More unit tests, fixes one mispelled thing

x-pack/plugins/security_solution/server/usage/queries/utils/get_event_log_by_type_and_status.test.ts

@@ -6,10 +6,7 @@
  */
 
 import type { EventLogStatusMetric } from '../../detections/rules/types';
-import {
-  elasticsearchServiceMock,
-  loggingSystemMock,
-} from '../../../../../../../src/core/server/mocks';
+import { elasticsearchServiceMock, loggingSystemMock } from 'src/core/server/mocks';
 import { getInitialEventLogUsage } from '../../detections/rules/get_initial_usage';
 import {
   getAllEventLogTransform,

x-pack/plugins/security_solution/server/usage/queries/utils/transform_categories.test.ts

@@ -0,0 +1,153 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { Top10Failure } from '../../detections/rules/types';
+import { transformCategories } from './transform_categories';
+
+describe('transform_categories', () => {
+  test('it transforms an empty array into an empty object', () => {
+    const result = transformCategories({
+      buckets: [],
+    });
+    expect(result).toEqual<Top10Failure>({});
+  });
+
+  test('it transforms a single element into a single output', () => {
+    const result = transformCategories({
+      buckets: [
+        {
+          doc_count: 6,
+          key: 'category-1',
+        },
+      ],
+    });
+    expect(result).toEqual<Top10Failure>({
+      '1': {
+        count: 6,
+        message: 'category-1',
+      },
+    });
+  });
+
+  test('it transforms 2 elements into 2 outputs', () => {
+    const result = transformCategories({
+      buckets: [
+        {
+          doc_count: 6,
+          key: 'category-1',
+        },
+        {
+          doc_count: 5,
+          key: 'category-2',
+        },
+      ],
+    });
+    expect(result).toEqual<Top10Failure>({
+      '1': {
+        count: 6,
+        message: 'category-1',
+      },
+      '2': {
+        count: 5,
+        message: 'category-2',
+      },
+    });
+  });
+
+  test('it transforms 11 elements into only 10 outputs', () => {
+    const result = transformCategories({
+      buckets: [
+        {
+          doc_count: 11,
+          key: 'category-11',
+        },
+        {
+          doc_count: 10,
+          key: 'category-10',
+        },
+        {
+          doc_count: 9,
+          key: 'category-9',
+        },
+        {
+          doc_count: 8,
+          key: 'category-8',
+        },
+        {
+          doc_count: 7,
+          key: 'category-7',
+        },
+        {
+          doc_count: 6,
+          key: 'category-6',
+        },
+        {
+          doc_count: 5,
+          key: 'category-5',
+        },
+        {
+          doc_count: 4,
+          key: 'category-4',
+        },
+        {
+          doc_count: 3,
+          key: 'category-3',
+        },
+        {
+          doc_count: 2,
+          key: 'category-2',
+        },
+        {
+          doc_count: 1,
+          key: 'category-1',
+        },
+      ],
+    });
+    expect(result).toEqual<Top10Failure>({
+      '1': {
+        message: 'category-11',
+        count: 11,
+      },
+      '2': {
+        message: 'category-10',
+        count: 10,
+      },
+      '3': {
+        message: 'category-9',
+        count: 9,
+      },
+      '4': {
+        message: 'category-8',
+        count: 8,
+      },
+      '5': {
+        message: 'category-7',
+        count: 7,
+      },
+      '6': {
+        message: 'category-6',
+        count: 6,
+      },
+      '7': {
+        message: 'category-5',
+        count: 5,
+      },
+      '8': {
+        message: 'category-4',
+        count: 4,
+      },
+      '9': {
+        message: 'category-3',
+        count: 3,
+      },
+      '10': {
+        message: 'category-2',
+        count: 2,
+      },
+    });
+  });
+});

x-pack/plugins/security_solution/server/usage/queries/utils/transform_category_bucket.test.ts

@@ -0,0 +1,27 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { FailureMessage } from '../../detections/rules/types';
+import { transformCategoryBucket } from './transform_category_bucket';
+
+describe('transform_category_bucket', () => {
+  test('it will transform a bucket sent in', () => {
+    const result = transformCategoryBucket({
+      key: 'test-123',
+      doc_count: 10,
+    });
+    expect(result).toEqual<FailureMessage>({
+      message: 'test-123',
+      count: 10,
+    });
+  });
+
+  test('it will return undefined if the bucket is undefined', () => {
+    const result = transformCategoryBucket(undefined);
+    expect(result).toEqual(undefined);
+  });
+});

x-pack/plugins/security_solution/server/usage/queries/utils/transform_event_log_type_status.test.ts

@@ -0,0 +1,47 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { SingleEventLogStatusMetric } from '../../detections/rules/types';
+import { loggingSystemMock } from 'src/core/server/mocks';
+import {
+  getElasticLogCustomRules,
+  getEventLogAllRules,
+  getEventLogAllRulesResult,
+  getEventLogCustomRulesResult,
+  getEventLogElasticRules,
+  getEventLogElasticRulesResult,
+} from '../../detections/rules/get_metrics.mocks';
+import { transformEventLogTypeStatus } from './transform_event_log_type_status';
+
+describe('transform_event_log_type_status', () => {
+  test('returns expected transform for all rules results', () => {
+    const logger = loggingSystemMock.createLogger();
+    const result = transformEventLogTypeStatus({
+      logger,
+      aggs: getEventLogAllRules().aggregations,
+    });
+    expect(result).toEqual<SingleEventLogStatusMetric>(getEventLogAllRulesResult());
+  });
+
+  test('returns expected transform for elastic rules results', () => {
+    const logger = loggingSystemMock.createLogger();
+    const result = transformEventLogTypeStatus({
+      logger,
+      aggs: getEventLogElasticRules().aggregations,
+    });
+    expect(result).toEqual<SingleEventLogStatusMetric>(getEventLogElasticRulesResult());
+  });
+
+  test('returns expected transform for custom rules results', () => {
+    const logger = loggingSystemMock.createLogger();
+    const result = transformEventLogTypeStatus({
+      logger,
+      aggs: getElasticLogCustomRules().aggregations,
+    });
+    expect(result).toEqual<SingleEventLogStatusMetric>(getEventLogCustomRulesResult());
+  });
+});

x-pack/plugins/security_solution/server/usage/queries/utils/transform_event_log_type_status.ts

