From 9685eca401d362ad8cbae1ead1494c12ae1ae42f Mon Sep 17 00:00:00 2001 From: igoristic Date: Tue, 28 Jan 2020 11:25:04 -0500 Subject: [PATCH 01/40] Resetting errors and removing duplicates (#56054) --- .../components/no_data/checker_errors.js | 32 ++++++++++++------- .../public/views/no_data/controller.js | 1 + 2 files changed, 22 insertions(+), 11 deletions(-) diff --git a/x-pack/legacy/plugins/monitoring/public/components/no_data/checker_errors.js b/x-pack/legacy/plugins/monitoring/public/components/no_data/checker_errors.js index f56f7bd099c5d..d6f57d6f7479a 100644 --- a/x-pack/legacy/plugins/monitoring/public/components/no_data/checker_errors.js +++ b/x-pack/legacy/plugins/monitoring/public/components/no_data/checker_errors.js @@ -16,17 +16,27 @@ import { import { FormattedMessage } from '@kbn/i18n/react'; const ErrorList = ({ errors }) => { - return errors.map((error, errorIndex) => { - const { message, statusCode, error: friendlyName } = error; - return ( - - - {statusCode} {friendlyName} - - {message} - - ); - }); + const errorsMap = {}; + return errors + .filter(err => { + const { statusCode, error, message } = err; + const key = `${statusCode}${error}${message}`; + if (!errorsMap[key]) { + errorsMap[key] = true; + return true; + } + }) + .map((error, errorIndex) => { + const { message, statusCode, error: friendlyName } = error; + return ( + + + {statusCode} {friendlyName} + + {message} + + ); + }); }; export function CheckerErrors(props) { diff --git a/x-pack/legacy/plugins/monitoring/public/views/no_data/controller.js b/x-pack/legacy/plugins/monitoring/public/views/no_data/controller.js index eefb8bc393091..a914aa0155e90 100644 --- a/x-pack/legacy/plugins/monitoring/public/views/no_data/controller.js +++ b/x-pack/legacy/plugins/monitoring/public/views/no_data/controller.js @@ -45,6 +45,7 @@ export class NoDataController extends MonitoringViewBaseController { } } + this.errors.length = 0; if (catchReason) { this.reason = catchReason; } else if (!this.isCollectionEnabledUpdating && !this.isCollectionIntervalUpdating) { From 30dbdf735086a7cbd8900a1ccfca8b70f4e9feeb Mon Sep 17 00:00:00 2001 From: Chris Roberson Date: Tue, 28 Jan 2020 11:29:16 -0500 Subject: [PATCH 02/40] [Monitoring] Fix inaccuracies in logstash pipeline listing metrics (#55868) * Change how we fetch pipeline listing metrics to match what other charts show * Fix tests * Fix tests Co-authored-by: Elastic Machine --- .../lib/cluster/get_clusters_from_request.js | 44 ++++---- .../lib/logstash/__tests__/get_pipelines.js | 102 +++--------------- .../lib/logstash/get_paginated_pipelines.js | 39 ++++--- .../server/lib/logstash/get_pipeline_ids.js | 47 ++++---- .../server/lib/logstash/get_pipelines.js | 99 +++++------------ .../__snapshots__/metrics.test.js.snap | 6 +- .../server/lib/metrics/logstash/classes.js | 94 ++++++---------- .../logstash/pipelines/cluster_pipelines.js | 15 +-- .../v1/logstash/pipelines/node_pipelines.js | 16 +-- 9 files changed, 151 insertions(+), 311 deletions(-) diff --git a/x-pack/legacy/plugins/monitoring/server/lib/cluster/get_clusters_from_request.js b/x-pack/legacy/plugins/monitoring/server/lib/cluster/get_clusters_from_request.js index 856ee6c7576c4..d3456eeb2fe4e 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/cluster/get_clusters_from_request.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/cluster/get_clusters_from_request.js @@ -34,6 +34,7 @@ import { checkCcrEnabled } from '../elasticsearch/ccr'; import { getStandaloneClusterDefinition, hasStandaloneClusters } from '../standalone_clusters'; import { getLogTypes } from '../logs'; import { isInCodePath } from './is_in_code_path'; +import { getLogstashPipelineIds } from '../logstash/get_pipeline_ids'; /** * Get all clusters or the cluster associated with {@code clusterUuid} when it is defined. @@ -53,6 +54,8 @@ export async function getClustersFromRequest( filebeatIndexPattern, } = indexPatterns; + const config = req.server.config(); + const size = config.get('xpack.monitoring.max_bucket_size'); const isStandaloneCluster = clusterUuid === STANDALONE_CLUSTER_CLUSTER_UUID; let clusters = []; @@ -158,25 +161,27 @@ export async function getClustersFromRequest( }); // add logstash data - const logstashes = isInCodePath(codePaths, [CODE_PATH_LOGSTASH]) - ? await getLogstashForClusters(req, lsIndexPattern, clusters) - : []; - - const clusterPipelineNodesCount = isInCodePath(codePaths, [CODE_PATH_LOGSTASH]) - ? await getPipelines(req, lsIndexPattern, null, ['logstash_cluster_pipeline_nodes_count']) - : []; - - // add the logstash data to each cluster - logstashes.forEach(logstash => { - const clusterIndex = findIndex(clusters, { cluster_uuid: logstash.clusterUuid }); - - // withhold LS overview stats until pipeline metrics have at least one full