Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EMT-248: implement ack resource to accept event payload to acknowledge agent actions #60218

Merged
merged 8 commits into from
Mar 16, 2020
Merged

EMT-248: implement ack resource to accept event payload to acknowledge agent actions #60218

merged 8 commits into from
Mar 16, 2020

Conversation

nnamdifrankie
Copy link
Contributor

@nnamdifrankie nnamdifrankie commented Mar 15, 2020
edited
Loading

Summary

https://github.com/elastic/endpoint-app-team/issues/248
This change implements the acknowledgment api for agent actions. It provides a richer payload for agent to respond to actions using the event schema. The request from the agents are stored as event saved objects.

Change Notes:

  1. Changed PostAgentAcksRequest to /api/ingest_manager/fleet/agents/[agent id]/acks

Now expect AgentEvent as body

PostAgentAcksRequest {
  body: {
    events: AgentEvent[];
  };
  params: {
    agentId: string;
  };
}

All events and all actions must belong to the currently authorized agent.

  1. Introduced a type for the return PostAgentAcksResponse, but the body remained unchanged.
PostAgentAcksResponse {
  action: string;
  success: boolean;
}

Checklist

@nnamdifrankie nnamdifrankie added v7.7.0 v8.0.0 release_note:skip Skip the PR/issue when compiling release notes and removed v7.7.0 labels Mar 15, 2020
@nnamdifrankie nnamdifrankie changed the title EMT-248: initial check in to see if we get a clean build EMT-248: implement ack resource to accept event payload to acknowledge agent actions Mar 16, 2020
@nnamdifrankie
Copy link
Contributor Author

@elasticmachine merge upstream

nnamdifrankie
nnamdifrankie commented Mar 16, 2020
View reviewed changes
x-pack/plugins/ingest_manager/server/routes/agent/acks_handlers.ts Outdated
const body: PostAgentAcksResponse = {
action: 'acks',
success: true,
items: [...agentActions],
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want to return the updated actions?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's not going to be used by agent so we can remove it

Copy link
Contributor Author

@nnamdifrankie nnamdifrankie Mar 16, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, so a simple ack is fine. Also noticed it was a ton of data so it makes sense.

@nchaulet nchaulet added Feature:EPM Fleet team's Elastic Package Manager (aka Integrations) project Feature:Fleet Fleet team's agent central management project labels Mar 16, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/ingest-management (Feature:Fleet)

@nchaulet nchaulet added v7.7.0 and removed v8.0.0 labels Mar 16, 2020
@nchaulet
Copy link
Member

This is changing the contract with agents cc @michalpristas @ph

@nchaulet
Copy link
Member

@michalpristas @ph I think we could restrict type and subtype of events send during acknowledgement, what are the possible values you are going to send?

nchaulet
nchaulet approved these changes Mar 16, 2020
View reviewed changes
Copy link
Member

@nchaulet nchaulet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀 maybe we can add more restriction and allow only ACTION_RESULT as event type for now

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@nnamdifrankie nnamdifrankie merged commit 69ec60d into elastic:master Mar 16, 2020
@nnamdifrankie nnamdifrankie deleted the EMT-248_implement_action_acks branch March 16, 2020 21:18
@nnamdifrankie nnamdifrankie mentioned this pull request Mar 16, 2020
Merged
jen-huang pushed a commit that referenced this pull request Mar 17, 2020
@nnamdifrankie
EMT-248: implement ack resource to accept event payload to acknowledg…
1c968e1 
…e agent actions (#60218) (#60324)

[Ingest]EMT-248: implement ack resource to accept event payload to acknowledge agent actions
gmmorris added a commit to gmmorris/kibana that referenced this pull request Mar 17, 2020
@gmmorris
Merge branch 'master' into alerting/tls-warning
ff11eb0 
* master: (30 commits)
  [TSVB] fix text color when using custom background color (elastic#60261)
  Fix import to timefilter from in TSVB (elastic#60296)
  [NP] Get rid of usage redirectWhenMissing service (elastic#59777)
  [SIEM] Fix Timeline footer styling (elastic#59587)
  [ML] Fixes to error handling for analytics jobs and file data viz (elastic#60249)
  Give better stack traces for Unhandled Promise Rejection warnings (elastic#60235)
  resolves elastic#58905 (elastic#60120)
  Added variables button for text fields in Pagerduty component. (elastic#60189)
  adds test that action vars are rendered for alert action parms (elastic#60310)
  Closes 59786 by removing the update toast (elastic#60172)
  [EPM] Packages list tabs (elastic#60167)
  Added message variables button for Webhook body form field (elastic#60174)
  Revert "adds new test (elastic#60064)"
  [Maps] move MapSavedObject type out of telemetry (elastic#60127)
  [Reporting] Fix error handling for job handler in route (elastic#60161)
  [Endpoint] TEST: verify alerts page header says 'Alerts' (elastic#60206)
  EMT-248: implement ack resource to accept event payload to acknowledge agent actions (elastic#60218)
  Migrate dual validated range (elastic#59689)
  Embeddable triggers (elastic#58440)
  [Endpoint] Sample data generator CLI script (elastic#59952)
  ...
@jen-huang jen-huang added the Team:Fleet Team label for Observability Data Collection Fleet team label Mar 26, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nchaulet nchaulet nchaulet approved these changes

Assignees

@nnamdifrankie nnamdifrankie

Labels
Feature:EPM Fleet team's Elastic Package Manager (aka Integrations) project Feature:Fleet Fleet team's agent central management project release_note:skip Skip the PR/issue when compiling release notes Team:Fleet Team label for Observability Data Collection Fleet team v7.7.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@nnamdifrankie @elasticmachine @nchaulet @kibanamachine @jen-huang