Skip to content

Commit

Permalink
[Event Log] Adding type_id to saved object array in event log (#100939
Browse files Browse the repository at this point in the history 
)

* Adding new fields to event log mapping

* Populating new event log fields when executing rules and actions

* Fixing functional tests

* Adding actionTypeId

* Putting type ids into saved object array

* Fixing functional tests

* Cleanup

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
  • Loading branch information
@ymao1 @kibanamachine
ymao1 and kibanamachine authored Jun 4, 2021
1 parent f7b5f00 commit c13ae7e
Show file tree
Hide file tree
Showing 13 changed files with 81 additions and 15 deletions.
1 change: 1 addition & 0 deletions x-pack/plugins/actions/server/lib/action_executor.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,7 @@ export class ActionExecutor {
rel: SAVED_OBJECT_REL_PRIMARY,
type: 'action',
id: actionId,
type_id: actionTypeId,
...namespace,
},
],
Expand Down
2 changes: 2 additions & 0 deletions x-pack/plugins/alerting/server/task_runner/create_execution_handler.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -166,10 +166,12 @@ test('enqueues execution per selected action', async () => {
"id": "1",
"rel": "primary",
"type": "alert",
"type_id": "test",
},
Object {
"id": "1",
"type": "action",
"type_id": "test",
},
],
},
Expand Down
10 changes: 8 additions & 2 deletions x-pack/plugins/alerting/server/task_runner/create_execution_handler.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,8 +182,14 @@ export function createExecutionHandler<
action_subgroup: actionSubgroup,
},
saved_objects: [
{ rel: SAVED_OBJECT_REL_PRIMARY, type: 'alert', id: alertId, ...namespace },
{ type: 'action', id: action.id, ...namespace },
{
rel: SAVED_OBJECT_REL_PRIMARY,
type: 'alert',
id: alertId,
type_id: alertType.id,
...namespace,
},
{ type: 'action', id: action.id, type_id: action.actionTypeId, ...namespace },
],
},
};
Expand Down
24 changes: 24 additions & 0 deletions x-pack/plugins/alerting/server/task_runner/task_runner.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -278,6 +278,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand Down Expand Up @@ -385,6 +386,7 @@ describe('Task Runner', () => {
namespace: undefined,
rel: 'primary',
type: 'alert',
type_id: 'test',
},
],
},
Expand All @@ -406,6 +408,7 @@ describe('Task Runner', () => {
namespace: undefined,
rel: 'primary',
type: 'alert',
type_id: 'test',
},
],
},
Expand All @@ -428,11 +431,13 @@ describe('Task Runner', () => {
namespace: undefined,
rel: 'primary',
type: 'alert',
type_id: 'test',
},
{
id: '1',
namespace: undefined,
type: 'action',
type_id: 'action',
},
],
},
Expand All @@ -455,6 +460,7 @@ describe('Task Runner', () => {
namespace: undefined,
rel: 'primary',
type: 'alert',
type_id: 'test',
},
],
},
Expand Down Expand Up @@ -531,6 +537,7 @@ describe('Task Runner', () => {
namespace: undefined,
rel: 'primary',
type: 'alert',
type_id: 'test',
},
],
},
Expand All @@ -551,6 +558,7 @@ describe('Task Runner', () => {
namespace: undefined,
rel: 'primary',
type: 'alert',
type_id: 'test',
},
],
},
Expand All @@ -572,6 +580,7 @@ describe('Task Runner', () => {
namespace: undefined,
rel: 'primary',
type: 'alert',
type_id: 'test',
},
],
},
Expand Down Expand Up @@ -702,6 +711,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand All @@ -725,6 +735,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand Down Expand Up @@ -931,6 +942,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand All @@ -953,6 +965,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand All @@ -976,11 +989,13 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
Object {
"id": "1",
"namespace": undefined,
"type": "action",
"type_id": "action",
},
],
},
Expand All @@ -1004,6 +1019,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand Down Expand Up @@ -1386,6 +1402,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand All @@ -1408,6 +1425,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand All @@ -1431,6 +1449,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand Down Expand Up @@ -1641,6 +1660,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand Down Expand Up @@ -1700,6 +1720,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand Down Expand Up @@ -1767,6 +1788,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand Down Expand Up @@ -1834,6 +1856,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand Down Expand Up @@ -1900,6 +1923,7 @@ describe('Task Runner', () => {
"namespace": undefined,
"rel": "primary",
"type": "alert",
"type_id": "test",
},
],
},
Expand Down
5 changes: 5 additions & 0 deletions x-pack/plugins/alerting/server/task_runner/task_runner.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -331,6 +331,7 @@ export class TaskRunner<
alertId,
alertLabel,
namespace,
ruleTypeId: alert.alertTypeId,
});