bucket - if (logstash.clusterUuid === req.params.clusterUuid && clusterPipelineNodesCount.length === 0) { - logstash.stats = {}; - } - - set(clusters[clusterIndex], 'logstash', logstash.stats); - }); + if (isInCodePath(codePaths, [CODE_PATH_LOGSTASH])) { + const logstashes = await getLogstashForClusters(req, lsIndexPattern, clusters); + const pipelines = await getLogstashPipelineIds(req, lsIndexPattern, { clusterUuid }, size); + const clusterPipelineNodesCount = await getPipelines(req, lsIndexPattern, pipelines, [ + 'logstash_cluster_pipeline_nodes_count', + ]); + // add the logstash data to each cluster + logstashes.forEach(logstash => { + const clusterIndex = findIndex(clusters, { cluster_uuid: logstash.clusterUuid }); + + // withhold LS overview stats until pipeline metrics have at least one full bucket + if ( + logstash.clusterUuid === req.params.clusterUuid && + clusterPipelineNodesCount.length === 0 + ) { + logstash.stats = {}; + } + + set(clusters[clusterIndex], 'logstash', logstash.stats); + }); + } // add beats data const beatsByCluster = isInCodePath(codePaths, [CODE_PATH_BEATS]) @@ -199,7 +204,6 @@ export async function getClustersFromRequest( // check ccr configuration const isCcrEnabled = await checkCcrEnabled(req, esIndexPattern); - const config = req.server.config(); const kibanaUuid = config.get('server.uuid'); return getClustersSummary(req.server, clusters, kibanaUuid, isCcrEnabled); diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/__tests__/get_pipelines.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/__tests__/get_pipelines.js index dc9f48785bea7..cac77b2903439 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/__tests__/get_pipelines.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/__tests__/get_pipelines.js @@ -5,7 +5,7 @@ */ import expect from '@kbn/expect'; -import { handleGetPipelinesResponse, processPipelinesAPIResponse } from '../get_pipelines'; +import { processPipelinesAPIResponse } from '../get_pipelines'; describe('processPipelinesAPIResponse', () => { let response; @@ -13,6 +13,7 @@ describe('processPipelinesAPIResponse', () => { response = { pipelines: [ { + id: 1, metrics: { throughput_for_cluster: { data: [ @@ -22,8 +23,8 @@ describe('processPipelinesAPIResponse', () => { }, nodes_count_for_cluster: { data: [ - [1513721903, 3], - [1513722162, 2], + [1513721903, { 1: 5 }], + [1513722162, { 1: 10 }], ], }, }, @@ -32,96 +33,27 @@ describe('processPipelinesAPIResponse', () => { }; }); - it('normalizes the metric keys', () => { - processPipelinesAPIResponse(response, 'throughput_for_cluster', 'nodes_count_for_cluster').then( - processedResponse => { - expect(processedResponse.pipelines[0].metrics.throughput).to.eql( - response.pipelines[0].metrics.throughput_for_cluster - ); - expect(processedResponse.pipelines[0].metrics.nodesCount).to.eql( - response.pipelines[0].metrics.nodes_count_for_cluster - ); - } + it('normalizes the metric keys', async () => { + const processedResponse = await processPipelinesAPIResponse( + response, + 'throughput_for_cluster', + 'nodes_count_for_cluster' + ); + expect(processedResponse.pipelines[0].metrics.throughput).to.eql( + response.pipelines[0].metrics.throughput_for_cluster ); + expect(processedResponse.pipelines[0].metrics.nodesCount.data[0][0]).to.eql(1513721903); + expect(processedResponse.pipelines[0].metrics.nodesCount.data[0][1]).to.eql(5); + expect(processedResponse.pipelines[0].metrics.nodesCount.data[1][0]).to.eql(1513722162); + expect(processedResponse.pipelines[0].metrics.nodesCount.data[1][1]).to.eql(10); }); it('computes the latest metrics', () => { processPipelinesAPIResponse(response, 'throughput_for_cluster', 'nodes_count_for_cluster').then( processedResponse => { expect(processedResponse.pipelines[0].latestThroughput).to.eql(23); - expect(processedResponse.pipelines[0].latestNodesCount).to.eql(2); + expect(processedResponse.pipelines[0].latestNodesCount).to.eql(10); } ); }); }); - -describe('get_pipelines', () => { - let fetchPipelinesWithMetricsResult; - - describe('fetchPipelinesWithMetrics result contains no pipelines', () => { - beforeEach(() => { - fetchPipelinesWithMetricsResult = { - logstash_pipeline_throughput: [ - { - data: [], - }, - ], - logstash_pipeline_nodes_count: [ - { - data: [], - }, - ], - }; - }); - - it('returns an empty array', () => { - const result = handleGetPipelinesResponse(fetchPipelinesWithMetricsResult); - expect(result).to.eql([]); - }); - }); - - describe('fetchPipelinesWithMetrics result contains pipelines', () => { - beforeEach(() => { - fetchPipelinesWithMetricsResult = { - logstash_pipeline_throughput: [ - { - data: [[1513123151000, { apache_logs: 231, logstash_tweets: 34 }]], - }, - ], - logstash_pipeline_nodes_count: [ - { - data: [[1513123151000, { apache_logs: 3, logstash_tweets: 1 }]], - }, - ], - }; - }); - - it('returns the correct structure for a non-empty response', () => { - const result = handleGetPipelinesResponse(fetchPipelinesWithMetricsResult); - expect(result).to.eql([ - { - id: 'apache_logs', - metrics: { - logstash_pipeline_throughput: { - data: [[1513123151000, 231]], - }, - logstash_pipeline_nodes_count: { - data: [[1513123151000, 3]], - }, - }, - }, - { - id: 'logstash_tweets', - metrics: { - logstash_pipeline_throughput: { - data: [[1513123151000, 34]], - }, - logstash_pipeline_nodes_count: { - data: [[1513123151000, 1]], - }, - }, - }, - ]); - }); - }); -}); diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_paginated_pipelines.