPES.IP: + return fetchKeywordFieldStats( + esClient, + fieldStatsParams, + field, + termFilters + ); + break; + + case 'numeric': + case 'number': + case ES_FIELD_TYPES.FLOAT: + case ES_FIELD_TYPES.HALF_FLOAT: + case ES_FIELD_TYPES.SCALED_FLOAT: + case ES_FIELD_TYPES.DOUBLE: + case ES_FIELD_TYPES.INTEGER: + case ES_FIELD_TYPES.LONG: + case ES_FIELD_TYPES.SHORT: + case ES_FIELD_TYPES.UNSIGNED_LONG: + case ES_FIELD_TYPES.BYTE: + return fetchNumericFieldStats( + esClient, + fieldStatsParams, + field, + termFilters + ); + + break; + case ES_FIELD_TYPES.BOOLEAN: + return fetchBooleanFieldStats( + esClient, + fieldStatsParams, + field, + termFilters + ); + + default: + return; + } + } + }) + .filter((f) => f !== undefined) as Array>; + + const batches = chunk(fieldStatsPromises, 10); + for (let i = 0; i < batches.length; i++) { + try { + const results = await Promise.allSettled(batches[i]); + results.forEach((r) => { + if (r.status === 'fulfilled' && r.value !== undefined) { + stats.push(r.value); + } + }); + } catch (e) { + errors.push(e); + } + } + + return { stats, errors }; +}; diff --git a/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_keyword_field_stats.ts b/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_keyword_field_stats.ts new file mode 100644 index 000000000000000..b15449657cba548 --- /dev/null +++ b/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_keyword_field_stats.ts @@ -0,0 +1,87 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ElasticsearchClient } from 'kibana/server'; +import { SearchRequest } from '@elastic/elasticsearch/api/types'; +import { estypes } from '@elastic/elasticsearch'; +import { FieldValuePair } from '../../../../../common/search_strategies/types'; +import { getQueryWithParams } from '../get_query_with_params'; +import { buildSamplerAggregation } from '../../utils/field_stats_utils'; +import { + FieldStatsCommonRequestParams, + KeywordFieldStats, + Aggs, + TopValueBucket, +} from '../../../../../common/search_strategies/field_stats_types'; + +export const getKeywordFieldStatsRequest = ( + params: FieldStatsCommonRequestParams, + fieldName: string, + termFilters?: FieldValuePair[] +): SearchRequest => { + const query = getQueryWithParams({ params, termFilters }); + + const { index, samplerShardSize } = params; + + const size = 0; + const aggs: Aggs = { + sampled_top: { + terms: { + field: fieldName, + size: 10, + order: { + _count: 'desc', + }, + }, + }, + }; + + const searchBody = { + query, + aggs: { + sample: buildSamplerAggregation(aggs, samplerShardSize), + }, + }; + + return { + index, + size, + body: searchBody, + }; +}; + +export const fetchKeywordFieldStats = async ( + esClient: ElasticsearchClient, + params: FieldStatsCommonRequestParams, + field: FieldValuePair, + termFilters?: FieldValuePair[] +): Promise => { + const request = getKeywordFieldStatsRequest( + params, + field.fieldName, + termFilters + ); + const { body } = await esClient.search(request); + const aggregations = body.aggregations as { + sample: { + sampled_top: estypes.AggregationsTermsAggregate; + }; + }; + const topValues: TopValueBucket[] = + aggregations?.sample.sampled_top?.buckets ?? []; + + const stats = { + fieldName: field.fieldName, + topValues, + topValuesSampleSize: topValues.reduce( + (acc, curr) => acc + curr.doc_count, + aggregations.sample.sampled_top?.sum_other_doc_count ?? 0 + ), + }; + + return stats; +}; diff --git a/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_numeric_field_stats.ts b/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_numeric_field_stats.ts new file mode 100644 index 000000000000000..bab4a1af29b65e3 --- /dev/null +++ b/x-pack/plugins/apm/server/lib/search_strategies/queries/field_stats/get_numeric_field_stats.ts @@ -0,0 +1,130 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ElasticsearchClient } from 'kibana/server'; +import { SearchRequest } from '@elastic/elasticsearch/api/types'; +import { find, get } from 'lodash'; +import { estypes } from '@elastic/elasticsearch/index'; +import { + NumericFieldStats, + FieldStatsCommonRequestParams, + TopValueBucket, + Aggs, +} from '../../../../../common/search_strategies/field_stats_types'; +import { FieldValuePair } from '../../../../../common/search_strategies/types'; +import { getQueryWithParams } from '../get_query_with_params'; +import { buildSamplerAggregation } from '../../utils/field_stats_utils'; + +// Only need 50th percentile for the median +const PERCENTILES = [50]; + +export const getNumericFieldStatsRequest = ( + params: FieldStatsCommonRequestParams, + fieldName: string, + termFilters?: FieldValuePair[] +) => { + const query = getQueryWithParams({ params, termFilters }); + const size = 0; + + const { index, samplerShardSize } = params; + + const percents = PERCENTILES; + const aggs: Aggs = { + sampled_field_stats: { + filter: { exists: { field: fieldName } }, + aggs: { + actual_stats: { + stats: { field: fieldName }, + }, + }, + }, + sampled_percentiles: { + percentiles: { + field: fieldName, + percents, + keyed: false, + }, + }, + sampled_top: { + terms: { + field: fieldName, + size: 10, + order: { + _count: 'desc', + }, + }, + }, + }; + + const searchBody = { + query, + aggs: { + sample: buildSamplerAggregation(aggs, samplerShardSize), + }, + }; + + return { + index, + size, + body: searchBody, + }; +}; + +export const fetchNumericFieldStats = async ( + esClient: ElasticsearchClient, + params: FieldStatsCommonRequestParams, + field: FieldValuePair, + termFilters?: FieldValuePair[] +): Promise => { + const request: SearchRequest = getNumericFieldStatsRequest( + params, + field.fieldName, + termFilters + ); + const { body } = await esClient.search(request); + + const aggregations = body.aggregations as { + sample: { + sampled_top: estypes.AggregationsTermsAggregate; + sampled_percentiles: estypes.AggregationsHdrPercentilesAggregate; + sampled_field_stats: { + doc_count: number; + actual_stats: estypes.AggregationsStatsAggregate; + }; + }; + }; + const docCount = aggregations?.sample.sampled_field_stats?.doc_count ?? 0; + const fieldStatsResp = + aggregations?.sample.sampled_field_stats?.actual_stats ?? {}; + const topValues = aggregations?.sample.sampled_top?.buckets ?? []; + + const stats: NumericFieldStats = { + fieldName: field.fieldName, + count: docCount, + min: get(fieldStatsResp, 'min', 0), + max: get(fieldStatsResp, 'max', 0), + avg: get(fieldStatsResp, 'avg', 0), + topValues, + topValuesSampleSize: topValues.reduce( + (acc: number, curr: TopValueBucket) => acc + curr.doc_count, + aggregations.sample.sampled_top?.sum_other_doc_count ?? 0 + ), + }; + + if (stats.count !== undefined && stats.count > 0) { + const percentiles = aggregations?.sample.sampled_percentiles.values ?? []; + const medianPercentile: { value: number; key: number } | undefined = find( + percentiles, + { + key: 50, + } + ); + stats.median = medianPercentile !== undefined ? medianPercentile!.value : 0; + } + + return stats; +}; diff --git a/x-pack/plugins/apm/server/lib/search_strategies/utils/field_stats_utils.ts b/x-pack/plugins/apm/server/lib/search_strategies/utils/field_stats_utils.ts new file mode 100644 index 000000000000000..2eb67ec501babd5 --- /dev/null +++ b/x-pack/plugins/apm/server/lib/search_strategies/utils/field_stats_utils.ts @@ -0,0 +1,58 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { estypes } from '@elastic/elasticsearch'; +/* + * Contains utility functions for building and processing queries. + */ + +// Builds the base filter criteria used in queries, +// adding criteria for the time range and an optional query. +export function buildBaseFilterCriteria( + timeFieldName?: string, + earliestMs?: number, + latestMs?: number, + query?: object +) { + const filterCriteria = []; + if (timeFieldName && earliestMs && latestMs) { + filterCriteria.push({ + range: { + [timeFieldName]: { + gte: earliestMs, + lte: latestMs, + format: 'epoch_millis', + }, + }, + }); + } + + if (query) { + filterCriteria.push(query); + } + + return filterCriteria; +} + +// Wraps the supplied aggregations in a sampler aggregation. +// A supplied samplerShardSize (the shard_size parameter of the sampler aggregation) +// of less than 1 indicates no sampling, and the aggs are returned as-is. +export function buildSamplerAggregation( + aggs: any, + samplerShardSize: number +): estypes.AggregationsAggregationContainer { + if (samplerShardSize < 1) { + return aggs; + } + + return { + sampler: { + shard_size: samplerShardSize, + }, + aggs, + }; +} diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 27ac5ce5875be13..7680c268fd6b73d 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -6239,7 +6239,6 @@ "xpack.apm.clearFilters": "フィルターを消去", "xpack.apm.compositeSpanCallsLabel": "、{count}件の呼び出し、平均{duration}", "xpack.apm.compositeSpanDurationLabel": "平均時間", - "xpack.apm.correlations.correlationsTable.actionsLabel": "フィルター", "xpack.apm.correlations.correlationsTable.excludeDescription": "値を除外", "xpack.apm.correlations.correlationsTable.excludeLabel": "除外", "xpack.apm.correlations.correlationsTable.filterDescription": "値でフィルタリング", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index c148a6abbf9e2fb..c74915ad72a5247 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -6289,7 +6289,6 @@ "xpack.apm.clearFilters": "清除筛选", "xpack.apm.compositeSpanCallsLabel": ",{count} 个调用,平均 {duration}", "xpack.apm.compositeSpanDurationLabel": "平均持续时间", - "xpack.apm.correlations.correlationsTable.actionsLabel": "筛选", "xpack.apm.correlations.correlationsTable.excludeDescription": "筛除值", "xpack.apm.correlations.correlationsTable.excludeLabel": "排除", "xpack.apm.correlations.correlationsTable.filterDescription": "按值筛选", diff --git a/x-pack/test/apm_api_integration/tests/correlations/failed_transactions.ts b/x-pack/test/apm_api_integration/tests/correlations/failed_transactions.ts index 337dc65b532ff37..6e2025a7fa2ca2c 100644 --- a/x-pack/test/apm_api_integration/tests/correlations/failed_transactions.ts +++ b/x-pack/test/apm_api_integration/tests/correlations/failed_transactions.ts @@ -217,6 +217,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { expect(finalRawResponse?.percentileThresholdValue).to.be(1309695.875); expect(finalRawResponse?.errorHistogram.length).to.be(101); expect(finalRawResponse?.overallHistogram.length).to.be(101); + expect(finalRawResponse?.fieldStats.length).to.be(26); expect(finalRawResponse?.failedTransactionsCorrelations.length).to.eql( 30, @@ -227,6 +228,8 @@ export default function ApiTest({ getService }: FtrProviderContext) { 'Fetched 95th percentile value of 1309695.875 based on 1244 documents.', 'Identified 68 fieldCandidates.', 'Identified correlations for 68 fields out of 68 candidates.', + 'Identified 26 fields to sample for field statistics.', + 'Retrieved field statistics for 26 fields out of 26 fields.', 'Identified 30 significant correlations relating to failed transactions.', ]); @@ -243,6 +246,11 @@ export default function ApiTest({ getService }: FtrProviderContext) { expect(typeof correlation?.normalizedScore).to.be('number'); expect(typeof correlation?.failurePercentage).to.be('number'); expect(typeof correlation?.successPercentage).to.be('number'); + + const fieldStats = finalRawResponse?.fieldStats[0]; + expect(typeof fieldStats).to.be('object'); + expect(fieldStats.topValues.length).to.greaterThan(0); + expect(fieldStats.topValuesSampleSize).to.greaterThan(0); }); }); } diff --git a/x-pack/test/apm_api_integration/tests/correlations/latency.ts b/x-pack/test/apm_api_integration/tests/correlations/latency.ts index 496d4966efb864f..99aee770c625d38 100644 --- a/x-pack/test/apm_api_integration/tests/correlations/latency.ts +++ b/x-pack/test/apm_api_integration/tests/correlations/latency.ts @@ -236,6 +236,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { expect(typeof finalRawResponse?.took).to.be('number'); expect(finalRawResponse?.percentileThresholdValue).to.be(1309695.875); expect(finalRawResponse?.overallHistogram.length).to.be(101); + expect(finalRawResponse?.fieldStats.length).to.be(12); expect(finalRawResponse?.latencyCorrelations.length).to.eql( 13, @@ -250,15 +251,23 @@ export default function ApiTest({ getService }: FtrProviderContext) { 'Identified 379 fieldValuePairs.', 'Loaded fractions and totalDocCount of 1244.', 'Identified 13 significant correlations out of 379 field/value pairs.', + 'Identified 12 fields to sample for field statistics.', + 'Retrieved field statistics for 12 fields out of 12 fields.', ]); const correlation = finalRawResponse?.latencyCorrelations[0]; + expect(typeof correlation).to.be('object'); expect(correlation?.fieldName).to.be('transaction.result'); expect(correlation?.fieldValue).to.be('success'); expect(correlation?.correlation).to.be(0.6275246559191225); expect(correlation?.ksTest).to.be(4.806503252860024e-13); expect(correlation?.histogram.length).to.be(101); + + const fieldStats = finalRawResponse?.fieldStats[0]; + expect(typeof fieldStats).to.be('object'); + expect(fieldStats.topValues.length).to.greaterThan(0); + expect(fieldStats.topValuesSampleSize).to.greaterThan(0); }); } ); From 3ab9e07962c8b91d03d7695263229e41a62555ee Mon Sep 17 00:00:00 2001 From: Marta Bondyra Date: Mon, 18 Oct 2021 17:15:49 +0200 Subject: [PATCH 40/50] [Lens] Fix filters not being cleaned when navigating to another visualisation (#114137) * [Lens] fix filters not being cleaned * Update lens_slice.ts * types * do not reset persistedDoc on load * [Lens] functional test for query, filters and time range * snapshot update * fix flakiness * fix getting filters from refs * simplify tests * confirm modal * Update persistent_context.ts * load the file above * Update persistent_context.ts * shorten c4 * flaky test * fix geo_field changing index pattern, remove non used data view Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../lens/public/app_plugin/mounter.tsx | 18 +- .../workspace_panel/workspace_panel.tsx | 9 +- .../__snapshots__/load_initial.test.tsx.snap | 2 +- .../init_middleware/load_initial.ts | 23 +-- .../public/state_management/lens_slice.ts | 6 +- .../state_management/load_initial.test.tsx | 10 +- x-pack/test/functional/apps/lens/geo_field.ts | 1 + x-pack/test/functional/apps/lens/index.ts | 9 +- .../apps/lens/persistent_context.ts | 127 ++++++++++++++- .../fixtures/kbn_archiver/lens/default.json | 154 ++++++++++++++++++ .../test/functional/page_objects/lens_page.ts | 23 +++ 11 files changed, 341 insertions(+), 41 deletions(-) create mode 100644 x-pack/test/functional/fixtures/kbn_archiver/lens/default.json diff --git a/x-pack/plugins/lens/public/app_plugin/mounter.tsx b/x-pack/plugins/lens/public/app_plugin/mounter.tsx index d4bc59a1e9e2ca4..692fb0499176d32 100644 --- a/x-pack/plugins/lens/public/app_plugin/mounter.tsx +++ b/x-pack/plugins/lens/public/app_plugin/mounter.tsx @@ -171,13 +171,6 @@ export async function mountApp( ? historyLocationState.payload : undefined; - // Clear app-specific filters when navigating to Lens. Necessary because Lens - // can be loaded without a full page refresh. If the user navigates to Lens from Discover - // we keep the filters - if (!initialContext) { - data.query.filterManager.setAppFilters([]); - } - if (embeddableEditorIncomingState?.searchSessionId) { data.search.session.continue(embeddableEditorIncomingState.searchSessionId); } @@ -206,9 +199,14 @@ export async function mountApp( trackUiEvent('loaded'); const initialInput = getInitialInput(props.id, props.editByValue); - lensStore.dispatch( - loadInitial({ redirectCallback, initialInput, emptyState, history: props.history }) - ); + // Clear app-specific filters when navigating to Lens. Necessary because Lens + // can be loaded without a full page refresh. If the user navigates to Lens from Discover + // we keep the filters + if (!initialContext) { + data.query.filterManager.setAppFilters([]); + } + + lensStore.dispatch(loadInitial({ redirectCallback, initialInput, history: props.history })); return ( diff --git a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel/workspace_panel.tsx b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel/workspace_panel.tsx index e4816870b43806a..1494153e2eafb13 100644 --- a/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel/workspace_panel.tsx +++ b/x-pack/plugins/lens/public/editor_frame_service/editor_frame/workspace_panel/workspace_panel.tsx @@ -224,14 +224,9 @@ export const InnerWorkspacePanel = React.memo(function InnerWorkspacePanel({ ]); const expressionExists = Boolean(expression); - const hasLoaded = Boolean( - activeVisualization && visualization.state && datasourceMap && datasourceStates - ); useEffect(() => { - if (hasLoaded) { - dispatchLens(setSaveable(expressionExists)); - } - }, [hasLoaded, expressionExists, dispatchLens]); + dispatchLens(setSaveable(expressionExists)); + }, [expressionExists, dispatchLens]); const onEvent = useCallback( (event: ExpressionRendererEvent) => { diff --git a/x-pack/plugins/lens/public/state_management/__snapshots__/load_initial.test.tsx.snap b/x-pack/plugins/lens/public/state_management/__snapshots__/load_initial.test.tsx.snap index 57da18d9dc92f3b..0c92267382053c7 100644 --- a/x-pack/plugins/lens/public/state_management/__snapshots__/load_initial.test.tsx.snap +++ b/x-pack/plugins/lens/public/state_management/__snapshots__/load_initial.test.tsx.snap @@ -18,7 +18,7 @@ Object { "isFullscreenDatasource": false, "isLinkedToOriginatingApp": false, "isLoading": false, - "isSaveable": false, + "isSaveable": true, "persistedDoc": Object { "exactMatchDoc": Object { "expression": "definitely a valid expression", diff --git a/x-pack/plugins/lens/public/state_management/init_middleware/load_initial.ts b/x-pack/plugins/lens/public/state_management/init_middleware/load_initial.ts index 5c571c750a4aa58..915c56d59dbb324 100644 --- a/x-pack/plugins/lens/public/state_management/init_middleware/load_initial.ts +++ b/x-pack/plugins/lens/public/state_management/init_middleware/load_initial.ts @@ -6,10 +6,10 @@ */ import { MiddlewareAPI } from '@reduxjs/toolkit'; -import { isEqual } from 'lodash'; import { i18n } from '@kbn/i18n'; import { History } from 'history'; -import { LensAppState, setState, initEmpty, LensStoreDeps } from '..'; +import { setState, initEmpty, LensStoreDeps } from '..'; +import { getPreloadedState } from '../lens_slice'; import { SharingSavedObjectProps } from '../../types'; import { LensEmbeddableInput, LensByReferenceInput } from '../../embeddable/embeddable'; import { getInitialDatasourceId } from '../../utils'; @@ -83,19 +83,20 @@ export const getPersisted = async ({ export function loadInitial( store: MiddlewareAPI, - { lensServices, datasourceMap, embeddableEditorIncomingState, initialContext }: LensStoreDeps, + storeDeps: LensStoreDeps, { redirectCallback, initialInput, - emptyState, history, }: { redirectCallback: (savedObjectId?: string) => void; initialInput?: LensEmbeddableInput; - emptyState?: LensAppState; history?: History; } ) { + const { lensServices, datasourceMap, embeddableEditorIncomingState, initialContext } = storeDeps; + const { resolvedDateRange, searchSessionId, isLinkedToOriginatingApp, ...emptyState } = + getPreloadedState(storeDeps); const { attributeService, notifications, data, dashboardFeatureFlag } = lensServices; const currentSessionId = data.search.session.getSessionId(); @@ -150,10 +151,6 @@ export function loadInitial( initialInput.savedObjectId ); } - // Don't overwrite any pinned filters - data.query.filterManager.setAppFilters( - injectFilterReferences(doc.state.filters, doc.references) - ); const docDatasourceStates = Object.entries(doc.state.datasourceStates).reduce( (stateMap, [datasourceId, datasourceState]) => ({ @@ -166,6 +163,10 @@ export function loadInitial( {} ); + const filters = injectFilterReferences(doc.state.filters, doc.references); + // Don't overwrite any pinned filters + data.query.filterManager.setAppFilters(filters); + initializeDatasources( datasourceMap, docDatasourceStates, @@ -178,7 +179,9 @@ export function loadInitial( .then((result) => { store.dispatch( setState({ + isSaveable: true, sharingSavedObjectProps, + filters, query: doc.state.query, searchSessionId: dashboardFeatureFlag.allowByValueEmbeddables && @@ -187,7 +190,7 @@ export function loadInitial( currentSessionId ? currentSessionId : data.search.session.start(), - ...(!isEqual(lens.persistedDoc, doc) ? { persistedDoc: doc } : null), + persistedDoc: doc, activeDatasourceId: getInitialDatasourceId(datasourceMap, doc), visualization: { activeId: doc.visualizationType, diff --git a/x-pack/plugins/lens/public/state_management/lens_slice.ts b/x-pack/plugins/lens/public/state_management/lens_slice.ts index 0461070020055d1..df178cadf6c3009 100644 --- a/x-pack/plugins/lens/public/state_management/lens_slice.ts +++ b/x-pack/plugins/lens/public/state_management/lens_slice.ts @@ -55,9 +55,11 @@ export const getPreloadedState = ({ const state = { ...initialState, isLoading: true, - query: data.query.queryString.getQuery(), // Do not use app-specific filters from previous app, // only if Lens was opened with the intention to visualize a field (e.g. coming from Discover) + query: !initialContext + ? data.query.queryString.getDefaultQuery() + : data.query.queryString.getQuery(), filters: !initialContext ? data.query.filterManager.getGlobalFilters() : data.query.filterManager.getFilters(), @@ -117,7 +119,6 @@ export const navigateAway = createAction('lens/navigateAway'); export const loadInitial = createAction<{ initialInput?: LensEmbeddableInput; redirectCallback: (savedObjectId?: string) => void; - emptyState: LensAppState; history: History; }>('lens/loadInitial'); export const initEmpty = createAction( @@ -356,7 +357,6 @@ export const makeLensReducer = (storeDeps: LensStoreDeps) => { payload: PayloadAction<{ initialInput?: LensEmbeddableInput; redirectCallback: (savedObjectId?: string) => void; - emptyState: LensAppState; history: History; }> ) => state, diff --git a/x-pack/plugins/lens/public/state_management/load_initial.test.tsx b/x-pack/plugins/lens/public/state_management/load_initial.test.tsx index fe4c553ce4bd7a3..ac27ca4398326c5 100644 --- a/x-pack/plugins/lens/public/state_management/load_initial.test.tsx +++ b/x-pack/plugins/lens/public/state_management/load_initial.test.tsx @@ -16,8 +16,7 @@ import { import { Location, History } from 'history'; import { act } from 'react-dom/test-utils'; import { LensEmbeddableInput } from '../embeddable'; -import { getPreloadedState, initialState, loadInitial } from './lens_slice'; -import { LensAppState } from '.'; +import { loadInitial } from './lens_slice'; const history = { location: { @@ -38,7 +37,6 @@ const defaultProps = { redirectCallback: jest.fn(), initialInput: { savedObjectId: defaultSavedObjectId } as unknown as LensEmbeddableInput, history, - emptyState: initialState, }; describe('Initializing the store', () => { @@ -52,9 +50,8 @@ describe('Initializing the store', () => { it('should have initialized the initial datasource and visualization', async () => { const { store, deps } = await makeLensStore({ preloadedState }); - const emptyState = getPreloadedState(deps) as LensAppState; await act(async () => { - await store.dispatch(loadInitial({ ...defaultProps, initialInput: undefined, emptyState })); + await store.dispatch(loadInitial({ ...defaultProps, initialInput: undefined })); }); expect(deps.datasourceMap.testDatasource.initialize).toHaveBeenCalled(); expect(deps.datasourceMap.testDatasource2.initialize).not.toHaveBeenCalled(); @@ -187,13 +184,10 @@ describe('Initializing the store', () => { }), }); - const emptyState = getPreloadedState(deps) as LensAppState; - await act(async () => { await store.dispatch( loadInitial({ ...defaultProps, - emptyState, initialInput: undefined, }) ); diff --git a/x-pack/test/functional/apps/lens/geo_field.ts b/x-pack/test/functional/apps/lens/geo_field.ts index 2ba833177a1355d..499188683c0a471 100644 --- a/x-pack/test/functional/apps/lens/geo_field.ts +++ b/x-pack/test/functional/apps/lens/geo_field.ts @@ -15,6 +15,7 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { it('should visualize geo fields in maps', async () => { await PageObjects.visualize.navigateToNewVisualization(); await PageObjects.visualize.clickVisType('lens'); + await PageObjects.lens.switchDataPanelIndexPattern('logstash-*'); await PageObjects.timePicker.setAbsoluteRange( 'Sep 22, 2015 @ 00:00:00.000', 'Sep 22, 2015 @ 04:00:00.000' diff --git a/x-pack/test/functional/apps/lens/index.ts b/x-pack/test/functional/apps/lens/index.ts index db0f41cc9e27081..5241d9724abb906 100644 --- a/x-pack/test/functional/apps/lens/index.ts +++ b/x-pack/test/functional/apps/lens/index.ts @@ -11,6 +11,7 @@ export default function ({ getService, loadTestFile }: FtrProviderContext) { const browser = getService('browser'); const log = getService('log'); const esArchiver = getService('esArchiver'); + const kibanaServer = getService('kibanaServer'); describe('lens app', () => { before(async () => { @@ -18,16 +19,23 @@ export default function ({ getService, loadTestFile }: FtrProviderContext) { await browser.setWindowSize(1280, 800); await esArchiver.load('x-pack/test/functional/es_archives/logstash_functional'); await esArchiver.load('x-pack/test/functional/es_archives/lens/basic'); + await kibanaServer.importExport.load( + 'x-pack/test/functional/fixtures/kbn_archiver/lens/default' + ); }); after(async () => { await esArchiver.unload('x-pack/test/functional/es_archives/logstash_functional'); await esArchiver.unload('x-pack/test/functional/es_archives/lens/basic'); + await kibanaServer.importExport.unload( + 'x-pack/test/functional/fixtures/kbn_archiver/lens/default' + ); }); describe('', function () { this.tags(['ciGroup3', 'skipFirefox']); loadTestFile(require.resolve('./smokescreen')); + loadTestFile(require.resolve('./persistent_context')); }); describe('', function () { @@ -37,7 +45,6 @@ export default function ({ getService, loadTestFile }: FtrProviderContext) { loadTestFile(require.resolve('./table')); loadTestFile(require.resolve('./runtime_fields')); loadTestFile(require.resolve('./dashboard')); - loadTestFile(require.resolve('./persistent_context')); loadTestFile(require.resolve('./colors')); loadTestFile(require.resolve('./chart_data')); loadTestFile(require.resolve('./time_shift')); diff --git a/x-pack/test/functional/apps/lens/persistent_context.ts b/x-pack/test/functional/apps/lens/persistent_context.ts index e7b99ad804cd034..8a7ac6df76496d5 100644 --- a/x-pack/test/functional/apps/lens/persistent_context.ts +++ b/x-pack/test/functional/apps/lens/persistent_context.ts @@ -9,11 +9,20 @@ import expect from '@kbn/expect'; import { FtrProviderContext } from '../../ftr_provider_context'; export default function ({ getService, getPageObjects }: FtrProviderContext) { - const PageObjects = getPageObjects(['visualize', 'lens', 'header', 'timePicker']); + const PageObjects = getPageObjects([ + 'visualize', + 'lens', + 'header', + 'timePicker', + 'common', + 'navigationalSearch', + ]); const browser = getService('browser'); const filterBar = getService('filterBar'); const appsMenu = getService('appsMenu'); const security = getService('security'); + const listingTable = getService('listingTable'); + const queryBar = getService('queryBar'); describe('lens query context', () => { before(async () => { @@ -27,6 +36,122 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { await security.testUser.restoreDefaults(); }); + describe('Navigation search', () => { + describe('when opening from empty visualization to existing one', () => { + before(async () => { + await PageObjects.visualize.navigateToNewVisualization(); + await PageObjects.visualize.clickVisType('lens'); + await PageObjects.lens.goToTimeRange(); + await PageObjects.navigationalSearch.focus(); + await PageObjects.navigationalSearch.searchFor('type:lens lnsTableVis'); + await PageObjects.navigationalSearch.clickOnOption(0); + await PageObjects.lens.waitForWorkspaceWithVisualization(); + }); + it('filters, time and query reflect the visualization state', async () => { + expect(await PageObjects.lens.getDatatableHeaderText(1)).to.equal( + '404 › Median of bytes' + ); + expect(await PageObjects.lens.getDatatableHeaderText(2)).to.equal( + '503 › Median of bytes' + ); + expect(await PageObjects.lens.getDatatableCellText(0, 0)).to.eql('TG'); + expect(await PageObjects.lens.getDatatableCellText(0, 1)).to.eql('9,931'); + }); + it('preserves time range', async () => { + const timePickerValues = await PageObjects.timePicker.getTimeConfigAsAbsoluteTimes(); + expect(timePickerValues.start).to.eql(PageObjects.timePicker.defaultStartTime); + expect(timePickerValues.end).to.eql(PageObjects.timePicker.defaultEndTime); + // data is correct and top nav is correct + }); + it('loads filters', async () => { + const filterCount = await filterBar.getFilterCount(); + expect(filterCount).to.equal(1); + }); + it('loads query', async () => { + const query = await queryBar.getQueryString(); + expect(query).to.equal('extension.raw : "jpg" or extension.raw : "gif" '); + }); + }); + describe('when opening from existing visualization to empty one', () => { + before(async () => { + await PageObjects.visualize.gotoVisualizationLandingPage(); + await listingTable.searchForItemWithName('lnsTableVis'); + await PageObjects.lens.clickVisualizeListItemTitle('lnsTableVis'); + await PageObjects.lens.goToTimeRange(); + await PageObjects.navigationalSearch.focus(); + await PageObjects.navigationalSearch.searchFor('type:application lens'); + await PageObjects.navigationalSearch.clickOnOption(0); + await PageObjects.lens.waitForEmptyWorkspace(); + await PageObjects.lens.switchToVisualization('lnsMetric'); + await PageObjects.lens.dragFieldToWorkspace('@timestamp'); + }); + it('preserves time range', async () => { + // fill the navigation search and select empty + // see the time + const timePickerValues = await PageObjects.timePicker.getTimeConfigAsAbsoluteTimes(); + expect(timePickerValues.start).to.eql(PageObjects.timePicker.defaultStartTime); + expect(timePickerValues.end).to.eql(PageObjects.timePicker.defaultEndTime); + }); + it('cleans filters', async () => { + const filterCount = await filterBar.getFilterCount(); + expect(filterCount).to.equal(0); + }); + it('cleans query', async () => { + const query = await queryBar.getQueryString(); + expect(query).to.equal(''); + }); + it('filters, time and query reflect the visualization state', async () => { + await PageObjects.lens.assertMetric('Unique count of @timestamp', '14,181'); + }); + }); + }); + + describe('Switching in Visualize App', () => { + it('when moving from existing to empty workspace, preserves time range, cleans filters and query', async () => { + // go to existing vis + await PageObjects.visualize.gotoVisualizationLandingPage(); + await listingTable.searchForItemWithName('lnsTableVis'); + await PageObjects.lens.clickVisualizeListItemTitle('lnsTableVis'); + await PageObjects.lens.goToTimeRange(); + // go to empty vis + await PageObjects.lens.goToListingPageViaBreadcrumbs(); + await PageObjects.visualize.clickNewVisualization(); + await PageObjects.visualize.waitForGroupsSelectPage(); + await PageObjects.visualize.clickVisType('lens'); + await PageObjects.lens.waitForEmptyWorkspace(); + await PageObjects.lens.switchToVisualization('lnsMetric'); + await PageObjects.lens.dragFieldToWorkspace('@timestamp'); + + const timePickerValues = await PageObjects.timePicker.getTimeConfigAsAbsoluteTimes(); + expect(timePickerValues.start).to.eql(PageObjects.timePicker.defaultStartTime); + expect(timePickerValues.end).to.eql(PageObjects.timePicker.defaultEndTime); + const filterCount = await filterBar.getFilterCount(); + expect(filterCount).to.equal(0); + const query = await queryBar.getQueryString(); + expect(query).to.equal(''); + await PageObjects.lens.assertMetric('Unique count of @timestamp', '14,181'); + }); + it('when moving from empty to existing workspace, preserves time range and loads filters and query', async () => { + // go to existing vis + await PageObjects.lens.goToListingPageViaBreadcrumbs(); + await listingTable.searchForItemWithName('lnsTableVis'); + await PageObjects.lens.clickVisualizeListItemTitle('lnsTableVis'); + + expect(await PageObjects.lens.getDatatableHeaderText(1)).to.equal('404 › Median of bytes'); + expect(await PageObjects.lens.getDatatableHeaderText(2)).to.equal('503 › Median of bytes'); + expect(await PageObjects.lens.getDatatableCellText(0, 0)).to.eql('TG'); + expect(await PageObjects.lens.getDatatableCellText(0, 1)).to.eql('9,931'); + + const timePickerValues = await PageObjects.timePicker.getTimeConfigAsAbsoluteTimes(); + expect(timePickerValues.start).to.eql(PageObjects.timePicker.defaultStartTime); + expect(timePickerValues.end).to.eql(PageObjects.timePicker.defaultEndTime); + const filterCount = await filterBar.getFilterCount(); + expect(filterCount).to.equal(1); + const query = await queryBar.getQueryString(); + expect(query).to.equal('extension.raw : "jpg" or extension.raw : "gif" '); + }); + }); + it('should carry over time range and pinned filters to discover', async () => { await PageObjects.visualize.navigateToNewVisualization(); await PageObjects.visualize.clickVisType('lens'); diff --git a/x-pack/test/functional/fixtures/kbn_archiver/lens/default.json b/x-pack/test/functional/fixtures/kbn_archiver/lens/default.json new file mode 100644 index 000000000000000..6f1007703a83267 --- /dev/null +++ b/x-pack/test/functional/fixtures/kbn_archiver/lens/default.json @@ -0,0 +1,154 @@ +{ + "attributes": { + "fields": "[{\"name\":\"@message\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"@message.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@tags\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"@tags.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"agent\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"bytes\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"clientip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"extension\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"extension.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geo.coordinates\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geo.dest\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geo.src\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geo.srcdest\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"headings\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"headings.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"host\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"host.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"index.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"links\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"links.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"machine.os\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"machine.os.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"machine.ram\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"memory\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"meta.char\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"meta.related\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"meta.user.firstname\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"meta.user.lastname\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"phpmemory\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"referer\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.article:modified_time\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.article:published_time\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.article:section\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.article:section.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.article:tag\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.article:tag.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:description\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:description.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:image\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:image.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:image:height\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:image:height.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:image:width\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:image:width.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:site_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:site_name.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:title\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:title.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:type.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:url\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:url.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.twitter:card\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.twitter:card.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.twitter:description\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.twitter:description.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.twitter:image\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.twitter:image.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.twitter:site\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.twitter:site.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.twitter:title\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.twitter:title.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.url\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.url.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"request\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"request.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"response\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"response.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"spaces\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"spaces.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"url\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"url.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"utc_time\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"xss\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"xss.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]", + "timeFieldName": "@timestamp", + "title": "logstash-*" + }, + "coreMigrationVersion": "8.0.0", + "id": "logstash-*", + "migrationVersion": { + "index-pattern": "7.11.0" + }, + "references": [], + "type": "index-pattern", + "updated_at": "2018-12-21T00:43:07.096Z", + "version": "WzEzLDJd" +} + +{ + "attributes": { + "description": "", + "state": { + "datasourceStates": { + "indexpattern": { + "layers": { + "4ba1a1be-6e67-434b-b3a0-f30db8ea5395": { + "columnOrder": [ + "70d52318-354d-47d5-b33b-43d50eb34425", + "bafe3009-1776-4227-a0fe-b0d6ccbb4961", + "3dc0bd55-2087-4e60-aea2-f9910714f7db" + ], + "columns": { + "3dc0bd55-2087-4e60-aea2-f9910714f7db": { + "dataType": "number", + "isBucketed": false, + "label": "Median of bytes", + "operationType": "median", + "scale": "ratio", + "sourceField": "bytes" + }, + "70d52318-354d-47d5-b33b-43d50eb34425": { + "dataType": "string", + "isBucketed": true, + "label": "Top values of response.raw", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "3dc0bd55-2087-4e60-aea2-f9910714f7db", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": true, + "size": 3 + }, + "scale": "ordinal", + "sourceField": "response.raw" + }, + "bafe3009-1776-4227-a0fe-b0d6ccbb4961": { + "dataType": "string", + "isBucketed": true, + "label": "Top values of geo.src", + "operationType": "terms", + "params": { + "orderBy": { + "columnId": "3dc0bd55-2087-4e60-aea2-f9910714f7db", + "type": "column" + }, + "orderDirection": "desc", + "size": 7 + }, + "scale": "ordinal", + "sourceField": "geo.src" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "indexRefName": "filter-index-pattern-0", + "key": "response", + "negate": true, + "params": { + "query": "200" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "response": "200" + } + } + } + ], + "query": { + "language": "kuery", + "query": "extension.raw : \"jpg\" or extension.raw : \"gif\" " + }, + "visualization": { + "columns": [ + { + "columnId": "bafe3009-1776-4227-a0fe-b0d6ccbb4961", + "isTransposed": false + }, + { + "columnId": "3dc0bd55-2087-4e60-aea2-f9910714f7db", + "isTransposed": false + }, + { + "columnId": "70d52318-354d-47d5-b33b-43d50eb34425", + "isTransposed": true + } + ], + "layerId": "4ba1a1be-6e67-434b-b3a0-f30db8ea5395", + "layerType": "data" + } + }, + "title": "lnsTableVis", + "visualizationType": "lnsDatatable" +}, + "coreMigrationVersion": "7.16.0", + "id": "a800e2b0-268c-11ec-b2b6-f1bd289a74d4", + "migrationVersion": { + "lens": "7.15.0" + }, + "references": [ + { + "id": "logstash-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "logstash-*", + "name": "indexpattern-datasource-layer-4ba1a1be-6e67-434b-b3a0-f30db8ea5395", + "type": "index-pattern" + }, + { + "id": "logstash-*", + "name": "filter-index-pattern-0", + "type": "index-pattern" + } + ], + "type": "lens", + "updated_at": "2020-11-23T19:57:52.834Z", + "version": "WzUyLDJd" +} diff --git a/x-pack/test/functional/page_objects/lens_page.ts b/x-pack/test/functional/page_objects/lens_page.ts index e26ea8f598c46fb..01e860cf4bec59a 100644 --- a/x-pack/test/functional/page_objects/lens_page.ts +++ b/x-pack/test/functional/page_objects/lens_page.ts @@ -247,6 +247,18 @@ export function LensPageProvider({ getService, getPageObjects }: FtrProviderCont }); }, + async waitForEmptyWorkspace() { + await retry.try(async () => { + await testSubjects.existOrFail(`empty-workspace`); + }); + }, + + async waitForWorkspaceWithVisualization() { + await retry.try(async () => { + await testSubjects.existOrFail(`lnsVisualizationContainer`); + }); + }, + async waitForFieldMissing(field: string) { await retry.try(async () => { await testSubjects.missingOrFail(`lnsFieldListPanelField-${field}`); @@ -1096,6 +1108,17 @@ export function LensPageProvider({ getService, getPageObjects }: FtrProviderCont await testSubjects.click('lnsFormula-fullscreen'); }, + async goToListingPageViaBreadcrumbs() { + await retry.try(async () => { + await testSubjects.click('breadcrumb first'); + if (await testSubjects.exists('appLeaveConfirmModal')) { + await testSubjects.exists('confirmModalConfirmButton'); + await testSubjects.click('confirmModalConfirmButton'); + } + await testSubjects.existOrFail('visualizationLandingPage', { timeout: 3000 }); + }); + }, + async typeFormula(formula: string) { await find.byCssSelector('.monaco-editor'); await find.clickByCssSelectorWhenNotDisabled('.monaco-editor'); From 0f1c7ccc98e6cfd7021f6f3eff8a8fff9b1d31b2 Mon Sep 17 00:00:00 2001 From: Joe Portner <5295965+jportner@users.noreply.github.com> Date: Mon, 18 Oct 2021 11:17:04 -0400 Subject: [PATCH 41/50] Prevent Spaces from being disabled (#115283) --- docs/settings/spaces-settings.asciidoc | 5 - docs/spaces/index.asciidoc | 9 +- .../resources/base/bin/kibana-docker | 1 - .../roles/edit_role/edit_role_page.test.tsx | 156 +---- .../roles/edit_role/edit_role_page.tsx | 22 +- .../kibana/kibana_privileges_region.test.tsx | 20 +- .../kibana/kibana_privileges_region.tsx | 41 +- .../simple_privilege_section.test.tsx.snap | 160 ----- .../kibana/simple_privilege_section/index.ts | 8 - .../privilege_selector.tsx | 59 -- .../simple_privilege_section.test.tsx | 248 ------- .../simple_privilege_section.tsx | 332 --------- .../unsupported_space_privileges_warning.tsx | 26 - .../management/roles/roles_api_client.test.ts | 653 ++++++------------ .../management/roles/roles_api_client.ts | 12 +- x-pack/plugins/spaces/server/config.test.ts | 71 -- x-pack/plugins/spaces/server/config.ts | 24 +- x-pack/plugins/spaces/server/index.ts | 3 +- .../spaces_client/spaces_client.test.ts | 17 +- .../translations/translations/ja-JP.json | 16 - .../translations/translations/zh-CN.json | 16 - .../review_logs_step/mocked_responses.ts | 3 +- x-pack/scripts/functional_tests.js | 4 - .../common/lib/authentication/roles.ts | 14 - .../common/lib/authentication/users.ts | 15 - .../security_only/config.ts | 16 - .../tests/common/alerts/get_cases.ts | 242 ------- .../tests/common/cases/delete_cases.ts | 157 ----- .../tests/common/cases/find_cases.ts | 245 ------- .../tests/common/cases/get_case.ts | 144 ---- .../tests/common/cases/patch_cases.ts | 243 ------- .../tests/common/cases/post_case.ts | 83 --- .../common/cases/reporters/get_reporters.ts | 162 ----- .../tests/common/cases/status/get_status.ts | 144 ---- .../tests/common/cases/tags/get_tags.ts | 170 ----- .../tests/common/comments/delete_comment.ts | 205 ------ .../tests/common/comments/find_comments.ts | 278 -------- .../tests/common/comments/get_all_comments.ts | 139 ---- .../tests/common/comments/get_comment.ts | 123 ---- .../tests/common/comments/patch_comment.ts | 189 ----- .../tests/common/comments/post_comment.ts | 128 ---- .../tests/common/configure/get_configure.ts | 195 ------ .../tests/common/configure/patch_configure.ts | 140 ---- .../tests/common/configure/post_configure.ts | 133 ---- .../security_only/tests/common/index.ts | 33 - .../user_actions/get_all_user_actions.ts | 104 --- .../tests/trial/cases/push_case.ts | 131 ---- .../security_only/tests/trial/index.ts | 34 - .../security_only/utils.ts | 18 - .../common/lib/authentication/users.ts | 15 - .../security_and_spaces/apis/bulk_get.ts | 2 +- .../security_only/apis/bulk_create.ts | 114 --- .../security_only/apis/bulk_get.ts | 108 --- .../security_only/apis/bulk_resolve.ts | 74 -- .../security_only/apis/bulk_update.ts | 114 --- .../security_only/apis/create.ts | 106 --- .../security_only/apis/delete.ts | 86 --- .../security_only/apis/export.ts | 86 --- .../security_only/apis/find.ts | 93 --- .../security_only/apis/get.ts | 80 --- .../security_only/apis/import.ts | 178 ----- .../security_only/apis/index.ts | 36 - .../security_only/apis/resolve.ts | 74 -- .../apis/resolve_import_errors.ts | 147 ---- .../security_only/apis/update.ts | 82 --- .../security_only/config_basic.ts | 11 - .../security_only/config_trial.ts | 11 - .../timeline/security_only/config_basic.ts | 16 - .../timeline/security_only/config_trial.ts | 16 - .../security_only/tests/basic/events.ts | 144 ---- .../security_only/tests/basic/index.ts | 31 - .../security_only/tests/trial/events.ts | 144 ---- .../security_only/tests/trial/index.ts | 31 - x-pack/test/timeline/spaces_only/config.ts | 16 - .../test/timeline/spaces_only/tests/events.ts | 116 ---- .../test/timeline/spaces_only/tests/index.ts | 28 - .../security_and_spaces/scenarios.ts | 110 ++- .../security_and_spaces/tests/catalogue.ts | 14 + .../security_and_spaces/tests/foo.ts | 4 + .../security_and_spaces/tests/nav_links.ts | 12 +- .../ui_capabilities/security_only/config.ts | 11 - .../security_only/scenarios.ts | 216 ------ .../security_only/tests/catalogue.ts | 111 --- .../security_only/tests/foo.ts | 72 -- .../security_only/tests/index.ts | 55 -- .../security_only/tests/nav_links.ts | 83 --- .../ui_capabilities/spaces_only/scenarios.ts | 6 +- 87 files changed, 362 insertions(+), 7682 deletions(-) delete mode 100644 x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/__snapshots__/simple_privilege_section.test.tsx.snap delete mode 100644 x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/index.ts delete mode 100644 x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/privilege_selector.tsx delete mode 100644 x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/simple_privilege_section.test.tsx delete mode 100644 x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/simple_privilege_section.tsx delete mode 100644 x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/unsupported_space_privileges_warning.tsx delete mode 100644 x-pack/plugins/spaces/server/config.test.ts delete mode 100644 x-pack/test/case_api_integration/security_only/config.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/alerts/get_cases.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/cases/delete_cases.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/cases/find_cases.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/cases/get_case.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/cases/patch_cases.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/cases/post_case.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/cases/reporters/get_reporters.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/cases/status/get_status.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/cases/tags/get_tags.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/comments/delete_comment.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/comments/find_comments.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/comments/get_all_comments.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/comments/get_comment.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/comments/patch_comment.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/comments/post_comment.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/configure/get_configure.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/configure/patch_configure.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/configure/post_configure.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/index.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/common/user_actions/get_all_user_actions.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/trial/cases/push_case.ts delete mode 100644 x-pack/test/case_api_integration/security_only/tests/trial/index.ts delete mode 100644 x-pack/test/case_api_integration/security_only/utils.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/bulk_create.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/bulk_get.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/bulk_resolve.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/bulk_update.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/create.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/delete.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/export.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/find.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/get.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/import.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/index.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/resolve.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/resolve_import_errors.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/apis/update.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/config_basic.ts delete mode 100644 x-pack/test/saved_object_api_integration/security_only/config_trial.ts delete mode 100644 x-pack/test/timeline/security_only/config_basic.ts delete mode 100644 x-pack/test/timeline/security_only/config_trial.ts delete mode 100644 x-pack/test/timeline/security_only/tests/basic/events.ts delete mode 100644 x-pack/test/timeline/security_only/tests/basic/index.ts delete mode 100644 x-pack/test/timeline/security_only/tests/trial/events.ts delete mode 100644 x-pack/test/timeline/security_only/tests/trial/index.ts delete mode 100644 x-pack/test/timeline/spaces_only/config.ts delete mode 100644 x-pack/test/timeline/spaces_only/tests/events.ts delete mode 100644 x-pack/test/timeline/spaces_only/tests/index.ts delete mode 100644 x-pack/test/ui_capabilities/security_only/config.ts delete mode 100644 x-pack/test/ui_capabilities/security_only/scenarios.ts delete mode 100644 x-pack/test/ui_capabilities/security_only/tests/catalogue.ts delete mode 100644 x-pack/test/ui_capabilities/security_only/tests/foo.ts delete mode 100644 x-pack/test/ui_capabilities/security_only/tests/index.ts delete mode 100644 x-pack/test/ui_capabilities/security_only/tests/nav_links.ts diff --git a/docs/settings/spaces-settings.asciidoc b/docs/settings/spaces-settings.asciidoc index 969adb93185d06f..5483912387cecab 100644 --- a/docs/settings/spaces-settings.asciidoc +++ b/docs/settings/spaces-settings.asciidoc @@ -7,11 +7,6 @@ By default, spaces is enabled in {kib}. To secure spaces, <>. -`xpack.spaces.enabled`:: -deprecated:[7.16.0,"In 8.0 and later, this setting will no longer be supported and it will not be possible to disable this plugin."] -To enable spaces, set to `true`. -The default is `true`. - `xpack.spaces.maxSpaces`:: The maximum number of spaces that you can use with the {kib} instance. Some {kib} operations return all spaces using a single `_search` from {es}, so you must diff --git a/docs/spaces/index.asciidoc b/docs/spaces/index.asciidoc index 28d29e4822f83f3..00e50a41b6ce3d7 100644 --- a/docs/spaces/index.asciidoc +++ b/docs/spaces/index.asciidoc @@ -109,11 +109,6 @@ image::images/spaces-configure-landing-page.png["Configure space-level landing p [float] [[spaces-delete-started]] -=== Disable and version updates - -Spaces are automatically enabled in {kib}. If you don't want use this feature, -you can disable it. For more information, refer to <>. - -When you upgrade {kib}, the default space contains all of your existing saved objects. - +=== Disabling spaces +Starting in {kib} 8.0, the Spaces feature cannot be disabled. diff --git a/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker b/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker index 1827f9b9e8e7965..4b5c2e25084edc0 100755 --- a/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker +++ b/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker @@ -366,7 +366,6 @@ kibana_vars=( xpack.securitySolution.packagerTaskInterval xpack.securitySolution.prebuiltRulesFromFileSystem xpack.securitySolution.prebuiltRulesFromSavedObjects - xpack.spaces.enabled xpack.spaces.maxSpaces xpack.task_manager.index xpack.task_manager.max_attempts diff --git a/x-pack/plugins/security/public/management/roles/edit_role/edit_role_page.test.tsx b/x-pack/plugins/security/public/management/roles/edit_role/edit_role_page.test.tsx index b8963ea5a76e309..f621ca0eddb0f84 100644 --- a/x-pack/plugins/security/public/management/roles/edit_role/edit_role_page.test.tsx +++ b/x-pack/plugins/security/public/management/roles/edit_role/edit_role_page.test.tsx @@ -22,7 +22,6 @@ import { userAPIClientMock } from '../../users/index.mock'; import { createRawKibanaPrivileges } from '../__fixtures__/kibana_privileges'; import { indicesAPIClientMock, privilegesAPIClientMock, rolesAPIClientMock } from '../index.mock'; import { EditRolePage } from './edit_role_page'; -import { SimplePrivilegeSection } from './privileges/kibana/simple_privilege_section'; import { SpaceAwarePrivilegeSection } from './privileges/kibana/space_aware_privilege_section'; import { TransformErrorSection } from './privileges/kibana/transform_error_section'; @@ -132,12 +131,10 @@ function getProps({ action, role, canManageSpaces = true, - spacesEnabled = true, }: { action: 'edit' | 'clone'; role?: Role; canManageSpaces?: boolean; - spacesEnabled?: boolean; }) { const rolesAPIClient = rolesAPIClientMock.create(); rolesAPIClient.getRole.mockResolvedValue(role); @@ -165,12 +162,7 @@ function getProps({ const { http, docLinks, notifications } = coreMock.createStart(); http.get.mockImplementation(async (path: any) => { if (path === '/api/spaces/space') { - if (spacesEnabled) { - return buildSpaces(); - } - - const notFoundError = { response: { status: 404 } }; - throw notFoundError; + return buildSpaces(); } }); @@ -335,152 +327,6 @@ describe('', () => { }); }); - describe('with spaces disabled', () => { - it('can render a reserved role', async () => { - const wrapper = mountWithIntl( - - ); - - await waitForRender(wrapper); - - expect(wrapper.find('[data-test-subj="reservedRoleBadgeTooltip"]')).toHaveLength(1); - expect(wrapper.find(SimplePrivilegeSection)).toHaveLength(1); - expect(wrapper.find('[data-test-subj="userCannotManageSpacesCallout"]')).toHaveLength(0); - expectReadOnlyFormButtons(wrapper); - }); - - it('can render a user defined role', async () => { - const wrapper = mountWithIntl( - - ); - - await waitForRender(wrapper); - - expect(wrapper.find('[data-test-subj="reservedRoleBadgeTooltip"]')).toHaveLength(0); - expect(wrapper.find(SimplePrivilegeSection)).toHaveLength(1); - expect(wrapper.find('[data-test-subj="userCannotManageSpacesCallout"]')).toHaveLength(0); - expectSaveFormButtons(wrapper); - }); - - it('can render when creating a new role', async () => { - const wrapper = mountWithIntl( - - ); - - await waitForRender(wrapper); - - expect(wrapper.find(SimplePrivilegeSection)).toHaveLength(1); - expectSaveFormButtons(wrapper); - }); - - it('can render when cloning an existing role', async () => { - const wrapper = mountWithIntl( - - ); - - await waitForRender(wrapper); - - expect(wrapper.find(SimplePrivilegeSection)).toHaveLength(1); - expectSaveFormButtons(wrapper); - }); - - it('does not care if user cannot manage spaces', async () => { - const wrapper = mountWithIntl( - - ); - - await waitForRender(wrapper); - - expect(wrapper.find('[data-test-subj="reservedRoleBadgeTooltip"]')).toHaveLength(0); - - expect( - wrapper.find('EuiCallOut[data-test-subj="userCannotManageSpacesCallout"]') - ).toHaveLength(0); - - expect(wrapper.find(SimplePrivilegeSection)).toHaveLength(1); - expectSaveFormButtons(wrapper); - }); - - it('renders a partial read-only view when there is a transform error', async () => { - const wrapper = mountWithIntl( - - ); - - await waitForRender(wrapper); - - expect(wrapper.find(TransformErrorSection)).toHaveLength(1); - expectReadOnlyFormButtons(wrapper); - }); - }); - it('registers fatal error if features endpoint fails unexpectedly', async () => { const error = { response: { status: 500 } }; const getFeatures = jest.fn().mockRejectedValue(error); diff --git a/x-pack/plugins/security/public/management/roles/edit_role/edit_role_page.tsx b/x-pack/plugins/security/public/management/roles/edit_role/edit_role_page.tsx index 51aaa988da2a4d4..4c71dcd935ff969 100644 --- a/x-pack/plugins/security/public/management/roles/edit_role/edit_role_page.tsx +++ b/x-pack/plugins/security/public/management/roles/edit_role/edit_role_page.tsx @@ -436,7 +436,6 @@ export const EditRolePage: FunctionComponent = ({ = ({ setFormError(null); try { - await rolesAPIClient.saveRole({ role, spacesEnabled: spaces.enabled }); + await rolesAPIClient.saveRole({ role }); } catch (error) { notifications.toasts.addDanger( error?.body?.message ?? @@ -566,24 +565,17 @@ export const EditRolePage: FunctionComponent = ({ backToRoleList(); }; - const description = spaces.enabled ? ( - - ) : ( - - ); - return (
{getFormTitle()} - {description} + + + {isRoleReserved && ( diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/kibana_privileges_region.test.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/kibana_privileges_region.test.tsx index e27c2eb74856094..5b1d06a741ad2be 100644 --- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/kibana_privileges_region.test.tsx +++ b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/kibana_privileges_region.test.tsx @@ -12,11 +12,10 @@ import type { Role } from '../../../../../../common/model'; import { KibanaPrivileges } from '../../../model'; import { RoleValidator } from '../../validate_role'; import { KibanaPrivilegesRegion } from './kibana_privileges_region'; -import { SimplePrivilegeSection } from './simple_privilege_section'; import { SpaceAwarePrivilegeSection } from './space_aware_privilege_section'; import { TransformErrorSection } from './transform_error_section'; -const buildProps = (customProps = {}) => { +const buildProps = () => { return { role: { name: '', @@ -27,7 +26,6 @@ const buildProps = (customProps = {}) => { }, kibana: [], }, - spacesEnabled: true, spaces: [ { id: 'default', @@ -64,7 +62,6 @@ const buildProps = (customProps = {}) => { onChange: jest.fn(), validator: new RoleValidator(), canCustomizeSubFeaturePrivileges: true, - ...customProps, }; }; @@ -73,26 +70,17 @@ describe('', () => { expect(shallow()).toMatchSnapshot(); }); - it('renders the simple privilege form when spaces is disabled', () => { - const props = buildProps({ spacesEnabled: false }); + it('renders the space-aware privilege form', () => { + const props = buildProps(); const wrapper = shallow(); - expect(wrapper.find(SimplePrivilegeSection)).toHaveLength(1); - expect(wrapper.find(SpaceAwarePrivilegeSection)).toHaveLength(0); - }); - - it('renders the space-aware privilege form when spaces is enabled', () => { - const props = buildProps({ spacesEnabled: true }); - const wrapper = shallow(); - expect(wrapper.find(SimplePrivilegeSection)).toHaveLength(0); expect(wrapper.find(SpaceAwarePrivilegeSection)).toHaveLength(1); }); it('renders the transform error section when the role has a transform error', () => { - const props = buildProps({ spacesEnabled: true }); + const props = buildProps(); (props.role as Role)._transform_error = ['kibana']; const wrapper = shallow(); - expect(wrapper.find(SimplePrivilegeSection)).toHaveLength(0); expect(wrapper.find(SpaceAwarePrivilegeSection)).toHaveLength(0); expect(wrapper.find(TransformErrorSection)).toHaveLength(1); }); diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/kibana_privileges_region.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/kibana_privileges_region.tsx index c9c7df222df2964..0aba384ede90e49 100644 --- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/kibana_privileges_region.tsx +++ b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/kibana_privileges_region.tsx @@ -14,13 +14,11 @@ import type { Role } from '../../../../../../common/model'; import type { KibanaPrivileges } from '../../../model'; import { CollapsiblePanel } from '../../collapsible_panel'; import type { RoleValidator } from '../../validate_role'; -import { SimplePrivilegeSection } from './simple_privilege_section'; import { SpaceAwarePrivilegeSection } from './space_aware_privilege_section'; import { TransformErrorSection } from './transform_error_section'; interface Props { role: Role; - spacesEnabled: boolean; canCustomizeSubFeaturePrivileges: boolean; spaces?: Space[]; uiCapabilities: Capabilities; @@ -44,7 +42,6 @@ export class KibanaPrivilegesRegion extends Component { const { kibanaPrivileges, role, - spacesEnabled, canCustomizeSubFeaturePrivileges, spaces = [], uiCapabilities, @@ -58,30 +55,18 @@ export class KibanaPrivilegesRegion extends Component { return ; } - if (spacesEnabled) { - return ( - - ); - } else { - return ( - - ); - } + return ( + + ); }; } diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/__snapshots__/simple_privilege_section.test.tsx.snap b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/__snapshots__/simple_privilege_section.test.tsx.snap deleted file mode 100644 index 7873e47d2e0ff34..000000000000000 --- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/__snapshots__/simple_privilege_section.test.tsx.snap +++ /dev/null @@ -1,160 +0,0 @@ -// Jest Snapshot v1, https://goo.gl/fbAQLP - -exports[` renders without crashing 1`] = ` - - - - -

- -

- - - - - } - labelType="label" - > - - - - -

- -

- , - "inputDisplay": - - , - "value": "none", - }, - Object { - "dropdownDisplay": - - - -

- -

- , - "inputDisplay": - - , - "value": "custom", - }, - Object { - "dropdownDisplay": - - - -

- -

- , - "inputDisplay": - - , - "value": "read", - }, - Object { - "dropdownDisplay": - - - -

- -

- , - "inputDisplay": - - , - "value": "all", - }, - ] - } - valueOfSelected="none" - /> - - - - -`; diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/index.ts b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/index.ts deleted file mode 100644 index bea5a3d2d592f1c..000000000000000 --- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/index.ts +++ /dev/null @@ -1,8 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -export { SimplePrivilegeSection } from './simple_privilege_section'; diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/privilege_selector.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/privilege_selector.tsx deleted file mode 100644 index 72061958ecc357c..000000000000000 --- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/privilege_selector.tsx +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { EuiSelect } from '@elastic/eui'; -import type { ChangeEvent } from 'react'; -import React, { Component } from 'react'; - -import { NO_PRIVILEGE_VALUE } from '../constants'; - -interface Props { - ['data-test-subj']: string; - availablePrivileges: string[]; - onChange: (privilege: string) => void; - value: string | null; - allowNone?: boolean; - disabled?: boolean; - compressed?: boolean; -} - -export class PrivilegeSelector extends Component { - public state = {}; - - public render() { - const { availablePrivileges, value, disabled, allowNone, compressed } = this.props; - - const options = []; - - if (allowNone) { - options.push({ value: NO_PRIVILEGE_VALUE, text: 'none' }); - } - - options.push( - ...availablePrivileges.map((p) => ({ - value: p, - text: p, - })) - ); - - return ( - - ); - } - - public onChange = (e: ChangeEvent) => { - this.props.onChange(e.target.value); - }; -} diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/simple_privilege_section.test.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/simple_privilege_section.test.tsx deleted file mode 100644 index bb7124b6c8876e2..000000000000000 --- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/simple_privilege_section.test.tsx +++ /dev/null @@ -1,248 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { EuiButtonGroupProps } from '@elastic/eui'; -import { EuiButtonGroup, EuiComboBox, EuiSuperSelect } from '@elastic/eui'; -import React from 'react'; - -import { mountWithIntl, shallowWithIntl } from '@kbn/test/jest'; - -import type { Role } from '../../../../../../../common/model'; -import { KibanaPrivileges, SecuredFeature } from '../../../../model'; -import { SimplePrivilegeSection } from './simple_privilege_section'; -import { UnsupportedSpacePrivilegesWarning } from './unsupported_space_privileges_warning'; - -const buildProps = (customProps: any = {}) => { - const features = [ - new SecuredFeature({ - id: 'feature1', - name: 'Feature 1', - app: ['app'], - category: { id: 'foo', label: 'foo' }, - privileges: { - all: { - app: ['app'], - savedObject: { - all: ['foo'], - read: [], - }, - ui: ['app-ui'], - }, - read: { - app: ['app'], - savedObject: { - all: [], - read: [], - }, - ui: ['app-ui'], - }, - }, - }), - ] as SecuredFeature[]; - - const kibanaPrivileges = new KibanaPrivileges( - { - features: { - feature1: { - all: ['*'], - read: ['read'], - }, - }, - global: {}, - space: {}, - reserved: {}, - }, - features - ); - - const role = { - name: '', - elasticsearch: { - cluster: ['manage'], - indices: [], - run_as: [], - }, - kibana: [], - ...customProps.role, - }; - - return { - editable: true, - kibanaPrivileges, - features, - onChange: jest.fn(), - canCustomizeSubFeaturePrivileges: true, - ...customProps, - role, - }; -}; - -describe('', () => { - it('renders without crashing', () => { - expect(shallowWithIntl()).toMatchSnapshot(); - }); - - it('displays "none" when no privilege is selected', () => { - const props = buildProps(); - const wrapper = shallowWithIntl(); - const selector = wrapper.find(EuiSuperSelect); - expect(selector.props()).toMatchObject({ - valueOfSelected: 'none', - }); - expect(wrapper.find(UnsupportedSpacePrivilegesWarning)).toHaveLength(0); - }); - - it('displays "custom" when feature privileges are customized', () => { - const props = buildProps({ - role: { - elasticsearch: {}, - kibana: [ - { - spaces: ['*'], - base: [], - feature: { - feature1: ['foo'], - }, - }, - ], - }, - }); - const wrapper = shallowWithIntl(); - const selector = wrapper.find(EuiSuperSelect); - expect(selector.props()).toMatchObject({ - valueOfSelected: 'custom', - }); - expect(wrapper.find(UnsupportedSpacePrivilegesWarning)).toHaveLength(0); - }); - - it('displays the selected privilege', () => { - const props = buildProps({ - role: { - elasticsearch: {}, - kibana: [ - { - spaces: ['*'], - base: ['read'], - feature: {}, - }, - ], - }, - }); - const wrapper = shallowWithIntl(); - const selector = wrapper.find(EuiSuperSelect); - expect(selector.props()).toMatchObject({ - valueOfSelected: 'read', - }); - expect(wrapper.find(UnsupportedSpacePrivilegesWarning)).toHaveLength(0); - }); - - it('displays the reserved privilege', () => { - const props = buildProps({ - role: { - elasticsearch: {}, - kibana: [ - { - spaces: ['*'], - base: [], - feature: {}, - _reserved: ['foo'], - }, - ], - }, - }); - const wrapper = shallowWithIntl(); - const selector = wrapper.find(EuiComboBox); - expect(selector.props()).toMatchObject({ - isDisabled: true, - selectedOptions: [{ label: 'foo' }], - }); - expect(wrapper.find(UnsupportedSpacePrivilegesWarning)).toHaveLength(0); - }); - - it('fires its onChange callback when the privilege changes', () => { - const props = buildProps(); - const wrapper = mountWithIntl(); - const selector = wrapper.find(EuiSuperSelect); - (selector.props() as any).onChange('all'); - - expect(props.onChange).toHaveBeenCalledWith({ - name: '', - elasticsearch: { - cluster: ['manage'], - indices: [], - run_as: [], - }, - kibana: [{ feature: {}, base: ['all'], spaces: ['*'] }], - }); - expect(wrapper.find(UnsupportedSpacePrivilegesWarning)).toHaveLength(0); - }); - - it('allows feature privileges to be customized', () => { - const props = buildProps({ - onChange: (role: Role) => { - wrapper.setProps({ - role, - }); - }, - }); - const wrapper = mountWithIntl(); - const selector = wrapper.find(EuiSuperSelect); - (selector.props() as any).onChange('custom'); - - wrapper.update(); - - const featurePrivilegeToggles = wrapper.find(EuiButtonGroup); - expect(featurePrivilegeToggles).toHaveLength(1); - expect(featurePrivilegeToggles.find('input')).toHaveLength(3); - - (featurePrivilegeToggles.props() as EuiButtonGroupProps).onChange('feature1_all', null); - - wrapper.update(); - - expect(wrapper.props().role).toEqual({ - elasticsearch: { - cluster: ['manage'], - indices: [], - run_as: [], - }, - kibana: [ - { - base: [], - feature: { - feature1: ['all'], - }, - spaces: ['*'], - }, - ], - name: '', - }); - - expect(wrapper.find(UnsupportedSpacePrivilegesWarning)).toHaveLength(0); - }); - - it('renders a warning when space privileges are found', () => { - const props = buildProps({ - role: { - elasticsearch: {}, - kibana: [ - { - spaces: ['*'], - base: ['read'], - feature: {}, - }, - { - spaces: ['marketing'], - base: ['read'], - feature: {}, - }, - ], - }, - }); - const wrapper = mountWithIntl(); - expect(wrapper.find(UnsupportedSpacePrivilegesWarning)).toHaveLength(1); - }); -}); diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/simple_privilege_section.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/simple_privilege_section.tsx deleted file mode 100644 index dd1304ebdaac266..000000000000000 --- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/simple_privilege_section.tsx +++ /dev/null @@ -1,332 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { - EuiComboBox, - EuiFlexGroup, - EuiFlexItem, - EuiFormRow, - EuiSuperSelect, - EuiText, -} from '@elastic/eui'; -import React, { Component, Fragment } from 'react'; - -import { FormattedMessage } from '@kbn/i18n/react'; - -import type { Role, RoleKibanaPrivilege } from '../../../../../../../common/model'; -import { copyRole } from '../../../../../../../common/model'; -import type { KibanaPrivileges } from '../../../../model'; -import { isGlobalPrivilegeDefinition } from '../../../privilege_utils'; -import { CUSTOM_PRIVILEGE_VALUE, NO_PRIVILEGE_VALUE } from '../constants'; -import { FeatureTable } from '../feature_table'; -import { PrivilegeFormCalculator } from '../privilege_form_calculator'; -import { UnsupportedSpacePrivilegesWarning } from './unsupported_space_privileges_warning'; - -interface Props { - role: Role; - kibanaPrivileges: KibanaPrivileges; - onChange: (role: Role) => void; - editable: boolean; - canCustomizeSubFeaturePrivileges: boolean; -} - -interface State { - isCustomizingGlobalPrivilege: boolean; - globalPrivsIndex: number; -} - -export class SimplePrivilegeSection extends Component { - constructor(props: Props) { - super(props); - - const globalPrivs = this.locateGlobalPrivilege(props.role); - const globalPrivsIndex = this.locateGlobalPrivilegeIndex(props.role); - - this.state = { - isCustomizingGlobalPrivilege: Boolean( - globalPrivs && Object.keys(globalPrivs.feature).length > 0 - ), - globalPrivsIndex, - }; - } - public render() { - const kibanaPrivilege = this.getDisplayedBasePrivilege(); - - const reservedPrivileges = this.props.role.kibana[this.state.globalPrivsIndex]?._reserved ?? []; - - const title = ( - - ); - - const description = ( -

- -

- ); - - return ( - - - - - {description} - - - - - {reservedPrivileges.length > 0 ? ( - ({ label: rp }))} - isDisabled - /> - ) : ( - - - - ), - dropdownDisplay: ( - - - - -

- -

- - ), - }, - { - value: CUSTOM_PRIVILEGE_VALUE, - inputDisplay: ( - - - - ), - dropdownDisplay: ( - - - - -

- -

- - ), - }, - { - value: 'read', - inputDisplay: ( - - - - ), - dropdownDisplay: ( - - - - -

- -

- - ), - }, - { - value: 'all', - inputDisplay: ( - - - - ), - dropdownDisplay: ( - - - - -