if (!muteAll) {
Expand Down Expand Up @@ -493,6 +494,7 @@ export class TaskRunner<
rel: SAVED_OBJECT_REL_PRIMARY,
type: 'alert',
id: alertId,
type_id: this.alertType.id,
namespace,
},
],
Expand Down Expand Up @@ -598,6 +600,7 @@ interface GenerateNewAndRecoveredInstanceEventsParams<
alertId: string;
alertLabel: string;
namespace: string | undefined;
ruleTypeId: string;
}

function generateNewAndRecoveredInstanceEvents<
Expand All @@ -611,6 +614,7 @@ function generateNewAndRecoveredInstanceEvents<
currentAlertInstances,
originalAlertInstances,
recoveredAlertInstances,
ruleTypeId,
} = params;
const originalAlertInstanceIds = Object.keys(originalAlertInstances);
const currentAlertInstanceIds = Object.keys(currentAlertInstances);
Expand Down Expand Up @@ -664,6 +668,7 @@ function generateNewAndRecoveredInstanceEvents<
rel: SAVED_OBJECT_REL_PRIMARY,
type: 'alert',
id: alertId,
type_id: ruleTypeId,
namespace,
},
],
Expand Down
4 changes: 4 additions & 0 deletions x-pack/plugins/event_log/generated/mappings.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -275,6 +275,10 @@
"type": {
"type": "keyword",
"ignore_above": 1024
},
"type_id": {
"type": "keyword",
"ignore_above": 1024
}
}
}
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/event_log/generated/schemas.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,7 @@ export const EventSchema = schema.maybe(
namespace: ecsString(),
id: ecsString(),
type: ecsString(),
type_id: ecsString(),
})
)
),
Expand Down
4 changes: 4 additions & 0 deletions x-pack/plugins/event_log/scripts/mappings.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,10 @@ exports.EcsCustomPropertyMappings = {
type: 'keyword',
ignore_above: 1024,
},
type_id: {
type: 'keyword',
ignore_above: 1024,
},
},
},
},
Expand Down
5 changes: 4 additions & 1 deletion x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/execute.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,7 @@ export default function ({ getService }: FtrProviderContext) {
spaceId: space.id,
connectorId: createdAction.id,
outcome: 'success',
actionTypeId: 'test.index-record',
message: `action executed: test.index-record:${createdAction.id}: My action`,
});
break;
Expand Down Expand Up @@ -502,13 +503,14 @@ export default function ({ getService }: FtrProviderContext) {
interface ValidateEventLogParams {
spaceId: string;
connectorId: string;
actionTypeId: string;
outcome: string;
message: string;
errorMessage?: string;
}

async function validateEventLog(params: ValidateEventLogParams): Promise<void> {
const { spaceId, connectorId, outcome, message, errorMessage } = params;
const { spaceId, connectorId, actionTypeId, outcome, message, errorMessage } = params;

const events: IValidatedEvent[] = await retry.try(async () => {
return await getEventLog({
Expand Down Expand Up @@ -549,6 +551,7 @@ export default function ({ getService }: FtrProviderContext) {
rel: 'primary',
type: 'action',
id: connectorId,
type_id: actionTypeId,
namespace: spaceId,
},
]);
Expand Down
5 changes: 4 additions & 1 deletion x-pack/test/alerting_api_integration/security_and_spaces/tests/alerting/alerts.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -214,6 +214,7 @@ instanceStateValue: true
await validateEventLog({
spaceId: space.id,
alertId,
ruleTypeId: 'test.always-firing',
outcome: 'success',
message: `alert executed: test.always-firing:${alertId}: 'abc'`,
});
Expand Down Expand Up @@ -1244,13 +1245,14 @@ instanceStateValue: true
interface ValidateEventLogParams {
spaceId: string;
alertId: string;
ruleTypeId: string;
outcome: string;
message: string;
errorMessage?: string;
}

async function validateEventLog(params: ValidateEventLogParams): Promise<void> {
const { spaceId, alertId, outcome, message, errorMessage } = params;
const { spaceId, alertId, ruleTypeId, outcome, message, errorMessage } = params;

const events: IValidatedEvent[] = await retry.try(async () => {
return await getEventLog({
Expand Down Expand Up @@ -1291,6 +1293,7 @@ instanceStateValue: true
type: 'alert',
id: alertId,
namespace: spaceId,
type_id: ruleTypeId,
},
]);

Expand Down
2 changes: 1 addition & 1 deletion x-pack/test/alerting_api_integration/security_and_spaces/tests/alerting/event_log.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ export default function eventLogTests({ getService }: FtrProviderContext) {

validateEvent(event, {
spaceId,
savedObjects: [{ type: 'alert', id: alertId, rel: 'primary' }],
savedObjects: [{ type: 'alert', id: alertId, rel: 'primary', type_id: 'test.noop' }],
outcome: 'failure',
message: `test.noop:${alertId}: execution failed`,
errorMessage: 'Unable to decrypt attribute "apiKey"',
Expand Down
Loading

0 comments on commit c13ae7e

Please sign in to comment.