Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Mapping cleanup for Signals Migration Saved Object #154949

Merged
merged 8 commits into from
Apr 20, 2023
Merged

[Security Solution] Mapping cleanup for Signals Migration Saved Object #154949

merged 8 commits into from
Apr 20, 2023

Conversation

rylnd
Copy link
Contributor

@rylnd rylnd commented Apr 13, 2023
edited
Loading

Summary

These fields are captured in schema elsewhere (and validated there as well).

This effort is part of elastic/security-team#6268.

@rylnd
Remove nonindexed mappings(?) from Signals Migration SO
d8bc31d 
These fields are captured in schema elsewhere (and validated there as
well).

This effort is part of @elastic/security-teamelastic#6268.
@rylnd rylnd added technical debt Improvement of the software architecture and operational architecture release_note:skip Skip the PR/issue when compiling release notes backport:skip This commit does not require backporting Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.8.0 labels Apr 13, 2023
@rylnd rylnd self-assigned this Apr 13, 2023
@rylnd
Update jest snapshot following change to SO mappings
05a0d0a
@rylnd
Merge branch 'main' into cleanup_signals_migration_so
6ed16e4
@rylnd
Prevent elasticsearch from adding dynamic mappings to our migrations SO
0ccbb0f
@rylnd
Update snapshot after adding dynamic:false declaration
0900808
@rylnd
Adds back a necessary date field
008d5c4 
After deleting this field, test failures reminded me that we use this as
a sortField when checking the migration status, so we need the field in
some capacity.

This previously worked despite the field being `index: false` because
elasticsearch is able to sort on doc_values
(https://www.elastic.co/guide/en/elasticsearch/reference/current/doc-values.html)

However, in order to make this sorting more efficient, and because we'll
never be able to remove `index: false` moving forward, I'm removing it
here. This implicitly adds a mapping for this field.
@rylnd
Update snapshot following readdition of updated field
aac029d
@rylnd
Merge branch 'main' into cleanup_signals_migration_so
811c21a
@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

Saved Objects .kibana field count

Every field in each saved object type adds overhead to Elasticsearch. Kibana needs to keep the total field count below Elasticsearch's default limit of 1000 fields. Only specify field mappings for the fields you wish to search on or query. See https://www.elastic.co/guide/en/kibana/master/saved-objects-service.html#_mappings

id before after diff
security-solution-signals-migration 11 4 -7
Unknown metric groups

ESLint disabled line counts

id before after diff
securitySolution 432 435 +3

Total ESLint disabled count

id before after diff
securitySolution 512 515 +3

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @rylnd

@rylnd rylnd marked this pull request as ready for review April 18, 2023 16:37
@rylnd rylnd requested review from a team as code owners April 18, 2023 16:37
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@rylnd
Copy link
Contributor Author

rylnd commented Apr 18, 2023

cc @rudolf

@rylnd rylnd merged commit 2773faa into elastic:main Apr 20, 2023
@rylnd rylnd deleted the cleanup_signals_migration_so branch April 20, 2023 20:13
nikitaindik pushed a commit to nikitaindik/kibana that referenced this pull request Apr 25, 2023
@rylnd @nikitaindik
[Security Solution] Mapping cleanup for Signals Migration Saved Object (
7ebc367 
elastic#154949)

## Summary

These fields are captured in schema elsewhere (and validated there as
well).

This effort is part of elastic/security-team#6268.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rudolf rudolf rudolf approved these changes

@marshallmain marshallmain marshallmain approved these changes

Assignees

@rylnd rylnd

Labels
backport:skip This commit does not require backporting release_note:skip Skip the PR/issue when compiling release notes Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. technical debt Improvement of the software architecture and operational architecture v8.8.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@rylnd @kibana-ci @elasticmachine @rudolf @marshallmain