- -

- - ), - }, - ]} - hasDividers - valueOfSelected={kibanaPrivilege} - /> - )} - - {this.state.isCustomizingGlobalPrivilege && ( - - - isGlobalPrivilegeDefinition(k) - )} - canCustomizeSubFeaturePrivileges={this.props.canCustomizeSubFeaturePrivileges} - /> - - )} - {this.maybeRenderSpacePrivilegeWarning()} - - - - ); - } - - public getDisplayedBasePrivilege = () => { - if (this.state.isCustomizingGlobalPrivilege) { - return CUSTOM_PRIVILEGE_VALUE; - } - - const { role } = this.props; - - const form = this.locateGlobalPrivilege(role); - - return form && form.base.length > 0 ? form.base[0] : NO_PRIVILEGE_VALUE; - }; - - public onKibanaPrivilegeChange = (privilege: string) => { - const role = copyRole(this.props.role); - - const form = this.locateGlobalPrivilege(role) || this.createGlobalPrivilegeEntry(role); - - if (privilege === NO_PRIVILEGE_VALUE) { - // Remove global entry if no privilege value - role.kibana = role.kibana.filter((entry) => !isGlobalPrivilegeDefinition(entry)); - } else if (privilege === CUSTOM_PRIVILEGE_VALUE) { - // Remove base privilege if customizing feature privileges - form.base = []; - } else { - form.base = [privilege]; - form.feature = {}; - } - - this.props.onChange(role); - this.setState({ - isCustomizingGlobalPrivilege: privilege === CUSTOM_PRIVILEGE_VALUE, - globalPrivsIndex: role.kibana.indexOf(form), - }); - }; - - public onFeaturePrivilegeChange = (featureId: string, privileges: string[]) => { - const role = copyRole(this.props.role); - const form = this.locateGlobalPrivilege(role) || this.createGlobalPrivilegeEntry(role); - if (privileges.length > 0) { - form.feature[featureId] = [...privileges]; - } else { - delete form.feature[featureId]; - } - this.props.onChange(role); - }; - - private onChangeAllFeaturePrivileges = (privileges: string[]) => { - const role = copyRole(this.props.role); - - const form = this.locateGlobalPrivilege(role) || this.createGlobalPrivilegeEntry(role); - if (privileges.length > 0) { - this.props.kibanaPrivileges.getSecuredFeatures().forEach((feature) => { - form.feature[feature.id] = [...privileges]; - }); - } else { - form.feature = {}; - } - this.props.onChange(role); - }; - - private maybeRenderSpacePrivilegeWarning = () => { - const kibanaPrivileges = this.props.role.kibana; - const hasSpacePrivileges = kibanaPrivileges.some( - (privilege) => !isGlobalPrivilegeDefinition(privilege) - ); - - if (hasSpacePrivileges) { - return ( - - - - ); - } - return null; - }; - - private locateGlobalPrivilegeIndex = (role: Role) => { - return role.kibana.findIndex((privileges) => isGlobalPrivilegeDefinition(privileges)); - }; - - private locateGlobalPrivilege = (role: Role) => { - const spacePrivileges = role.kibana; - return spacePrivileges.find((privileges) => isGlobalPrivilegeDefinition(privileges)); - }; - - private createGlobalPrivilegeEntry(role: Role): RoleKibanaPrivilege { - const newEntry = { - spaces: ['*'], - base: [], - feature: {}, - }; - - role.kibana.push(newEntry); - - return newEntry; - } -} diff --git a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/unsupported_space_privileges_warning.tsx b/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/unsupported_space_privileges_warning.tsx deleted file mode 100644 index 6a81d22aceeb6e2..000000000000000 --- a/x-pack/plugins/security/public/management/roles/edit_role/privileges/kibana/simple_privilege_section/unsupported_space_privileges_warning.tsx +++ /dev/null @@ -1,26 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { EuiCallOut } from '@elastic/eui'; -import React, { Component } from 'react'; - -import { FormattedMessage } from '@kbn/i18n/react'; - -export class UnsupportedSpacePrivilegesWarning extends Component<{}, {}> { - public render() { - return ; - } - - private getMessage = () => { - return ( - - ); - }; -} diff --git a/x-pack/plugins/security/public/management/roles/roles_api_client.test.ts b/x-pack/plugins/security/public/management/roles/roles_api_client.test.ts index 3bae230377b84c6..5d510da8a331bd0 100644 --- a/x-pack/plugins/security/public/management/roles/roles_api_client.test.ts +++ b/x-pack/plugins/security/public/management/roles/roles_api_client.test.ts @@ -11,487 +11,252 @@ import type { Role } from '../../../common/model'; import { RolesAPIClient } from './roles_api_client'; describe('RolesAPIClient', () => { - async function saveRole(role: Role, spacesEnabled: boolean) { + async function saveRole(role: Role) { const httpMock = httpServiceMock.createStartContract(); const rolesAPIClient = new RolesAPIClient(httpMock); - await rolesAPIClient.saveRole({ role, spacesEnabled }); + await rolesAPIClient.saveRole({ role }); expect(httpMock.put).toHaveBeenCalledTimes(1); return JSON.parse((httpMock.put.mock.calls[0] as any)[1]?.body as any); } - describe('spaces disabled', () => { - it('removes placeholder index privileges', async () => { - const role: Role = { - name: 'my role', - elasticsearch: { - cluster: [], - indices: [{ names: [], privileges: [] }], - run_as: [], - }, - kibana: [], - }; - - const result = await saveRole(role, false); - - expect(result).toEqual({ - elasticsearch: { - cluster: [], - indices: [], - run_as: [], - }, - kibana: [], - }); + it('removes placeholder index privileges', async () => { + const role: Role = { + name: 'my role', + elasticsearch: { + cluster: [], + indices: [{ names: [], privileges: [] }], + run_as: [], + }, + kibana: [], + }; + + const result = await saveRole(role); + + expect(result).toEqual({ + elasticsearch: { + cluster: [], + indices: [], + run_as: [], + }, + kibana: [], }); + }); - it('removes placeholder query entries', async () => { - const role: Role = { - name: 'my role', - elasticsearch: { - cluster: [], - indices: [{ names: ['.kibana*'], privileges: ['all'], query: '' }], - run_as: [], - }, - kibana: [], - }; - - const result = await saveRole(role, false); - - expect(result).toEqual({ - elasticsearch: { - cluster: [], - indices: [{ names: ['.kibana*'], privileges: ['all'] }], - run_as: [], - }, - kibana: [], - }); + it('removes placeholder query entries', async () => { + const role: Role = { + name: 'my role', + elasticsearch: { + cluster: [], + indices: [{ names: ['.kibana*'], privileges: ['all'], query: '' }], + run_as: [], + }, + kibana: [], + }; + + const result = await saveRole(role); + + expect(result).toEqual({ + elasticsearch: { + cluster: [], + indices: [{ names: ['.kibana*'], privileges: ['all'] }], + run_as: [], + }, + kibana: [], }); + }); - it('removes transient fields not required for save', async () => { - const role: Role = { - name: 'my role', - transient_metadata: { - foo: 'bar', - }, - _transform_error: ['kibana'], - metadata: { - someOtherMetadata: true, - }, - _unrecognized_applications: ['foo'], - elasticsearch: { - cluster: [], - indices: [], - run_as: [], - }, - kibana: [], - }; - - const result = await saveRole(role, false); - - expect(result).toEqual({ - metadata: { - someOtherMetadata: true, - }, - elasticsearch: { - cluster: [], - indices: [], - run_as: [], - }, - kibana: [], - }); + it('removes transient fields not required for save', async () => { + const role: Role = { + name: 'my role', + transient_metadata: { + foo: 'bar', + }, + _transform_error: ['kibana'], + metadata: { + someOtherMetadata: true, + }, + _unrecognized_applications: ['foo'], + elasticsearch: { + cluster: [], + indices: [], + run_as: [], + }, + kibana: [], + }; + + const result = await saveRole(role); + + expect(result).toEqual({ + metadata: { + someOtherMetadata: true, + }, + elasticsearch: { + cluster: [], + indices: [], + run_as: [], + }, + kibana: [], }); + }); - it('does not remove actual query entries', async () => { - const role: Role = { - name: 'my role', - elasticsearch: { - cluster: [], - indices: [{ names: ['.kibana*'], privileges: ['all'], query: 'something' }], - run_as: [], - }, - kibana: [], - }; - - const result = await saveRole(role, false); - - expect(result).toEqual({ - elasticsearch: { - cluster: [], - indices: [{ names: ['.kibana*'], privileges: ['all'], query: 'something' }], - run_as: [], - }, - kibana: [], - }); + it('does not remove actual query entries', async () => { + const role: Role = { + name: 'my role', + elasticsearch: { + cluster: [], + indices: [{ names: ['.kibana*'], privileges: ['all'], query: 'something' }], + run_as: [], + }, + kibana: [], + }; + + const result = await saveRole(role); + + expect(result).toEqual({ + elasticsearch: { + cluster: [], + indices: [{ names: ['.kibana*'], privileges: ['all'], query: 'something' }], + run_as: [], + }, + kibana: [], }); + }); - it('should remove feature privileges if a corresponding base privilege is defined', async () => { - const role: Role = { - name: 'my role', - elasticsearch: { - cluster: [], - indices: [], - run_as: [], - }, - kibana: [ - { - spaces: ['*'], - base: ['all'], - feature: { - feature1: ['read'], - feature2: ['write'], - }, - }, - ], - }; - - const result = await saveRole(role, false); - - expect(result).toEqual({ - elasticsearch: { - cluster: [], - indices: [], - run_as: [], - }, - kibana: [ - { - spaces: ['*'], - base: ['all'], - feature: {}, + it('should remove feature privileges if a corresponding base privilege is defined', async () => { + const role: Role = { + name: 'my role', + elasticsearch: { + cluster: [], + indices: [], + run_as: [], + }, + kibana: [ + { + spaces: ['foo'], + base: ['all'], + feature: { + feature1: ['read'], + feature2: ['write'], }, - ], - }); - }); - - it('should not remove feature privileges if a corresponding base privilege is not defined', async () => { - const role: Role = { - name: 'my role', - elasticsearch: { - cluster: [], - indices: [], - run_as: [], }, - kibana: [ - { - spaces: ['*'], - base: [], - feature: { - feature1: ['read'], - feature2: ['write'], - }, - }, - ], - }; + ], + }; - const result = await saveRole(role, false); + const result = await saveRole(role); - expect(result).toEqual({ - elasticsearch: { - cluster: [], - indices: [], - run_as: [], + expect(result).toEqual({ + elasticsearch: { + cluster: [], + indices: [], + run_as: [], + }, + kibana: [ + { + spaces: ['foo'], + base: ['all'], + feature: {}, }, - kibana: [ - { - spaces: ['*'], - base: [], - feature: { - feature1: ['read'], - feature2: ['write'], - }, - }, - ], - }); + ], }); + }); - it('should remove space privileges', async () => { - const role: Role = { - name: 'my role', - elasticsearch: { - cluster: [], - indices: [], - run_as: [], - }, - kibana: [ - { - spaces: ['*'], - base: [], - feature: { - feature1: ['read'], - feature2: ['write'], - }, + it('should not remove feature privileges if a corresponding base privilege is not defined', async () => { + const role: Role = { + name: 'my role', + elasticsearch: { + cluster: [], + indices: [], + run_as: [], + }, + kibana: [ + { + spaces: ['foo'], + base: [], + feature: { + feature1: ['read'], + feature2: ['write'], }, - { - spaces: ['marketing'], - base: [], - feature: { - feature1: ['read'], - feature2: ['write'], - }, - }, - ], - }; - - const result = await saveRole(role, false); - - expect(result).toEqual({ - elasticsearch: { - cluster: [], - indices: [], - run_as: [], }, - kibana: [ - { - spaces: ['*'], - base: [], - feature: { - feature1: ['read'], - feature2: ['write'], - }, + ], + }; + + const result = await saveRole(role); + + expect(result).toEqual({ + elasticsearch: { + cluster: [], + indices: [], + run_as: [], + }, + kibana: [ + { + spaces: ['foo'], + base: [], + feature: { + feature1: ['read'], + feature2: ['write'], }, - ], - }); - }); - }); - - describe('spaces enabled', () => { - it('removes placeholder index privileges', async () => { - const role: Role = { - name: 'my role', - elasticsearch: { - cluster: [], - indices: [{ names: [], privileges: [] }], - run_as: [], }, - kibana: [], - }; - - const result = await saveRole(role, true); - - expect(result).toEqual({ - elasticsearch: { - cluster: [], - indices: [], - run_as: [], - }, - kibana: [], - }); - }); - - it('removes placeholder query entries', async () => { - const role: Role = { - name: 'my role', - elasticsearch: { - cluster: [], - indices: [{ names: ['.kibana*'], privileges: ['all'], query: '' }], - run_as: [], - }, - kibana: [], - }; - - const result = await saveRole(role, true); - - expect(result).toEqual({ - elasticsearch: { - cluster: [], - indices: [{ names: ['.kibana*'], privileges: ['all'] }], - run_as: [], - }, - kibana: [], - }); - }); - - it('removes transient fields not required for save', async () => { - const role: Role = { - name: 'my role', - transient_metadata: { - foo: 'bar', - }, - _transform_error: ['kibana'], - metadata: { - someOtherMetadata: true, - }, - _unrecognized_applications: ['foo'], - elasticsearch: { - cluster: [], - indices: [], - run_as: [], - }, - kibana: [], - }; - - const result = await saveRole(role, true); - - expect(result).toEqual({ - metadata: { - someOtherMetadata: true, - }, - elasticsearch: { - cluster: [], - indices: [], - run_as: [], - }, - kibana: [], - }); - }); - - it('does not remove actual query entries', async () => { - const role: Role = { - name: 'my role', - elasticsearch: { - cluster: [], - indices: [{ names: ['.kibana*'], privileges: ['all'], query: 'something' }], - run_as: [], - }, - kibana: [], - }; - - const result = await saveRole(role, true); - - expect(result).toEqual({ - elasticsearch: { - cluster: [], - indices: [{ names: ['.kibana*'], privileges: ['all'], query: 'something' }], - run_as: [], - }, - kibana: [], - }); + ], }); + }); - it('should remove feature privileges if a corresponding base privilege is defined', async () => { - const role: Role = { - name: 'my role', - elasticsearch: { - cluster: [], - indices: [], - run_as: [], - }, - kibana: [ - { - spaces: ['foo'], - base: ['all'], - feature: { - feature1: ['read'], - feature2: ['write'], - }, - }, - ], - }; - - const result = await saveRole(role, true); - - expect(result).toEqual({ - elasticsearch: { - cluster: [], - indices: [], - run_as: [], - }, - kibana: [ - { - spaces: ['foo'], - base: ['all'], - feature: {}, + it('should not remove space privileges', async () => { + const role: Role = { + name: 'my role', + elasticsearch: { + cluster: [], + indices: [], + run_as: [], + }, + kibana: [ + { + spaces: ['*'], + base: [], + feature: { + feature1: ['read'], + feature2: ['write'], }, - ], - }); - }); - - it('should not remove feature privileges if a corresponding base privilege is not defined', async () => { - const role: Role = { - name: 'my role', - elasticsearch: { - cluster: [], - indices: [], - run_as: [], }, - kibana: [ - { - spaces: ['foo'], - base: [], - feature: { - feature1: ['read'], - feature2: ['write'], - }, + { + spaces: ['marketing'], + base: [], + feature: { + feature1: ['read'], + feature2: ['write'], }, - ], - }; - - const result = await saveRole(role, true); - - expect(result).toEqual({ - elasticsearch: { - cluster: [], - indices: [], - run_as: [], }, - kibana: [ - { - spaces: ['foo'], - base: [], - feature: { - feature1: ['read'], - feature2: ['write'], - }, + ], + }; + + const result = await saveRole(role); + + expect(result).toEqual({ + elasticsearch: { + cluster: [], + indices: [], + run_as: [], + }, + kibana: [ + { + spaces: ['*'], + base: [], + feature: { + feature1: ['read'], + feature2: ['write'], }, - ], - }); - }); - - it('should not remove space privileges', async () => { - const role: Role = { - name: 'my role', - elasticsearch: { - cluster: [], - indices: [], - run_as: [], }, - kibana: [ - { - spaces: ['*'], - base: [], - feature: { - feature1: ['read'], - feature2: ['write'], - }, + { + spaces: ['marketing'], + base: [], + feature: { + feature1: ['read'], + feature2: ['write'], }, - { - spaces: ['marketing'], - base: [], - feature: { - feature1: ['read'], - feature2: ['write'], - }, - }, - ], - }; - - const result = await saveRole(role, true); - - expect(result).toEqual({ - elasticsearch: { - cluster: [], - indices: [], - run_as: [], }, - kibana: [ - { - spaces: ['*'], - base: [], - feature: { - feature1: ['read'], - feature2: ['write'], - }, - }, - { - spaces: ['marketing'], - base: [], - feature: { - feature1: ['read'], - feature2: ['write'], - }, - }, - ], - }); + ], }); }); }); diff --git a/x-pack/plugins/security/public/management/roles/roles_api_client.ts b/x-pack/plugins/security/public/management/roles/roles_api_client.ts index aff3a7ccacd66e4..5de8827207ced07 100644 --- a/x-pack/plugins/security/public/management/roles/roles_api_client.ts +++ b/x-pack/plugins/security/public/management/roles/roles_api_client.ts @@ -9,7 +9,6 @@ import type { HttpStart } from 'src/core/public'; import type { Role, RoleIndexPrivilege } from '../../../common/model'; import { copyRole } from '../../../common/model'; -import { isGlobalPrivilegeDefinition } from './edit_role/privilege_utils'; export class RolesAPIClient { constructor(private readonly http: HttpStart) {} @@ -26,13 +25,13 @@ export class RolesAPIClient { await this.http.delete(`/api/security/role/${encodeURIComponent(roleName)}`); } - public async saveRole({ role, spacesEnabled }: { role: Role; spacesEnabled: boolean }) { + public async saveRole({ role }: { role: Role }) { await this.http.put(`/api/security/role/${encodeURIComponent(role.name)}`, { - body: JSON.stringify(this.transformRoleForSave(copyRole(role), spacesEnabled)), + body: JSON.stringify(this.transformRoleForSave(copyRole(role))), }); } - private transformRoleForSave(role: Role, spacesEnabled: boolean) { + private transformRoleForSave(role: Role) { // Remove any placeholder index privileges const isPlaceholderPrivilege = (indexPrivilege: RoleIndexPrivilege) => indexPrivilege.names.length === 0; @@ -43,11 +42,6 @@ export class RolesAPIClient { // Remove any placeholder query entries role.elasticsearch.indices.forEach((index) => index.query || delete index.query); - // If spaces are disabled, then do not persist any space privileges - if (!spacesEnabled) { - role.kibana = role.kibana.filter(isGlobalPrivilegeDefinition); - } - role.kibana.forEach((kibanaPrivilege) => { // If a base privilege is defined, then do not persist feature privileges if (kibanaPrivilege.base.length > 0) { diff --git a/x-pack/plugins/spaces/server/config.test.ts b/x-pack/plugins/spaces/server/config.test.ts deleted file mode 100644 index e8c8b02ef93c29b..000000000000000 --- a/x-pack/plugins/spaces/server/config.test.ts +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { applyDeprecations, configDeprecationFactory } from '@kbn/config'; -import { deepFreeze } from '@kbn/std'; - -import { configDeprecationsMock } from '../../../../src/core/server/mocks'; -import { spacesConfigDeprecationProvider } from './config'; - -const deprecationContext = configDeprecationsMock.createContext(); - -const applyConfigDeprecations = (settings: Record = {}) => { - const deprecations = spacesConfigDeprecationProvider(configDeprecationFactory); - const deprecationMessages: string[] = []; - const { config: migrated } = applyDeprecations( - settings, - deprecations.map((deprecation) => ({ - deprecation, - path: '', - context: deprecationContext, - })), - () => - ({ message }) => - deprecationMessages.push(message) - ); - return { - messages: deprecationMessages, - migrated, - }; -}; - -describe('spaces config', () => { - describe('deprecations', () => { - describe('enabled', () => { - it('logs a warning if xpack.spaces.enabled is set to false', () => { - const originalConfig = deepFreeze({ xpack: { spaces: { enabled: false } } }); - - const { messages, migrated } = applyConfigDeprecations({ ...originalConfig }); - - expect(messages).toMatchInlineSnapshot(` - Array [ - "Disabling the Spaces plugin (xpack.spaces.enabled) will not be supported in the next major version (8.0)", - ] - `); - expect(migrated).toEqual(originalConfig); - }); - - it('does not log a warning if no settings are explicitly set', () => { - const originalConfig = deepFreeze({}); - - const { messages, migrated } = applyConfigDeprecations({ ...originalConfig }); - - expect(messages).toMatchInlineSnapshot(`Array []`); - expect(migrated).toEqual(originalConfig); - }); - - it('does not log a warning if xpack.spaces.enabled is set to true', () => { - const originalConfig = deepFreeze({ xpack: { spaces: { enabled: true } } }); - - const { messages, migrated } = applyConfigDeprecations({ ...originalConfig }); - - expect(messages).toMatchInlineSnapshot(`Array []`); - expect(migrated).toEqual(originalConfig); - }); - }); - }); -}); diff --git a/x-pack/plugins/spaces/server/config.ts b/x-pack/plugins/spaces/server/config.ts index 29f8e0cdf692f65..7b4c85e3edcdc2c 100644 --- a/x-pack/plugins/spaces/server/config.ts +++ b/x-pack/plugins/spaces/server/config.ts @@ -9,37 +9,15 @@ import type { Observable } from 'rxjs'; import type { TypeOf } from '@kbn/config-schema'; import { schema } from '@kbn/config-schema'; -import type { - ConfigDeprecation, - ConfigDeprecationProvider, - PluginInitializerContext, -} from 'src/core/server'; +import type { PluginInitializerContext } from 'src/core/server'; export const ConfigSchema = schema.object({ - enabled: schema.boolean({ defaultValue: true }), maxSpaces: schema.number({ defaultValue: 1000 }), }); export function createConfig$(context: PluginInitializerContext) { return context.config.create>(); } - -const disabledDeprecation: ConfigDeprecation = (config, fromPath, addDeprecation) => { - if (config.xpack?.spaces?.enabled === false) { - addDeprecation({ - configPath: 'xpack.spaces.enabled', - message: `Disabling the Spaces plugin (xpack.spaces.enabled) will not be supported in the next major version (8.0)`, - correctiveActions: { - manualSteps: [`Remove "xpack.spaces.enabled: false" from your Kibana configuration`], - }, - }); - } -}; - -export const spacesConfigDeprecationProvider: ConfigDeprecationProvider = () => { - return [disabledDeprecation]; -}; - export type ConfigType = ReturnType extends Observable ? P : ReturnType; diff --git a/x-pack/plugins/spaces/server/index.ts b/x-pack/plugins/spaces/server/index.ts index 31714df958d49c0..ad27069759198b9 100644 --- a/x-pack/plugins/spaces/server/index.ts +++ b/x-pack/plugins/spaces/server/index.ts @@ -7,7 +7,7 @@ import type { PluginConfigDescriptor, PluginInitializerContext } from 'src/core/server'; -import { ConfigSchema, spacesConfigDeprecationProvider } from './config'; +import { ConfigSchema } from './config'; import { SpacesPlugin } from './plugin'; // These exports are part of public Spaces plugin contract, any change in signature of exported @@ -33,7 +33,6 @@ export type { export const config: PluginConfigDescriptor = { schema: ConfigSchema, - deprecations: spacesConfigDeprecationProvider, }; export const plugin = (initializerContext: PluginInitializerContext) => new SpacesPlugin(initializerContext); diff --git a/x-pack/plugins/spaces/server/spaces_client/spaces_client.test.ts b/x-pack/plugins/spaces/server/spaces_client/spaces_client.test.ts index ae9fc254c09347f..e594306f5ee3aa2 100644 --- a/x-pack/plugins/spaces/server/spaces_client/spaces_client.test.ts +++ b/x-pack/plugins/spaces/server/spaces_client/spaces_client.test.ts @@ -16,7 +16,7 @@ const createMockDebugLogger = () => { return jest.fn(); }; -const createMockConfig = (mockConfig: ConfigType = { maxSpaces: 1000, enabled: true }) => { +const createMockConfig = (mockConfig: ConfigType = { maxSpaces: 1000 }) => { return ConfigSchema.validate(mockConfig); }; @@ -75,10 +75,7 @@ describe('#getAll', () => { mockCallWithRequestRepository.find.mockResolvedValue({ saved_objects: savedObjects, } as any); - const mockConfig = createMockConfig({ - maxSpaces: 1234, - enabled: true, - }); + const mockConfig = createMockConfig({ maxSpaces: 1234 }); const client = new SpacesClient(mockDebugLogger, mockConfig, mockCallWithRequestRepository); const actualSpaces = await client.getAll(); @@ -182,10 +179,7 @@ describe('#create', () => { total: maxSpaces - 1, } as any); - const mockConfig = createMockConfig({ - maxSpaces, - enabled: true, - }); + const mockConfig = createMockConfig({ maxSpaces }); const client = new SpacesClient(mockDebugLogger, mockConfig, mockCallWithRequestRepository); @@ -211,10 +205,7 @@ describe('#create', () => { total: maxSpaces, } as any); - const mockConfig = createMockConfig({ - maxSpaces, - enabled: true, - }); + const mockConfig = createMockConfig({ maxSpaces }); const client = new SpacesClient(mockDebugLogger, mockConfig, mockCallWithRequestRepository); diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 7680c268fd6b73d..2e17a38e83c683d 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -19998,23 +19998,7 @@ "xpack.security.management.editRole.roleNameFormRowTitle": "ロール名", "xpack.security.management.editRole.roleSuccessfullyDeletedNotificationMessage": "ロールを削除しました", "xpack.security.management.editRole.roleSuccessfullySavedNotificationMessage": "ロールを保存しました", - "xpack.security.management.editRole.setPrivilegesToKibanaDescription": "Elasticsearch データの権限を設定し、Kibana へのアクセスを管理します。", "xpack.security.management.editRole.setPrivilegesToKibanaSpacesDescription": "Elasticsearch データの権限を設定し、Kibana スペースへのアクセスを管理します。", - "xpack.security.management.editRole.simplePrivilegeForm.allPrivilegeDropdown": "すべて", - "xpack.security.management.editRole.simplePrivilegeForm.allPrivilegeDropdownDescription": "Kibana 全体への完全アクセスを許可します", - "xpack.security.management.editRole.simplePrivilegeForm.allPrivilegeInput": "すべて", - "xpack.security.management.editRole.simplePrivilegeForm.customPrivilegeDropdown": "カスタム", - "xpack.security.management.editRole.simplePrivilegeForm.customPrivilegeDropdownDescription": "Kibana へのアクセスをカスタマイズします", - "xpack.security.management.editRole.simplePrivilegeForm.customPrivilegeInput": "カスタム", - "xpack.security.management.editRole.simplePrivilegeForm.kibanaPrivilegesTitle": "Kibanaの権限", - "xpack.security.management.editRole.simplePrivilegeForm.noPrivilegeDropdown": "なし", - "xpack.security.management.editRole.simplePrivilegeForm.noPrivilegeDropdownDescription": "Kibana へのアクセス不可", - "xpack.security.management.editRole.simplePrivilegeForm.noPrivilegeInput": "なし", - "xpack.security.management.editRole.simplePrivilegeForm.readPrivilegeDropdown": "読み取り", - "xpack.security.management.editRole.simplePrivilegeForm.readPrivilegeDropdownDescription": "Kibana 全体への読み込み専用アクセスを許可します", - "xpack.security.management.editRole.simplePrivilegeForm.readPrivilegeInput": "読み取り", - "xpack.security.management.editRole.simplePrivilegeForm.specifyPrivilegeForRoleDescription": "このロールの Kibana の権限を指定します。", - "xpack.security.management.editRole.simplePrivilegeForm.unsupportedSpacePrivilegesWarning": "このロールはスペースへの権限が定義されていますが、Kibana でスペースが有効ではありません。このロールを保存するとこれらの権限が削除されます。", "xpack.security.management.editRole.spaceAwarePrivilegeForm.ensureAccountHasAllPrivilegesGrantedDescription": "{kibanaAdmin}ロールによりアカウントにすべての権限が提供されていることを確認し、再試行してください。", "xpack.security.management.editRole.spaceAwarePrivilegeForm.globalSpacesName": "*すべてのスペース", "xpack.security.management.editRole.spaceAwarePrivilegeForm.howToViewAllAvailableSpacesDescription": "利用可能なすべてのスペースを表示する権限がありません。", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index c74915ad72a5247..d990312f5d61973 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -20295,23 +20295,7 @@ "xpack.security.management.editRole.roleNameFormRowTitle": "角色名称", "xpack.security.management.editRole.roleSuccessfullyDeletedNotificationMessage": "已删除角色", "xpack.security.management.editRole.roleSuccessfullySavedNotificationMessage": "保存的角色", - "xpack.security.management.editRole.setPrivilegesToKibanaDescription": "设置 Elasticsearch 数据的权限并控制对 Kibana 的访问权限。", "xpack.security.management.editRole.setPrivilegesToKibanaSpacesDescription": "设置 Elasticsearch 数据的权限并控制对 Kibana 空间的访问权限。", - "xpack.security.management.editRole.simplePrivilegeForm.allPrivilegeDropdown": "全部", - "xpack.security.management.editRole.simplePrivilegeForm.allPrivilegeDropdownDescription": "授予对 Kibana 全部功能的完全权限", - "xpack.security.management.editRole.simplePrivilegeForm.allPrivilegeInput": "全部", - "xpack.security.management.editRole.simplePrivilegeForm.customPrivilegeDropdown": "定制", - "xpack.security.management.editRole.simplePrivilegeForm.customPrivilegeDropdownDescription": "定制对 Kibana 的访问权限", - "xpack.security.management.editRole.simplePrivilegeForm.customPrivilegeInput": "定制", - "xpack.security.management.editRole.simplePrivilegeForm.kibanaPrivilegesTitle": "Kibana 权限", - "xpack.security.management.editRole.simplePrivilegeForm.noPrivilegeDropdown": "无", - "xpack.security.management.editRole.simplePrivilegeForm.noPrivilegeDropdownDescription": "没有对 Kibana 的访问权限", - "xpack.security.management.editRole.simplePrivilegeForm.noPrivilegeInput": "无", - "xpack.security.management.editRole.simplePrivilegeForm.readPrivilegeDropdown": "读取", - "xpack.security.management.editRole.simplePrivilegeForm.readPrivilegeDropdownDescription": "授予对 Kibana 全部功能的只读权限。", - "xpack.security.management.editRole.simplePrivilegeForm.readPrivilegeInput": "读取", - "xpack.security.management.editRole.simplePrivilegeForm.specifyPrivilegeForRoleDescription": "为此角色指定 Kibana 权限。", - "xpack.security.management.editRole.simplePrivilegeForm.unsupportedSpacePrivilegesWarning": "此角色包含工作区的权限定义,但在 Kibana 中未启用工作区。保存此角色将会移除这些权限。", "xpack.security.management.editRole.spaceAwarePrivilegeForm.ensureAccountHasAllPrivilegesGrantedDescription": "请确保您的帐户具有 {kibanaAdmin} 角色授予的所有权限,然后重试。", "xpack.security.management.editRole.spaceAwarePrivilegeForm.globalSpacesName": "* 所有工作区", "xpack.security.management.editRole.spaceAwarePrivilegeForm.howToViewAllAvailableSpacesDescription": "您无权查看所有可用工作区。", diff --git a/x-pack/plugins/upgrade_assistant/__jest__/client_integration/overview/review_logs_step/mocked_responses.ts b/x-pack/plugins/upgrade_assistant/__jest__/client_integration/overview/review_logs_step/mocked_responses.ts index 5f1e30ec52b1d75..57373dbf072695e 100644 --- a/x-pack/plugins/upgrade_assistant/__jest__/client_integration/overview/review_logs_step/mocked_responses.ts +++ b/x-pack/plugins/upgrade_assistant/__jest__/client_integration/overview/review_logs_step/mocked_responses.ts @@ -44,8 +44,7 @@ export const kibanaDeprecations: DomainDeprecationDetails[] = [ correctiveActions: { manualSteps: ['test-step'] }, domainId: 'xpack.spaces', level: 'critical', - message: - 'Disabling the Spaces plugin (xpack.spaces.enabled) will not be supported in the next major version (8.0)', + message: 'Sample warning deprecation', }, { title: 'mock-deprecation-title', diff --git a/x-pack/scripts/functional_tests.js b/x-pack/scripts/functional_tests.js index 6cb80d6d4b74d61..e31b12cd0115d73 100644 --- a/x-pack/scripts/functional_tests.js +++ b/x-pack/scripts/functional_tests.js @@ -36,7 +36,6 @@ const onlyNotInCoverageTests = [ require.resolve('../test/case_api_integration/security_and_spaces/config_basic.ts'), require.resolve('../test/case_api_integration/security_and_spaces/config_trial.ts'), require.resolve('../test/case_api_integration/spaces_only/config.ts'), - require.resolve('../test/case_api_integration/security_only/config.ts'), require.resolve('../test/apm_api_integration/basic/config.ts'), require.resolve('../test/apm_api_integration/trial/config.ts'), require.resolve('../test/apm_api_integration/rules/config.ts'), @@ -71,11 +70,8 @@ const onlyNotInCoverageTests = [ require.resolve('../test/spaces_api_integration/security_and_spaces/config_basic.ts'), require.resolve('../test/saved_object_api_integration/security_and_spaces/config_trial.ts'), require.resolve('../test/saved_object_api_integration/security_and_spaces/config_basic.ts'), - require.resolve('../test/saved_object_api_integration/security_only/config_trial.ts'), - require.resolve('../test/saved_object_api_integration/security_only/config_basic.ts'), require.resolve('../test/saved_object_api_integration/spaces_only/config.ts'), require.resolve('../test/ui_capabilities/security_and_spaces/config.ts'), - require.resolve('../test/ui_capabilities/security_only/config.ts'), require.resolve('../test/ui_capabilities/spaces_only/config.ts'), require.resolve('../test/upgrade_assistant_integration/config.js'), require.resolve('../test/licensing_plugin/config.ts'), diff --git a/x-pack/test/case_api_integration/common/lib/authentication/roles.ts b/x-pack/test/case_api_integration/common/lib/authentication/roles.ts index 9ded86ef6524fc6..8e67d8dfc15261e 100644 --- a/x-pack/test/case_api_integration/common/lib/authentication/roles.ts +++ b/x-pack/test/case_api_integration/common/lib/authentication/roles.ts @@ -276,17 +276,3 @@ export const observabilityOnlyReadSpacesAll: Role = { ], }, }; - -/** - * These roles are specifically for the security_only tests where the spaces plugin is disabled. Most of the roles (except - * for noKibanaPrivileges) have spaces: ['*'] effectively giving it access to the default space since no other spaces - * will exist when the spaces plugin is disabled. - */ -export const rolesDefaultSpace = [ - noKibanaPrivileges, - globalRead, - securitySolutionOnlyAllSpacesAll, - securitySolutionOnlyReadSpacesAll, - observabilityOnlyAllSpacesAll, - observabilityOnlyReadSpacesAll, -]; diff --git a/x-pack/test/case_api_integration/common/lib/authentication/users.ts b/x-pack/test/case_api_integration/common/lib/authentication/users.ts index d10e932f9240532..f848a37c87e4906 100644 --- a/x-pack/test/case_api_integration/common/lib/authentication/users.ts +++ b/x-pack/test/case_api_integration/common/lib/authentication/users.ts @@ -132,18 +132,3 @@ export const obsSecReadSpacesAll: User = { password: 'obs_sec_read', roles: [securitySolutionOnlyReadSpacesAll.name, observabilityOnlyReadSpacesAll.name], }; - -/** - * These users are for the security_only tests because most of them have access to the default space instead of 'space1' - */ -export const usersDefaultSpace = [ - superUser, - secOnlySpacesAll, - secOnlyReadSpacesAll, - obsOnlySpacesAll, - obsOnlyReadSpacesAll, - obsSecSpacesAll, - obsSecReadSpacesAll, - globalRead, - noKibanaPrivileges, -]; diff --git a/x-pack/test/case_api_integration/security_only/config.ts b/x-pack/test/case_api_integration/security_only/config.ts deleted file mode 100644 index 5946b8d25b46412..000000000000000 --- a/x-pack/test/case_api_integration/security_only/config.ts +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { createTestConfig } from '../common/config'; - -// eslint-disable-next-line import/no-default-export -export default createTestConfig('security_only', { - disabledPlugins: ['spaces'], - license: 'trial', - ssl: true, - testFiles: [require.resolve('./tests/trial')], -}); diff --git a/x-pack/test/case_api_integration/security_only/tests/common/alerts/get_cases.ts b/x-pack/test/case_api_integration/security_only/tests/common/alerts/get_cases.ts deleted file mode 100644 index f55427d13b32bf0..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/alerts/get_cases.ts +++ /dev/null @@ -1,242 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { getPostCaseRequest, postCommentAlertReq } from '../../../../common/lib/mock'; -import { - createCase, - createComment, - getCasesByAlert, - deleteAllCaseItems, -} from '../../../../common/lib/utils'; -import { - globalRead, - noKibanaPrivileges, - obsOnlyReadSpacesAll, - obsSecSpacesAll, - obsSecReadSpacesAll, - secOnlyReadSpacesAll, - superUser, -} from '../../../../common/lib/authentication/users'; -import { - obsOnlyDefaultSpaceAuth, - secOnlyDefaultSpaceAuth, - superUserDefaultSpaceAuth, - obsSecDefaultSpaceAuth, -} from '../../../utils'; -import { validateCasesFromAlertIDResponse } from '../../../../common/lib/validation'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertest = getService('supertest'); - const es = getService('es'); - - describe('get_cases using alertID', () => { - afterEach(async () => { - await deleteAllCaseItems(es); - }); - - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - it('should return the correct cases info', async () => { - const [case1, case2, case3] = await Promise.all([ - createCase(supertestWithoutAuth, getPostCaseRequest(), 200, secOnlyDefaultSpaceAuth), - createCase(supertestWithoutAuth, getPostCaseRequest(), 200, secOnlyDefaultSpaceAuth), - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - obsOnlyDefaultSpaceAuth - ), - ]); - - await Promise.all([ - createComment({ - supertest: supertestWithoutAuth, - caseId: case1.id, - params: postCommentAlertReq, - auth: secOnlyDefaultSpaceAuth, - }), - createComment({ - supertest: supertestWithoutAuth, - caseId: case2.id, - params: postCommentAlertReq, - auth: secOnlyDefaultSpaceAuth, - }), - createComment({ - supertest: supertestWithoutAuth, - caseId: case3.id, - params: { ...postCommentAlertReq, owner: 'observabilityFixture' }, - auth: obsOnlyDefaultSpaceAuth, - }), - ]); - - for (const scenario of [ - { - user: globalRead, - cases: [case1, case2, case3], - }, - { - user: superUser, - cases: [case1, case2, case3], - }, - { user: secOnlyReadSpacesAll, cases: [case1, case2] }, - { user: obsOnlyReadSpacesAll, cases: [case3] }, - { - user: obsSecReadSpacesAll, - cases: [case1, case2, case3], - }, - ]) { - const cases = await getCasesByAlert({ - supertest: supertestWithoutAuth, - // cast because the official type is string | string[] but the ids will always be a single value in the tests - alertID: postCommentAlertReq.alertId as string, - auth: { - user: scenario.user, - space: null, - }, - }); - - expect(cases.length).to.eql(scenario.cases.length); - validateCasesFromAlertIDResponse(cases, scenario.cases); - } - }); - - it(`User ${ - noKibanaPrivileges.username - } with role(s) ${noKibanaPrivileges.roles.join()} - should not get cases`, async () => { - const caseInfo = await createCase(supertest, getPostCaseRequest(), 200, { - user: superUser, - space: null, - }); - - await createComment({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - params: postCommentAlertReq, - auth: superUserDefaultSpaceAuth, - }); - - await getCasesByAlert({ - supertest: supertestWithoutAuth, - alertID: postCommentAlertReq.alertId as string, - auth: { user: noKibanaPrivileges, space: null }, - expectedHttpCode: 403, - }); - }); - - it('should return a 404 when attempting to access a space', async () => { - const [case1, case2] = await Promise.all([ - createCase(supertestWithoutAuth, getPostCaseRequest(), 200, obsSecDefaultSpaceAuth), - createCase( - supertestWithoutAuth, - { ...getPostCaseRequest(), owner: 'observabilityFixture' }, - 200, - obsSecDefaultSpaceAuth - ), - ]); - - await Promise.all([ - createComment({ - supertest: supertestWithoutAuth, - caseId: case1.id, - params: postCommentAlertReq, - auth: obsSecDefaultSpaceAuth, - }), - createComment({ - supertest: supertestWithoutAuth, - caseId: case2.id, - params: { ...postCommentAlertReq, owner: 'observabilityFixture' }, - auth: obsSecDefaultSpaceAuth, - }), - ]); - - await getCasesByAlert({ - supertest: supertestWithoutAuth, - alertID: postCommentAlertReq.alertId as string, - auth: { user: obsSecSpacesAll, space: 'space1' }, - query: { owner: 'securitySolutionFixture' }, - expectedHttpCode: 404, - }); - }); - - it('should respect the owner filter when have permissions', async () => { - const [case1, case2] = await Promise.all([ - createCase(supertestWithoutAuth, getPostCaseRequest(), 200, obsSecDefaultSpaceAuth), - createCase( - supertestWithoutAuth, - { ...getPostCaseRequest(), owner: 'observabilityFixture' }, - 200, - obsSecDefaultSpaceAuth - ), - ]); - - await Promise.all([ - createComment({ - supertest: supertestWithoutAuth, - caseId: case1.id, - params: postCommentAlertReq, - auth: obsSecDefaultSpaceAuth, - }), - createComment({ - supertest: supertestWithoutAuth, - caseId: case2.id, - params: { ...postCommentAlertReq, owner: 'observabilityFixture' }, - auth: obsSecDefaultSpaceAuth, - }), - ]); - - const cases = await getCasesByAlert({ - supertest: supertestWithoutAuth, - alertID: postCommentAlertReq.alertId as string, - auth: obsSecDefaultSpaceAuth, - query: { owner: 'securitySolutionFixture' }, - }); - - expect(cases).to.eql([{ id: case1.id, title: case1.title }]); - }); - - it('should return the correct cases info when the owner query parameter contains unprivileged values', async () => { - const [case1, case2] = await Promise.all([ - createCase(supertestWithoutAuth, getPostCaseRequest(), 200, obsSecDefaultSpaceAuth), - createCase( - supertestWithoutAuth, - { ...getPostCaseRequest(), owner: 'observabilityFixture' }, - 200, - obsSecDefaultSpaceAuth - ), - ]); - - await Promise.all([ - createComment({ - supertest: supertestWithoutAuth, - caseId: case1.id, - params: postCommentAlertReq, - auth: obsSecDefaultSpaceAuth, - }), - createComment({ - supertest: supertestWithoutAuth, - caseId: case2.id, - params: { ...postCommentAlertReq, owner: 'observabilityFixture' }, - auth: obsSecDefaultSpaceAuth, - }), - ]); - - const cases = await getCasesByAlert({ - supertest: supertestWithoutAuth, - alertID: postCommentAlertReq.alertId as string, - auth: secOnlyDefaultSpaceAuth, - // The secOnlyDefaultSpace user does not have permissions for observability cases, so it should only return the security solution one - query: { owner: ['securitySolutionFixture', 'observabilityFixture'] }, - }); - - expect(cases).to.eql([{ id: case1.id, title: case1.title }]); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/cases/delete_cases.ts b/x-pack/test/case_api_integration/security_only/tests/common/cases/delete_cases.ts deleted file mode 100644 index 9ece177b2149141..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/cases/delete_cases.ts +++ /dev/null @@ -1,157 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { getPostCaseRequest } from '../../../../common/lib/mock'; -import { - deleteCasesByESQuery, - deleteCasesUserActions, - deleteComments, - createCase, - deleteCases, - getCase, -} from '../../../../common/lib/utils'; -import { - secOnlySpacesAll, - secOnlyReadSpacesAll, - globalRead, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, -} from '../../../../common/lib/authentication/users'; -import { - obsOnlyDefaultSpaceAuth, - secOnlyDefaultSpaceAuth, - superUserDefaultSpaceAuth, -} from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const es = getService('es'); - - describe('delete_cases', () => { - afterEach(async () => { - await deleteCasesByESQuery(es); - await deleteComments(es); - await deleteCasesUserActions(es); - }); - - it('User: security solution only - should delete a case', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - secOnlyDefaultSpaceAuth - ); - - await deleteCases({ - supertest: supertestWithoutAuth, - caseIDs: [postedCase.id], - expectedHttpCode: 204, - auth: secOnlyDefaultSpaceAuth, - }); - }); - - it('User: security solution only - should NOT delete a case of different owner', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - secOnlyDefaultSpaceAuth - ); - - await deleteCases({ - supertest: supertestWithoutAuth, - caseIDs: [postedCase.id], - expectedHttpCode: 403, - auth: obsOnlyDefaultSpaceAuth, - }); - }); - - it('should get an error if the user has not permissions to all requested cases', async () => { - const caseSec = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - secOnlyDefaultSpaceAuth - ); - - const caseObs = await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - obsOnlyDefaultSpaceAuth - ); - - await deleteCases({ - supertest: supertestWithoutAuth, - caseIDs: [caseSec.id, caseObs.id], - expectedHttpCode: 403, - auth: obsOnlyDefaultSpaceAuth, - }); - - // Cases should have not been deleted. - await getCase({ - supertest: supertestWithoutAuth, - caseId: caseSec.id, - expectedHttpCode: 200, - auth: superUserDefaultSpaceAuth, - }); - - await getCase({ - supertest: supertestWithoutAuth, - caseId: caseObs.id, - expectedHttpCode: 200, - auth: superUserDefaultSpaceAuth, - }); - }); - - for (const user of [ - globalRead, - secOnlyReadSpacesAll, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, - ]) { - it(`User ${ - user.username - } with role(s) ${user.roles.join()} - should NOT delete a case`, async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - await deleteCases({ - supertest: supertestWithoutAuth, - caseIDs: [postedCase.id], - expectedHttpCode: 403, - auth: { user, space: null }, - }); - }); - } - - it('should return a 404 when attempting to access a space', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - await deleteCases({ - supertest: supertestWithoutAuth, - caseIDs: [postedCase.id], - expectedHttpCode: 404, - auth: { user: secOnlySpacesAll, space: 'space1' }, - }); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/cases/find_cases.ts b/x-pack/test/case_api_integration/security_only/tests/common/cases/find_cases.ts deleted file mode 100644 index 711eccbe1627860..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/cases/find_cases.ts +++ /dev/null @@ -1,245 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { CASES_URL } from '../../../../../../plugins/cases/common/constants'; -import { getPostCaseRequest } from '../../../../common/lib/mock'; -import { - deleteAllCaseItems, - ensureSavedObjectIsAuthorized, - findCases, - createCase, -} from '../../../../common/lib/utils'; -import { - secOnlySpacesAll, - obsOnlyReadSpacesAll, - secOnlyReadSpacesAll, - noKibanaPrivileges, - superUser, - globalRead, - obsSecReadSpacesAll, -} from '../../../../common/lib/authentication/users'; -import { - obsOnlyDefaultSpaceAuth, - obsSecDefaultSpaceAuth, - secOnlyDefaultSpaceAuth, - superUserDefaultSpaceAuth, -} from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertest = getService('supertest'); - const es = getService('es'); - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - describe('find_cases', () => { - afterEach(async () => { - await deleteAllCaseItems(es); - }); - - it('should return the correct cases', async () => { - await Promise.all([ - // Create case owned by the security solution user - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture' }), - 200, - secOnlyDefaultSpaceAuth - ), - // Create case owned by the observability user - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - obsOnlyDefaultSpaceAuth - ), - ]); - - for (const scenario of [ - { - user: globalRead, - numberOfExpectedCases: 2, - owners: ['securitySolutionFixture', 'observabilityFixture'], - }, - { - user: superUser, - numberOfExpectedCases: 2, - owners: ['securitySolutionFixture', 'observabilityFixture'], - }, - { - user: secOnlyReadSpacesAll, - numberOfExpectedCases: 1, - owners: ['securitySolutionFixture'], - }, - { - user: obsOnlyReadSpacesAll, - numberOfExpectedCases: 1, - owners: ['observabilityFixture'], - }, - { - user: obsSecReadSpacesAll, - numberOfExpectedCases: 2, - owners: ['securitySolutionFixture', 'observabilityFixture'], - }, - ]) { - const res = await findCases({ - supertest: supertestWithoutAuth, - auth: { - user: scenario.user, - space: null, - }, - }); - - ensureSavedObjectIsAuthorized(res.cases, scenario.numberOfExpectedCases, scenario.owners); - } - }); - - it(`User ${ - noKibanaPrivileges.username - } with role(s) ${noKibanaPrivileges.roles.join()} - should NOT read a case`, async () => { - await createCase(supertestWithoutAuth, getPostCaseRequest(), 200, superUserDefaultSpaceAuth); - - await findCases({ - supertest: supertestWithoutAuth, - auth: { - user: noKibanaPrivileges, - space: null, - }, - expectedHttpCode: 403, - }); - }); - - it('should return a 404 when attempting to access a space', async () => { - await createCase(supertestWithoutAuth, getPostCaseRequest(), 200, superUserDefaultSpaceAuth); - - await findCases({ - supertest: supertestWithoutAuth, - auth: { user: secOnlySpacesAll, space: 'space1' }, - expectedHttpCode: 404, - }); - }); - - it('should return the correct cases when trying to exploit RBAC through the search query parameter', async () => { - await Promise.all([ - // super user creates a case with owner securitySolutionFixture - createCase(supertestWithoutAuth, getPostCaseRequest(), 200, superUserDefaultSpaceAuth), - // super user creates a case with owner observabilityFixture - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - superUserDefaultSpaceAuth - ), - ]); - - const res = await findCases({ - supertest: supertestWithoutAuth, - query: { - search: 'securitySolutionFixture observabilityFixture', - searchFields: 'owner', - }, - auth: secOnlyDefaultSpaceAuth, - }); - - ensureSavedObjectIsAuthorized(res.cases, 1, ['securitySolutionFixture']); - }); - - // This test is to prevent a future developer to add the filter attribute without taking into consideration - // the authorizationFilter produced by the cases authorization class - it('should NOT allow to pass a filter query parameter', async () => { - await supertest - .get( - `${CASES_URL}/_find?sortOrder=asc&filter=cases.attributes.owner:"observabilityFixture"` - ) - .set('kbn-xsrf', 'true') - .send() - .expect(400); - }); - - // This test ensures that the user is not allowed to define the namespaces query param - // so she cannot search across spaces - it('should NOT allow to pass a namespaces query parameter', async () => { - await supertest - .get(`${CASES_URL}/_find?sortOrder=asc&namespaces[0]=*`) - .set('kbn-xsrf', 'true') - .send() - .expect(400); - - await supertest - .get(`${CASES_URL}/_find?sortOrder=asc&namespaces=*`) - .set('kbn-xsrf', 'true') - .send() - .expect(400); - }); - - it('should NOT allow to pass a non supported query parameter', async () => { - await supertest - .get(`${CASES_URL}/_find?notExists=papa`) - .set('kbn-xsrf', 'true') - .send() - .expect(400); - }); - - it('should respect the owner filter when having permissions', async () => { - await Promise.all([ - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture' }), - 200, - obsSecDefaultSpaceAuth - ), - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - obsOnlyDefaultSpaceAuth - ), - ]); - - const res = await findCases({ - supertest: supertestWithoutAuth, - query: { - owner: 'securitySolutionFixture', - searchFields: 'owner', - }, - auth: obsSecDefaultSpaceAuth, - }); - - ensureSavedObjectIsAuthorized(res.cases, 1, ['securitySolutionFixture']); - }); - - it('should return the correct cases when trying to exploit RBAC through the owner query parameter', async () => { - await Promise.all([ - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture' }), - 200, - obsSecDefaultSpaceAuth - ), - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - obsSecDefaultSpaceAuth - ), - ]); - - // User with permissions only to security solution request cases from observability - const res = await findCases({ - supertest: supertestWithoutAuth, - query: { - owner: ['securitySolutionFixture', 'observabilityFixture'], - }, - auth: secOnlyDefaultSpaceAuth, - }); - - // Only security solution cases are being returned - ensureSavedObjectIsAuthorized(res.cases, 1, ['securitySolutionFixture']); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/cases/get_case.ts b/x-pack/test/case_api_integration/security_only/tests/common/cases/get_case.ts deleted file mode 100644 index 3bdb4c5ed310e3d..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/cases/get_case.ts +++ /dev/null @@ -1,144 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { AttributesTypeUser } from '../../../../../../plugins/cases/common/api'; -import { postCommentUserReq, getPostCaseRequest } from '../../../../common/lib/mock'; -import { - deleteCasesByESQuery, - createCase, - getCase, - createComment, - removeServerGeneratedPropertiesFromSavedObject, -} from '../../../../common/lib/utils'; -import { - secOnlySpacesAll, - obsOnlySpacesAll, - globalRead, - superUser, - secOnlyReadSpacesAll, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, - obsSecSpacesAll, -} from '../../../../common/lib/authentication/users'; -import { getUserInfo } from '../../../../common/lib/authentication'; -import { secOnlyDefaultSpaceAuth, superUserDefaultSpaceAuth } from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const es = getService('es'); - - describe('get_case', () => { - afterEach(async () => { - await deleteCasesByESQuery(es); - }); - - it('should get a case', async () => { - const newCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - for (const user of [ - globalRead, - superUser, - secOnlySpacesAll, - secOnlyReadSpacesAll, - obsSecSpacesAll, - obsSecReadSpacesAll, - ]) { - const theCase = await getCase({ - supertest: supertestWithoutAuth, - caseId: newCase.id, - auth: { user, space: null }, - }); - - expect(theCase.owner).to.eql('securitySolutionFixture'); - } - }); - - it('should get a case with comments', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - secOnlyDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - params: postCommentUserReq, - expectedHttpCode: 200, - auth: secOnlyDefaultSpaceAuth, - }); - - const theCase = await getCase({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - includeComments: true, - auth: secOnlyDefaultSpaceAuth, - }); - - const comment = removeServerGeneratedPropertiesFromSavedObject( - theCase.comments![0] as AttributesTypeUser - ); - - expect(theCase.comments?.length).to.eql(1); - expect(comment).to.eql({ - type: postCommentUserReq.type, - comment: postCommentUserReq.comment, - associationType: 'case', - created_by: getUserInfo(secOnlySpacesAll), - pushed_at: null, - pushed_by: null, - updated_by: null, - owner: 'securitySolutionFixture', - }); - }); - - it('should not get a case when the user does not have access to owner', async () => { - const newCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - for (const user of [noKibanaPrivileges, obsOnlySpacesAll, obsOnlyReadSpacesAll]) { - await getCase({ - supertest: supertestWithoutAuth, - caseId: newCase.id, - expectedHttpCode: 403, - auth: { user, space: null }, - }); - } - }); - - it('should return a 404 when attempting to access a space', async () => { - const newCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - await getCase({ - supertest: supertestWithoutAuth, - caseId: newCase.id, - expectedHttpCode: 404, - auth: { user: secOnlySpacesAll, space: 'space1' }, - }); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/cases/patch_cases.ts b/x-pack/test/case_api_integration/security_only/tests/common/cases/patch_cases.ts deleted file mode 100644 index bfab3fce7adbe8b..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/cases/patch_cases.ts +++ /dev/null @@ -1,243 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { getPostCaseRequest, postCaseReq } from '../../../../common/lib/mock'; -import { - deleteAllCaseItems, - createCase, - updateCase, - findCases, - getAuthWithSuperUser, -} from '../../../../common/lib/utils'; - -import { - globalRead, - noKibanaPrivileges, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - secOnlySpacesAll, - secOnlyReadSpacesAll, - superUser, -} from '../../../../common/lib/authentication/users'; -import { - obsOnlyDefaultSpaceAuth, - secOnlyDefaultSpaceAuth, - superUserDefaultSpaceAuth, -} from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertest = getService('supertest'); - const es = getService('es'); - - describe('patch_cases', () => { - afterEach(async () => { - await deleteAllCaseItems(es); - }); - - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - it('should update a case when the user has the correct permissions', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - postCaseReq, - 200, - secOnlyDefaultSpaceAuth - ); - - const patchedCases = await updateCase({ - supertest: supertestWithoutAuth, - params: { - cases: [ - { - id: postedCase.id, - version: postedCase.version, - title: 'new title', - }, - ], - }, - auth: secOnlyDefaultSpaceAuth, - }); - - expect(patchedCases[0].owner).to.eql('securitySolutionFixture'); - }); - - it('should update multiple cases when the user has the correct permissions', async () => { - const [case1, case2, case3] = await Promise.all([ - createCase(supertestWithoutAuth, postCaseReq, 200, superUserDefaultSpaceAuth), - createCase(supertestWithoutAuth, postCaseReq, 200, superUserDefaultSpaceAuth), - createCase(supertestWithoutAuth, postCaseReq, 200, superUserDefaultSpaceAuth), - ]); - - const patchedCases = await updateCase({ - supertest: supertestWithoutAuth, - params: { - cases: [ - { - id: case1.id, - version: case1.version, - title: 'new title', - }, - { - id: case2.id, - version: case2.version, - title: 'new title', - }, - { - id: case3.id, - version: case3.version, - title: 'new title', - }, - ], - }, - auth: secOnlyDefaultSpaceAuth, - }); - - expect(patchedCases[0].owner).to.eql('securitySolutionFixture'); - expect(patchedCases[1].owner).to.eql('securitySolutionFixture'); - expect(patchedCases[2].owner).to.eql('securitySolutionFixture'); - }); - - it('should not update a case when the user does not have the correct ownership', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - obsOnlyDefaultSpaceAuth - ); - - await updateCase({ - supertest: supertestWithoutAuth, - params: { - cases: [ - { - id: postedCase.id, - version: postedCase.version, - title: 'new title', - }, - ], - }, - auth: secOnlyDefaultSpaceAuth, - expectedHttpCode: 403, - }); - }); - - it('should not update any cases when the user does not have the correct ownership', async () => { - const [case1, case2, case3] = await Promise.all([ - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - superUserDefaultSpaceAuth - ), - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - superUserDefaultSpaceAuth - ), - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - superUserDefaultSpaceAuth - ), - ]); - - await updateCase({ - supertest: supertestWithoutAuth, - params: { - cases: [ - { - id: case1.id, - version: case1.version, - title: 'new title', - }, - { - id: case2.id, - version: case2.version, - title: 'new title', - }, - { - id: case3.id, - version: case3.version, - title: 'new title', - }, - ], - }, - auth: secOnlyDefaultSpaceAuth, - expectedHttpCode: 403, - }); - - const resp = await findCases({ supertest, auth: getAuthWithSuperUser(null) }); - expect(resp.cases.length).to.eql(3); - // the update should have failed and none of the title should have been changed - expect(resp.cases[0].title).to.eql(postCaseReq.title); - expect(resp.cases[1].title).to.eql(postCaseReq.title); - expect(resp.cases[2].title).to.eql(postCaseReq.title); - }); - - for (const user of [ - globalRead, - secOnlyReadSpacesAll, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, - ]) { - it(`User ${ - user.username - } with role(s) ${user.roles.join()} - should NOT update a case`, async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - await updateCase({ - supertest: supertestWithoutAuth, - params: { - cases: [ - { - id: postedCase.id, - version: postedCase.version, - title: 'new title', - }, - ], - }, - auth: { user, space: null }, - expectedHttpCode: 403, - }); - }); - } - - it('should return a 404 when attempting to access a space', async () => { - const postedCase = await createCase(supertestWithoutAuth, getPostCaseRequest(), 200, { - user: superUser, - space: null, - }); - - await updateCase({ - supertest: supertestWithoutAuth, - params: { - cases: [ - { - id: postedCase.id, - version: postedCase.version, - title: 'new title', - }, - ], - }, - auth: { user: secOnlySpacesAll, space: 'space1' }, - expectedHttpCode: 404, - }); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/cases/post_case.ts b/x-pack/test/case_api_integration/security_only/tests/common/cases/post_case.ts deleted file mode 100644 index 28043d7155e4a6a..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/cases/post_case.ts +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; - -import { getPostCaseRequest } from '../../../../common/lib/mock'; -import { deleteCasesByESQuery, createCase } from '../../../../common/lib/utils'; -import { - secOnlySpacesAll, - secOnlyReadSpacesAll, - globalRead, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, -} from '../../../../common/lib/authentication/users'; -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; -import { secOnlyDefaultSpaceAuth } from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const es = getService('es'); - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - describe('post_case', () => { - afterEach(async () => { - await deleteCasesByESQuery(es); - }); - - it('User: security solution only - should create a case', async () => { - const theCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture' }), - 200, - secOnlyDefaultSpaceAuth - ); - expect(theCase.owner).to.eql('securitySolutionFixture'); - }); - - it('User: security solution only - should NOT create a case of different owner', async () => { - await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 403, - secOnlyDefaultSpaceAuth - ); - }); - - for (const user of [ - globalRead, - secOnlyReadSpacesAll, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, - ]) { - it(`User ${ - user.username - } with role(s) ${user.roles.join()} - should NOT create a case`, async () => { - await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture' }), - 403, - { user, space: null } - ); - }); - } - - it('should return a 404 when attempting to access a space', async () => { - await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture' }), - 404, - { - user: secOnlySpacesAll, - space: 'space1', - } - ); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/cases/reporters/get_reporters.ts b/x-pack/test/case_api_integration/security_only/tests/common/cases/reporters/get_reporters.ts deleted file mode 100644 index 8266b456ea1f276..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/cases/reporters/get_reporters.ts +++ /dev/null @@ -1,162 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../../../common/ftr_provider_context'; - -import { getPostCaseRequest } from '../../../../../common/lib/mock'; -import { createCase, deleteCasesByESQuery, getReporters } from '../../../../../common/lib/utils'; -import { - secOnlySpacesAll, - obsOnlySpacesAll, - globalRead, - superUser, - secOnlyReadSpacesAll, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, - obsSecSpacesAll, -} from '../../../../../common/lib/authentication/users'; -import { getUserInfo } from '../../../../../common/lib/authentication'; -import { - secOnlyDefaultSpaceAuth, - obsOnlyDefaultSpaceAuth, - superUserDefaultSpaceAuth, - obsSecDefaultSpaceAuth, -} from '../../../../utils'; -import { UserInfo } from '../../../../../common/lib/authentication/types'; - -const sortReporters = (reporters: UserInfo[]) => - reporters.sort((a, b) => a.username.localeCompare(b.username)); - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const es = getService('es'); - - describe('get_reporters', () => { - afterEach(async () => { - await deleteCasesByESQuery(es); - }); - - it('User: security solution only - should read the correct reporters', async () => { - await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture' }), - 200, - secOnlyDefaultSpaceAuth - ); - - await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - obsOnlyDefaultSpaceAuth - ); - - for (const scenario of [ - { - user: globalRead, - expectedReporters: [getUserInfo(secOnlySpacesAll), getUserInfo(obsOnlySpacesAll)], - }, - { - user: superUser, - expectedReporters: [getUserInfo(secOnlySpacesAll), getUserInfo(obsOnlySpacesAll)], - }, - { user: secOnlyReadSpacesAll, expectedReporters: [getUserInfo(secOnlySpacesAll)] }, - { user: obsOnlyReadSpacesAll, expectedReporters: [getUserInfo(obsOnlySpacesAll)] }, - { - user: obsSecReadSpacesAll, - expectedReporters: [getUserInfo(secOnlySpacesAll), getUserInfo(obsOnlySpacesAll)], - }, - ]) { - const reporters = await getReporters({ - supertest: supertestWithoutAuth, - expectedHttpCode: 200, - auth: { - user: scenario.user, - space: null, - }, - }); - - // sort reporters to prevent order failure - expect(sortReporters(reporters as unknown as UserInfo[])).to.eql( - sortReporters(scenario.expectedReporters) - ); - } - }); - - it(`User ${ - noKibanaPrivileges.username - } with role(s) ${noKibanaPrivileges.roles.join()} - should NOT get all reporters`, async () => { - // super user creates a case at the appropriate space - await createCase(supertestWithoutAuth, getPostCaseRequest(), 200, superUserDefaultSpaceAuth); - - // user should not be able to get all reporters at the appropriate space - await getReporters({ - supertest: supertestWithoutAuth, - expectedHttpCode: 403, - auth: { user: noKibanaPrivileges, space: null }, - }); - }); - - it('should return a 404 when attempting to access a space', async () => { - await createCase(supertestWithoutAuth, getPostCaseRequest(), 200, { - user: superUser, - space: null, - }); - - await getReporters({ - supertest: supertestWithoutAuth, - expectedHttpCode: 404, - auth: { user: obsSecSpacesAll, space: 'space1' }, - }); - }); - - it('should respect the owner filter when having permissions', async () => { - await Promise.all([ - createCase(supertestWithoutAuth, getPostCaseRequest(), 200, secOnlyDefaultSpaceAuth), - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - obsOnlyDefaultSpaceAuth - ), - ]); - - const reporters = await getReporters({ - supertest: supertestWithoutAuth, - auth: obsSecDefaultSpaceAuth, - query: { owner: 'securitySolutionFixture' }, - }); - - expect(reporters).to.eql([getUserInfo(secOnlySpacesAll)]); - }); - - it('should return the correct cases when trying to exploit RBAC through the owner query parameter', async () => { - await Promise.all([ - createCase(supertestWithoutAuth, getPostCaseRequest(), 200, secOnlyDefaultSpaceAuth), - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - obsOnlyDefaultSpaceAuth - ), - ]); - - // User with permissions only to security solution request reporters from observability - const reporters = await getReporters({ - supertest: supertestWithoutAuth, - auth: secOnlyDefaultSpaceAuth, - query: { owner: ['securitySolutionFixture', 'observabilityFixture'] }, - }); - - // Only security solution reporters are being returned - expect(reporters).to.eql([getUserInfo(secOnlySpacesAll)]); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/cases/status/get_status.ts b/x-pack/test/case_api_integration/security_only/tests/common/cases/status/get_status.ts deleted file mode 100644 index 245c7d1fdbfc54d..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/cases/status/get_status.ts +++ /dev/null @@ -1,144 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../../../common/ftr_provider_context'; - -import { CaseStatuses } from '../../../../../../../plugins/cases/common/api'; -import { getPostCaseRequest } from '../../../../../common/lib/mock'; -import { - createCase, - updateCase, - getAllCasesStatuses, - deleteAllCaseItems, -} from '../../../../../common/lib/utils'; -import { - globalRead, - noKibanaPrivileges, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - secOnlySpacesAll, - secOnlyReadSpacesAll, - superUser, -} from '../../../../../common/lib/authentication/users'; -import { superUserDefaultSpaceAuth } from '../../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const es = getService('es'); - - describe('get_status', () => { - afterEach(async () => { - await deleteAllCaseItems(es); - }); - - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - it('should return the correct status stats', async () => { - /** - * Owner: Sec - * open: 0, in-prog: 1, closed: 1 - * Owner: Obs - * open: 1, in-prog: 1 - */ - const [inProgressSec, closedSec, , inProgressObs] = await Promise.all([ - createCase(supertestWithoutAuth, getPostCaseRequest(), 200, superUserDefaultSpaceAuth), - createCase(supertestWithoutAuth, getPostCaseRequest(), 200, superUserDefaultSpaceAuth), - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - superUserDefaultSpaceAuth - ), - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - superUserDefaultSpaceAuth - ), - ]); - - await updateCase({ - supertest: supertestWithoutAuth, - params: { - cases: [ - { - id: inProgressSec.id, - version: inProgressSec.version, - status: CaseStatuses['in-progress'], - }, - { - id: closedSec.id, - version: closedSec.version, - status: CaseStatuses.closed, - }, - { - id: inProgressObs.id, - version: inProgressObs.version, - status: CaseStatuses['in-progress'], - }, - ], - }, - auth: superUserDefaultSpaceAuth, - }); - - for (const scenario of [ - { user: globalRead, stats: { open: 1, inProgress: 2, closed: 1 } }, - { user: superUser, stats: { open: 1, inProgress: 2, closed: 1 } }, - { user: secOnlyReadSpacesAll, stats: { open: 0, inProgress: 1, closed: 1 } }, - { user: obsOnlyReadSpacesAll, stats: { open: 1, inProgress: 1, closed: 0 } }, - { user: obsSecReadSpacesAll, stats: { open: 1, inProgress: 2, closed: 1 } }, - { - user: obsSecReadSpacesAll, - stats: { open: 1, inProgress: 1, closed: 0 }, - owner: 'observabilityFixture', - }, - { - user: obsSecReadSpacesAll, - stats: { open: 1, inProgress: 2, closed: 1 }, - owner: ['observabilityFixture', 'securitySolutionFixture'], - }, - ]) { - const statuses = await getAllCasesStatuses({ - supertest: supertestWithoutAuth, - auth: { user: scenario.user, space: null }, - query: { - owner: scenario.owner, - }, - }); - - expect(statuses).to.eql({ - count_open_cases: scenario.stats.open, - count_closed_cases: scenario.stats.closed, - count_in_progress_cases: scenario.stats.inProgress, - }); - } - }); - - it(`should return a 403 when retrieving the statuses when the user ${ - noKibanaPrivileges.username - } with role(s) ${noKibanaPrivileges.roles.join()}`, async () => { - await createCase(supertestWithoutAuth, getPostCaseRequest(), 200, superUserDefaultSpaceAuth); - - await getAllCasesStatuses({ - supertest: supertestWithoutAuth, - auth: { user: noKibanaPrivileges, space: null }, - expectedHttpCode: 403, - }); - }); - - it('should return a 404 when attempting to access a space', async () => { - await createCase(supertestWithoutAuth, getPostCaseRequest(), 200, superUserDefaultSpaceAuth); - - await getAllCasesStatuses({ - supertest: supertestWithoutAuth, - auth: { user: secOnlySpacesAll, space: 'space1' }, - expectedHttpCode: 404, - }); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/cases/tags/get_tags.ts b/x-pack/test/case_api_integration/security_only/tests/common/cases/tags/get_tags.ts deleted file mode 100644 index c05d956028752d2..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/cases/tags/get_tags.ts +++ /dev/null @@ -1,170 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../../../common/ftr_provider_context'; - -import { deleteCasesByESQuery, createCase, getTags } from '../../../../../common/lib/utils'; -import { getPostCaseRequest } from '../../../../../common/lib/mock'; -import { - secOnlySpacesAll, - globalRead, - superUser, - secOnlyReadSpacesAll, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, -} from '../../../../../common/lib/authentication/users'; -import { - secOnlyDefaultSpaceAuth, - obsOnlyDefaultSpaceAuth, - obsSecDefaultSpaceAuth, - superUserDefaultSpaceAuth, -} from '../../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const es = getService('es'); - - describe('get_tags', () => { - afterEach(async () => { - await deleteCasesByESQuery(es); - }); - - it('should read the correct tags', async () => { - await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture', tags: ['sec'] }), - 200, - secOnlyDefaultSpaceAuth - ); - - await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture', tags: ['obs'] }), - 200, - obsOnlyDefaultSpaceAuth - ); - - for (const scenario of [ - { - user: globalRead, - expectedTags: ['sec', 'obs'], - }, - { - user: superUser, - expectedTags: ['sec', 'obs'], - }, - { user: secOnlyReadSpacesAll, expectedTags: ['sec'] }, - { user: obsOnlyReadSpacesAll, expectedTags: ['obs'] }, - { - user: obsSecReadSpacesAll, - expectedTags: ['sec', 'obs'], - }, - ]) { - const tags = await getTags({ - supertest: supertestWithoutAuth, - expectedHttpCode: 200, - auth: { - user: scenario.user, - space: null, - }, - }); - - expect(tags).to.eql(scenario.expectedTags); - } - }); - - it(`User ${ - noKibanaPrivileges.username - } with role(s) ${noKibanaPrivileges.roles.join()} - should NOT get all tags`, async () => { - // super user creates a case at the appropriate space - await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture', tags: ['sec'] }), - 200, - superUserDefaultSpaceAuth - ); - - // user should not be able to get all tags at the appropriate space - await getTags({ - supertest: supertestWithoutAuth, - expectedHttpCode: 403, - auth: { user: noKibanaPrivileges, space: null }, - }); - }); - - it('should return a 404 when attempting to access a space', async () => { - // super user creates a case at the appropriate space - await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture', tags: ['sec'] }), - 200, - superUserDefaultSpaceAuth - ); - - await getTags({ - supertest: supertestWithoutAuth, - expectedHttpCode: 404, - auth: { user: secOnlySpacesAll, space: 'space1' }, - }); - }); - - it('should respect the owner filter when having permissions', async () => { - await Promise.all([ - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture', tags: ['sec'] }), - 200, - obsSecDefaultSpaceAuth - ), - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture', tags: ['obs'] }), - 200, - obsSecDefaultSpaceAuth - ), - ]); - - const tags = await getTags({ - supertest: supertestWithoutAuth, - auth: obsSecDefaultSpaceAuth, - query: { owner: 'securitySolutionFixture' }, - }); - - expect(tags).to.eql(['sec']); - }); - - it('should return the correct cases when trying to exploit RBAC through the owner query parameter', async () => { - await Promise.all([ - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture', tags: ['sec'] }), - 200, - obsSecDefaultSpaceAuth - ), - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture', tags: ['obs'] }), - 200, - obsSecDefaultSpaceAuth - ), - ]); - - // User with permissions only to security solution request tags from observability - const tags = await getTags({ - supertest: supertestWithoutAuth, - auth: secOnlyDefaultSpaceAuth, - query: { owner: ['securitySolutionFixture', 'observabilityFixture'] }, - }); - - // Only security solution tags are being returned - expect(tags).to.eql(['sec']); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/comments/delete_comment.ts b/x-pack/test/case_api_integration/security_only/tests/common/comments/delete_comment.ts deleted file mode 100644 index 6a2ddeecdb2728a..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/comments/delete_comment.ts +++ /dev/null @@ -1,205 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { getPostCaseRequest, postCommentUserReq } from '../../../../common/lib/mock'; -import { - deleteAllCaseItems, - deleteCasesByESQuery, - deleteCasesUserActions, - deleteComments, - createCase, - createComment, - deleteComment, - deleteAllComments, - getAuthWithSuperUser, -} from '../../../../common/lib/utils'; -import { - globalRead, - noKibanaPrivileges, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - secOnlySpacesAll, - secOnlyReadSpacesAll, -} from '../../../../common/lib/authentication/users'; -import { obsOnlyDefaultSpaceAuth, secOnlyDefaultSpaceAuth } from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const es = getService('es'); - const superUserNoSpaceAuth = getAuthWithSuperUser(null); - - describe('delete_comment', () => { - afterEach(async () => { - await deleteCasesByESQuery(es); - await deleteComments(es); - await deleteCasesUserActions(es); - }); - - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - afterEach(async () => { - await deleteAllCaseItems(es); - }); - - it('should delete a comment from the appropriate owner', async () => { - const secCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - secOnlyDefaultSpaceAuth - ); - - const commentResp = await createComment({ - supertest: supertestWithoutAuth, - caseId: secCase.id, - params: postCommentUserReq, - auth: secOnlyDefaultSpaceAuth, - }); - - await deleteComment({ - supertest: supertestWithoutAuth, - caseId: secCase.id, - commentId: commentResp.comments![0].id, - auth: secOnlyDefaultSpaceAuth, - }); - }); - - it('should delete multiple comments from the appropriate owner', async () => { - const secCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - secOnlyDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - caseId: secCase.id, - params: postCommentUserReq, - auth: secOnlyDefaultSpaceAuth, - }); - - await createComment({ - supertest: supertestWithoutAuth, - caseId: secCase.id, - params: postCommentUserReq, - auth: secOnlyDefaultSpaceAuth, - }); - - await deleteAllComments({ - supertest: supertestWithoutAuth, - caseId: secCase.id, - auth: secOnlyDefaultSpaceAuth, - }); - }); - - it('should not delete a comment from a different owner', async () => { - const secCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - secOnlyDefaultSpaceAuth - ); - - const commentResp = await createComment({ - supertest: supertestWithoutAuth, - caseId: secCase.id, - params: postCommentUserReq, - auth: secOnlyDefaultSpaceAuth, - }); - - await deleteComment({ - supertest: supertestWithoutAuth, - caseId: secCase.id, - commentId: commentResp.comments![0].id, - auth: obsOnlyDefaultSpaceAuth, - expectedHttpCode: 403, - }); - - await deleteAllComments({ - supertest: supertestWithoutAuth, - caseId: secCase.id, - auth: obsOnlyDefaultSpaceAuth, - expectedHttpCode: 403, - }); - }); - - for (const user of [ - globalRead, - secOnlyReadSpacesAll, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, - ]) { - it(`User ${ - user.username - } with role(s) ${user.roles.join()} - should NOT delete a comment`, async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserNoSpaceAuth - ); - - const commentResp = await createComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - params: postCommentUserReq, - auth: superUserNoSpaceAuth, - }); - - await deleteComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - commentId: commentResp.comments![0].id, - auth: { user, space: null }, - expectedHttpCode: 403, - }); - - await deleteAllComments({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - auth: { user, space: null }, - expectedHttpCode: 403, - }); - }); - } - - it('should return a 404 when attempting to access a space', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserNoSpaceAuth - ); - - const commentResp = await createComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - params: postCommentUserReq, - auth: superUserNoSpaceAuth, - }); - - await deleteComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - commentId: commentResp.comments![0].id, - auth: { user: secOnlySpacesAll, space: 'space1' }, - expectedHttpCode: 404, - }); - - await deleteAllComments({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - auth: { user: secOnlySpacesAll, space: 'space1' }, - expectedHttpCode: 404, - }); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/comments/find_comments.ts b/x-pack/test/case_api_integration/security_only/tests/common/comments/find_comments.ts deleted file mode 100644 index 5239c616603a8a6..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/comments/find_comments.ts +++ /dev/null @@ -1,278 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { CASES_URL } from '../../../../../../plugins/cases/common/constants'; -import { CommentsResponse } from '../../../../../../plugins/cases/common/api'; -import { - getPostCaseRequest, - postCommentAlertReq, - postCommentUserReq, -} from '../../../../common/lib/mock'; -import { - createComment, - deleteAllCaseItems, - deleteCasesByESQuery, - deleteCasesUserActions, - deleteComments, - ensureSavedObjectIsAuthorized, - getSpaceUrlPrefix, - createCase, -} from '../../../../common/lib/utils'; - -import { - secOnlySpacesAll, - obsOnlyReadSpacesAll, - secOnlyReadSpacesAll, - noKibanaPrivileges, - superUser, - globalRead, - obsSecReadSpacesAll, -} from '../../../../common/lib/authentication/users'; -import { - obsOnlyDefaultSpaceAuth, - secOnlyDefaultSpaceAuth, - superUserDefaultSpaceAuth, -} from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertest = getService('supertest'); - const es = getService('es'); - - describe('find_comments', () => { - afterEach(async () => { - await deleteCasesByESQuery(es); - await deleteComments(es); - await deleteCasesUserActions(es); - }); - - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - afterEach(async () => { - await deleteAllCaseItems(es); - }); - - it('should return the correct comments', async () => { - const [secCase, obsCase] = await Promise.all([ - // Create case owned by the security solution user - createCase(supertestWithoutAuth, getPostCaseRequest(), 200, secOnlyDefaultSpaceAuth), - createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - obsOnlyDefaultSpaceAuth - ), - // Create case owned by the observability user - ]); - - await Promise.all([ - createComment({ - supertest: supertestWithoutAuth, - caseId: secCase.id, - params: postCommentUserReq, - auth: secOnlyDefaultSpaceAuth, - }), - createComment({ - supertest: supertestWithoutAuth, - caseId: obsCase.id, - params: { ...postCommentAlertReq, owner: 'observabilityFixture' }, - auth: obsOnlyDefaultSpaceAuth, - }), - ]); - - for (const scenario of [ - { - user: globalRead, - numExpectedEntites: 1, - owners: ['securitySolutionFixture', 'observabilityFixture'], - caseID: secCase.id, - }, - { - user: globalRead, - numExpectedEntites: 1, - owners: ['securitySolutionFixture', 'observabilityFixture'], - caseID: obsCase.id, - }, - { - user: superUser, - numExpectedEntites: 1, - owners: ['securitySolutionFixture', 'observabilityFixture'], - caseID: secCase.id, - }, - { - user: superUser, - numExpectedEntites: 1, - owners: ['securitySolutionFixture', 'observabilityFixture'], - caseID: obsCase.id, - }, - { - user: secOnlyReadSpacesAll, - numExpectedEntites: 1, - owners: ['securitySolutionFixture'], - caseID: secCase.id, - }, - { - user: obsOnlyReadSpacesAll, - numExpectedEntites: 1, - owners: ['observabilityFixture'], - caseID: obsCase.id, - }, - { - user: obsSecReadSpacesAll, - numExpectedEntites: 1, - owners: ['securitySolutionFixture', 'observabilityFixture'], - caseID: secCase.id, - }, - { - user: obsSecReadSpacesAll, - numExpectedEntites: 1, - owners: ['securitySolutionFixture', 'observabilityFixture'], - caseID: obsCase.id, - }, - ]) { - const { body: caseComments }: { body: CommentsResponse } = await supertestWithoutAuth - .get(`${getSpaceUrlPrefix(null)}${CASES_URL}/${scenario.caseID}/comments/_find`) - .auth(scenario.user.username, scenario.user.password) - .expect(200); - - ensureSavedObjectIsAuthorized( - caseComments.comments, - scenario.numExpectedEntites, - scenario.owners - ); - } - }); - - it(`User ${ - noKibanaPrivileges.username - } with role(s) ${noKibanaPrivileges.roles.join()} - should NOT read a comment`, async () => { - // super user creates a case and comment in the appropriate space - const caseInfo = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - auth: { user: superUser, space: null }, - params: { ...postCommentUserReq, owner: 'securitySolutionFixture' }, - caseId: caseInfo.id, - }); - - // user should not be able to read comments - await supertestWithoutAuth - .get(`${getSpaceUrlPrefix(null)}${CASES_URL}/${caseInfo.id}/comments/_find`) - .auth(noKibanaPrivileges.username, noKibanaPrivileges.password) - .expect(403); - }); - - it('should return a 404 when attempting to access a space', async () => { - const caseInfo = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - auth: superUserDefaultSpaceAuth, - params: { ...postCommentUserReq, owner: 'securitySolutionFixture' }, - caseId: caseInfo.id, - }); - - await supertestWithoutAuth - .get(`${getSpaceUrlPrefix('space1')}${CASES_URL}/${caseInfo.id}/comments/_find`) - .auth(secOnlySpacesAll.username, secOnlySpacesAll.password) - .expect(404); - }); - - it('should not return any comments when trying to exploit RBAC through the search query parameter', async () => { - const obsCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - superUserDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - auth: superUserDefaultSpaceAuth, - params: { ...postCommentUserReq, owner: 'observabilityFixture' }, - caseId: obsCase.id, - }); - - const { body: res }: { body: CommentsResponse } = await supertestWithoutAuth - .get( - `${getSpaceUrlPrefix(null)}${CASES_URL}/${ - obsCase.id - }/comments/_find?search=securitySolutionFixture+observabilityFixture` - ) - .auth(secOnlySpacesAll.username, secOnlySpacesAll.password) - .expect(200); - - // shouldn't find any comments since they were created under the observability ownership - ensureSavedObjectIsAuthorized(res.comments, 0, ['securitySolutionFixture']); - }); - - it('should not allow retrieving unauthorized comments using the filter field', async () => { - const obsCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - superUserDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - auth: superUserDefaultSpaceAuth, - params: { ...postCommentUserReq, owner: 'observabilityFixture' }, - caseId: obsCase.id, - }); - - const { body: res } = await supertestWithoutAuth - .get( - `${getSpaceUrlPrefix(null)}${CASES_URL}/${ - obsCase.id - }/comments/_find?filter=cases-comments.attributes.owner:"observabilityFixture"` - ) - .auth(secOnlySpacesAll.username, secOnlySpacesAll.password) - .expect(200); - expect(res.comments.length).to.be(0); - }); - - // This test ensures that the user is not allowed to define the namespaces query param - // so she cannot search across spaces - it('should NOT allow to pass a namespaces query parameter', async () => { - const obsCase = await createCase( - supertest, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200 - ); - - await createComment({ - supertest, - params: { ...postCommentUserReq, owner: 'observabilityFixture' }, - caseId: obsCase.id, - }); - - await supertest.get(`${CASES_URL}/${obsCase.id}/comments/_find?namespaces[0]=*`).expect(400); - - await supertest.get(`${CASES_URL}/${obsCase.id}/comments/_find?namespaces=*`).expect(400); - }); - - it('should NOT allow to pass a non supported query parameter', async () => { - await supertest.get(`${CASES_URL}/id/comments/_find?notExists=papa`).expect(400); - await supertest.get(`${CASES_URL}/id/comments/_find?owner=papa`).expect(400); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/comments/get_all_comments.ts b/x-pack/test/case_api_integration/security_only/tests/common/comments/get_all_comments.ts deleted file mode 100644 index a0010ef19499fab..