@@ -10,7 +10,7 @@ import type { EventLogTypeStatusAggs } from '../../types';
 import type { SingleEventLogStatusMetric } from '../../detections/rules/types';
 import { getInitialSingleEventLogUsage } from '../../detections/rules/get_initial_usage';
 import { countTotals } from './count_totals';
-import { transformSingleRuleMetric } from './transform_signle_rule_metric';
+import { transformSingleRuleMetric } from './transform_single_rule_metric';
 
 export interface TransformEventLogTypeStatusOptions {
   logger: Logger;

x-pack/plugins/security_solution/server/usage/queries/utils/transform_single_rule_metric.test.ts

@@ -0,0 +1,137 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { SingleEventMetric } from '../../detections/rules/types';
+import { transformSingleRuleMetric } from './transform_single_rule_metric';
+
+describe('transform_single_rule_metric', () => {
+  test('it transforms a single metric correctly', () => {
+    const result = transformSingleRuleMetric({
+      failed: {
+        doc_count: 325,
+        categories: {
+          buckets: [
+            {
+              doc_count: 163,
+              key: 'This rule is attempting to query data from Elasticsearch indices listed in the Index pattern section of the rule definition however no index matching blah frank was found This warning will continue to appear until matching index is created or this rule is disabled',
+            },
+            {
+              doc_count: 162,
+              key: 'This rule is attempting to query data from Elasticsearch indices listed in the Index pattern section of the rule definition however no index matching logs-endpoint.alerts was found This warning will continue to appear until matching index is created or this rule is disabled If you have recently enrolled agents enabled with Endpoint Security through Fleet this warning should stop once an alert is sent from an agent',
+            },
+          ],
+        },
+        cardinality: {
+          value: 2,
+        },
+      },
+      partialFailed: {
+        doc_count: 325,
+        categories: {
+          buckets: [
+            {
+              doc_count: 163,
+              key: 'This rule is attempting to query data from Elasticsearch indices listed in the Index pattern section of the rule definition however no index matching blah frank was found This warning will continue to appear until matching index is created or this rule is disabled',
+            },
+            {
+              doc_count: 162,
+              key: 'This rule is attempting to query data from Elasticsearch indices listed in the Index pattern section of the rule definition however no index matching logs-endpoint.alerts was found This warning will continue to appear until matching index is created or this rule is disabled If you have recently enrolled agents enabled with Endpoint Security through Fleet this warning should stop once an alert is sent from an agent',
+            },
+          ],
+        },
+        cardinality: {
+          value: 2,
+        },
+      },
+      succeeded: {
+        doc_count: 317,
+        cardinality: {
+          value: 5,
+        },
+      },
+      singleMetric: {
+        doc_count: 5,
+        maxTotalIndexDuration: {
+          value: 5,
+        },
+        avgTotalIndexDuration: {
+          value: 3,
+        },
+        minTotalIndexDuration: {
+          value: 2,
+        },
+        gapCount: {
+          value: 4,
+        },
+        maxGapDuration: {
+          value: 8,
+        },
+        avgGapDuration: {
+          value: 2,
+        },
+        minGapDuration: {
+          value: 9,
+        },
+        maxTotalSearchDuration: {
+          value: 4,
+        },
+        avgTotalSearchDuration: {
+          value: 2,
+        },
+        minTotalSearchDuration: {
+          value: 12,
+        },
+      },
+    });
+
+    expect(result).toEqual<SingleEventMetric>({
+      failed: 2,
+      top_failed: {
+        '1': {
+          message:
+            'This rule is attempting to query data from Elasticsearch indices listed in the Index pattern section of the rule definition however no index matching blah frank was found This warning will continue to appear until matching index is created or this rule is disabled',
+          count: 163,
+        },
+        '2': {
+          message:
+            'This rule is attempting to query data from Elasticsearch indices listed in the Index pattern section of the rule definition however no index matching logs-endpoint.alerts was found This warning will continue to appear until matching index is created or this rule is disabled If you have recently enrolled agents enabled with Endpoint Security through Fleet this warning should stop once an alert is sent from an agent',
+          count: 162,
+        },
+      },
+      partial_failure: 2,
+      top_partial_failure: {
+        '1': {
+          message:
+            'This rule is attempting to query data from Elasticsearch indices listed in the Index pattern section of the rule definition however no index matching blah frank was found This warning will continue to appear until matching index is created or this rule is disabled',
+          count: 163,
+        },
+        '2': {
+          message:
+            'This rule is attempting to query data from Elasticsearch indices listed in the Index pattern section of the rule definition however no index matching logs-endpoint.alerts was found This warning will continue to appear until matching index is created or this rule is disabled If you have recently enrolled agents enabled with Endpoint Security through Fleet this warning should stop once an alert is sent from an agent',
+          count: 162,
+        },
+      },
+      succeeded: 5,
+      index_duration: {
+        max: 5,
+        avg: 3,
+        min: 2,
+      },
+      search_duration: {
+        max: 4,
+        avg: 2,
+        min: 12,
+      },
+      gap_duration: {
+        max: 8,
+        avg: 2,
+        min: 9,
+      },
+      gap_count: 4,
+    });
+  });
+});