[Endpoint] EMT-65: make endpoint data types common, restructure (#54772)

[Endpoint] EMT-65: make endpoint data types common, use schema changes
elastic · Jan 27, 2020 · 9301531 · 9301531
1 parent aa695ec
commit 9301531
Show file tree

Hide file tree

Showing 13 changed files with 739 additions and 484 deletions.
diff --git a/x-pack/plugins/endpoint/common/types.ts b/x-pack/plugins/endpoint/common/types.ts
@@ -0,0 +1,46 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export class EndpointAppConstants {
+  static ENDPOINT_INDEX_NAME = 'endpoint-agent*';
+}
+
+export interface EndpointResultList {
+  // the endpoint restricted by the page size
+  endpoints: EndpointMetadata[];
+  // the total number of unique endpoints in the index
+  total: number;
+  // the page size requested
+  request_page_size: number;
+  // the index requested
+  request_page_index: number;
+}
+
+export interface EndpointMetadata {
+  event: {
+    created: Date;
+  };
+  endpoint: {
+    policy: {
+      id: string;
+    };
+  };
+  agent: {
+    version: string;
+    id: string;
+  };
+  host: {
+    id: string;
+    hostname: string;
+    ip: string[];
+    mac: string[];
+    os: {
+      name: string;
+      full: string;
+      version: string;
+    };
+  };
+}
diff --git a/x-pack/plugins/endpoint/server/plugin.ts b/x-pack/plugins/endpoint/server/plugin.ts
@@ -8,8 +8,8 @@ import { first } from 'rxjs/operators';
 import { addRoutes } from './routes';
 import { PluginSetupContract as FeaturesPluginSetupContract } from '../../features/server';
 import { createConfig$, EndpointConfigType } from './config';
-import { EndpointAppContext } from './types';
 import { registerEndpointRoutes } from './routes/endpoints';
+import { EndpointAppContext } from './types';
 
 export type EndpointPluginStart = void;
 export type EndpointPluginSetup = void;

diff --git a/x-pack/plugins/endpoint/server/routes/endpoints.test.ts b/x-pack/plugins/endpoint/server/routes/endpoints.test.ts
@@ -18,9 +18,9 @@ import {
   httpServiceMock,
   loggingServiceMock,
 } from '../../../../../src/core/server/mocks';
-import { EndpointData } from '../types';
+import { EndpointMetadata, EndpointResultList } from '../../common/types';
 import { SearchResponse } from 'elasticsearch';
-import { EndpointResultList, registerEndpointRoutes } from './endpoints';
+import { registerEndpointRoutes } from './endpoints';
 import { EndpointConfigSchema } from '../config';
 import * as data from '../test_data/all_endpoints_data.json';
 
@@ -49,8 +49,8 @@ describe('test endpoint route', () => {
   it('test find the latest of all endpoints', async () => {
     const mockRequest = httpServerMock.createKibanaRequest({});
 
-    const response: SearchResponse<EndpointData> = (data as unknown) as SearchResponse<
-      EndpointData
+    const response: SearchResponse<EndpointMetadata> = (data as unknown) as SearchResponse<
+      EndpointMetadata
     >;
     mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response));
     [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) =>
@@ -73,9 +73,9 @@ describe('test endpoint route', () => {
     expect(routeConfig.options).toEqual({ authRequired: true });
     expect(mockResponse.ok).toBeCalled();
     const endpointResultList = mockResponse.ok.mock.calls[0][0]?.body as EndpointResultList;
-    expect(endpointResultList.endpoints.length).toEqual(3);
-    expect(endpointResultList.total).toEqual(3);
-    expect(endpointResultList.request_index).toEqual(0);
+    expect(endpointResultList.endpoints.length).toEqual(2);
+    expect(endpointResultList.total).toEqual(2);
+    expect(endpointResultList.request_page_index).toEqual(0);
     expect(endpointResultList.request_page_size).toEqual(10);
   });
 