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/comments/get_all_comments.ts +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { getPostCaseRequest, postCommentUserReq } from '../../../../common/lib/mock'; -import { - deleteAllCaseItems, - createCase, - createComment, - getAllComments, -} from '../../../../common/lib/utils'; -import { - globalRead, - noKibanaPrivileges, - obsOnlySpacesAll, - obsOnlyReadSpacesAll, - obsSecSpacesAll, - obsSecReadSpacesAll, - secOnlySpacesAll, - secOnlyReadSpacesAll, - superUser, -} from '../../../../common/lib/authentication/users'; -import { superUserDefaultSpaceAuth } from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const es = getService('es'); - - describe('get_all_comments', () => { - afterEach(async () => { - await deleteAllCaseItems(es); - }); - - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - it('should get all comments when the user has the correct permissions', async () => { - const caseInfo = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - params: postCommentUserReq, - auth: superUserDefaultSpaceAuth, - }); - - await createComment({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - params: postCommentUserReq, - auth: superUserDefaultSpaceAuth, - }); - - for (const user of [ - globalRead, - superUser, - secOnlySpacesAll, - secOnlyReadSpacesAll, - obsSecSpacesAll, - obsSecReadSpacesAll, - ]) { - const comments = await getAllComments({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - auth: { user, space: null }, - }); - - expect(comments.length).to.eql(2); - } - }); - - it('should not get comments when the user does not have correct permission', async () => { - const caseInfo = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - params: postCommentUserReq, - auth: superUserDefaultSpaceAuth, - }); - - for (const scenario of [ - { user: noKibanaPrivileges, returnCode: 403 }, - { user: obsOnlySpacesAll, returnCode: 200 }, - { user: obsOnlyReadSpacesAll, returnCode: 200 }, - ]) { - const comments = await getAllComments({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - auth: { user: scenario.user, space: null }, - expectedHttpCode: scenario.returnCode, - }); - - // only check the length if we get a 200 in response - if (scenario.returnCode === 200) { - expect(comments.length).to.be(0); - } - } - }); - - it('should return a 404 when attempting to access a space', async () => { - const caseInfo = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - params: postCommentUserReq, - auth: superUserDefaultSpaceAuth, - }); - - await getAllComments({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - auth: { user: secOnlySpacesAll, space: 'space1' }, - expectedHttpCode: 404, - }); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/comments/get_comment.ts b/x-pack/test/case_api_integration/security_only/tests/common/comments/get_comment.ts deleted file mode 100644 index 79693d3e0a574ef..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/comments/get_comment.ts +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { postCommentUserReq, getPostCaseRequest } from '../../../../common/lib/mock'; -import { - deleteAllCaseItems, - createCase, - createComment, - getComment, -} from '../../../../common/lib/utils'; -import { - globalRead, - noKibanaPrivileges, - obsOnlySpacesAll, - obsOnlyReadSpacesAll, - obsSecSpacesAll, - obsSecReadSpacesAll, - secOnlySpacesAll, - secOnlyReadSpacesAll, - superUser, -} from '../../../../common/lib/authentication/users'; -import { superUserDefaultSpaceAuth } from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const es = getService('es'); - - describe('get_comment', () => { - afterEach(async () => { - await deleteAllCaseItems(es); - }); - - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - it('should get a comment when the user has the correct permissions', async () => { - const caseInfo = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - const caseWithComment = await createComment({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - params: postCommentUserReq, - auth: superUserDefaultSpaceAuth, - }); - - for (const user of [ - globalRead, - superUser, - secOnlySpacesAll, - secOnlyReadSpacesAll, - obsSecSpacesAll, - obsSecReadSpacesAll, - ]) { - await getComment({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - commentId: caseWithComment.comments![0].id, - auth: { user, space: null }, - }); - } - }); - - it('should not get comment when the user does not have correct permissions', async () => { - const caseInfo = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - const caseWithComment = await createComment({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - params: postCommentUserReq, - auth: superUserDefaultSpaceAuth, - }); - - for (const user of [noKibanaPrivileges, obsOnlySpacesAll, obsOnlyReadSpacesAll]) { - await getComment({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - commentId: caseWithComment.comments![0].id, - auth: { user, space: null }, - expectedHttpCode: 403, - }); - } - }); - - it('should return a 404 when attempting to access a space', async () => { - const caseInfo = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - const caseWithComment = await createComment({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - params: postCommentUserReq, - auth: superUserDefaultSpaceAuth, - }); - - await getComment({ - supertest: supertestWithoutAuth, - caseId: caseInfo.id, - commentId: caseWithComment.comments![0].id, - auth: { user: secOnlySpacesAll, space: 'space1' }, - expectedHttpCode: 404, - }); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/comments/patch_comment.ts b/x-pack/test/case_api_integration/security_only/tests/common/comments/patch_comment.ts deleted file mode 100644 index 7a25ec4ec39812c..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/comments/patch_comment.ts +++ /dev/null @@ -1,189 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { AttributesTypeUser, CommentType } from '../../../../../../plugins/cases/common/api'; -import { defaultUser, postCommentUserReq, getPostCaseRequest } from '../../../../common/lib/mock'; -import { - deleteAllCaseItems, - deleteCasesByESQuery, - deleteCasesUserActions, - deleteComments, - createCase, - createComment, - updateComment, -} from '../../../../common/lib/utils'; -import { - globalRead, - noKibanaPrivileges, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - secOnlySpacesAll, - secOnlyReadSpacesAll, -} from '../../../../common/lib/authentication/users'; -import { - obsOnlyDefaultSpaceAuth, - secOnlyDefaultSpaceAuth, - superUserDefaultSpaceAuth, -} from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertest = getService('supertest'); - const es = getService('es'); - - describe('patch_comment', () => { - afterEach(async () => { - await deleteCasesByESQuery(es); - await deleteComments(es); - await deleteCasesUserActions(es); - }); - - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - afterEach(async () => { - await deleteAllCaseItems(es); - }); - - it('should update a comment that the user has permissions for', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - const patchedCase = await createComment({ - supertest, - caseId: postedCase.id, - params: postCommentUserReq, - auth: superUserDefaultSpaceAuth, - }); - - const newComment = 'Well I decided to update my comment. So what? Deal with it.'; - const updatedCase = await updateComment({ - supertest, - caseId: postedCase.id, - req: { - ...postCommentUserReq, - id: patchedCase.comments![0].id, - version: patchedCase.comments![0].version, - comment: newComment, - }, - auth: secOnlyDefaultSpaceAuth, - }); - - const userComment = updatedCase.comments![0] as AttributesTypeUser; - expect(userComment.comment).to.eql(newComment); - expect(userComment.type).to.eql(CommentType.user); - expect(updatedCase.updated_by).to.eql(defaultUser); - expect(userComment.owner).to.eql('securitySolutionFixture'); - }); - - it('should not update a comment that has a different owner thant he user has access to', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - const patchedCase = await createComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - params: postCommentUserReq, - auth: superUserDefaultSpaceAuth, - }); - - const newComment = 'Well I decided to update my comment. So what? Deal with it.'; - await updateComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - req: { - ...postCommentUserReq, - id: patchedCase.comments![0].id, - version: patchedCase.comments![0].version, - comment: newComment, - }, - auth: obsOnlyDefaultSpaceAuth, - expectedHttpCode: 403, - }); - }); - - for (const user of [ - globalRead, - secOnlyReadSpacesAll, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, - ]) { - it(`User ${ - user.username - } with role(s) ${user.roles.join()} - should NOT update a comment`, async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - const patchedCase = await createComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - params: postCommentUserReq, - auth: superUserDefaultSpaceAuth, - }); - - const newComment = 'Well I decided to update my comment. So what? Deal with it.'; - await updateComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - req: { - ...postCommentUserReq, - id: patchedCase.comments![0].id, - version: patchedCase.comments![0].version, - comment: newComment, - }, - auth: { user, space: null }, - expectedHttpCode: 403, - }); - }); - } - - it('should return a 404 when attempting to access a space', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - const patchedCase = await createComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - params: postCommentUserReq, - auth: superUserDefaultSpaceAuth, - }); - - const newComment = 'Well I decided to update my comment. So what? Deal with it.'; - await updateComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - req: { - ...postCommentUserReq, - id: patchedCase.comments![0].id, - version: patchedCase.comments![0].version, - comment: newComment, - }, - auth: { user: secOnlySpacesAll, space: 'space1' }, - expectedHttpCode: 404, - }); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/comments/post_comment.ts b/x-pack/test/case_api_integration/security_only/tests/common/comments/post_comment.ts deleted file mode 100644 index 500308305d131e1..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/comments/post_comment.ts +++ /dev/null @@ -1,128 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { postCommentUserReq, getPostCaseRequest } from '../../../../common/lib/mock'; -import { - deleteAllCaseItems, - deleteCasesByESQuery, - deleteCasesUserActions, - deleteComments, - createCase, - createComment, -} from '../../../../common/lib/utils'; - -import { - globalRead, - noKibanaPrivileges, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - secOnlySpacesAll, - secOnlyReadSpacesAll, -} from '../../../../common/lib/authentication/users'; -import { - obsOnlyDefaultSpaceAuth, - secOnlyDefaultSpaceAuth, - superUserDefaultSpaceAuth, -} from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const es = getService('es'); - - describe('post_comment', () => { - afterEach(async () => { - await deleteCasesByESQuery(es); - await deleteComments(es); - await deleteCasesUserActions(es); - }); - - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - afterEach(async () => { - await deleteAllCaseItems(es); - }); - - it('should create a comment when the user has the correct permissions for that owner', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture' }), - 200, - superUserDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - params: postCommentUserReq, - auth: secOnlyDefaultSpaceAuth, - }); - }); - - it('should not create a comment when the user does not have permissions for that owner', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'observabilityFixture' }), - 200, - obsOnlyDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - params: { ...postCommentUserReq, owner: 'observabilityFixture' }, - auth: secOnlyDefaultSpaceAuth, - expectedHttpCode: 403, - }); - }); - - for (const user of [ - globalRead, - secOnlyReadSpacesAll, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, - ]) { - it(`User ${ - user.username - } with role(s) ${user.roles.join()} - should not create a comment`, async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture' }), - 200, - superUserDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - params: postCommentUserReq, - auth: { user, space: null }, - expectedHttpCode: 403, - }); - }); - } - - it('should return a 404 when attempting to access a space', async () => { - const postedCase = await createCase( - supertestWithoutAuth, - getPostCaseRequest({ owner: 'securitySolutionFixture' }), - 200, - superUserDefaultSpaceAuth - ); - - await createComment({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - params: postCommentUserReq, - auth: { user: secOnlySpacesAll, space: 'space1' }, - expectedHttpCode: 404, - }); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/configure/get_configure.ts b/x-pack/test/case_api_integration/security_only/tests/common/configure/get_configure.ts deleted file mode 100644 index 0a8b3ebd8981e39..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/configure/get_configure.ts +++ /dev/null @@ -1,195 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { - deleteConfiguration, - getConfiguration, - createConfiguration, - getConfigurationRequest, - ensureSavedObjectIsAuthorized, -} from '../../../../common/lib/utils'; -import { - secOnlySpacesAll, - obsOnlyReadSpacesAll, - secOnlyReadSpacesAll, - noKibanaPrivileges, - superUser, - globalRead, - obsSecReadSpacesAll, -} from '../../../../common/lib/authentication/users'; -import { - obsOnlyDefaultSpaceAuth, - obsSecDefaultSpaceAuth, - secOnlyDefaultSpaceAuth, - superUserDefaultSpaceAuth, -} from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const es = getService('es'); - - describe('get_configure', () => { - afterEach(async () => { - await deleteConfiguration(es); - }); - - it('should return the correct configuration', async () => { - await createConfiguration( - supertestWithoutAuth, - getConfigurationRequest(), - 200, - secOnlyDefaultSpaceAuth - ); - - await createConfiguration( - supertestWithoutAuth, - { ...getConfigurationRequest(), owner: 'observabilityFixture' }, - 200, - obsOnlyDefaultSpaceAuth - ); - - for (const scenario of [ - { - user: globalRead, - numberOfExpectedCases: 2, - owners: ['securitySolutionFixture', 'observabilityFixture'], - }, - { - user: superUser, - numberOfExpectedCases: 2, - owners: ['securitySolutionFixture', 'observabilityFixture'], - }, - { - user: secOnlyReadSpacesAll, - numberOfExpectedCases: 1, - owners: ['securitySolutionFixture'], - }, - { - user: obsOnlyReadSpacesAll, - numberOfExpectedCases: 1, - owners: ['observabilityFixture'], - }, - { - user: obsSecReadSpacesAll, - numberOfExpectedCases: 2, - owners: ['securitySolutionFixture', 'observabilityFixture'], - }, - ]) { - const configuration = await getConfiguration({ - supertest: supertestWithoutAuth, - query: { owner: scenario.owners }, - expectedHttpCode: 200, - auth: { - user: scenario.user, - space: null, - }, - }); - - ensureSavedObjectIsAuthorized( - configuration, - scenario.numberOfExpectedCases, - scenario.owners - ); - } - }); - - it(`User ${ - noKibanaPrivileges.username - } with role(s) ${noKibanaPrivileges.roles.join()} - should NOT read a case configuration`, async () => { - // super user creates a configuration at the appropriate space - await createConfiguration( - supertestWithoutAuth, - getConfigurationRequest(), - 200, - superUserDefaultSpaceAuth - ); - - // user should not be able to read configurations at the appropriate space - await getConfiguration({ - supertest: supertestWithoutAuth, - expectedHttpCode: 403, - auth: { - user: noKibanaPrivileges, - space: null, - }, - }); - }); - - it('should return a 404 when attempting to access a space', async () => { - await createConfiguration( - supertestWithoutAuth, - getConfigurationRequest(), - 200, - superUserDefaultSpaceAuth - ); - - await getConfiguration({ - supertest: supertestWithoutAuth, - expectedHttpCode: 404, - auth: { - user: secOnlySpacesAll, - space: 'space1', - }, - }); - }); - - it('should respect the owner filter when having permissions', async () => { - await Promise.all([ - createConfiguration( - supertestWithoutAuth, - getConfigurationRequest(), - 200, - obsSecDefaultSpaceAuth - ), - createConfiguration( - supertestWithoutAuth, - { ...getConfigurationRequest(), owner: 'observabilityFixture' }, - 200, - obsSecDefaultSpaceAuth - ), - ]); - - const res = await getConfiguration({ - supertest: supertestWithoutAuth, - query: { owner: 'securitySolutionFixture' }, - auth: obsSecDefaultSpaceAuth, - }); - - ensureSavedObjectIsAuthorized(res, 1, ['securitySolutionFixture']); - }); - - it('should return the correct cases when trying to exploit RBAC through the owner query parameter', async () => { - await Promise.all([ - createConfiguration( - supertestWithoutAuth, - getConfigurationRequest(), - 200, - obsSecDefaultSpaceAuth - ), - createConfiguration( - supertestWithoutAuth, - { ...getConfigurationRequest(), owner: 'observabilityFixture' }, - 200, - obsSecDefaultSpaceAuth - ), - ]); - - // User with permissions only to security solution request cases from observability - const res = await getConfiguration({ - supertest: supertestWithoutAuth, - query: { owner: ['securitySolutionFixture', 'observabilityFixture'] }, - auth: secOnlyDefaultSpaceAuth, - }); - - // Only security solution cases are being returned - ensureSavedObjectIsAuthorized(res, 1, ['securitySolutionFixture']); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/configure/patch_configure.ts b/x-pack/test/case_api_integration/security_only/tests/common/configure/patch_configure.ts deleted file mode 100644 index eb1fa01221ae897..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/configure/patch_configure.ts +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; -import { ObjectRemover as ActionsRemover } from '../../../../../alerting_api_integration/common/lib'; - -import { - getConfigurationRequest, - deleteConfiguration, - createConfiguration, - updateConfiguration, -} from '../../../../common/lib/utils'; -import { - secOnlySpacesAll, - obsOnlyReadSpacesAll, - secOnlyReadSpacesAll, - noKibanaPrivileges, - globalRead, - obsSecReadSpacesAll, -} from '../../../../common/lib/authentication/users'; -import { secOnlyDefaultSpaceAuth, superUserDefaultSpaceAuth } from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertest = getService('supertest'); - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const es = getService('es'); - - describe('patch_configure', () => { - const actionsRemover = new ActionsRemover(supertest); - - afterEach(async () => { - await deleteConfiguration(es); - await actionsRemover.removeAll(); - }); - - it('User: security solution only - should update a configuration', async () => { - const configuration = await createConfiguration( - supertestWithoutAuth, - getConfigurationRequest(), - 200, - secOnlyDefaultSpaceAuth - ); - - const newConfiguration = await updateConfiguration( - supertestWithoutAuth, - configuration.id, - { - closure_type: 'close-by-pushing', - version: configuration.version, - }, - 200, - secOnlyDefaultSpaceAuth - ); - - expect(newConfiguration.owner).to.eql('securitySolutionFixture'); - }); - - it('User: security solution only - should NOT update a configuration of different owner', async () => { - const configuration = await createConfiguration( - supertestWithoutAuth, - { ...getConfigurationRequest(), owner: 'observabilityFixture' }, - 200, - superUserDefaultSpaceAuth - ); - - await updateConfiguration( - supertestWithoutAuth, - configuration.id, - { - closure_type: 'close-by-pushing', - version: configuration.version, - }, - 403, - secOnlyDefaultSpaceAuth - ); - }); - - for (const user of [ - globalRead, - secOnlyReadSpacesAll, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, - ]) { - it(`User ${ - user.username - } with role(s) ${user.roles.join()} - should NOT update a configuration`, async () => { - const configuration = await createConfiguration( - supertestWithoutAuth, - getConfigurationRequest(), - 200, - superUserDefaultSpaceAuth - ); - - await updateConfiguration( - supertestWithoutAuth, - configuration.id, - { - closure_type: 'close-by-pushing', - version: configuration.version, - }, - 403, - { - user, - space: null, - } - ); - }); - } - - it('should return a 404 when attempting to access a space', async () => { - const configuration = await createConfiguration( - supertestWithoutAuth, - { ...getConfigurationRequest(), owner: 'securitySolutionFixture' }, - 200, - superUserDefaultSpaceAuth - ); - - await updateConfiguration( - supertestWithoutAuth, - configuration.id, - { - closure_type: 'close-by-pushing', - version: configuration.version, - }, - 404, - { - user: secOnlySpacesAll, - space: 'space1', - } - ); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/configure/post_configure.ts b/x-pack/test/case_api_integration/security_only/tests/common/configure/post_configure.ts deleted file mode 100644 index b3de6ec0487bb06..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/configure/post_configure.ts +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; -import { ObjectRemover as ActionsRemover } from '../../../../../alerting_api_integration/common/lib'; - -import { - getConfigurationRequest, - deleteConfiguration, - createConfiguration, - getConfiguration, - ensureSavedObjectIsAuthorized, -} from '../../../../common/lib/utils'; - -import { - secOnlySpacesAll, - obsOnlyReadSpacesAll, - secOnlyReadSpacesAll, - noKibanaPrivileges, - globalRead, - obsSecReadSpacesAll, -} from '../../../../common/lib/authentication/users'; -import { secOnlyDefaultSpaceAuth, superUserDefaultSpaceAuth } from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertest = getService('supertest'); - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const es = getService('es'); - - describe('post_configure', () => { - const actionsRemover = new ActionsRemover(supertest); - - afterEach(async () => { - await deleteConfiguration(es); - await actionsRemover.removeAll(); - }); - - it('User: security solution only - should create a configuration', async () => { - const configuration = await createConfiguration( - supertestWithoutAuth, - getConfigurationRequest(), - 200, - secOnlyDefaultSpaceAuth - ); - - expect(configuration.owner).to.eql('securitySolutionFixture'); - }); - - it('User: security solution only - should NOT create a configuration of different owner', async () => { - await createConfiguration( - supertestWithoutAuth, - { ...getConfigurationRequest(), owner: 'observabilityFixture' }, - 403, - secOnlyDefaultSpaceAuth - ); - }); - - for (const user of [ - globalRead, - secOnlyReadSpacesAll, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, - ]) { - it(`User ${ - user.username - } with role(s) ${user.roles.join()} - should NOT create a configuration`, async () => { - await createConfiguration( - supertestWithoutAuth, - { ...getConfigurationRequest(), owner: 'securitySolutionFixture' }, - 403, - { - user, - space: null, - } - ); - }); - } - - it('should return a 404 when attempting to access a space', async () => { - await createConfiguration( - supertestWithoutAuth, - { ...getConfigurationRequest(), owner: 'securitySolutionFixture' }, - 404, - { - user: secOnlySpacesAll, - space: 'space1', - } - ); - }); - - it('it deletes the correct configurations', async () => { - await createConfiguration( - supertestWithoutAuth, - { ...getConfigurationRequest(), owner: 'securitySolutionFixture' }, - 200, - superUserDefaultSpaceAuth - ); - - /** - * This API call should not delete the previously created configuration - * as it belongs to a different owner - */ - await createConfiguration( - supertestWithoutAuth, - { ...getConfigurationRequest(), owner: 'observabilityFixture' }, - 200, - superUserDefaultSpaceAuth - ); - - const configuration = await getConfiguration({ - supertest: supertestWithoutAuth, - query: { owner: ['securitySolutionFixture', 'observabilityFixture'] }, - auth: superUserDefaultSpaceAuth, - }); - - /** - * This ensures that both configuration are returned as expected - * and neither of has been deleted - */ - ensureSavedObjectIsAuthorized(configuration, 2, [ - 'securitySolutionFixture', - 'observabilityFixture', - ]); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/index.ts b/x-pack/test/case_api_integration/security_only/tests/common/index.ts deleted file mode 100644 index 7dd6dd4e22711b2..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/index.ts +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../../common/ftr_provider_context'; - -// eslint-disable-next-line import/no-default-export -export default ({ loadTestFile }: FtrProviderContext): void => { - describe('Common', function () { - loadTestFile(require.resolve('./comments/delete_comment')); - loadTestFile(require.resolve('./comments/find_comments')); - loadTestFile(require.resolve('./comments/get_comment')); - loadTestFile(require.resolve('./comments/get_all_comments')); - loadTestFile(require.resolve('./comments/patch_comment')); - loadTestFile(require.resolve('./comments/post_comment')); - loadTestFile(require.resolve('./alerts/get_cases')); - loadTestFile(require.resolve('./cases/delete_cases')); - loadTestFile(require.resolve('./cases/find_cases')); - loadTestFile(require.resolve('./cases/get_case')); - loadTestFile(require.resolve('./cases/patch_cases')); - loadTestFile(require.resolve('./cases/post_case')); - loadTestFile(require.resolve('./cases/reporters/get_reporters')); - loadTestFile(require.resolve('./cases/status/get_status')); - loadTestFile(require.resolve('./cases/tags/get_tags')); - loadTestFile(require.resolve('./user_actions/get_all_user_actions')); - loadTestFile(require.resolve('./configure/get_configure')); - loadTestFile(require.resolve('./configure/patch_configure')); - loadTestFile(require.resolve('./configure/post_configure')); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/common/user_actions/get_all_user_actions.ts b/x-pack/test/case_api_integration/security_only/tests/common/user_actions/get_all_user_actions.ts deleted file mode 100644 index bd36ce1b0d9d6ae..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/common/user_actions/get_all_user_actions.ts +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; - -import { CaseResponse, CaseStatuses } from '../../../../../../plugins/cases/common/api'; -import { getPostCaseRequest } from '../../../../common/lib/mock'; -import { - deleteAllCaseItems, - createCase, - updateCase, - getCaseUserActions, -} from '../../../../common/lib/utils'; -import { - globalRead, - noKibanaPrivileges, - obsSecSpacesAll, - obsSecReadSpacesAll, - secOnlySpacesAll, - secOnlyReadSpacesAll, - superUser, -} from '../../../../common/lib/authentication/users'; -import { superUserDefaultSpaceAuth } from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const es = getService('es'); - - describe('get_all_user_actions', () => { - afterEach(async () => { - await deleteAllCaseItems(es); - }); - - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - let caseInfo: CaseResponse; - beforeEach(async () => { - caseInfo = await createCase( - supertestWithoutAuth, - getPostCaseRequest(), - 200, - superUserDefaultSpaceAuth - ); - - await updateCase({ - supertest: supertestWithoutAuth, - params: { - cases: [ - { - id: caseInfo.id, - version: caseInfo.version, - status: CaseStatuses.closed, - }, - ], - }, - auth: superUserDefaultSpaceAuth, - }); - }); - - it('should get the user actions for a case when the user has the correct permissions', async () => { - for (const user of [ - globalRead, - superUser, - secOnlySpacesAll, - secOnlyReadSpacesAll, - obsSecSpacesAll, - obsSecReadSpacesAll, - ]) { - const userActions = await getCaseUserActions({ - supertest: supertestWithoutAuth, - caseID: caseInfo.id, - auth: { user, space: null }, - }); - - expect(userActions.length).to.eql(2); - } - }); - - it(`should 403 when requesting the user actions of a case with user ${ - noKibanaPrivileges.username - } with role(s) ${noKibanaPrivileges.roles.join()}`, async () => { - await getCaseUserActions({ - supertest: supertestWithoutAuth, - caseID: caseInfo.id, - auth: { user: noKibanaPrivileges, space: null }, - expectedHttpCode: 403, - }); - }); - - it('should return a 404 when attempting to access a space', async () => { - await getCaseUserActions({ - supertest: supertestWithoutAuth, - caseID: caseInfo.id, - auth: { user: secOnlySpacesAll, space: 'space1' }, - expectedHttpCode: 404, - }); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/trial/cases/push_case.ts b/x-pack/test/case_api_integration/security_only/tests/trial/cases/push_case.ts deleted file mode 100644 index 69d403ea15301e3..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/trial/cases/push_case.ts +++ /dev/null @@ -1,131 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import http from 'http'; - -import { FtrProviderContext } from '../../../../common/ftr_provider_context'; -import { ObjectRemover as ActionsRemover } from '../../../../../alerting_api_integration/common/lib'; - -import { getPostCaseRequest } from '../../../../common/lib/mock'; -import { - pushCase, - deleteAllCaseItems, - createCaseWithConnector, - getServiceNowSimulationServer, -} from '../../../../common/lib/utils'; -import { - globalRead, - noKibanaPrivileges, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - secOnlySpacesAll, - secOnlyReadSpacesAll, -} from '../../../../common/lib/authentication/users'; -import { secOnlyDefaultSpaceAuth } from '../../../utils'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext): void => { - const supertest = getService('supertest'); - const es = getService('es'); - - describe('push_case', () => { - const actionsRemover = new ActionsRemover(supertest); - let serviceNowSimulatorURL: string = ''; - let serviceNowServer: http.Server; - - before(async () => { - const { server, url } = await getServiceNowSimulationServer(); - serviceNowServer = server; - serviceNowSimulatorURL = url; - }); - - afterEach(async () => { - await deleteAllCaseItems(es); - await actionsRemover.removeAll(); - }); - - after(async () => { - serviceNowServer.close(); - }); - - const supertestWithoutAuth = getService('supertestWithoutAuth'); - - it('should push a case that the user has permissions for', async () => { - const { postedCase, connector } = await createCaseWithConnector({ - supertest, - serviceNowSimulatorURL, - actionsRemover, - }); - - await pushCase({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - connectorId: connector.id, - auth: secOnlyDefaultSpaceAuth, - }); - }); - - it('should not push a case that the user does not have permissions for', async () => { - const { postedCase, connector } = await createCaseWithConnector({ - supertest, - serviceNowSimulatorURL, - actionsRemover, - createCaseReq: getPostCaseRequest({ owner: 'observabilityFixture' }), - }); - - await pushCase({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - connectorId: connector.id, - auth: secOnlyDefaultSpaceAuth, - expectedHttpCode: 403, - }); - }); - - for (const user of [ - globalRead, - secOnlyReadSpacesAll, - obsOnlyReadSpacesAll, - obsSecReadSpacesAll, - noKibanaPrivileges, - ]) { - it(`User ${ - user.username - } with role(s) ${user.roles.join()} - should NOT push a case`, async () => { - const { postedCase, connector } = await createCaseWithConnector({ - supertest, - serviceNowSimulatorURL, - actionsRemover, - }); - - await pushCase({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - connectorId: connector.id, - auth: { user, space: null }, - expectedHttpCode: 403, - }); - }); - } - - it('should return a 404 when attempting to access a space', async () => { - const { postedCase, connector } = await createCaseWithConnector({ - supertest, - serviceNowSimulatorURL, - actionsRemover, - }); - - await pushCase({ - supertest: supertestWithoutAuth, - caseId: postedCase.id, - connectorId: connector.id, - auth: { user: secOnlySpacesAll, space: 'space1' }, - expectedHttpCode: 404, - }); - }); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/tests/trial/index.ts b/x-pack/test/case_api_integration/security_only/tests/trial/index.ts deleted file mode 100644 index 86a44459a58370a..000000000000000 --- a/x-pack/test/case_api_integration/security_only/tests/trial/index.ts +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { rolesDefaultSpace } from '../../../common/lib/authentication/roles'; -import { usersDefaultSpace } from '../../../common/lib/authentication/users'; -import { FtrProviderContext } from '../../../common/ftr_provider_context'; -import { createUsersAndRoles, deleteUsersAndRoles } from '../../../common/lib/authentication'; - -// eslint-disable-next-line import/no-default-export -export default ({ loadTestFile, getService }: FtrProviderContext): void => { - describe('cases security only enabled: trial', function () { - // Fastest ciGroup for the moment. - this.tags('ciGroup5'); - - before(async () => { - // since spaces are disabled this changes each role to have access to all available spaces (it'll just be the default one) - await createUsersAndRoles(getService, usersDefaultSpace, rolesDefaultSpace); - }); - - after(async () => { - await deleteUsersAndRoles(getService, usersDefaultSpace, rolesDefaultSpace); - }); - - // Trial - loadTestFile(require.resolve('./cases/push_case')); - - // Common - loadTestFile(require.resolve('../common')); - }); -}; diff --git a/x-pack/test/case_api_integration/security_only/utils.ts b/x-pack/test/case_api_integration/security_only/utils.ts deleted file mode 100644 index 7c5764c558bbe48..000000000000000 --- a/x-pack/test/case_api_integration/security_only/utils.ts +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { - obsOnlySpacesAll, - obsSecSpacesAll, - secOnlySpacesAll, -} from '../common/lib/authentication/users'; -import { getAuthWithSuperUser } from '../common/lib/utils'; - -export const secOnlyDefaultSpaceAuth = { user: secOnlySpacesAll, space: null }; -export const obsOnlyDefaultSpaceAuth = { user: obsOnlySpacesAll, space: null }; -export const obsSecDefaultSpaceAuth = { user: obsSecSpacesAll, space: null }; -export const superUserDefaultSpaceAuth = getAuthWithSuperUser(null); diff --git a/x-pack/test/rule_registry/common/lib/authentication/users.ts b/x-pack/test/rule_registry/common/lib/authentication/users.ts index e142b3d1f56a349..39f837c6df41d38 100644 --- a/x-pack/test/rule_registry/common/lib/authentication/users.ts +++ b/x-pack/test/rule_registry/common/lib/authentication/users.ts @@ -173,21 +173,6 @@ export const obsSecReadSpacesAll: User = { roles: [securitySolutionOnlyReadSpacesAll.name, observabilityOnlyReadSpacesAll.name], }; -/** - * These users are for the security_only tests because most of them have access to the default space instead of 'space1' - */ -export const usersDefaultSpace = [ - superUser, - secOnlySpacesAll, - secOnlyReadSpacesAll, - obsOnlySpacesAll, - obsOnlyReadSpacesAll, - obsSecSpacesAll, - obsSecReadSpacesAll, - globalRead, - noKibanaPrivileges, -]; - /** * Trial users with trial roles */ diff --git a/x-pack/test/saved_object_api_integration/security_and_spaces/apis/bulk_get.ts b/x-pack/test/saved_object_api_integration/security_and_spaces/apis/bulk_get.ts index 1ffbd239624d2d8..2c1fbf442b0ecb2 100644 --- a/x-pack/test/saved_object_api_integration/security_and_spaces/apis/bulk_get.ts +++ b/x-pack/test/saved_object_api_integration/security_and_spaces/apis/bulk_get.ts @@ -60,7 +60,7 @@ const createTestCases = (spaceId: string) => { { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_SPACE_1, namespaces: [SPACE_1_ID] }, // second try searches for it in a single other space, which is valid { ...CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, namespaces: [SPACE_2_ID], ...fail404() }, { ...CASES.MULTI_NAMESPACE_ALL_SPACES, namespaces: [SPACE_2_ID, 'x'] }, // unknown space is allowed / ignored - { ...CASES.MULTI_NAMESPACE_ALL_SPACES, namespaces: [ALL_SPACES_ID] }, // this is different than the same test case in the spaces_only and security_only suites, since MULTI_NAMESPACE_ONLY_SPACE_1 *may* return a 404 error to a partially authorized user + { ...CASES.MULTI_NAMESPACE_ALL_SPACES, namespaces: [ALL_SPACES_ID] }, // this is different than the same test case in the spaces_only suite, since MULTI_NAMESPACE_ONLY_SPACE_1 *may* return a 404 error to a partially authorized user ]; const hiddenType = [{ ...CASES.HIDDEN, ...fail400() }]; const allTypes = [...normalTypes, ...crossNamespace, ...hiddenType]; diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/bulk_create.ts b/x-pack/test/saved_object_api_integration/security_only/apis/bulk_create.ts deleted file mode 100644 index 4b3b2126dd8c2c8..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/bulk_create.ts +++ /dev/null @@ -1,114 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { SPACES, ALL_SPACES_ID } from '../../common/lib/spaces'; -import { testCaseFailures, getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - bulkCreateTestSuiteFactory, - TEST_CASES as CASES, - BulkCreateTestDefinition, -} from '../../common/suites/bulk_create'; - -const { - DEFAULT: { spaceId: DEFAULT_SPACE_ID }, -} = SPACES; -const { fail400, fail409 } = testCaseFailures; -const unresolvableConflict = () => ({ fail409Param: 'unresolvableConflict' }); - -const createTestCases = (overwrite: boolean) => { - // for each permitted (non-403) outcome, if failure !== undefined then we expect - // to receive an error; otherwise, we expect to receive a success result - const expectedNamespaces = [DEFAULT_SPACE_ID]; // newly created objects should have this `namespaces` array in their return value - const normalTypes = [ - { ...CASES.SINGLE_NAMESPACE_DEFAULT_SPACE, ...fail409(!overwrite) }, - { ...CASES.SINGLE_NAMESPACE_SPACE_1, expectedNamespaces }, - { ...CASES.SINGLE_NAMESPACE_SPACE_2, expectedNamespaces }, - { ...CASES.MULTI_NAMESPACE_ALL_SPACES, ...fail409(!overwrite) }, - { ...CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, ...fail409(!overwrite) }, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_1, ...fail409(), ...unresolvableConflict() }, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_2, ...fail409(), ...unresolvableConflict() }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_DEFAULT_SPACE, ...fail409(!overwrite) }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_SPACE_1, ...fail409(), ...unresolvableConflict() }, - { ...CASES.NAMESPACE_AGNOSTIC, ...fail409(!overwrite) }, - { ...CASES.NEW_SINGLE_NAMESPACE_OBJ, expectedNamespaces }, - { ...CASES.NEW_MULTI_NAMESPACE_OBJ, expectedNamespaces }, - CASES.NEW_NAMESPACE_AGNOSTIC_OBJ, - { - ...CASES.INITIAL_NS_SINGLE_NAMESPACE_OBJ_OTHER_SPACE, - initialNamespaces: ['x', 'y'], - ...fail400(), // cannot be created in multiple spaces - }, - CASES.INITIAL_NS_SINGLE_NAMESPACE_OBJ_OTHER_SPACE, // second try creates it in a single other space, which is valid - { - ...CASES.INITIAL_NS_MULTI_NAMESPACE_ISOLATED_OBJ_OTHER_SPACE, - initialNamespaces: [ALL_SPACES_ID], - ...fail400(), // cannot be created in multiple spaces - }, - CASES.INITIAL_NS_MULTI_NAMESPACE_ISOLATED_OBJ_OTHER_SPACE, // second try creates it in a single other space, which is valid - CASES.INITIAL_NS_MULTI_NAMESPACE_OBJ_EACH_SPACE, - CASES.INITIAL_NS_MULTI_NAMESPACE_OBJ_ALL_SPACES, - ]; - const hiddenType = [{ ...CASES.HIDDEN, ...fail400() }]; - const allTypes = normalTypes.concat(hiddenType); - return { normalTypes, hiddenType, allTypes }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - - const { addTests, createTestDefinitions, expectSavedObjectForbidden } = - bulkCreateTestSuiteFactory(esArchiver, supertest); - const createTests = (overwrite: boolean, user: TestUser) => { - const { normalTypes, hiddenType, allTypes } = createTestCases(overwrite); - // use singleRequest to reduce execution time and/or test combined cases - return { - unauthorized: createTestDefinitions(allTypes, true, overwrite, { user }), - authorized: [ - createTestDefinitions(normalTypes, false, overwrite, { user, singleRequest: true }), - createTestDefinitions(hiddenType, true, overwrite, { user }), - createTestDefinitions(allTypes, true, overwrite, { - user, - singleRequest: true, - responseBodyOverride: expectSavedObjectForbidden(['hiddentype']), - }), - ].flat(), - superuser: createTestDefinitions(allTypes, false, overwrite, { user, singleRequest: true }), - }; - }; - - describe('_bulk_create', () => { - getTestScenarios([false, true]).security.forEach(({ users, modifier: overwrite }) => { - const suffix = overwrite ? ' with overwrite enabled' : ''; - const _addTests = (user: TestUser, tests: BulkCreateTestDefinition[]) => { - addTests(`${user.description}${suffix}`, { user, tests }); - }; - - [ - users.noAccess, - users.legacyAll, - users.dualRead, - users.readGlobally, - users.allAtDefaultSpace, - users.readAtDefaultSpace, - users.allAtSpace1, - users.readAtSpace1, - ].forEach((user) => { - const { unauthorized } = createTests(overwrite!, user); - _addTests(user, unauthorized); - }); - [users.dualAll, users.allGlobally].forEach((user) => { - const { authorized } = createTests(overwrite!, user); - _addTests(user, authorized); - }); - const { superuser } = createTests(overwrite!, users.superuser); - _addTests(users.superuser, superuser); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/bulk_get.ts b/x-pack/test/saved_object_api_integration/security_only/apis/bulk_get.ts deleted file mode 100644 index 4aa722bfc6b07ce..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/bulk_get.ts +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { SPACES, ALL_SPACES_ID } from '../../common/lib/spaces'; -import { testCaseFailures, getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - bulkGetTestSuiteFactory, - TEST_CASES as CASES, - BulkGetTestDefinition, -} from '../../common/suites/bulk_get'; - -const { - SPACE_1: { spaceId: SPACE_1_ID }, - SPACE_2: { spaceId: SPACE_2_ID }, -} = SPACES; -const { fail400, fail404 } = testCaseFailures; - -const createTestCases = () => { - // for each permitted (non-403) outcome, if failure !== undefined then we expect - // to receive an error; otherwise, we expect to receive a success result - const normalTypes = [ - CASES.SINGLE_NAMESPACE_DEFAULT_SPACE, - { ...CASES.SINGLE_NAMESPACE_SPACE_1, ...fail404() }, - { ...CASES.SINGLE_NAMESPACE_SPACE_2, ...fail404() }, - CASES.MULTI_NAMESPACE_ALL_SPACES, - CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_1, ...fail404() }, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_2, ...fail404() }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_DEFAULT_SPACE }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_SPACE_1, ...fail404() }, - CASES.NAMESPACE_AGNOSTIC, - { ...CASES.DOES_NOT_EXIST, ...fail404() }, - { - ...CASES.SINGLE_NAMESPACE_SPACE_2, - namespaces: ['x', 'y'], - ...fail400(), // cannot be searched for in multiple spaces - }, - { ...CASES.SINGLE_NAMESPACE_SPACE_2, namespaces: [SPACE_2_ID] }, // second try searches for it in a single other space, which is valid - { - ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_SPACE_1, - namespaces: [ALL_SPACES_ID], - ...fail400(), // cannot be searched for in multiple spaces - }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_SPACE_1, namespaces: [SPACE_1_ID] }, // second try searches for it in a single other space, which is valid - { ...CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, namespaces: [SPACE_2_ID], ...fail404() }, - { ...CASES.MULTI_NAMESPACE_ALL_SPACES, namespaces: [SPACE_2_ID, 'x'] }, // unknown space is allowed / ignored - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_1, namespaces: [ALL_SPACES_ID] }, - ]; - const hiddenType = [{ ...CASES.HIDDEN, ...fail400() }]; - const allTypes = normalTypes.concat(hiddenType); - return { normalTypes, hiddenType, allTypes }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - - const { addTests, createTestDefinitions, expectSavedObjectForbidden } = bulkGetTestSuiteFactory( - esArchiver, - supertest - ); - const createTests = () => { - const { normalTypes, hiddenType, allTypes } = createTestCases(); - // use singleRequest to reduce execution time and/or test combined cases - return { - unauthorized: createTestDefinitions(allTypes, true), - authorized: [ - createTestDefinitions(normalTypes, false, { singleRequest: true }), - createTestDefinitions(hiddenType, true), - createTestDefinitions(allTypes, true, { - singleRequest: true, - responseBodyOverride: expectSavedObjectForbidden(['hiddentype']), - }), - ].flat(), - superuser: createTestDefinitions(allTypes, false, { singleRequest: true }), - }; - }; - - describe('_bulk_get', () => { - getTestScenarios().security.forEach(({ users }) => { - const { unauthorized, authorized, superuser } = createTests(); - const _addTests = (user: TestUser, tests: BulkGetTestDefinition[]) => { - addTests(user.description, { user, tests }); - }; - - [ - users.noAccess, - users.legacyAll, - users.allAtDefaultSpace, - users.readAtDefaultSpace, - users.allAtSpace1, - users.readAtSpace1, - ].forEach((user) => { - _addTests(user, unauthorized); - }); - [users.dualAll, users.dualRead, users.allGlobally, users.readGlobally].forEach((user) => { - _addTests(user, authorized); - }); - _addTests(users.superuser, superuser); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/bulk_resolve.ts b/x-pack/test/saved_object_api_integration/security_only/apis/bulk_resolve.ts deleted file mode 100644 index 6d91cf8eae67da6..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/bulk_resolve.ts +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { testCaseFailures, getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - bulkResolveTestSuiteFactory, - TEST_CASES as CASES, - BulkResolveTestDefinition, -} from '../../common/suites/bulk_resolve'; - -const { fail400, fail404 } = testCaseFailures; - -const createTestCases = () => { - // for each permitted (non-403) outcome, if failure !== undefined then we expect - // to receive an error; otherwise, we expect to receive a success result - const normalTypes = [ - { ...CASES.EXACT_MATCH }, - { ...CASES.ALIAS_MATCH, ...fail404() }, - { ...CASES.CONFLICT, expectedOutcome: 'exactMatch' as const }, - { ...CASES.DISABLED, ...fail404() }, - { ...CASES.DOES_NOT_EXIST, ...fail404() }, - ]; - const hiddenType = [{ ...CASES.HIDDEN, ...fail400() }]; - const allTypes = [...normalTypes, ...hiddenType]; - return { normalTypes, hiddenType, allTypes }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - - const { addTests, createTestDefinitions } = bulkResolveTestSuiteFactory(esArchiver, supertest); - const createTests = () => { - const { normalTypes, hiddenType, allTypes } = createTestCases(); - return { - unauthorized: createTestDefinitions(allTypes, true), - authorized: [ - createTestDefinitions(normalTypes, false, { singleRequest: true }), - createTestDefinitions(hiddenType, true), - ].flat(), - superuser: createTestDefinitions(allTypes, false, { singleRequest: true }), - }; - }; - - describe('_bulk_resolve', () => { - getTestScenarios().security.forEach(({ users }) => { - const { unauthorized, authorized, superuser } = createTests(); - const _addTests = (user: TestUser, tests: BulkResolveTestDefinition[]) => { - addTests(user.description, { user, tests }); - }; - - [ - users.noAccess, - users.legacyAll, - users.allAtDefaultSpace, - users.readAtDefaultSpace, - users.allAtSpace1, - users.readAtSpace1, - ].forEach((user) => { - _addTests(user, unauthorized); - }); - [users.dualAll, users.dualRead, users.allGlobally, users.readGlobally].forEach((user) => { - _addTests(user, authorized); - }); - _addTests(users.superuser, superuser); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/bulk_update.ts b/x-pack/test/saved_object_api_integration/security_only/apis/bulk_update.ts deleted file mode 100644 index 77567f296aa6dad..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/bulk_update.ts +++ /dev/null @@ -1,114 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { SPACES } from '../../common/lib/spaces'; -import { testCaseFailures, getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - bulkUpdateTestSuiteFactory, - TEST_CASES as CASES, - BulkUpdateTestDefinition, -} from '../../common/suites/bulk_update'; - -const { - DEFAULT: { spaceId: DEFAULT_SPACE_ID }, - SPACE_1: { spaceId: SPACE_1_ID }, - SPACE_2: { spaceId: SPACE_2_ID }, -} = SPACES; -const { fail404 } = testCaseFailures; - -const createTestCases = () => { - // for each permitted (non-403) outcome, if failure !== undefined then we expect - // to receive an error; otherwise, we expect to receive a success result - const normalTypes = [ - CASES.SINGLE_NAMESPACE_DEFAULT_SPACE, - { ...CASES.SINGLE_NAMESPACE_SPACE_1, ...fail404() }, - { ...CASES.SINGLE_NAMESPACE_SPACE_2, ...fail404() }, - CASES.MULTI_NAMESPACE_ALL_SPACES, - CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_1, ...fail404() }, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_2, ...fail404() }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_DEFAULT_SPACE }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_SPACE_1, ...fail404() }, - CASES.NAMESPACE_AGNOSTIC, - { ...CASES.DOES_NOT_EXIST, ...fail404() }, - ]; - const hiddenType = [{ ...CASES.HIDDEN, ...fail404() }]; - const allTypes = normalTypes.concat(hiddenType); - // an "object namespace" string can be specified for individual objects (to bulkUpdate across namespaces) - // even if the Spaces plugin is disabled, this should work, as `namespace` is handled by the Core API - const withObjectNamespaces = [ - { ...CASES.SINGLE_NAMESPACE_DEFAULT_SPACE, namespace: DEFAULT_SPACE_ID }, - { ...CASES.SINGLE_NAMESPACE_SPACE_1, namespace: SPACE_1_ID }, - { ...CASES.SINGLE_NAMESPACE_SPACE_2, namespace: SPACE_1_ID, ...fail404() }, // intentional 404 test case - { ...CASES.MULTI_NAMESPACE_ALL_SPACES, namespace: DEFAULT_SPACE_ID }, // any spaceId will work (not '*') - { ...CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, namespace: DEFAULT_SPACE_ID }, // SPACE_1_ID would also work - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_1, namespace: SPACE_2_ID, ...fail404() }, // intentional 404 test case - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_2, namespace: SPACE_2_ID }, - CASES.NAMESPACE_AGNOSTIC, // any namespace would work and would make no difference - { ...CASES.DOES_NOT_EXIST, ...fail404() }, - ]; - return { normalTypes, hiddenType, allTypes, withObjectNamespaces }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - - const { addTests, createTestDefinitions, expectSavedObjectForbidden } = - bulkUpdateTestSuiteFactory(esArchiver, supertest); - const createTests = () => { - const { normalTypes, hiddenType, allTypes, withObjectNamespaces } = createTestCases(); - // use singleRequest to reduce execution time and/or test combined cases - return { - unauthorized: [ - createTestDefinitions(allTypes, true), - createTestDefinitions(withObjectNamespaces, true, { singleRequest: true }), - ].flat(), - authorized: [ - createTestDefinitions(normalTypes, false, { singleRequest: true }), - createTestDefinitions(hiddenType, true), - createTestDefinitions(allTypes, true, { - singleRequest: true, - responseBodyOverride: expectSavedObjectForbidden(['hiddentype']), - }), - createTestDefinitions(withObjectNamespaces, false, { singleRequest: true }), - ].flat(), - superuser: [ - createTestDefinitions(allTypes, false, { singleRequest: true }), - createTestDefinitions(withObjectNamespaces, false, { singleRequest: true }), - ].flat(), - }; - }; - - describe('_bulk_update', () => { - getTestScenarios().security.forEach(({ users }) => { - const { unauthorized, authorized, superuser } = createTests(); - const _addTests = (user: TestUser, tests: BulkUpdateTestDefinition[]) => { - addTests(user.description, { user, tests }); - }; - - [ - users.noAccess, - users.legacyAll, - users.dualRead, - users.readGlobally, - users.allAtDefaultSpace, - users.readAtDefaultSpace, - users.allAtSpace1, - users.readAtSpace1, - ].forEach((user) => { - _addTests(user, unauthorized); - }); - [users.dualAll, users.allGlobally].forEach((user) => { - _addTests(user, authorized); - }); - _addTests(users.superuser, superuser); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/create.ts b/x-pack/test/saved_object_api_integration/security_only/apis/create.ts deleted file mode 100644 index 67195637f0c0ac7..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/create.ts +++ /dev/null @@ -1,106 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { SPACES, ALL_SPACES_ID } from '../../common/lib/spaces'; -import { testCaseFailures, getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - createTestSuiteFactory, - TEST_CASES as CASES, - CreateTestDefinition, -} from '../../common/suites/create'; - -const { - DEFAULT: { spaceId: DEFAULT_SPACE_ID }, -} = SPACES; -const { fail400, fail409 } = testCaseFailures; - -const createTestCases = (overwrite: boolean) => { - // for each permitted (non-403) outcome, if failure !== undefined then we expect - // to receive an error; otherwise, we expect to receive a success result - const expectedNamespaces = [DEFAULT_SPACE_ID]; // newly created objects should have this `namespaces` array in their return value - const normalTypes = [ - { ...CASES.SINGLE_NAMESPACE_DEFAULT_SPACE, ...fail409(!overwrite) }, - { ...CASES.SINGLE_NAMESPACE_SPACE_1, expectedNamespaces }, - { ...CASES.SINGLE_NAMESPACE_SPACE_2, expectedNamespaces }, - { ...CASES.MULTI_NAMESPACE_ALL_SPACES, ...fail409(!overwrite) }, - { ...CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, ...fail409(!overwrite) }, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_1, ...fail409() }, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_2, ...fail409() }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_DEFAULT_SPACE, ...fail409(!overwrite) }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_SPACE_1, ...fail409() }, - { ...CASES.NAMESPACE_AGNOSTIC, ...fail409(!overwrite) }, - { ...CASES.NEW_SINGLE_NAMESPACE_OBJ, expectedNamespaces }, - { ...CASES.NEW_MULTI_NAMESPACE_OBJ, expectedNamespaces }, - CASES.NEW_NAMESPACE_AGNOSTIC_OBJ, - { - ...CASES.INITIAL_NS_SINGLE_NAMESPACE_OBJ_OTHER_SPACE, - initialNamespaces: ['x', 'y'], - ...fail400(), // cannot be created in multiple spaces - }, - CASES.INITIAL_NS_SINGLE_NAMESPACE_OBJ_OTHER_SPACE, // second try creates it in a single other space, which is valid - { - ...CASES.INITIAL_NS_MULTI_NAMESPACE_ISOLATED_OBJ_OTHER_SPACE, - initialNamespaces: [ALL_SPACES_ID], - ...fail400(), // cannot be created in multiple spaces - }, - CASES.INITIAL_NS_MULTI_NAMESPACE_ISOLATED_OBJ_OTHER_SPACE, // second try creates it in a single other space, which is valid - CASES.INITIAL_NS_MULTI_NAMESPACE_OBJ_EACH_SPACE, - CASES.INITIAL_NS_MULTI_NAMESPACE_OBJ_ALL_SPACES, - ]; - const hiddenType = [{ ...CASES.HIDDEN, ...fail400() }]; - const allTypes = normalTypes.concat(hiddenType); - return { normalTypes, hiddenType, allTypes }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - - const { addTests, createTestDefinitions } = createTestSuiteFactory(esArchiver, supertest); - const createTests = (overwrite: boolean, user: TestUser) => { - const { normalTypes, hiddenType, allTypes } = createTestCases(overwrite); - return { - unauthorized: createTestDefinitions(allTypes, true, overwrite, { user }), - authorized: [ - createTestDefinitions(normalTypes, false, overwrite, { user }), - createTestDefinitions(hiddenType, true, overwrite, { user }), - ].flat(), - superuser: createTestDefinitions(allTypes, false, overwrite, { user }), - }; - }; - - describe('_create', () => { - getTestScenarios([false, true]).security.forEach(({ users, modifier: overwrite }) => { - const suffix = overwrite ? ' with overwrite enabled' : ''; - const _addTests = (user: TestUser, tests: CreateTestDefinition[]) => { - addTests(`${user.description}${suffix}`, { user, tests }); - }; - - [ - users.noAccess, - users.legacyAll, - users.dualRead, - users.readGlobally, - users.allAtDefaultSpace, - users.readAtDefaultSpace, - users.allAtSpace1, - users.readAtSpace1, - ].forEach((user) => { - const { unauthorized } = createTests(overwrite!, user); - _addTests(user, unauthorized); - }); - [users.dualAll, users.allGlobally].forEach((user) => { - const { authorized } = createTests(overwrite!, user); - _addTests(user, authorized); - }); - const { superuser } = createTests(overwrite!, users.superuser); - _addTests(users.superuser, superuser); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/delete.ts b/x-pack/test/saved_object_api_integration/security_only/apis/delete.ts deleted file mode 100644 index 7d9ec0b152174f6..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/delete.ts +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { testCaseFailures, getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - deleteTestSuiteFactory, - TEST_CASES as CASES, - DeleteTestDefinition, -} from '../../common/suites/delete'; - -const { fail400, fail404 } = testCaseFailures; - -const createTestCases = () => { - // for each permitted (non-403) outcome, if failure !== undefined then we expect - // to receive an error; otherwise, we expect to receive a success result - const normalTypes = [ - CASES.SINGLE_NAMESPACE_DEFAULT_SPACE, - { ...CASES.SINGLE_NAMESPACE_SPACE_1, ...fail404() }, - { ...CASES.SINGLE_NAMESPACE_SPACE_2, ...fail404() }, - { ...CASES.MULTI_NAMESPACE_ALL_SPACES, ...fail400() }, - // try to delete this object again, this time using the `force` option - { ...CASES.MULTI_NAMESPACE_ALL_SPACES, force: true }, - { ...CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, ...fail400() }, - // try to delete this object again, this time using the `force` option - { ...CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, force: true }, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_1, ...fail404() }, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_2, ...fail404() }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_DEFAULT_SPACE }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_SPACE_1, ...fail404() }, - CASES.NAMESPACE_AGNOSTIC, - { ...CASES.DOES_NOT_EXIST, ...fail404() }, - ]; - const hiddenType = [{ ...CASES.HIDDEN, ...fail404() }]; - const allTypes = normalTypes.concat(hiddenType); - return { normalTypes, hiddenType, allTypes }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - - const { addTests, createTestDefinitions } = deleteTestSuiteFactory(esArchiver, supertest); - const createTests = () => { - const { normalTypes, hiddenType, allTypes } = createTestCases(); - return { - unauthorized: createTestDefinitions(allTypes, true), - authorized: [ - createTestDefinitions(normalTypes, false), - createTestDefinitions(hiddenType, true), - ].flat(), - superuser: createTestDefinitions(allTypes, false), - }; - }; - - describe('_delete', () => { - getTestScenarios().security.forEach(({ users }) => { - const { unauthorized, authorized, superuser } = createTests(); - const _addTests = (user: TestUser, tests: DeleteTestDefinition[]) => { - addTests(user.description, { user, tests }); - }; - - [ - users.noAccess, - users.legacyAll, - users.dualRead, - users.readGlobally, - users.allAtDefaultSpace, - users.readAtDefaultSpace, - users.allAtSpace1, - users.readAtSpace1, - ].forEach((user) => { - _addTests(user, unauthorized); - }); - [users.dualAll, users.allGlobally].forEach((user) => { - _addTests(user, authorized); - }); - _addTests(users.superuser, superuser); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/export.ts b/x-pack/test/saved_object_api_integration/security_only/apis/export.ts deleted file mode 100644 index 2cba94967e5de85..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/export.ts +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - exportTestSuiteFactory, - getTestCases, - ExportTestDefinition, -} from '../../common/suites/export'; - -const createTestCases = () => { - const cases = getTestCases(); - const exportableObjects = [ - cases.singleNamespaceObject, - cases.multiNamespaceObject, - cases.multiNamespaceIsolatedObject, - cases.namespaceAgnosticObject, - ]; - const exportableTypes = [ - cases.singleNamespaceType, - cases.multiNamespaceType, - cases.multiNamespaceIsolatedType, - cases.namespaceAgnosticType, - ]; - const nonExportableObjectsAndTypes = [cases.hiddenObject, cases.hiddenType]; - const allObjectsAndTypes = [ - exportableObjects, - exportableTypes, - nonExportableObjectsAndTypes, - ].flat(); - return { exportableObjects, exportableTypes, nonExportableObjectsAndTypes, allObjectsAndTypes }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - - const { addTests, createTestDefinitions } = exportTestSuiteFactory(esArchiver, supertest); - const createTests = () => { - const { exportableObjects, exportableTypes, nonExportableObjectsAndTypes, allObjectsAndTypes } = - createTestCases(); - return { - unauthorized: [ - createTestDefinitions(exportableObjects, { statusCode: 403, reason: 'unauthorized' }), - createTestDefinitions(exportableTypes, { statusCode: 403, reason: 'unauthorized' }), // failure with empty result - createTestDefinitions(nonExportableObjectsAndTypes, false), - ].flat(), - authorized: createTestDefinitions(allObjectsAndTypes, false), - }; - }; - - describe('_export', () => { - getTestScenarios().security.forEach(({ users }) => { - const { unauthorized, authorized } = createTests(); - const _addTests = (user: TestUser, tests: ExportTestDefinition[]) => { - addTests(user.description, { user, tests }); - }; - - [ - users.noAccess, - users.legacyAll, - users.allAtDefaultSpace, - users.readAtDefaultSpace, - users.allAtSpace1, - users.readAtSpace1, - ].forEach((user) => { - _addTests(user, unauthorized); - }); - [ - users.dualAll, - users.dualRead, - users.allGlobally, - users.readGlobally, - users.superuser, - ].forEach((user) => { - _addTests(user, authorized); - }); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/find.ts b/x-pack/test/saved_object_api_integration/security_only/apis/find.ts deleted file mode 100644 index eb30024015fbb22..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/find.ts +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { SPACES } from '../../common/lib/spaces'; -import { AUTHENTICATION } from '../../common/lib/authentication'; -import { getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { findTestSuiteFactory, getTestCases } from '../../common/suites/find'; - -const { - DEFAULT: { spaceId: DEFAULT_SPACE_ID }, - SPACE_1: { spaceId: SPACE_1_ID }, - SPACE_2: { spaceId: SPACE_2_ID }, -} = SPACES; - -const createTestCases = (crossSpaceSearch?: string[]) => { - const cases = getTestCases({ crossSpaceSearch }); - - const normalTypes = [ - cases.singleNamespaceType, - cases.multiNamespaceType, - cases.multiNamespaceIsolatedType, - cases.namespaceAgnosticType, - cases.eachType, - cases.pageBeyondTotal, - cases.unknownSearchField, - cases.filterWithNamespaceAgnosticType, - cases.filterWithDisallowedType, - ]; - const hiddenAndUnknownTypes = [ - cases.hiddenType, - cases.unknownType, - cases.filterWithHiddenType, - cases.filterWithUnknownType, - ]; - const allTypes = normalTypes.concat(hiddenAndUnknownTypes); - return { normalTypes, hiddenAndUnknownTypes, allTypes }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - - const { addTests, createTestDefinitions } = findTestSuiteFactory(esArchiver, supertest); - const createTests = (user: TestUser) => { - const defaultCases = createTestCases(); - const crossSpaceCases = createTestCases([DEFAULT_SPACE_ID, SPACE_1_ID, SPACE_2_ID]); - - if (user.username === AUTHENTICATION.SUPERUSER.username) { - return { - defaultCases: createTestDefinitions(defaultCases.allTypes, false, { user }), - crossSpace: createTestDefinitions( - crossSpaceCases.allTypes, - { statusCode: 400, reason: 'cross_namespace_not_permitted' }, - { user } - ), - }; - } - - const isAuthorizedGlobally = user.authorizedAtSpaces.includes('*'); - - return { - defaultCases: isAuthorizedGlobally - ? [ - createTestDefinitions(defaultCases.normalTypes, false, { user }), - createTestDefinitions(defaultCases.hiddenAndUnknownTypes, { - statusCode: 200, - reason: 'unauthorized', - }), - ].flat() - : createTestDefinitions(defaultCases.allTypes, { statusCode: 200, reason: 'unauthorized' }), - crossSpace: createTestDefinitions( - crossSpaceCases.allTypes, - { statusCode: 400, reason: 'cross_namespace_not_permitted' }, - { user } - ), - }; - }; - - describe('_find', () => { - getTestScenarios().security.forEach(({ users }) => { - Object.values(users).forEach((user) => { - const { defaultCases, crossSpace } = createTests(user); - addTests(`${user.description}`, { user, tests: [...defaultCases, ...crossSpace] }); - }); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/get.ts b/x-pack/test/saved_object_api_integration/security_only/apis/get.ts deleted file mode 100644 index 9910900c2f51bcb..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/get.ts +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { testCaseFailures, getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - getTestSuiteFactory, - TEST_CASES as CASES, - GetTestDefinition, -} from '../../common/suites/get'; - -const { fail404 } = testCaseFailures; - -const createTestCases = () => { - // for each permitted (non-403) outcome, if failure !== undefined then we expect - // to receive an error; otherwise, we expect to receive a success result - const normalTypes = [ - CASES.SINGLE_NAMESPACE_DEFAULT_SPACE, - { ...CASES.SINGLE_NAMESPACE_SPACE_1, ...fail404() }, - { ...CASES.SINGLE_NAMESPACE_SPACE_2, ...fail404() }, - CASES.MULTI_NAMESPACE_ALL_SPACES, - CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_1, ...fail404() }, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_2, ...fail404() }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_DEFAULT_SPACE }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_SPACE_1, ...fail404() }, - CASES.NAMESPACE_AGNOSTIC, - { ...CASES.DOES_NOT_EXIST, ...fail404() }, - ]; - const hiddenType = [{ ...CASES.HIDDEN, ...fail404() }]; - const allTypes = normalTypes.concat(hiddenType); - return { normalTypes, hiddenType, allTypes }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - - const { addTests, createTestDefinitions } = getTestSuiteFactory(esArchiver, supertest); - const createTests = () => { - const { normalTypes, hiddenType, allTypes } = createTestCases(); - return { - unauthorized: createTestDefinitions(allTypes, true), - authorized: [ - createTestDefinitions(normalTypes, false), - createTestDefinitions(hiddenType, true), - ].flat(), - superuser: createTestDefinitions(allTypes, false), - }; - }; - - describe('_get', () => { - getTestScenarios().security.forEach(({ users }) => { - const { unauthorized, authorized, superuser } = createTests(); - const _addTests = (user: TestUser, tests: GetTestDefinition[]) => { - addTests(user.description, { user, tests }); - }; - - [ - users.noAccess, - users.legacyAll, - users.allAtDefaultSpace, - users.readAtDefaultSpace, - users.allAtSpace1, - users.readAtSpace1, - ].forEach((user) => { - _addTests(user, unauthorized); - }); - [users.dualAll, users.dualRead, users.allGlobally, users.readGlobally].forEach((user) => { - _addTests(user, authorized); - }); - _addTests(users.superuser, superuser); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/import.ts b/x-pack/test/saved_object_api_integration/security_only/apis/import.ts deleted file mode 100644 index 6f0d48fbf1b52f7..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/import.ts +++ /dev/null @@ -1,178 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { testCaseFailures, getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - importTestSuiteFactory, - TEST_CASES as CASES, - ImportTestDefinition, -} from '../../common/suites/import'; - -const { fail400, fail409 } = testCaseFailures; -const destinationId = (condition?: boolean) => - condition !== false ? { successParam: 'destinationId' } : {}; -const newCopy = () => ({ successParam: 'createNewCopy' }); -const ambiguousConflict = (suffix: string) => ({ - failure: 409 as 409, - fail409Param: `ambiguous_conflict_${suffix}`, -}); - -const createNewCopiesTestCases = () => { - // for each outcome, if failure !== undefined then we expect to receive - // an error; otherwise, we expect to receive a success result - const cases = Object.entries(CASES).filter(([key]) => key !== 'HIDDEN'); - const importable = cases.map(([, val]) => ({ ...val, successParam: 'createNewCopies' })); - const nonImportable = [{ ...CASES.HIDDEN, ...fail400() }]; - const all = [...importable, ...nonImportable]; - return { importable, nonImportable, all }; -}; - -const createTestCases = (overwrite: boolean) => { - // for each permitted (non-403) outcome, if failure !== undefined then we expect - // to receive an error; otherwise, we expect to receive a success result - const group1Importable = [ - // when overwrite=true, all of the objects in this group are created successfully, so we can check the created object attributes - { ...CASES.SINGLE_NAMESPACE_DEFAULT_SPACE, ...fail409(!overwrite) }, - CASES.SINGLE_NAMESPACE_SPACE_1, - CASES.SINGLE_NAMESPACE_SPACE_2, - { ...CASES.NAMESPACE_AGNOSTIC, ...fail409(!overwrite) }, - CASES.NEW_SINGLE_NAMESPACE_OBJ, - CASES.NEW_NAMESPACE_AGNOSTIC_OBJ, - ]; - const group1NonImportable = [{ ...CASES.HIDDEN, ...fail400() }]; - const group1All = group1Importable.concat(group1NonImportable); - const group2 = [ - // when overwrite=true, all of the objects in this group are created successfully, so we can check the created object attributes - CASES.NEW_MULTI_NAMESPACE_OBJ, - { ...CASES.MULTI_NAMESPACE_ALL_SPACES, ...fail409(!overwrite) }, - { ...CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, ...fail409(!overwrite) }, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_1, ...destinationId() }, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_2, ...destinationId() }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_DEFAULT_SPACE, ...fail409(!overwrite) }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_SPACE_1, ...destinationId() }, - { ...CASES.CONFLICT_1A_OBJ, ...newCopy() }, // "ambiguous source" conflict which results in a new destination ID and empty origin ID - { ...CASES.CONFLICT_1B_OBJ, ...newCopy() }, // "ambiguous source" conflict which results in a new destination ID and empty origin ID - { ...CASES.CONFLICT_3A_OBJ, ...fail409(!overwrite), ...destinationId() }, // "inexact match" conflict - { ...CASES.CONFLICT_4_OBJ, ...fail409(!overwrite), ...destinationId() }, // "inexact match" conflict - ]; - const group3 = [ - // when overwrite=true, all of the objects in this group are errors, so we cannot check the created object attributes - // grouping errors together simplifies the test suite code - { ...CASES.CONFLICT_2C_OBJ, ...ambiguousConflict('2c') }, // "ambiguous destination" conflict - ]; - const group4 = [ - // when overwrite=true, all of the objects in this group are created successfully, so we can check the created object attributes - { ...CASES.CONFLICT_1_OBJ, ...fail409(!overwrite) }, // "exact match" conflict - CASES.CONFLICT_1A_OBJ, // no conflict because CONFLICT_1_OBJ is an exact match - CASES.CONFLICT_1B_OBJ, // no conflict because CONFLICT_1_OBJ is an exact match - { ...CASES.CONFLICT_2C_OBJ, ...newCopy() }, // "ambiguous source and destination" conflict which results in a new destination ID and empty origin ID - { ...CASES.CONFLICT_2D_OBJ, ...newCopy() }, // "ambiguous source and destination" conflict which results in a new destination ID and empty origin ID - ]; - return { group1Importable, group1NonImportable, group1All, group2, group3, group4 }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - const es = getService('es'); - - const { addTests, createTestDefinitions, expectSavedObjectForbidden } = importTestSuiteFactory( - es, - esArchiver, - supertest - ); - const createTests = (overwrite: boolean, createNewCopies: boolean) => { - // use singleRequest to reduce execution time and/or test combined cases - const singleRequest = true; - - if (createNewCopies) { - const { importable, nonImportable, all } = createNewCopiesTestCases(); - return { - unauthorized: [ - createTestDefinitions(importable, true, { createNewCopies }), - createTestDefinitions(nonImportable, false, { createNewCopies, singleRequest }), - createTestDefinitions(all, true, { - createNewCopies, - singleRequest, - responseBodyOverride: expectSavedObjectForbidden([ - 'dashboard', - 'globaltype', - 'isolatedtype', - 'sharedtype', - 'sharecapabletype', - ]), - }), - ].flat(), - authorized: createTestDefinitions(all, false, { createNewCopies, singleRequest }), - }; - } - - const { group1Importable, group1NonImportable, group1All, group2, group3, group4 } = - createTestCases(overwrite); - return { - unauthorized: [ - createTestDefinitions(group1Importable, true, { overwrite }), - createTestDefinitions(group1NonImportable, false, { overwrite, singleRequest }), - createTestDefinitions(group1All, true, { - overwrite, - singleRequest, - responseBodyOverride: expectSavedObjectForbidden([ - 'dashboard', - 'globaltype', - 'isolatedtype', - ]), - }), - createTestDefinitions(group2, true, { overwrite, singleRequest }), - createTestDefinitions(group3, true, { overwrite, singleRequest }), - createTestDefinitions(group4, true, { overwrite, singleRequest }), - ].flat(), - authorized: [ - createTestDefinitions(group1All, false, { overwrite, singleRequest }), - createTestDefinitions(group2, false, { overwrite, singleRequest }), - createTestDefinitions(group3, false, { overwrite, singleRequest }), - createTestDefinitions(group4, false, { overwrite, singleRequest }), - ].flat(), - }; - }; - - describe('_import', () => { - getTestScenarios([ - [false, false], - [false, true], - [true, false], - ]).security.forEach(({ users, modifier }) => { - const [overwrite, createNewCopies] = modifier!; - const suffix = overwrite - ? ' with overwrite enabled' - : createNewCopies - ? ' with createNewCopies enabled' - : ''; - const { unauthorized, authorized } = createTests(overwrite, createNewCopies); - const _addTests = (user: TestUser, tests: ImportTestDefinition[]) => { - addTests(`${user.description}${suffix}`, { user, tests }); - }; - - [ - users.noAccess, - users.legacyAll, - users.dualRead, - users.readGlobally, - users.allAtDefaultSpace, - users.readAtDefaultSpace, - users.allAtSpace1, - users.readAtSpace1, - ].forEach((user) => { - _addTests(user, unauthorized); - }); - [users.dualAll, users.allGlobally, users.superuser].forEach((user) => { - _addTests(user, authorized); - }); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/index.ts b/x-pack/test/saved_object_api_integration/security_only/apis/index.ts deleted file mode 100644 index 35fd8c6e0b3d928..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/index.ts +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { createUsersAndRoles } from '../../common/lib/create_users_and_roles'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; - -export default function ({ getService, loadTestFile }: FtrProviderContext) { - const es = getService('es'); - const supertest = getService('supertest'); - - describe('saved objects security only enabled', function () { - this.tags('ciGroup9'); - - before(async () => { - await createUsersAndRoles(es, supertest); - }); - - loadTestFile(require.resolve('./bulk_create')); - loadTestFile(require.resolve('./bulk_get')); - loadTestFile(require.resolve('./bulk_resolve')); - loadTestFile(require.resolve('./bulk_update')); - loadTestFile(require.resolve('./create')); - loadTestFile(require.resolve('./delete')); - loadTestFile(require.resolve('./export')); - loadTestFile(require.resolve('./find')); - loadTestFile(require.resolve('./get')); - loadTestFile(require.resolve('./import')); - loadTestFile(require.resolve('./resolve_import_errors')); - loadTestFile(require.resolve('./resolve')); - loadTestFile(require.resolve('./update')); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/resolve.ts b/x-pack/test/saved_object_api_integration/security_only/apis/resolve.ts deleted file mode 100644 index fc4148a88c97910..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/resolve.ts +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { testCaseFailures, getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - resolveTestSuiteFactory, - TEST_CASES as CASES, - ResolveTestDefinition, -} from '../../common/suites/resolve'; - -const { fail400, fail404 } = testCaseFailures; - -const createTestCases = () => { - // for each permitted (non-403) outcome, if failure !== undefined then we expect - // to receive an error; otherwise, we expect to receive a success result - const normalTypes = [ - { ...CASES.EXACT_MATCH }, - { ...CASES.ALIAS_MATCH, ...fail404() }, - { ...CASES.CONFLICT, expectedOutcome: 'exactMatch' as const }, - { ...CASES.DISABLED, ...fail404() }, - { ...CASES.DOES_NOT_EXIST, ...fail404() }, - ]; - const hiddenType = [{ ...CASES.HIDDEN, ...fail400() }]; - const allTypes = [...normalTypes, ...hiddenType]; - return { normalTypes, hiddenType, allTypes }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - - const { addTests, createTestDefinitions } = resolveTestSuiteFactory(esArchiver, supertest); - const createTests = () => { - const { normalTypes, hiddenType, allTypes } = createTestCases(); - return { - unauthorized: createTestDefinitions(allTypes, true), - authorized: [ - createTestDefinitions(normalTypes, false), - createTestDefinitions(hiddenType, true), - ].flat(), - superuser: createTestDefinitions(allTypes, false), - }; - }; - - describe('_resolve', () => { - getTestScenarios().security.forEach(({ users }) => { - const { unauthorized, authorized, superuser } = createTests(); - const _addTests = (user: TestUser, tests: ResolveTestDefinition[]) => { - addTests(user.description, { user, tests }); - }; - - [ - users.noAccess, - users.legacyAll, - users.allAtDefaultSpace, - users.readAtDefaultSpace, - users.allAtSpace1, - users.readAtSpace1, - ].forEach((user) => { - _addTests(user, unauthorized); - }); - [users.dualAll, users.dualRead, users.allGlobally, users.readGlobally].forEach((user) => { - _addTests(user, authorized); - }); - _addTests(users.superuser, superuser); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/resolve_import_errors.ts b/x-pack/test/saved_object_api_integration/security_only/apis/resolve_import_errors.ts deleted file mode 100644 index b524e3121322129..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/resolve_import_errors.ts +++ /dev/null @@ -1,147 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { v4 as uuidv4 } from 'uuid'; -import { testCaseFailures, getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - resolveImportErrorsTestSuiteFactory, - TEST_CASES as CASES, - ResolveImportErrorsTestDefinition, -} from '../../common/suites/resolve_import_errors'; - -const { fail400, fail409 } = testCaseFailures; -const destinationId = (condition?: boolean) => - condition !== false ? { successParam: 'destinationId' } : {}; -const newCopy = () => ({ successParam: 'createNewCopy' }); - -const createNewCopiesTestCases = () => { - // for each outcome, if failure !== undefined then we expect to receive - // an error; otherwise, we expect to receive a success result - const cases = Object.entries(CASES).filter(([key]) => key !== 'HIDDEN'); - const importable = cases.map(([, val]) => ({ - ...val, - successParam: 'createNewCopies', - expectedNewId: uuidv4(), - })); - const nonImportable = [{ ...CASES.HIDDEN, ...fail400() }]; - const all = [...importable, ...nonImportable]; - return { importable, nonImportable, all }; -}; - -const createTestCases = (overwrite: boolean) => { - // for each permitted (non-403) outcome, if failure !== undefined then we expect - // to receive an error; otherwise, we expect to receive a success result - const group1Importable = [ - { ...CASES.SINGLE_NAMESPACE_DEFAULT_SPACE, ...fail409(!overwrite) }, - { ...CASES.NAMESPACE_AGNOSTIC, ...fail409(!overwrite) }, - ]; - const group1NonImportable = [{ ...CASES.HIDDEN, ...fail400() }]; - const group1All = [...group1Importable, ...group1NonImportable]; - const group2 = [ - { ...CASES.MULTI_NAMESPACE_ALL_SPACES, ...fail409(!overwrite) }, - { ...CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, ...fail409(!overwrite) }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_DEFAULT_SPACE, ...fail409(!overwrite) }, - { ...CASES.CONFLICT_1A_OBJ, ...newCopy() }, // "ambiguous source" conflict which results in a new destination ID and empty origin ID - { ...CASES.CONFLICT_1B_OBJ, ...newCopy() }, // "ambiguous source" conflict which results in a new destination ID and empty origin ID - // all of the cases below represent imports that had an inexact match conflict or an ambiguous conflict - // if we call _resolve_import_errors and don't specify overwrite, each of these will result in a conflict because an object with that - // `expectedDestinationId` already exists - { ...CASES.CONFLICT_2C_OBJ, ...fail409(!overwrite), ...destinationId() }, // "ambiguous destination" conflict; if overwrite=true, will overwrite 'conflict_2a' - { ...CASES.CONFLICT_3A_OBJ, ...fail409(!overwrite), ...destinationId() }, // "inexact match" conflict; if overwrite=true, will overwrite 'conflict_3' - { ...CASES.CONFLICT_4_OBJ, ...fail409(!overwrite), ...destinationId() }, // "inexact match" conflict; if overwrite=true, will overwrite 'conflict_4a' - ]; - return { group1Importable, group1NonImportable, group1All, group2 }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - const es = getService('es'); - - const { addTests, createTestDefinitions, expectSavedObjectForbidden } = - resolveImportErrorsTestSuiteFactory(es, esArchiver, supertest); - const createTests = (overwrite: boolean, createNewCopies: boolean) => { - // use singleRequest to reduce execution time and/or test combined cases - const singleRequest = true; - - if (createNewCopies) { - const { importable, nonImportable, all } = createNewCopiesTestCases(); - return { - unauthorized: [ - createTestDefinitions(importable, true, { createNewCopies }), - createTestDefinitions(nonImportable, false, { createNewCopies, singleRequest }), - createTestDefinitions(all, true, { - createNewCopies, - singleRequest, - responseBodyOverride: expectSavedObjectForbidden([ - 'globaltype', - 'isolatedtype', - 'sharedtype', - 'sharecapabletype', - ]), - }), - ].flat(), - authorized: createTestDefinitions(all, false, { createNewCopies, singleRequest }), - }; - } - - const { group1Importable, group1NonImportable, group1All, group2 } = createTestCases(overwrite); - return { - unauthorized: [ - createTestDefinitions(group1Importable, true, { overwrite }), - createTestDefinitions(group1NonImportable, false, { overwrite, singleRequest }), - createTestDefinitions(group1All, true, { - overwrite, - singleRequest, - responseBodyOverride: expectSavedObjectForbidden(['globaltype', 'isolatedtype']), - }), - createTestDefinitions(group2, true, { overwrite, singleRequest }), - ].flat(), - authorized: [ - createTestDefinitions(group1All, false, { overwrite, singleRequest }), - createTestDefinitions(group2, false, { overwrite, singleRequest }), - ].flat(), - }; - }; - - describe('_resolve_import_errors', () => { - getTestScenarios([ - [false, false], - [false, true], - [true, false], - ]).security.forEach(({ users, modifier }) => { - const [overwrite, createNewCopies] = modifier!; - const suffix = overwrite - ? ' with overwrite enabled' - : createNewCopies - ? ' with createNewCopies enabled' - : ''; - const { unauthorized, authorized } = createTests(overwrite, createNewCopies); - const _addTests = (user: TestUser, tests: ResolveImportErrorsTestDefinition[]) => { - addTests(`${user.description}${suffix}`, { user, tests }); - }; - - [ - users.noAccess, - users.legacyAll, - users.dualRead, - users.readGlobally, - users.allAtDefaultSpace, - users.readAtDefaultSpace, - users.allAtSpace1, - users.readAtSpace1, - ].forEach((user) => { - _addTests(user, unauthorized); - }); - [users.dualAll, users.allGlobally, users.superuser].forEach((user) => { - _addTests(user, authorized); - }); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/update.ts b/x-pack/test/saved_object_api_integration/security_only/apis/update.ts deleted file mode 100644 index c0ec36fcf75c4d2..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/apis/update.ts +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { testCaseFailures, getTestScenarios } from '../../common/lib/saved_object_test_utils'; -import { TestUser } from '../../common/lib/types'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - updateTestSuiteFactory, - TEST_CASES as CASES, - UpdateTestDefinition, -} from '../../common/suites/update'; - -const { fail404 } = testCaseFailures; - -const createTestCases = () => { - // for each permitted (non-403) outcome, if failure !