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_paginated_pipelines.js index c09df240d4f35..ef9ef90e8f310 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_paginated_pipelines.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_paginated_pipelines.js @@ -7,7 +7,6 @@ import { get } from 'lodash'; import { filter } from '../pagination/filter'; import { getLogstashPipelineIds } from './get_pipeline_ids'; -import { handleGetPipelinesResponse } from './get_pipelines'; import { sortPipelines } from './sort_pipelines'; import { paginate } from '../pagination/paginate'; import { getMetrics } from '../details/get_metrics'; @@ -51,19 +50,33 @@ export async function getPaginatedPipelines( // the necessary sort - we only need the last bucket of data so we // fetch the last two buckets of data (to ensure we have a single full bucekt), // then return the value from that last bucket - const metricSeriesData = await getMetrics( - req, - lsIndexPattern, - metricSet, - [], - { pageOfPipelines: pipelines }, - 2 - ); - const pipelineAggregationsData = handleGetPipelinesResponse( - metricSeriesData, - pipelines.map(p => p.id) + const metricSeriesData = Object.values( + await Promise.all( + pipelines.map(pipeline => { + return new Promise(async resolve => { + const data = await getMetrics( + req, + lsIndexPattern, + metricSet, + [], + { + pipeline, + }, + 2 + ); + + resolve({ + id: pipeline.id, + metrics: Object.keys(data).reduce((accum, metricName) => { + accum[metricName] = data[metricName][0]; + return accum; + }, {}), + }); + }); + }) + ) ); - for (const pipelineAggregationData of pipelineAggregationsData) { + for (const pipelineAggregationData of metricSeriesData) { for (const pipeline of pipelines) { if (pipelineAggregationData.id === pipeline.id) { for (const metric of metricSet) { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_ids.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_ids.js index d2cd5bef9d7ff..0773ab8948564 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_ids.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_ids.js @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ import moment from 'moment'; -import { get, uniq } from 'lodash'; +import { get } from 'lodash'; import { createQuery } from '../create_query'; import { LogstashMetric } from '../metrics'; @@ -26,7 +26,7 @@ export async function getLogstashPipelineIds( index: logstashIndexPattern, size: 0, ignoreUnavailable: true, - filterPath: ['aggregations.nested_context.composite_data.buckets'], + filterPath: ['aggregations.nest.id.buckets'], body: { query: createQuery({ start, @@ -36,37 +36,28 @@ export async function getLogstashPipelineIds( filters, }), aggs: { - nested_context: { + nest: { nested: { path: 'logstash_stats.pipelines', }, aggs: { - composite_data: { - composite: { + id: { + terms: { + field: 'logstash_stats.pipelines.id', size, - sources: [ - { - id: { - terms: { - field: 'logstash_stats.pipelines.id', - }, - }, - }, - { - hash: { - terms: { - field: 'logstash_stats.pipelines.hash', - }, - }, - }, - { - ephemeral_id: { + }, + aggs: { + unnest: { + reverse_nested: {}, + aggs: { + nodes: { terms: { - field: 'logstash_stats.pipelines.ephemeral_id', + field: 'logstash_stats.logstash.uuid', + size, }, }, }, - ], + }, }, }, }, @@ -77,8 +68,8 @@ export async function getLogstashPipelineIds( const { callWithRequest } = req.server.plugins.elasticsearch.getCluster('monitoring'); const response = await callWithRequest(req, 'search', params); - const data = get(response, 'aggregations.nested_context.composite_data.buckets', []).map( - bucket => bucket.key - ); - return uniq(data, item => item.id); + return get(response, 'aggregations.nest.id.buckets', []).map(bucket => ({ + id: bucket.key, + nodeIds: get(bucket, 'unnest.nodes.buckets', []).map(item => item.key), + })); } diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipelines.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipelines.js index 7b52a26f0e80d..d634170bdd9fe 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipelines.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipelines.js @@ -3,66 +3,10 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { cloneDeep, last, omit } from 'lodash'; +import { cloneDeep, last } from 'lodash'; import { checkParam } from '../error_missing_required'; import { getMetrics } from '../details/get_metrics'; -export function handleGetPipelinesResponse(response, exclusivePipelineIds) { - const pipelinesById = {}; - - const metrics = Object.keys(response); - metrics.forEach(metric => { - response[metric][0].data.forEach(([x, y]) => { - const pipelineIds = Object.keys(y); - pipelineIds.forEach(pipelineId => { - if (exclusivePipelineIds && !exclusivePipelineIds.includes(pipelineId)) { - return; - } - // Create new pipeline object if necessary - if (!pipelinesById.hasOwnProperty(pipelineId)) { - pipelinesById[pipelineId] = { - metrics: {}, - }; - } - const pipeline = pipelinesById[pipelineId]; - - // Create new metric object in pipeline object if necessary - if (!pipeline.metrics.hasOwnProperty(metric)) { - // Clone the metric object from the response so we don't accidentally overwrite it - // in the code further below. Also, reset data to empty array because we only want - // to keep data "y" values specific to this pipeline - pipeline.metrics[metric] = { - ...omit(response[metric][0], 'data'), - data: [], - }; - } - - pipeline.metrics[metric].data.push([x, y[pipelineId]]); - }); - }); - }); - - // Convert pipelinesById map to array and preserve sorting - const pipelines = []; - if (exclusivePipelineIds) { - for (const exclusivePipelineId of exclusivePipelineIds) { - pipelines.push({ - id: exclusivePipelineId, - ...pipelinesById[exclusivePipelineId], - }); - } - } else { - Object.keys(pipelinesById).forEach(pipelineId => { - pipelines.push({ - id: pipelineId, - ...pipelinesById[pipelineId], - }); - }); - } - - return pipelines; -} - export async function processPipelinesAPIResponse( response, throughputMetricKey, @@ -76,7 +20,13 @@ export async function processPipelinesAPIResponse( processedResponse.pipelines.forEach(pipeline => { pipeline.metrics = { throughput: pipeline.metrics[throughputMetricKey], - nodesCount: pipeline.metrics[nodesCountMetricKey], + nodesCount: { + ...pipeline.metrics[nodesCountMetricKey], + data: pipeline.metrics[nodesCountMetricKey].data.map(item => [ + item[0], + item[1][pipeline.id], + ]), + }, }; pipeline.latestThroughput = last(pipeline.metrics.throughput.data)[1]; @@ -86,24 +36,29 @@ export async function processPipelinesAPIResponse( return processedResponse; } -export async function getPipelines( - req, - logstashIndexPattern, - pipelineIds, - metricSet, - metricOptions = {} -) { +export async function getPipelines(req, logstashIndexPattern, pipelines, metricSet) { checkParam(logstashIndexPattern, 'logstashIndexPattern in logstash/getPipelines'); checkParam(metricSet, 'metricSet in logstash/getPipelines'); const filters = []; - const metricsResponse = await getMetrics( - req, - logstashIndexPattern, - metricSet, - filters, - metricOptions + const metricsResponse = await Promise.all( + pipelines.map(pipeline => { + return new Promise(async resolve => { + const data = await getMetrics(req, logstashIndexPattern, metricSet, filters, { + pipeline, + }); + + resolve({ + id: pipeline.id, + metrics: Object.keys(data).reduce((accum, metricName) => { + accum[metricName] = data[metricName][0]; + return accum; + }, {}), + }); + }); + }) ); - return handleGetPipelinesResponse(metricsResponse, pipelineIds); + + return Object.values(metricsResponse); } diff --git a/x-pack/legacy/plugins/monitoring/server/lib/metrics/__test__/__snapshots__/metrics.test.js.snap b/x-pack/legacy/plugins/monitoring/server/lib/metrics/__test__/__snapshots__/metrics.test.js.snap index 7b401e5275e22..1cc442cb15993 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/metrics/__test__/__snapshots__/metrics.test.js.snap +++ b/x-pack/legacy/plugins/monitoring/server/lib/metrics/__test__/__snapshots__/metrics.test.js.snap @@ -3020,8 +3020,7 @@ Object { }, "logstash_cluster_pipeline_throughput": LogstashPipelineThroughputMetric { "app": "logstash", - "calculation": [Function], - "derivative": false, + "derivative": true, "description": "Number of events emitted per second by the Logstash pipeline at the outputs stage.", "field": "logstash_stats.pipelines.events.out", "format": "0,0.[00]", @@ -3296,8 +3295,7 @@ Object { }, "logstash_node_pipeline_throughput": LogstashPipelineThroughputMetric { "app": "logstash", - "calculation": [Function], - "derivative": false, + "derivative": true, "description": "Number of events emitted per second by the Logstash pipeline at the outputs stage.", "field": "logstash_stats.pipelines.events.out", "format": "0,0.