Skip to content

Commit

Permalink
[Security Solution] [Detections] adds log info level for logging in c…
Browse files Browse the repository at this point in the history
…loud (elastic#89941)
  • Loading branch information
dhurley14 committed Feb 2, 2021
1 parent c951f4e commit 908e943
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,7 @@ export const searchAfterAndBulkCreate = async ({
interval,
buildRuleMessage,
});
const tuplesToBeLogged = [...totalToFromTuples];
logger.debug(buildRuleMessage(`totalToFromTuples: ${totalToFromTuples.length}`));

while (totalToFromTuples.length > 0) {
Expand Down Expand Up @@ -294,5 +295,6 @@ export const searchAfterAndBulkCreate = async ({
}
}
logger.debug(buildRuleMessage(`[+] completed bulk index of ${toReturn.createdSignalsCount}`));
toReturn.totalToFromTuples = tuplesToBeLogged;
return toReturn;
};
Original file line number Diff line number Diff line change
Expand Up @@ -670,6 +670,21 @@ export const signalRulesAlertType = ({
lastLookBackDate: result.lastLookBackDate?.toISOString(),
});
}

// adding this log line so we can get some information from cloud
logger.info(
buildRuleMessage(
`[+] Finished indexing ${result.createdSignalsCount} ${
!isEmpty(result.totalToFromTuples)
? `signals searched between date ranges ${JSON.stringify(
result.totalToFromTuples,
null,
2
)}`
: ''
}`
)
);
} else {
const errorMessage = buildRuleMessage(
'Bulk Indexing of signals failed:',
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
*/

import { DslQuery, Filter } from 'src/plugins/data/common';
import moment from 'moment';
import moment, { Moment } from 'moment';
import { Status } from '../../../../common/detection_engine/schemas/common/schemas';
import { RulesSchema } from '../../../../common/detection_engine/schemas/response/rules_schema';
import {
Expand Down Expand Up @@ -263,6 +263,11 @@ export interface SearchAfterAndBulkCreateReturnType {
createdSignalsCount: number;
createdSignals: SignalHit[];
errors: string[];
totalToFromTuples?: Array<{
to: Moment | undefined;
from: Moment | undefined;
maxSignals: number;
}>;
}

export interface ThresholdAggregationBucket extends TermAggregationBucket {
Expand Down

0 comments on commit 908e943

Please sign in to comment.