== undefined then we expect - // to receive an error; otherwise, we expect to receive a success result - const normalTypes = [ - CASES.SINGLE_NAMESPACE_DEFAULT_SPACE, - { ...CASES.SINGLE_NAMESPACE_SPACE_1, ...fail404() }, - { ...CASES.SINGLE_NAMESPACE_SPACE_2, ...fail404() }, - CASES.MULTI_NAMESPACE_ALL_SPACES, - CASES.MULTI_NAMESPACE_DEFAULT_AND_SPACE_1, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_1, ...fail404() }, - { ...CASES.MULTI_NAMESPACE_ONLY_SPACE_2, ...fail404() }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_DEFAULT_SPACE }, - { ...CASES.MULTI_NAMESPACE_ISOLATED_ONLY_SPACE_1, ...fail404() }, - CASES.NAMESPACE_AGNOSTIC, - { ...CASES.DOES_NOT_EXIST, ...fail404() }, - ]; - const hiddenType = [{ ...CASES.HIDDEN, ...fail404() }]; - const allTypes = normalTypes.concat(hiddenType); - return { normalTypes, hiddenType, allTypes }; -}; - -export default function ({ getService }: FtrProviderContext) { - const supertest = getService('supertestWithoutAuth'); - const esArchiver = getService('esArchiver'); - - const { addTests, createTestDefinitions } = updateTestSuiteFactory(esArchiver, supertest); - const createTests = () => { - const { normalTypes, hiddenType, allTypes } = createTestCases(); - return { - unauthorized: createTestDefinitions(allTypes, true), - authorized: [ - createTestDefinitions(normalTypes, false), - createTestDefinitions(hiddenType, true), - ].flat(), - superuser: createTestDefinitions(allTypes, false), - }; - }; - - describe('_update', () => { - getTestScenarios().security.forEach(({ users }) => { - const { unauthorized, authorized, superuser } = createTests(); - const _addTests = (user: TestUser, tests: UpdateTestDefinition[]) => { - addTests(user.description, { user, tests }); - }; - - [ - users.noAccess, - users.legacyAll, - users.dualRead, - users.readGlobally, - users.allAtDefaultSpace, - users.readAtDefaultSpace, - users.allAtSpace1, - users.readAtSpace1, - ].forEach((user) => { - _addTests(user, unauthorized); - }); - [users.dualAll, users.allGlobally].forEach((user) => { - _addTests(user, authorized); - }); - _addTests(users.superuser, superuser); - }); - }); -} diff --git a/x-pack/test/saved_object_api_integration/security_only/config_basic.ts b/x-pack/test/saved_object_api_integration/security_only/config_basic.ts deleted file mode 100644 index 5c26b8be16dd0d6..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/config_basic.ts +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { createTestConfig } from '../common/config'; - -// eslint-disable-next-line import/no-default-export -export default createTestConfig('security_only', { disabledPlugins: ['spaces'], license: 'basic' }); diff --git a/x-pack/test/saved_object_api_integration/security_only/config_trial.ts b/x-pack/test/saved_object_api_integration/security_only/config_trial.ts deleted file mode 100644 index fa5a7f67fe819e5..000000000000000 --- a/x-pack/test/saved_object_api_integration/security_only/config_trial.ts +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { createTestConfig } from '../common/config'; - -// eslint-disable-next-line import/no-default-export -export default createTestConfig('security_only', { disabledPlugins: ['spaces'], license: 'trial' }); diff --git a/x-pack/test/timeline/security_only/config_basic.ts b/x-pack/test/timeline/security_only/config_basic.ts deleted file mode 100644 index 470b9097755f6ab..000000000000000 --- a/x-pack/test/timeline/security_only/config_basic.ts +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { createTestConfig } from '../common/config'; - -// eslint-disable-next-line import/no-default-export -export default createTestConfig('security_only', { - license: 'basic', - disabledPlugins: ['spaces'], - ssl: false, - testFiles: [require.resolve('./tests/basic')], -}); diff --git a/x-pack/test/timeline/security_only/config_trial.ts b/x-pack/test/timeline/security_only/config_trial.ts deleted file mode 100644 index 8ca7dc950b78b84..000000000000000 --- a/x-pack/test/timeline/security_only/config_trial.ts +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { createTestConfig } from '../common/config'; - -// eslint-disable-next-line import/no-default-export -export default createTestConfig('security_only', { - license: 'trial', - disabledPlugins: ['spaces'], - ssl: false, - testFiles: [require.resolve('./tests/trial')], -}); diff --git a/x-pack/test/timeline/security_only/tests/basic/events.ts b/x-pack/test/timeline/security_only/tests/basic/events.ts deleted file mode 100644 index bf6ef53d7660382..000000000000000 --- a/x-pack/test/timeline/security_only/tests/basic/events.ts +++ /dev/null @@ -1,144 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { JsonObject } from '@kbn/utility-types'; -import { ALERT_INSTANCE_ID, ALERT_RULE_CONSUMER } from '@kbn/rule-data-utils'; - -import { getSpaceUrlPrefix } from '../../../../rule_registry/common/lib/authentication/spaces'; - -import { - superUser, - globalRead, - secOnly, - secOnlyRead, - noKibanaPrivileges, -} from '../../../../rule_registry/common/lib/authentication/users'; -import { - Direction, - TimelineEventsQueries, -} from '../../../../../plugins/security_solution/common/search_strategy'; -import { FtrProviderContext } from '../../../common/ftr_provider_context'; - -const TO = '3000-01-01T00:00:00.000Z'; -const FROM = '2000-01-01T00:00:00.000Z'; -const TEST_URL = '/internal/search/timelineSearchStrategy/'; -const SPACE_1 = 'space1'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext) => { - const esArchiver = getService('esArchiver'); - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const getPostBody = (): JsonObject => ({ - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - docValueFields: [ - { - field: '@timestamp', - }, - { - field: ALERT_RULE_CONSUMER, - }, - { - field: ALERT_INSTANCE_ID, - }, - { - field: 'event.kind', - }, - ], - factoryQueryType: TimelineEventsQueries.all, - fieldRequested: ['@timestamp', 'message', ALERT_RULE_CONSUMER, ALERT_INSTANCE_ID, 'event.kind'], - fields: [], - filterQuery: { - bool: { - filter: [ - { - match_all: {}, - }, - ], - }, - }, - pagination: { - activePage: 0, - querySize: 25, - }, - language: 'kuery', - sort: [ - { - field: '@timestamp', - direction: Direction.desc, - type: 'number', - }, - ], - timerange: { - from: FROM, - to: TO, - interval: '12h', - }, - }); - - describe('Timeline - Events', () => { - before(async () => { - await esArchiver.load('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - after(async () => { - await esArchiver.unload('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - - const authorizedSecSpace1 = [secOnly, secOnlyRead]; - const authorizedInAllSpaces = [superUser, globalRead]; - const unauthorized = [noKibanaPrivileges]; - - [...authorizedSecSpace1, ...authorizedInAllSpaces].forEach(({ username, password }) => { - it(`${username} - should return a 404 when accessing a spaces route`, async () => { - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(SPACE_1)}${TEST_URL}`) - .auth(username, password) - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem'], - }) - .expect(404); - }); - }); - - [...authorizedInAllSpaces].forEach(({ username, password }) => { - it(`${username} - should return 200 for authorized users`, async () => { - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix()}${TEST_URL}`) - .auth(username, password) - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ - ...getPostBody(), - alertConsumers: ['siem', 'apm'], - }) - .expect(200); - }); - }); - - [...unauthorized].forEach(({ username, password }) => { - it(`${username} - should return 403 for unauthorized users`, async () => { - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix()}${TEST_URL}`) - .auth(username, password) - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ - ...getPostBody(), - alertConsumers: ['siem', 'apm'], - }) - // TODO - This should be updated to be a 403 once this ticket is resolved - // https://github.com/elastic/kibana/issues/106005 - .expect(500); - }); - }); - }); -}; diff --git a/x-pack/test/timeline/security_only/tests/basic/index.ts b/x-pack/test/timeline/security_only/tests/basic/index.ts deleted file mode 100644 index 60957c095611003..000000000000000 --- a/x-pack/test/timeline/security_only/tests/basic/index.ts +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../../common/ftr_provider_context'; -import { - createUsersAndRoles, - deleteUsersAndRoles, -} from '../../../../rule_registry/common/lib/authentication'; - -// eslint-disable-next-line import/no-default-export -export default ({ loadTestFile, getService }: FtrProviderContext): void => { - describe('timeline security only: basic', function () { - // Fastest ciGroup for the moment. - this.tags('ciGroup5'); - - before(async () => { - await createUsersAndRoles(getService); - }); - - after(async () => { - await deleteUsersAndRoles(getService); - }); - - // Basic - loadTestFile(require.resolve('./events')); - }); -}; diff --git a/x-pack/test/timeline/security_only/tests/trial/events.ts b/x-pack/test/timeline/security_only/tests/trial/events.ts deleted file mode 100644 index bf6ef53d7660382..000000000000000 --- a/x-pack/test/timeline/security_only/tests/trial/events.ts +++ /dev/null @@ -1,144 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { JsonObject } from '@kbn/utility-types'; -import { ALERT_INSTANCE_ID, ALERT_RULE_CONSUMER } from '@kbn/rule-data-utils'; - -import { getSpaceUrlPrefix } from '../../../../rule_registry/common/lib/authentication/spaces'; - -import { - superUser, - globalRead, - secOnly, - secOnlyRead, - noKibanaPrivileges, -} from '../../../../rule_registry/common/lib/authentication/users'; -import { - Direction, - TimelineEventsQueries, -} from '../../../../../plugins/security_solution/common/search_strategy'; -import { FtrProviderContext } from '../../../common/ftr_provider_context'; - -const TO = '3000-01-01T00:00:00.000Z'; -const FROM = '2000-01-01T00:00:00.000Z'; -const TEST_URL = '/internal/search/timelineSearchStrategy/'; -const SPACE_1 = 'space1'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext) => { - const esArchiver = getService('esArchiver'); - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const getPostBody = (): JsonObject => ({ - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - docValueFields: [ - { - field: '@timestamp', - }, - { - field: ALERT_RULE_CONSUMER, - }, - { - field: ALERT_INSTANCE_ID, - }, - { - field: 'event.kind', - }, - ], - factoryQueryType: TimelineEventsQueries.all, - fieldRequested: ['@timestamp', 'message', ALERT_RULE_CONSUMER, ALERT_INSTANCE_ID, 'event.kind'], - fields: [], - filterQuery: { - bool: { - filter: [ - { - match_all: {}, - }, - ], - }, - }, - pagination: { - activePage: 0, - querySize: 25, - }, - language: 'kuery', - sort: [ - { - field: '@timestamp', - direction: Direction.desc, - type: 'number', - }, - ], - timerange: { - from: FROM, - to: TO, - interval: '12h', - }, - }); - - describe('Timeline - Events', () => { - before(async () => { - await esArchiver.load('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - after(async () => { - await esArchiver.unload('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - - const authorizedSecSpace1 = [secOnly, secOnlyRead]; - const authorizedInAllSpaces = [superUser, globalRead]; - const unauthorized = [noKibanaPrivileges]; - - [...authorizedSecSpace1, ...authorizedInAllSpaces].forEach(({ username, password }) => { - it(`${username} - should return a 404 when accessing a spaces route`, async () => { - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(SPACE_1)}${TEST_URL}`) - .auth(username, password) - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem'], - }) - .expect(404); - }); - }); - - [...authorizedInAllSpaces].forEach(({ username, password }) => { - it(`${username} - should return 200 for authorized users`, async () => { - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix()}${TEST_URL}`) - .auth(username, password) - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ - ...getPostBody(), - alertConsumers: ['siem', 'apm'], - }) - .expect(200); - }); - }); - - [...unauthorized].forEach(({ username, password }) => { - it(`${username} - should return 403 for unauthorized users`, async () => { - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix()}${TEST_URL}`) - .auth(username, password) - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ - ...getPostBody(), - alertConsumers: ['siem', 'apm'], - }) - // TODO - This should be updated to be a 403 once this ticket is resolved - // https://github.com/elastic/kibana/issues/106005 - .expect(500); - }); - }); - }); -}; diff --git a/x-pack/test/timeline/security_only/tests/trial/index.ts b/x-pack/test/timeline/security_only/tests/trial/index.ts deleted file mode 100644 index fbe8d3ec9ee0e32..000000000000000 --- a/x-pack/test/timeline/security_only/tests/trial/index.ts +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../../common/ftr_provider_context'; -import { - createUsersAndRoles, - deleteUsersAndRoles, -} from '../../../../rule_registry/common/lib/authentication'; - -// eslint-disable-next-line import/no-default-export -export default ({ loadTestFile, getService }: FtrProviderContext): void => { - describe('timeline security only: trial', function () { - // Fastest ciGroup for the moment. - this.tags('ciGroup5'); - - before(async () => { - await createUsersAndRoles(getService); - }); - - after(async () => { - await deleteUsersAndRoles(getService); - }); - - // Basic - loadTestFile(require.resolve('./events')); - }); -}; diff --git a/x-pack/test/timeline/spaces_only/config.ts b/x-pack/test/timeline/spaces_only/config.ts deleted file mode 100644 index 442ebed0c125c16..000000000000000 --- a/x-pack/test/timeline/spaces_only/config.ts +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { createTestConfig } from '../common/config'; - -// eslint-disable-next-line import/no-default-export -export default createTestConfig('spaces_only', { - license: 'trial', - disabledPlugins: ['security'], - ssl: false, - testFiles: [require.resolve('./tests')], -}); diff --git a/x-pack/test/timeline/spaces_only/tests/events.ts b/x-pack/test/timeline/spaces_only/tests/events.ts deleted file mode 100644 index a7c2a9abeb21160..000000000000000 --- a/x-pack/test/timeline/spaces_only/tests/events.ts +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { JsonObject } from '@kbn/utility-types'; -import expect from '@kbn/expect'; -import { ALERT_INSTANCE_ID, ALERT_RULE_CONSUMER } from '@kbn/rule-data-utils'; - -import { FtrProviderContext } from '../../../rule_registry/common/ftr_provider_context'; -import { getSpaceUrlPrefix } from '../../../rule_registry/common/lib/authentication/spaces'; -import { - Direction, - TimelineEventsQueries, -} from '../../../../plugins/security_solution/common/search_strategy'; - -// eslint-disable-next-line import/no-default-export -export default ({ getService }: FtrProviderContext) => { - const supertest = getService('supertest'); - const esArchiver = getService('esArchiver'); - - const TO = '3000-01-01T00:00:00.000Z'; - const FROM = '2000-01-01T00:00:00.000Z'; - const TEST_URL = '/internal/search/timelineSearchStrategy/'; - const SPACE1 = 'space1'; - const OTHER = 'other'; - - const getPostBody = (): JsonObject => ({ - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - docValueFields: [ - { - field: '@timestamp', - }, - { - field: ALERT_RULE_CONSUMER, - }, - { - field: ALERT_INSTANCE_ID, - }, - { - field: 'event.kind', - }, - ], - factoryQueryType: TimelineEventsQueries.all, - fieldRequested: ['@timestamp', 'message', ALERT_RULE_CONSUMER, ALERT_INSTANCE_ID, 'event.kind'], - fields: [], - filterQuery: { - bool: { - filter: [ - { - match_all: {}, - }, - ], - }, - }, - pagination: { - activePage: 0, - querySize: 25, - }, - language: 'kuery', - sort: [ - { - field: '@timestamp', - direction: Direction.desc, - type: 'number', - }, - ], - timerange: { - from: FROM, - to: TO, - interval: '12h', - }, - }); - - describe('Timeline - Events', () => { - before(async () => { - await esArchiver.load('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - - after(async () => { - await esArchiver.unload('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - - it('should handle alerts request appropriately', async () => { - const resp = await supertest - .post(`${getSpaceUrlPrefix(SPACE1)}${TEST_URL}`) - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ - ...getPostBody(), - alertConsumers: ['siem', 'apm'], - }) - .expect(200); - - // there's 5 total alerts, one is assigned to space2 only - expect(resp.body.totalCount).to.be(4); - }); - - it('should not return alerts from another space', async () => { - const resp = await supertest - .post(`${getSpaceUrlPrefix(OTHER)}${TEST_URL}`) - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ - ...getPostBody(), - alertConsumers: ['siem', 'apm'], - }) - .expect(200); - - expect(resp.body.totalCount).to.be(0); - }); - }); -}; diff --git a/x-pack/test/timeline/spaces_only/tests/index.ts b/x-pack/test/timeline/spaces_only/tests/index.ts deleted file mode 100644 index 857ca027a237112..000000000000000 --- a/x-pack/test/timeline/spaces_only/tests/index.ts +++ /dev/null @@ -1,28 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { createSpaces, deleteSpaces } from '../../../rule_registry/common/lib/authentication'; - -// eslint-disable-next-line import/no-default-export -export default ({ loadTestFile, getService }: FtrProviderContext): void => { - describe('timeline spaces only: trial', function () { - // Fastest ciGroup for the moment. - this.tags('ciGroup5'); - - before(async () => { - await createSpaces(getService); - }); - - after(async () => { - await deleteSpaces(getService); - }); - - // Basic - loadTestFile(require.resolve('./events')); - }); -}; diff --git a/x-pack/test/ui_capabilities/security_and_spaces/scenarios.ts b/x-pack/test/ui_capabilities/security_and_spaces/scenarios.ts index a13a5589f6007e6..7ed14214d23b490 100644 --- a/x-pack/test/ui_capabilities/security_and_spaces/scenarios.ts +++ b/x-pack/test/ui_capabilities/security_and_spaces/scenarios.ts @@ -126,6 +126,47 @@ const GlobalRead: User = { }, }; +const FooAll: User = { + username: 'foo_all', + fullName: 'foo_all', + password: 'foo_all-password', + role: { + name: 'foo_all_role', + kibana: [ + { + feature: { + foo: ['all'], + }, + spaces: ['*'], + }, + ], + }, +}; + +const FooRead: User = { + username: 'foo_read', + fullName: 'foo_read', + password: 'foo_read-password', + role: { + name: 'foo_read_role', + kibana: [ + { + feature: { + foo: ['read'], + }, + spaces: ['*'], + }, + ], + }, +}; + +interface FooAll extends User { + username: 'foo_all'; +} +interface FooRead extends User { + username: 'foo_read'; +} + const EverythingSpaceAll: User = { username: 'everything_space_all', fullName: 'everything_space_all', @@ -194,6 +235,8 @@ export const Users: User[] = [ DualPrivilegesRead, GlobalAll, GlobalRead, + FooAll, + FooRead, EverythingSpaceAll, EverythingSpaceRead, NothingSpaceAll, @@ -349,6 +392,42 @@ const GlobalReadAtNothingSpace: GlobalReadAtNothingSpace = { space: NothingSpace, }; +interface FooAllAtEverythingSpace extends Scenario { + id: 'foo_all at everything_space'; +} +const FooAllAtEverythingSpace: FooAllAtEverythingSpace = { + id: 'foo_all at everything_space', + user: FooAll, + space: EverythingSpace, +}; + +interface FooAllAtNothingSpace extends Scenario { + id: 'foo_all at nothing_space'; +} +const FooAllAtNothingSpace: FooAllAtNothingSpace = { + id: 'foo_all at nothing_space', + user: FooAll, + space: NothingSpace, +}; + +interface FooReadAtEverythingSpace extends Scenario { + id: 'foo_read at everything_space'; +} +const FooReadAtEverythingSpace: FooReadAtEverythingSpace = { + id: 'foo_read at everything_space', + user: FooRead, + space: EverythingSpace, +}; + +interface FooReadAtNothingSpace extends Scenario { + id: 'foo_read at nothing_space'; +} +const FooReadAtNothingSpace: FooReadAtNothingSpace = { + id: 'foo_read at nothing_space', + user: FooRead, + space: NothingSpace, +}; + interface EverythingSpaceAllAtEverythingSpace extends Scenario { id: 'everything_space_all at everything_space'; } @@ -421,30 +500,7 @@ const NothingSpaceReadAtNothingSpace: NothingSpaceReadAtNothingSpace = { space: NothingSpace, }; -export const UserAtSpaceScenarios: [ - NoKibanaPrivilegesAtEverythingSpace, - NoKibanaPrivilegesAtNothingSpace, - SuperuserAtEverythingSpace, - SuperuserAtNothingSpace, - LegacyAllAtEverythingSpace, - LegacyAllAtNothingSpace, - DualPrivilegesAllAtEverythingSpace, - DualPrivilegesAllAtNothingSpace, - DualPrivilegesReadAtEverythingSpace, - DualPrivilegesReadAtNothingSpace, - GlobalAllAtEverythingSpace, - GlobalAllAtNothingSpace, - GlobalReadAtEverythingSpace, - GlobalReadAtNothingSpace, - EverythingSpaceAllAtEverythingSpace, - EverythingSpaceAllAtNothingSpace, - EverythingSpaceReadAtEverythingSpace, - EverythingSpaceReadAtNothingSpace, - NothingSpaceAllAtEverythingSpace, - NothingSpaceAllAtNothingSpace, - NothingSpaceReadAtEverythingSpace, - NothingSpaceReadAtNothingSpace -] = [ +export const UserAtSpaceScenarios = [ NoKibanaPrivilegesAtEverythingSpace, NoKibanaPrivilegesAtNothingSpace, SuperuserAtEverythingSpace, @@ -459,6 +515,10 @@ export const UserAtSpaceScenarios: [ GlobalAllAtNothingSpace, GlobalReadAtEverythingSpace, GlobalReadAtNothingSpace, + FooAllAtEverythingSpace, + FooAllAtNothingSpace, + FooReadAtEverythingSpace, + FooReadAtNothingSpace, EverythingSpaceAllAtEverythingSpace, EverythingSpaceAllAtNothingSpace, EverythingSpaceReadAtEverythingSpace, @@ -467,4 +527,4 @@ export const UserAtSpaceScenarios: [ NothingSpaceAllAtNothingSpace, NothingSpaceReadAtEverythingSpace, NothingSpaceReadAtNothingSpace, -]; +] as const; diff --git a/x-pack/test/ui_capabilities/security_and_spaces/tests/catalogue.ts b/x-pack/test/ui_capabilities/security_and_spaces/tests/catalogue.ts index aeaaf7fca1cb73f..3d272977be625cf 100644 --- a/x-pack/test/ui_capabilities/security_and_spaces/tests/catalogue.ts +++ b/x-pack/test/ui_capabilities/security_and_spaces/tests/catalogue.ts @@ -85,6 +85,18 @@ export default function catalogueTests({ getService }: FtrProviderContext) { expect(uiCapabilities.value!.catalogue).to.eql(expected); break; } + case 'foo_all at everything_space': + case 'foo_read at everything_space': { + expect(uiCapabilities.success).to.be(true); + expect(uiCapabilities.value).to.have.property('catalogue'); + // everything except foo is disabled + const expected = mapValues( + uiCapabilities.value!.catalogue, + (enabled, catalogueId) => catalogueId === 'foo' + ); + expect(uiCapabilities.value!.catalogue).to.eql(expected); + break; + } // the nothing_space has no Kibana features enabled, so even if we have // privileges to perform these actions, we won't be able to. // Note that ES features may still be enabled if the user has privileges, since @@ -116,6 +128,8 @@ export default function catalogueTests({ getService }: FtrProviderContext) { // the nothing_space has no Kibana features enabled, so even if we have // privileges to perform these actions, we won't be able to. case 'global_read at nothing_space': + case 'foo_all at nothing_space': + case 'foo_read at nothing_space': case 'dual_privileges_all at nothing_space': case 'dual_privileges_read at nothing_space': case 'nothing_space_all at nothing_space': diff --git a/x-pack/test/ui_capabilities/security_and_spaces/tests/foo.ts b/x-pack/test/ui_capabilities/security_and_spaces/tests/foo.ts index d1c5c392f48c7d6..7e00864b5476144 100644 --- a/x-pack/test/ui_capabilities/security_and_spaces/tests/foo.ts +++ b/x-pack/test/ui_capabilities/security_and_spaces/tests/foo.ts @@ -26,6 +26,7 @@ export default function fooTests({ getService }: FtrProviderContext) { // these users have a read/write view case 'superuser at everything_space': case 'global_all at everything_space': + case 'foo_all at everything_space': case 'dual_privileges_all at everything_space': case 'everything_space_all at everything_space': expect(uiCapabilities.success).to.be(true); @@ -39,6 +40,7 @@ export default function fooTests({ getService }: FtrProviderContext) { break; // these users have a read only view case 'global_read at everything_space': + case 'foo_read at everything_space': case 'dual_privileges_read at everything_space': case 'everything_space_read at everything_space': expect(uiCapabilities.success).to.be(true); @@ -55,6 +57,8 @@ export default function fooTests({ getService }: FtrProviderContext) { case 'superuser at nothing_space': case 'global_all at nothing_space': case 'global_read at nothing_space': + case 'foo_all at nothing_space': + case 'foo_read at nothing_space': case 'dual_privileges_all at nothing_space': case 'dual_privileges_read at nothing_space': case 'nothing_space_all at nothing_space': diff --git a/x-pack/test/ui_capabilities/security_and_spaces/tests/nav_links.ts b/x-pack/test/ui_capabilities/security_and_spaces/tests/nav_links.ts index 6a6b618c2c8c894..5712cfeb8c14104 100644 --- a/x-pack/test/ui_capabilities/security_and_spaces/tests/nav_links.ts +++ b/x-pack/test/ui_capabilities/security_and_spaces/tests/nav_links.ts @@ -62,11 +62,21 @@ export default function navLinksTests({ getService }: FtrProviderContext) { ) ); break; + case 'foo_all at everything_space': + case 'foo_read at everything_space': + expect(uiCapabilities.success).to.be(true); + expect(uiCapabilities.value).to.have.property('navLinks'); + expect(uiCapabilities.value!.navLinks).to.eql( + navLinksBuilder.only('kibana', 'foo', 'management') + ); + break; case 'superuser at nothing_space': case 'global_all at nothing_space': + case 'global_read at nothing_space': + case 'foo_all at nothing_space': + case 'foo_read at nothing_space': case 'dual_privileges_all at nothing_space': case 'dual_privileges_read at nothing_space': - case 'global_read at nothing_space': case 'nothing_space_all at nothing_space': case 'nothing_space_read at nothing_space': case 'no_kibana_privileges at everything_space': diff --git a/x-pack/test/ui_capabilities/security_only/config.ts b/x-pack/test/ui_capabilities/security_only/config.ts deleted file mode 100644 index fa5a7f67fe819e5..000000000000000 --- a/x-pack/test/ui_capabilities/security_only/config.ts +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { createTestConfig } from '../common/config'; - -// eslint-disable-next-line import/no-default-export -export default createTestConfig('security_only', { disabledPlugins: ['spaces'], license: 'trial' }); diff --git a/x-pack/test/ui_capabilities/security_only/scenarios.ts b/x-pack/test/ui_capabilities/security_only/scenarios.ts deleted file mode 100644 index 1bbb23720c1e272..000000000000000 --- a/x-pack/test/ui_capabilities/security_only/scenarios.ts +++ /dev/null @@ -1,216 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { CustomRoleSpecification, User } from '../common/types'; - -// For all scenarios, we define both an instance in addition -// to a "type" definition so that we can use the exhaustive switch in -// typescript to ensure all scenarios are handled. - -const allRole: CustomRoleSpecification = { - name: 'all_role', - kibana: [ - { - base: ['all'], - spaces: ['*'], - }, - ], -}; - -interface NoKibanaPrivileges extends User { - username: 'no_kibana_privileges'; -} -const NoKibanaPrivileges: NoKibanaPrivileges = { - username: 'no_kibana_privileges', - fullName: 'no_kibana_privileges', - password: 'no_kibana_privileges-password', - role: { - name: 'no_kibana_privileges', - elasticsearch: { - indices: [ - { - names: ['foo'], - privileges: ['all'], - }, - ], - }, - }, -}; - -interface Superuser extends User { - username: 'superuser'; -} -const Superuser: Superuser = { - username: 'superuser', - fullName: 'superuser', - password: 'superuser-password', - role: { - name: 'superuser', - }, -}; - -interface LegacyAll extends User { - username: 'legacy_all'; -} -const LegacyAll: LegacyAll = { - username: 'legacy_all', - fullName: 'legacy_all', - password: 'legacy_all-password', - role: { - name: 'legacy_all_role', - elasticsearch: { - indices: [ - { - names: ['.kibana*'], - privileges: ['all'], - }, - ], - }, - }, -}; - -interface DualPrivilegesAll extends User { - username: 'dual_privileges_all'; -} -const DualPrivilegesAll: DualPrivilegesAll = { - username: 'dual_privileges_all', - fullName: 'dual_privileges_all', - password: 'dual_privileges_all-password', - role: { - name: 'dual_privileges_all_role', - elasticsearch: { - indices: [ - { - names: ['.kibana*'], - privileges: ['all'], - }, - ], - }, - kibana: [ - { - base: ['all'], - spaces: ['*'], - }, - ], - }, -}; - -interface DualPrivilegesRead extends User { - username: 'dual_privileges_read'; -} -const DualPrivilegesRead: DualPrivilegesRead = { - username: 'dual_privileges_read', - fullName: 'dual_privileges_read', - password: 'dual_privileges_read-password', - role: { - name: 'dual_privileges_read_role', - elasticsearch: { - indices: [ - { - names: ['.kibana*'], - privileges: ['read'], - }, - ], - }, - kibana: [ - { - base: ['read'], - spaces: ['*'], - }, - ], - }, -}; - -interface All extends User { - username: 'all'; -} -const All: All = { - username: 'all', - fullName: 'all', - password: 'all-password', - role: allRole, -}; - -interface Read extends User { - username: 'read'; -} -const Read: Read = { - username: 'read', - fullName: 'read', - password: 'read-password', - role: { - name: 'read_role', - kibana: [ - { - base: ['read'], - spaces: ['*'], - }, - ], - }, -}; - -interface FooAll extends User { - username: 'foo_all'; -} -const FooAll: FooAll = { - username: 'foo_all', - fullName: 'foo_all', - password: 'foo_all-password', - role: { - name: 'foo_all_role', - kibana: [ - { - feature: { - foo: ['all'], - }, - spaces: ['*'], - }, - ], - }, -}; - -interface FooRead extends User { - username: 'foo_read'; -} -const FooRead: FooRead = { - username: 'foo_read', - fullName: 'foo_read', - password: 'foo_read-password', - role: { - name: 'foo_read_role', - kibana: [ - { - feature: { - foo: ['read'], - }, - spaces: ['*'], - }, - ], - }, -}; - -export const UserScenarios: [ - NoKibanaPrivileges, - Superuser, - LegacyAll, - DualPrivilegesAll, - DualPrivilegesRead, - All, - Read, - FooAll, - FooRead -] = [ - NoKibanaPrivileges, - Superuser, - LegacyAll, - DualPrivilegesAll, - DualPrivilegesRead, - All, - Read, - FooAll, - FooRead, -]; diff --git a/x-pack/test/ui_capabilities/security_only/tests/catalogue.ts b/x-pack/test/ui_capabilities/security_only/tests/catalogue.ts deleted file mode 100644 index da4b26106afacd0..000000000000000 --- a/x-pack/test/ui_capabilities/security_only/tests/catalogue.ts +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { mapValues } from 'lodash'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { UICapabilitiesService } from '../../common/services/ui_capabilities'; -import { UserScenarios } from '../scenarios'; - -export default function catalogueTests({ getService }: FtrProviderContext) { - const uiCapabilitiesService: UICapabilitiesService = getService('uiCapabilities'); - - const esFeatureExceptions = [ - 'security', - 'index_lifecycle_management', - 'snapshot_restore', - 'rollup_jobs', - 'reporting', - 'transform', - 'watcher', - ]; - - describe('catalogue', () => { - UserScenarios.forEach((scenario) => { - it(`${scenario.fullName}`, async () => { - const uiCapabilities = await uiCapabilitiesService.get({ - credentials: { - username: scenario.username, - password: scenario.password, - }, - }); - switch (scenario.username) { - case 'superuser': { - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('catalogue'); - // everything is enabled - const expected = mapValues(uiCapabilities.value!.catalogue, () => true); - expect(uiCapabilities.value!.catalogue).to.eql(expected); - break; - } - case 'all': - case 'dual_privileges_all': { - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('catalogue'); - // everything except ml, monitoring, and ES features are enabled - const expected = mapValues( - uiCapabilities.value!.catalogue, - (enabled, catalogueId) => - catalogueId !== 'ml' && - catalogueId !== 'monitoring' && - catalogueId !== 'ml_file_data_visualizer' && - catalogueId !== 'osquery' && - !esFeatureExceptions.includes(catalogueId) - ); - expect(uiCapabilities.value!.catalogue).to.eql(expected); - break; - } - case 'read': - case 'dual_privileges_read': { - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('catalogue'); - // everything except ml and monitoring and enterprise search is enabled - const exceptions = [ - 'ml', - 'ml_file_data_visualizer', - 'monitoring', - 'enterpriseSearch', - 'appSearch', - 'workplaceSearch', - 'osquery', - ...esFeatureExceptions, - ]; - const expected = mapValues( - uiCapabilities.value!.catalogue, - (enabled, catalogueId) => !exceptions.includes(catalogueId) - ); - expect(uiCapabilities.value!.catalogue).to.eql(expected); - break; - } - case 'foo_all': - case 'foo_read': { - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('catalogue'); - // only foo is enabled - const expected = mapValues( - uiCapabilities.value!.catalogue, - (value, catalogueId) => catalogueId === 'foo' - ); - expect(uiCapabilities.value!.catalogue).to.eql(expected); - break; - } - // these users have no access to even get the ui capabilities - case 'legacy_all': - case 'no_kibana_privileges': - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('catalogue'); - // only foo is enabled - const expected = mapValues(uiCapabilities.value!.catalogue, () => false); - expect(uiCapabilities.value!.catalogue).to.eql(expected); - break; - default: - throw new UnreachableError(scenario); - } - }); - }); - }); -} diff --git a/x-pack/test/ui_capabilities/security_only/tests/foo.ts b/x-pack/test/ui_capabilities/security_only/tests/foo.ts deleted file mode 100644 index f4d0d48863107f5..000000000000000 --- a/x-pack/test/ui_capabilities/security_only/tests/foo.ts +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { UICapabilitiesService } from '../../common/services/ui_capabilities'; -import { UserScenarios } from '../scenarios'; - -export default function fooTests({ getService }: FtrProviderContext) { - const uiCapabilitiesService: UICapabilitiesService = getService('uiCapabilities'); - - describe('foo', () => { - UserScenarios.forEach((scenario) => { - it(`${scenario.fullName}`, async () => { - const uiCapabilities = await uiCapabilitiesService.get({ - credentials: { - username: scenario.username, - password: scenario.password, - }, - }); - switch (scenario.username) { - // these users have a read/write view of Foo - case 'superuser': - case 'all': - case 'dual_privileges_all': - case 'foo_all': - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('foo'); - expect(uiCapabilities.value!.foo).to.eql({ - create: true, - edit: true, - delete: true, - show: true, - }); - break; - // these users have a read-only view of Foo - case 'read': - case 'dual_privileges_read': - case 'foo_read': - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('foo'); - expect(uiCapabilities.value!.foo).to.eql({ - create: false, - edit: false, - delete: false, - show: true, - }); - break; - // these users have no access to even get the ui capabilities - case 'legacy_all': - case 'no_kibana_privileges': - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('foo'); - expect(uiCapabilities.value!.foo).to.eql({ - create: false, - edit: false, - delete: false, - show: false, - }); - break; - // all other users can't do anything with Foo - default: - throw new UnreachableError(scenario); - } - }); - }); - }); -} diff --git a/x-pack/test/ui_capabilities/security_only/tests/index.ts b/x-pack/test/ui_capabilities/security_only/tests/index.ts deleted file mode 100644 index 37d79d4ef377363..000000000000000 --- a/x-pack/test/ui_capabilities/security_only/tests/index.ts +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { isCustomRoleSpecification } from '../../common/types'; -import { UserScenarios } from '../scenarios'; - -export default function uiCapabilitesTests({ loadTestFile, getService }: FtrProviderContext) { - const securityService = getService('security'); - - describe('ui capabilities', function () { - this.tags('ciGroup9'); - - before(async () => { - for (const user of UserScenarios) { - const roles = [...(user.role ? [user.role] : []), ...(user.roles ? user.roles : [])]; - - await securityService.user.create(user.username, { - password: user.password, - full_name: user.fullName, - roles: roles.map((role) => role.name), - }); - - for (const role of roles) { - if (isCustomRoleSpecification(role)) { - await securityService.role.create(role.name, { - kibana: role.kibana, - }); - } - } - } - }); - - after(async () => { - for (const user of UserScenarios) { - await securityService.user.delete(user.username); - - const roles = [...(user.role ? [user.role] : []), ...(user.roles ? user.roles : [])]; - for (const role of roles) { - if (isCustomRoleSpecification(role)) { - await securityService.role.delete(role.name); - } - } - } - }); - - loadTestFile(require.resolve('./catalogue')); - loadTestFile(require.resolve('./foo')); - loadTestFile(require.resolve('./nav_links')); - }); -} diff --git a/x-pack/test/ui_capabilities/security_only/tests/nav_links.ts b/x-pack/test/ui_capabilities/security_only/tests/nav_links.ts deleted file mode 100644 index 6a44b3d8f0b71da..000000000000000 --- a/x-pack/test/ui_capabilities/security_only/tests/nav_links.ts +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { NavLinksBuilder } from '../../common/nav_links_builder'; -import { FeaturesService } from '../../common/services'; -import { UICapabilitiesService } from '../../common/services/ui_capabilities'; -import { UserScenarios } from '../scenarios'; - -export default function navLinksTests({ getService }: FtrProviderContext) { - const uiCapabilitiesService: UICapabilitiesService = getService('uiCapabilities'); - const featuresService: FeaturesService = getService('features'); - - describe('navLinks', () => { - let navLinksBuilder: NavLinksBuilder; - before(async () => { - const features = await featuresService.get(); - navLinksBuilder = new NavLinksBuilder(features); - }); - - UserScenarios.forEach((scenario) => { - it(`${scenario.fullName}`, async () => { - const uiCapabilities = await uiCapabilitiesService.get({ - credentials: { - username: scenario.username, - password: scenario.password, - }, - }); - switch (scenario.username) { - case 'superuser': - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('navLinks'); - expect(uiCapabilities.value!.navLinks).to.eql(navLinksBuilder.all()); - break; - case 'all': - case 'dual_privileges_all': - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('navLinks'); - expect(uiCapabilities.value!.navLinks).to.eql( - navLinksBuilder.except('ml', 'monitoring', 'osquery') - ); - break; - case 'read': - case 'dual_privileges_read': - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('navLinks'); - expect(uiCapabilities.value!.navLinks).to.eql( - navLinksBuilder.except( - 'ml', - 'monitoring', - 'enterpriseSearch', - 'appSearch', - 'workplaceSearch', - 'osquery' - ) - ); - break; - case 'foo_all': - case 'foo_read': - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('navLinks'); - expect(uiCapabilities.value!.navLinks).to.eql( - navLinksBuilder.only('management', 'foo', 'kibana') - ); - break; - case 'legacy_all': - case 'no_kibana_privileges': - expect(uiCapabilities.success).to.be(true); - expect(uiCapabilities.value).to.have.property('navLinks'); - expect(uiCapabilities.value!.navLinks).to.eql(navLinksBuilder.only('management')); - break; - default: - throw new UnreachableError(scenario); - } - }); - }); - }); -} diff --git a/x-pack/test/ui_capabilities/spaces_only/scenarios.ts b/x-pack/test/ui_capabilities/spaces_only/scenarios.ts index f3af7db6eb24623..c914b5f056aed49 100644 --- a/x-pack/test/ui_capabilities/spaces_only/scenarios.ts +++ b/x-pack/test/ui_capabilities/spaces_only/scenarios.ts @@ -38,8 +38,4 @@ const FooDisabledSpace: FooDisabledSpace = { disabledFeatures: ['foo'], }; -export const SpaceScenarios: [EverythingSpace, NothingSpace, FooDisabledSpace] = [ - EverythingSpace, - NothingSpace, - FooDisabledSpace, -]; +export const SpaceScenarios = [EverythingSpace, NothingSpace, FooDisabledSpace] as const; From 6792bdfc6d5d921822da7b85dfde9e668c0af7bb Mon Sep 17 00:00:00 2001 From: Joe Portner <5295965+jportner@users.noreply.github.com> Date: Mon, 18 Oct 2021 11:34:13 -0400 Subject: [PATCH 42/50] Update security deprecation messages (#115241) --- .../elasticsearch_config.test.ts | 8 +- .../elasticsearch/elasticsearch_config.ts | 86 +++++++++++++------ .../monitoring/server/deprecations.test.js | 58 ------------- .../plugins/monitoring/server/deprecations.ts | 57 ++---------- .../server/config_deprecations.test.ts | 8 +- .../security/server/config_deprecations.ts | 75 +++++++++------- 6 files changed, 117 insertions(+), 175 deletions(-) diff --git a/src/core/server/elasticsearch/elasticsearch_config.test.ts b/src/core/server/elasticsearch/elasticsearch_config.test.ts index 1d3b70348bec195..855ec75995be77a 100644 --- a/src/core/server/elasticsearch/elasticsearch_config.test.ts +++ b/src/core/server/elasticsearch/elasticsearch_config.test.ts @@ -322,7 +322,7 @@ describe('deprecations', () => { const { messages } = applyElasticsearchDeprecations({ username: 'elastic' }); expect(messages).toMatchInlineSnapshot(` Array [ - "Setting [${CONFIG_PATH}.username] to \\"elastic\\" is deprecated. You should use the \\"kibana_system\\" user instead.", + "Kibana is configured to authenticate to Elasticsearch with the \\"elastic\\" user. Use a service account token instead.", ] `); }); @@ -331,7 +331,7 @@ describe('deprecations', () => { const { messages } = applyElasticsearchDeprecations({ username: 'kibana' }); expect(messages).toMatchInlineSnapshot(` Array [ - "Setting [${CONFIG_PATH}.username] to \\"kibana\\" is deprecated. You should use the \\"kibana_system\\" user instead.", + "Kibana is configured to authenticate to Elasticsearch with the \\"kibana\\" user. Use a service account token instead.", ] `); }); @@ -350,7 +350,7 @@ describe('deprecations', () => { const { messages } = applyElasticsearchDeprecations({ ssl: { key: '' } }); expect(messages).toMatchInlineSnapshot(` Array [ - "Setting [${CONFIG_PATH}.ssl.key] without [${CONFIG_PATH}.ssl.certificate] is deprecated. This has no effect, you should use both settings to enable TLS client authentication to Elasticsearch.", + "Use both \\"elasticsearch.ssl.key\\" and \\"elasticsearch.ssl.certificate\\" to enable Kibana to use Mutual TLS authentication with Elasticsearch.", ] `); }); @@ -359,7 +359,7 @@ describe('deprecations', () => { const { messages } = applyElasticsearchDeprecations({ ssl: { certificate: '' } }); expect(messages).toMatchInlineSnapshot(` Array [ - "Setting [${CONFIG_PATH}.ssl.certificate] without [${CONFIG_PATH}.ssl.key] is deprecated. This has no effect, you should use both settings to enable TLS client authentication to Elasticsearch.", + "Use both \\"elasticsearch.ssl.certificate\\" and \\"elasticsearch.ssl.key\\" to enable Kibana to use Mutual TLS authentication with Elasticsearch.", ] `); }); diff --git a/src/core/server/elasticsearch/elasticsearch_config.ts b/src/core/server/elasticsearch/elasticsearch_config.ts index f130504e3293af5..298144ca95a02dc 100644 --- a/src/core/server/elasticsearch/elasticsearch_config.ts +++ b/src/core/server/elasticsearch/elasticsearch_config.ts @@ -8,6 +8,7 @@ import { schema, TypeOf } from '@kbn/config-schema'; import { readPkcs12Keystore, readPkcs12Truststore } from '@kbn/crypto'; +import { i18n } from '@kbn/i18n'; import { Duration } from 'moment'; import { readFileSync } from 'fs'; import { ConfigDeprecationProvider } from 'src/core/server'; @@ -171,49 +172,82 @@ export const configSchema = schema.object({ }); const deprecations: ConfigDeprecationProvider = () => [ - (settings, fromPath, addDeprecation) => { + (settings, fromPath, addDeprecation, { branch }) => { const es = settings[fromPath]; if (!es) { return; } - if (es.username === 'elastic') { - addDeprecation({ - configPath: `${fromPath}.username`, - message: `Setting [${fromPath}.username] to "elastic" is deprecated. You should use the "kibana_system" user instead.`, - correctiveActions: { - manualSteps: [`Replace [${fromPath}.username] from "elastic" to "kibana_system".`], - }, - }); - } else if (es.username === 'kibana') { + + if (es.username === 'elastic' || es.username === 'kibana') { + const username = es.username; addDeprecation({ configPath: `${fromPath}.username`, - message: `Setting [${fromPath}.username] to "kibana" is deprecated. You should use the "kibana_system" user instead.`, - correctiveActions: { - manualSteps: [`Replace [${fromPath}.username] from "kibana" to "kibana_system".`], - }, - }); - } - if (es.ssl?.key !== undefined && es.ssl?.certificate === undefined) { - addDeprecation({ - configPath: `${fromPath}.ssl.key`, - message: `Setting [${fromPath}.ssl.key] without [${fromPath}.ssl.certificate] is deprecated. This has no effect, you should use both settings to enable TLS client authentication to Elasticsearch.`, + title: i18n.translate('core.deprecations.elasticsearchUsername.title', { + defaultMessage: 'Using "elasticsearch.username: {username}" is deprecated', + values: { username }, + }), + message: i18n.translate('core.deprecations.elasticsearchUsername.message', { + defaultMessage: + 'Kibana is configured to authenticate to Elasticsearch with the "{username}" user. Use a service account token instead.', + values: { username }, + }), + level: 'warning', + documentationUrl: `https://www.elastic.co/guide/en/elasticsearch/reference/${branch}/service-accounts.html`, correctiveActions: { manualSteps: [ - `Set [${fromPath}.ssl.certificate] in your kibana configs to enable TLS client authentication to Elasticsearch.`, + i18n.translate('core.deprecations.elasticsearchUsername.manualSteps1', { + defaultMessage: + 'Use the elasticsearch-service-tokens CLI tool to create a new service account token for the "elastic/kibana" service account.', + }), + i18n.translate('core.deprecations.elasticsearchUsername.manualSteps2', { + defaultMessage: 'Add the "elasticsearch.serviceAccountToken" setting to kibana.yml.', + }), + i18n.translate('core.deprecations.elasticsearchUsername.manualSteps3', { + defaultMessage: + 'Remove "elasticsearch.username" and "elasticsearch.password" from kibana.yml.', + }), ], }, }); - } else if (es.ssl?.certificate !== undefined && es.ssl?.key === undefined) { + } + + const addSslDeprecation = (existingSetting: string, missingSetting: string) => { addDeprecation({ - configPath: `${fromPath}.ssl.certificate`, - message: `Setting [${fromPath}.ssl.certificate] without [${fromPath}.ssl.key] is deprecated. This has no effect, you should use both settings to enable TLS client authentication to Elasticsearch.`, + configPath: existingSetting, + title: i18n.translate('core.deprecations.elasticsearchSSL.title', { + defaultMessage: 'Using "{existingSetting}" without "{missingSetting}" has no effect', + values: { existingSetting, missingSetting }, + }), + message: i18n.translate('core.deprecations.elasticsearchSSL.message', { + defaultMessage: + 'Use both "{existingSetting}" and "{missingSetting}" to enable Kibana to use Mutual TLS authentication with Elasticsearch.', + values: { existingSetting, missingSetting }, + }), + level: 'warning', + documentationUrl: `https://www.elastic.co/guide/en/kibana/${branch}/elasticsearch-mutual-tls.html`, correctiveActions: { manualSteps: [ - `Set [${fromPath}.ssl.key] in your kibana configs to enable TLS client authentication to Elasticsearch.`, + i18n.translate('core.deprecations.elasticsearchSSL.manualSteps1', { + defaultMessage: 'Add the "{missingSetting}" setting to kibana.yml.', + values: { missingSetting }, + }), + i18n.translate('core.deprecations.elasticsearchSSL.manualSteps2', { + defaultMessage: + 'Alternatively, if you don\'t want to use Mutual TLS authentication, remove "{existingSetting}" from kibana.yml.', + values: { existingSetting }, + }), ], }, }); - } else if (es.logQueries === true) { + }; + + if (es.ssl?.key !== undefined && es.ssl?.certificate === undefined) { + addSslDeprecation(`${fromPath}.ssl.key`, `${fromPath}.ssl.certificate`); + } else if (es.ssl?.certificate !== undefined && es.ssl?.key === undefined) { + addSslDeprecation(`${fromPath}.ssl.certificate`, `${fromPath}.ssl.key`); + } + + if (es.logQueries === true) { addDeprecation({ configPath: `${fromPath}.logQueries`, message: `Setting [${fromPath}.logQueries] is deprecated and no longer used. You should set the log level to "debug" for the "elasticsearch.queries" context in "logging.loggers".`, diff --git a/x-pack/plugins/monitoring/server/deprecations.test.js b/x-pack/plugins/monitoring/server/deprecations.test.js index 4c12979e97804fd..9216132fd611964 100644 --- a/x-pack/plugins/monitoring/server/deprecations.test.js +++ b/x-pack/plugins/monitoring/server/deprecations.test.js @@ -67,64 +67,6 @@ describe('monitoring plugin deprecations', function () { }); }); - describe('elasticsearch.username', function () { - it('logs a warning if elasticsearch.username is set to "elastic"', () => { - const settings = { elasticsearch: { username: 'elastic' } }; - - const addDeprecation = jest.fn(); - transformDeprecations(settings, fromPath, addDeprecation); - expect(addDeprecation).toHaveBeenCalled(); - }); - - it('logs a warning if elasticsearch.username is set to "kibana"', () => { - const settings = { elasticsearch: { username: 'kibana' } }; - - const addDeprecation = jest.fn(); - transformDeprecations(settings, fromPath, addDeprecation); - expect(addDeprecation).toHaveBeenCalled(); - }); - - it('does not log a warning if elasticsearch.username is set to something besides "elastic" or "kibana"', () => { - const settings = { elasticsearch: { username: 'otheruser' } }; - - const addDeprecation = jest.fn(); - transformDeprecations(settings, fromPath, addDeprecation); - expect(addDeprecation).not.toHaveBeenCalled(); - }); - - it('does not log a warning if elasticsearch.username is unset', () => { - const settings = { elasticsearch: { username: undefined } }; - - const addDeprecation = jest.fn(); - transformDeprecations(settings, fromPath, addDeprecation); - expect(addDeprecation).not.toHaveBeenCalled(); - }); - - it('logs a warning if ssl.key is set and ssl.certificate is not', () => { - const settings = { elasticsearch: { ssl: { key: '' } } }; - - const addDeprecation = jest.fn(); - transformDeprecations(settings, fromPath, addDeprecation); - expect(addDeprecation).toHaveBeenCalled(); - }); - - it('logs a warning if ssl.certificate is set and ssl.key is not', () => { - const settings = { elasticsearch: { ssl: { certificate: '' } } }; - - const addDeprecation = jest.fn(); - transformDeprecations(settings, fromPath, addDeprecation); - expect(addDeprecation).toHaveBeenCalled(); - }); - - it('does not log a warning if both ssl.key and ssl.certificate are set', () => { - const settings = { elasticsearch: { ssl: { key: '', certificate: '' } } }; - - const addDeprecation = jest.fn(); - transformDeprecations(settings, fromPath, addDeprecation); - expect(addDeprecation).not.toHaveBeenCalled(); - }); - }); - describe('xpack_api_polling_frequency_millis', () => { it('should call rename for this renamed config key', () => { const settings = { xpack_api_polling_frequency_millis: 30000 }; diff --git a/x-pack/plugins/monitoring/server/deprecations.ts b/x-pack/plugins/monitoring/server/deprecations.ts index 7c3d3e3baf58a0a..42868e3fa258477 100644 --- a/x-pack/plugins/monitoring/server/deprecations.ts +++ b/x-pack/plugins/monitoring/server/deprecations.ts @@ -59,56 +59,13 @@ export const deprecations = ({ } return config; }, - (config, fromPath, addDeprecation) => { - const es: Record = get(config, 'elasticsearch'); - if (es) { - if (es.username === 'elastic') { - addDeprecation({ - configPath: 'elasticsearch.username', - message: `Setting [${fromPath}.username] to "elastic" is deprecated. You should use the "kibana_system" user instead.`, - correctiveActions: { - manualSteps: [`Replace [${fromPath}.username] from "elastic" to "kibana_system".`], - }, - }); - } else if (es.username === 'kibana') { - addDeprecation({ - configPath: 'elasticsearch.username', - message: `Setting [${fromPath}.username] to "kibana" is deprecated. You should use the "kibana_system" user instead.`, - correctiveActions: { - manualSteps: [`Replace [${fromPath}.username] from "kibana" to "kibana_system".`], - }, - }); - } - } - return config; - }, - (config, fromPath, addDeprecation) => { - const ssl: Record = get(config, 'elasticsearch.ssl'); - if (ssl) { - if (ssl.key !== undefined && ssl.certificate === undefined) { - addDeprecation({ - configPath: 'elasticsearch.ssl.key', - message: `Setting [${fromPath}.key] without [${fromPath}.certificate] is deprecated. This has no effect, you should use both settings to enable TLS client authentication to Elasticsearch.`, - correctiveActions: { - manualSteps: [ - `Set [${fromPath}.ssl.certificate] in your kibana configs to enable TLS client authentication to Elasticsearch.`, - ], - }, - }); - } else if (ssl.certificate !== undefined && ssl.key === undefined) { - addDeprecation({ - configPath: 'elasticsearch.ssl.certificate', - message: `Setting [${fromPath}.certificate] without [${fromPath}.key] is deprecated. This has no effect, you should use both settings to enable TLS client authentication to Elasticsearch.`, - correctiveActions: { - manualSteps: [ - `Set [${fromPath}.ssl.key] in your kibana configs to enable TLS client authentication to Elasticsearch.`, - ], - }, - }); - } - } - return config; - }, rename('xpack_api_polling_frequency_millis', 'licensing.api_polling_frequency'), + + // TODO: Add deprecations for "monitoring.ui.elasticsearch.username: elastic" and "monitoring.ui.elasticsearch.username: kibana". + // TODO: Add deprecations for using "monitoring.ui.elasticsearch.ssl.certificate" without "monitoring.ui.elasticsearch.ssl.key", and + // vice versa. + // ^ These deprecations should only be shown if they are explicitly configured for monitoring -- we should not show Monitoring + // deprecations for these settings if they are inherited from the Core elasticsearch settings. + // See the Core implementation: src/core/server/elasticsearch/elasticsearch_config.ts ]; }; diff --git a/x-pack/plugins/security/server/config_deprecations.test.ts b/x-pack/plugins/security/server/config_deprecations.test.ts index 808c0aeb85b12ac..a629b6d73a682fd 100644 --- a/x-pack/plugins/security/server/config_deprecations.test.ts +++ b/x-pack/plugins/security/server/config_deprecations.test.ts @@ -312,7 +312,7 @@ describe('Config Deprecations', () => { const { messages, configPaths } = applyConfigDeprecations(cloneDeep(config)); expect(messages).toMatchInlineSnapshot(` Array [ - "\\"xpack.security.authc.providers.saml..maxRedirectURLSize\\" is no longer used.", + "This setting is no longer used.", ] `); @@ -333,7 +333,7 @@ describe('Config Deprecations', () => { expect(migrated).toEqual(config); expect(messages).toMatchInlineSnapshot(` Array [ - "\\"xpack.security.authc.providers\\" accepts an extended \\"object\\" format instead of an array of provider types.", + "Use the new object format instead of an array of provider types.", ] `); }); @@ -352,8 +352,8 @@ describe('Config Deprecations', () => { expect(migrated).toEqual(config); expect(messages).toMatchInlineSnapshot(` Array [ - "\\"xpack.security.authc.providers\\" accepts an extended \\"object\\" format instead of an array of provider types.", - "Enabling both \\"basic\\" and \\"token\\" authentication providers in \\"xpack.security.authc.providers\\" is deprecated. Login page will only use \\"token\\" provider.", + "Use the new object format instead of an array of provider types.", + "Use only one of these providers. When both providers are set, Kibana only uses the \\"token\\" provider.", ] `); }); diff --git a/x-pack/plugins/security/server/config_deprecations.ts b/x-pack/plugins/security/server/config_deprecations.ts index 46fbbcec5188ee5..0c76840819b3d57 100644 --- a/x-pack/plugins/security/server/config_deprecations.ts +++ b/x-pack/plugins/security/server/config_deprecations.ts @@ -13,22 +13,23 @@ export const securityConfigDeprecationProvider: ConfigDeprecationProvider = ({ renameFromRoot, unused, }) => [ - rename('sessionTimeout', 'session.idleTimeout'), - rename('authProviders', 'authc.providers'), + rename('sessionTimeout', 'session.idleTimeout', { level: 'warning' }), + rename('authProviders', 'authc.providers', { level: 'warning' }), - rename('audit.appender.kind', 'audit.appender.type'), - rename('audit.appender.layout.kind', 'audit.appender.layout.type'), - rename('audit.appender.policy.kind', 'audit.appender.policy.type'), - rename('audit.appender.strategy.kind', 'audit.appender.strategy.type'), - rename('audit.appender.path', 'audit.appender.fileName'), + rename('audit.appender.kind', 'audit.appender.type', { level: 'warning' }), + rename('audit.appender.layout.kind', 'audit.appender.layout.type', { level: 'warning' }), + rename('audit.appender.policy.kind', 'audit.appender.policy.type', { level: 'warning' }), + rename('audit.appender.strategy.kind', 'audit.appender.strategy.type', { level: 'warning' }), + rename('audit.appender.path', 'audit.appender.fileName', { level: 'warning' }), renameFromRoot( 'security.showInsecureClusterWarning', - 'xpack.security.showInsecureClusterWarning' + 'xpack.security.showInsecureClusterWarning', + { level: 'warning' } ), - unused('authorization.legacyFallback.enabled'), - unused('authc.saml.maxRedirectURLSize'), + unused('authorization.legacyFallback.enabled', { level: 'warning' }), + unused('authc.saml.maxRedirectURLSize', { level: 'warning' }), // Deprecation warning for the legacy audit logger. (settings, fromPath, addDeprecation, { branch }) => { const auditLoggingEnabled = settings?.xpack?.security?.audit?.enabled ?? false; @@ -57,30 +58,33 @@ export const securityConfigDeprecationProvider: ConfigDeprecationProvider = ({ }, // Deprecation warning for the old array-based format of `xpack.security.authc.providers`. - (settings, fromPath, addDeprecation) => { + (settings, _fromPath, addDeprecation, { branch }) => { if (Array.isArray(settings?.xpack?.security?.authc?.providers)) { addDeprecation({ configPath: 'xpack.security.authc.providers', title: i18n.translate('xpack.security.deprecations.authcProvidersTitle', { - defaultMessage: - 'Defining "xpack.security.authc.providers" as an array of provider types is deprecated', + defaultMessage: 'The array format for "xpack.security.authc.providers" is deprecated', }), message: i18n.translate('xpack.security.deprecations.authcProvidersMessage', { - defaultMessage: - '"xpack.security.authc.providers" accepts an extended "object" format instead of an array of provider types.', + defaultMessage: 'Use the new object format instead of an array of provider types.', }), + level: 'warning', + documentationUrl: `https://www.elastic.co/guide/en/kibana/${branch}/security-settings-kb.html#authentication-security-settings`, correctiveActions: { manualSteps: [ - i18n.translate('xpack.security.deprecations.authcProviders.manualStepOneMessage', { + i18n.translate('xpack.security.deprecations.authcProviders.manualSteps1', { defaultMessage: - 'Use the extended object format for "xpack.security.authc.providers" in your Kibana configuration.', + 'Remove the "xpack.security.authc.providers" setting from kibana.yml.', + }), + i18n.translate('xpack.security.deprecations.authcProviders.manualSteps2', { + defaultMessage: 'Add your authentication providers using the new object format.', }), ], }, }); } }, - (settings, fromPath, addDeprecation) => { + (settings, _fromPath, addDeprecation, { branch }) => { const hasProviderType = (providerType: string) => { const providers = settings?.xpack?.security?.authc?.providers; if (Array.isArray(providers)) { @@ -93,31 +97,35 @@ export const securityConfigDeprecationProvider: ConfigDeprecationProvider = ({ }; if (hasProviderType('basic') && hasProviderType('token')) { + const basicProvider = 'basic'; + const tokenProvider = 'token'; addDeprecation({ configPath: 'xpack.security.authc.providers', title: i18n.translate('xpack.security.deprecations.basicAndTokenProvidersTitle', { defaultMessage: - 'Both "basic" and "token" authentication providers are enabled in "xpack.security.authc.providers"', + 'Using both "{basicProvider}" and "{tokenProvider}" providers in "xpack.security.authc.providers" has no effect', + values: { basicProvider, tokenProvider }, }), message: i18n.translate('xpack.security.deprecations.basicAndTokenProvidersMessage', { defaultMessage: - 'Enabling both "basic" and "token" authentication providers in "xpack.security.authc.providers" is deprecated. Login page will only use "token" provider.', + 'Use only one of these providers. When both providers are set, Kibana only uses the "{tokenProvider}" provider.', + values: { tokenProvider }, }), + level: 'warning', + documentationUrl: `https://www.elastic.co/guide/en/kibana/${branch}/security-settings-kb.html#authentication-security-settings`, correctiveActions: { manualSteps: [ - i18n.translate( - 'xpack.security.deprecations.basicAndTokenProviders.manualStepOneMessage', - { - defaultMessage: - 'Remove either the "basic" or "token" auth provider in "xpack.security.authc.providers" from your Kibana configuration.', - } - ), + i18n.translate('xpack.security.deprecations.basicAndTokenProviders.manualSteps1', { + defaultMessage: + 'Remove the "{basicProvider}" provider from "xpack.security.authc.providers" in kibana.yml.', + values: { basicProvider }, + }), ], }, }); } }, - (settings, fromPath, addDeprecation) => { + (settings, _fromPath, addDeprecation, { branch }) => { const samlProviders = (settings?.xpack?.security?.authc?.providers?.saml ?? {}) as Record< string, any @@ -131,17 +139,18 @@ export const securityConfigDeprecationProvider: ConfigDeprecationProvider = ({ configPath: `xpack.security.authc.providers.saml.${foundProvider[0]}.maxRedirectURLSize`, title: i18n.translate('xpack.security.deprecations.maxRedirectURLSizeTitle', { defaultMessage: - '"xpack.security.authc.providers.saml..maxRedirectURLSize" is deprecated', + '"xpack.security.authc.providers.saml..maxRedirectURLSize" has no effect', }), message: i18n.translate('xpack.security.deprecations.maxRedirectURLSizeMessage', { - defaultMessage: - '"xpack.security.authc.providers.saml..maxRedirectURLSize" is no longer used.', + defaultMessage: 'This setting is no longer used.', }), + level: 'warning', + documentationUrl: `https://www.elastic.co/guide/en/kibana/${branch}/security-settings-kb.html#authentication-security-settings`, correctiveActions: { manualSteps: [ - i18n.translate('xpack.security.deprecations.maxRedirectURLSize.manualStepOneMessage', { + i18n.translate('xpack.security.deprecations.maxRedirectURLSize.manualSteps1', { defaultMessage: - 'Remove "xpack.security.authc.providers.saml..maxRedirectURLSize" from your Kibana configuration.', + 'Remove "xpack.security.authc.providers.saml..maxRedirectURLSize" from kibana.yml.', }), ], }, From cf4a687906c0cade25312d0780a06a0a777a2beb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20S=C3=A1nchez?= Date: Mon, 18 Oct 2021 17:35:28 +0200 Subject: [PATCH 43/50] [Security Solution][Endpoint] Fix unhandled promise rejections in skipped tests (#115354) * Fix errors and comment code in middleware (pending to fix this) * Fix endpoint list middleware test * Fix policy TA layout test * Fix test returning missing promise --- .../search_exceptions.test.tsx | 1 - .../management/pages/endpoint_hosts/mocks.ts | 39 ++++++------- .../endpoint_hosts/store/middleware.test.ts | 4 +- .../policy_trusted_apps_layout.test.tsx | 56 +++++++++++++------ 4 files changed, 59 insertions(+), 41 deletions(-) diff --git a/x-pack/plugins/security_solution/public/management/components/search_exceptions/search_exceptions.test.tsx b/x-pack/plugins/security_solution/public/management/components/search_exceptions/search_exceptions.test.tsx index d7db249475df73b..084978d35d03abc 100644 --- a/x-pack/plugins/security_solution/public/management/components/search_exceptions/search_exceptions.test.tsx +++ b/x-pack/plugins/security_solution/public/management/components/search_exceptions/search_exceptions.test.tsx @@ -20,7 +20,6 @@ jest.mock('../../../common/components/user_privileges/use_endpoint_privileges'); let onSearchMock: jest.Mock; const mockUseEndpointPrivileges = useEndpointPrivileges as jest.Mock; -// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 describe('Search exceptions', () => { let appTestContext: AppContextTestRender; let renderResult: ReturnType; diff --git a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/mocks.ts b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/mocks.ts index e0b5837c2f78a7c..c724773593f53b2 100644 --- a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/mocks.ts +++ b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/mocks.ts @@ -122,30 +122,27 @@ export const endpointActivityLogHttpMock = const responseData = fleetActionGenerator.generateResponse({ agent_id: endpointMetadata.agent.id, }); - return { - body: { - page: 1, - pageSize: 50, - startDate: 'now-1d', - endDate: 'now', - data: [ - { - type: 'response', - item: { - id: '', - data: responseData, - }, + page: 1, + pageSize: 50, + startDate: 'now-1d', + endDate: 'now', + data: [ + { + type: 'response', + item: { + id: '', + data: responseData, }, - { - type: 'action', - item: { - id: '', - data: actionData, - }, + }, + { + type: 'action', + item: { + id: '', + data: actionData, }, - ], - }, + }, + ], }; }, }, diff --git a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.test.ts b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.test.ts index 43fa4e104067fee..81c4dc6f2f7decd 100644 --- a/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.test.ts +++ b/x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.test.ts @@ -61,8 +61,7 @@ jest.mock('../../../../common/lib/kibana'); type EndpointListStore = Store, Immutable>; -// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 -describe.skip('endpoint list middleware', () => { +describe('endpoint list middleware', () => { const getKibanaServicesMock = KibanaServices.get as jest.Mock; let fakeCoreStart: jest.Mocked; let depsStart: DepsStartMock; @@ -390,7 +389,6 @@ describe.skip('endpoint list middleware', () => { it('should call get Activity Log API with correct paging options', async () => { dispatchUserChangedUrl(); - const updatePagingDispatched = waitForAction('endpointDetailsActivityLogUpdatePaging'); dispatchGetActivityLogPaging({ page: 3 }); diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.test.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.test.tsx index e519d19d60fdc61..43e19c00bcc8e68 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/trusted_apps/layout/policy_trusted_apps_layout.test.tsx @@ -19,20 +19,14 @@ import { createLoadedResourceState, isLoadedResourceState } from '../../../../.. import { getPolicyDetailsArtifactsListPath } from '../../../../../common/routing'; import { EndpointDocGenerator } from '../../../../../../../common/endpoint/generate_data'; import { policyListApiPathHandlers } from '../../../store/test_mock_utils'; -import { licenseService } from '../../../../../../common/hooks/use_license'; +import { + EndpointPrivileges, + useEndpointPrivileges, +} from '../../../../../../common/components/user_privileges/use_endpoint_privileges'; jest.mock('../../../../trusted_apps/service'); -jest.mock('../../../../../../common/hooks/use_license', () => { - const licenseServiceInstance = { - isPlatinumPlus: jest.fn(), - }; - return { - licenseService: licenseServiceInstance, - useLicense: () => { - return licenseServiceInstance; - }, - }; -}); +jest.mock('../../../../../../common/components/user_privileges/use_endpoint_privileges'); +const mockUseEndpointPrivileges = useEndpointPrivileges as jest.Mock; let mockedContext: AppContextTestRender; let waitForAction: MiddlewareActionSpyHelper['waitForAction']; @@ -42,8 +36,17 @@ let coreStart: AppContextTestRender['coreStart']; let http: typeof coreStart.http; const generator = new EndpointDocGenerator(); -// unhandled promise rejection: https://github.com/elastic/kibana/issues/112699 -describe.skip('Policy trusted apps layout', () => { +describe('Policy trusted apps layout', () => { + const loadedUserEndpointPrivilegesState = ( + endpointOverrides: Partial = {} + ): EndpointPrivileges => ({ + loading: false, + canAccessFleet: true, + canAccessEndpointManagement: true, + isPlatinumPlus: true, + ...endpointOverrides, + }); + beforeEach(() => { mockedContext = createAppRootMockRenderer(); http = mockedContext.coreStart.http; @@ -59,6 +62,14 @@ describe.skip('Policy trusted apps layout', () => { }); } + // GET Agent status for agent policy + if (path === '/api/fleet/agent-status') { + return Promise.resolve({ + results: { events: 0, total: 5, online: 3, error: 1, offline: 1 }, + success: true, + }); + } + // Get package data // Used in tests that route back to the list if (policyListApiHandlers[path]) { @@ -78,6 +89,10 @@ describe.skip('Policy trusted apps layout', () => { render = () => mockedContext.render(); }); + afterAll(() => { + mockUseEndpointPrivileges.mockReset(); + }); + afterEach(() => reactTestingLibrary.cleanup()); it('should renders layout with no existing TA data', async () => { @@ -121,7 +136,11 @@ describe.skip('Policy trusted apps layout', () => { }); it('should hide assign button on empty state with unassigned policies when downgraded to a gold or below license', async () => { - (licenseService.isPlatinumPlus as jest.Mock).mockReturnValue(false); + mockUseEndpointPrivileges.mockReturnValue( + loadedUserEndpointPrivilegesState({ + isPlatinumPlus: false, + }) + ); const component = render(); mockedContext.history.push(getPolicyDetailsArtifactsListPath('1234')); @@ -133,8 +152,13 @@ describe.skip('Policy trusted apps layout', () => { }); expect(component.queryByTestId('assign-ta-button')).toBeNull(); }); + it('should hide the `Assign trusted applications` button when there is data and the license is downgraded to gold or below', async () => { - (licenseService.isPlatinumPlus as jest.Mock).mockReturnValue(false); + mockUseEndpointPrivileges.mockReturnValue( + loadedUserEndpointPrivilegesState({ + isPlatinumPlus: false, + }) + ); TrustedAppsHttpServiceMock.mockImplementation(() => { return { getTrustedAppsList: () => getMockListResponse(), From b19b63b516ed866c55b51316fb3041b08e78d092 Mon Sep 17 00:00:00 2001 From: Kevin Lacabane Date: Mon, 18 Oct 2021 17:36:47 +0200 Subject: [PATCH 44/50] center spinner in NoData component (#115210) Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../public/components/no_data/checking_settings.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/x-pack/plugins/monitoring/public/components/no_data/checking_settings.js b/x-pack/plugins/monitoring/public/components/no_data/checking_settings.js index 86a7537c2e66136..d55f2587950af60 100644 --- a/x-pack/plugins/monitoring/public/components/no_data/checking_settings.js +++ b/x-pack/plugins/monitoring/public/components/no_data/checking_settings.js @@ -15,18 +15,18 @@ export function CheckingSettings({ checkMessage }) { const message = checkMessage || ( ); return ( - + - {message}... + {message} ); From 87d6375ab05f7506bcbf5cd2bee6d9704c371d16 Mon Sep 17 00:00:00 2001 From: Byron Hulcher Date: Mon, 18 Oct 2021 11:43:45 -0400 Subject: [PATCH 45/50] [App Search] Wire up ignored queries panel for curations history view (#115238) --- .../ignored_queries_logic.test.ts | 215 ++++++++++++++++++ .../ignored_queries_logic.ts | 141 ++++++++++++ .../ignored_queries_panel.test.tsx | 93 ++++++++ .../ignored_queries_panel.tsx | 105 +++++++++ .../components/ignored_queries_panel/index.ts | 8 + .../ignored_suggestions_panel.test.tsx | 25 -- .../components/ignored_suggestions_panel.tsx | 53 ----- .../curations_history/components/index.ts | 2 +- .../curations_history.test.tsx | 8 +- .../curations_history/curations_history.tsx | 8 +- 10 files changed, 567 insertions(+), 91 deletions(-) create mode 100644 x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_logic.test.ts create mode 100644 x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_logic.ts create mode 100644 x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_panel.test.tsx create mode 100644 x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_panel.tsx create mode 100644 x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/index.ts delete mode 100644 x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_suggestions_panel.test.tsx delete mode 100644 x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_suggestions_panel.tsx diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_logic.test.ts b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_logic.test.ts new file mode 100644 index 000000000000000..83a200943256b29 --- /dev/null +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_logic.test.ts @@ -0,0 +1,215 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { + LogicMounter, + mockFlashMessageHelpers, + mockHttpValues, +} from '../../../../../../../__mocks__/kea_logic'; +import '../../../../../../__mocks__/engine_logic.mock'; + +// I don't know why eslint is saying this line is out of order +// eslint-disable-next-line import/order +import { nextTick } from '@kbn/test/jest'; + +import { DEFAULT_META } from '../../../../../../../shared/constants'; + +import { IgnoredQueriesLogic } from './ignored_queries_logic'; + +const DEFAULT_VALUES = { + dataLoading: true, + ignoredQueries: [], + meta: { + ...DEFAULT_META, + page: { + ...DEFAULT_META.page, + size: 10, + }, + }, +}; + +describe('IgnoredQueriesLogic', () => { + const { mount } = new LogicMounter(IgnoredQueriesLogic); + const { flashAPIErrors, flashSuccessToast } = mockFlashMessageHelpers; + const { http } = mockHttpValues; + + beforeEach(() => { + jest.clearAllMocks(); + mount(); + }); + + it('has expected default values', () => { + expect(IgnoredQueriesLogic.values).toEqual(DEFAULT_VALUES); + }); + + describe('actions', () => { + describe('onIgnoredQueriesLoad', () => { + it('should set queries, meta state, & dataLoading to false', () => { + IgnoredQueriesLogic.actions.onIgnoredQueriesLoad(['first query', 'second query'], { + page: { + current: 1, + size: 10, + total_results: 1, + total_pages: 1, + }, + }); + + expect(IgnoredQueriesLogic.values).toEqual({ + ...DEFAULT_VALUES, + ignoredQueries: ['first query', 'second query'], + meta: { + page: { + current: 1, + size: 10, + total_results: 1, + total_pages: 1, + }, + }, + dataLoading: false, + }); + }); + }); + + describe('onPaginate', () => { + it('should update meta', () => { + IgnoredQueriesLogic.actions.onPaginate(2); + + expect(IgnoredQueriesLogic.values).toEqual({ + ...DEFAULT_VALUES, + meta: { + ...DEFAULT_META, + page: { + ...DEFAULT_META.page, + current: 2, + }, + }, + }); + }); + }); + }); + + describe('listeners', () => { + describe('loadIgnoredQueries', () => { + it('should make an API call and set suggestions & meta state', async () => { + http.post.mockReturnValueOnce( + Promise.resolve({ + results: [{ query: 'first query' }, { query: 'second query' }], + meta: { + page: { + current: 1, + size: 10, + total_results: 1, + total_pages: 1, + }, + }, + }) + ); + jest.spyOn(IgnoredQueriesLogic.actions, 'onIgnoredQueriesLoad'); + + IgnoredQueriesLogic.actions.loadIgnoredQueries(); + await nextTick(); + + expect(http.post).toHaveBeenCalledWith( + '/internal/app_search/engines/some-engine/search_relevance_suggestions', + { + body: JSON.stringify({ + page: { + current: 1, + size: 10, + }, + filters: { + status: ['disabled'], + type: 'curation', + }, + }), + } + ); + + expect(IgnoredQueriesLogic.actions.onIgnoredQueriesLoad).toHaveBeenCalledWith( + ['first query', 'second query'], + { + page: { + current: 1, + size: 10, + total_results: 1, + total_pages: 1, + }, + } + ); + }); + + it('handles errors', async () => { + http.post.mockReturnValueOnce(Promise.reject('error')); + + IgnoredQueriesLogic.actions.loadIgnoredQueries(); + await nextTick(); + + expect(flashAPIErrors).toHaveBeenCalledWith('error'); + }); + }); + + describe('allowIgnoredQuery', () => { + it('will make an http call to reject the suggestion for the query', async () => { + http.put.mockReturnValueOnce( + Promise.resolve({ + results: [ + { + query: 'test query', + type: 'curation', + status: 'rejected', + }, + ], + }) + ); + + IgnoredQueriesLogic.actions.allowIgnoredQuery('test query'); + await nextTick(); + + expect(http.put).toHaveBeenCalledWith( + '/internal/app_search/engines/some-engine/search_relevance_suggestions', + { + body: JSON.stringify([ + { + query: 'test query', + type: 'curation', + status: 'rejected', + }, + ]), + } + ); + + expect(flashSuccessToast).toHaveBeenCalledWith(expect.any(String)); + }); + + it('handles errors', async () => { + http.put.mockReturnValueOnce(Promise.reject('error')); + + IgnoredQueriesLogic.actions.allowIgnoredQuery('test query'); + await nextTick(); + + expect(flashAPIErrors).toHaveBeenCalledWith('error'); + }); + + it('handles inline errors', async () => { + http.put.mockReturnValueOnce( + Promise.resolve({ + results: [ + { + error: 'error', + }, + ], + }) + ); + + IgnoredQueriesLogic.actions.allowIgnoredQuery('test query'); + await nextTick(); + + expect(flashAPIErrors).toHaveBeenCalledWith('error'); + }); + }); + }); +}); diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_logic.ts b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_logic.ts new file mode 100644 index 000000000000000..e36b5bc156b4687 --- /dev/null +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_logic.ts @@ -0,0 +1,141 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { kea, MakeLogicType } from 'kea'; + +import { i18n } from '@kbn/i18n'; + +import { Meta } from '../../../../../../../../../common/types'; +import { DEFAULT_META } from '../../../../../../../shared/constants'; +import { flashAPIErrors, flashSuccessToast } from '../../../../../../../shared/flash_messages'; +import { HttpLogic } from '../../../../../../../shared/http'; +import { updateMetaPageIndex } from '../../../../../../../shared/table_pagination'; +import { EngineLogic } from '../../../../../engine'; +import { CurationSuggestion } from '../../../../types'; + +interface IgnoredQueriesValues { + dataLoading: boolean; + ignoredQueries: string[]; + meta: Meta; +} + +interface IgnoredQueriesActions { + allowIgnoredQuery(ignoredQuery: string): { + ignoredQuery: string; + }; + loadIgnoredQueries(): void; + onIgnoredQueriesLoad( + ignoredQueries: string[], + meta: Meta + ): { ignoredQueries: string[]; meta: Meta }; + onPaginate(newPageIndex: number): { newPageIndex: number }; +} + +interface SuggestionUpdateError { + error: string; +} + +const ALLOW_SUCCESS_MESSAGE = i18n.translate( + 'xpack.enterpriseSearch.appSearch.curations.ignoredSuggestionsPanel.allowQuerySuccessMessage', + { + defaultMessage: 'You’ll be notified about future suggestions for this query', + } +); + +export const IgnoredQueriesLogic = kea>({ + path: ['enterprise_search', 'app_search', 'curations', 'ignored_queries_panel_logic'], + actions: () => ({ + allowIgnoredQuery: (ignoredQuery) => ({ ignoredQuery }), + loadIgnoredQueries: true, + onIgnoredQueriesLoad: (ignoredQueries, meta) => ({ ignoredQueries, meta }), + onPaginate: (newPageIndex) => ({ newPageIndex }), + }), + reducers: () => ({ + dataLoading: [ + true, + { + onIgnoredQueriesLoad: () => false, + }, + ], + ignoredQueries: [ + [], + { + onIgnoredQueriesLoad: (_, { ignoredQueries }) => ignoredQueries, + }, + ], + meta: [ + { + ...DEFAULT_META, + page: { + ...DEFAULT_META.page, + size: 10, + }, + }, + { + onIgnoredQueriesLoad: (_, { meta }) => meta, + onPaginate: (state, { newPageIndex }) => updateMetaPageIndex(state, newPageIndex), + }, + ], + }), + listeners: ({ actions, values }) => ({ + loadIgnoredQueries: async () => { + const { meta } = values; + const { http } = HttpLogic.values; + const { engineName } = EngineLogic.values; + + try { + const response: { results: CurationSuggestion[]; meta: Meta } = await http.post( + `/internal/app_search/engines/${engineName}/search_relevance_suggestions`, + { + body: JSON.stringify({ + page: { + current: meta.page.current, + size: meta.page.size, + }, + filters: { + status: ['disabled'], + type: 'curation', + }, + }), + } + ); + + const queries = response.results.map((suggestion) => suggestion.query); + actions.onIgnoredQueriesLoad(queries, response.meta); + } catch (e) { + flashAPIErrors(e); + } + }, + allowIgnoredQuery: async ({ ignoredQuery }) => { + const { http } = HttpLogic.values; + const { engineName } = EngineLogic.values; + try { + const response = await http.put<{ + results: Array; + }>(`/internal/app_search/engines/${engineName}/search_relevance_suggestions`, { + body: JSON.stringify([ + { + query: ignoredQuery, + type: 'curation', + status: 'rejected', + }, + ]), + }); + + if (response.results[0].hasOwnProperty('error')) { + throw (response.results[0] as SuggestionUpdateError).error; + } + + flashSuccessToast(ALLOW_SUCCESS_MESSAGE); + // re-loading to update the current page rather than manually remove the query + actions.loadIgnoredQueries(); + } catch (e) { + flashAPIErrors(e); + } + }, + }), +}); diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_panel.test.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_panel.test.tsx new file mode 100644 index 000000000000000..919e1e8706c945e --- /dev/null +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_panel.test.tsx @@ -0,0 +1,93 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import '../../../../../../../__mocks__/shallow_useeffect.mock'; +// I don't know why eslint is saying this line is out of order +// eslint-disable-next-line import/order +import { setMockActions, setMockValues } from '../../../../../../../__mocks__/kea_logic'; +import '../../../../../../__mocks__/engine_logic.mock'; + +import React from 'react'; + +import { shallow } from 'enzyme'; + +import { EuiBasicTable } from '@elastic/eui'; + +import { IgnoredQueriesPanel } from './ignored_queries_panel'; + +describe('IgnoredQueriesPanel', () => { + const values = { + dataLoading: false, + suggestions: [ + { + query: 'foo', + updated_at: '2021-07-08T14:35:50Z', + promoted: ['1', '2'], + }, + ], + meta: { + page: { + current: 1, + size: 10, + total_results: 2, + }, + }, + }; + + const mockActions = { + allowIgnoredQuery: jest.fn(), + loadIgnoredQueries: jest.fn(), + onPaginate: jest.fn(), + }; + + beforeAll(() => { + setMockValues(values); + setMockActions(mockActions); + }); + + beforeEach(() => { + jest.clearAllMocks(); + }); + + const getColumn = (index: number) => { + const wrapper = shallow(); + const table = wrapper.find(EuiBasicTable); + const columns = table.prop('columns'); + return columns[index]; + }; + + it('renders', () => { + const wrapper = shallow(); + expect(wrapper.find(EuiBasicTable).exists()).toBe(true); + }); + + it('show a query', () => { + const column = getColumn(0).render('test query'); + expect(column).toEqual('test query'); + }); + + it('has an allow action', () => { + const column = getColumn(1); + // @ts-ignore + const actions = column.actions; + actions[0].onClick('test query'); + expect(mockActions.allowIgnoredQuery).toHaveBeenCalledWith('test query'); + }); + + it('fetches data on load', () => { + shallow(); + + expect(mockActions.loadIgnoredQueries).toHaveBeenCalled(); + }); + + it('supports pagination', () => { + const wrapper = shallow(); + wrapper.find(EuiBasicTable).simulate('change', { page: { index: 0 } }); + + expect(mockActions.onPaginate).toHaveBeenCalledWith(1); + }); +}); diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_panel.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_panel.tsx new file mode 100644 index 000000000000000..f7cc192932332b6 --- /dev/null +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_panel.tsx @@ -0,0 +1,105 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React, { useEffect } from 'react'; + +import { useActions, useValues } from 'kea'; + +import { EuiBasicTable, EuiBasicTableColumn } from '@elastic/eui'; + +import { i18n } from '@kbn/i18n'; + +import { + convertMetaToPagination, + handlePageChange, +} from '../../../../../../../shared/table_pagination'; + +import { DataPanel } from '../../../../../data_panel'; + +import { IgnoredQueriesLogic } from './ignored_queries_logic'; + +export const IgnoredQueriesPanel: React.FC = () => { + const { dataLoading, ignoredQueries, meta } = useValues(IgnoredQueriesLogic); + const { allowIgnoredQuery, loadIgnoredQueries, onPaginate } = useActions(IgnoredQueriesLogic); + + useEffect(() => { + loadIgnoredQueries(); + }, [meta.page.current]); + + const columns: Array> = [ + { + render: (query: string) => query, + name: i18n.translate( + 'xpack.enterpriseSearch.appSearch.curations.ignoredSuggestionsPanel.queryColumnName', + { + defaultMessage: 'Query', + } + ), + }, + { + actions: [ + { + type: 'button', + name: i18n.translate( + 'xpack.enterpriseSearch.appSearch.curations.ignoredSuggestions.allowButtonLabel', + { + defaultMessage: 'Allow', + } + ), + description: i18n.translate( + 'xpack.enterpriseSearch.appSearch.curations.ignoredSuggestions.allowButtonDescription', + { + defaultMessage: 'Enable suggestions for this query', + } + ), + onClick: (query) => allowIgnoredQuery(query), + color: 'primary', + }, + ], + }, + ]; + + return ( + + {i18n.translate( + 'xpack.enterpriseSearch.appSearch.curations.ignoredSuggestionsPanel.title', + { + defaultMessage: 'Ignored queries', + } + )} +