@@ -93,7 +93,7 @@ describe('test endpoint route', () => {
       },
     });
     mockScopedClient.callAsCurrentUser.mockImplementationOnce(() =>
-      Promise.resolve((data as unknown) as SearchResponse<EndpointData>)
+      Promise.resolve((data as unknown) as SearchResponse<EndpointMetadata>)
     );
     [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) =>
       path.startsWith('/api/endpoint/endpoints')
@@ -115,9 +115,9 @@ describe('test endpoint route', () => {
     expect(routeConfig.options).toEqual({ authRequired: true });
     expect(mockResponse.ok).toBeCalled();
     const endpointResultList = mockResponse.ok.mock.calls[0][0]?.body as EndpointResultList;
-    expect(endpointResultList.endpoints.length).toEqual(3);
-    expect(endpointResultList.total).toEqual(3);
-    expect(endpointResultList.request_index).toEqual(10);
+    expect(endpointResultList.endpoints.length).toEqual(2);
+    expect(endpointResultList.total).toEqual(2);
+    expect(endpointResultList.request_page_index).toEqual(10);
     expect(endpointResultList.request_page_size).toEqual(10);
   });
 });
diff --git a/x-pack/plugins/endpoint/server/routes/endpoints.ts b/x-pack/plugins/endpoint/server/routes/endpoints.ts
@@ -7,22 +7,13 @@
 import { IRouter } from 'kibana/server';
 import { SearchResponse } from 'elasticsearch';
 import { schema } from '@kbn/config-schema';
-import { EndpointAppContext, EndpointData } from '../types';
+
 import { kibanaRequestToEndpointListQuery } from '../services/endpoint/endpoint_query_builders';
+import { EndpointMetadata, EndpointResultList } from '../../common/types';
+import { EndpointAppContext } from '../types';
 
 interface HitSource {
-  _source: EndpointData;
-}
-
-export interface EndpointResultList {
-  // the endpoint restricted by the page size
-  endpoints: EndpointData[];
-  // the total number of unique endpoints in the index
-  total: number;
-  // the page size requested
-  request_page_size: number;
-  // the index requested
-  request_index: number;
+  _source: EndpointMetadata;
 }
 
 export function registerEndpointRoutes(router: IRouter, endpointAppContext: EndpointAppContext) {
@@ -53,7 +44,7 @@ export function registerEndpointRoutes(router: IRouter, endpointAppContext: Endp
         const response = (await context.core.elasticsearch.dataClient.callAsCurrentUser(
           'search',
           queryParams
-        )) as SearchResponse<EndpointData>;
+        )) as SearchResponse<EndpointMetadata>;
         return res.ok({ body: mapToEndpointResultList(queryParams, response) });
       } catch (err) {
         return res.internalError({ body: err });
@@ -64,13 +55,13 @@ export function registerEndpointRoutes(router: IRouter, endpointAppContext: Endp
 
 function mapToEndpointResultList(
   queryParams: Record<string, any>,
-  searchResponse: SearchResponse<EndpointData>
+  searchResponse: SearchResponse<EndpointMetadata>
 ): EndpointResultList {
   const totalNumberOfEndpoints = searchResponse?.aggregations?.total?.value || 0;
   if (searchResponse.hits.hits.length > 0) {
     return {
       request_page_size: queryParams.size,
-      request_index: queryParams.from,
+      request_page_index: queryParams.from,
       endpoints: searchResponse.hits.hits
         .map(response => response.inner_hits.most_recent.hits.hits)
         .flatMap(data => data as HitSource)
@@ -80,7 +71,7 @@ function mapToEndpointResultList(
   } else {
     return {
       request_page_size: queryParams.size,
-      request_index: queryParams.from,
+      request_page_index: queryParams.from,
       total: totalNumberOfEndpoints,
       endpoints: [],
     };

diff --git a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.test.ts b/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.test.ts
@@ -23,23 +23,23 @@ describe('test query builder', () => {
             match_all: {},
           },
           collapse: {
-            field: 'machine_id',
+            field: 'host.id.keyword',
             inner_hits: {
               name: 'most_recent',
               size: 1,
-              sort: [{ created_at: 'desc' }],
+              sort: [{ 'event.created': 'desc' }],
             },
           },
           aggs: {
             total: {
               cardinality: {
-                field: 'machine_id',
+                field: 'host.id.keyword',
               },
             },
           },
           sort: [
             {
-              created_at: {
+              'event.created': {
                 order: 'desc',
               },
             },

diff --git a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.ts b/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.ts
@@ -4,7 +4,8 @@
  * you may not use this file except in compliance with the Elastic License.
  */
 import { KibanaRequest } from 'kibana/server';
-import { EndpointAppConstants, EndpointAppContext } from '../../types';
+import { EndpointAppConstants } from '../../../common/types';
+import { EndpointAppContext } from '../../types';
 
 export const kibanaRequestToEndpointListQuery = async (
   request: KibanaRequest<any, any, any>,
@@ -17,23 +18,23 @@ export const kibanaRequestToEndpointListQuery = async (
         match_all: {},
       },
       collapse: {
-        field: 'machine_id',
+        field: 'host.id.keyword',
         inner_hits: {
           name: 'most_recent',
           size: 1,
-          sort: [{ created_at: 'desc' }],
+          sort: [{ 'event.created': 'desc' }],
         },
       },
       aggs: {
         total: {
           cardinality: {
-            field: 'machine_id',
+            field: 'host.id.keyword',
           },
         },
       },
       sort: [
         {
-          created_at: {
+          'event.created': {
             order: 'desc',
           },
         },