[00]", diff --git a/x-pack/legacy/plugins/monitoring/server/lib/metrics/logstash/classes.js b/x-pack/legacy/plugins/monitoring/server/lib/metrics/logstash/classes.js index eddcfabe83b1b..1f45d76ecff28 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/metrics/logstash/classes.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/metrics/logstash/classes.js @@ -250,59 +250,45 @@ export class LogstashPipelineThroughputMetric extends LogstashMetric { constructor(opts) { super({ ...opts, - derivative: false, + derivative: true, }); - this.getDateHistogramSubAggs = ({ pageOfPipelines }) => ({ - pipelines_nested: { - nested: { - path: 'logstash_stats.pipelines', + this.getDateHistogramSubAggs = ({ pipeline }) => { + return { + metric_deriv: { + derivative: { + buckets_path: 'sum', + gap_policy: 'skip', + unit: NORMALIZED_DERIVATIVE_UNIT, + }, }, - aggs: { - by_pipeline_id: { - terms: { - field: 'logstash_stats.pipelines.id', - size: 1000, - include: pageOfPipelines.map(pipeline => pipeline.id), - }, - aggs: { - throughput: { - sum_bucket: { - buckets_path: 'by_pipeline_hash>throughput', - }, + sum: { + sum_bucket: { + buckets_path: 'by_node_id>nest>pipeline>events_stats', + }, + }, + by_node_id: { + terms: { + field: 'logstash_stats.logstash.uuid', + size: 1000, + include: pipeline.uuids, + }, + aggs: { + nest: { + nested: { + path: 'logstash_stats.pipelines', }, - by_pipeline_hash: { - terms: { - field: 'logstash_stats.pipelines.hash', - size: 1000, - include: pageOfPipelines.map(pipeline => pipeline.hash), - }, - aggs: { - throughput: { - sum_bucket: { - buckets_path: 'by_ephemeral_id>throughput', + aggs: { + pipeline: { + filter: { + term: { + 'logstash_stats.pipelines.id': pipeline.id, }, }, - by_ephemeral_id: { - terms: { - field: 'logstash_stats.pipelines.ephemeral_id', - size: 1000, - include: pageOfPipelines.map(pipeline => pipeline.ephemeral_id), - }, - aggs: { - events_stats: { - stats: { - field: this.field, - }, - }, - throughput: { - bucket_script: { - script: 'params.max - params.min', - buckets_path: { - min: 'events_stats.min', - max: 'events_stats.max', - }, - }, + aggs: { + events_stats: { + max: { + field: this.field, }, }, }, @@ -311,19 +297,7 @@ export class LogstashPipelineThroughputMetric extends LogstashMetric { }, }, }, - }, - }); - - this.calculation = (bucket, _key, _metric, bucketSizeInSeconds) => { - const pipelineThroughputs = {}; - const pipelineBuckets = _.get(bucket, 'pipelines_nested.by_pipeline_id.buckets', []); - pipelineBuckets.forEach(pipelineBucket => { - pipelineThroughputs[pipelineBucket.key] = bucketSizeInSeconds - ? _.get(pipelineBucket, 'throughput.value') / bucketSizeInSeconds - : undefined; - }); - - return pipelineThroughputs; + }; }; } } diff --git a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/cluster_pipelines.js b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/cluster_pipelines.js index 1c796ced96f9b..0839bd4800329 100644 --- a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/cluster_pipelines.js +++ b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/cluster_pipelines.js @@ -79,21 +79,8 @@ export function logstashClusterPipelinesRoute(server) { queryText ); - // Just the IDs for the rest - const pipelineIds = pageOfPipelines.map(pipeline => pipeline.id); - - const metricOptions = { - pageOfPipelines, - }; - try { - const pipelineData = await getPipelines( - req, - lsIndexPattern, - pipelineIds, - metricSet, - metricOptions - ); + const pipelineData = await getPipelines(req, lsIndexPattern, pageOfPipelines, metricSet); const response = await processPipelinesAPIResponse( { pipelines: pipelineData, diff --git a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/node_pipelines.js b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/node_pipelines.js index a8cad480b9c37..604cc86b81b58 100644 --- a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/node_pipelines.js +++ b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/node_pipelines.js @@ -78,22 +78,8 @@ export function logstashNodePipelinesRoute(server) { sort, queryText ); - - // Just the IDs for the rest - const pipelineIds = pageOfPipelines.map(pipeline => pipeline.id); - - const metricOptions = { - pageOfPipelines, - }; - try { - const pipelineData = await getPipelines( - req, - lsIndexPattern, - pipelineIds, - metricSet, - metricOptions - ); + const pipelineData = await getPipelines(req, lsIndexPattern, pageOfPipelines, metricSet); const response = await processPipelinesAPIResponse( { pipelines: pipelineData, From a157513cfa1512c732001d040259d28c435f371d Mon Sep 17 00:00:00 2001 From: Frank Hassanabad Date: Tue, 28 Jan 2020 09:32:16 -0700 Subject: [PATCH 03/40] [SIEM][Detection Engine] critical blocker updates to latest ECS version ## Summary * Updates to the latest ECS version right before us shipping as expected by taking it from: https://raw.githubusercontent.com/elastic/ecs/master/generated/elasticsearch/7/template.json Testing: * Ensure I remembered to put `"dynamic": false` * Do a ./hard_reset.sh * Test run a few things to make sure everything still works as expected. ### Checklist Use ~~strikethroughs~~ to remove checklist items you don't feel are applicable to this PR. ~~- [ ] This was checked for cross-browser compatibility, [including a check against IE11](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility)~~ ~~- [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)~~ ~~- [ ] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials~~ ~~- [ ] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios~~ ~~- [ ] This was checked for [keyboard-only and screenreader accessibility](https://developer.mozilla.org/en-US/docs/Learn/Tools_and_testing/Cross_browser_testing/Accessibility#Accessibility_testing_checklist)~~ ### For maintainers ~~- [ ] This was checked for breaking API changes and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~~ ~~- [ ] This includes a feature addition or change that requires a release note and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~~ --- .../routes/index/ecs_mapping.json | 661 +++++++++++++++++- 1 file changed, 659 insertions(+), 2 deletions(-) diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/ecs_mapping.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/ecs_mapping.json index 06edf94484af3..5faa53db51101 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/ecs_mapping.json +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/ecs_mapping.json @@ -37,6 +37,12 @@ "organization": { "properties": { "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -58,6 +64,12 @@ "organization": { "properties": { "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -149,6 +161,12 @@ "type": "keyword" }, "full_name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -177,6 +195,12 @@ "type": "keyword" }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -273,6 +297,12 @@ "organization": { "properties": { "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -364,6 +394,12 @@ "type": "keyword" }, "full_name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -392,6 +428,12 @@ "type": "keyword" }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -422,7 +464,8 @@ "ignore_above": 1024, "type": "keyword" } - } + }, + "type": "object" }, "header_flags": { "ignore_above": 1024, @@ -501,6 +544,12 @@ }, "stack_trace": { "doc_values": false, + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "index": false, "type": "keyword" @@ -546,6 +595,9 @@ "ignore_above": 1024, "type": "keyword" }, + "ingested": { + "type": "date" + }, "kind": { "ignore_above": 1024, "type": "keyword" @@ -598,6 +650,10 @@ "accessed": { "type": "date" }, + "attributes": { + "ignore_above": 1024, + "type": "keyword" + }, "created": { "type": "date" }, @@ -612,6 +668,10 @@ "ignore_above": 1024, "type": "keyword" }, + "drive_letter": { + "ignore_above": 1, + "type": "keyword" + }, "extension": { "ignore_above": 1024, "type": "keyword" @@ -664,6 +724,12 @@ "type": "keyword" }, "path": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -671,6 +737,12 @@ "type": "long" }, "target_path": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -761,6 +833,10 @@ "ignore_above": 1024, "type": "keyword" }, + "domain": { + "ignore_above": 1024, + "type": "keyword" + }, "geo": { "properties": { "city_name": { @@ -822,6 +898,12 @@ "type": "keyword" }, "full": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -830,6 +912,12 @@ "type": "keyword" }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -861,6 +949,12 @@ "type": "keyword" }, "full_name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -889,6 +983,12 @@ "type": "keyword" }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -906,6 +1006,12 @@ "type": "long" }, "content": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -932,6 +1038,12 @@ "type": "long" }, "content": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -1016,7 +1128,8 @@ } } } - } + }, + "type": "object" } } }, @@ -1128,6 +1241,12 @@ "type": "keyword" }, "full": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1136,6 +1255,12 @@ "type": "keyword" }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1178,6 +1303,12 @@ "type": "keyword" }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -1190,6 +1321,12 @@ "type": "keyword" }, "full": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1198,6 +1335,12 @@ "type": "keyword" }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1217,6 +1360,10 @@ "ignore_above": 1024, "type": "keyword" }, + "build_version": { + "ignore_above": 1024, + "type": "keyword" + }, "checksum": { "ignore_above": 1024, "type": "keyword" @@ -1244,9 +1391,17 @@ "ignore_above": 