+ } + subtitle={ + + {i18n.translate( + 'xpack.enterpriseSearch.appSearch.curations.ignoredSuggestionsPanel.description', + { + defaultMessage: 'You won’t be notified about suggestions for these queries', + } + )} + + } + iconType="eyeClosed" + hasBorder + > + + + ); +}; diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/index.ts b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/index.ts new file mode 100644 index 000000000000000..f4cb73919f42f0d --- /dev/null +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { IgnoredQueriesPanel } from './ignored_queries_panel'; diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_suggestions_panel.test.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_suggestions_panel.test.tsx deleted file mode 100644 index b09981748f19cb5..000000000000000 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_suggestions_panel.test.tsx +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; - -import { shallow } from 'enzyme'; - -import { EuiBasicTable } from '@elastic/eui'; - -import { DataPanel } from '../../../../data_panel'; - -import { IgnoredSuggestionsPanel } from './ignored_suggestions_panel'; - -describe('IgnoredSuggestionsPanel', () => { - it('renders', () => { - const wrapper = shallow(); - - expect(wrapper.is(DataPanel)).toBe(true); - expect(wrapper.find(EuiBasicTable)).toHaveLength(1); - }); -}); diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_suggestions_panel.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_suggestions_panel.tsx deleted file mode 100644 index f2fdfd55a7e5a15..000000000000000 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_suggestions_panel.tsx +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; - -import { CustomItemAction, EuiBasicTable, EuiBasicTableColumn, EuiLink } from '@elastic/eui'; - -import { DataPanel } from '../../../../data_panel'; -import { CurationSuggestion } from '../../../types'; - -export const IgnoredSuggestionsPanel: React.FC = () => { - const ignoredSuggestions: CurationSuggestion[] = []; - - const allowSuggestion = (query: string) => alert(query); - - const actions: Array> = [ - { - render: (item: CurationSuggestion) => { - return ( - allowSuggestion(item.query)} color="primary"> - Allow - - ); - }, - }, - ]; - - const columns: Array> = [ - { - field: 'query', - name: 'Query', - sortable: true, - }, - { - actions, - }, - ]; - - return ( - Ignored queries} - subtitle={You won’t be notified about suggestions for these queries} - iconType="eyeClosed" - hasBorder - > - - - ); -}; diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/index.ts b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/index.ts index 2e16d9bde8550b0..43651e613364eb2 100644 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/index.ts +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/index.ts @@ -6,5 +6,5 @@ */ export { CurationChangesPanel } from './curation_changes_panel'; -export { IgnoredSuggestionsPanel } from './ignored_suggestions_panel'; +export { IgnoredQueriesPanel } from './ignored_queries_panel'; export { RejectedCurationsPanel } from './rejected_curations_panel'; diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/curations_history.test.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/curations_history.test.tsx index 1ebd4da694d54d0..407454922ef053f 100644 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/curations_history.test.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/curations_history.test.tsx @@ -9,11 +9,7 @@ import React from 'react'; import { shallow } from 'enzyme'; -import { - CurationChangesPanel, - IgnoredSuggestionsPanel, - RejectedCurationsPanel, -} from './components'; +import { CurationChangesPanel, IgnoredQueriesPanel, RejectedCurationsPanel } from './components'; import { CurationsHistory } from './curations_history'; describe('CurationsHistory', () => { @@ -22,6 +18,6 @@ describe('CurationsHistory', () => { expect(wrapper.find(CurationChangesPanel)).toHaveLength(1); expect(wrapper.find(RejectedCurationsPanel)).toHaveLength(1); - expect(wrapper.find(IgnoredSuggestionsPanel)).toHaveLength(1); + expect(wrapper.find(IgnoredQueriesPanel)).toHaveLength(1); }); }); diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/curations_history.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/curations_history.tsx index 6db62820b1cdb56..5f857087e05ef11 100644 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/curations_history.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/curations_history.tsx @@ -9,11 +9,7 @@ import React from 'react'; import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; -import { - CurationChangesPanel, - IgnoredSuggestionsPanel, - RejectedCurationsPanel, -} from './components'; +import { CurationChangesPanel, IgnoredQueriesPanel, RejectedCurationsPanel } from './components'; export const CurationsHistory: React.FC = () => { return ( @@ -29,7 +25,7 @@ export const CurationsHistory: React.FC = () => { - + ); From 4d40ae007fa5052768240a2468ff1824d3290901 Mon Sep 17 00:00:00 2001 From: Cristina Amico Date: Mon, 18 Oct 2021 17:54:51 +0200 Subject: [PATCH 46/50] [Fleet] Fix for NaN agents in modal when package is not installed (#115361) --- .../screens/detail/settings/update_button.tsx | 24 ++++++++++--------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/detail/settings/update_button.tsx b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/detail/settings/update_button.tsx index 48569d782a70bad..2acd5634b1e5f43 100644 --- a/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/detail/settings/update_button.tsx +++ b/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/detail/settings/update_button.tsx @@ -114,18 +114,20 @@ export const UpdateButton: React.FunctionComponent = ({ return Array.isArray(arr) && arr.every((p) => typeof p === 'string'); } - const agentCount = useMemo( - () => - agentPolicyData?.items.reduce((acc, item) => { - const existingPolicies = isStringArray(item?.package_policies) - ? (item?.package_policies as string[]).filter((p) => packagePolicyIds.includes(p)) - : (item?.package_policies as PackagePolicy[]).filter((p) => + const agentCount = useMemo(() => { + if (!agentPolicyData?.items) return 0; + + return agentPolicyData.items.reduce((acc, item) => { + const existingPolicies = item?.package_policies + ? isStringArray(item.package_policies) + ? (item.package_policies as string[]).filter((p) => packagePolicyIds.includes(p)) + : (item.package_policies as PackagePolicy[]).filter((p) => packagePolicyIds.includes(p.id) - ); - return (acc += existingPolicies.length > 0 && item?.agents ? item?.agents : 0); - }, 0), - [agentPolicyData, packagePolicyIds] - ); + ) + : []; + return (acc += existingPolicies.length > 0 && item?.agents ? item?.agents : 0); + }, 0); + }, [agentPolicyData, packagePolicyIds]); const conflictCount = useMemo( () => dryRunData?.filter((item) => item.hasErrors).length, From e9d6a072a8123239c9aef9fc7a6eb16d74f27e71 Mon Sep 17 00:00:00 2001 From: Uladzislau Lasitsa Date: Mon, 18 Oct 2021 19:14:34 +0300 Subject: [PATCH 47/50] [Visualizations] Make visualization saved object share-capable and remove savedVisLoader (#114620) * Make visualization saved object share-capable and remove savedVisLoader * Fixed some tests * FIx tests * Fix API tests * Fix spaces API integration tests * Fix core saved objects API integration tests Co-authored-by: Joe Portner <5295965+jportner@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- src/plugins/visualizations/public/mocks.ts | 3 - src/plugins/visualizations/public/plugin.ts | 12 -- .../public/saved_visualizations/_saved_vis.ts | 83 ------- .../find_list_items.test.ts | 204 ------------------ .../saved_visualizations/find_list_items.ts | 78 ------- .../public/saved_visualizations/index.ts | 9 - .../saved_visualizations.ts | 89 -------- src/plugins/visualizations/public/services.ts | 15 +- .../server/saved_objects/visualization.ts | 3 +- .../apis/saved_objects/find.ts | 28 ++- .../apis/saved_objects_management/find.ts | 4 +- .../saved_objects_management/relationships.ts | 16 +- .../kbn_archiver/saved_objects/basic.json | 2 +- .../saved_objects/basic/foo-ns.json | 97 --------- .../saved_objects/spaces/data.json | 29 +-- .../common/lib/space_test_utils.ts | 29 +++ .../common/suites/copy_to_space.ts | 66 ++++-- .../common/suites/delete.ts | 43 +--- .../suites/resolve_copy_to_space_conflicts.ts | 34 ++- 19 files changed, 162 insertions(+), 682 deletions(-) delete mode 100644 src/plugins/visualizations/public/saved_visualizations/_saved_vis.ts delete mode 100644 src/plugins/visualizations/public/saved_visualizations/find_list_items.test.ts delete mode 100644 src/plugins/visualizations/public/saved_visualizations/find_list_items.ts delete mode 100644 src/plugins/visualizations/public/saved_visualizations/index.ts delete mode 100644 src/plugins/visualizations/public/saved_visualizations/saved_visualizations.ts delete mode 100644 test/api_integration/fixtures/kbn_archiver/saved_objects/basic/foo-ns.json diff --git a/src/plugins/visualizations/public/mocks.ts b/src/plugins/visualizations/public/mocks.ts index 9b2d6bfe25b325e..48f850539c20c50 100644 --- a/src/plugins/visualizations/public/mocks.ts +++ b/src/plugins/visualizations/public/mocks.ts @@ -33,9 +33,6 @@ const createStartContract = (): VisualizationsStart => ({ getAliases: jest.fn(), getByGroup: jest.fn(), unRegisterAlias: jest.fn(), - savedVisualizationsLoader: { - get: jest.fn(), - } as any, getSavedVisualization: jest.fn(), saveVisualization: jest.fn(), findListItems: jest.fn(), diff --git a/src/plugins/visualizations/public/plugin.ts b/src/plugins/visualizations/public/plugin.ts index 87095f5c389edfd..60c50d018252b57 100644 --- a/src/plugins/visualizations/public/plugin.ts +++ b/src/plugins/visualizations/public/plugin.ts @@ -18,7 +18,6 @@ import { setUsageCollector, setExpressions, setUiActions, - setSavedVisualizationsLoader, setTimeFilter, setAggs, setChrome, @@ -39,7 +38,6 @@ import { visDimension as visDimensionExpressionFunction } from '../common/expres import { xyDimension as xyDimensionExpressionFunction } from '../common/expression_functions/xy_dimension'; import { createStartServicesGetter, StartServicesGetter } from '../../kibana_utils/public'; -import { createSavedVisLoader, SavedVisualizationsLoader } from './saved_visualizations'; import type { SerializedVis, Vis } from './vis'; import { showNewVisModal } from './wizard'; @@ -83,7 +81,6 @@ import type { VisSavedObject, SaveVisOptions, GetVisOptions } from './types'; export type VisualizationsSetup = TypesSetup; export interface VisualizationsStart extends TypesStart { - savedVisualizationsLoader: SavedVisualizationsLoader; createVis: (visType: string, visState: SerializedVis) => Promise; convertToSerializedVis: typeof convertToSerializedVis; convertFromSerializedVis: typeof convertFromSerializedVis; @@ -194,14 +191,6 @@ export class VisualizationsPlugin setSpaces(spaces); } - const savedVisualizationsLoader = createSavedVisLoader({ - savedObjectsClient: core.savedObjects.client, - indexPatterns: data.indexPatterns, - savedObjects, - visualizationTypes: types, - }); - setSavedVisualizationsLoader(savedVisualizationsLoader); - return { ...types, showNewVisModal, @@ -236,7 +225,6 @@ export class VisualizationsPlugin await createVisAsync(visType, visState), convertToSerializedVis, convertFromSerializedVis, - savedVisualizationsLoader, __LEGACY: { createVisEmbeddableFromObject: createVisEmbeddableFromObject({ start: this.getStartServicesOrDie!, diff --git a/src/plugins/visualizations/public/saved_visualizations/_saved_vis.ts b/src/plugins/visualizations/public/saved_visualizations/_saved_vis.ts deleted file mode 100644 index 9107805185fe3da..000000000000000 --- a/src/plugins/visualizations/public/saved_visualizations/_saved_vis.ts +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0 and the Server Side Public License, v 1; you may not use this file except - * in compliance with, at your election, the Elastic License 2.0 or the Server - * Side Public License, v 1. - */ - -/** - * @name SavedVis - * - * @extends SavedObject. - * - * NOTE: It's a type of SavedObject, but specific to visualizations. - */ -import type { SavedObjectsStart, SavedObject } from '../../../../plugins/saved_objects/public'; -// @ts-ignore -import { updateOldState } from '../legacy/vis_update_state'; -import { extractReferences, injectReferences } from '../utils/saved_visualization_references'; -import type { SavedObjectsClientContract } from '../../../../core/public'; -import type { IndexPatternsContract } from '../../../../plugins/data/public'; -import type { ISavedVis } from '../types'; - -export interface SavedVisServices { - savedObjectsClient: SavedObjectsClientContract; - savedObjects: SavedObjectsStart; - indexPatterns: IndexPatternsContract; -} - -/** @deprecated **/ -export function createSavedVisClass(services: SavedVisServices) { - class SavedVis extends services.savedObjects.SavedObjectClass { - public static type: string = 'visualization'; - public static mapping: Record = { - title: 'text', - visState: 'json', - uiStateJSON: 'text', - description: 'text', - savedSearchId: 'keyword', - version: 'integer', - }; - // Order these fields to the top, the rest are alphabetical - public static fieldOrder = ['title', 'description']; - - constructor(opts: Record | string = {}) { - if (typeof opts !== 'object') { - opts = { id: opts }; - } - const visState = !opts.type ? null : { type: opts.type }; - // Gives our SavedWorkspace the properties of a SavedObject - super({ - type: SavedVis.type, - mapping: SavedVis.mapping, - extractReferences, - injectReferences, - id: (opts.id as string) || '', - indexPattern: opts.indexPattern, - defaults: { - title: '', - visState, - uiStateJSON: '{}', - description: '', - savedSearchId: opts.savedSearchId, - version: 1, - }, - afterESResp: async (savedObject: SavedObject) => { - const savedVis = savedObject as any as ISavedVis; - savedVis.visState = await updateOldState(savedVis.visState); - if (savedVis.searchSourceFields?.index) { - await services.indexPatterns.get(savedVis.searchSourceFields.index as any); - } - return savedVis as any as SavedObject; - }, - }); - this.showInRecentlyAccessed = true; - this.getFullPath = () => { - return `/app/visualize#/edit/${this.id}`; - }; - } - } - - return SavedVis as unknown as new (opts: Record | string) => SavedObject; -} diff --git a/src/plugins/visualizations/public/saved_visualizations/find_list_items.test.ts b/src/plugins/visualizations/public/saved_visualizations/find_list_items.test.ts deleted file mode 100644 index 229f5a4ffd05c15..000000000000000 --- a/src/plugins/visualizations/public/saved_visualizations/find_list_items.test.ts +++ /dev/null @@ -1,204 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0 and the Server Side Public License, v 1; you may not use this file except - * in compliance with, at your election, the Elastic License 2.0 or the Server - * Side Public License, v 1. - */ - -import { findListItems } from './find_list_items'; -import { coreMock } from '../../../../core/public/mocks'; -import { SavedObjectsClientContract } from '../../../../core/public'; -import { VisTypeAlias } from '../vis_types'; - -describe('saved_visualizations', () => { - function testProps() { - const savedObjects = coreMock.createStart().savedObjects - .client as jest.Mocked; - (savedObjects.find as jest.Mock).mockImplementation(() => ({ - total: 0, - savedObjects: [], - })); - return { - visTypes: [], - search: '', - size: 10, - savedObjectsClient: savedObjects, - mapSavedObjectApiHits: jest.fn(), - }; - } - - it('searches visualization title and description', async () => { - const props = testProps(); - const { find } = props.savedObjectsClient; - await findListItems(props); - expect(find.mock.calls).toMatchObject([ - [ - { - type: ['visualization'], - searchFields: ['title^3', 'description'], - }, - ], - ]); - }); - - it('searches searchFields and types specified by app extensions', async () => { - const props = { - ...testProps(), - visTypes: [ - { - appExtensions: { - visualizations: { - docTypes: ['bazdoc', 'etc'], - searchFields: ['baz', 'bing'], - }, - }, - } as VisTypeAlias, - ], - }; - const { find } = props.savedObjectsClient; - await findListItems(props); - expect(find.mock.calls).toMatchObject([ - [ - { - type: ['bazdoc', 'etc', 'visualization'], - searchFields: ['baz', 'bing', 'title^3', 'description'], - }, - ], - ]); - }); - - it('deduplicates types and search fields', async () => { - const props = { - ...testProps(), - visTypes: [ - { - appExtensions: { - visualizations: { - docTypes: ['bazdoc', 'bar'], - searchFields: ['baz', 'bing', 'barfield'], - }, - }, - } as VisTypeAlias, - { - appExtensions: { - visualizations: { - docTypes: ['visualization', 'foo', 'bazdoc'], - searchFields: ['baz', 'bing', 'foofield'], - }, - }, - } as VisTypeAlias, - ], - }; - const { find } = props.savedObjectsClient; - await findListItems(props); - expect(find.mock.calls).toMatchObject([ - [ - { - type: ['bazdoc', 'bar', 'visualization', 'foo'], - searchFields: ['baz', 'bing', 'barfield', 'foofield', 'title^3', 'description'], - }, - ], - ]); - }); - - it('searches the search term prefix', async () => { - const props = { - ...testProps(), - search: 'ahoythere', - }; - const { find } = props.savedObjectsClient; - await findListItems(props); - expect(find.mock.calls).toMatchObject([ - [ - { - search: 'ahoythere*', - }, - ], - ]); - }); - - it('searches with references', async () => { - const props = { - ...testProps(), - references: [ - { type: 'foo', id: 'hello' }, - { type: 'bar', id: 'dolly' }, - ], - }; - const { find } = props.savedObjectsClient; - await findListItems(props); - expect(find.mock.calls).toMatchObject([ - [ - { - hasReference: [ - { type: 'foo', id: 'hello' }, - { type: 'bar', id: 'dolly' }, - ], - }, - ], - ]); - }); - - it('uses type-specific toListItem function, if available', async () => { - const props = { - ...testProps(), - mapSavedObjectApiHits(savedObject: { - id: string; - type: string; - attributes: { title: string }; - }) { - return { - id: savedObject.id, - title: `DEFAULT ${savedObject.attributes.title}`, - }; - }, - visTypes: [ - { - appExtensions: { - visualizations: { - docTypes: ['wizard'], - toListItem(savedObject) { - return { - id: savedObject.id, - title: `${(savedObject.attributes as { label: string }).label} THE GRAY`, - }; - }, - }, - }, - } as VisTypeAlias, - ], - }; - - (props.savedObjectsClient.find as jest.Mock).mockImplementationOnce(async () => ({ - total: 2, - savedObjects: [ - { - id: 'lotr', - type: 'wizard', - attributes: { label: 'Gandalf' }, - }, - { - id: 'wat', - type: 'visualization', - attributes: { title: 'WATEVER' }, - }, - ], - })); - - const items = await findListItems(props); - expect(items).toEqual({ - total: 2, - hits: [ - { - id: 'lotr', - title: 'Gandalf THE GRAY', - }, - { - id: 'wat', - title: 'DEFAULT WATEVER', - }, - ], - }); - }); -}); diff --git a/src/plugins/visualizations/public/saved_visualizations/find_list_items.ts b/src/plugins/visualizations/public/saved_visualizations/find_list_items.ts deleted file mode 100644 index f000b18413ce320..000000000000000 --- a/src/plugins/visualizations/public/saved_visualizations/find_list_items.ts +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0 and the Server Side Public License, v 1; you may not use this file except - * in compliance with, at your election, the Elastic License 2.0 or the Server - * Side Public License, v 1. - */ - -import _ from 'lodash'; -import { - SavedObjectAttributes, - SavedObjectsClientContract, - SavedObjectsFindOptionsReference, - SavedObjectsFindOptions, -} from '../../../../core/public'; -import { SavedObjectLoader } from '../../../../plugins/saved_objects/public'; -import type { VisTypeAlias } from '../vis_types'; -import { VisualizationsAppExtension } from '../vis_types/vis_type_alias_registry'; - -/** - * Search for visualizations and convert them into a list display-friendly format. - */ -export async function findListItems({ - visTypes, - search, - size, - savedObjectsClient, - mapSavedObjectApiHits, - references, -}: { - search: string; - size: number; - visTypes: VisTypeAlias[]; - savedObjectsClient: SavedObjectsClientContract; - mapSavedObjectApiHits: SavedObjectLoader['mapSavedObjectApiHits']; - references?: SavedObjectsFindOptionsReference[]; -}) { - const extensions = visTypes - .map((v) => v.appExtensions?.visualizations) - .filter(Boolean) as VisualizationsAppExtension[]; - const extensionByType = extensions.reduce((acc, m) => { - return m!.docTypes.reduce((_acc, type) => { - acc[type] = m; - return acc; - }, acc); - }, {} as { [visType: string]: VisualizationsAppExtension }); - const searchOption = (field: string, ...defaults: string[]) => - _(extensions).map(field).concat(defaults).compact().flatten().uniq().value() as string[]; - const searchOptions: SavedObjectsFindOptions = { - type: searchOption('docTypes', 'visualization'), - searchFields: searchOption('searchFields', 'title^3', 'description'), - search: search ? `${search}*` : undefined, - perPage: size, - page: 1, - defaultSearchOperator: 'AND' as 'AND', - hasReference: references, - }; - - const { total, savedObjects } = await savedObjectsClient.find( - searchOptions - ); - - return { - total, - hits: savedObjects.map((savedObject) => { - const config = extensionByType[savedObject.type]; - - if (config) { - return { - ...config.toListItem(savedObject), - references: savedObject.references, - }; - } else { - return mapSavedObjectApiHits(savedObject); - } - }), - }; -} diff --git a/src/plugins/visualizations/public/saved_visualizations/index.ts b/src/plugins/visualizations/public/saved_visualizations/index.ts deleted file mode 100644 index e42348bc0b43498..000000000000000 --- a/src/plugins/visualizations/public/saved_visualizations/index.ts +++ /dev/null @@ -1,9 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0 and the Server Side Public License, v 1; you may not use this file except - * in compliance with, at your election, the Elastic License 2.0 or the Server - * Side Public License, v 1. - */ - -export * from './saved_visualizations'; diff --git a/src/plugins/visualizations/public/saved_visualizations/saved_visualizations.ts b/src/plugins/visualizations/public/saved_visualizations/saved_visualizations.ts deleted file mode 100644 index cec65b8f988b3a3..000000000000000 --- a/src/plugins/visualizations/public/saved_visualizations/saved_visualizations.ts +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0 and the Server Side Public License, v 1; you may not use this file except - * in compliance with, at your election, the Elastic License 2.0 or the Server - * Side Public License, v 1. - */ - -import type { SavedObjectReference, SavedObjectsFindOptionsReference } from 'kibana/public'; -import { SavedObjectLoader } from '../../../../plugins/saved_objects/public'; -import { findListItems } from './find_list_items'; -import { createSavedVisClass, SavedVisServices } from './_saved_vis'; -import type { TypesStart } from '../vis_types'; - -export interface SavedVisServicesWithVisualizations extends SavedVisServices { - visualizationTypes: TypesStart; -} -export type SavedVisualizationsLoader = ReturnType; - -export interface FindListItemsOptions { - size?: number; - references?: SavedObjectsFindOptionsReference[]; -} - -/** @deprecated **/ -export function createSavedVisLoader(services: SavedVisServicesWithVisualizations) { - const { savedObjectsClient, visualizationTypes } = services; - - class SavedObjectLoaderVisualize extends SavedObjectLoader { - mapHitSource = ( - source: Record, - id: string, - references: SavedObjectReference[] = [] - ) => { - const visTypes = visualizationTypes; - source.id = id; - source.references = references; - source.url = this.urlFor(id); - - let typeName = source.typeName; - if (source.visState) { - try { - typeName = JSON.parse(String(source.visState)).type; - } catch (e) { - /* missing typename handled below */ - } - } - - if (!typeName || !visTypes.get(typeName)) { - source.error = 'Unknown visualization type'; - return source; - } - - source.type = visTypes.get(typeName); - source.savedObjectType = 'visualization'; - source.icon = source.type.icon; - source.image = source.type.image; - source.typeTitle = source.type.title; - source.editUrl = `/edit/${id}`; - - return source; - }; - urlFor(id: string) { - return `#/edit/${encodeURIComponent(id)}`; - } - // This behaves similarly to find, except it returns visualizations that are - // defined as appExtensions and which may not conform to type: visualization - findListItems(search: string = '', sizeOrOptions: number | FindListItemsOptions = 100) { - const { size = 100, references = undefined } = - typeof sizeOrOptions === 'number' - ? { - size: sizeOrOptions, - } - : sizeOrOptions; - return findListItems({ - search, - size, - references, - mapSavedObjectApiHits: this.mapSavedObjectApiHits.bind(this), - savedObjectsClient, - visTypes: visualizationTypes.getAliases(), - }); - } - } - const SavedVis = createSavedVisClass(services); - return new SavedObjectLoaderVisualize(SavedVis, savedObjectsClient) as SavedObjectLoader & { - findListItems: (search: string, sizeOrOptions?: number | FindListItemsOptions) => any; - }; -} diff --git a/src/plugins/visualizations/public/services.ts b/src/plugins/visualizations/public/services.ts index ed18884d9dc8316..95f5fa02c09a85d 100644 --- a/src/plugins/visualizations/public/services.ts +++ b/src/plugins/visualizations/public/services.ts @@ -18,13 +18,11 @@ import type { } from '../../../core/public'; import type { TypesStart } from './vis_types'; import { createGetterSetter } from '../../../plugins/kibana_utils/public'; -import type { DataPublicPluginStart, TimefilterContract } from '../../../plugins/data/public'; -import type { UsageCollectionSetup } from '../../../plugins/usage_collection/public'; -import type { ExpressionsStart } from '../../../plugins/expressions/public'; -import type { UiActionsStart } from '../../../plugins/ui_actions/public'; -import type { SavedVisualizationsLoader } from './saved_visualizations'; -import type { EmbeddableStart } from '../../embeddable/public'; - +import { DataPublicPluginStart, TimefilterContract } from '../../../plugins/data/public'; +import { UsageCollectionSetup } from '../../../plugins/usage_collection/public'; +import { ExpressionsStart } from '../../../plugins/expressions/public'; +import { UiActionsStart } from '../../../plugins/ui_actions/public'; +import { EmbeddableStart } from '../../embeddable/public'; import type { SpacesPluginStart } from '../../../../x-pack/plugins/spaces/public'; export const [getUISettings, setUISettings] = createGetterSetter('UISettings'); @@ -57,9 +55,6 @@ export const [getExpressions, setExpressions] = createGetterSetter('UiActions'); -export const [getSavedVisualizationsLoader, setSavedVisualizationsLoader] = - createGetterSetter('SavedVisualisationsLoader'); - export const [getAggs, setAggs] = createGetterSetter('AggConfigs'); diff --git a/src/plugins/visualizations/server/saved_objects/visualization.ts b/src/plugins/visualizations/server/saved_objects/visualization.ts index 53027d5d5046cd5..0793893f1d3d503 100644 --- a/src/plugins/visualizations/server/saved_objects/visualization.ts +++ b/src/plugins/visualizations/server/saved_objects/visualization.ts @@ -12,7 +12,8 @@ import { visualizationSavedObjectTypeMigrations } from '../migrations/visualizat export const visualizationSavedObjectType: SavedObjectsType = { name: 'visualization', hidden: false, - namespaceType: 'single', + namespaceType: 'multiple-isolated', + convertToMultiNamespaceTypeVersion: '8.0.0', management: { icon: 'visualizeApp', defaultSearchField: 'title', diff --git a/test/api_integration/apis/saved_objects/find.ts b/test/api_integration/apis/saved_objects/find.ts index 9b2b3a96cba5b7c..c8623f08e6f9728 100644 --- a/test/api_integration/apis/saved_objects/find.ts +++ b/test/api_integration/apis/saved_objects/find.ts @@ -14,6 +14,9 @@ export default function ({ getService }: FtrProviderContext) { const supertest = getService('supertest'); const kibanaServer = getService('kibanaServer'); const SPACE_ID = 'ftr-so-find'; + const UUID_PATTERN = new RegExp( + /^[0-9A-F]{8}-[0-9A-F]{4}-4[0-9A-F]{3}-[89AB][0-9A-F]{3}-[0-9A-F]{12}$/i + ); describe('find', () => { before(async () => { @@ -25,7 +28,7 @@ export default function ({ getService }: FtrProviderContext) { await kibanaServer.spaces.create({ id: `${SPACE_ID}-foo`, name: `${SPACE_ID}-foo` }); await kibanaServer.importExport.load( - 'test/api_integration/fixtures/kbn_archiver/saved_objects/basic/foo-ns.json', + 'test/api_integration/fixtures/kbn_archiver/saved_objects/basic.json', { space: `${SPACE_ID}-foo`, } @@ -128,22 +131,25 @@ export default function ({ getService }: FtrProviderContext) { describe('wildcard namespace', () => { it('should return 200 with individual responses from the all namespaces', async () => await supertest - .get(`/api/saved_objects/_find?type=visualization&fields=title&namespaces=*`) + .get( + `/api/saved_objects/_find?type=visualization&fields=title&fields=originId&namespaces=*` + ) .expect(200) .then((resp) => { const knownDocuments = resp.body.saved_objects.filter((so: { namespaces: string[] }) => so.namespaces.some((ns) => [SPACE_ID, `${SPACE_ID}-foo`].includes(ns)) ); + const [obj1, obj2] = knownDocuments.map( + ({ id, originId, namespaces }: SavedObject) => ({ id, originId, namespaces }) + ); - expect( - knownDocuments.map((so: { id: string; namespaces: string[] }) => ({ - id: so.id, - namespaces: so.namespaces, - })) - ).to.eql([ - { id: 'dd7caf20-9efd-11e7-acb3-3dab96693fab', namespaces: [SPACE_ID] }, - { id: 'dd7caf20-9efd-11e7-acb3-3dab96693fab', namespaces: [`${SPACE_ID}-foo`] }, - ]); + expect(obj1.id).to.equal('dd7caf20-9efd-11e7-acb3-3dab96693fab'); + expect(obj1.originId).to.equal(undefined); + expect(obj1.namespaces).to.eql([SPACE_ID]); + + expect(obj2.id).to.match(UUID_PATTERN); // this was imported to the second space and hit an unresolvable conflict, so the object ID was regenerated silently + expect(obj2.originId).to.equal('dd7caf20-9efd-11e7-acb3-3dab96693fab'); + expect(obj2.namespaces).to.eql([`${SPACE_ID}-foo`]); })); }); diff --git a/test/api_integration/apis/saved_objects_management/find.ts b/test/api_integration/apis/saved_objects_management/find.ts index 79d8a645d3ba733..bb1840d6d4e8766 100644 --- a/test/api_integration/apis/saved_objects_management/find.ts +++ b/test/api_integration/apis/saved_objects_management/find.ts @@ -220,7 +220,7 @@ export default function ({ getService }: FtrProviderContext) { path: '/app/visualize#/edit/a42c0580-3224-11e8-a572-ffca06da1357', uiCapabilitiesPath: 'visualize.show', }, - namespaceType: 'single', + namespaceType: 'multiple-isolated', }); expect(resp.body.saved_objects[1].meta).to.eql({ icon: 'visualizeApp', @@ -230,7 +230,7 @@ export default function ({ getService }: FtrProviderContext) { path: '/app/visualize#/edit/add810b0-3224-11e8-a572-ffca06da1357', uiCapabilitiesPath: 'visualize.show', }, - namespaceType: 'single', + namespaceType: 'multiple-isolated', }); })); diff --git a/test/api_integration/apis/saved_objects_management/relationships.ts b/test/api_integration/apis/saved_objects_management/relationships.ts index 47a0bedd7d77b65..cab323ca028aeef 100644 --- a/test/api_integration/apis/saved_objects_management/relationships.ts +++ b/test/api_integration/apis/saved_objects_management/relationships.ts @@ -107,7 +107,7 @@ export default function ({ getService }: FtrProviderContext) { path: '/app/visualize#/edit/a42c0580-3224-11e8-a572-ffca06da1357', uiCapabilitiesPath: 'visualize.show', }, - namespaceType: 'single', + namespaceType: 'multiple-isolated', hiddenType: false, }, }, @@ -149,7 +149,7 @@ export default function ({ getService }: FtrProviderContext) { path: '/app/visualize#/edit/a42c0580-3224-11e8-a572-ffca06da1357', uiCapabilitiesPath: 'visualize.show', }, - namespaceType: 'single', + namespaceType: 'multiple-isolated', hiddenType: false, }, relationship: 'parent', @@ -192,7 +192,7 @@ export default function ({ getService }: FtrProviderContext) { path: '/app/visualize#/edit/add810b0-3224-11e8-a572-ffca06da1357', uiCapabilitiesPath: 'visualize.show', }, - namespaceType: 'single', + namespaceType: 'multiple-isolated', hiddenType: false, }, }, @@ -207,7 +207,7 @@ export default function ({ getService }: FtrProviderContext) { path: '/app/visualize#/edit/a42c0580-3224-11e8-a572-ffca06da1357', uiCapabilitiesPath: 'visualize.show', }, - namespaceType: 'single', + namespaceType: 'multiple-isolated', hiddenType: false, }, }, @@ -230,7 +230,7 @@ export default function ({ getService }: FtrProviderContext) { path: '/app/visualize#/edit/add810b0-3224-11e8-a572-ffca06da1357', uiCapabilitiesPath: 'visualize.show', }, - namespaceType: 'single', + namespaceType: 'multiple-isolated', hiddenType: false, }, relationship: 'child', @@ -245,7 +245,7 @@ export default function ({ getService }: FtrProviderContext) { path: '/app/visualize#/edit/a42c0580-3224-11e8-a572-ffca06da1357', uiCapabilitiesPath: 'visualize.show', }, - namespaceType: 'single', + namespaceType: 'multiple-isolated', hiddenType: false, }, relationship: 'child', @@ -386,7 +386,7 @@ export default function ({ getService }: FtrProviderContext) { path: '/app/visualize#/edit/add810b0-3224-11e8-a572-ffca06da1357', uiCapabilitiesPath: 'visualize.show', }, - namespaceType: 'single', + namespaceType: 'multiple-isolated', hiddenType: false, }, }, @@ -456,7 +456,7 @@ export default function ({ getService }: FtrProviderContext) { path: '/app/visualize#/edit/add810b0-3224-11e8-a572-ffca06da1357', uiCapabilitiesPath: 'visualize.show', }, - namespaceType: 'single', + namespaceType: 'multiple-isolated', hiddenType: false, title: 'Visualization', }, diff --git a/test/api_integration/fixtures/kbn_archiver/saved_objects/basic.json b/test/api_integration/fixtures/kbn_archiver/saved_objects/basic.json index 4f343b81cd40210..09651172e56a330 100644 --- a/test/api_integration/fixtures/kbn_archiver/saved_objects/basic.json +++ b/test/api_integration/fixtures/kbn_archiver/saved_objects/basic.json @@ -94,4 +94,4 @@ "type": "dashboard", "updated_at": "2017-09-21T18:57:40.826Z", "version": "WzExLDJd" -} \ No newline at end of file +} diff --git a/test/api_integration/fixtures/kbn_archiver/saved_objects/basic/foo-ns.json b/test/api_integration/fixtures/kbn_archiver/saved_objects/basic/foo-ns.json deleted file mode 100644 index 736abf331d3146e..000000000000000 --- a/test/api_integration/fixtures/kbn_archiver/saved_objects/basic/foo-ns.json +++ /dev/null @@ -1,97 +0,0 @@ -{ - "attributes": { - "buildNum": 8467, - "defaultIndex": "91200a00-9efd-11e7-acb3-3dab96693fab" - }, - "coreMigrationVersion": "7.14.0", - "id": "7.0.0-alpha1", - "migrationVersion": { - "config": "7.13.0" - }, - "references": [], - "type": "config", - "updated_at": "2017-09-21T18:49:16.302Z", - "version": "WzEzLDJd" -} - -{ - "attributes": { - "fields": "[{\"name\":\"@message\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"@message.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@tags\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"@tags.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"name\":\"agent\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"agent.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"bytes\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"clientip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"extension\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"extension.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geo.coordinates\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geo.dest\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geo.src\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"geo.srcdest\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"headings\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"headings.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"host\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"host.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"index.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"ip\",\"type\":\"ip\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"links\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"links.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"machine.os\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"machine.os.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"machine.ram\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"memory\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"meta.char\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"meta.related\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"meta.user.firstname\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"meta.user.lastname\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"phpmemory\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"referer\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.article:modified_time\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.article:published_time\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.article:section\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.article:section.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.article:tag\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.article:tag.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:description\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:description.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:image\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:image.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:image:height\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:image:height.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:image:width\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:image:width.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:site_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:site_name.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:title\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:title.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:type.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.og:url\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.og:url.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.twitter:card\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.twitter:card.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.twitter:description\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.twitter:description.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.twitter:image\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.twitter:image.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.twitter:site\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.twitter:site.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.twitter:title\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.twitter:title.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"relatedContent.url\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"relatedContent.url.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"request\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"request.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"response\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"response.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"spaces\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"spaces.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"url\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"url.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"utc_time\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"xss\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"xss.raw\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true}]", - "timeFieldName": "@timestamp", - "title": "logstash-*" - }, - "coreMigrationVersion": "7.14.0", - "id": "91200a00-9efd-11e7-acb3-3dab96693fab", - "migrationVersion": { - "index-pattern": "7.11.0" - }, - "references": [], - "type": "index-pattern", - "updated_at": "2017-09-21T18:49:16.270Z", - "version": "WzEyLDJd" -} - -{ - "attributes": { - "description": "", - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" - }, - "title": "Count of requests", - "uiStateJSON": "{\"spy\":{\"mode\":{\"name\":null,\"fill\":false}}}", - "version": 1, - "visState": "{\"title\":\"Count of requests\",\"type\":\"area\",\"params\":{\"type\":\"area\",\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100,\"filter\":true},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"Count\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"stacked\",\"data\":{\"label\":\"Count\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"palette\":{\"type\":\"palette\",\"name\":\"kibana_palette\"},\"isVislibVis\":true,\"detailedTooltip\":true,\"fittingFunction\":\"zero\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}]}" - }, - "coreMigrationVersion": "7.14.0", - "id": "dd7caf20-9efd-11e7-acb3-3dab96693fab", - "migrationVersion": { - "visualization": "7.13.0" - }, - "references": [ - { - "id": "91200a00-9efd-11e7-acb3-3dab96693fab", - "name": "kibanaSavedObjectMeta.searchSourceJSON.index", - "type": "index-pattern" - } - ], - "type": "visualization", - "updated_at": "2017-09-21T18:51:23.794Z", - "version": "WzE0LDJd" -} - -{ - "attributes": { - "description": "", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[],\"highlightAll\":true,\"version\":true}" - }, - "optionsJSON": "{\"darkTheme\":false}", - "panelsJSON": "[{\"version\":\"7.3.0\",\"type\":\"visualization\",\"gridData\":{\"x\":0,\"y\":0,\"w\":24,\"h\":12,\"i\":\"1\"},\"panelIndex\":\"1\",\"embeddableConfig\":{\"enhancements\":{}},\"panelRefName\":\"panel_1\"}]", - "refreshInterval": { - "display": "Off", - "pause": false, - "value": 0 - }, - "timeFrom": "Wed Sep 16 2015 22:52:17 GMT-0700", - "timeRestore": true, - "timeTo": "Fri Sep 18 2015 12:24:38 GMT-0700", - "title": "Requests", - "version": 1 - }, - "coreMigrationVersion": "7.14.0", - "id": "be3733a0-9efe-11e7-acb3-3dab96693fab", - "migrationVersion": { - "dashboard": "7.11.0" - }, - "references": [ - { - "id": "dd7caf20-9efd-11e7-acb3-3dab96693fab", - "name": "1:panel_1", - "type": "visualization" - } - ], - "type": "dashboard", - "updated_at": "2017-09-21T18:57:40.826Z", - "version": "WzE1LDJd" -} \ No newline at end of file diff --git a/x-pack/test/spaces_api_integration/common/fixtures/es_archiver/saved_objects/spaces/data.json b/x-pack/test/spaces_api_integration/common/fixtures/es_archiver/saved_objects/spaces/data.json index ed52be26c7e538d..3b2a87d924e88a9 100644 --- a/x-pack/test/spaces_api_integration/common/fixtures/es_archiver/saved_objects/spaces/data.json +++ b/x-pack/test/spaces_api_integration/common/fixtures/es_archiver/saved_objects/spaces/data.json @@ -126,7 +126,7 @@ "name": "CTS Vis 2" }, { "type": "visualization", - "id": "cts_vis_3", + "id": "cts_vis_3_default", "name": "CTS Vis 3" }], "type": "dashboard", @@ -158,7 +158,8 @@ } ], "type": "visualization", - "updated_at": "2017-09-21T18:49:16.270Z" + "updated_at": "2017-09-21T18:49:16.270Z", + "namespaces": ["default"] }, "type": "_doc" } @@ -186,7 +187,8 @@ } ], "type": "visualization", - "updated_at": "2017-09-21T18:49:16.270Z" + "updated_at": "2017-09-21T18:49:16.270Z", + "namespaces": ["default"] }, "type": "_doc" } @@ -195,9 +197,10 @@ { "type": "_doc", "value": { - "id": "visualization:cts_vis_3", + "id": "visualization:cts_vis_3_default", "index": ".kibana", "source": { + "originId": "cts_vis_3", "visualization": { "title": "CTS vis 3 from default space", "description": "AreaChart", @@ -214,7 +217,8 @@ } ], "type": "visualization", - "updated_at": "2017-09-21T18:49:16.270Z" + "updated_at": "2017-09-21T18:49:16.270Z", + "namespaces": ["default"] }, "type": "_doc" } @@ -243,7 +247,7 @@ }, { "type": "visualization", - "id": "cts_vis_3", + "id": "cts_vis_3_space_1", "name": "CTS Vis 3" } ], @@ -258,7 +262,7 @@ { "type": "_doc", "value": { - "id": "space_1:visualization:cts_vis_1_space_1", + "id": "visualization:cts_vis_1_space_1", "index": ".kibana", "source": { "visualization": { @@ -278,7 +282,7 @@ ], "type": "visualization", "updated_at": "2017-09-21T18:49:16.270Z", - "namespace": "space_1" + "namespaces": ["space_1"] }, "type": "_doc" } @@ -287,7 +291,7 @@ { "type": "_doc", "value": { - "id": "space_1:visualization:cts_vis_2_space_1", + "id": "visualization:cts_vis_2_space_1", "index": ".kibana", "source": { "visualization": { @@ -307,7 +311,7 @@ ], "type": "visualization", "updated_at": "2017-09-21T18:49:16.270Z", - "namespace": "space_1" + "namespaces": ["space_1"] }, "type": "_doc" } @@ -316,9 +320,10 @@ { "type": "_doc", "value": { - "id": "space_1:visualization:cts_vis_3", + "id": "visualization:cts_vis_3_space_1", "index": ".kibana", "source": { + "originId": "cts_vis_3", "visualization": { "title": "CTS vis 3 from space_1 space", "description": "AreaChart", @@ -336,7 +341,7 @@ ], "type": "visualization", "updated_at": "2017-09-21T18:49:16.270Z", - "namespace": "space_1" + "namespaces": ["space_1"] }, "type": "_doc" } diff --git a/x-pack/test/spaces_api_integration/common/lib/space_test_utils.ts b/x-pack/test/spaces_api_integration/common/lib/space_test_utils.ts index 12333fc7460709c..28b19d5db20b60d 100644 --- a/x-pack/test/spaces_api_integration/common/lib/space_test_utils.ts +++ b/x-pack/test/spaces_api_integration/common/lib/space_test_utils.ts @@ -5,6 +5,7 @@ * 2.0. */ +import type { KibanaClient } from '@elastic/elasticsearch/api/kibana'; import { DEFAULT_SPACE_ID } from '../../../../plugins/spaces/common/constants'; export function getUrlPrefix(spaceId?: string) { @@ -35,3 +36,31 @@ export function getTestScenariosForSpace(spaceId: string) { return [explicitScenario]; } + +export function getAggregatedSpaceData(es: KibanaClient, objectTypes: string[]) { + return es.search({ + index: '.kibana', + body: { + size: 0, + runtime_mappings: { + normalized_namespace: { + type: 'keyword', + script: ` + if (doc["namespaces"].size() > 0) { + emit(doc["namespaces"].value); + } else if (doc["namespace"].size() > 0) { + emit(doc["namespace"].value); + } + `, + }, + }, + query: { terms: { type: objectTypes } }, + aggs: { + count: { + terms: { field: 'normalized_namespace', missing: DEFAULT_SPACE_ID, size: 10 }, + aggs: { countByType: { terms: { field: 'type', missing: 'UNKNOWN', size: 10 } } }, + }, + }, + }, + }); +} diff --git a/x-pack/test/spaces_api_integration/common/suites/copy_to_space.ts b/x-pack/test/spaces_api_integration/common/suites/copy_to_space.ts index 27f1e55c3a90a78..3a3f0f889c91c40 100644 --- a/x-pack/test/spaces_api_integration/common/suites/copy_to_space.ts +++ b/x-pack/test/spaces_api_integration/common/suites/copy_to_space.ts @@ -11,7 +11,7 @@ import { EsArchiver } from '@kbn/es-archiver'; import type { KibanaClient } from '@elastic/elasticsearch/api/kibana'; import { DEFAULT_SPACE_ID } from '../../../../plugins/spaces/common/constants'; import { CopyResponse } from '../../../../plugins/spaces/server/lib/copy_to_spaces'; -import { getUrlPrefix } from '../lib/space_test_utils'; +import { getAggregatedSpaceData, getUrlPrefix } from '../lib/space_test_utils'; import { DescribeFn, TestDefinitionAuthentication } from '../lib/types'; type TestResponse = Record; @@ -68,6 +68,9 @@ const INITIAL_COUNTS: Record> = { space_1: { dashboard: 2, visualization: 3, 'index-pattern': 1 }, space_2: { dashboard: 1 }, }; +const UUID_PATTERN = new RegExp( + /^[0-9A-F]{8}-[0-9A-F]{4}-4[0-9A-F]{3}-[89AB][0-9A-F]{3}-[0-9A-F]{12}$/i +); const getDestinationWithoutConflicts = () => 'space_2'; const getDestinationWithConflicts = (originSpaceId?: string) => @@ -79,19 +82,11 @@ export function copyToSpaceTestSuiteFactory( supertest: SuperTest ) { const collectSpaceContents = async () => { - const { body: response } = await es.search({ - index: '.kibana', - body: { - size: 0, - query: { terms: { type: ['visualization', 'dashboard', 'index-pattern'] } }, - aggs: { - count: { - terms: { field: 'namespace', missing: DEFAULT_SPACE_ID, size: 10 }, - aggs: { countByType: { terms: { field: 'type', missing: 'UNKNOWN', size: 10 } } }, - }, - }, - }, - }); + const { body: response } = await getAggregatedSpaceData(es, [ + 'visualization', + 'dashboard', + 'index-pattern', + ]); const aggs = response.aggregations as Record< string, @@ -187,6 +182,14 @@ export function copyToSpaceTestSuiteFactory( async (resp: TestResponse) => { const destination = getDestinationWithoutConflicts(); const result = resp.body as CopyResponse; + + const vis1DestinationId = result[destination].successResults![1].destinationId; + expect(vis1DestinationId).to.match(UUID_PATTERN); // this was copied to space 2 and hit an unresolvable conflict, so the object ID was regenerated silently / the destinationId is a UUID + const vis2DestinationId = result[destination].successResults![2].destinationId; + expect(vis2DestinationId).to.match(UUID_PATTERN); // this was copied to space 2 and hit an unresolvable conflict, so the object ID was regenerated silently / the destinationId is a UUID + const vis3DestinationId = result[destination].successResults![3].destinationId; + expect(vis3DestinationId).to.match(UUID_PATTERN); // this was copied to space 2 and hit an unresolvable conflict, so the object ID was regenerated silently / the destinationId is a UUID + expect(result).to.eql({ [destination]: { success: true, @@ -204,16 +207,19 @@ export function copyToSpaceTestSuiteFactory( id: `cts_vis_1_${spaceId}`, type: 'visualization', meta: { icon: 'visualizeApp', title: `CTS vis 1 from ${spaceId} space` }, + destinationId: vis1DestinationId, }, { id: `cts_vis_2_${spaceId}`, type: 'visualization', meta: { icon: 'visualizeApp', title: `CTS vis 2 from ${spaceId} space` }, + destinationId: vis2DestinationId, }, { - id: 'cts_vis_3', + id: `cts_vis_3_${spaceId}`, type: 'visualization', meta: { icon: 'visualizeApp', title: `CTS vis 3 from ${spaceId} space` }, + destinationId: vis3DestinationId, }, { id: 'cts_dashboard', @@ -303,6 +309,12 @@ export function copyToSpaceTestSuiteFactory( (spaceId?: string) => async (resp: { [key: string]: any }) => { const destination = getDestinationWithConflicts(spaceId); const result = resp.body as CopyResponse; + + const vis1DestinationId = result[destination].successResults![1].destinationId; + expect(vis1DestinationId).to.match(UUID_PATTERN); // this was copied to space 2 and hit an unresolvable conflict, so the object ID was regenerated silently / the destinationId is a UUID + const vis2DestinationId = result[destination].successResults![2].destinationId; + expect(vis2DestinationId).to.match(UUID_PATTERN); // this was copied to space 2 and hit an unresolvable conflict, so the object ID was regenerated silently / the destinationId is a UUID + expect(result).to.eql({ [destination]: { success: true, @@ -321,17 +333,20 @@ export function copyToSpaceTestSuiteFactory( id: `cts_vis_1_${spaceId}`, type: 'visualization', meta: { icon: 'visualizeApp', title: `CTS vis 1 from ${spaceId} space` }, + destinationId: vis1DestinationId, }, { id: `cts_vis_2_${spaceId}`, type: 'visualization', meta: { icon: 'visualizeApp', title: `CTS vis 2 from ${spaceId} space` }, + destinationId: vis2DestinationId, }, { - id: 'cts_vis_3', + id: `cts_vis_3_${spaceId}`, type: 'visualization', meta: { icon: 'visualizeApp', title: `CTS vis 3 from ${spaceId} space` }, overwrite: true, + destinationId: `cts_vis_3_${destination}`, // this conflicted with another visualization in the destination space because of a shared originId }, { id: 'cts_dashboard', @@ -363,16 +378,23 @@ export function copyToSpaceTestSuiteFactory( const result = resp.body as CopyResponse; result[destination].errors!.sort(errorSorter); + const vis1DestinationId = result[destination].successResults![0].destinationId; + expect(vis1DestinationId).to.match(UUID_PATTERN); // this was copied to space 2 and hit an unresolvable conflict, so the object ID was regenerated silently / the destinationId is a UUID + const vis2DestinationId = result[destination].successResults![1].destinationId; + expect(vis2DestinationId).to.match(UUID_PATTERN); // this was copied to space 2 and hit an unresolvable conflict, so the object ID was regenerated silently / the destinationId is a UUID + const expectedSuccessResults = [ { id: `cts_vis_1_${spaceId}`, type: 'visualization', meta: { icon: 'visualizeApp', title: `CTS vis 1 from ${spaceId} space` }, + destinationId: vis1DestinationId, }, { id: `cts_vis_2_${spaceId}`, type: 'visualization', meta: { icon: 'visualizeApp', title: `CTS vis 2 from ${spaceId} space` }, + destinationId: vis2DestinationId, }, ]; const expectedErrors = [ @@ -397,8 +419,11 @@ export function copyToSpaceTestSuiteFactory( }, }, { - error: { type: 'conflict' }, - id: 'cts_vis_3', + error: { + type: 'conflict', + destinationId: `cts_vis_3_${destination}`, // this conflicted with another visualization in the destination space because of a shared originId + }, + id: `cts_vis_3_${spaceId}`, title: `CTS vis 3 from ${spaceId} space`, type: 'visualization', meta: { @@ -437,9 +462,6 @@ export function copyToSpaceTestSuiteFactory( // a 403 error actually comes back as an HTTP 200 response const statusCode = outcome === 'noAccess' ? 403 : 200; const type = 'sharedtype'; - const v4 = new RegExp( - /^[0-9A-F]{8}-[0-9A-F]{4}-4[0-9A-F]{3}-[89AB][0-9A-F]{3}-[0-9A-F]{12}$/i - ); const noConflictId = `${spaceId}_only`; const exactMatchId = 'each_space'; const inexactMatchId = `conflict_1_${spaceId}`; @@ -463,7 +485,7 @@ export function copyToSpaceTestSuiteFactory( expect(success).to.eql(true); expect(successCount).to.eql(1); const destinationId = successResults![0].destinationId; - expect(destinationId).to.match(v4); + expect(destinationId).to.match(UUID_PATTERN); const meta = { title, icon: 'beaker' }; expect(successResults).to.eql([{ type, id: sourceId, meta, destinationId }]); expect(errors).to.be(undefined); diff --git a/x-pack/test/spaces_api_integration/common/suites/delete.ts b/x-pack/test/spaces_api_integration/common/suites/delete.ts index 57fa6d8533890fc..aaca4fa843d67f7 100644 --- a/x-pack/test/spaces_api_integration/common/suites/delete.ts +++ b/x-pack/test/spaces_api_integration/common/suites/delete.ts @@ -8,7 +8,7 @@ import expect from '@kbn/expect'; import { SuperTest } from 'supertest'; import type { KibanaClient } from '@elastic/elasticsearch/api/kibana'; -import { getTestScenariosForSpace } from '../lib/space_test_utils'; +import { getAggregatedSpaceData, getTestScenariosForSpace } from '../lib/space_test_utils'; import { MULTI_NAMESPACE_SAVED_OBJECT_TEST_CASES as CASES } from '../lib/saved_object_test_cases'; import { DescribeFn, TestDefinitionAuthentication } from '../lib/types'; @@ -43,38 +43,15 @@ export function deleteTestSuiteFactory( // Query ES to ensure that we deleted everything we expected, and nothing we didn't // Grouping first by namespace, then by saved object type - const { body: response } = await es.search({ - index: '.kibana', - body: { - size: 0, - query: { - terms: { - type: ['visualization', 'dashboard', 'space', 'index-pattern'], - // TODO: add assertions for config objects -- these assertions were removed because of flaky behavior in #92358, but we should - // consider adding them again at some point, especially if we convert config objects to `namespaceType: 'multiple-isolated'` in - // the future. - }, - }, - aggs: { - count: { - terms: { - field: 'namespace', - missing: 'default', - size: 10, - }, - aggs: { - countByType: { - terms: { - field: 'type', - missing: 'UNKNOWN', - size: 10, - }, - }, - }, - }, - }, - }, - }); + const { body: response } = await getAggregatedSpaceData(es, [ + 'visualization', + 'dashboard', + 'space', + 'index-pattern', + // TODO: add assertions for config objects -- these assertions were removed because of flaky behavior in #92358, but we should + // consider adding them again at some point, especially if we convert config objects to `namespaceType: 'multiple-isolated'` in + // the future. + ]); // @ts-expect-error @elastic/elasticsearch doesn't defined `count.buckets`. const buckets = response.aggregations?.count.buckets; diff --git a/x-pack/test/spaces_api_integration/common/suites/resolve_copy_to_space_conflicts.ts b/x-pack/test/spaces_api_integration/common/suites/resolve_copy_to_space_conflicts.ts index b66949cbffe0042..b190a37965b0bc3 100644 --- a/x-pack/test/spaces_api_integration/common/suites/resolve_copy_to_space_conflicts.ts +++ b/x-pack/test/spaces_api_integration/common/suites/resolve_copy_to_space_conflicts.ts @@ -58,7 +58,7 @@ export function resolveCopyToSpaceConflictsSuite( ) { const getVisualizationAtSpace = async (spaceId: string): Promise> => { return supertestWithAuth - .get(`${getUrlPrefix(spaceId)}/api/saved_objects/visualization/cts_vis_3`) + .get(`${getUrlPrefix(spaceId)}/api/saved_objects/visualization/cts_vis_3_${spaceId}`) .then((response: any) => response.body); }; const getDashboardAtSpace = async (spaceId: string): Promise> => { @@ -85,12 +85,13 @@ export function resolveCopyToSpaceConflictsSuite( successCount: 1, successResults: [ { - id: 'cts_vis_3', + id: `cts_vis_3_${sourceSpaceId}`, type: 'visualization', meta: { title: `CTS vis 3 from ${sourceSpaceId} space`, icon: 'visualizeApp', }, + destinationId: `cts_vis_3_${destination}`, // this conflicted with another visualization in the destination space because of a shared originId overwrite: true, }, ], @@ -146,8 +147,11 @@ export function resolveCopyToSpaceConflictsSuite( successCount: 0, errors: [ { - error: { type: 'conflict' }, - id: 'cts_vis_3', + error: { + type: 'conflict', + destinationId: `cts_vis_3_${destination}`, // this conflicted with another visualization in the destination space because of a shared originId + }, + id: `cts_vis_3_${sourceSpaceId}`, title: `CTS vis 3 from ${sourceSpaceId} space`, meta: { title: `CTS vis 3 from ${sourceSpaceId} space`, @@ -444,7 +448,7 @@ export function resolveCopyToSpaceConflictsSuite( ); const dashboardObject = { type: 'dashboard', id: 'cts_dashboard' }; - const visualizationObject = { type: 'visualization', id: 'cts_vis_3' }; + const visualizationObject = { type: 'visualization', id: `cts_vis_3_${spaceId}` }; it(`should return ${tests.withReferencesNotOverwriting.statusCode} when not overwriting, with references`, async () => { const destination = getDestinationSpace(spaceId); @@ -456,7 +460,15 @@ export function resolveCopyToSpaceConflictsSuite( objects: [dashboardObject], includeReferences: true, createNewCopies: false, - retries: { [destination]: [{ ...visualizationObject, overwrite: false }] }, + retries: { + [destination]: [ + { + ...visualizationObject, + destinationId: `cts_vis_3_${destination}`, + overwrite: false, + }, + ], + }, }) .expect(tests.withReferencesNotOverwriting.statusCode) .then(tests.withReferencesNotOverwriting.response); @@ -472,7 +484,15 @@ export function resolveCopyToSpaceConflictsSuite( objects: [dashboardObject], includeReferences: true, createNewCopies: false, - retries: { [destination]: [{ ...visualizationObject, overwrite: true }] }, + retries: { + [destination]: [ + { + ...visualizationObject, + destinationId: `cts_vis_3_${destination}`, + overwrite: true, + }, + ], + }, }) .expect(tests.withReferencesOverwriting.statusCode) .then(tests.withReferencesOverwriting.response); From c2571c7faf10b93d14ccbc150849ed498ff7ac02 Mon Sep 17 00:00:00 2001 From: Jason Stoltzfus Date: Mon, 18 Oct 2021 12:20:19 -0400 Subject: [PATCH 48/50] [App Search] Added a History tab to the Automated Curation detail view (#115090) --- .../curation/automated_curation.test.tsx | 37 ++++++++++-- .../curations/curation/automated_curation.tsx | 32 +++++++++-- .../curations/curation/history.test.tsx | 23 ++++++++ .../components/curations/curation/history.tsx | 57 +++++++++++++++++++ 4 files changed, 140 insertions(+), 9 deletions(-) create mode 100644 x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/history.test.tsx create mode 100644 x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/history.tsx diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/automated_curation.test.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/automated_curation.test.tsx index 2cee5bbbec80b0f..944d8315452b0b3 100644 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/automated_curation.test.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/automated_curation.test.tsx @@ -8,6 +8,7 @@ import '../../../../__mocks__/shallow_useeffect.mock'; import { setMockActions, setMockValues } from '../../../../__mocks__/kea_logic'; import { mockUseParams } from '../../../../__mocks__/react_router'; + import '../../../__mocks__/engine_logic.mock'; import React from 'react'; @@ -27,6 +28,7 @@ import { CurationLogic } from './curation_logic'; import { DeleteCurationButton } from './delete_curation_button'; import { PromotedDocuments, OrganicDocuments } from './documents'; +import { History } from './history'; describe('AutomatedCuration', () => { const values = { @@ -39,6 +41,7 @@ describe('AutomatedCuration', () => { suggestion: { status: 'applied', }, + queries: ['foo'], }, activeQuery: 'query A', isAutomated: true, @@ -61,20 +64,46 @@ describe('AutomatedCuration', () => { expect(wrapper.is(AppSearchPageTemplate)); expect(wrapper.find(PromotedDocuments)).toHaveLength(1); expect(wrapper.find(OrganicDocuments)).toHaveLength(1); + expect(wrapper.find(History)).toHaveLength(0); }); - it('includes a static tab group', () => { + it('includes tabs', () => { const wrapper = shallow(); - const tabs = getPageHeaderTabs(wrapper).find(EuiTab); + let tabs = getPageHeaderTabs(wrapper).find(EuiTab); - expect(tabs).toHaveLength(2); + expect(tabs).toHaveLength(3); - expect(tabs.at(0).prop('onClick')).toBeUndefined(); expect(tabs.at(0).prop('isSelected')).toBe(true); expect(tabs.at(1).prop('onClick')).toBeUndefined(); expect(tabs.at(1).prop('isSelected')).toBe(false); expect(tabs.at(1).prop('disabled')).toBe(true); + + expect(tabs.at(2).prop('isSelected')).toBe(false); + + // Clicking on the History tab shows the history view + tabs.at(2).simulate('click'); + + tabs = getPageHeaderTabs(wrapper).find(EuiTab); + + expect(tabs.at(0).prop('isSelected')).toBe(false); + expect(tabs.at(2).prop('isSelected')).toBe(true); + + expect(wrapper.find(PromotedDocuments)).toHaveLength(0); + expect(wrapper.find(OrganicDocuments)).toHaveLength(0); + expect(wrapper.find(History)).toHaveLength(1); + + // Clicking back to the Promoted tab shows promoted documents + tabs.at(0).simulate('click'); + + tabs = getPageHeaderTabs(wrapper).find(EuiTab); + + expect(tabs.at(0).prop('isSelected')).toBe(true); + expect(tabs.at(2).prop('isSelected')).toBe(false); + + expect(wrapper.find(PromotedDocuments)).toHaveLength(1); + expect(wrapper.find(OrganicDocuments)).toHaveLength(1); + expect(wrapper.find(History)).toHaveLength(0); }); it('initializes CurationLogic with a curationId prop from URL param', () => { diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/automated_curation.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/automated_curation.tsx index fa34fa071b8552d..276b40ba886776a 100644 --- a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/automated_curation.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/automated_curation.tsx @@ -5,15 +5,18 @@ * 2.0. */ -import React from 'react'; +import React, { useState } from 'react'; import { useParams } from 'react-router-dom'; import { useValues, useActions } from 'kea'; import { EuiButton, EuiBadge, EuiLoadingSpinner, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import { EngineLogic } from '../../engine'; import { AppSearchPageTemplate } from '../../layout'; import { AutomatedIcon } from '../components/automated_icon'; + import { AUTOMATED_LABEL, COVERT_TO_MANUAL_BUTTON_LABEL, @@ -26,19 +29,25 @@ import { HIDDEN_DOCUMENTS_TITLE, PROMOTED_DOCUMENTS_TITLE } from './constants'; import { CurationLogic } from './curation_logic'; import { DeleteCurationButton } from './delete_curation_button'; import { PromotedDocuments, OrganicDocuments } from './documents'; +import { History } from './history'; + +const PROMOTED = 'promoted'; +const HISTORY = 'history'; export const AutomatedCuration: React.FC = () => { const { curationId } = useParams<{ curationId: string }>(); const logic = CurationLogic({ curationId }); const { convertToManual } = useActions(logic); const { activeQuery, dataLoading, queries, curation } = useValues(logic); + const { engineName } = useValues(EngineLogic); + const [selectedPageTab, setSelectedPageTab] = useState(PROMOTED); - // This tab group is meant to visually mirror the dynamic group of tags in the ManualCuration component const pageTabs = [ { label: PROMOTED_DOCUMENTS_TITLE, append: {curation.promoted.length}, - isSelected: true, + isSelected: selectedPageTab === PROMOTED, + onClick: () => setSelectedPageTab(PROMOTED), }, { label: HIDDEN_DOCUMENTS_TITLE, @@ -46,6 +55,16 @@ export const AutomatedCuration: React.FC = () => { isSelected: false, disabled: true, }, + { + label: i18n.translate( + 'xpack.enterpriseSearch.appSearch.engine.curation.detail.historyButtonLabel', + { + defaultMessage: 'History', + } + ), + isSelected: selectedPageTab === HISTORY, + onClick: () => setSelectedPageTab(HISTORY), + }, ]; return ( @@ -83,8 +102,11 @@ export const AutomatedCuration: React.FC = () => { }} isLoading={dataLoading} > - - + {selectedPageTab === PROMOTED && } + {selectedPageTab === PROMOTED && } + {selectedPageTab === HISTORY && ( + + )} ); }; diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/history.test.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/history.test.tsx new file mode 100644 index 000000000000000..a7f83fb0c61d941 --- /dev/null +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/history.test.tsx @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; + +import { shallow } from 'enzyme'; + +import { EntSearchLogStream } from '../../../../shared/log_stream'; + +import { History } from './history'; + +describe('History', () => { + it('renders', () => { + const wrapper = shallow(); + expect(wrapper.find(EntSearchLogStream).prop('query')).toEqual( + 'appsearch.search_relevance_suggestions.query: some text and event.kind: event and event.dataset: search-relevance-suggestions and appsearch.search_relevance_suggestions.engine: foo and event.action: curation_suggestion' + ); + }); +}); diff --git a/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/history.tsx b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/history.tsx new file mode 100644 index 000000000000000..744141372469c30 --- /dev/null +++ b/x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/history.tsx @@ -0,0 +1,57 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; + +import { i18n } from '@kbn/i18n'; + +import { EntSearchLogStream } from '../../../../shared/log_stream'; +import { DataPanel } from '../../data_panel'; + +interface Props { + query: string; + engineName: string; +} + +export const History: React.FC = ({ query, engineName }) => { + const filters = [ + `appsearch.search_relevance_suggestions.query: ${query}`, + 'event.kind: event', + 'event.dataset: search-relevance-suggestions', + `appsearch.search_relevance_suggestions.engine: ${engineName}`, + 'event.action: curation_suggestion', + ]; + + return ( + + {i18n.translate( + 'xpack.enterpriseSearch.appSearch.engine.curation.detail.historyTableTitle', + { + defaultMessage: 'Automated curation changes', + } + )} + + } + subtitle={i18n.translate( + 'xpack.enterpriseSearch.appSearch.engine.curation.detail.historyTableDescription', + { + defaultMessage: 'A detailed log of recent changes to your automated curation.', + } + )} + hasBorder + > + + + ); +}; From 3ebfb029a2b7a774bd777602fbdb193748e2a379 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ester=20Mart=C3=AD=20Vilaseca?= Date: Mon, 18 Oct 2021 18:24:01 +0200 Subject: [PATCH 49/50] [Stack monitoring] Remove angular (#115063) * Remove angular * Fix translations * convert insetupmode to boolean * remove license service Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- x-pack/plugins/monitoring/kibana.json | 1 - .../monitoring/public/alerts/badge.tsx | 2 +- .../monitoring/public/angular/app_modules.ts | 246 ------------- .../public/angular/helpers/routes.ts | 39 --- .../public/angular/helpers/utils.ts | 45 --- .../monitoring/public/angular/index.ts | 83 ----- .../public/angular/providers/private.js | 193 ----------- .../application/pages/logstash/pipelines.tsx | 8 +- .../pages/no_data/no_data_page.tsx | 2 +- .../application/pages/page_template.tsx | 2 +- .../public/application/setup_mode/index.ts | 2 +- .../application/setup_mode/setup_mode.tsx | 203 ----------- .../setup_mode/setup_mode_renderer.js | 2 +- .../elasticsearch/ml_job_listing/index.js | 171 ---------- .../public/directives/main/index.html | 323 ------------------ .../public/directives/main/index.js | 275 --------------- .../public/directives/main/index.scss | 3 - .../main/monitoring_main_controller.test.js | 286 ---------------- .../monitoring/public/lib/setup_mode.test.js | 2 +- .../monitoring/public/lib/setup_mode.tsx | 113 +++--- x-pack/plugins/monitoring/public/plugin.ts | 48 +-- .../monitoring/public/services/breadcrumbs.js | 214 ------------ .../public/services/breadcrumbs.test.js | 166 --------- .../monitoring/public/services/clusters.js | 59 ---- .../public/services/enable_alerts_modal.js | 51 --- .../monitoring/public/services/executor.js | 130 ------- .../monitoring/public/services/features.js | 47 --- .../monitoring/public/services/license.js | 52 --- .../monitoring/public/services/title.js | 26 -- .../public/views/access_denied/index.html | 44 --- .../public/views/access_denied/index.js | 44 --- x-pack/plugins/monitoring/public/views/all.js | 39 --- .../public/views/apm/instance/index.html | 8 - .../public/views/apm/instance/index.js | 74 ---- .../public/views/apm/instances/index.html | 7 - .../public/views/apm/instances/index.js | 92 ----- .../public/views/apm/overview/index.html | 7 - .../public/views/apm/overview/index.js | 58 ---- .../public/views/base_controller.js | 271 --------------- .../public/views/base_eui_table_controller.js | 135 -------- .../public/views/base_table_controller.js | 53 --- .../public/views/beats/beat/get_page_data.js | 32 -- .../public/views/beats/beat/index.html | 11 - .../public/views/beats/beat/index.js | 75 ---- .../views/beats/listing/get_page_data.js | 31 -- .../public/views/beats/listing/index.html | 7 - .../public/views/beats/listing/index.js | 89 ----- .../views/beats/overview/get_page_data.js | 31 -- .../public/views/beats/overview/index.html | 7 - .../public/views/beats/overview/index.js | 62 ---- .../public/views/cluster/listing/index.html | 3 - .../public/views/cluster/listing/index.js | 100 ------ .../public/views/cluster/overview/index.html | 3 - .../public/views/cluster/overview/index.js | 96 ------ .../views/elasticsearch/ccr/get_page_data.js | 31 -- .../public/views/elasticsearch/ccr/index.html | 7 - .../public/views/elasticsearch/ccr/index.js | 79 ----- .../elasticsearch/ccr/shard/get_page_data.js | 32 -- .../views/elasticsearch/ccr/shard/index.html | 8 - .../views/elasticsearch/ccr/shard/index.js | 110 ------ .../elasticsearch/index/advanced/index.html | 8 - .../elasticsearch/index/advanced/index.js | 124 ------- .../views/elasticsearch/index/index.html | 9 - .../public/views/elasticsearch/index/index.js | 148 -------- .../views/elasticsearch/indices/index.html | 8 - .../views/elasticsearch/indices/index.js | 120 ------- .../elasticsearch/ml_jobs/get_page_data.js | 30 -- .../views/elasticsearch/ml_jobs/index.html | 9 - .../views/elasticsearch/ml_jobs/index.js | 51 --- .../elasticsearch/node/advanced/index.html | 11 - .../elasticsearch/node/advanced/index.js | 135 -------- .../views/elasticsearch/node/get_page_data.js | 36 -- .../views/elasticsearch/node/index.html | 11 - .../public/views/elasticsearch/node/index.js | 155 --------- .../views/elasticsearch/nodes/index.html | 8 - .../public/views/elasticsearch/nodes/index.js | 149 -------- .../elasticsearch/overview/controller.js | 100 ------ .../views/elasticsearch/overview/index.html | 8 - .../views/elasticsearch/overview/index.js | 24 -- .../plugins/monitoring/public/views/index.js | 10 - .../public/views/kibana/instance/index.html | 8 - .../public/views/kibana/instance/index.js | 168 --------- .../views/kibana/instances/get_page_data.js | 31 -- .../public/views/kibana/instances/index.html | 7 - .../public/views/kibana/instances/index.js | 95 ------ .../public/views/kibana/overview/index.html | 7 - .../public/views/kibana/overview/index.js | 117 ------- .../public/views/license/controller.js | 79 ----- .../public/views/license/index.html | 3 - .../monitoring/public/views/license/index.js | 24 -- .../public/views/loading/index.html | 5 - .../monitoring/public/views/loading/index.js | 78 ----- .../views/logstash/node/advanced/index.html | 9 - .../views/logstash/node/advanced/index.js | 149 -------- .../public/views/logstash/node/index.html | 9 - .../public/views/logstash/node/index.js | 147 -------- .../views/logstash/node/pipelines/index.html | 8 - .../views/logstash/node/pipelines/index.js | 135 -------- .../views/logstash/nodes/get_page_data.js | 31 -- .../public/views/logstash/nodes/index.html | 3 - .../public/views/logstash/nodes/index.js | 89 ----- .../public/views/logstash/overview/index.html | 3 - .../public/views/logstash/overview/index.js | 81 ----- .../public/views/logstash/pipeline/index.html | 12 - .../public/views/logstash/pipeline/index.js | 181 ---------- .../views/logstash/pipelines/index.html | 7 - .../public/views/logstash/pipelines/index.js | 130 ------- .../public/views/no_data/controller.js | 102 ------ .../public/views/no_data/index.html | 5 - .../monitoring/public/views/no_data/index.js | 15 - .../public/views/no_data/model_updater.js | 38 --- .../views/no_data/model_updater.test.js | 55 --- .../translations/translations/ja-JP.json | 21 +- .../translations/translations/zh-CN.json | 21 +- 114 files changed, 68 insertions(+), 7399 deletions(-) delete mode 100644 x-pack/plugins/monitoring/public/angular/app_modules.ts delete mode 100644 x-pack/plugins/monitoring/public/angular/helpers/routes.ts delete mode 100644 x-pack/plugins/monitoring/public/angular/helpers/utils.ts delete mode 100644 x-pack/plugins/monitoring/public/angular/index.ts delete mode 100644 x-pack/plugins/monitoring/public/angular/providers/private.js delete mode 100644 x-pack/plugins/monitoring/public/application/setup_mode/setup_mode.tsx delete mode 100644 x-pack/plugins/monitoring/public/directives/elasticsearch/ml_job_listing/index.js delete mode 100644 x-pack/plugins/monitoring/public/directives/main/index.html delete mode 100644 x-pack/plugins/monitoring/public/directives/main/index.js delete mode 100644 x-pack/plugins/monitoring/public/directives/main/index.scss delete mode 100644 x-pack/plugins/monitoring/public/directives/main/monitoring_main_controller.test.js delete mode 100644 x-pack/plugins/monitoring/public/services/breadcrumbs.js delete mode 100644 x-pack/plugins/monitoring/public/services/breadcrumbs.test.js delete mode 100644 x-pack/plugins/monitoring/public/services/clusters.js delete mode 100644 x-pack/plugins/monitoring/public/services/enable_alerts_modal.js delete mode 100644 x-pack/plugins/monitoring/public/services/executor.js delete mode 100644 x-pack/plugins/monitoring/public/services/features.js delete mode 100644 x-pack/plugins/monitoring/public/services/license.js delete mode 100644 x-pack/plugins/monitoring/public/services/title.js delete mode 100644 x-pack/plugins/monitoring/public/views/access_denied/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/access_denied/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/all.js delete mode 100644 x-pack/plugins/monitoring/public/views/apm/instance/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/apm/instance/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/apm/instances/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/apm/instances/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/apm/overview/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/apm/overview/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/base_controller.js delete mode 100644 x-pack/plugins/monitoring/public/views/base_eui_table_controller.js delete mode 100644 x-pack/plugins/monitoring/public/views/base_table_controller.js delete mode 100644 x-pack/plugins/monitoring/public/views/beats/beat/get_page_data.js delete mode 100644 x-pack/plugins/monitoring/public/views/beats/beat/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/beats/beat/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/beats/listing/get_page_data.js delete mode 100644 x-pack/plugins/monitoring/public/views/beats/listing/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/beats/listing/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/beats/overview/get_page_data.js delete mode 100644 x-pack/plugins/monitoring/public/views/beats/overview/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/beats/overview/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/cluster/listing/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/cluster/listing/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/cluster/overview/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/cluster/overview/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/ccr/get_page_data.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/ccr/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/ccr/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/ccr/shard/get_page_data.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/ccr/shard/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/ccr/shard/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/index/advanced/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/index/advanced/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/index/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/index/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/indices/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/indices/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/ml_jobs/get_page_data.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/ml_jobs/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/ml_jobs/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/node/advanced/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/node/advanced/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/node/get_page_data.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/node/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/node/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/nodes/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/nodes/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/overview/controller.js delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/overview/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/elasticsearch/overview/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/kibana/instance/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/kibana/instance/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/kibana/instances/get_page_data.js delete mode 100644 x-pack/plugins/monitoring/public/views/kibana/instances/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/kibana/instances/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/kibana/overview/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/kibana/overview/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/license/controller.js delete mode 100644 x-pack/plugins/monitoring/public/views/license/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/license/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/loading/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/loading/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/node/advanced/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/node/advanced/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/node/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/node/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/node/pipelines/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/node/pipelines/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/nodes/get_page_data.js delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/nodes/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/nodes/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/overview/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/overview/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/pipeline/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/pipeline/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/pipelines/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/logstash/pipelines/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/no_data/controller.js delete mode 100644 x-pack/plugins/monitoring/public/views/no_data/index.html delete mode 100644 x-pack/plugins/monitoring/public/views/no_data/index.js delete mode 100644 x-pack/plugins/monitoring/public/views/no_data/model_updater.js delete mode 100644 x-pack/plugins/monitoring/public/views/no_data/model_updater.test.js diff --git a/x-pack/plugins/monitoring/kibana.json b/x-pack/plugins/monitoring/kibana.json index 4f8e1c0bdbae4f1..bc0cf4718158563 100644 --- a/x-pack/plugins/monitoring/kibana.json +++ b/x-pack/plugins/monitoring/kibana.json @@ -25,7 +25,6 @@ "home", "alerting", "kibanaReact", - "licenseManagement", "kibanaLegacy" ] } diff --git a/x-pack/plugins/monitoring/public/alerts/badge.tsx b/x-pack/plugins/monitoring/public/alerts/badge.tsx index 6b1c8c50855659a..22bffb5d62b195e 100644 --- a/x-pack/plugins/monitoring/public/alerts/badge.tsx +++ b/x-pack/plugins/monitoring/public/alerts/badge.tsx @@ -73,7 +73,7 @@ export const AlertsBadge: React.FC = (props: Props) => { const groupByType = GROUP_BY_NODE; const panels = showByNode ? getAlertPanelsByNode(PANEL_TITLE, alerts, stateFilter) - : getAlertPanelsByCategory(PANEL_TITLE, inSetupMode, alerts, stateFilter); + : getAlertPanelsByCategory(PANEL_TITLE, !!inSetupMode, alerts, stateFilter); if (panels.length && !inSetupMode && panels[0].items) { panels[0].items.push( ...[ diff --git a/x-pack/plugins/monitoring/public/angular/app_modules.ts b/x-pack/plugins/monitoring/public/angular/app_modules.ts deleted file mode 100644 index 6ded0bce51d4b86..000000000000000 --- a/x-pack/plugins/monitoring/public/angular/app_modules.ts +++ /dev/null @@ -1,246 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import angular, { IWindowService } from 'angular'; -import '../views/all'; -// required for `ngSanitize` angular module -import 'angular-sanitize'; -import 'angular-route'; -import '../index.scss'; -import { upperFirst } from 'lodash'; -import { CoreStart } from 'kibana/public'; -import { i18nDirective, i18nFilter, I18nProvider } from './angular_i18n'; -import { Storage } from '../../../../../src/plugins/kibana_utils/public'; -import { createTopNavDirective, createTopNavHelper } from './top_nav'; -import { MonitoringStartPluginDependencies } from '../types'; -import { GlobalState } from '../url_state'; -import { getSafeForExternalLink } from '../lib/get_safe_for_external_link'; - -// @ts-ignore -import { formatMetric, formatNumber } from '../lib/format_number'; -// @ts-ignore -import { extractIp } from '../lib/extract_ip'; -// @ts-ignore -import { PrivateProvider } from './providers/private'; -// @ts-ignore -import { breadcrumbsProvider } from '../services/breadcrumbs'; -// @ts-ignore -import { monitoringClustersProvider } from '../services/clusters'; -// @ts-ignore -import { executorProvider } from '../services/executor'; -// @ts-ignore -import { featuresProvider } from '../services/features'; -// @ts-ignore -import { licenseProvider } from '../services/license'; -// @ts-ignore -import { titleProvider } from '../services/title'; -// @ts-ignore -import { enableAlertsModalProvider } from '../services/enable_alerts_modal'; -// @ts-ignore -import { monitoringMlListingProvider } from '../directives/elasticsearch/ml_job_listing'; -// @ts-ignore -import { monitoringMainProvider } from '../directives/main'; - -export const appModuleName = 'monitoring'; - -type IPrivate = (provider: (...injectable: unknown[]) => T) => T; - -const thirdPartyAngularDependencies = ['ngSanitize', 'ngRoute', 'react']; - -export const localAppModule = ({ - core, - data: { query }, - navigation, - externalConfig, -}: MonitoringStartPluginDependencies) => { - createLocalI18nModule(); - createLocalPrivateModule(); - createLocalStorage(); - createLocalConfigModule(core); - createLocalStateModule(query, core.notifications.toasts); - createLocalTopNavModule(navigation); - createHrefModule(core); - createMonitoringAppServices(); - createMonitoringAppDirectives(); - createMonitoringAppConfigConstants(externalConfig); - createMonitoringAppFilters(); - - const appModule = angular.module(appModuleName, [ - ...thirdPartyAngularDependencies, - 'monitoring/I18n', - 'monitoring/Private', - 'monitoring/Storage', - 'monitoring/Config', - 'monitoring/State', - 'monitoring/TopNav', - 'monitoring/href', - 'monitoring/constants', - 'monitoring/services', - 'monitoring/filters', - 'monitoring/directives', - ]); - return appModule; -}; - -function createMonitoringAppConfigConstants( - keys: MonitoringStartPluginDependencies['externalConfig'] -) { - let constantsModule = angular.module('monitoring/constants', []); - keys.map(([key, value]) => (constantsModule = constantsModule.constant(key as string, value))); -} - -function createLocalStateModule( - query: MonitoringStartPluginDependencies['data']['query'], - toasts: MonitoringStartPluginDependencies['core']['notifications']['toasts'] -) { - angular - .module('monitoring/State', ['monitoring/Private']) - .service( - 'globalState', - function ( - Private: IPrivate, - $rootScope: ng.IRootScopeService, - $location: ng.ILocationService - ) { - function GlobalStateProvider(this: any) { - const state = new GlobalState(query, toasts, $rootScope, $location, this); - const initialState: any = state.getState(); - for (const key in initialState) { - if (!initialState.hasOwnProperty(key)) { - continue; - } - this[key] = initialState[key]; - } - this.save = () => { - const newState = { ...this }; - delete newState.save; - state.setState(newState); - }; - } - return Private(GlobalStateProvider); - } - ); -} - -function createMonitoringAppServices() { - angular - .module('monitoring/services', ['monitoring/Private']) - .service('breadcrumbs', function (Private: IPrivate) { - return Private(breadcrumbsProvider); - }) - .service('monitoringClusters', function (Private: IPrivate) { - return Private(monitoringClustersProvider); - }) - .service('$executor', function (Private: IPrivate) { - return Private(executorProvider); - }) - .service('features', function (Private: IPrivate) { - return Private(featuresProvider); - }) - .service('enableAlertsModal', function (Private: IPrivate) { - return Private(enableAlertsModalProvider); - }) - .service('license', function (Private: IPrivate) { - return Private(licenseProvider); - }) - .service('title', function (Private: IPrivate) { - return Private(titleProvider); - }); -} - -function createMonitoringAppDirectives() { - angular - .module('monitoring/directives', []) - .directive('monitoringMlListing', monitoringMlListingProvider) - .directive('monitoringMain', monitoringMainProvider); -} - -function createMonitoringAppFilters() { - angular - .module('monitoring/filters', []) - .filter('capitalize', function () { - return function (input: string) { - return upperFirst(input?.toLowerCase()); - }; - }) - .filter('formatNumber', function () { - return formatNumber; - }) - .filter('formatMetric', function () { - return formatMetric; - }) - .filter('extractIp', function () { - return extractIp; - }); -} - -function createLocalConfigModule(core: MonitoringStartPluginDependencies['core']) { - angular.module('monitoring/Config', []).provider('config', function () { - return { - $get: () => ({ - get: (key: string) => core.uiSettings?.get(key), - }), - }; - }); -} - -function createLocalStorage() { - angular - .module('monitoring/Storage', []) - .service('localStorage', function ($window: IWindowService) { - return new Storage($window.localStorage); - }) - .service('sessionStorage', function ($window: IWindowService) { - return new Storage($window.sessionStorage); - }) - .service('sessionTimeout', function () { - return {}; - }); -} - -function createLocalPrivateModule() { - angular.module('monitoring/Private', []).provider('Private', PrivateProvider); -} - -function createLocalTopNavModule({ ui }: MonitoringStartPluginDependencies['navigation']) { - angular - .module('monitoring/TopNav', ['react']) - .directive('kbnTopNav', createTopNavDirective) - .directive('kbnTopNavHelper', createTopNavHelper(ui)); -} - -function createLocalI18nModule() { - angular - .module('monitoring/I18n', []) - .provider('i18n', I18nProvider) - .filter('i18n', i18nFilter) - .directive('i18nId', i18nDirective); -} - -function createHrefModule(core: CoreStart) { - const name: string = 'kbnHref'; - angular.module('monitoring/href', []).directive(name, function () { - return { - restrict: 'A', - link: { - pre: (_$scope, _$el, $attr) => { - $attr.$observe(name, (val) => { - if (val) { - const url = getSafeForExternalLink(val as string); - $attr.$set('href', core.http.basePath.prepend(url)); - } - }); - - _$scope.$on('$locationChangeSuccess', () => { - const url = getSafeForExternalLink($attr.href as string); - $attr.$set('href', core.http.basePath.prepend(url)); - }); - }, - }, - }; - }); -} diff --git a/x-pack/plugins/monitoring/public/angular/helpers/routes.ts b/x-pack/plugins/monitoring/public/angular/helpers/routes.ts deleted file mode 100644 index 2579e522882a268..000000000000000 --- a/x-pack/plugins/monitoring/public/angular/helpers/routes.ts +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -type RouteObject = [string, { reloadOnSearch: boolean }]; -interface Redirect { - redirectTo: string; -} - -class Routes { - private routes: RouteObject[] = []; - public redirect?: Redirect = { redirectTo: '/no-data' }; - - public when = (...args: RouteObject) => { - const [, routeOptions] = args; - routeOptions.reloadOnSearch = false; - this.routes.push(args); - return this; - }; - - public otherwise = (redirect: Redirect) => { - this.redirect = redirect; - return this; - }; - - public addToProvider = ($routeProvider: any) => { - this.routes.forEach((args) => { - $routeProvider.when.apply(this, args); - }); - - if (this.redirect) { - $routeProvider.otherwise(this.redirect); - } - }; -} -export const uiRoutes = new Routes(); diff --git a/x-pack/plugins/monitoring/public/angular/helpers/utils.ts b/x-pack/plugins/monitoring/public/angular/helpers/utils.ts deleted file mode 100644 index 32184ad71ed8d08..000000000000000 --- a/x-pack/plugins/monitoring/public/angular/helpers/utils.ts +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { IScope } from 'angular'; -import * as Rx from 'rxjs'; - -/** - * Subscribe to an observable at a $scope, ensuring that the digest cycle - * is run for subscriber hooks and routing errors to fatalError if not handled. - */ -export const subscribeWithScope = ( - $scope: IScope, - observable: Rx.Observable, - observer?: Rx.PartialObserver -) => { - return observable.subscribe({ - next(value) { - if (observer && observer.next) { - $scope.$applyAsync(() => observer.next!(value)); - } - }, - error(error) { - $scope.$applyAsync(() => { - if (observer && observer.error) { - observer.error(error); - } else { - throw new Error( - `Uncaught error in subscribeWithScope(): ${ - error ? error.stack || error.message : error - }` - ); - } - }); - }, - complete() { - if (observer && observer.complete) { - $scope.$applyAsync(() => observer.complete!()); - } - }, - }); -}; diff --git a/x-pack/plugins/monitoring/public/angular/index.ts b/x-pack/plugins/monitoring/public/angular/index.ts deleted file mode 100644 index 1a655fc1ee256bf..000000000000000 --- a/x-pack/plugins/monitoring/public/angular/index.ts +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import angular, { IModule } from 'angular'; -import { uiRoutes } from './helpers/routes'; -import { Legacy } from '../legacy_shims'; -import { configureAppAngularModule } from '../angular/top_nav'; -import { localAppModule, appModuleName } from './app_modules'; -import { APP_WRAPPER_CLASS } from '../../../../../src/core/public'; - -import { MonitoringStartPluginDependencies } from '../types'; - -export class AngularApp { - private injector?: angular.auto.IInjectorService; - - constructor(deps: MonitoringStartPluginDependencies) { - const { - core, - element, - data, - navigation, - isCloud, - pluginInitializerContext, - externalConfig, - triggersActionsUi, - usageCollection, - appMountParameters, - } = deps; - const app: IModule = localAppModule(deps); - app.run(($injector: angular.auto.IInjectorService) => { - this.injector = $injector; - Legacy.init( - { - core, - element, - data, - navigation, - isCloud, - pluginInitializerContext, - externalConfig, - triggersActionsUi, - usageCollection, - appMountParameters, - }, - this.injector - ); - }); - - app.config(($routeProvider: unknown) => uiRoutes.addToProvider($routeProvider)); - - const np = { core, env: pluginInitializerContext.env }; - configureAppAngularModule(app, np, true); - const appElement = document.createElement('div'); - appElement.setAttribute('style', 'height: 100%'); - appElement.innerHTML = '
'; - - if (!element.classList.contains(APP_WRAPPER_CLASS)) { - element.classList.add(APP_WRAPPER_CLASS); - } - - angular.bootstrap(appElement, [appModuleName]); - angular.element(element).append(appElement); - } - - public destroy = () => { - if (this.injector) { - this.injector.get('$rootScope').$destroy(); - } - }; - - public applyScope = () => { - if (!this.injector) { - return; - } - - const rootScope = this.injector.get('$rootScope'); - rootScope.$applyAsync(); - }; -} diff --git a/x-pack/plugins/monitoring/public/angular/providers/private.js b/x-pack/plugins/monitoring/public/angular/providers/private.js deleted file mode 100644 index 018e2d7d4184092..000000000000000 --- a/x-pack/plugins/monitoring/public/angular/providers/private.js +++ /dev/null @@ -1,193 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/** - * # `Private()` - * Private module loader, used to merge angular and require js dependency styles - * by allowing a require.js module to export a single provider function that will - * create a value used within an angular application. This provider can declare - * angular dependencies by listing them as arguments, and can be require additional - * Private modules. - * - * ## Define a private module provider: - * ```js - * export default function PingProvider($http) { - * this.ping = function () { - * return $http.head('/health-check'); - * }; - * }; - * ``` - * - * ## Require a private module: - * ```js - * export default function ServerHealthProvider(Private, Promise) { - * let ping = Private(require('ui/ping')); - * return { - * check: Promise.method(function () { - * let attempts = 0; - * return (function attempt() { - * attempts += 1; - * return ping.ping() - * .catch(function (err) { - * if (attempts < 3) return attempt(); - * }) - * }()) - * .then(function () { - * return true; - * }) - * .catch(function () { - * return false; - * }); - * }) - * } - * }; - * ``` - * - * # `Private.stub(provider, newInstance)` - * `Private.stub()` replaces the instance of a module with another value. This is all we have needed until now. - * - * ```js - * beforeEach(inject(function ($injector, Private) { - * Private.stub( - * // since this module just exports a function, we need to change - * // what Private returns in order to modify it's behavior - * require('ui/agg_response/hierarchical/_build_split'), - * sinon.stub().returns(fakeSplit) - * ); - * })); - * ``` - * - * # `Private.swap(oldProvider, newProvider)` - * This new method does an 1-for-1 swap of module providers, unlike `stub()` which replaces a modules instance. - * Pass the module you want to swap out, and the one it should be replaced with, then profit. - * - * Note: even though this example shows `swap()` being called in a config - * function, it can be called from anywhere. It is particularly useful - * in this scenario though. - * - * ```js - * beforeEach(module('kibana', function (PrivateProvider) { - * PrivateProvider.swap( - * function StubbedRedirectProvider($decorate) { - * // $decorate is a function that will instantiate the original module when called - * return sinon.spy($decorate()); - * } - * ); - * })); - * ``` - * - * @param {[type]} prov [description] - */ -import { partial, uniqueId, isObject } from 'lodash'; - -const nextId = partial(uniqueId, 'privateProvider#'); - -function name(fn) { - return fn.name || fn.toString().split('\n').shift(); -} - -export function PrivateProvider() { - const provider = this; - - // one cache/swaps per Provider - const cache = {}; - const swaps = {}; - - // return the uniq id for this function - function identify(fn) { - if (typeof fn !== 'function') { - throw new TypeError('Expected private module "' + fn + '" to be a function'); - } - - if (fn.$$id) return fn.$$id; - else return (fn.$$id = nextId()); - } - - provider.stub = function (fn, instance) { - cache[identify(fn)] = instance; - return instance; - }; - - provider.swap = function (fn, prov) { - const id = identify(fn); - swaps[id] = prov; - }; - - provider.$get = [ - '$injector', - function PrivateFactory($injector) { - // prevent circular deps by tracking where we came from - const privPath = []; - const pathToString = function () { - return privPath.map(name).join(' -> '); - }; - - // call a private provider and return the instance it creates - function instantiate(prov, locals) { - if (~privPath.indexOf(prov)) { - throw new Error( - 'Circular reference to "' + - name(prov) + - '"' + - ' found while resolving private deps: ' + - pathToString() - ); - } - - privPath.push(prov); - - const context = {}; - let instance = $injector.invoke(prov, context, locals); - if (!isObject(instance)) instance = context; - - privPath.pop(); - return instance; - } - - // retrieve an instance from cache or create and store on - function get(id, prov, $delegateId, $delegateProv) { - if (cache[id]) return cache[id]; - - let instance; - - if ($delegateId != null && $delegateProv != null) { - instance = instantiate(prov, { - $decorate: partial(get, $delegateId, $delegateProv), - }); - } else { - instance = instantiate(prov); - } - - return (cache[id] = instance); - } - - // main api, get the appropriate instance for a provider - function Private(prov) { - let id = identify(prov); - let $delegateId; - let $delegateProv; - - if (swaps[id]) { - $delegateId = id; - $delegateProv = prov; - - prov = swaps[$delegateId]; - id = identify(prov); - } - - return get(id, prov, $delegateId, $delegateProv); - } - - Private.stub = provider.stub; - Private.swap = provider.swap; - - return Private; - }, - ]; - - return provider; -} diff --git a/x-pack/plugins/monitoring/public/application/pages/logstash/pipelines.tsx b/x-pack/plugins/monitoring/public/application/pages/logstash/pipelines.tsx index c2dfe1c0dae7dad..2a2de0a716cea8d 100644 --- a/x-pack/plugins/monitoring/public/application/pages/logstash/pipelines.tsx +++ b/x-pack/plugins/monitoring/public/application/pages/logstash/pipelines.tsx @@ -34,12 +34,12 @@ export const LogStashPipelinesPage: React.FC = ({ clusters }) => const { getPaginationTableProps, getPaginationRouteOptions, updateTotalItemCount } = useTable('logstash.pipelines'); - const title = i18n.translate('xpack.monitoring.logstash.overview.title', { - defaultMessage: 'Logstash', + const title = i18n.translate('xpack.monitoring.logstash.pipelines.routeTitle', { + defaultMessage: 'Logstash Pipelines', }); - const pageTitle = i18n.translate('xpack.monitoring.logstash.overview.pageTitle', { - defaultMessage: 'Logstash overview', + const pageTitle = i18n.translate('xpack.monitoring.logstash.pipelines.pageTitle', { + defaultMessage: 'Logstash pipelines', }); const getPageData = useCallback(async () => { diff --git a/x-pack/plugins/monitoring/public/application/pages/no_data/no_data_page.tsx b/x-pack/plugins/monitoring/public/application/pages/no_data/no_data_page.tsx index e798e7d74ad38ec..e767074aea42b5c 100644 --- a/x-pack/plugins/monitoring/public/application/pages/no_data/no_data_page.tsx +++ b/x-pack/plugins/monitoring/public/application/pages/no_data/no_data_page.tsx @@ -17,7 +17,7 @@ import { CODE_PATH_LICENSE, STANDALONE_CLUSTER_CLUSTER_UUID } from '../../../../ import { Legacy } from '../../../legacy_shims'; import { Enabler } from './enabler'; import { BreadcrumbContainer } from '../../hooks/use_breadcrumbs'; -import { initSetupModeState } from '../../setup_mode/setup_mode'; +import { initSetupModeState } from '../../../lib/setup_mode'; import { GlobalStateContext } from '../../contexts/global_state_context'; import { useRequestErrorHandler } from '../../hooks/use_request_error_handler'; diff --git a/x-pack/plugins/monitoring/public/application/pages/page_template.tsx b/x-pack/plugins/monitoring/public/application/pages/page_template.tsx index 23eeb2c034a80f9..c0030cfcfe55c25 100644 --- a/x-pack/plugins/monitoring/public/application/pages/page_template.tsx +++ b/x-pack/plugins/monitoring/public/application/pages/page_template.tsx @@ -17,7 +17,7 @@ import { getSetupModeState, isSetupModeFeatureEnabled, updateSetupModeData, -} from '../setup_mode/setup_mode'; +} from '../../lib/setup_mode'; import { SetupModeFeature } from '../../../common/enums'; import { AlertsDropdown } from '../../alerts/alerts_dropdown'; import { ActionMenu } from '../../components/action_menu'; diff --git a/x-pack/plugins/monitoring/public/application/setup_mode/index.ts b/x-pack/plugins/monitoring/public/application/setup_mode/index.ts index 1bcdcdef09c281b..57d734fc6d056d2 100644 --- a/x-pack/plugins/monitoring/public/application/setup_mode/index.ts +++ b/x-pack/plugins/monitoring/public/application/setup_mode/index.ts @@ -5,4 +5,4 @@ * 2.0. */ -export * from './setup_mode'; +export * from '../../lib/setup_mode'; diff --git a/x-pack/plugins/monitoring/public/application/setup_mode/setup_mode.tsx b/x-pack/plugins/monitoring/public/application/setup_mode/setup_mode.tsx deleted file mode 100644 index 828d5a2d20ae6bf..000000000000000 --- a/x-pack/plugins/monitoring/public/application/setup_mode/setup_mode.tsx +++ /dev/null @@ -1,203 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { render } from 'react-dom'; -import { get, includes } from 'lodash'; -import { i18n } from '@kbn/i18n'; -import { HttpStart, IHttpFetchError } from 'kibana/public'; -import { KibanaContextProvider } from '../../../../../../src/plugins/kibana_react/public'; -import { Legacy } from '../../legacy_shims'; -import { SetupModeEnterButton } from '../../components/setup_mode/enter_button'; -import { SetupModeFeature } from '../../../common/enums'; -import { ISetupModeContext } from '../../components/setup_mode/setup_mode_context'; -import { State as GlobalState } from '../contexts/global_state_context'; - -function isOnPage(hash: string) { - return includes(window.location.hash, hash); -} - -let globalState: GlobalState; -let httpService: HttpStart; -let errorHandler: (error: IHttpFetchError) => void; - -interface ISetupModeState { - enabled: boolean; - data: any; - callback?: (() => void) | null; - hideBottomBar: boolean; -} -const setupModeState: ISetupModeState = { - enabled: false, - data: null, - callback: null, - hideBottomBar: false, -}; - -export const getSetupModeState = () => setupModeState; - -export const setNewlyDiscoveredClusterUuid = (clusterUuid: string) => { - globalState.cluster_uuid = clusterUuid; - globalState.save?.(); -}; - -export const fetchCollectionData = async (uuid?: string, fetchWithoutClusterUuid = false) => { - const clusterUuid = globalState.cluster_uuid; - const ccs = globalState.ccs; - - let url = '../api/monitoring/v1/setup/collection'; - if (uuid) { - url += `/node/${uuid}`; - } else if (!fetchWithoutClusterUuid && clusterUuid) { - url += `/cluster/${clusterUuid}`; - } else { - url += '/cluster'; - } - - try { - const response = await httpService.post(url, { - body: JSON.stringify({ - ccs, - }), - }); - return response; - } catch (err) { - errorHandler(err); - throw err; - } -}; - -const notifySetupModeDataChange = () => setupModeState.callback && setupModeState.callback(); - -export const updateSetupModeData = async (uuid?: string, fetchWithoutClusterUuid = false) => { - const data = await fetchCollectionData(uuid, fetchWithoutClusterUuid); - setupModeState.data = data; - const hasPermissions = get(data, '_meta.hasPermissions', false); - if (!hasPermissions) { - let text: string = ''; - if (!hasPermissions) { - text = i18n.translate('xpack.monitoring.setupMode.notAvailablePermissions', { - defaultMessage: 'You do not have the necessary permissions to do this.', - }); - } - - Legacy.shims.toastNotifications.addDanger({ - title: i18n.translate('xpack.monitoring.setupMode.notAvailableTitle', { - defaultMessage: 'Setup mode is not available', - }), - text, - }); - return toggleSetupMode(false); - } - notifySetupModeDataChange(); - - const clusterUuid = globalState.cluster_uuid; - if (!clusterUuid) { - const liveClusterUuid: string = get(data, '_meta.liveClusterUuid'); - const migratedEsNodes = Object.values(get(data, 'elasticsearch.byUuid', {})).filter( - (node: any) => node.isPartiallyMigrated || node.isFullyMigrated - ); - if (liveClusterUuid && migratedEsNodes.length > 0) { - setNewlyDiscoveredClusterUuid(liveClusterUuid); - } - } -}; - -export const hideBottomBar = () => { - setupModeState.hideBottomBar = true; - notifySetupModeDataChange(); -}; -export const showBottomBar = () => { - setupModeState.hideBottomBar = false; - notifySetupModeDataChange(); -}; - -export const disableElasticsearchInternalCollection = async () => { - const clusterUuid = globalState.cluster_uuid; - const url = `../api/monitoring/v1/setup/collection/${clusterUuid}/disable_internal_collection`; - try { - const response = await httpService.post(url); - return response; - } catch (err) { - errorHandler(err); - throw err; - } -}; - -export const toggleSetupMode = (inSetupMode: boolean) => { - setupModeState.enabled = inSetupMode; - globalState.inSetupMode = inSetupMode; - globalState.save?.(); - setSetupModeMenuItem(); - notifySetupModeDataChange(); - - if (inSetupMode) { - // Intentionally do not await this so we don't block UI operations - updateSetupModeData(); - } -}; - -export const setSetupModeMenuItem = () => { - if (isOnPage('no-data')) { - return; - } - - const enabled = !globalState.inSetupMode; - const I18nContext = Legacy.shims.I18nContext; - - render( - - - - - , - document.getElementById('setupModeNav') - ); -}; - -export const initSetupModeState = async ( - state: GlobalState, - http: HttpStart, - handleErrors: (error: IHttpFetchError) => void, - callback?: () => void -) => { - globalState = state; - httpService = http; - errorHandler = handleErrors; - if (callback) { - setupModeState.callback = callback; - } - - if (globalState.inSetupMode) { - toggleSetupMode(true); - } -}; - -export const isInSetupMode = (context?: ISetupModeContext, gState: GlobalState = globalState) => { - if (context?.setupModeSupported === false) { - return false; - } - if (setupModeState.enabled) { - return true; - } - - return gState.inSetupMode; -}; - -export const isSetupModeFeatureEnabled = (feature: SetupModeFeature) => { - if (!setupModeState.enabled) { - return false; - } - - if (feature === SetupModeFeature.MetricbeatMigration) { - if (Legacy.shims.isCloud) { - return false; - } - } - - return true; -}; diff --git a/x-pack/plugins/monitoring/public/application/setup_mode/setup_mode_renderer.js b/x-pack/plugins/monitoring/public/application/setup_mode/setup_mode_renderer.js index a9ee2464cd42337..df524fa99ae536c 100644 --- a/x-pack/plugins/monitoring/public/application/setup_mode/setup_mode_renderer.js +++ b/x-pack/plugins/monitoring/public/application/setup_mode/setup_mode_renderer.js @@ -13,7 +13,7 @@ import { disableElasticsearchInternalCollection, toggleSetupMode, setSetupModeMenuItem, -} from './setup_mode'; +} from '../../lib/setup_mode'; import { Flyout } from '../../components/metricbeat_migration/flyout'; import { EuiBottomBar, diff --git a/x-pack/plugins/monitoring/public/directives/elasticsearch/ml_job_listing/index.js b/x-pack/plugins/monitoring/public/directives/elasticsearch/ml_job_listing/index.js deleted file mode 100644 index 69579cb831c06fa..000000000000000 --- a/x-pack/plugins/monitoring/public/directives/elasticsearch/ml_job_listing/index.js +++ /dev/null @@ -1,171 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { capitalize } from 'lodash'; -import numeral from '@elastic/numeral'; -import React from 'react'; -import { render, unmountComponentAtNode } from 'react-dom'; -import { EuiMonitoringTable } from '../../../components/table'; -import { MachineLearningJobStatusIcon } from '../../../components/elasticsearch/ml_job_listing/status_icon'; -import { LARGE_ABBREVIATED, LARGE_BYTES } from '../../../../common/formatting'; -import { EuiLink, EuiPage, EuiPageContent, EuiPageBody, EuiPanel, EuiSpacer } from '@elastic/eui'; -import { ClusterStatus } from '../../../components/elasticsearch/cluster_status'; -import { i18n } from '@kbn/i18n'; -import { FormattedMessage } from '@kbn/i18n/react'; -import { getSafeForExternalLink } from '../../../lib/get_safe_for_external_link'; - -const getColumns = () => [ - { - name: i18n.translate('xpack.monitoring.elasticsearch.mlJobListing.jobIdTitle', { - defaultMessage: 'Job ID', - }), - field: 'job_id', - sortable: true, - }, - { - name: i18n.translate('xpack.monitoring.elasticsearch.mlJobListing.stateTitle', { - defaultMessage: 'State', - }), - field: 'state', - sortable: true, - render: (state) => ( -
- -   - {capitalize(state)} -
- ), - }, - { - name: i18n.translate('xpack.monitoring.elasticsearch.mlJobListing.processedRecordsTitle', { - defaultMessage: 'Processed Records', - }), - field: 'data_counts.processed_record_count', - sortable: true, - render: (value) => {numeral(value).format(LARGE_ABBREVIATED)}, - }, - { - name: i18n.translate('xpack.monitoring.elasticsearch.mlJobListing.modelSizeTitle', { - defaultMessage: 'Model Size', - }), - field: 'model_size_stats.model_bytes', - sortable: true, - render: (value) => {numeral(value).format(LARGE_BYTES)}, - }, - { - name: i18n.translate('xpack.monitoring.elasticsearch.mlJobListing.forecastsTitle', { - defaultMessage: 'Forecasts', - }), - field: 'forecasts_stats.total', - sortable: true, - render: (value) => {numeral(value).format(LARGE_ABBREVIATED)}, - }, - { - name: i18n.translate('xpack.monitoring.elasticsearch.mlJobListing.nodeTitle', { - defaultMessage: 'Node', - }), - field: 'node.name', - sortable: true, - render: (name, node) => { - if (node) { - return ( - - {name} - - ); - } - - return ( - - ); - }, - }, -]; - -//monitoringMlListing -export function monitoringMlListingProvider() { - return { - restrict: 'E', - scope: { - jobs: '=', - paginationSettings: '=', - sorting: '=', - onTableChange: '=', - status: '=', - }, - link(scope, $el) { - scope.$on('$destroy', () => $el && $el[0] && unmountComponentAtNode($el[0])); - const columns = getColumns(); - - const filterJobsPlaceholder = i18n.translate( - 'xpack.monitoring.elasticsearch.mlJobListing.filterJobsPlaceholder', - { - defaultMessage: 'Filter Jobs…', - } - ); - - scope.$watch('jobs', (_jobs = []) => { - const jobs = _jobs.map((job) => { - if (job.ml) { - return { - ...job.ml.job, - node: job.node, - job_id: job.ml.job.id, - }; - } - return job; - }); - const mlTable = ( - - - - - - - - - - - - ); - render(mlTable, $el[0]); - }); - }, - }; -} diff --git a/x-pack/plugins/monitoring/public/directives/main/index.html b/x-pack/plugins/monitoring/public/directives/main/index.html deleted file mode 100644 index fd14120e1db2fc0..000000000000000 --- a/x-pack/plugins/monitoring/public/directives/main/index.html +++ /dev/null @@ -1,323 +0,0 @@ - diff --git a/x-pack/plugins/monitoring/public/directives/main/index.js b/x-pack/plugins/monitoring/public/directives/main/index.js deleted file mode 100644 index 0e464f0a356c430..000000000000000 --- a/x-pack/plugins/monitoring/public/directives/main/index.js +++ /dev/null @@ -1,275 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { render, unmountComponentAtNode } from 'react-dom'; -import { EuiSelect, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; -import { i18n } from '@kbn/i18n'; -import { get } from 'lodash'; -import template from './index.html'; -import { Legacy } from '../../legacy_shims'; -import { shortenPipelineHash } from '../../../common/formatting'; -import { - getSetupModeState, - initSetupModeState, - isSetupModeFeatureEnabled, -} from '../../lib/setup_mode'; -import { Subscription } from 'rxjs'; -import { getSafeForExternalLink } from '../../lib/get_safe_for_external_link'; -import { SetupModeFeature } from '../../../common/enums'; -import './index.scss'; - -const setOptions = (controller) => { - if ( - !controller.pipelineVersions || - !controller.pipelineVersions.length || - !controller.pipelineDropdownElement - ) { - return; - } - - render( - - - { - return { - text: i18n.translate( - 'xpack.monitoring.logstashNavigation.pipelineVersionDescription', - { - defaultMessage: - 'Version active {relativeLastSeen} and first seen {relativeFirstSeen}', - values: { - relativeLastSeen: option.relativeLastSeen, - relativeFirstSeen: option.relativeFirstSeen, - }, - } - ), - value: option.hash, - }; - })} - onChange={controller.onChangePipelineHash} - /> - - , - controller.pipelineDropdownElement - ); -}; - -/* - * Manage data and provide helper methods for the "main" directive's template - */ -export class MonitoringMainController { - // called internally by Angular - constructor() { - this.inListing = false; - this.inAlerts = false; - this.inOverview = false; - this.inElasticsearch = false; - this.inKibana = false; - this.inLogstash = false; - this.inBeats = false; - this.inApm = false; - } - - addTimerangeObservers = () => { - const timefilter = Legacy.shims.timefilter; - this.subscriptions = new Subscription(); - - const refreshIntervalUpdated = () => { - const { value: refreshInterval, pause: isPaused } = timefilter.getRefreshInterval(); - this.datePicker.onRefreshChange({ refreshInterval, isPaused }, true); - }; - - const timeUpdated = () => { - this.datePicker.onTimeUpdate({ dateRange: timefilter.getTime() }, true); - }; - - this.subscriptions.add( - timefilter.getRefreshIntervalUpdate$().subscribe(refreshIntervalUpdated) - ); - this.subscriptions.add(timefilter.getTimeUpdate$().subscribe(timeUpdated)); - }; - - dropdownLoadedHandler() { - this.pipelineDropdownElement = document.querySelector('#dropdown-elm'); - setOptions(this); - } - - // kick things off from the directive link function - setup(options) { - const timefilter = Legacy.shims.timefilter; - this._licenseService = options.licenseService; - this._breadcrumbsService = options.breadcrumbsService; - this._executorService = options.executorService; - - Object.assign(this, options.attributes); - - this.navName = `${this.name}-nav`; - - // set the section we're navigated in - if (this.product) { - this.inElasticsearch = this.product === 'elasticsearch'; - this.inKibana = this.product === 'kibana'; - this.inLogstash = this.product === 'logstash'; - this.inBeats = this.product === 'beats'; - this.inApm = this.product === 'apm'; - } else { - this.inOverview = this.name === 'overview'; - this.inAlerts = this.name === 'alerts'; - this.inListing = this.name === 'listing'; // || this.name === 'no-data'; - } - - if (!this.inListing) { - // no breadcrumbs in cluster listing page - this.breadcrumbs = this._breadcrumbsService(options.clusterName, this); - } - - if (this.pipelineHash) { - this.pipelineHashShort = shortenPipelineHash(this.pipelineHash); - this.onChangePipelineHash = () => { - window.location.hash = getSafeForExternalLink( - `#/logstash/pipelines/${this.pipelineId}/${this.pipelineHash}` - ); - }; - } - - this.datePicker = { - enableTimeFilter: timefilter.isTimeRangeSelectorEnabled(), - timeRange: timefilter.getTime(), - refreshInterval: timefilter.getRefreshInterval(), - onRefreshChange: ({ isPaused, refreshInterval }, skipSet = false) => { - this.datePicker.refreshInterval = { - pause: isPaused, - value: refreshInterval, - }; - if (!skipSet) { - timefilter.setRefreshInterval({ - pause: isPaused, - value: refreshInterval ? refreshInterval : this.datePicker.refreshInterval.value, - }); - } - }, - onTimeUpdate: ({ dateRange }, skipSet = false) => { - this.datePicker.timeRange = { - ...dateRange, - }; - if (!skipSet) { - timefilter.setTime(dateRange); - } - this._executorService.cancel(); - this._executorService.run(); - }, - }; - } - - // check whether to "highlight" a tab - isActiveTab(testPath) { - return this.name === testPath; - } - - // check whether to show ML tab - isMlSupported() { - return this._licenseService.mlIsSupported(); - } - - isDisabledTab(product) { - const setupMode = getSetupModeState(); - if (!isSetupModeFeatureEnabled(SetupModeFeature.MetricbeatMigration)) { - return false; - } - - if (!setupMode.data) { - return false; - } - - const data = setupMode.data[product] || {}; - if (data.totalUniqueInstanceCount === 0) { - return true; - } - if ( - data.totalUniqueInternallyCollectedCount === 0 && - data.totalUniqueFullyMigratedCount === 0 && - data.totalUniquePartiallyMigratedCount === 0 - ) { - return true; - } - return false; - } -} - -export function monitoringMainProvider(breadcrumbs, license, $injector) { - const $executor = $injector.get('$executor'); - const $parse = $injector.get('$parse'); - - return { - restrict: 'E', - transclude: true, - template, - controller: MonitoringMainController, - controllerAs: 'monitoringMain', - bindToController: true, - link(scope, _element, attributes, controller) { - scope.$applyAsync(() => { - controller.addTimerangeObservers(); - const setupObj = getSetupObj(); - controller.setup(setupObj); - Object.keys(setupObj.attributes).forEach((key) => { - attributes.$observe(key, () => controller.setup(getSetupObj())); - }); - if (attributes.onLoaded) { - const onLoaded = $parse(attributes.onLoaded)(scope); - onLoaded(); - } - }); - - initSetupModeState(scope, $injector, () => { - controller.setup(getSetupObj()); - }); - if (!scope.cluster) { - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - scope.cluster = ($route.current.locals.clusters || []).find( - (cluster) => cluster.cluster_uuid === globalState.cluster_uuid - ); - } - - function getSetupObj() { - return { - licenseService: license, - breadcrumbsService: breadcrumbs, - executorService: $executor, - attributes: { - name: attributes.name, - product: attributes.product, - instance: attributes.instance, - resolver: attributes.resolver, - page: attributes.page, - tabIconClass: attributes.tabIconClass, - tabIconLabel: attributes.tabIconLabel, - pipelineId: attributes.pipelineId, - pipelineHash: attributes.pipelineHash, - pipelineVersions: get(scope, 'pageData.versions'), - isCcrEnabled: attributes.isCcrEnabled === 'true' || attributes.isCcrEnabled === true, - }, - clusterName: get(scope, 'cluster.cluster_name'), - }; - } - - scope.$on('$destroy', () => { - controller.pipelineDropdownElement && - unmountComponentAtNode(controller.pipelineDropdownElement); - controller.subscriptions && controller.subscriptions.unsubscribe(); - }); - scope.$watch('pageData.versions', (versions) => { - controller.pipelineVersions = versions; - setOptions(controller); - }); - }, - }; -} diff --git a/x-pack/plugins/monitoring/public/directives/main/index.scss b/x-pack/plugins/monitoring/public/directives/main/index.scss deleted file mode 100644 index db5d2b72ab07b43..000000000000000 --- a/x-pack/plugins/monitoring/public/directives/main/index.scss +++ /dev/null @@ -1,3 +0,0 @@ -.monTopNavSecondItem { - padding-left: $euiSizeM; -} diff --git a/x-pack/plugins/monitoring/public/directives/main/monitoring_main_controller.test.js b/x-pack/plugins/monitoring/public/directives/main/monitoring_main_controller.test.js deleted file mode 100644 index 195e11cee6112be..000000000000000 --- a/x-pack/plugins/monitoring/public/directives/main/monitoring_main_controller.test.js +++ /dev/null @@ -1,286 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { noop } from 'lodash'; -import expect from '@kbn/expect'; -import { Legacy } from '../../legacy_shims'; -import { MonitoringMainController } from './'; - -const getMockLicenseService = (options) => ({ mlIsSupported: () => options.mlIsSupported }); -const getMockBreadcrumbsService = () => noop; // breadcrumb service has its own test - -describe('Monitoring Main Directive Controller', () => { - const core = { - notifications: {}, - application: {}, - i18n: {}, - chrome: {}, - }; - const data = { - query: { - timefilter: { - timefilter: { - isTimeRangeSelectorEnabled: () => true, - getTime: () => 1, - getRefreshInterval: () => 1, - }, - }, - }, - }; - const isCloud = false; - const triggersActionsUi = {}; - - beforeAll(() => { - Legacy.init({ - core, - data, - isCloud, - triggersActionsUi, - }); - }); - - /* - * Simulates calling the monitoringMain directive the way Cluster Listing - * does: - * - * ... - */ - it('in Cluster Listing', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: getMockLicenseService(), - breadcrumbsService: getMockBreadcrumbsService(), - attributes: { - name: 'listing', - }, - }); - - // derived properties - expect(controller.inListing).to.be(true); - expect(controller.inAlerts).to.be(false); - expect(controller.inOverview).to.be(false); - - // attributes - expect(controller.name).to.be('listing'); - expect(controller.product).to.be(undefined); - expect(controller.instance).to.be(undefined); - expect(controller.resolver).to.be(undefined); - expect(controller.page).to.be(undefined); - expect(controller.tabIconClass).to.be(undefined); - expect(controller.tabIconLabel).to.be(undefined); - }); - - /* - * Simulates calling the monitoringMain directive the way Cluster Alerts - * Listing does: - * - * ... - */ - it('in Cluster Alerts', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: getMockLicenseService(), - breadcrumbsService: getMockBreadcrumbsService(), - attributes: { - name: 'alerts', - }, - }); - - // derived properties - expect(controller.inListing).to.be(false); - expect(controller.inAlerts).to.be(true); - expect(controller.inOverview).to.be(false); - - // attributes - expect(controller.name).to.be('alerts'); - expect(controller.product).to.be(undefined); - expect(controller.instance).to.be(undefined); - expect(controller.resolver).to.be(undefined); - expect(controller.page).to.be(undefined); - expect(controller.tabIconClass).to.be(undefined); - expect(controller.tabIconLabel).to.be(undefined); - }); - - /* - * Simulates calling the monitoringMain directive the way Cluster Overview - * does: - * - * ... - */ - it('in Cluster Overview', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: getMockLicenseService(), - breadcrumbsService: getMockBreadcrumbsService(), - attributes: { - name: 'overview', - }, - }); - - // derived properties - expect(controller.inListing).to.be(false); - expect(controller.inAlerts).to.be(false); - expect(controller.inOverview).to.be(true); - - // attributes - expect(controller.name).to.be('overview'); - expect(controller.product).to.be(undefined); - expect(controller.instance).to.be(undefined); - expect(controller.resolver).to.be(undefined); - expect(controller.page).to.be(undefined); - expect(controller.tabIconClass).to.be(undefined); - expect(controller.tabIconLabel).to.be(undefined); - }); - - /* - * Simulates calling the monitoringMain directive the way that Elasticsearch - * Node / Advanced does: - * - * ... - */ - it('in ES Node - Advanced', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: getMockLicenseService(), - breadcrumbsService: getMockBreadcrumbsService(), - attributes: { - product: 'elasticsearch', - name: 'nodes', - instance: 'es-node-name-01', - resolver: 'es-node-resolver-01', - page: 'advanced', - tabIconClass: 'fa star', - tabIconLabel: 'Master Node', - }, - }); - - // derived properties - expect(controller.inListing).to.be(false); - expect(controller.inAlerts).to.be(false); - expect(controller.inOverview).to.be(false); - - // attributes - expect(controller.name).to.be('nodes'); - expect(controller.product).to.be('elasticsearch'); - expect(controller.instance).to.be('es-node-name-01'); - expect(controller.resolver).to.be('es-node-resolver-01'); - expect(controller.page).to.be('advanced'); - expect(controller.tabIconClass).to.be('fa star'); - expect(controller.tabIconLabel).to.be('Master Node'); - }); - - /** - * - */ - it('in Kibana Overview', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: getMockLicenseService(), - breadcrumbsService: getMockBreadcrumbsService(), - attributes: { - product: 'kibana', - name: 'overview', - }, - }); - - // derived properties - expect(controller.inListing).to.be(false); - expect(controller.inAlerts).to.be(false); - expect(controller.inOverview).to.be(false); - - // attributes - expect(controller.name).to.be('overview'); - expect(controller.product).to.be('kibana'); - expect(controller.instance).to.be(undefined); - expect(controller.resolver).to.be(undefined); - expect(controller.page).to.be(undefined); - expect(controller.tabIconClass).to.be(undefined); - expect(controller.tabIconLabel).to.be(undefined); - }); - - /** - * - */ - it('in Logstash Listing', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: getMockLicenseService(), - breadcrumbsService: getMockBreadcrumbsService(), - attributes: { - product: 'logstash', - name: 'listing', - }, - }); - - // derived properties - expect(controller.inListing).to.be(false); - expect(controller.inAlerts).to.be(false); - expect(controller.inOverview).to.be(false); - - // attributes - expect(controller.name).to.be('listing'); - expect(controller.product).to.be('logstash'); - expect(controller.instance).to.be(undefined); - expect(controller.resolver).to.be(undefined); - expect(controller.page).to.be(undefined); - expect(controller.tabIconClass).to.be(undefined); - expect(controller.tabIconLabel).to.be(undefined); - }); - - /* - * Test `controller.isMlSupported` function - */ - describe('Checking support for ML', () => { - it('license supports ML', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: getMockLicenseService({ mlIsSupported: true }), - breadcrumbsService: getMockBreadcrumbsService(), - attributes: { - name: 'listing', - }, - }); - - expect(controller.isMlSupported()).to.be(true); - }); - it('license does not support ML', () => { - getMockLicenseService({ mlIsSupported: false }); - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: getMockLicenseService({ mlIsSupported: false }), - breadcrumbsService: getMockBreadcrumbsService(), - attributes: { - name: 'listing', - }, - }); - - expect(controller.isMlSupported()).to.be(false); - }); - }); -}); diff --git a/x-pack/plugins/monitoring/public/lib/setup_mode.test.js b/x-pack/plugins/monitoring/public/lib/setup_mode.test.js index 6dad6effeecc1b4..47cae9c4f085125 100644 --- a/x-pack/plugins/monitoring/public/lib/setup_mode.test.js +++ b/x-pack/plugins/monitoring/public/lib/setup_mode.test.js @@ -83,7 +83,7 @@ function waitForSetupModeData() { return new Promise((resolve) => process.nextTick(resolve)); } -describe('setup_mode', () => { +xdescribe('setup_mode', () => { beforeEach(async () => { setModulesAndMocks(); }); diff --git a/x-pack/plugins/monitoring/public/lib/setup_mode.tsx b/x-pack/plugins/monitoring/public/lib/setup_mode.tsx index fca7f94731bc5ad..e582f4aa4081283 100644 --- a/x-pack/plugins/monitoring/public/lib/setup_mode.tsx +++ b/x-pack/plugins/monitoring/public/lib/setup_mode.tsx @@ -9,37 +9,21 @@ import React from 'react'; import { render } from 'react-dom'; import { get, includes } from 'lodash'; import { i18n } from '@kbn/i18n'; +import { HttpStart, IHttpFetchError } from 'kibana/public'; import { KibanaContextProvider } from '../../../../../src/plugins/kibana_react/public'; import { Legacy } from '../legacy_shims'; -import { ajaxErrorHandlersProvider } from './ajax_error_handler'; import { SetupModeEnterButton } from '../components/setup_mode/enter_button'; import { SetupModeFeature } from '../../common/enums'; import { ISetupModeContext } from '../components/setup_mode/setup_mode_context'; -import * as setupModeReact from '../application/setup_mode/setup_mode'; -import { isReactMigrationEnabled } from '../external_config'; +import { State as GlobalState } from '../application/contexts/global_state_context'; function isOnPage(hash: string) { return includes(window.location.hash, hash); } -interface IAngularState { - injector: any; - scope: any; -} - -const angularState: IAngularState = { - injector: null, - scope: null, -}; - -const checkAngularState = () => { - if (!angularState.injector || !angularState.scope) { - throw new Error( - 'Unable to interact with setup mode because the angular injector was not previously set.' + - ' This needs to be set by calling `initSetupModeState`.' - ); - } -}; +let globalState: GlobalState; +let httpService: HttpStart; +let errorHandler: (error: IHttpFetchError) => void; interface ISetupModeState { enabled: boolean; @@ -57,20 +41,11 @@ const setupModeState: ISetupModeState = { export const getSetupModeState = () => setupModeState; export const setNewlyDiscoveredClusterUuid = (clusterUuid: string) => { - const globalState = angularState.injector.get('globalState'); - const executor = angularState.injector.get('$executor'); - angularState.scope.$apply(() => { - globalState.cluster_uuid = clusterUuid; - globalState.save(); - }); - executor.run(); + globalState.cluster_uuid = clusterUuid; + globalState.save?.(); }; export const fetchCollectionData = async (uuid?: string, fetchWithoutClusterUuid = false) => { - checkAngularState(); - - const http = angularState.injector.get('$http'); - const globalState = angularState.injector.get('globalState'); const clusterUuid = globalState.cluster_uuid; const ccs = globalState.ccs; @@ -84,12 +59,15 @@ export const fetchCollectionData = async (uuid?: string, fetchWithoutClusterUuid } try { - const response = await http.post(url, { ccs }); - return response.data; + const response = await httpService.post(url, { + body: JSON.stringify({ + ccs, + }), + }); + return response; } catch (err) { - const Private = angularState.injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); + errorHandler(err); + throw err; } }; @@ -107,19 +85,16 @@ export const updateSetupModeData = async (uuid?: string, fetchWithoutClusterUuid }); } - angularState.scope.$evalAsync(() => { - Legacy.shims.toastNotifications.addDanger({ - title: i18n.translate('xpack.monitoring.setupMode.notAvailableTitle', { - defaultMessage: 'Setup mode is not available', - }), - text, - }); + Legacy.shims.toastNotifications.addDanger({ + title: i18n.translate('xpack.monitoring.setupMode.notAvailableTitle', { + defaultMessage: 'Setup mode is not available', + }), + text, }); return toggleSetupMode(false); } notifySetupModeDataChange(); - const globalState = angularState.injector.get('globalState'); const clusterUuid = globalState.cluster_uuid; if (!clusterUuid) { const liveClusterUuid: string = get(data, '_meta.liveClusterUuid'); @@ -142,31 +117,21 @@ export const showBottomBar = () => { }; export const disableElasticsearchInternalCollection = async () => { - checkAngularState(); - - const http = angularState.injector.get('$http'); - const globalState = angularState.injector.get('globalState'); const clusterUuid = globalState.cluster_uuid; const url = `../api/monitoring/v1/setup/collection/${clusterUuid}/disable_internal_collection`; try { - const response = await http.post(url); - return response.data; + const response = await httpService.post(url); + return response; } catch (err) { - const Private = angularState.injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); + errorHandler(err); + throw err; } }; export const toggleSetupMode = (inSetupMode: boolean) => { - if (isReactMigrationEnabled()) return setupModeReact.toggleSetupMode(inSetupMode); - - checkAngularState(); - - const globalState = angularState.injector.get('globalState'); setupModeState.enabled = inSetupMode; globalState.inSetupMode = inSetupMode; - globalState.save(); + globalState.save?.(); setSetupModeMenuItem(); notifySetupModeDataChange(); @@ -177,13 +142,10 @@ export const toggleSetupMode = (inSetupMode: boolean) => { }; export const setSetupModeMenuItem = () => { - checkAngularState(); - if (isOnPage('no-data')) { return; } - const globalState = angularState.injector.get('globalState'); const enabled = !globalState.inSetupMode; const I18nContext = Legacy.shims.I18nContext; @@ -197,23 +159,25 @@ export const setSetupModeMenuItem = () => { ); }; -export const addSetupModeCallback = (callback: () => void) => (setupModeState.callback = callback); - -export const initSetupModeState = async ($scope: any, $injector: any, callback?: () => void) => { - angularState.scope = $scope; - angularState.injector = $injector; +export const initSetupModeState = async ( + state: GlobalState, + http: HttpStart, + handleErrors: (error: IHttpFetchError) => void, + callback?: () => void +) => { + globalState = state; + httpService = http; + errorHandler = handleErrors; if (callback) { setupModeState.callback = callback; } - const globalState = $injector.get('globalState'); if (globalState.inSetupMode) { toggleSetupMode(true); } }; -export const isInSetupMode = (context?: ISetupModeContext) => { - if (isReactMigrationEnabled()) return setupModeReact.isInSetupMode(context); +export const isInSetupMode = (context?: ISetupModeContext, gState: GlobalState = globalState) => { if (context?.setupModeSupported === false) { return false; } @@ -221,20 +185,19 @@ export const isInSetupMode = (context?: ISetupModeContext) => { return true; } - const $injector = angularState.injector || Legacy.shims.getAngularInjector(); - const globalState = $injector.get('globalState'); - return globalState.inSetupMode; + return gState.inSetupMode; }; export const isSetupModeFeatureEnabled = (feature: SetupModeFeature) => { - if (isReactMigrationEnabled()) return setupModeReact.isSetupModeFeatureEnabled(feature); if (!setupModeState.enabled) { return false; } + if (feature === SetupModeFeature.MetricbeatMigration) { if (Legacy.shims.isCloud) { return false; } } + return true; }; diff --git a/x-pack/plugins/monitoring/public/plugin.ts b/x-pack/plugins/monitoring/public/plugin.ts index 82e49fec5a8d47a..f75b76871f58cb8 100644 --- a/x-pack/plugins/monitoring/public/plugin.ts +++ b/x-pack/plugins/monitoring/public/plugin.ts @@ -36,9 +36,6 @@ interface MonitoringSetupPluginDependencies { triggersActionsUi: TriggersAndActionsUIPublicPluginSetup; usageCollection: UsageCollectionSetup; } - -const HASH_CHANGE = 'hashchange'; - export class MonitoringPlugin implements Plugin @@ -88,7 +85,6 @@ export class MonitoringPlugin category: DEFAULT_APP_CATEGORIES.management, mount: async (params: AppMountParameters) => { const [coreStart, pluginsStart] = await core.getStartServices(); - const { AngularApp } = await import('./angular'); const externalConfig = this.getExternalConfig(); const deps: MonitoringStartPluginDependencies = { navigation: pluginsStart.navigation, @@ -118,26 +114,8 @@ export class MonitoringPlugin const config = Object.fromEntries(externalConfig); setConfig(config); - if (config.renderReactApp) { - const { renderApp } = await import('./application'); - return renderApp(coreStart, pluginsStart, params, config); - } else { - const monitoringApp = new AngularApp(deps); - const removeHistoryListener = params.history.listen((location) => { - if (location.pathname === '' && location.hash === '') { - monitoringApp.applyScope(); - } - }); - - const removeHashChange = this.setInitialTimefilter(deps); - return () => { - if (removeHashChange) { - removeHashChange(); - } - removeHistoryListener(); - monitoringApp.destroy(); - }; - } + const { renderApp } = await import('./application'); + return renderApp(coreStart, pluginsStart, params, config); }, }; @@ -148,28 +126,6 @@ export class MonitoringPlugin public stop() {} - private setInitialTimefilter({ data }: MonitoringStartPluginDependencies) { - const { timefilter } = data.query.timefilter; - const { pause: pauseByDefault } = timefilter.getRefreshIntervalDefaults(); - if (pauseByDefault) { - return; - } - /** - * We can't use timefilter.getRefreshIntervalUpdate$ last value, - * since it's not a BehaviorSubject. This means we need to wait for - * hash change because of angular's applyAsync - */ - const onHashChange = () => { - const { value, pause } = timefilter.getRefreshInterval(); - if (!value && pause) { - window.removeEventListener(HASH_CHANGE, onHashChange); - timefilter.setRefreshInterval({ value: 10000, pause: false }); - } - }; - window.addEventListener(HASH_CHANGE, onHashChange, false); - return () => window.removeEventListener(HASH_CHANGE, onHashChange); - } - private getExternalConfig() { const monitoring = this.initializerContext.config.get(); return [ diff --git a/x-pack/plugins/monitoring/public/services/breadcrumbs.js b/x-pack/plugins/monitoring/public/services/breadcrumbs.js deleted file mode 100644 index 54ff46f4bf0ab31..000000000000000 --- a/x-pack/plugins/monitoring/public/services/breadcrumbs.js +++ /dev/null @@ -1,214 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { Legacy } from '../legacy_shims'; -import { i18n } from '@kbn/i18n'; - -// Helper for making objects to use in a link element -const createCrumb = (url, label, testSubj, ignoreGlobalState = false) => { - const crumb = { url, label, ignoreGlobalState }; - if (testSubj) { - crumb.testSubj = testSubj; - } - return crumb; -}; - -// generate Elasticsearch breadcrumbs -function getElasticsearchBreadcrumbs(mainInstance) { - const breadcrumbs = []; - if (mainInstance.instance) { - breadcrumbs.push(createCrumb('#/elasticsearch', 'Elasticsearch')); - if (mainInstance.name === 'indices') { - breadcrumbs.push( - createCrumb( - '#/elasticsearch/indices', - i18n.translate('xpack.monitoring.breadcrumbs.es.indicesLabel', { - defaultMessage: 'Indices', - }), - 'breadcrumbEsIndices' - ) - ); - } else if (mainInstance.name === 'nodes') { - breadcrumbs.push( - createCrumb( - '#/elasticsearch/nodes', - i18n.translate('xpack.monitoring.breadcrumbs.es.nodesLabel', { defaultMessage: 'Nodes' }), - 'breadcrumbEsNodes' - ) - ); - } else if (mainInstance.name === 'ml') { - // ML Instance (for user later) - breadcrumbs.push( - createCrumb( - '#/elasticsearch/ml_jobs', - i18n.translate('xpack.monitoring.breadcrumbs.es.jobsLabel', { - defaultMessage: 'Machine learning jobs', - }) - ) - ); - } else if (mainInstance.name === 'ccr_shard') { - breadcrumbs.push( - createCrumb( - '#/elasticsearch/ccr', - i18n.translate('xpack.monitoring.breadcrumbs.es.ccrLabel', { defaultMessage: 'CCR' }) - ) - ); - } - breadcrumbs.push(createCrumb(null, mainInstance.instance)); - } else { - // don't link to Overview when we're possibly on Overview or its sibling tabs - breadcrumbs.push(createCrumb(null, 'Elasticsearch')); - } - return breadcrumbs; -} - -// generate Kibana breadcrumbs -function getKibanaBreadcrumbs(mainInstance) { - const breadcrumbs = []; - if (mainInstance.instance) { - breadcrumbs.push(createCrumb('#/kibana', 'Kibana')); - breadcrumbs.push( - createCrumb( - '#/kibana/instances', - i18n.translate('xpack.monitoring.breadcrumbs.kibana.instancesLabel', { - defaultMessage: 'Instances', - }) - ) - ); - breadcrumbs.push(createCrumb(null, mainInstance.instance)); - } else { - // don't link to Overview when we're possibly on Overview or its sibling tabs - breadcrumbs.push(createCrumb(null, 'Kibana')); - } - return breadcrumbs; -} - -// generate Logstash breadcrumbs -function getLogstashBreadcrumbs(mainInstance) { - const logstashLabel = i18n.translate('xpack.monitoring.breadcrumbs.logstashLabel', { - defaultMessage: 'Logstash', - }); - const breadcrumbs = []; - if (mainInstance.instance) { - breadcrumbs.push(createCrumb('#/logstash', logstashLabel)); - if (mainInstance.name === 'nodes') { - breadcrumbs.push( - createCrumb( - '#/logstash/nodes', - i18n.translate('xpack.monitoring.breadcrumbs.logstash.nodesLabel', { - defaultMessage: 'Nodes', - }) - ) - ); - } - breadcrumbs.push(createCrumb(null, mainInstance.instance)); - } else if (mainInstance.page === 'pipeline') { - breadcrumbs.push(createCrumb('#/logstash', logstashLabel)); - breadcrumbs.push( - createCrumb( - '#/logstash/pipelines', - i18n.translate('xpack.monitoring.breadcrumbs.logstash.pipelinesLabel', { - defaultMessage: 'Pipelines', - }) - ) - ); - } else { - // don't link to Overview when we're possibly on Overview or its sibling tabs - breadcrumbs.push(createCrumb(null, logstashLabel)); - } - - return breadcrumbs; -} - -// generate Beats breadcrumbs -function getBeatsBreadcrumbs(mainInstance) { - const beatsLabel = i18n.translate('xpack.monitoring.breadcrumbs.beatsLabel', { - defaultMessage: 'Beats', - }); - const breadcrumbs = []; - if (mainInstance.instance) { - breadcrumbs.push(createCrumb('#/beats', beatsLabel)); - breadcrumbs.push( - createCrumb( - '#/beats/beats', - i18n.translate('xpack.monitoring.breadcrumbs.beats.instancesLabel', { - defaultMessage: 'Instances', - }) - ) - ); - breadcrumbs.push(createCrumb(null, mainInstance.instance)); - } else { - breadcrumbs.push(createCrumb(null, beatsLabel)); - } - - return breadcrumbs; -} - -// generate Apm breadcrumbs -function getApmBreadcrumbs(mainInstance) { - const apmLabel = i18n.translate('xpack.monitoring.breadcrumbs.apmLabel', { - defaultMessage: 'APM server', - }); - const breadcrumbs = []; - if (mainInstance.instance) { - breadcrumbs.push(createCrumb('#/apm', apmLabel)); - breadcrumbs.push( - createCrumb( - '#/apm/instances', - i18n.translate('xpack.monitoring.breadcrumbs.apm.instancesLabel', { - defaultMessage: 'Instances', - }) - ) - ); - breadcrumbs.push(createCrumb(null, mainInstance.instance)); - } else { - // don't link to Overview when we're possibly on Overview or its sibling tabs - breadcrumbs.push(createCrumb(null, apmLabel)); - } - return breadcrumbs; -} - -export function breadcrumbsProvider() { - return function createBreadcrumbs(clusterName, mainInstance) { - const homeCrumb = i18n.translate('xpack.monitoring.breadcrumbs.clustersLabel', { - defaultMessage: 'Clusters', - }); - - let breadcrumbs = [createCrumb('#/home', homeCrumb, 'breadcrumbClusters', true)]; - - if (!mainInstance.inOverview && clusterName) { - breadcrumbs.push(createCrumb('#/overview', clusterName)); - } - - if (mainInstance.inElasticsearch) { - breadcrumbs = breadcrumbs.concat(getElasticsearchBreadcrumbs(mainInstance)); - } - if (mainInstance.inKibana) { - breadcrumbs = breadcrumbs.concat(getKibanaBreadcrumbs(mainInstance)); - } - if (mainInstance.inLogstash) { - breadcrumbs = breadcrumbs.concat(getLogstashBreadcrumbs(mainInstance)); - } - if (mainInstance.inBeats) { - breadcrumbs = breadcrumbs.concat(getBeatsBreadcrumbs(mainInstance)); - } - if (mainInstance.inApm) { - breadcrumbs = breadcrumbs.concat(getApmBreadcrumbs(mainInstance)); - } - - Legacy.shims.breadcrumbs.set( - breadcrumbs.map((b) => ({ - text: b.label, - href: b.url, - 'data-test-subj': b.testSubj, - ignoreGlobalState: b.ignoreGlobalState, - })) - ); - - return breadcrumbs; - }; -} diff --git a/x-pack/plugins/monitoring/public/services/breadcrumbs.test.js b/x-pack/plugins/monitoring/public/services/breadcrumbs.test.js deleted file mode 100644 index 0af5d59e54555ac..000000000000000 --- a/x-pack/plugins/monitoring/public/services/breadcrumbs.test.js +++ /dev/null @@ -1,166 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import expect from '@kbn/expect'; -import { breadcrumbsProvider } from './breadcrumbs'; -import { MonitoringMainController } from '../directives/main'; -import { Legacy } from '../legacy_shims'; - -describe('Monitoring Breadcrumbs Service', () => { - const core = { - notifications: {}, - application: {}, - i18n: {}, - chrome: {}, - }; - const data = { - query: { - timefilter: { - timefilter: { - isTimeRangeSelectorEnabled: () => true, - getTime: () => 1, - getRefreshInterval: () => 1, - }, - }, - }, - }; - const isCloud = false; - const triggersActionsUi = {}; - - beforeAll(() => { - Legacy.init({ - core, - data, - isCloud, - triggersActionsUi, - }); - }); - - it('in Cluster Alerts', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: {}, - breadcrumbsService: breadcrumbsProvider(), - attributes: { - name: 'alerts', - }, - }); - expect(controller.breadcrumbs).to.eql([ - { url: '#/home', label: 'Clusters', testSubj: 'breadcrumbClusters', ignoreGlobalState: true }, - { url: '#/overview', label: 'test-cluster-foo', ignoreGlobalState: false }, - ]); - }); - - it('in Cluster Overview', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: {}, - breadcrumbsService: breadcrumbsProvider(), - attributes: { - name: 'overview', - }, - }); - expect(controller.breadcrumbs).to.eql([ - { url: '#/home', label: 'Clusters', testSubj: 'breadcrumbClusters', ignoreGlobalState: true }, - ]); - }); - - it('in ES Node - Advanced', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: {}, - breadcrumbsService: breadcrumbsProvider(), - attributes: { - product: 'elasticsearch', - name: 'nodes', - instance: 'es-node-name-01', - resolver: 'es-node-resolver-01', - page: 'advanced', - tabIconClass: 'fa star', - tabIconLabel: 'Master Node', - }, - }); - expect(controller.breadcrumbs).to.eql([ - { url: '#/home', label: 'Clusters', testSubj: 'breadcrumbClusters', ignoreGlobalState: true }, - { url: '#/overview', label: 'test-cluster-foo', ignoreGlobalState: false }, - { url: '#/elasticsearch', label: 'Elasticsearch', ignoreGlobalState: false }, - { - url: '#/elasticsearch/nodes', - label: 'Nodes', - testSubj: 'breadcrumbEsNodes', - ignoreGlobalState: false, - }, - { url: null, label: 'es-node-name-01', ignoreGlobalState: false }, - ]); - }); - - it('in Kibana Overview', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: {}, - breadcrumbsService: breadcrumbsProvider(), - attributes: { - product: 'kibana', - name: 'overview', - }, - }); - expect(controller.breadcrumbs).to.eql([ - { url: '#/home', label: 'Clusters', testSubj: 'breadcrumbClusters', ignoreGlobalState: true }, - { url: '#/overview', label: 'test-cluster-foo', ignoreGlobalState: false }, - { url: null, label: 'Kibana', ignoreGlobalState: false }, - ]); - }); - - /** - * - */ - it('in Logstash Listing', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: {}, - breadcrumbsService: breadcrumbsProvider(), - attributes: { - product: 'logstash', - name: 'listing', - }, - }); - expect(controller.breadcrumbs).to.eql([ - { url: '#/home', label: 'Clusters', testSubj: 'breadcrumbClusters', ignoreGlobalState: true }, - { url: '#/overview', label: 'test-cluster-foo', ignoreGlobalState: false }, - { url: null, label: 'Logstash', ignoreGlobalState: false }, - ]); - }); - - /** - * - */ - it('in Logstash Pipeline Viewer', () => { - const controller = new MonitoringMainController(); - controller.setup({ - clusterName: 'test-cluster-foo', - licenseService: {}, - breadcrumbsService: breadcrumbsProvider(), - attributes: { - product: 'logstash', - page: 'pipeline', - pipelineId: 'main', - pipelineHash: '42ee890af9...', - }, - }); - expect(controller.breadcrumbs).to.eql([ - { url: '#/home', label: 'Clusters', testSubj: 'breadcrumbClusters', ignoreGlobalState: true }, - { url: '#/overview', label: 'test-cluster-foo', ignoreGlobalState: false }, - { url: '#/logstash', label: 'Logstash', ignoreGlobalState: false }, - { url: '#/logstash/pipelines', label: 'Pipelines', ignoreGlobalState: false }, - ]); - }); -}); diff --git a/x-pack/plugins/monitoring/public/services/clusters.js b/x-pack/plugins/monitoring/public/services/clusters.js deleted file mode 100644 index b19d0ea56765f30..000000000000000 --- a/x-pack/plugins/monitoring/public/services/clusters.js +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ajaxErrorHandlersProvider } from '../lib/ajax_error_handler'; -import { Legacy } from '../legacy_shims'; -import { STANDALONE_CLUSTER_CLUSTER_UUID } from '../../common/constants'; - -function formatClusters(clusters) { - return clusters.map(formatCluster); -} - -function formatCluster(cluster) { - if (cluster.cluster_uuid === STANDALONE_CLUSTER_CLUSTER_UUID) { - cluster.cluster_name = 'Standalone Cluster'; - } - return cluster; -} - -export function monitoringClustersProvider($injector) { - return async (clusterUuid, ccs, codePaths) => { - const { min, max } = Legacy.shims.timefilter.getBounds(); - - // append clusterUuid if the parameter is given - let url = '../api/monitoring/v1/clusters'; - if (clusterUuid) { - url += `/${clusterUuid}`; - } - - const $http = $injector.get('$http'); - - async function getClusters() { - try { - const response = await $http.post( - url, - { - ccs, - timeRange: { - min: min.toISOString(), - max: max.toISOString(), - }, - codePaths, - }, - { headers: { 'kbn-system-request': 'true' } } - ); - return formatClusters(response.data); - } catch (err) { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - } - } - - return await getClusters(); - }; -} diff --git a/x-pack/plugins/monitoring/public/services/enable_alerts_modal.js b/x-pack/plugins/monitoring/public/services/enable_alerts_modal.js deleted file mode 100644 index 438c5ab83f5e30e..000000000000000 --- a/x-pack/plugins/monitoring/public/services/enable_alerts_modal.js +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ -import { ajaxErrorHandlersProvider } from '../lib/ajax_error_handler'; -import { showAlertsToast } from '../alerts/lib/alerts_toast'; - -export function enableAlertsModalProvider($http, $window, $injector) { - function shouldShowAlertsModal(alerts) { - const modalHasBeenShown = $window.sessionStorage.getItem('ALERTS_MODAL_HAS_BEEN_SHOWN'); - const decisionMade = $window.localStorage.getItem('ALERTS_MODAL_DECISION_MADE'); - - if (Object.keys(alerts).length > 0) { - $window.localStorage.setItem('ALERTS_MODAL_DECISION_MADE', true); - return false; - } else if (!modalHasBeenShown && !decisionMade) { - return true; - } - - return false; - } - - async function enableAlerts() { - try { - const { data } = await $http.post('../api/monitoring/v1/alerts/enable', {}); - $window.localStorage.setItem('ALERTS_MODAL_DECISION_MADE', true); - showAlertsToast(data); - } catch (err) { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - } - } - - function notAskAgain() { - $window.localStorage.setItem('ALERTS_MODAL_DECISION_MADE', true); - } - - function hideModalForSession() { - $window.sessionStorage.setItem('ALERTS_MODAL_HAS_BEEN_SHOWN', true); - } - - return { - shouldShowAlertsModal, - enableAlerts, - notAskAgain, - hideModalForSession, - }; -} diff --git a/x-pack/plugins/monitoring/public/services/executor.js b/x-pack/plugins/monitoring/public/services/executor.js deleted file mode 100644 index 60b2c171eac320f..000000000000000 --- a/x-pack/plugins/monitoring/public/services/executor.js +++ /dev/null @@ -1,130 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { Legacy } from '../legacy_shims'; -import { subscribeWithScope } from '../angular/helpers/utils'; -import { Subscription } from 'rxjs'; - -export function executorProvider($timeout, $q) { - const queue = []; - const subscriptions = new Subscription(); - let executionTimer; - let ignorePaused = false; - - /** - * Resets the timer to start again - * @returns {void} - */ - function reset() { - cancel(); - start(); - } - - function killTimer() { - if (executionTimer) { - $timeout.cancel(executionTimer); - } - } - - /** - * Cancels the execution timer - * @returns {void} - */ - function cancel() { - killTimer(); - } - - /** - * Registers a service with the executor - * @param {object} service The service to register - * @returns {void} - */ - function register(service) { - queue.push(service); - } - - /** - * Stops the executor and empties the service queue - * @returns {void} - */ - function destroy() { - subscriptions.unsubscribe(); - cancel(); - ignorePaused = false; - queue.splice(0, queue.length); - } - - /** - * Runs the queue (all at once) - * @returns {Promise} a promise of all the services - */ - function run() { - const noop = () => $q.resolve(); - return $q - .all( - queue.map((service) => { - return service - .execute() - .then(service.handleResponse || noop) - .catch(service.handleError || noop); - }) - ) - .finally(reset); - } - - function reFetch() { - cancel(); - run(); - } - - function killIfPaused() { - if (Legacy.shims.timefilter.getRefreshInterval().pause) { - killTimer(); - } - } - - /** - * Starts the executor service if the timefilter is not paused - * @returns {void} - */ - function start() { - const timefilter = Legacy.shims.timefilter; - if ( - (ignorePaused || timefilter.getRefreshInterval().pause === false) && - timefilter.getRefreshInterval().value > 0 - ) { - executionTimer = $timeout(run, timefilter.getRefreshInterval().value); - } - } - - /** - * Expose the methods - */ - return { - register, - start($scope) { - $scope.$applyAsync(() => { - const timefilter = Legacy.shims.timefilter; - subscriptions.add( - subscribeWithScope($scope, timefilter.getFetch$(), { - next: reFetch, - }) - ); - subscriptions.add( - subscribeWithScope($scope, timefilter.getRefreshIntervalUpdate$(), { - next: killIfPaused, - }) - ); - start(); - }); - }, - run, - destroy, - reset, - cancel, - }; -} diff --git a/x-pack/plugins/monitoring/public/services/features.js b/x-pack/plugins/monitoring/public/services/features.js deleted file mode 100644 index 34564f79c924713..000000000000000 --- a/x-pack/plugins/monitoring/public/services/features.js +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { has, isUndefined } from 'lodash'; - -export function featuresProvider($window) { - function getData() { - let returnData = {}; - const monitoringData = $window.localStorage.getItem('xpack.monitoring.data'); - - try { - returnData = (monitoringData && JSON.parse(monitoringData)) || {}; - } catch (e) { - console.error('Monitoring UI: error parsing locally stored monitoring data', e); - } - - return returnData; - } - - function update(featureName, value) { - const monitoringDataObj = getData(); - monitoringDataObj[featureName] = value; - $window.localStorage.setItem('xpack.monitoring.data', JSON.stringify(monitoringDataObj)); - } - - function isEnabled(featureName, defaultSetting) { - const monitoringDataObj = getData(); - if (has(monitoringDataObj, featureName)) { - return monitoringDataObj[featureName]; - } - - if (isUndefined(defaultSetting)) { - return false; - } - - return defaultSetting; - } - - return { - isEnabled, - update, - }; -} diff --git a/x-pack/plugins/monitoring/public/services/license.js b/x-pack/plugins/monitoring/public/services/license.js deleted file mode 100644 index cab5ad01cf58aa1..000000000000000 --- a/x-pack/plugins/monitoring/public/services/license.js +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { includes } from 'lodash'; -import { ML_SUPPORTED_LICENSES } from '../../common/constants'; - -export function licenseProvider() { - return new (class LicenseService { - constructor() { - // do not initialize with usable state - this.license = { - type: null, - expiry_date_in_millis: -Infinity, - }; - } - - // we're required to call this initially - setLicense(license) { - this.license = license; - } - - isBasic() { - return this.license.type === 'basic'; - } - - mlIsSupported() { - return includes(ML_SUPPORTED_LICENSES, this.license.type); - } - - doesExpire() { - const { expiry_date_in_millis: expiryDateInMillis } = this.license; - return expiryDateInMillis !== undefined; - } - - isActive() { - const { expiry_date_in_millis: expiryDateInMillis } = this.license; - return new Date().getTime() < expiryDateInMillis; - } - - isExpired() { - if (this.doesExpire()) { - const { expiry_date_in_millis: expiryDateInMillis } = this.license; - return new Date().getTime() >= expiryDateInMillis; - } - return false; - } - })(); -} diff --git a/x-pack/plugins/monitoring/public/services/title.js b/x-pack/plugins/monitoring/public/services/title.js deleted file mode 100644 index e12d4936584fa24..000000000000000 --- a/x-pack/plugins/monitoring/public/services/title.js +++ /dev/null @@ -1,26 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { get } from 'lodash'; -import { i18n } from '@kbn/i18n'; -import { Legacy } from '../legacy_shims'; - -export function titleProvider($rootScope) { - return function changeTitle(cluster, suffix) { - let clusterName = get(cluster, 'cluster_name'); - clusterName = clusterName ? `- ${clusterName}` : ''; - suffix = suffix ? `- ${suffix}` : ''; - $rootScope.$applyAsync(() => { - Legacy.shims.docTitle.change( - i18n.translate('xpack.monitoring.stackMonitoringDocTitle', { - defaultMessage: 'Stack Monitoring {clusterName} {suffix}', - values: { clusterName, suffix }, - }) - ); - }); - }; -} diff --git a/x-pack/plugins/monitoring/public/views/access_denied/index.html b/x-pack/plugins/monitoring/public/views/access_denied/index.html deleted file mode 100644 index 24863559212f78d..000000000000000 --- a/x-pack/plugins/monitoring/public/views/access_denied/index.html +++ /dev/null @@ -1,44 +0,0 @@ -