1024, "type": "keyword" }, + "reference": { + "ignore_above": 1024, + "type": "keyword" + }, "size": { "type": "long" }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, "version": { "ignore_above": 1024, "type": "keyword" @@ -1259,10 +1414,32 @@ "ignore_above": 1024, "type": "keyword" }, + "args_count": { + "type": "long" + }, + "command_line": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, "executable": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, + "exit_code": { + "type": "long" + }, "hash": { "properties": { "md5": { @@ -1284,9 +1461,105 @@ } }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, + "parent": { + "properties": { + "args": { + "ignore_above": 1024, + "type": "keyword" + }, + "args_count": { + "type": "long" + }, + "command_line": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "executable": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "exit_code": { + "type": "long" + }, + "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "pgid": { + "type": "long" + }, + "pid": { + "type": "long" + }, + "ppid": { + "type": "long" + }, + "start": { + "type": "date" + }, + "thread": { + "properties": { + "id": { + "type": "long" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "title": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "uptime": { + "type": "long" + }, + "working_directory": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, + "ignore_above": 1024, + "type": "keyword" + } + } + }, "pgid": { "type": "long" }, @@ -1311,6 +1584,12 @@ } }, "title": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1318,6 +1597,48 @@ "type": "long" }, "working_directory": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "registry": { + "properties": { + "data": { + "properties": { + "bytes": { + "ignore_above": 1024, + "type": "keyword" + }, + "strings": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "hive": { + "ignore_above": 1024, + "type": "keyword" + }, + "key": { + "ignore_above": 1024, + "type": "keyword" + }, + "path": { + "ignore_above": 1024, + "type": "keyword" + }, + "value": { "ignore_above": 1024, "type": "keyword" } @@ -1325,8 +1646,52 @@ }, "related": { "properties": { + "hash": { + "ignore_above": 1024, + "type": "keyword" + }, "ip": { "type": "ip" + }, + "user": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "rule": { + "properties": { + "category": { + "ignore_above": 1024, + "type": "keyword" + }, + "description": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "reference": { + "ignore_above": 1024, + "type": "keyword" + }, + "ruleset": { + "ignore_above": 1024, + "type": "keyword" + }, + "uuid": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -1344,6 +1709,12 @@ "organization": { "properties": { "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -1435,6 +1806,12 @@ "type": "keyword" }, "full_name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1463,6 +1840,12 @@ "type": "keyword" }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -1520,6 +1903,12 @@ "organization": { "properties": { "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -1611,6 +2000,12 @@ "type": "keyword" }, "full_name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1639,6 +2034,12 @@ "type": "keyword" }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -1679,6 +2080,12 @@ "type": "keyword" }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1690,6 +2097,136 @@ } } }, + "tls": { + "properties": { + "cipher": { + "ignore_above": 1024, + "type": "keyword" + }, + "client": { + "properties": { + "certificate": { + "ignore_above": 1024, + "type": "keyword" + }, + "certificate_chain": { + "ignore_above": 1024, + "type": "keyword" + }, + "hash": { + "properties": { + "md5": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha1": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha256": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "issuer": { + "ignore_above": 1024, + "type": "keyword" + }, + "ja3": { + "ignore_above": 1024, + "type": "keyword" + }, + "not_after": { + "type": "date" + }, + "not_before": { + "type": "date" + }, + "server_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "subject": { + "ignore_above": 1024, + "type": "keyword" + }, + "supported_ciphers": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "curve": { + "ignore_above": 1024, + "type": "keyword" + }, + "established": { + "type": "boolean" + }, + "next_protocol": { + "ignore_above": 1024, + "type": "keyword" + }, + "resumed": { + "type": "boolean" + }, + "server": { + "properties": { + "certificate": { + "ignore_above": 1024, + "type": "keyword" + }, + "certificate_chain": { + "ignore_above": 1024, + "type": "keyword" + }, + "hash": { + "properties": { + "md5": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha1": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha256": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "issuer": { + "ignore_above": 