-
-
- - -
- -
-
- -
- -
-
- - - -
-
-
-
-
diff --git a/x-pack/plugins/monitoring/public/views/access_denied/index.js b/x-pack/plugins/monitoring/public/views/access_denied/index.js deleted file mode 100644 index e52df61dd8966d9..000000000000000 --- a/x-pack/plugins/monitoring/public/views/access_denied/index.js +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { uiRoutes } from '../../angular/helpers/routes'; -import template from './index.html'; - -const tryPrivilege = ($http) => { - return $http - .get('../api/monitoring/v1/check_access') - .then(() => window.history.replaceState(null, null, '#/home')) - .catch(() => true); -}; - -uiRoutes.when('/access-denied', { - template, - resolve: { - /* - * The user may have been granted privileges in between leaving Monitoring - * and before coming back to Monitoring. That means, they just be on this - * page because Kibana remembers the "last app URL". We check for the - * privilege one time up front (doing it in the resolve makes it happen - * before the template renders), and then keep retrying every 5 seconds. - */ - initialCheck($http) { - return tryPrivilege($http); - }, - }, - controllerAs: 'accessDenied', - controller: function ($scope, $injector) { - const $http = $injector.get('$http'); - const $interval = $injector.get('$interval'); - - // The template's "Back to Kibana" button click handler - this.goToKibanaURL = '/app/home'; - - // keep trying to load data in the background - const accessPoller = $interval(() => tryPrivilege($http), 5 * 1000); // every 5 seconds - $scope.$on('$destroy', () => $interval.cancel(accessPoller)); - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/all.js b/x-pack/plugins/monitoring/public/views/all.js deleted file mode 100644 index 3af0c85d9568764..000000000000000 --- a/x-pack/plugins/monitoring/public/views/all.js +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import './no_data'; -import './access_denied'; -import './license'; -import './cluster/listing'; -import './cluster/overview'; -import './elasticsearch/overview'; -import './elasticsearch/indices'; -import './elasticsearch/index'; -import './elasticsearch/index/advanced'; -import './elasticsearch/nodes'; -import './elasticsearch/node'; -import './elasticsearch/node/advanced'; -import './elasticsearch/ccr'; -import './elasticsearch/ccr/shard'; -import './elasticsearch/ml_jobs'; -import './kibana/overview'; -import './kibana/instances'; -import './kibana/instance'; -import './logstash/overview'; -import './logstash/nodes'; -import './logstash/node'; -import './logstash/node/advanced'; -import './logstash/node/pipelines'; -import './logstash/pipelines'; -import './logstash/pipeline'; -import './beats/overview'; -import './beats/listing'; -import './beats/beat'; -import './apm/overview'; -import './apm/instances'; -import './apm/instance'; -import './loading'; diff --git a/x-pack/plugins/monitoring/public/views/apm/instance/index.html b/x-pack/plugins/monitoring/public/views/apm/instance/index.html deleted file mode 100644 index 79579990eb64951..000000000000000 --- a/x-pack/plugins/monitoring/public/views/apm/instance/index.html +++ /dev/null @@ -1,8 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/apm/instance/index.js b/x-pack/plugins/monitoring/public/views/apm/instance/index.js deleted file mode 100644 index 0d733036bb26620..000000000000000 --- a/x-pack/plugins/monitoring/public/views/apm/instance/index.js +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { find, get } from 'lodash'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import template from './index.html'; -import { MonitoringViewBaseController } from '../../base_controller'; -import { ApmServerInstance } from '../../../components/apm/instance'; -import { CODE_PATH_APM } from '../../../../common/constants'; - -uiRoutes.when('/apm/instances/:uuid', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_APM] }); - }, - }, - - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - const $route = $injector.get('$route'); - const title = $injector.get('title'); - const globalState = $injector.get('globalState'); - $scope.cluster = find($route.current.locals.clusters, { - cluster_uuid: globalState.cluster_uuid, - }); - super({ - title: i18n.translate('xpack.monitoring.apm.instance.routeTitle', { - defaultMessage: '{apm} - Instance', - values: { - apm: 'APM server', - }, - }), - telemetryPageViewTitle: 'apm_server_instance', - api: `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/apm/${$route.current.params.uuid}`, - defaultData: {}, - reactNodeId: 'apmInstanceReact', - $scope, - $injector, - }); - - $scope.$watch( - () => this.data, - (data) => { - this.setPageTitle( - i18n.translate('xpack.monitoring.apm.instance.pageTitle', { - defaultMessage: 'APM server instance: {instanceName}', - values: { - instanceName: get(data, 'apmSummary.name'), - }, - }) - ); - title($scope.cluster, `APM server - ${get(data, 'apmSummary.name')}`); - this.renderReact( - - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/apm/instances/index.html b/x-pack/plugins/monitoring/public/views/apm/instances/index.html deleted file mode 100644 index fd8029e277d786e..000000000000000 --- a/x-pack/plugins/monitoring/public/views/apm/instances/index.html +++ /dev/null @@ -1,7 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/apm/instances/index.js b/x-pack/plugins/monitoring/public/views/apm/instances/index.js deleted file mode 100644 index f9747ec176e864d..000000000000000 --- a/x-pack/plugins/monitoring/public/views/apm/instances/index.js +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { find } from 'lodash'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import template from './index.html'; -import { ApmServerInstances } from '../../../components/apm/instances'; -import { MonitoringViewBaseEuiTableController } from '../..'; -import { SetupModeRenderer } from '../../../components/renderers'; -import { SetupModeContext } from '../../../components/setup_mode/setup_mode_context'; -import { APM_SYSTEM_ID, CODE_PATH_APM } from '../../../../common/constants'; - -uiRoutes.when('/apm/instances', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_APM] }); - }, - }, - controller: class extends MonitoringViewBaseEuiTableController { - constructor($injector, $scope) { - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - $scope.cluster = find($route.current.locals.clusters, { - cluster_uuid: globalState.cluster_uuid, - }); - - super({ - title: i18n.translate('xpack.monitoring.apm.instances.routeTitle', { - defaultMessage: '{apm} - Instances', - values: { - apm: 'APM server', - }, - }), - pageTitle: i18n.translate('xpack.monitoring.apm.instances.pageTitle', { - defaultMessage: 'APM server instances', - }), - storageKey: 'apm.instances', - api: `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/apm/instances`, - defaultData: {}, - reactNodeId: 'apmInstancesReact', - $scope, - $injector, - }); - - this.scope = $scope; - this.injector = $injector; - this.onTableChangeRender = this.renderComponent; - - $scope.$watch( - () => this.data, - () => this.renderComponent() - ); - } - - renderComponent() { - const { pagination, sorting, onTableChange } = this; - - const component = ( - ( - - {flyoutComponent} - - {bottomBarComponent} - - )} - /> - ); - this.renderReact(component); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/apm/overview/index.html b/x-pack/plugins/monitoring/public/views/apm/overview/index.html deleted file mode 100644 index 0cf804e377476a9..000000000000000 --- a/x-pack/plugins/monitoring/public/views/apm/overview/index.html +++ /dev/null @@ -1,7 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/apm/overview/index.js b/x-pack/plugins/monitoring/public/views/apm/overview/index.js deleted file mode 100644 index bef17bf4a2fade1..000000000000000 --- a/x-pack/plugins/monitoring/public/views/apm/overview/index.js +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { find } from 'lodash'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import template from './index.html'; -import { MonitoringViewBaseController } from '../../base_controller'; -import { ApmOverview } from '../../../components/apm/overview'; -import { CODE_PATH_APM } from '../../../../common/constants'; - -uiRoutes.when('/apm', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_APM] }); - }, - }, - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - $scope.cluster = find($route.current.locals.clusters, { - cluster_uuid: globalState.cluster_uuid, - }); - - super({ - title: i18n.translate('xpack.monitoring.apm.overview.routeTitle', { - defaultMessage: 'APM server', - }), - pageTitle: i18n.translate('xpack.monitoring.apm.overview.pageTitle', { - defaultMessage: 'APM server overview', - }), - api: `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/apm`, - defaultData: {}, - reactNodeId: 'apmOverviewReact', - $scope, - $injector, - }); - - $scope.$watch( - () => this.data, - (data) => { - this.renderReact( - - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/base_controller.js b/x-pack/plugins/monitoring/public/views/base_controller.js deleted file mode 100644 index dd9898a6e195c27..000000000000000 --- a/x-pack/plugins/monitoring/public/views/base_controller.js +++ /dev/null @@ -1,271 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import moment from 'moment'; -import { render, unmountComponentAtNode } from 'react-dom'; -import { getPageData } from '../lib/get_page_data'; -import { PageLoading } from '../components'; -import { Legacy } from '../legacy_shims'; -import { PromiseWithCancel } from '../../common/cancel_promise'; -import { SetupModeFeature } from '../../common/enums'; -import { updateSetupModeData, isSetupModeFeatureEnabled } from '../lib/setup_mode'; -import { AlertsContext } from '../alerts/context'; -import { KibanaContextProvider } from '../../../../../src/plugins/kibana_react/public'; -import { AlertsDropdown } from '../alerts/alerts_dropdown'; -import { HeaderMenuPortal } from '../../../observability/public'; - -/** - * Given a timezone, this function will calculate the offset in milliseconds - * from UTC time. - * - * @param {string} timezone - */ -const getOffsetInMS = (timezone) => { - if (timezone === 'Browser') { - return 0; - } - const offsetInMinutes = moment.tz(timezone).utcOffset(); - const offsetInMS = offsetInMinutes * 1 * 60 * 1000; - return offsetInMS; -}; - -/** - * Class to manage common instantiation behaviors in a view controller - * - * This is expected to be extended, and behavior enabled using super(); - * - * Example: - * uiRoutes.when('/myRoute', { - * template: importedTemplate, - * controllerAs: 'myView', - * controller: class MyView extends MonitoringViewBaseController { - * constructor($injector, $scope) { - * super({ - * title: 'Hello World', - * api: '../api/v1/monitoring/foo/bar', - * defaultData, - * reactNodeId, - * $scope, - * $injector, - * options: { - * enableTimeFilter: false // this will have just the page auto-refresh control show - * } - * }); - * } - * } - * }); - */ -export class MonitoringViewBaseController { - /** - * Create a view controller - * @param {String} title - Title of the page - * @param {String} api - Back-end API endpoint to poll for getting the page - * data using POST and time range data in the body. Whenever possible, use - * this method for data polling rather than supply the getPageData param. - * @param {Function} apiUrlFn - Function that returns a string for the back-end - * API endpoint, in case the string has dynamic query parameters (e.g. - * show_system_indices) rather than supply the getPageData param. - * @param {Function} getPageData - (Optional) Function to fetch page data, if - * simply passing the API string isn't workable. - * @param {Object} defaultData - Initial model data to populate - * @param {String} reactNodeId - DOM element ID of the element for mounting - * the view's main React component - * @param {Service} $injector - Angular dependency injection service - * @param {Service} $scope - Angular view data binding service - * @param {Boolean} options.enableTimeFilter - Whether to show the time filter - * @param {Boolean} options.enableAutoRefresh - Whether to show the auto - * refresh control - */ - constructor({ - title = '', - pageTitle = '', - api = '', - apiUrlFn, - getPageData: _getPageData = getPageData, - defaultData, - reactNodeId = null, // WIP: https://github.com/elastic/x-pack-kibana/issues/5198 - $scope, - $injector, - options = {}, - alerts = { shouldFetch: false, options: {} }, - fetchDataImmediately = true, - telemetryPageViewTitle = '', - }) { - const titleService = $injector.get('title'); - const $executor = $injector.get('$executor'); - const $window = $injector.get('$window'); - const config = $injector.get('config'); - - titleService($scope.cluster, title); - - $scope.pageTitle = pageTitle; - this.setPageTitle = (title) => ($scope.pageTitle = title); - $scope.pageData = this.data = { ...defaultData }; - this._isDataInitialized = false; - this.reactNodeId = reactNodeId; - this.telemetryPageViewTitle = telemetryPageViewTitle || title; - - let deferTimer; - let zoomInLevel = 0; - - const popstateHandler = () => zoomInLevel > 0 && --zoomInLevel; - const removePopstateHandler = () => $window.removeEventListener('popstate', popstateHandler); - const addPopstateHandler = () => $window.addEventListener('popstate', popstateHandler); - - this.zoomInfo = { - zoomOutHandler: () => $window.history.back(), - showZoomOutBtn: () => zoomInLevel > 0, - }; - - const { enableTimeFilter = true, enableAutoRefresh = true } = options; - - async function fetchAlerts() { - const globalState = $injector.get('globalState'); - const bounds = Legacy.shims.timefilter.getBounds(); - const min = bounds.min?.valueOf(); - const max = bounds.max?.valueOf(); - const options = alerts.options || {}; - try { - return await Legacy.shims.http.post( - `/api/monitoring/v1/alert/${globalState.cluster_uuid}/status`, - { - body: JSON.stringify({ - alertTypeIds: options.alertTypeIds, - filters: options.filters, - timeRange: { - min, - max, - }, - }), - } - ); - } catch (err) { - Legacy.shims.toastNotifications.addDanger({ - title: 'Error fetching alert status', - text: err.message, - }); - } - } - - this.updateData = () => { - if (this.updateDataPromise) { - // Do not sent another request if one is inflight - // See https://github.com/elastic/kibana/issues/24082 - this.updateDataPromise.cancel(); - this.updateDataPromise = null; - } - const _api = apiUrlFn ? apiUrlFn() : api; - const promises = [_getPageData($injector, _api, this.getPaginationRouteOptions())]; - if (alerts.shouldFetch) { - promises.push(fetchAlerts()); - } - if (isSetupModeFeatureEnabled(SetupModeFeature.MetricbeatMigration)) { - promises.push(updateSetupModeData()); - } - this.updateDataPromise = new PromiseWithCancel(Promise.allSettled(promises)); - return this.updateDataPromise.promise().then(([pageData, alerts]) => { - $scope.$apply(() => { - this._isDataInitialized = true; // render will replace loading screen with the react component - $scope.pageData = this.data = pageData.value; // update the view's data with the fetch result - $scope.alerts = this.alerts = alerts && alerts.value ? alerts.value : {}; - }); - }); - }; - - $scope.$applyAsync(() => { - const timefilter = Legacy.shims.timefilter; - - if (enableTimeFilter === false) { - timefilter.disableTimeRangeSelector(); - } else { - timefilter.enableTimeRangeSelector(); - } - - if (enableAutoRefresh === false) { - timefilter.disableAutoRefreshSelector(); - } else { - timefilter.enableAutoRefreshSelector(); - } - - // needed for chart pages - this.onBrush = ({ xaxis }) => { - removePopstateHandler(); - const { to, from } = xaxis; - const timezone = config.get('dateFormat:tz'); - const offset = getOffsetInMS(timezone); - timefilter.setTime({ - from: moment(from - offset), - to: moment(to - offset), - mode: 'absolute', - }); - $executor.cancel(); - $executor.run(); - ++zoomInLevel; - clearTimeout(deferTimer); - /* - Needed to defer 'popstate' event, so it does not fire immediately after it's added. - 10ms is to make sure the event is not added with the same code digest - */ - deferTimer = setTimeout(() => addPopstateHandler(), 10); - }; - - // Render loading state - this.renderReact(null, true); - fetchDataImmediately && this.updateData(); - }); - - $executor.register({ - execute: () => this.updateData(), - }); - $executor.start($scope); - $scope.$on('$destroy', () => { - clearTimeout(deferTimer); - removePopstateHandler(); - const targetElement = document.getElementById(this.reactNodeId); - if (targetElement) { - // WIP https://github.com/elastic/x-pack-kibana/issues/5198 - unmountComponentAtNode(targetElement); - } - $executor.destroy(); - }); - - this.setTitle = (title) => titleService($scope.cluster, title); - } - - renderReact(component, trackPageView = false) { - const renderElement = document.getElementById(this.reactNodeId); - if (!renderElement) { - console.warn(`"#${this.reactNodeId}" element has not been added to the DOM yet`); - return; - } - const I18nContext = Legacy.shims.I18nContext; - const wrappedComponent = ( - - - - - - - {!this._isDataInitialized ? ( - - ) : ( - component - )} - - - - ); - render(wrappedComponent, renderElement); - } - - getPaginationRouteOptions() { - return {}; - } -} diff --git a/x-pack/plugins/monitoring/public/views/base_eui_table_controller.js b/x-pack/plugins/monitoring/public/views/base_eui_table_controller.js deleted file mode 100644 index 0520ce3f10de555..000000000000000 --- a/x-pack/plugins/monitoring/public/views/base_eui_table_controller.js +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { MonitoringViewBaseController } from './'; -import { euiTableStorageGetter, euiTableStorageSetter } from '../components/table'; -import { EUI_SORT_ASCENDING } from '../../common/constants'; - -const PAGE_SIZE_OPTIONS = [5, 10, 20, 50]; - -/** - * Class to manage common instantiation behaviors in a view controller - * And add persistent state to a table: - * - page index: in table pagination, which page are we looking at - * - filter text: what filter was entered in the table's filter bar - * - sortKey: which column field of table data is used for sorting - * - sortOrder: is sorting ordered ascending or descending - * - * This is expected to be extended, and behavior enabled using super(); - */ -export class MonitoringViewBaseEuiTableController extends MonitoringViewBaseController { - /** - * Create a table view controller - * - used by parent class: - * @param {String} title - Title of the page - * @param {Function} getPageData - Function to fetch page data - * @param {Service} $injector - Angular dependency injection service - * @param {Service} $scope - Angular view data binding service - * @param {Boolean} options.enableTimeFilter - Whether to show the time filter - * @param {Boolean} options.enableAutoRefresh - Whether to show the auto refresh control - * - specific to this class: - * @param {String} storageKey - the namespace that will be used to keep the state data in the Monitoring localStorage object - * - */ - constructor(args) { - super(args); - const { storageKey, $injector } = args; - const storage = $injector.get('localStorage'); - - const getLocalStorageData = euiTableStorageGetter(storageKey); - const setLocalStorageData = euiTableStorageSetter(storageKey); - const { page, sort } = getLocalStorageData(storage); - - this.pagination = { - pageSize: 20, - initialPageSize: 20, - pageIndex: 0, - initialPageIndex: 0, - pageSizeOptions: PAGE_SIZE_OPTIONS, - }; - - if (page) { - if (!PAGE_SIZE_OPTIONS.includes(page.size)) { - page.size = 20; - } - this.setPagination(page); - } - - this.setSorting(sort); - - this.onTableChange = ({ page, sort }) => { - this.setPagination(page); - this.setSorting({ sort }); - setLocalStorageData(storage, { - page, - sort: { - sort, - }, - }); - if (this.onTableChangeRender) { - this.onTableChangeRender(); - } - }; - - // For pages where we do not fetch immediately, we want to fetch after pagination is applied - args.fetchDataImmediately === false && this.updateData(); - } - - setPagination(page) { - this.pagination = { - initialPageSize: page.size, - pageSize: page.size, - initialPageIndex: page.index, - pageIndex: page.index, - pageSizeOptions: PAGE_SIZE_OPTIONS, - }; - } - - setSorting(sort) { - this.sorting = sort || { sort: {} }; - - if (!this.sorting.sort.field) { - this.sorting.sort.field = 'name'; - } - if (!this.sorting.sort.direction) { - this.sorting.sort.direction = EUI_SORT_ASCENDING; - } - } - - setQueryText(queryText) { - this.queryText = queryText; - } - - getPaginationRouteOptions() { - if (!this.pagination || !this.sorting) { - return {}; - } - - return { - pagination: { - size: this.pagination.pageSize, - index: this.pagination.pageIndex, - }, - ...this.sorting, - queryText: this.queryText, - }; - } - - getPaginationTableProps(pagination) { - return { - sorting: this.sorting, - pagination: pagination, - onTableChange: this.onTableChange, - fetchMoreData: async ({ page, sort, queryText }) => { - this.setPagination(page); - this.setSorting(sort); - this.setQueryText(queryText); - await this.updateData(); - }, - }; - } -} diff --git a/x-pack/plugins/monitoring/public/views/base_table_controller.js b/x-pack/plugins/monitoring/public/views/base_table_controller.js deleted file mode 100644 index a066a91e48c8ba2..000000000000000 --- a/x-pack/plugins/monitoring/public/views/base_table_controller.js +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { MonitoringViewBaseController } from './'; -import { tableStorageGetter, tableStorageSetter } from '../components/table'; - -/** - * Class to manage common instantiation behaviors in a view controller - * And add persistent state to a table: - * - page index: in table pagination, which page are we looking at - * - filter text: what filter was entered in the table's filter bar - * - sortKey: which column field of table data is used for sorting - * - sortOrder: is sorting ordered ascending or descending - * - * This is expected to be extended, and behavior enabled using super(); - */ -export class MonitoringViewBaseTableController extends MonitoringViewBaseController { - /** - * Create a table view controller - * - used by parent class: - * @param {String} title - Title of the page - * @param {Function} getPageData - Function to fetch page data - * @param {Service} $injector - Angular dependency injection service - * @param {Service} $scope - Angular view data binding service - * @param {Boolean} options.enableTimeFilter - Whether to show the time filter - * @param {Boolean} options.enableAutoRefresh - Whether to show the auto refresh control - * - specific to this class: - * @param {String} storageKey - the namespace that will be used to keep the state data in the Monitoring localStorage object - * - */ - constructor(args) { - super(args); - const { storageKey, $injector } = args; - const storage = $injector.get('localStorage'); - - const getLocalStorageData = tableStorageGetter(storageKey); - const setLocalStorageData = tableStorageSetter(storageKey); - const { pageIndex, filterText, sortKey, sortOrder } = getLocalStorageData(storage); - - this.pageIndex = pageIndex; - this.filterText = filterText; - this.sortKey = sortKey; - this.sortOrder = sortOrder; - - this.onNewState = (newState) => { - setLocalStorageData(storage, newState); - }; - } -} diff --git a/x-pack/plugins/monitoring/public/views/beats/beat/get_page_data.js b/x-pack/plugins/monitoring/public/views/beats/beat/get_page_data.js deleted file mode 100644 index 7f87fa413d8ca9c..000000000000000 --- a/x-pack/plugins/monitoring/public/views/beats/beat/get_page_data.js +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { Legacy } from '../../../legacy_shims'; - -export function getPageData($injector) { - const $http = $injector.get('$http'); - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/beats/beat/${$route.current.params.beatUuid}`; - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} diff --git a/x-pack/plugins/monitoring/public/views/beats/beat/index.html b/x-pack/plugins/monitoring/public/views/beats/beat/index.html deleted file mode 100644 index 6ae727e31cbeb3a..000000000000000 --- a/x-pack/plugins/monitoring/public/views/beats/beat/index.html +++ /dev/null @@ -1,11 +0,0 @@ - -
- - diff --git a/x-pack/plugins/monitoring/public/views/beats/beat/index.js b/x-pack/plugins/monitoring/public/views/beats/beat/index.js deleted file mode 100644 index f1a171a19cd89aa..000000000000000 --- a/x-pack/plugins/monitoring/public/views/beats/beat/index.js +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { find } from 'lodash'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import { MonitoringViewBaseController } from '../../'; -import { getPageData } from './get_page_data'; -import template from './index.html'; -import { CODE_PATH_BEATS } from '../../../../common/constants'; -import { Beat } from '../../../components/beats/beat'; - -uiRoutes.when('/beats/beat/:beatUuid', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_BEATS] }); - }, - pageData: getPageData, - }, - controllerAs: 'beat', - controller: class BeatDetail extends MonitoringViewBaseController { - constructor($injector, $scope) { - // breadcrumbs + page title - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - $scope.cluster = find($route.current.locals.clusters, { - cluster_uuid: globalState.cluster_uuid, - }); - - const pageData = $route.current.locals.pageData; - super({ - title: i18n.translate('xpack.monitoring.beats.instance.routeTitle', { - defaultMessage: 'Beats - {instanceName} - Overview', - values: { - instanceName: pageData.summary.name, - }, - }), - pageTitle: i18n.translate('xpack.monitoring.beats.instance.pageTitle', { - defaultMessage: 'Beat instance: {beatName}', - values: { - beatName: pageData.summary.name, - }, - }), - telemetryPageViewTitle: 'beats_instance', - getPageData, - $scope, - $injector, - reactNodeId: 'monitoringBeatsInstanceApp', - }); - - this.data = pageData; - $scope.$watch( - () => this.data, - (data) => { - this.renderReact( - - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/beats/listing/get_page_data.js b/x-pack/plugins/monitoring/public/views/beats/listing/get_page_data.js deleted file mode 100644 index 99366f05f3ad442..000000000000000 --- a/x-pack/plugins/monitoring/public/views/beats/listing/get_page_data.js +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { Legacy } from '../../../legacy_shims'; - -export function getPageData($injector) { - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const timeBounds = Legacy.shims.timefilter.getBounds(); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/beats/beats`; - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} diff --git a/x-pack/plugins/monitoring/public/views/beats/listing/index.html b/x-pack/plugins/monitoring/public/views/beats/listing/index.html deleted file mode 100644 index 0ce66a6848dfd2c..000000000000000 --- a/x-pack/plugins/monitoring/public/views/beats/listing/index.html +++ /dev/null @@ -1,7 +0,0 @@ - -
- \ No newline at end of file diff --git a/x-pack/plugins/monitoring/public/views/beats/listing/index.js b/x-pack/plugins/monitoring/public/views/beats/listing/index.js deleted file mode 100644 index eae74d8a08b9e13..000000000000000 --- a/x-pack/plugins/monitoring/public/views/beats/listing/index.js +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { find } from 'lodash'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import { MonitoringViewBaseEuiTableController } from '../../'; -import { getPageData } from './get_page_data'; -import template from './index.html'; -import React from 'react'; -import { Listing } from '../../../components/beats/listing/listing'; -import { SetupModeRenderer } from '../../../components/renderers'; -import { SetupModeContext } from '../../../components/setup_mode/setup_mode_context'; -import { CODE_PATH_BEATS, BEATS_SYSTEM_ID } from '../../../../common/constants'; - -uiRoutes.when('/beats/beats', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_BEATS] }); - }, - pageData: getPageData, - }, - controllerAs: 'beats', - controller: class BeatsListing extends MonitoringViewBaseEuiTableController { - constructor($injector, $scope) { - // breadcrumbs + page title - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - $scope.cluster = find($route.current.locals.clusters, { - cluster_uuid: globalState.cluster_uuid, - }); - - super({ - title: i18n.translate('xpack.monitoring.beats.routeTitle', { defaultMessage: 'Beats' }), - pageTitle: i18n.translate('xpack.monitoring.beats.listing.pageTitle', { - defaultMessage: 'Beats listing', - }), - telemetryPageViewTitle: 'beats_listing', - storageKey: 'beats.beats', - getPageData, - reactNodeId: 'monitoringBeatsInstancesApp', - $scope, - $injector, - }); - - this.data = $route.current.locals.pageData; - this.scope = $scope; - this.injector = $injector; - this.onTableChangeRender = this.renderComponent; - - $scope.$watch( - () => this.data, - () => this.renderComponent() - ); - } - - renderComponent() { - const { sorting, pagination, onTableChange } = this.scope.beats; - this.renderReact( - ( - - {flyoutComponent} - - {bottomBarComponent} - - )} - /> - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/beats/overview/get_page_data.js b/x-pack/plugins/monitoring/public/views/beats/overview/get_page_data.js deleted file mode 100644 index 497ed8cdb0e74b3..000000000000000 --- a/x-pack/plugins/monitoring/public/views/beats/overview/get_page_data.js +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { Legacy } from '../../../legacy_shims'; - -export function getPageData($injector) { - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const timeBounds = Legacy.shims.timefilter.getBounds(); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/beats`; - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} diff --git a/x-pack/plugins/monitoring/public/views/beats/overview/index.html b/x-pack/plugins/monitoring/public/views/beats/overview/index.html deleted file mode 100644 index 0b827c96f68fd31..000000000000000 --- a/x-pack/plugins/monitoring/public/views/beats/overview/index.html +++ /dev/null @@ -1,7 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/beats/overview/index.js b/x-pack/plugins/monitoring/public/views/beats/overview/index.js deleted file mode 100644 index 475a63d440c76cf..000000000000000 --- a/x-pack/plugins/monitoring/public/views/beats/overview/index.js +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { find } from 'lodash'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import { MonitoringViewBaseController } from '../../'; -import { getPageData } from './get_page_data'; -import template from './index.html'; -import { CODE_PATH_BEATS } from '../../../../common/constants'; -import { BeatsOverview } from '../../../components/beats/overview'; - -uiRoutes.when('/beats', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_BEATS] }); - }, - pageData: getPageData, - }, - controllerAs: 'beats', - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - // breadcrumbs + page title - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - $scope.cluster = find($route.current.locals.clusters, { - cluster_uuid: globalState.cluster_uuid, - }); - - super({ - title: i18n.translate('xpack.monitoring.beats.overview.routeTitle', { - defaultMessage: 'Beats - Overview', - }), - pageTitle: i18n.translate('xpack.monitoring.beats.overview.pageTitle', { - defaultMessage: 'Beats overview', - }), - getPageData, - $scope, - $injector, - reactNodeId: 'monitoringBeatsOverviewApp', - }); - - this.data = $route.current.locals.pageData; - $scope.$watch( - () => this.data, - (data) => { - this.renderReact( - - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/cluster/listing/index.html b/x-pack/plugins/monitoring/public/views/cluster/listing/index.html deleted file mode 100644 index 713ca8fb1ffc9d7..000000000000000 --- a/x-pack/plugins/monitoring/public/views/cluster/listing/index.html +++ /dev/null @@ -1,3 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/cluster/listing/index.js b/x-pack/plugins/monitoring/public/views/cluster/listing/index.js deleted file mode 100644 index 8b365292aeb1396..000000000000000 --- a/x-pack/plugins/monitoring/public/views/cluster/listing/index.js +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import { MonitoringViewBaseEuiTableController } from '../../'; -import template from './index.html'; -import { Listing } from '../../../components/cluster/listing'; -import { CODE_PATH_ALL } from '../../../../common/constants'; -import { EnableAlertsModal } from '../../../alerts/enable_alerts_modal.tsx'; - -const CODE_PATHS = [CODE_PATH_ALL]; - -const getPageData = ($injector) => { - const monitoringClusters = $injector.get('monitoringClusters'); - return monitoringClusters(undefined, undefined, CODE_PATHS); -}; - -const getAlerts = (clusters) => { - return clusters.reduce((alerts, cluster) => ({ ...alerts, ...cluster.alerts.list }), {}); -}; - -uiRoutes - .when('/home', { - template, - resolve: { - clusters: (Private) => { - const routeInit = Private(routeInitProvider); - return routeInit({ - codePaths: CODE_PATHS, - fetchAllClusters: true, - unsetGlobalState: true, - }).then((clusters) => { - if (!clusters || !clusters.length) { - window.location.hash = '#/no-data'; - return Promise.reject(); - } - if (clusters.length === 1) { - // Bypass the cluster listing if there is just 1 cluster - window.history.replaceState(null, null, '#/overview'); - return Promise.reject(); - } - return clusters; - }); - }, - }, - controllerAs: 'clusters', - controller: class ClustersList extends MonitoringViewBaseEuiTableController { - constructor($injector, $scope) { - super({ - storageKey: 'clusters', - pageTitle: i18n.translate('xpack.monitoring.cluster.listing.pageTitle', { - defaultMessage: 'Cluster listing', - }), - getPageData, - $scope, - $injector, - reactNodeId: 'monitoringClusterListingApp', - telemetryPageViewTitle: 'cluster_listing', - }); - - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - const storage = $injector.get('localStorage'); - const showLicenseExpiration = $injector.get('showLicenseExpiration'); - - this.data = $route.current.locals.clusters; - - $scope.$watch( - () => this.data, - (data) => { - this.renderReact( - <> - - - - ); - } - ); - } - }, - }) - .otherwise({ redirectTo: '/loading' }); diff --git a/x-pack/plugins/monitoring/public/views/cluster/overview/index.html b/x-pack/plugins/monitoring/public/views/cluster/overview/index.html deleted file mode 100644 index 1762ee1c2a28233..000000000000000 --- a/x-pack/plugins/monitoring/public/views/cluster/overview/index.html +++ /dev/null @@ -1,3 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/cluster/overview/index.js b/x-pack/plugins/monitoring/public/views/cluster/overview/index.js deleted file mode 100644 index 20e694ad8548f0f..000000000000000 --- a/x-pack/plugins/monitoring/public/views/cluster/overview/index.js +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { isEmpty } from 'lodash'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import template from './index.html'; -import { MonitoringViewBaseController } from '../../'; -import { Overview } from '../../../components/cluster/overview'; -import { SetupModeRenderer } from '../../../components/renderers'; -import { SetupModeContext } from '../../../components/setup_mode/setup_mode_context'; -import { CODE_PATH_ALL } from '../../../../common/constants'; -import { EnableAlertsModal } from '../../../alerts/enable_alerts_modal.tsx'; - -const CODE_PATHS = [CODE_PATH_ALL]; - -uiRoutes.when('/overview', { - template, - resolve: { - clusters(Private) { - // checks license info of all monitored clusters for multi-cluster monitoring usage and capability - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: CODE_PATHS }); - }, - }, - controllerAs: 'monitoringClusterOverview', - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - const monitoringClusters = $injector.get('monitoringClusters'); - const globalState = $injector.get('globalState'); - const showLicenseExpiration = $injector.get('showLicenseExpiration'); - - super({ - title: i18n.translate('xpack.monitoring.cluster.overviewTitle', { - defaultMessage: 'Overview', - }), - pageTitle: i18n.translate('xpack.monitoring.cluster.overview.pageTitle', { - defaultMessage: 'Cluster overview', - }), - defaultData: {}, - getPageData: async () => { - const clusters = await monitoringClusters( - globalState.cluster_uuid, - globalState.ccs, - CODE_PATHS - ); - return clusters[0]; - }, - reactNodeId: 'monitoringClusterOverviewApp', - $scope, - $injector, - alerts: { - shouldFetch: true, - }, - telemetryPageViewTitle: 'cluster_overview', - }); - - this.init = () => this.renderReact(null); - - $scope.$watch( - () => this.data, - async (data) => { - if (isEmpty(data)) { - return; - } - - this.renderReact( - ( - - {flyoutComponent} - - - {bottomBarComponent} - - )} - /> - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/get_page_data.js b/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/get_page_data.js deleted file mode 100644 index 4f450389863329b..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/get_page_data.js +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { Legacy } from '../../../legacy_shims'; - -export function getPageData($injector) { - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const timeBounds = Legacy.shims.timefilter.getBounds(); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/elasticsearch/ccr`; - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/index.html b/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/index.html deleted file mode 100644 index ca0b036ae39e123..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/index.html +++ /dev/null @@ -1,7 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/index.js b/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/index.js deleted file mode 100644 index 91cc9c8782b22df..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/index.js +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { getPageData } from './get_page_data'; -import { routeInitProvider } from '../../../lib/route_init'; -import template from './index.html'; -import { Ccr } from '../../../components/elasticsearch/ccr'; -import { MonitoringViewBaseController } from '../../base_controller'; -import { - CODE_PATH_ELASTICSEARCH, - RULE_CCR_READ_EXCEPTIONS, - ELASTICSEARCH_SYSTEM_ID, -} from '../../../../common/constants'; -import { SetupModeRenderer } from '../../../components/renderers'; -import { SetupModeContext } from '../../../components/setup_mode/setup_mode_context'; - -uiRoutes.when('/elasticsearch/ccr', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_ELASTICSEARCH] }); - }, - pageData: getPageData, - }, - controllerAs: 'elasticsearchCcr', - controller: class ElasticsearchCcrController extends MonitoringViewBaseController { - constructor($injector, $scope) { - super({ - title: i18n.translate('xpack.monitoring.elasticsearch.ccr.routeTitle', { - defaultMessage: 'Elasticsearch - Ccr', - }), - pageTitle: i18n.translate('xpack.monitoring.elasticsearch.ccr.pageTitle', { - defaultMessage: 'Elasticsearch Ccr', - }), - reactNodeId: 'elasticsearchCcrReact', - getPageData, - $scope, - $injector, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [RULE_CCR_READ_EXCEPTIONS], - }, - }, - }); - - $scope.$watch( - () => this.data, - (data) => { - if (!data) { - return; - } - this.renderReact( - ( - - {flyoutComponent} - - {bottomBarComponent} - - )} - /> - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/shard/get_page_data.js b/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/shard/get_page_data.js deleted file mode 100644 index ca1aad39e3610d7..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/shard/get_page_data.js +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ajaxErrorHandlersProvider } from '../../../../lib/ajax_error_handler'; -import { Legacy } from '../../../../legacy_shims'; - -export function getPageData($injector) { - const $http = $injector.get('$http'); - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - const timeBounds = Legacy.shims.timefilter.getBounds(); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/elasticsearch/ccr/${$route.current.params.index}/shard/${$route.current.params.shardId}`; - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/shard/index.html b/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/shard/index.html deleted file mode 100644 index 76469e5d9add50d..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/shard/index.html +++ /dev/null @@ -1,8 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/shard/index.js b/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/shard/index.js deleted file mode 100644 index 767fb18685633bd..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/ccr/shard/index.js +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { get } from 'lodash'; -import { uiRoutes } from '../../../../angular/helpers/routes'; -import { getPageData } from './get_page_data'; -import { routeInitProvider } from '../../../../lib/route_init'; -import template from './index.html'; -import { MonitoringViewBaseController } from '../../../base_controller'; -import { CcrShard } from '../../../../components/elasticsearch/ccr_shard'; -import { - CODE_PATH_ELASTICSEARCH, - RULE_CCR_READ_EXCEPTIONS, - ELASTICSEARCH_SYSTEM_ID, -} from '../../../../../common/constants'; -import { SetupModeRenderer } from '../../../../components/renderers'; -import { SetupModeContext } from '../../../../components/setup_mode/setup_mode_context'; - -uiRoutes.when('/elasticsearch/ccr/:index/shard/:shardId', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_ELASTICSEARCH] }); - }, - pageData: getPageData, - }, - controllerAs: 'elasticsearchCcr', - controller: class ElasticsearchCcrController extends MonitoringViewBaseController { - constructor($injector, $scope, pageData) { - const $route = $injector.get('$route'); - super({ - title: i18n.translate('xpack.monitoring.elasticsearch.ccr.shard.routeTitle', { - defaultMessage: 'Elasticsearch - Ccr - Shard', - }), - reactNodeId: 'elasticsearchCcrShardReact', - getPageData, - $scope, - $injector, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [RULE_CCR_READ_EXCEPTIONS], - filters: [ - { - shardId: $route.current.pathParams.shardId, - }, - ], - }, - }, - }); - - $scope.instance = i18n.translate('xpack.monitoring.elasticsearch.ccr.shard.instanceTitle', { - defaultMessage: 'Index: {followerIndex} Shard: {shardId}', - values: { - followerIndex: get(pageData, 'stat.follower_index'), - shardId: get(pageData, 'stat.shard_id'), - }, - }); - - $scope.$watch( - () => this.data, - (data) => { - if (!data) { - return; - } - - this.setPageTitle( - i18n.translate('xpack.monitoring.elasticsearch.ccr.shard.pageTitle', { - defaultMessage: 'Elasticsearch Ccr Shard - Index: {followerIndex} Shard: {shardId}', - values: { - followerIndex: get( - pageData, - 'stat.follower.index', - get(pageData, 'stat.follower_index') - ), - shardId: get( - pageData, - 'stat.follower.shard.number', - get(pageData, 'stat.shard_id') - ), - }, - }) - ); - - this.renderReact( - ( - - {flyoutComponent} - - {bottomBarComponent} - - )} - /> - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/index/advanced/index.html b/x-pack/plugins/monitoring/public/views/elasticsearch/index/advanced/index.html deleted file mode 100644 index 159376148d17345..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/index/advanced/index.html +++ /dev/null @@ -1,8 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/index/advanced/index.js b/x-pack/plugins/monitoring/public/views/elasticsearch/index/advanced/index.js deleted file mode 100644 index 927652795161260..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/index/advanced/index.js +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/** - * Controller for Advanced Index Detail - */ -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../../angular/helpers/routes'; -import { ajaxErrorHandlersProvider } from '../../../../lib/ajax_error_handler'; -import { routeInitProvider } from '../../../../lib/route_init'; -import template from './index.html'; -import { Legacy } from '../../../../legacy_shims'; -import { AdvancedIndex } from '../../../../components/elasticsearch/index/advanced'; -import { MonitoringViewBaseController } from '../../../base_controller'; -import { - CODE_PATH_ELASTICSEARCH, - RULE_LARGE_SHARD_SIZE, - ELASTICSEARCH_SYSTEM_ID, -} from '../../../../../common/constants'; -import { SetupModeContext } from '../../../../components/setup_mode/setup_mode_context'; -import { SetupModeRenderer } from '../../../../components/renderers'; - -function getPageData($injector) { - const globalState = $injector.get('globalState'); - const $route = $injector.get('$route'); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/elasticsearch/indices/${$route.current.params.index}`; - const $http = $injector.get('$http'); - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - is_advanced: true, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} - -uiRoutes.when('/elasticsearch/indices/:index/advanced', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_ELASTICSEARCH] }); - }, - pageData: getPageData, - }, - controllerAs: 'monitoringElasticsearchAdvancedIndexApp', - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - const $route = $injector.get('$route'); - const indexName = $route.current.params.index; - - super({ - title: i18n.translate('xpack.monitoring.elasticsearch.indices.advanced.routeTitle', { - defaultMessage: 'Elasticsearch - Indices - {indexName} - Advanced', - values: { - indexName, - }, - }), - telemetryPageViewTitle: 'elasticsearch_index_advanced', - defaultData: {}, - getPageData, - reactNodeId: 'monitoringElasticsearchAdvancedIndexApp', - $scope, - $injector, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [RULE_LARGE_SHARD_SIZE], - filters: [ - { - shardIndex: $route.current.pathParams.index, - }, - ], - }, - }, - }); - - this.indexName = indexName; - - $scope.$watch( - () => this.data, - (data) => { - this.renderReact( - ( - - {flyoutComponent} - - {bottomBarComponent} - - )} - /> - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/index/index.html b/x-pack/plugins/monitoring/public/views/elasticsearch/index/index.html deleted file mode 100644 index 84d90f184358d86..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/index/index.html +++ /dev/null @@ -1,9 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/index/index.js b/x-pack/plugins/monitoring/public/views/elasticsearch/index/index.js deleted file mode 100644 index c9efb622ff9d1f1..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/index/index.js +++ /dev/null @@ -1,148 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/** - * Controller for single index detail - */ -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import template from './index.html'; -import { Legacy } from '../../../legacy_shims'; -import { labels } from '../../../components/elasticsearch/shard_allocation/lib/labels'; -import { indicesByNodes } from '../../../components/elasticsearch/shard_allocation/transformers/indices_by_nodes'; -import { Index } from '../../../components/elasticsearch/index/index'; -import { MonitoringViewBaseController } from '../../base_controller'; -import { - CODE_PATH_ELASTICSEARCH, - RULE_LARGE_SHARD_SIZE, - ELASTICSEARCH_SYSTEM_ID, -} from '../../../../common/constants'; -import { SetupModeContext } from '../../../components/setup_mode/setup_mode_context'; -import { SetupModeRenderer } from '../../../components/renderers'; - -function getPageData($injector) { - const $http = $injector.get('$http'); - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/elasticsearch/indices/${$route.current.params.index}`; - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - is_advanced: false, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} - -uiRoutes.when('/elasticsearch/indices/:index', { - template, - resolve: { - clusters(Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_ELASTICSEARCH] }); - }, - pageData: getPageData, - }, - controllerAs: 'monitoringElasticsearchIndexApp', - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - const $route = $injector.get('$route'); - const indexName = $route.current.params.index; - - super({ - title: i18n.translate('xpack.monitoring.elasticsearch.indices.overview.routeTitle', { - defaultMessage: 'Elasticsearch - Indices - {indexName} - Overview', - values: { - indexName, - }, - }), - telemetryPageViewTitle: 'elasticsearch_index', - pageTitle: i18n.translate('xpack.monitoring.elasticsearch.indices.overview.pageTitle', { - defaultMessage: 'Index: {indexName}', - values: { - indexName, - }, - }), - defaultData: {}, - getPageData, - reactNodeId: 'monitoringElasticsearchIndexApp', - $scope, - $injector, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [RULE_LARGE_SHARD_SIZE], - filters: [ - { - shardIndex: $route.current.pathParams.index, - }, - ], - }, - }, - }); - - this.indexName = indexName; - const transformer = indicesByNodes(); - - $scope.$watch( - () => this.data, - (data) => { - if (!data || !data.shards) { - return; - } - - const shards = data.shards; - $scope.totalCount = shards.length; - $scope.showing = transformer(shards, data.nodes); - $scope.labels = labels.node; - if (shards.some((shard) => shard.state === 'UNASSIGNED')) { - $scope.labels = labels.indexWithUnassigned; - } else { - $scope.labels = labels.index; - } - - this.renderReact( - ( - - {flyoutComponent} - - {bottomBarComponent} - - )} - /> - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/indices/index.html b/x-pack/plugins/monitoring/public/views/elasticsearch/indices/index.html deleted file mode 100644 index 84013078e0ef1ae..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/indices/index.html +++ /dev/null @@ -1,8 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/indices/index.js b/x-pack/plugins/monitoring/public/views/elasticsearch/indices/index.js deleted file mode 100644 index 5acff8be20dcfc2..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/indices/index.js +++ /dev/null @@ -1,120 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { find } from 'lodash'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import { MonitoringViewBaseEuiTableController } from '../../'; -import { ElasticsearchIndices } from '../../../components'; -import template from './index.html'; -import { - CODE_PATH_ELASTICSEARCH, - ELASTICSEARCH_SYSTEM_ID, - RULE_LARGE_SHARD_SIZE, -} from '../../../../common/constants'; -import { SetupModeRenderer } from '../../../components/renderers'; -import { SetupModeContext } from '../../../components/setup_mode/setup_mode_context'; - -uiRoutes.when('/elasticsearch/indices', { - template, - resolve: { - clusters(Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_ELASTICSEARCH] }); - }, - }, - controllerAs: 'elasticsearchIndices', - controller: class ElasticsearchIndicesController extends MonitoringViewBaseEuiTableController { - constructor($injector, $scope) { - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - const features = $injector.get('features'); - - const { cluster_uuid: clusterUuid } = globalState; - $scope.cluster = find($route.current.locals.clusters, { cluster_uuid: clusterUuid }); - - let showSystemIndices = features.isEnabled('showSystemIndices', false); - - super({ - title: i18n.translate('xpack.monitoring.elasticsearch.indices.routeTitle', { - defaultMessage: 'Elasticsearch - Indices', - }), - pageTitle: i18n.translate('xpack.monitoring.elasticsearch.indices.pageTitle', { - defaultMessage: 'Elasticsearch indices', - }), - storageKey: 'elasticsearch.indices', - apiUrlFn: () => - `../api/monitoring/v1/clusters/${clusterUuid}/elasticsearch/indices?show_system_indices=${showSystemIndices}`, - reactNodeId: 'elasticsearchIndicesReact', - defaultData: {}, - $scope, - $injector, - $scope, - $injector, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [RULE_LARGE_SHARD_SIZE], - }, - }, - }); - - this.isCcrEnabled = $scope.cluster.isCcrEnabled; - - // for binding - const toggleShowSystemIndices = (isChecked) => { - // flip the boolean - showSystemIndices = isChecked; - // preserve setting in localStorage - features.update('showSystemIndices', isChecked); - // update the page (resets pagination and sorting) - this.updateData(); - }; - - const renderComponent = () => { - const { clusterStatus, indices } = this.data; - this.renderReact( - ( - - {flyoutComponent} - - {bottomBarComponent} - - )} - /> - ); - }; - - this.onTableChangeRender = renderComponent; - - $scope.$watch( - () => this.data, - (data) => { - if (!data) { - return; - } - renderComponent(); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/ml_jobs/get_page_data.js b/x-pack/plugins/monitoring/public/views/elasticsearch/ml_jobs/get_page_data.js deleted file mode 100644 index 39bd2686069de9a..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/ml_jobs/get_page_data.js +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { Legacy } from '../../../legacy_shims'; - -export function getPageData($injector) { - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/elasticsearch/ml_jobs`; - const timeBounds = Legacy.shims.timefilter.getBounds(); - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/ml_jobs/index.html b/x-pack/plugins/monitoring/public/views/elasticsearch/ml_jobs/index.html deleted file mode 100644 index 6fdae46b6b6ed99..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/ml_jobs/index.html +++ /dev/null @@ -1,9 +0,0 @@ - - - diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/ml_jobs/index.js b/x-pack/plugins/monitoring/public/views/elasticsearch/ml_jobs/index.js deleted file mode 100644 index d44b782f3994bc1..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/ml_jobs/index.js +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { find } from 'lodash'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import { MonitoringViewBaseEuiTableController } from '../../'; -import { getPageData } from './get_page_data'; -import template from './index.html'; -import { CODE_PATH_ELASTICSEARCH, CODE_PATH_ML } from '../../../../common/constants'; - -uiRoutes.when('/elasticsearch/ml_jobs', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_ELASTICSEARCH, CODE_PATH_ML] }); - }, - pageData: getPageData, - }, - controllerAs: 'mlJobs', - controller: class MlJobsList extends MonitoringViewBaseEuiTableController { - constructor($injector, $scope) { - super({ - title: i18n.translate('xpack.monitoring.elasticsearch.mlJobs.routeTitle', { - defaultMessage: 'Elasticsearch - Machine Learning Jobs', - }), - pageTitle: i18n.translate('xpack.monitoring.elasticsearch.mlJobs.pageTitle', { - defaultMessage: 'Elasticsearch machine learning jobs', - }), - storageKey: 'elasticsearch.mlJobs', - getPageData, - $scope, - $injector, - }); - - const $route = $injector.get('$route'); - this.data = $route.current.locals.pageData; - const globalState = $injector.get('globalState'); - $scope.cluster = find($route.current.locals.clusters, { - cluster_uuid: globalState.cluster_uuid, - }); - this.isCcrEnabled = Boolean($scope.cluster && $scope.cluster.isCcrEnabled); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/node/advanced/index.html b/x-pack/plugins/monitoring/public/views/elasticsearch/node/advanced/index.html deleted file mode 100644 index c79c4eed46bb739..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/node/advanced/index.html +++ /dev/null @@ -1,11 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/node/advanced/index.js b/x-pack/plugins/monitoring/public/views/elasticsearch/node/advanced/index.js deleted file mode 100644 index dc0456178fbffb9..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/node/advanced/index.js +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/** - * Controller for Advanced Node Detail - */ -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { get } from 'lodash'; -import { uiRoutes } from '../../../../angular/helpers/routes'; -import { ajaxErrorHandlersProvider } from '../../../../lib/ajax_error_handler'; -import { routeInitProvider } from '../../../../lib/route_init'; -import template from './index.html'; -import { Legacy } from '../../../../legacy_shims'; -import { AdvancedNode } from '../../../../components/elasticsearch/node/advanced'; -import { MonitoringViewBaseController } from '../../../base_controller'; -import { - CODE_PATH_ELASTICSEARCH, - RULE_CPU_USAGE, - RULE_THREAD_POOL_SEARCH_REJECTIONS, - RULE_THREAD_POOL_WRITE_REJECTIONS, - RULE_MISSING_MONITORING_DATA, - RULE_DISK_USAGE, - RULE_MEMORY_USAGE, -} from '../../../../../common/constants'; - -function getPageData($injector) { - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const $route = $injector.get('$route'); - const timeBounds = Legacy.shims.timefilter.getBounds(); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/elasticsearch/nodes/${$route.current.params.node}`; - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - is_advanced: true, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} - -uiRoutes.when('/elasticsearch/nodes/:node/advanced', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_ELASTICSEARCH] }); - }, - pageData: getPageData, - }, - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - const $route = $injector.get('$route'); - const nodeName = $route.current.params.node; - - super({ - defaultData: {}, - getPageData, - reactNodeId: 'monitoringElasticsearchAdvancedNodeApp', - telemetryPageViewTitle: 'elasticsearch_node_advanced', - $scope, - $injector, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [ - RULE_CPU_USAGE, - RULE_DISK_USAGE, - RULE_THREAD_POOL_SEARCH_REJECTIONS, - RULE_THREAD_POOL_WRITE_REJECTIONS, - RULE_MEMORY_USAGE, - RULE_MISSING_MONITORING_DATA, - ], - filters: [ - { - nodeUuid: nodeName, - }, - ], - }, - }, - }); - - $scope.$watch( - () => this.data, - (data) => { - if (!data || !data.nodeSummary) { - return; - } - - this.setTitle( - i18n.translate('xpack.monitoring.elasticsearch.node.advanced.routeTitle', { - defaultMessage: 'Elasticsearch - Nodes - {nodeSummaryName} - Advanced', - values: { - nodeSummaryName: get(data, 'nodeSummary.name'), - }, - }) - ); - - this.setPageTitle( - i18n.translate('xpack.monitoring.elasticsearch.node.overview.pageTitle', { - defaultMessage: 'Elasticsearch node: {node}', - values: { - node: get(data, 'nodeSummary.name'), - }, - }) - ); - - this.renderReact( - - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/node/get_page_data.js b/x-pack/plugins/monitoring/public/views/elasticsearch/node/get_page_data.js deleted file mode 100644 index 1d8bc3f3efa328d..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/node/get_page_data.js +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { Legacy } from '../../../legacy_shims'; - -export function getPageData($injector) { - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const $route = $injector.get('$route'); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/elasticsearch/nodes/${$route.current.params.node}`; - const features = $injector.get('features'); - const showSystemIndices = features.isEnabled('showSystemIndices', false); - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - showSystemIndices, - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - is_advanced: false, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/node/index.html b/x-pack/plugins/monitoring/public/views/elasticsearch/node/index.html deleted file mode 100644 index 1c3b32728cecd67..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/node/index.html +++ /dev/null @@ -1,11 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/node/index.js b/x-pack/plugins/monitoring/public/views/elasticsearch/node/index.js deleted file mode 100644 index 3ec10aa9d4a4cec..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/node/index.js +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/** - * Controller for Node Detail - */ -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { get, partial } from 'lodash'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import { getPageData } from './get_page_data'; -import template from './index.html'; -import { SetupModeRenderer } from '../../../components/renderers'; -import { Node } from '../../../components/elasticsearch/node/node'; -import { labels } from '../../../components/elasticsearch/shard_allocation/lib/labels'; -import { nodesByIndices } from '../../../components/elasticsearch/shard_allocation/transformers/nodes_by_indices'; -import { MonitoringViewBaseController } from '../../base_controller'; -import { - CODE_PATH_ELASTICSEARCH, - RULE_CPU_USAGE, - RULE_THREAD_POOL_SEARCH_REJECTIONS, - RULE_THREAD_POOL_WRITE_REJECTIONS, - RULE_MISSING_MONITORING_DATA, - RULE_DISK_USAGE, - RULE_MEMORY_USAGE, - ELASTICSEARCH_SYSTEM_ID, -} from '../../../../common/constants'; -import { SetupModeContext } from '../../../components/setup_mode/setup_mode_context'; - -uiRoutes.when('/elasticsearch/nodes/:node', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_ELASTICSEARCH] }); - }, - pageData: getPageData, - }, - controllerAs: 'monitoringElasticsearchNodeApp', - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - const $route = $injector.get('$route'); - const nodeName = $route.current.params.node; - - super({ - title: i18n.translate('xpack.monitoring.elasticsearch.node.overview.routeTitle', { - defaultMessage: 'Elasticsearch - Nodes - {nodeName} - Overview', - values: { - nodeName, - }, - }), - telemetryPageViewTitle: 'elasticsearch_node', - defaultData: {}, - getPageData, - reactNodeId: 'monitoringElasticsearchNodeApp', - $scope, - $injector, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [ - RULE_CPU_USAGE, - RULE_DISK_USAGE, - RULE_THREAD_POOL_SEARCH_REJECTIONS, - RULE_THREAD_POOL_WRITE_REJECTIONS, - RULE_MEMORY_USAGE, - RULE_MISSING_MONITORING_DATA, - ], - filters: [ - { - nodeUuid: nodeName, - }, - ], - }, - }, - }); - - this.nodeName = nodeName; - - const features = $injector.get('features'); - const callPageData = partial(getPageData, $injector); - // show/hide system indices in shard allocation view - $scope.showSystemIndices = features.isEnabled('showSystemIndices', false); - $scope.toggleShowSystemIndices = (isChecked) => { - $scope.showSystemIndices = isChecked; - // preserve setting in localStorage - features.update('showSystemIndices', isChecked); - // update the page - callPageData().then((data) => (this.data = data)); - }; - - const transformer = nodesByIndices(); - $scope.$watch( - () => this.data, - (data) => { - if (!data || !data.shards) { - return; - } - - this.setTitle( - i18n.translate('xpack.monitoring.elasticsearch.node.overview.routeTitle', { - defaultMessage: 'Elasticsearch - Nodes - {nodeName} - Overview', - values: { - nodeName: get(data, 'nodeSummary.name'), - }, - }) - ); - - this.setPageTitle( - i18n.translate('xpack.monitoring.elasticsearch.node.overview.pageTitle', { - defaultMessage: 'Elasticsearch node: {node}', - values: { - node: get(data, 'nodeSummary.name'), - }, - }) - ); - - const shards = data.shards; - $scope.totalCount = shards.length; - $scope.showing = transformer(shards, data.nodes); - $scope.labels = labels.node; - - this.renderReact( - ( - - {flyoutComponent} - - {bottomBarComponent} - - )} - /> - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/nodes/index.html b/x-pack/plugins/monitoring/public/views/elasticsearch/nodes/index.html deleted file mode 100644 index 95a483a59f20ce7..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/nodes/index.html +++ /dev/null @@ -1,8 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/nodes/index.js b/x-pack/plugins/monitoring/public/views/elasticsearch/nodes/index.js deleted file mode 100644 index 5bc546e8590ad6a..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/nodes/index.js +++ /dev/null @@ -1,149 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { find } from 'lodash'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { Legacy } from '../../../legacy_shims'; -import template from './index.html'; -import { routeInitProvider } from '../../../lib/route_init'; -import { MonitoringViewBaseEuiTableController } from '../../'; -import { ElasticsearchNodes } from '../../../components'; -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { SetupModeRenderer } from '../../../components/renderers'; -import { - ELASTICSEARCH_SYSTEM_ID, - CODE_PATH_ELASTICSEARCH, - RULE_CPU_USAGE, - RULE_THREAD_POOL_SEARCH_REJECTIONS, - RULE_THREAD_POOL_WRITE_REJECTIONS, - RULE_MISSING_MONITORING_DATA, - RULE_DISK_USAGE, - RULE_MEMORY_USAGE, -} from '../../../../common/constants'; -import { SetupModeContext } from '../../../components/setup_mode/setup_mode_context'; - -uiRoutes.when('/elasticsearch/nodes', { - template, - resolve: { - clusters(Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_ELASTICSEARCH] }); - }, - }, - controllerAs: 'elasticsearchNodes', - controller: class ElasticsearchNodesController extends MonitoringViewBaseEuiTableController { - constructor($injector, $scope) { - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - const showCgroupMetricsElasticsearch = $injector.get('showCgroupMetricsElasticsearch'); - - $scope.cluster = - find($route.current.locals.clusters, { - cluster_uuid: globalState.cluster_uuid, - }) || {}; - - const getPageData = ($injector, _api = undefined, routeOptions = {}) => { - _api; // to fix eslint - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const timeBounds = Legacy.shims.timefilter.getBounds(); - - const getNodes = (clusterUuid = globalState.cluster_uuid) => - $http.post(`../api/monitoring/v1/clusters/${clusterUuid}/elasticsearch/nodes`, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - ...routeOptions, - }); - - const promise = globalState.cluster_uuid - ? getNodes() - : new Promise((resolve) => resolve({ data: {} })); - return promise - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); - }; - - super({ - title: i18n.translate('xpack.monitoring.elasticsearch.nodes.routeTitle', { - defaultMessage: 'Elasticsearch - Nodes', - }), - pageTitle: i18n.translate('xpack.monitoring.elasticsearch.nodes.pageTitle', { - defaultMessage: 'Elasticsearch nodes', - }), - storageKey: 'elasticsearch.nodes', - reactNodeId: 'elasticsearchNodesReact', - defaultData: {}, - getPageData, - $scope, - $injector, - fetchDataImmediately: false, // We want to apply pagination before sending the first request, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [ - RULE_CPU_USAGE, - RULE_DISK_USAGE, - RULE_THREAD_POOL_SEARCH_REJECTIONS, - RULE_THREAD_POOL_WRITE_REJECTIONS, - RULE_MEMORY_USAGE, - RULE_MISSING_MONITORING_DATA, - ], - }, - }, - }); - - this.isCcrEnabled = $scope.cluster.isCcrEnabled; - - $scope.$watch( - () => this.data, - (data) => { - if (!data) { - return; - } - - const { clusterStatus, nodes, totalNodeCount } = data; - const pagination = { - ...this.pagination, - totalItemCount: totalNodeCount, - }; - - this.renderReact( - ( - - {flyoutComponent} - - {bottomBarComponent} - - )} - /> - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/overview/controller.js b/x-pack/plugins/monitoring/public/views/elasticsearch/overview/controller.js deleted file mode 100644 index f39033fe7014dbe..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/overview/controller.js +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { find } from 'lodash'; -import { MonitoringViewBaseController } from '../../'; -import { ElasticsearchOverview } from '../../../components'; - -export class ElasticsearchOverviewController extends MonitoringViewBaseController { - constructor($injector, $scope) { - // breadcrumbs + page title - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - $scope.cluster = find($route.current.locals.clusters, { - cluster_uuid: globalState.cluster_uuid, - }); - - super({ - title: 'Elasticsearch', - pageTitle: i18n.translate('xpack.monitoring.elasticsearch.overview.pageTitle', { - defaultMessage: 'Elasticsearch overview', - }), - api: `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/elasticsearch`, - defaultData: { - clusterStatus: { status: '' }, - metrics: null, - shardActivity: null, - }, - reactNodeId: 'elasticsearchOverviewReact', - $scope, - $injector, - }); - - this.isCcrEnabled = $scope.cluster.isCcrEnabled; - this.showShardActivityHistory = false; - this.toggleShardActivityHistory = () => { - this.showShardActivityHistory = !this.showShardActivityHistory; - $scope.$evalAsync(() => { - this.renderReact(this.data, $scope.cluster); - }); - }; - - this.initScope($scope); - } - - initScope($scope) { - $scope.$watch( - () => this.data, - (data) => { - this.renderReact(data, $scope.cluster); - } - ); - - // HACK to force table to re-render even if data hasn't changed. This - // happens when the data remains empty after turning on showHistory. The - // button toggle needs to update the "no data" message based on the value of showHistory - $scope.$watch( - () => this.showShardActivityHistory, - () => { - const { data } = this; - const dataWithShardActivityLoading = { ...data, shardActivity: null }; - // force shard activity to rerender by manipulating and then re-setting its data prop - this.renderReact(dataWithShardActivityLoading, $scope.cluster); - this.renderReact(data, $scope.cluster); - } - ); - } - - filterShardActivityData(shardActivity) { - return shardActivity.filter((row) => { - return this.showShardActivityHistory || row.stage !== 'DONE'; - }); - } - - renderReact(data, cluster) { - // All data needs to originate in this view, and get passed as a prop to the components, for statelessness - const { clusterStatus, metrics, shardActivity, logs } = data || {}; - const shardActivityData = shardActivity && this.filterShardActivityData(shardActivity); // no filter on data = null - const component = ( - - ); - - super.renderReact(component); - } -} diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/overview/index.html b/x-pack/plugins/monitoring/public/views/elasticsearch/overview/index.html deleted file mode 100644 index 127c48add5e8df2..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/overview/index.html +++ /dev/null @@ -1,8 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/elasticsearch/overview/index.js b/x-pack/plugins/monitoring/public/views/elasticsearch/overview/index.js deleted file mode 100644 index cc507934dd767cf..000000000000000 --- a/x-pack/plugins/monitoring/public/views/elasticsearch/overview/index.js +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import template from './index.html'; -import { ElasticsearchOverviewController } from './controller'; -import { CODE_PATH_ELASTICSEARCH } from '../../../../common/constants'; - -uiRoutes.when('/elasticsearch', { - template, - resolve: { - clusters(Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_ELASTICSEARCH] }); - }, - }, - controllerAs: 'elasticsearchOverview', - controller: ElasticsearchOverviewController, -}); diff --git a/x-pack/plugins/monitoring/public/views/index.js b/x-pack/plugins/monitoring/public/views/index.js deleted file mode 100644 index 8cfb8f35e68baad..000000000000000 --- a/x-pack/plugins/monitoring/public/views/index.js +++ /dev/null @@ -1,10 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -export { MonitoringViewBaseController } from './base_controller'; -export { MonitoringViewBaseTableController } from './base_table_controller'; -export { MonitoringViewBaseEuiTableController } from './base_eui_table_controller'; diff --git a/x-pack/plugins/monitoring/public/views/kibana/instance/index.html b/x-pack/plugins/monitoring/public/views/kibana/instance/index.html deleted file mode 100644 index 8bb17839683a891..000000000000000 --- a/x-pack/plugins/monitoring/public/views/kibana/instance/index.html +++ /dev/null @@ -1,8 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/kibana/instance/index.js b/x-pack/plugins/monitoring/public/views/kibana/instance/index.js deleted file mode 100644 index a71289b084516b6..000000000000000 --- a/x-pack/plugins/monitoring/public/views/kibana/instance/index.js +++ /dev/null @@ -1,168 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * Kibana Instance - */ -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { get } from 'lodash'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { routeInitProvider } from '../../../lib/route_init'; -import template from './index.html'; -import { Legacy } from '../../../legacy_shims'; -import { - EuiPage, - EuiPageBody, - EuiPageContent, - EuiSpacer, - EuiFlexGrid, - EuiFlexItem, - EuiPanel, -} from '@elastic/eui'; -import { MonitoringTimeseriesContainer } from '../../../components/chart'; -import { DetailStatus } from '../../../components/kibana/detail_status'; -import { MonitoringViewBaseController } from '../../base_controller'; -import { CODE_PATH_KIBANA, RULE_KIBANA_VERSION_MISMATCH } from '../../../../common/constants'; -import { AlertsCallout } from '../../../alerts/callout'; - -function getPageData($injector) { - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const $route = $injector.get('$route'); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/kibana/${$route.current.params.uuid}`; - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} - -uiRoutes.when('/kibana/instances/:uuid', { - template, - resolve: { - clusters(Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_KIBANA] }); - }, - pageData: getPageData, - }, - controllerAs: 'monitoringKibanaInstanceApp', - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - super({ - title: `Kibana - ${get($scope.pageData, 'kibanaSummary.name')}`, - telemetryPageViewTitle: 'kibana_instance', - defaultData: {}, - getPageData, - reactNodeId: 'monitoringKibanaInstanceApp', - $scope, - $injector, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [RULE_KIBANA_VERSION_MISMATCH], - }, - }, - }); - - $scope.$watch( - () => this.data, - (data) => { - if (!data || !data.metrics) { - return; - } - this.setTitle(`Kibana - ${get(data, 'kibanaSummary.name')}`); - this.setPageTitle( - i18n.translate('xpack.monitoring.kibana.instance.pageTitle', { - defaultMessage: 'Kibana instance: {instance}', - values: { - instance: get($scope.pageData, 'kibanaSummary.name'), - }, - }) - ); - - this.renderReact( - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/kibana/instances/get_page_data.js b/x-pack/plugins/monitoring/public/views/kibana/instances/get_page_data.js deleted file mode 100644 index 82c49ee0ebb1382..000000000000000 --- a/x-pack/plugins/monitoring/public/views/kibana/instances/get_page_data.js +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { Legacy } from '../../../legacy_shims'; - -export function getPageData($injector) { - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/kibana/instances`; - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} diff --git a/x-pack/plugins/monitoring/public/views/kibana/instances/index.html b/x-pack/plugins/monitoring/public/views/kibana/instances/index.html deleted file mode 100644 index 8e1639a2323a505..000000000000000 --- a/x-pack/plugins/monitoring/public/views/kibana/instances/index.html +++ /dev/null @@ -1,7 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/kibana/instances/index.js b/x-pack/plugins/monitoring/public/views/kibana/instances/index.js deleted file mode 100644 index 2601a366e684338..000000000000000 --- a/x-pack/plugins/monitoring/public/views/kibana/instances/index.js +++ /dev/null @@ -1,95 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import { MonitoringViewBaseEuiTableController } from '../../'; -import { getPageData } from './get_page_data'; -import template from './index.html'; -import { KibanaInstances } from '../../../components/kibana/instances'; -import { SetupModeRenderer } from '../../../components/renderers'; -import { SetupModeContext } from '../../../components/setup_mode/setup_mode_context'; -import { - KIBANA_SYSTEM_ID, - CODE_PATH_KIBANA, - RULE_KIBANA_VERSION_MISMATCH, -} from '../../../../common/constants'; - -uiRoutes.when('/kibana/instances', { - template, - resolve: { - clusters(Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_KIBANA] }); - }, - pageData: getPageData, - }, - controllerAs: 'kibanas', - controller: class KibanaInstancesList extends MonitoringViewBaseEuiTableController { - constructor($injector, $scope) { - super({ - title: i18n.translate('xpack.monitoring.kibana.instances.routeTitle', { - defaultMessage: 'Kibana - Instances', - }), - pageTitle: i18n.translate('xpack.monitoring.kibana.instances.pageTitle', { - defaultMessage: 'Kibana instances', - }), - storageKey: 'kibana.instances', - getPageData, - reactNodeId: 'monitoringKibanaInstancesApp', - $scope, - $injector, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [RULE_KIBANA_VERSION_MISMATCH], - }, - }, - }); - - const renderReact = () => { - this.renderReact( - ( - - {flyoutComponent} - - {bottomBarComponent} - - )} - /> - ); - }; - - this.onTableChangeRender = renderReact; - - $scope.$watch( - () => this.data, - (data) => { - if (!data) { - return; - } - - renderReact(); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/kibana/overview/index.html b/x-pack/plugins/monitoring/public/views/kibana/overview/index.html deleted file mode 100644 index 5b131e113dfa498..000000000000000 --- a/x-pack/plugins/monitoring/public/views/kibana/overview/index.html +++ /dev/null @@ -1,7 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/kibana/overview/index.js b/x-pack/plugins/monitoring/public/views/kibana/overview/index.js deleted file mode 100644 index ad59265a9853157..000000000000000 --- a/x-pack/plugins/monitoring/public/views/kibana/overview/index.js +++ /dev/null @@ -1,117 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/** - * Kibana Overview - */ -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { MonitoringTimeseriesContainer } from '../../../components/chart'; -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { routeInitProvider } from '../../../lib/route_init'; -import template from './index.html'; -import { Legacy } from '../../../legacy_shims'; -import { - EuiPage, - EuiPageBody, - EuiPageContent, - EuiPanel, - EuiSpacer, - EuiFlexGroup, - EuiFlexItem, -} from '@elastic/eui'; -import { ClusterStatus } from '../../../components/kibana/cluster_status'; -import { MonitoringViewBaseController } from '../../base_controller'; -import { CODE_PATH_KIBANA } from '../../../../common/constants'; - -function getPageData($injector) { - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/kibana`; - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} - -uiRoutes.when('/kibana', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_KIBANA] }); - }, - pageData: getPageData, - }, - controllerAs: 'monitoringKibanaOverviewApp', - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - super({ - title: `Kibana`, - pageTitle: i18n.translate('xpack.monitoring.kibana.overview.pageTitle', { - defaultMessage: 'Kibana overview', - }), - defaultData: {}, - getPageData, - reactNodeId: 'monitoringKibanaOverviewApp', - $scope, - $injector, - }); - - $scope.$watch( - () => this.data, - (data) => { - if (!data || !data.clusterStatus) { - return; - } - - this.renderReact( - - - - - - - - - - - - - - - - - - - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/license/controller.js b/x-pack/plugins/monitoring/public/views/license/controller.js deleted file mode 100644 index 297edf6481a555d..000000000000000 --- a/x-pack/plugins/monitoring/public/views/license/controller.js +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { get, find } from 'lodash'; -import { i18n } from '@kbn/i18n'; -import React from 'react'; -import { render, unmountComponentAtNode } from 'react-dom'; -import { Legacy } from '../../legacy_shims'; -import { formatDateTimeLocal } from '../../../common/formatting'; -import { BASE_PATH as MANAGEMENT_BASE_PATH } from '../../../../../plugins/license_management/common/constants'; -import { License } from '../../components'; - -const REACT_NODE_ID = 'licenseReact'; - -export class LicenseViewController { - constructor($injector, $scope) { - Legacy.shims.timefilter.disableTimeRangeSelector(); - Legacy.shims.timefilter.disableAutoRefreshSelector(); - - $scope.$on('$destroy', () => { - unmountComponentAtNode(document.getElementById(REACT_NODE_ID)); - }); - - this.init($injector, $scope, i18n); - } - - init($injector, $scope) { - const globalState = $injector.get('globalState'); - const title = $injector.get('title'); - const $route = $injector.get('$route'); - - const cluster = find($route.current.locals.clusters, { - cluster_uuid: globalState.cluster_uuid, - }); - $scope.cluster = cluster; - const routeTitle = i18n.translate('xpack.monitoring.license.licenseRouteTitle', { - defaultMessage: 'License', - }); - title($scope.cluster, routeTitle); - - this.license = cluster.license; - this.isExpired = Date.now() > get(cluster, 'license.expiry_date_in_millis'); - this.isPrimaryCluster = cluster.isPrimary; - - const basePath = Legacy.shims.getBasePath(); - this.uploadLicensePath = basePath + '/app/kibana#' + MANAGEMENT_BASE_PATH + 'upload_license'; - - this.renderReact($scope); - } - - renderReact($scope) { - const injector = Legacy.shims.getAngularInjector(); - const timezone = injector.get('config').get('dateFormat:tz'); - $scope.$evalAsync(() => { - const { isPrimaryCluster, license, isExpired, uploadLicensePath } = this; - let expiryDate = license.expiry_date_in_millis; - if (license.expiry_date_in_millis !== undefined) { - expiryDate = formatDateTimeLocal(license.expiry_date_in_millis, timezone); - } - - // Mount the React component to the template - render( - , - document.getElementById(REACT_NODE_ID) - ); - }); - } -} diff --git a/x-pack/plugins/monitoring/public/views/license/index.html b/x-pack/plugins/monitoring/public/views/license/index.html deleted file mode 100644 index 7fb9c6994100433..000000000000000 --- a/x-pack/plugins/monitoring/public/views/license/index.html +++ /dev/null @@ -1,3 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/license/index.js b/x-pack/plugins/monitoring/public/views/license/index.js deleted file mode 100644 index 0ffb95326869065..000000000000000 --- a/x-pack/plugins/monitoring/public/views/license/index.js +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { uiRoutes } from '../../angular/helpers/routes'; -import { routeInitProvider } from '../../lib/route_init'; -import template from './index.html'; -import { LicenseViewController } from './controller'; -import { CODE_PATH_LICENSE } from '../../../common/constants'; - -uiRoutes.when('/license', { - template, - resolve: { - clusters: (Private) => { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_LICENSE] }); - }, - }, - controllerAs: 'licenseView', - controller: LicenseViewController, -}); diff --git a/x-pack/plugins/monitoring/public/views/loading/index.html b/x-pack/plugins/monitoring/public/views/loading/index.html deleted file mode 100644 index 9a5971a65bc3933..000000000000000 --- a/x-pack/plugins/monitoring/public/views/loading/index.html +++ /dev/null @@ -1,5 +0,0 @@ - -
-
-
- diff --git a/x-pack/plugins/monitoring/public/views/loading/index.js b/x-pack/plugins/monitoring/public/views/loading/index.js deleted file mode 100644 index 6406b9e6364f0b9..000000000000000 --- a/x-pack/plugins/monitoring/public/views/loading/index.js +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/** - * Controller for single index detail - */ -import React from 'react'; -import { render } from 'react-dom'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../angular/helpers/routes'; -import { routeInitProvider } from '../../lib/route_init'; -import template from './index.html'; -import { Legacy } from '../../legacy_shims'; -import { CODE_PATH_ELASTICSEARCH } from '../../../common/constants'; -import { PageLoading } from '../../components'; -import { ajaxErrorHandlersProvider } from '../../lib/ajax_error_handler'; - -const CODE_PATHS = [CODE_PATH_ELASTICSEARCH]; -uiRoutes.when('/loading', { - template, - controllerAs: 'monitoringLoading', - controller: class { - constructor($injector, $scope) { - const Private = $injector.get('Private'); - const titleService = $injector.get('title'); - titleService( - $scope.cluster, - i18n.translate('xpack.monitoring.loading.pageTitle', { - defaultMessage: 'Loading', - }) - ); - - this.init = () => { - const reactNodeId = 'monitoringLoadingReact'; - const renderElement = document.getElementById(reactNodeId); - if (!renderElement) { - console.warn(`"#${reactNodeId}" element has not been added to the DOM yet`); - return; - } - const I18nContext = Legacy.shims.I18nContext; - render( - - - , - renderElement - ); - }; - - const routeInit = Private(routeInitProvider); - routeInit({ codePaths: CODE_PATHS, fetchAllClusters: true, unsetGlobalState: true }) - .then((clusters) => { - if (!clusters || !clusters.length) { - window.location.hash = '#/no-data'; - $scope.$apply(); - return; - } - if (clusters.length === 1) { - // Bypass the cluster listing if there is just 1 cluster - window.history.replaceState(null, null, '#/overview'); - $scope.$apply(); - return; - } - - window.history.replaceState(null, null, '#/home'); - $scope.$apply(); - }) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return $scope.$apply(() => ajaxErrorHandlers(err)); - }); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/logstash/node/advanced/index.html b/x-pack/plugins/monitoring/public/views/logstash/node/advanced/index.html deleted file mode 100644 index 63f51809fd7e707..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/node/advanced/index.html +++ /dev/null @@ -1,9 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/logstash/node/advanced/index.js b/x-pack/plugins/monitoring/public/views/logstash/node/advanced/index.js deleted file mode 100644 index 9acfd81d186fdc2..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/node/advanced/index.js +++ /dev/null @@ -1,149 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * Logstash Node Advanced View - */ -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../../angular/helpers/routes'; -import { ajaxErrorHandlersProvider } from '../../../../lib/ajax_error_handler'; -import { routeInitProvider } from '../../../../lib/route_init'; -import template from './index.html'; -import { Legacy } from '../../../../legacy_shims'; -import { MonitoringViewBaseController } from '../../../base_controller'; -import { DetailStatus } from '../../../../components/logstash/detail_status'; -import { - EuiPage, - EuiPageBody, - EuiPageContent, - EuiPanel, - EuiSpacer, - EuiFlexGrid, - EuiFlexItem, -} from '@elastic/eui'; -import { MonitoringTimeseriesContainer } from '../../../../components/chart'; -import { - CODE_PATH_LOGSTASH, - RULE_LOGSTASH_VERSION_MISMATCH, -} from '../../../../../common/constants'; -import { AlertsCallout } from '../../../../alerts/callout'; - -function getPageData($injector) { - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const $route = $injector.get('$route'); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/logstash/node/${$route.current.params.uuid}`; - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - is_advanced: true, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} - -uiRoutes.when('/logstash/node/:uuid/advanced', { - template, - resolve: { - clusters(Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_LOGSTASH] }); - }, - pageData: getPageData, - }, - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - super({ - defaultData: {}, - getPageData, - reactNodeId: 'monitoringLogstashNodeAdvancedApp', - $scope, - $injector, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [RULE_LOGSTASH_VERSION_MISMATCH], - }, - }, - telemetryPageViewTitle: 'logstash_node_advanced', - }); - - $scope.$watch( - () => this.data, - (data) => { - if (!data || !data.nodeSummary) { - return; - } - - this.setTitle( - i18n.translate('xpack.monitoring.logstash.node.advanced.routeTitle', { - defaultMessage: 'Logstash - {nodeName} - Advanced', - values: { - nodeName: data.nodeSummary.name, - }, - }) - ); - - this.setPageTitle( - i18n.translate('xpack.monitoring.logstash.node.advanced.pageTitle', { - defaultMessage: 'Logstash node: {nodeName}', - values: { - nodeName: data.nodeSummary.name, - }, - }) - ); - - const metricsToShow = [ - data.metrics.logstash_node_cpu_utilization, - data.metrics.logstash_queue_events_count, - data.metrics.logstash_node_cgroup_cpu, - data.metrics.logstash_pipeline_queue_size, - data.metrics.logstash_node_cgroup_stats, - ]; - - this.renderReact( - - - - - - - - - - {metricsToShow.map((metric, index) => ( - - - - - ))} - - - - - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/logstash/node/index.html b/x-pack/plugins/monitoring/public/views/logstash/node/index.html deleted file mode 100644 index 062c830dd8b7ae1..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/node/index.html +++ /dev/null @@ -1,9 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/logstash/node/index.js b/x-pack/plugins/monitoring/public/views/logstash/node/index.js deleted file mode 100644 index b23875ba1a3bbe7..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/node/index.js +++ /dev/null @@ -1,147 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * Logstash Node - */ -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { routeInitProvider } from '../../../lib/route_init'; -import template from './index.html'; -import { Legacy } from '../../../legacy_shims'; -import { DetailStatus } from '../../../components/logstash/detail_status'; -import { - EuiPage, - EuiPageBody, - EuiPageContent, - EuiPanel, - EuiSpacer, - EuiFlexGrid, - EuiFlexItem, -} from '@elastic/eui'; -import { MonitoringTimeseriesContainer } from '../../../components/chart'; -import { MonitoringViewBaseController } from '../../base_controller'; -import { CODE_PATH_LOGSTASH, RULE_LOGSTASH_VERSION_MISMATCH } from '../../../../common/constants'; -import { AlertsCallout } from '../../../alerts/callout'; - -function getPageData($injector) { - const $http = $injector.get('$http'); - const $route = $injector.get('$route'); - const globalState = $injector.get('globalState'); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/logstash/node/${$route.current.params.uuid}`; - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - is_advanced: false, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} - -uiRoutes.when('/logstash/node/:uuid', { - template, - resolve: { - clusters(Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_LOGSTASH] }); - }, - pageData: getPageData, - }, - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - super({ - defaultData: {}, - getPageData, - reactNodeId: 'monitoringLogstashNodeApp', - $scope, - $injector, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [RULE_LOGSTASH_VERSION_MISMATCH], - }, - }, - telemetryPageViewTitle: 'logstash_node', - }); - - $scope.$watch( - () => this.data, - (data) => { - if (!data || !data.nodeSummary) { - return; - } - - this.setTitle( - i18n.translate('xpack.monitoring.logstash.node.routeTitle', { - defaultMessage: 'Logstash - {nodeName}', - values: { - nodeName: data.nodeSummary.name, - }, - }) - ); - - this.setPageTitle( - i18n.translate('xpack.monitoring.logstash.node.pageTitle', { - defaultMessage: 'Logstash node: {nodeName}', - values: { - nodeName: data.nodeSummary.name, - }, - }) - ); - - const metricsToShow = [ - data.metrics.logstash_events_input_rate, - data.metrics.logstash_jvm_usage, - data.metrics.logstash_events_output_rate, - data.metrics.logstash_node_cpu_metric, - data.metrics.logstash_events_latency, - data.metrics.logstash_os_load, - ]; - - this.renderReact( - - - - - - - - - - {metricsToShow.map((metric, index) => ( - - - - - ))} - - - - - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/logstash/node/pipelines/index.html b/x-pack/plugins/monitoring/public/views/logstash/node/pipelines/index.html deleted file mode 100644 index cae3a169bfd5ac6..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/node/pipelines/index.html +++ /dev/null @@ -1,8 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/logstash/node/pipelines/index.js b/x-pack/plugins/monitoring/public/views/logstash/node/pipelines/index.js deleted file mode 100644 index 0d5105696102a29..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/node/pipelines/index.js +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * Logstash Node Pipelines Listing - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../../angular/helpers/routes'; -import { ajaxErrorHandlersProvider } from '../../../../lib/ajax_error_handler'; -import { routeInitProvider } from '../../../../lib/route_init'; -import { isPipelineMonitoringSupportedInVersion } from '../../../../lib/logstash/pipelines'; -import template from './index.html'; -import { Legacy } from '../../../../legacy_shims'; -import { MonitoringViewBaseEuiTableController } from '../../../'; -import { PipelineListing } from '../../../../components/logstash/pipeline_listing/pipeline_listing'; -import { DetailStatus } from '../../../../components/logstash/detail_status'; -import { CODE_PATH_LOGSTASH } from '../../../../../common/constants'; - -const getPageData = ($injector, _api = undefined, routeOptions = {}) => { - _api; // fixing eslint - const $route = $injector.get('$route'); - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const Private = $injector.get('Private'); - - const logstashUuid = $route.current.params.uuid; - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/logstash/node/${logstashUuid}/pipelines`; - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - ...routeOptions, - }) - .then((response) => response.data) - .catch((err) => { - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -}; - -function makeUpgradeMessage(logstashVersion) { - if (isPipelineMonitoringSupportedInVersion(logstashVersion)) { - return null; - } - - return i18n.translate('xpack.monitoring.logstash.node.pipelines.notAvailableDescription', { - defaultMessage: - 'Pipeline monitoring is only available in Logstash version 6.0.0 or higher. This node is running version {logstashVersion}.', - values: { - logstashVersion, - }, - }); -} - -uiRoutes.when('/logstash/node/:uuid/pipelines', { - template, - resolve: { - clusters(Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_LOGSTASH] }); - }, - }, - controller: class extends MonitoringViewBaseEuiTableController { - constructor($injector, $scope) { - const config = $injector.get('config'); - - super({ - defaultData: {}, - getPageData, - reactNodeId: 'monitoringLogstashNodePipelinesApp', - $scope, - $injector, - fetchDataImmediately: false, // We want to apply pagination before sending the first request - telemetryPageViewTitle: 'logstash_node_pipelines', - }); - - $scope.$watch( - () => this.data, - (data) => { - if (!data || !data.nodeSummary) { - return; - } - - this.setTitle( - i18n.translate('xpack.monitoring.logstash.node.pipelines.routeTitle', { - defaultMessage: 'Logstash - {nodeName} - Pipelines', - values: { - nodeName: data.nodeSummary.name, - }, - }) - ); - - this.setPageTitle( - i18n.translate('xpack.monitoring.logstash.node.pipelines.pageTitle', { - defaultMessage: 'Logstash node pipelines: {nodeName}', - values: { - nodeName: data.nodeSummary.name, - }, - }) - ); - - const pagination = { - ...this.pagination, - totalItemCount: data.totalPipelineCount, - }; - - this.renderReact( - - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/logstash/nodes/get_page_data.js b/x-pack/plugins/monitoring/public/views/logstash/nodes/get_page_data.js deleted file mode 100644 index 4c9167a47b0d7e0..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/nodes/get_page_data.js +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { Legacy } from '../../../legacy_shims'; - -export function getPageData($injector) { - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/logstash/nodes`; - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} diff --git a/x-pack/plugins/monitoring/public/views/logstash/nodes/index.html b/x-pack/plugins/monitoring/public/views/logstash/nodes/index.html deleted file mode 100644 index 6da00b1c771b8ec..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/nodes/index.html +++ /dev/null @@ -1,3 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/logstash/nodes/index.js b/x-pack/plugins/monitoring/public/views/logstash/nodes/index.js deleted file mode 100644 index 56b5d0ec6c82a03..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/nodes/index.js +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { routeInitProvider } from '../../../lib/route_init'; -import { MonitoringViewBaseEuiTableController } from '../../'; -import { getPageData } from './get_page_data'; -import template from './index.html'; -import { Listing } from '../../../components/logstash/listing'; -import { SetupModeRenderer } from '../../../components/renderers'; -import { SetupModeContext } from '../../../components/setup_mode/setup_mode_context'; -import { - CODE_PATH_LOGSTASH, - LOGSTASH_SYSTEM_ID, - RULE_LOGSTASH_VERSION_MISMATCH, -} from '../../../../common/constants'; - -uiRoutes.when('/logstash/nodes', { - template, - resolve: { - clusters(Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_LOGSTASH] }); - }, - pageData: getPageData, - }, - controllerAs: 'lsNodes', - controller: class LsNodesList extends MonitoringViewBaseEuiTableController { - constructor($injector, $scope) { - super({ - title: i18n.translate('xpack.monitoring.logstash.nodes.routeTitle', { - defaultMessage: 'Logstash - Nodes', - }), - pageTitle: i18n.translate('xpack.monitoring.logstash.nodes.pageTitle', { - defaultMessage: 'Logstash nodes', - }), - storageKey: 'logstash.nodes', - getPageData, - reactNodeId: 'monitoringLogstashNodesApp', - $scope, - $injector, - alerts: { - shouldFetch: true, - options: { - alertTypeIds: [RULE_LOGSTASH_VERSION_MISMATCH], - }, - }, - }); - - const renderComponent = () => { - this.renderReact( - ( - - {flyoutComponent} - - {bottomBarComponent} - - )} - /> - ); - }; - - this.onTableChangeRender = renderComponent; - - $scope.$watch( - () => this.data, - () => renderComponent() - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/logstash/overview/index.html b/x-pack/plugins/monitoring/public/views/logstash/overview/index.html deleted file mode 100644 index 088aa35892bbee6..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/overview/index.html +++ /dev/null @@ -1,3 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/logstash/overview/index.js b/x-pack/plugins/monitoring/public/views/logstash/overview/index.js deleted file mode 100644 index b5e8ecbefc532d3..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/overview/index.js +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/** - * Logstash Overview - */ -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { routeInitProvider } from '../../../lib/route_init'; -import template from './index.html'; -import { Legacy } from '../../../legacy_shims'; -import { Overview } from '../../../components/logstash/overview'; -import { MonitoringViewBaseController } from '../../base_controller'; -import { CODE_PATH_LOGSTASH } from '../../../../common/constants'; - -function getPageData($injector) { - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/logstash`; - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - }) - .then((response) => response.data) - .catch((err) => { - const Private = $injector.get('Private'); - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} - -uiRoutes.when('/logstash', { - template, - resolve: { - clusters: function (Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_LOGSTASH] }); - }, - pageData: getPageData, - }, - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - super({ - title: 'Logstash', - pageTitle: i18n.translate('xpack.monitoring.logstash.overview.pageTitle', { - defaultMessage: 'Logstash overview', - }), - getPageData, - reactNodeId: 'monitoringLogstashOverviewApp', - $scope, - $injector, - }); - - $scope.$watch( - () => this.data, - (data) => { - this.renderReact( - - ); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/logstash/pipeline/index.html b/x-pack/plugins/monitoring/public/views/logstash/pipeline/index.html deleted file mode 100644 index afd1d994f1e9cbc..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/pipeline/index.html +++ /dev/null @@ -1,12 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/logstash/pipeline/index.js b/x-pack/plugins/monitoring/public/views/logstash/pipeline/index.js deleted file mode 100644 index dd7bcc8436358b2..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/pipeline/index.js +++ /dev/null @@ -1,181 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * Logstash Node Pipeline View - */ -import React from 'react'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import moment from 'moment'; -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { routeInitProvider } from '../../../lib/route_init'; -import { CALCULATE_DURATION_SINCE, CODE_PATH_LOGSTASH } from '../../../../common/constants'; -import { formatTimestampToDuration } from '../../../../common/format_timestamp_to_duration'; -import template from './index.html'; -import { i18n } from '@kbn/i18n'; -import { List } from '../../../components/logstash/pipeline_viewer/models/list'; -import { PipelineState } from '../../../components/logstash/pipeline_viewer/models/pipeline_state'; -import { PipelineViewer } from '../../../components/logstash/pipeline_viewer'; -import { Pipeline } from '../../../components/logstash/pipeline_viewer/models/pipeline'; -import { vertexFactory } from '../../../components/logstash/pipeline_viewer/models/graph/vertex_factory'; -import { MonitoringViewBaseController } from '../../base_controller'; -import { EuiPageBody, EuiPage, EuiPageContent } from '@elastic/eui'; - -let previousPipelineHash = undefined; -let detailVertexId = undefined; - -function getPageData($injector) { - const $route = $injector.get('$route'); - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const minIntervalSeconds = $injector.get('minIntervalSeconds'); - const Private = $injector.get('Private'); - - const { ccs, cluster_uuid: clusterUuid } = globalState; - const pipelineId = $route.current.params.id; - const pipelineHash = $route.current.params.hash || ''; - - // Pipeline version was changed, so clear out detailVertexId since that vertex won't - // exist in the updated pipeline version - if (pipelineHash !== previousPipelineHash) { - previousPipelineHash = pipelineHash; - detailVertexId = undefined; - } - - const url = pipelineHash - ? `../api/monitoring/v1/clusters/${clusterUuid}/logstash/pipeline/${pipelineId}/${pipelineHash}` - : `../api/monitoring/v1/clusters/${clusterUuid}/logstash/pipeline/${pipelineId}`; - return $http - .post(url, { - ccs, - detailVertexId, - }) - .then((response) => response.data) - .then((data) => { - data.versions = data.versions.map((version) => { - const relativeFirstSeen = formatTimestampToDuration( - version.firstSeen, - CALCULATE_DURATION_SINCE - ); - const relativeLastSeen = formatTimestampToDuration( - version.lastSeen, - CALCULATE_DURATION_SINCE - ); - - const fudgeFactorSeconds = 2 * minIntervalSeconds; - const isLastSeenCloseToNow = Date.now() - version.lastSeen <= fudgeFactorSeconds * 1000; - - return { - ...version, - relativeFirstSeen: i18n.translate( - 'xpack.monitoring.logstash.pipeline.relativeFirstSeenAgoLabel', - { - defaultMessage: '{relativeFirstSeen} ago', - values: { relativeFirstSeen }, - } - ), - relativeLastSeen: isLastSeenCloseToNow - ? i18n.translate('xpack.monitoring.logstash.pipeline.relativeLastSeenNowLabel', { - defaultMessage: 'now', - }) - : i18n.translate('xpack.monitoring.logstash.pipeline.relativeLastSeenAgoLabel', { - defaultMessage: 'until {relativeLastSeen} ago', - values: { relativeLastSeen }, - }), - }; - }); - - return data; - }) - .catch((err) => { - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -} - -uiRoutes.when('/logstash/pipelines/:id/:hash?', { - template, - resolve: { - clusters(Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_LOGSTASH] }); - }, - pageData: getPageData, - }, - controller: class extends MonitoringViewBaseController { - constructor($injector, $scope) { - const config = $injector.get('config'); - const dateFormat = config.get('dateFormat'); - - super({ - title: i18n.translate('xpack.monitoring.logstash.pipeline.routeTitle', { - defaultMessage: 'Logstash - Pipeline', - }), - storageKey: 'logstash.pipelines', - getPageData, - reactNodeId: 'monitoringLogstashPipelineApp', - $scope, - options: { - enableTimeFilter: false, - }, - $injector, - }); - - const timeseriesTooltipXValueFormatter = (xValue) => moment(xValue).format(dateFormat); - - const setDetailVertexId = (vertex) => { - if (!vertex) { - detailVertexId = undefined; - } else { - detailVertexId = vertex.id; - } - - return this.updateData(); - }; - - $scope.$watch( - () => this.data, - (data) => { - if (!data || !data.pipeline) { - return; - } - this.setPageTitle( - i18n.translate('xpack.monitoring.logstash.pipeline.pageTitle', { - defaultMessage: 'Logstash pipeline: {pipeline}', - values: { - pipeline: data.pipeline.id, - }, - }) - ); - this.pipelineState = new PipelineState(data.pipeline); - this.detailVertex = data.vertex ? vertexFactory(null, data.vertex) : null; - this.renderReact( - - - - - - - - ); - } - ); - - $scope.$on('$destroy', () => { - previousPipelineHash = undefined; - detailVertexId = undefined; - }); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/logstash/pipelines/index.html b/x-pack/plugins/monitoring/public/views/logstash/pipelines/index.html deleted file mode 100644 index bef8a7a4737f3ad..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/pipelines/index.html +++ /dev/null @@ -1,7 +0,0 @@ - -
- diff --git a/x-pack/plugins/monitoring/public/views/logstash/pipelines/index.js b/x-pack/plugins/monitoring/public/views/logstash/pipelines/index.js deleted file mode 100644 index f3121687f17db2a..000000000000000 --- a/x-pack/plugins/monitoring/public/views/logstash/pipelines/index.js +++ /dev/null @@ -1,130 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { find } from 'lodash'; -import { uiRoutes } from '../../../angular/helpers/routes'; -import { ajaxErrorHandlersProvider } from '../../../lib/ajax_error_handler'; -import { routeInitProvider } from '../../../lib/route_init'; -import { isPipelineMonitoringSupportedInVersion } from '../../../lib/logstash/pipelines'; -import template from './index.html'; -import { Legacy } from '../../../legacy_shims'; -import { PipelineListing } from '../../../components/logstash/pipeline_listing/pipeline_listing'; -import { MonitoringViewBaseEuiTableController } from '../..'; -import { CODE_PATH_LOGSTASH } from '../../../../common/constants'; - -/* - * Logstash Pipelines Listing page - */ - -const getPageData = ($injector, _api = undefined, routeOptions = {}) => { - _api; // to fix eslint - const $http = $injector.get('$http'); - const globalState = $injector.get('globalState'); - const Private = $injector.get('Private'); - - const url = `../api/monitoring/v1/clusters/${globalState.cluster_uuid}/logstash/pipelines`; - const timeBounds = Legacy.shims.timefilter.getBounds(); - - return $http - .post(url, { - ccs: globalState.ccs, - timeRange: { - min: timeBounds.min.toISOString(), - max: timeBounds.max.toISOString(), - }, - ...routeOptions, - }) - .then((response) => response.data) - .catch((err) => { - const ajaxErrorHandlers = Private(ajaxErrorHandlersProvider); - return ajaxErrorHandlers(err); - }); -}; - -function makeUpgradeMessage(logstashVersions) { - if ( - !Array.isArray(logstashVersions) || - logstashVersions.length === 0 || - logstashVersions.some(isPipelineMonitoringSupportedInVersion) - ) { - return null; - } - - return 'Pipeline monitoring is only available in Logstash version 6.0.0 or higher.'; -} - -uiRoutes.when('/logstash/pipelines', { - template, - resolve: { - clusters(Private) { - const routeInit = Private(routeInitProvider); - return routeInit({ codePaths: [CODE_PATH_LOGSTASH] }); - }, - }, - controller: class LogstashPipelinesList extends MonitoringViewBaseEuiTableController { - constructor($injector, $scope) { - super({ - title: i18n.translate('xpack.monitoring.logstash.pipelines.routeTitle', { - defaultMessage: 'Logstash Pipelines', - }), - pageTitle: i18n.translate('xpack.monitoring.logstash.pipelines.pageTitle', { - defaultMessage: 'Logstash pipelines', - }), - storageKey: 'logstash.pipelines', - getPageData, - reactNodeId: 'monitoringLogstashPipelinesApp', - $scope, - $injector, - fetchDataImmediately: false, // We want to apply pagination before sending the first request - }); - - const $route = $injector.get('$route'); - const config = $injector.get('config'); - this.data = $route.current.locals.pageData; - const globalState = $injector.get('globalState'); - $scope.cluster = find($route.current.locals.clusters, { - cluster_uuid: globalState.cluster_uuid, - }); - - const renderReact = (pageData) => { - if (!pageData) { - return; - } - - const upgradeMessage = pageData - ? makeUpgradeMessage(pageData.clusterStatus.versions, i18n) - : null; - - const pagination = { - ...this.pagination, - totalItemCount: pageData.totalPipelineCount, - }; - - super.renderReact( - this.onBrush({ xaxis })} - stats={pageData.clusterStatus} - data={pageData.pipelines} - {...this.getPaginationTableProps(pagination)} - upgradeMessage={upgradeMessage} - dateFormat={config.get('dateFormat')} - /> - ); - }; - - $scope.$watch( - () => this.data, - (pageData) => { - renderReact(pageData); - } - ); - } - }, -}); diff --git a/x-pack/plugins/monitoring/public/views/no_data/controller.js b/x-pack/plugins/monitoring/public/views/no_data/controller.js deleted file mode 100644 index 4a6a73dfb201066..000000000000000 --- a/x-pack/plugins/monitoring/public/views/no_data/controller.js +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; -import { - ClusterSettingsChecker, - NodeSettingsChecker, - Enabler, - startChecks, -} from '../../lib/elasticsearch_settings'; -import { ModelUpdater } from './model_updater'; -import { NoData } from '../../components'; -import { CODE_PATH_LICENSE } from '../../../common/constants'; -import { MonitoringViewBaseController } from '../base_controller'; -import { i18n } from '@kbn/i18n'; -import { Legacy } from '../../legacy_shims'; - -export class NoDataController extends MonitoringViewBaseController { - constructor($injector, $scope) { - window.injectorThree = $injector; - const monitoringClusters = $injector.get('monitoringClusters'); - const $http = $injector.get('$http'); - const checkers = [new ClusterSettingsChecker($http), new NodeSettingsChecker($http)]; - - const getData = async () => { - let catchReason; - try { - const monitoringClustersData = await monitoringClusters(undefined, undefined, [ - CODE_PATH_LICENSE, - ]); - if (monitoringClustersData && monitoringClustersData.length) { - window.history.replaceState(null, null, '#/home'); - return monitoringClustersData; - } - } catch (err) { - if (err && err.status === 503) { - catchReason = { - property: 'custom', - message: err.data.message, - }; - } - } - - this.errors.length = 0; - if (catchReason) { - this.reason = catchReason; - } else if (!this.isCollectionEnabledUpdating && !this.isCollectionIntervalUpdating) { - /** - * `no-use-before-define` is fine here, since getData is an async function. - * Needs to be done this way, since there is no `this` before super is executed - * */ - await startChecks(checkers, updateModel); // eslint-disable-line no-use-before-define - } - }; - - super({ - title: i18n.translate('xpack.monitoring.noData.routeTitle', { - defaultMessage: 'Setup Monitoring', - }), - getPageData: async () => await getData(), - reactNodeId: 'noDataReact', - $scope, - $injector, - }); - Object.assign(this, this.getDefaultModel()); - - //Need to set updateModel after super since there is no `this` otherwise - const { updateModel } = new ModelUpdater($scope, this); - const enabler = new Enabler($http, updateModel); - $scope.$watch( - () => this, - () => { - if (this.isCollectionEnabledUpdated && !this.reason) { - return; - } - this.render(enabler); - }, - true - ); - } - - getDefaultModel() { - return { - errors: [], // errors can happen from trying to check or set ES settings - checkMessage: null, // message to show while waiting for api response - isLoading: true, // flag for in-progress state of checking for no data reason - isCollectionEnabledUpdating: false, // flags to indicate whether to show a spinner while waiting for ajax - isCollectionEnabledUpdated: false, - isCollectionIntervalUpdating: false, - isCollectionIntervalUpdated: false, - }; - } - - render(enabler) { - const props = this; - this.renderReact(); - } -} diff --git a/x-pack/plugins/monitoring/public/views/no_data/index.html b/x-pack/plugins/monitoring/public/views/no_data/index.html deleted file mode 100644 index c6fc97b639f4239..000000000000000 --- a/x-pack/plugins/monitoring/public/views/no_data/index.html +++ /dev/null @@ -1,5 +0,0 @@ - -
-
-
- diff --git a/x-pack/plugins/monitoring/public/views/no_data/index.js b/x-pack/plugins/monitoring/public/views/no_data/index.js deleted file mode 100644 index 4bbc490ce29edee..000000000000000 --- a/x-pack/plugins/monitoring/public/views/no_data/index.js +++ /dev/null @@ -1,15 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { uiRoutes } from '../../angular/helpers/routes'; -import template from './index.html'; -import { NoDataController } from './controller'; - -uiRoutes.when('/no-data', { - template, - controller: NoDataController, -}); diff --git a/x-pack/plugins/monitoring/public/views/no_data/model_updater.js b/x-pack/plugins/monitoring/public/views/no_data/model_updater.js deleted file mode 100644 index 115dc782162a7fc..000000000000000 --- a/x-pack/plugins/monitoring/public/views/no_data/model_updater.js +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * Class for handling model updates of an Angular controller - * Some properties are simple primitives like strings or booleans, - * but sometimes we need a property in the model to be an Array. For example, - * there may be multiple errors that happen in a flow. - * - * I use 1 method to handling property values that are either primitives or - * arrays, because it allows the callers to be a little more dumb. All they - * have to know is the property name, rather than the type as well. - */ -export class ModelUpdater { - constructor($scope, model) { - this.$scope = $scope; - this.model = model; - this.updateModel = this.updateModel.bind(this); - } - - updateModel(properties) { - const { $scope, model } = this; - const keys = Object.keys(properties); - $scope.$evalAsync(() => { - keys.forEach((key) => { - if (Array.isArray(model[key])) { - model[key].push(properties[key]); - } else { - model[key] = properties[key]; - } - }); - }); - } -} diff --git a/x-pack/plugins/monitoring/public/views/no_data/model_updater.test.js b/x-pack/plugins/monitoring/public/views/no_data/model_updater.test.js deleted file mode 100644 index b286bfb10a9e4a5..000000000000000 --- a/x-pack/plugins/monitoring/public/views/no_data/model_updater.test.js +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ModelUpdater } from './model_updater'; - -describe('Model Updater for Angular Controller with React Components', () => { - let $scope; - let model; - let updater; - - beforeEach(() => { - $scope = {}; - $scope.$evalAsync = (cb) => cb(); - - model = {}; - - updater = new ModelUpdater($scope, model); - jest.spyOn(updater, 'updateModel'); - }); - - test('should successfully construct an object', () => { - expect(typeof updater).toBe('object'); - expect(updater.updateModel).not.toHaveBeenCalled(); - }); - - test('updateModel method should add properties to the model', () => { - expect(typeof updater).toBe('object'); - updater.updateModel({ - foo: 'bar', - bar: 'baz', - error: 'monkeywrench', - }); - expect(model).toEqual({ - foo: 'bar', - bar: 'baz', - error: 'monkeywrench', - }); - }); - - test('updateModel method should push properties to the model if property is originally an array', () => { - model.errors = ['first']; - updater.updateModel({ - errors: 'second', - primitive: 'hello', - }); - expect(model).toEqual({ - errors: ['first', 'second'], - primitive: 'hello', - }); - }); -}); diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 2e17a38e83c683d..41cc7825bcf36b0 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -17940,8 +17940,7 @@ "xpack.monitoring.cluster.overview.logstashPanel.withPersistentQueuesLabel": "永続キューあり", "xpack.monitoring.cluster.overview.pageTitle": "クラスターの概要", "xpack.monitoring.cluster.overviewTitle": "概要", - "xpack.monitoring.clusterAlertsNavigation.clusterAlertsLinkText": "クラスターアラート", - "xpack.monitoring.clustersNavigation.clustersLinkText": "クラスター", + "xpack.monitoring.cluster.listing.tabTitle": "クラスター", "xpack.monitoring.clusterStats.uuidNotFoundErrorMessage": "選択された時間範囲にクラスターが見つかりませんでした。UUID:{clusterUuid}", "xpack.monitoring.clusterStats.uuidNotSpecifiedErrorMessage": "{clusterUuid} が指定されていません", "xpack.monitoring.elasticsearch.ccr.ccrListingTable.alertsColumnTitle": "アラート", @@ -17953,10 +17952,10 @@ "xpack.monitoring.elasticsearch.ccr.ccrListingTable.syncLagOpsColumnTitle": "同期の遅延(オペレーション数)", "xpack.monitoring.elasticsearch.ccr.heading": "CCR", "xpack.monitoring.elasticsearch.ccr.pageTitle": "Elasticsearch - CCR", - "xpack.monitoring.elasticsearch.ccr.routeTitle": "Elasticsearch - CCR", + "xpack.monitoring.elasticsearch.ccr.title": "Elasticsearch - CCR", "xpack.monitoring.elasticsearch.ccr.shard.instanceTitle": "インデックス{followerIndex} シャード:{shardId}", "xpack.monitoring.elasticsearch.ccr.shard.pageTitle": "Elasticsearch Ccrシャード - インデックス:{followerIndex} シャード:{shardId}", - "xpack.monitoring.elasticsearch.ccr.shard.routeTitle": "Elasticsearch - CCR - シャード", + "xpack.monitoring.elasticsearch.ccr.shard.title": "Elasticsearch - CCR - シャード", "xpack.monitoring.elasticsearch.ccr.shardsTable.alertsColumnTitle": "アラート", "xpack.monitoring.elasticsearch.ccr.shardsTable.errorColumnTitle": "エラー", "xpack.monitoring.elasticsearch.ccr.shardsTable.lastFetchTimeColumnTitle": "最終取得時刻", @@ -17990,7 +17989,7 @@ "xpack.monitoring.elasticsearch.indexDetailStatus.totalShardsTitle": "合計シャード数", "xpack.monitoring.elasticsearch.indexDetailStatus.totalTitle": "合計", "xpack.monitoring.elasticsearch.indexDetailStatus.unassignedShardsTitle": "未割り当てシャード", - "xpack.monitoring.elasticsearch.indices.advanced.routeTitle": "Elasticsearch - インデックス - {indexName} - 高度な設定", + "xpack.monitoring.elasticsearch.index.advanced.title": "Elasticsearch - インデックス - {indexName} - 高度な設定", "xpack.monitoring.elasticsearch.indices.alertsColumnTitle": "アラート", "xpack.monitoring.elasticsearch.indices.dataTitle": "データ", "xpack.monitoring.elasticsearch.indices.documentCountTitle": "ドキュメントカウント", @@ -17999,8 +17998,8 @@ "xpack.monitoring.elasticsearch.indices.monitoringTablePlaceholder": "インデックスのフィルタリング…", "xpack.monitoring.elasticsearch.indices.nameTitle": "名前", "xpack.monitoring.elasticsearch.indices.noIndicesMatchYourSelectionDescription": "選択項目に一致するインデックスがありません。時間範囲を変更してみてください。", - "xpack.monitoring.elasticsearch.indices.overview.pageTitle": "インデックス:{indexName}", - "xpack.monitoring.elasticsearch.indices.overview.routeTitle": "Elasticsearch - インデックス - {indexName} - 概要", + "xpack.monitoring.elasticsearch.index.overview.pageTitle": "インデックス:{indexName}", + "xpack.monitoring.elasticsearch.index.overview.title": "Elasticsearch - インデックス - {indexName} - 概要", "xpack.monitoring.elasticsearch.indices.pageTitle": "デフォルトのインデックス", "xpack.monitoring.elasticsearch.indices.routeTitle": "Elasticsearch - インデックス", "xpack.monitoring.elasticsearch.indices.searchRateTitle": "検索レート", @@ -18019,7 +18018,7 @@ "xpack.monitoring.elasticsearch.mlJobListing.statusIconLabel": "ジョブ状態:{status}", "xpack.monitoring.elasticsearch.mlJobs.pageTitle": "Elasticsearch - 機械学習ジョブ", "xpack.monitoring.elasticsearch.mlJobs.routeTitle": "Elasticsearch - 機械学習ジョブ", - "xpack.monitoring.elasticsearch.node.advanced.routeTitle": "Elasticsearch - ノード - {nodeSummaryName} - 高度な設定", + "xpack.monitoring.elasticsearch.node.advanced.title": "Elasticsearch - ノード - {nodeName} - 高度な設定", "xpack.monitoring.elasticsearch.node.cells.tooltip.iconLabel": "このメトリックの詳細", "xpack.monitoring.elasticsearch.node.cells.tooltip.max": "最高値", "xpack.monitoring.elasticsearch.node.cells.tooltip.min": "最低値", @@ -18028,7 +18027,7 @@ "xpack.monitoring.elasticsearch.node.cells.trendingDownText": "ダウン", "xpack.monitoring.elasticsearch.node.cells.trendingUpText": "アップ", "xpack.monitoring.elasticsearch.node.overview.pageTitle": "Elasticsearchノード:{node}", - "xpack.monitoring.elasticsearch.node.overview.routeTitle": "Elasticsearch - ノード - {nodeName} - 概要", + "xpack.monitoring.elasticsearch.node.overview.title": "Elasticsearch - ノード - {nodeName} - 概要", "xpack.monitoring.elasticsearch.node.statusIconLabel": "ステータス:{status}", "xpack.monitoring.elasticsearch.nodeDetailStatus.alerts": "アラート", "xpack.monitoring.elasticsearch.nodeDetailStatus.dataLabel": "データ", @@ -18117,8 +18116,7 @@ "xpack.monitoring.es.nodeType.nodeLabel": "ノード", "xpack.monitoring.esNavigation.ccrLinkText": "CCR", "xpack.monitoring.esNavigation.indicesLinkText": "インデックス", - "xpack.monitoring.esNavigation.instance.advancedLinkText": "高度な設定", - "xpack.monitoring.esNavigation.instance.overviewLinkText": "概要", + "xpack.monitoring.esItemNavigation.advancedLinkText": "高度な設定", "xpack.monitoring.esNavigation.jobsLinkText": "機械学習ジョブ", "xpack.monitoring.esNavigation.nodesLinkText": "ノード", "xpack.monitoring.esNavigation.overviewLinkText": "概要", @@ -18237,7 +18235,6 @@ "xpack.monitoring.logstash.node.advanced.pageTitle": "Logstashノード:{nodeName}", "xpack.monitoring.logstash.node.advanced.routeTitle": "Logstash - {nodeName} - 高度な設定", "xpack.monitoring.logstash.node.pageTitle": "Logstashノード:{nodeName}", - "xpack.monitoring.logstash.node.pipelines.notAvailableDescription": "パイプラインの監視は Logstash バージョン 6.0.0 以降でのみ利用できます。このノードはバージョン {logstashVersion} を実行しています。", "xpack.monitoring.logstash.node.pipelines.pageTitle": "Logstashノードパイプライン:{nodeName}", "xpack.monitoring.logstash.node.pipelines.routeTitle": "Logstash - {nodeName} - パイプライン", "xpack.monitoring.logstash.node.routeTitle": "Logstash - {nodeName}", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index d990312f5d61973..54811936957ab55 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -18215,8 +18215,7 @@ "xpack.monitoring.cluster.overview.logstashPanel.withPersistentQueuesLabel": "持久性队列", "xpack.monitoring.cluster.overview.pageTitle": "集群概览", "xpack.monitoring.cluster.overviewTitle": "概览", - "xpack.monitoring.clusterAlertsNavigation.clusterAlertsLinkText": "集群告警", - "xpack.monitoring.clustersNavigation.clustersLinkText": "集群", + "xpack.monitoring.cluster.listing.tabTitle": "集群", "xpack.monitoring.clusterStats.uuidNotFoundErrorMessage": "在选定时间范围内找不到该集群。UUID:{clusterUuid}", "xpack.monitoring.clusterStats.uuidNotSpecifiedErrorMessage": "{clusterUuid} 未指定", "xpack.monitoring.elasticsearch.ccr.ccrListingTable.alertsColumnTitle": "告警", @@ -18228,10 +18227,10 @@ "xpack.monitoring.elasticsearch.ccr.ccrListingTable.syncLagOpsColumnTitle": "同步延迟(操作)", "xpack.monitoring.elasticsearch.ccr.heading": "CCR", "xpack.monitoring.elasticsearch.ccr.pageTitle": "Elasticsearch Ccr", - "xpack.monitoring.elasticsearch.ccr.routeTitle": "Elasticsearch - CCR", + "xpack.monitoring.elasticsearch.ccr.title": "Elasticsearch - CCR", "xpack.monitoring.elasticsearch.ccr.shard.instanceTitle": "索引:{followerIndex} 分片:{shardId}", "xpack.monitoring.elasticsearch.ccr.shard.pageTitle": "Elasticsearch Ccr 分片 - 索引:{followerIndex} 分片:{shardId}", - "xpack.monitoring.elasticsearch.ccr.shard.routeTitle": "Elasticsearch - CCR - 分片", + "xpack.monitoring.elasticsearch.ccr.shard.title": "Elasticsearch - CCR - 分片", "xpack.monitoring.elasticsearch.ccr.shardsTable.alertsColumnTitle": "告警", "xpack.monitoring.elasticsearch.ccr.shardsTable.errorColumnTitle": "错误", "xpack.monitoring.elasticsearch.ccr.shardsTable.lastFetchTimeColumnTitle": "上次提取时间", @@ -18265,7 +18264,7 @@ "xpack.monitoring.elasticsearch.indexDetailStatus.totalShardsTitle": "分片合计", "xpack.monitoring.elasticsearch.indexDetailStatus.totalTitle": "合计", "xpack.monitoring.elasticsearch.indexDetailStatus.unassignedShardsTitle": "未分配分片", - "xpack.monitoring.elasticsearch.indices.advanced.routeTitle": "Elasticsearch - 索引 - {indexName} - 高级", + "xpack.monitoring.elasticsearch.index.advanced.title": "Elasticsearch - 索引 - {indexName} - 高级", "xpack.monitoring.elasticsearch.indices.alertsColumnTitle": "告警", "xpack.monitoring.elasticsearch.indices.dataTitle": "数据", "xpack.monitoring.elasticsearch.indices.documentCountTitle": "文档计数", @@ -18274,8 +18273,8 @@ "xpack.monitoring.elasticsearch.indices.monitoringTablePlaceholder": "筛选索引……", "xpack.monitoring.elasticsearch.indices.nameTitle": "名称", "xpack.monitoring.elasticsearch.indices.noIndicesMatchYourSelectionDescription": "没有索引匹配您的选择。请尝试更改时间范围选择。", - "xpack.monitoring.elasticsearch.indices.overview.pageTitle": "索引:{indexName}", - "xpack.monitoring.elasticsearch.indices.overview.routeTitle": "Elasticsearch - 索引 - {indexName} - 概览", + "xpack.monitoring.elasticsearch.index.overview.pageTitle": "索引:{indexName}", + "xpack.monitoring.elasticsearch.index.overview.title": "Elasticsearch - 索引 - {indexName} - 概览", "xpack.monitoring.elasticsearch.indices.pageTitle": "Elasticsearch 索引", "xpack.monitoring.elasticsearch.indices.routeTitle": "Elasticsearch - 索引", "xpack.monitoring.elasticsearch.indices.searchRateTitle": "搜索速率", @@ -18294,7 +18293,7 @@ "xpack.monitoring.elasticsearch.mlJobListing.statusIconLabel": "作业状态:{status}", "xpack.monitoring.elasticsearch.mlJobs.pageTitle": "Elasticsearch Machine Learning 作业", "xpack.monitoring.elasticsearch.mlJobs.routeTitle": "Elasticsearch - Machine Learning 作业", - "xpack.monitoring.elasticsearch.node.advanced.routeTitle": "Elasticsearch - 节点 - {nodeSummaryName} - 高级", + "xpack.monitoring.elasticsearch.node.advanced.title": "Elasticsearch - 节点 - {nodeName} - 高级", "xpack.monitoring.elasticsearch.node.cells.tooltip.iconLabel": "有关此指标的更多信息", "xpack.monitoring.elasticsearch.node.cells.tooltip.max": "最大值", "xpack.monitoring.elasticsearch.node.cells.tooltip.min": "最小值", @@ -18303,7 +18302,7 @@ "xpack.monitoring.elasticsearch.node.cells.trendingDownText": "向下", "xpack.monitoring.elasticsearch.node.cells.trendingUpText": "向上", "xpack.monitoring.elasticsearch.node.overview.pageTitle": "Elasticsearch 节点:{node}", - "xpack.monitoring.elasticsearch.node.overview.routeTitle": "Elasticsearch - 节点 - {nodeName} - 概览", + "xpack.monitoring.elasticsearch.node.overview.title": "Elasticsearch - 节点 - {nodeName} - 概览", "xpack.monitoring.elasticsearch.node.statusIconLabel": "状态:{status}", "xpack.monitoring.elasticsearch.nodeDetailStatus.alerts": "告警", "xpack.monitoring.elasticsearch.nodeDetailStatus.dataLabel": "数据", @@ -18392,8 +18391,7 @@ "xpack.monitoring.es.nodeType.nodeLabel": "节点", "xpack.monitoring.esNavigation.ccrLinkText": "CCR", "xpack.monitoring.esNavigation.indicesLinkText": "索引", - "xpack.monitoring.esNavigation.instance.advancedLinkText": "高级", - "xpack.monitoring.esNavigation.instance.overviewLinkText": "概览", + "xpack.monitoring.esItemNavigation.advancedLinkText": "高级", "xpack.monitoring.esNavigation.jobsLinkText": "Machine Learning 作业", "xpack.monitoring.esNavigation.nodesLinkText": "节点", "xpack.monitoring.esNavigation.overviewLinkText": "概览", @@ -18512,7 +18510,6 @@ "xpack.monitoring.logstash.node.advanced.pageTitle": "Logstash 节点:{nodeName}", "xpack.monitoring.logstash.node.advanced.routeTitle": "Logstash - {nodeName} - 高级", "xpack.monitoring.logstash.node.pageTitle": "Logstash 节点:{nodeName}", - "xpack.monitoring.logstash.node.pipelines.notAvailableDescription": "仅 Logstash 版本 6.0.0 或更高版本提供管道监测功能。此节点正在运行版本 {logstashVersion}。", "xpack.monitoring.logstash.node.pipelines.pageTitle": "Logstash 节点管道:{nodeName}", "xpack.monitoring.logstash.node.pipelines.routeTitle": "Logstash - {nodeName} - 管道", "xpack.monitoring.logstash.node.routeTitle": "Logstash - {nodeName}", From dba055c6543409ff1ca4f1d9f7d46f44963d8da1 Mon Sep 17 00:00:00 2001 From: Trevor Pierce <1Copenut@users.noreply.github.com> Date: Mon, 18 Oct 2021 11:41:53 -0500 Subject: [PATCH 50/50] Replace Inspector's EuiPopover with EuiComboBox (#113566) * Replacing EuiPopover with EuiComboBox * The combobox will help alleviate issues when the list of options is very long * Refactoring the Combobox to listen for change events * Added an onChange handler * Renamed the method to render the combobox * Commented out additional blocks of code before final refactor * Finished refactoring the Request Selector to use EUI Combobox * Removed three helper methods for the EUIPopover. * `togglePopover()` * `closePopover()` * `renderRequestDropdownItem()` * Removed the local state object and interface (no longer needed) * Renamed the const `options` to `selectedOptions` in `handleSelectd()` method to better reflect where the options array was coming from. * Updating tests and translations * Fixed the inspector functional test to use comboBox service * Removed two unused translations * Updating Combobox options to pass data-test-sub string * Updated two tests for Combobox single option * Updated the test expectations to the default string * Both tests were looking for a named string instead of a default message * Adding error handling to Inspector combobox * Checking for the item status code * Adding a " (failed)" message if the status code returns `2` * Updating test to look for "Chart_data" instead of "Chartdata" * Updating two tests to validate single combobox options * Added helper method to check default text against combobox options * Added helper method to get the selected combobox option * Checking two inspector instances using helpers * Adding a defensive check to helper method. * Correct a type error in test return * Adding back translated failLabel Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Nathan L Smith --- .../requests/components/request_selector.tsx | 142 +++++------------- test/functional/apps/discover/_inspector.ts | 4 +- test/functional/apps/visualize/_vega_chart.ts | 6 +- test/functional/services/inspector.ts | 43 ++++-- .../translations/translations/ja-JP.json | 1 - .../translations/translations/zh-CN.json | 1 - .../apps/maps/embeddable/dashboard.js | 7 +- 7 files changed, 85 insertions(+), 119 deletions(-) diff --git a/src/plugins/inspector/public/views/requests/components/request_selector.tsx b/src/plugins/inspector/public/views/requests/components/request_selector.tsx index 2d94c7ff5bb1840..04fac0bd93b7e55 100644 --- a/src/plugins/inspector/public/views/requests/components/request_selector.tsx +++ b/src/plugins/inspector/public/views/requests/components/request_selector.tsx @@ -13,118 +13,73 @@ import { i18n } from '@kbn/i18n'; import { EuiBadge, - EuiButtonEmpty, - EuiContextMenuPanel, - EuiContextMenuItem, + EuiComboBox, + EuiComboBoxOptionOption, EuiFlexGroup, EuiFlexItem, EuiLoadingSpinner, - EuiPopover, - EuiTextColor, EuiToolTip, } from '@elastic/eui'; import { RequestStatus } from '../../../../common/adapters'; import { Request } from '../../../../common/adapters/request/types'; -interface RequestSelectorState { - isPopoverOpen: boolean; -} - interface RequestSelectorProps { requests: Request[]; selectedRequest: Request; - onRequestChanged: Function; + onRequestChanged: (request: Request) => void; } -export class RequestSelector extends Component { +export class RequestSelector extends Component { static propTypes = { requests: PropTypes.array.isRequired, selectedRequest: PropTypes.object.isRequired, onRequestChanged: PropTypes.func, }; - state = { - isPopoverOpen: false, - }; + handleSelected = (selectedOptions: Array>) => { + const selectedOption = this.props.requests.find( + (request) => request.id === selectedOptions[0].value + ); - togglePopover = () => { - this.setState((prevState: RequestSelectorState) => ({ - isPopoverOpen: !prevState.isPopoverOpen, - })); + if (selectedOption) { + this.props.onRequestChanged(selectedOption); + } }; - closePopover = () => { - this.setState({ - isPopoverOpen: false, + renderRequestCombobox() { + const options = this.props.requests.map((item) => { + const hasFailed = item.status === RequestStatus.ERROR; + const testLabel = item.name.replace(/\s+/, '_'); + + return { + 'data-test-subj': `inspectorRequestChooser${testLabel}`, + label: hasFailed + ? `${item.name} ${i18n.translate('inspector.requests.failedLabel', { + defaultMessage: ' (failed)', + })}` + : item.name, + value: item.id, + }; }); - }; - - renderRequestDropdownItem = (request: Request, index: number) => { - const hasFailed = request.status === RequestStatus.ERROR; - const inProgress = request.status === RequestStatus.PENDING; return ( - { - this.props.onRequestChanged(request); - this.closePopover(); - }} - toolTipContent={request.description} - toolTipPosition="left" - data-test-subj={`inspectorRequestChooser${request.name}`} - > - - {request.name} - - {hasFailed && ( - - )} - - {inProgress && ( - - )} - - - ); - }; - - renderRequestDropdown() { - const button = ( - - {this.props.selectedRequest.name} - - ); - - return ( - - - + isClearable={false} + onChange={this.handleSelected} + options={options} + prepend="Request" + selectedOptions={[ + { + label: this.props.selectedRequest.name, + value: this.props.selectedRequest.id, + }, + ]} + singleSelection={{ asPlainText: true }} + /> ); } @@ -132,23 +87,8 @@ export class RequestSelector extends Component - - - - - - - {requests.length <= 1 && ( -
- {selectedRequest.name} -
- )} - {requests.length > 1 && this.renderRequestDropdown()} - + + {requests.length && this.renderRequestCombobox()} {selectedRequest.status !== RequestStatus.PENDING && ( { - const requests = await inspector.getRequestNames(); + const singleExampleRequest = await inspector.hasSingleRequest(); + const selectedExampleRequest = await inspector.getSelectedOption(); - expect(requests).to.be('Unnamed request #0'); + expect(singleExampleRequest).to.be(true); + expect(selectedExampleRequest).to.equal('Unnamed request #0'); }); it('should log the request statistic', async () => { diff --git a/test/functional/services/inspector.ts b/test/functional/services/inspector.ts index 5364dbebe904c09..753d9b7b0b85ea7 100644 --- a/test/functional/services/inspector.ts +++ b/test/functional/services/inspector.ts @@ -16,6 +16,7 @@ export class InspectorService extends FtrService { private readonly flyout = this.ctx.getService('flyout'); private readonly testSubjects = this.ctx.getService('testSubjects'); private readonly find = this.ctx.getService('find'); + private readonly comboBox = this.ctx.getService('comboBox'); private async getIsEnabled(): Promise { const ariaDisabled = await this.testSubjects.getAttribute('openInspectorButton', 'disabled'); @@ -206,20 +207,29 @@ export class InspectorService extends FtrService { } /** - * Returns request name as the comma-separated string + * Returns the selected option value from combobox */ - public async getRequestNames(): Promise { + public async getSelectedOption(): Promise { await this.openInspectorRequestsView(); - const requestChooserExists = await this.testSubjects.exists('inspectorRequestChooser'); - if (requestChooserExists) { - await this.testSubjects.click('inspectorRequestChooser'); - const menu = await this.testSubjects.find('inspectorRequestChooserMenuPanel'); - const requestNames = await menu.getVisibleText(); - return requestNames.trim().split('\n').join(','); + const selectedOption = await this.comboBox.getComboBoxSelectedOptions( + 'inspectorRequestChooser' + ); + + if (selectedOption.length !== 1) { + return 'Combobox has multiple options'; } - const singleRequest = await this.testSubjects.find('inspectorRequestName'); - return await singleRequest.getVisibleText(); + return selectedOption[0]; + } + + /** + * Returns request name as the comma-separated string from combobox + */ + public async getRequestNames(): Promise { + await this.openInspectorRequestsView(); + + const comboBoxOptions = await this.comboBox.getOptionsList('inspectorRequestChooser'); + return comboBoxOptions.trim().split('\n').join(','); } public getOpenRequestStatisticButton() { @@ -233,4 +243,17 @@ export class InspectorService extends FtrService { public getOpenRequestDetailResponseButton() { return this.testSubjects.find('inspectorRequestDetailResponse'); } + + /** + * Returns true if the value equals the combobox options list + * @param value default combobox single option text + */ + public async hasSingleRequest( + value: string = "You've selected all available options" + ): Promise { + await this.openInspectorRequestsView(); + const comboBoxOptions = await this.comboBox.getOptionsList('inspectorRequestChooser'); + + return value === comboBoxOptions; + } } diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 41cc7825bcf36b0..79d092cebe366f6 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -4162,7 +4162,6 @@ "inspector.requests.noRequestsLoggedTitle": "リクエストが記録されていません", "inspector.requests.requestFailedTooltipTitle": "リクエストに失敗しました", "inspector.requests.requestInProgressAriaLabel": "リクエストが進行中", - "inspector.requests.requestLabel": "リクエスト:", "inspector.requests.requestsDescriptionTooltip": "データを収集したリクエストを表示します", "inspector.requests.requestsTitle": "リクエスト", "inspector.requests.requestSucceededTooltipTitle": "リクエスト成功", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 54811936957ab55..c80cd968f38a89c 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -4201,7 +4201,6 @@ "inspector.requests.noRequestsLoggedTitle": "未记录任何请求", "inspector.requests.requestFailedTooltipTitle": "请求失败", "inspector.requests.requestInProgressAriaLabel": "进行中的请求", - "inspector.requests.requestLabel": "请求:", "inspector.requests.requestsDescriptionTooltip": "查看已收集数据的请求", "inspector.requests.requestsTitle": "请求", "inspector.requests.requestSucceededTooltipTitle": "请求成功", diff --git a/x-pack/test/functional/apps/maps/embeddable/dashboard.js b/x-pack/test/functional/apps/maps/embeddable/dashboard.js index 6c962c98c6a988f..a892a0d547339fe 100644 --- a/x-pack/test/functional/apps/maps/embeddable/dashboard.js +++ b/x-pack/test/functional/apps/maps/embeddable/dashboard.js @@ -77,9 +77,12 @@ export default function ({ getPageObjects, getService }) { await inspector.close(); await dashboardPanelActions.openInspectorByTitle('geo grid vector grid example'); - const gridExampleRequestNames = await inspector.getRequestNames(); + const singleExampleRequest = await inspector.hasSingleRequest(); + const selectedExampleRequest = await inspector.getSelectedOption(); await inspector.close(); - expect(gridExampleRequestNames).to.equal('logstash-*'); + + expect(singleExampleRequest).to.be(true); + expect(selectedExampleRequest).to.equal('logstash-*'); }); it('should apply container state (time, query, filters) to embeddable when loaded', async () => {
-
-
-
-
-
-
-

{{pageTitle || monitoringMain.instance}}

-
-
-
-
-
- - -
-
-
- - - - - - - - - - - - - - - -
-
-