1024, + "type": "keyword" + }, + "ja3s": { + "ignore_above": 1024, + "type": "keyword" + }, + "not_after": { + "type": "date" + }, + "not_before": { + "type": "date" + }, + "subject": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + }, + "version_protocol": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, "trace": { "properties": { "id": { @@ -1721,10 +2258,22 @@ "type": "keyword" }, "full": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, "original": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1772,6 +2321,12 @@ "type": "keyword" }, "full_name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1800,6 +2355,12 @@ "type": "keyword" }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" } @@ -1820,6 +2381,12 @@ "type": "keyword" }, "original": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1830,6 +2397,12 @@ "type": "keyword" }, "full": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1838,6 +2411,12 @@ "type": "keyword" }, "name": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, "ignore_above": 1024, "type": "keyword" }, @@ -1856,7 +2435,85 @@ "type": "keyword" } } + }, + "vulnerability": { + "properties": { + "category": { + "ignore_above": 1024, + "type": "keyword" + }, + "classification": { + "ignore_above": 1024, + "type": "keyword" + }, + "description": { + "fields": { + "text": { + "norms": false, + "type": "text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "enumeration": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "reference": { + "ignore_above": 1024, + "type": "keyword" + }, + "report_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "scanner": { + "properties": { + "vendor": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "score": { + "properties": { + "base": { + "type": "float" + }, + "environmental": { + "type": "float" + }, + "temporal": { + "type": "float" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "severity": { + "ignore_above": 1024, + "type": "keyword" + } + } } } + }, + "order": 1, + "settings": { + "index": { + "mapping": { + "total_fields": { + "limit": 10000 + } + }, + "refresh_interval": "5s" + } } } From 04ad88cd77d077d71d4ec75182850681c862344e Mon Sep 17 00:00:00 2001 From: Chris Roberson Date: Tue, 28 Jan 2020 11:38:35 -0500 Subject: [PATCH 04/40] [Monitoring] Change all configs to `monitoring.*` (#54919) * Initial config renaming - not working * Tweak config key names and move to core_deprecations * Remove new ones from this PR * Fix mocha tests * Update more configs * Update config in test * Add note to move these * Missed one * Fix mocha tests * Fix tests --- .../config/deprecation/core_deprecations.ts | 50 ++++++++++ x-pack/legacy/plugins/monitoring/config.js | 96 +++++++++---------- x-pack/legacy/plugins/monitoring/index.js | 34 +++---- .../cluster_alerts/alerts_cluster_search.js | 2 +- .../verify_monitoring_license.js | 2 +- .../es_client/__tests__/instantiate_client.js | 6 +- .../parse_elasticsearch_config.test.ts | 4 +- .../es_client/parse_elasticsearch_config.ts | 2 +- .../server/init_monitoring_xpack_info.js | 2 +- .../__tests__/get_default_admin_email.js | 12 +-- .../collectors/get_settings_collector.js | 4 +- .../collectors/ops_buffer/ops_buffer.js | 2 +- .../server/kibana_monitoring/init.js | 2 +- .../server/lib/__tests__/ccs_utils.js | 8 +- .../monitoring/server/lib/apm/get_apms.js | 2 +- .../server/lib/apm/get_apms_for_clusters.js | 2 +- .../monitoring/server/lib/apm/get_stats.js | 2 +- .../monitoring/server/lib/beats/get_beats.js | 2 +- .../lib/beats/get_beats_for_clusters.js | 2 +- .../server/lib/beats/get_latest_stats.js | 2 +- .../monitoring/server/lib/beats/get_stats.js | 2 +- .../monitoring/server/lib/ccs_utils.js | 2 +- .../server/lib/cluster/get_clusters_stats.js | 2 +- .../lib/details/__test__/get_metrics.test.js | 2 +- .../server/lib/details/get_metrics.js | 2 +- .../server/lib/elasticsearch/get_ml_jobs.js | 2 +- .../lib/elasticsearch/indices/get_indices.js | 2 +- .../nodes/get_nodes/get_nodes.js | 6 +- .../nodes/get_nodes/get_paginated_nodes.js | 4 +- .../get_indices_unassigned_shard_stats.js | 2 +- .../shards/get_nodes_shard_count.js | 2 +- .../shards/get_shard_allocation.js | 2 +- .../shards/get_shard_stat_aggs.js | 2 +- .../server/lib/kibana/get_kibanas.js | 2 +- .../lib/kibana/get_kibanas_for_clusters.js | 2 +- .../monitoring/server/lib/logs/get_logs.js | 2 +- .../lib/logstash/get_logstash_for_clusters.js | 6 +- .../server/lib/logstash/get_nodes.js | 2 +- .../lib/logstash/get_paginated_pipelines.js | 2 +- .../server/lib/logstash/get_pipeline.js | 2 +- .../get_pipeline_stats_aggregation.js | 2 +- .../lib/logstash/get_pipeline_versions.js | 2 +- .../lib/logstash/get_pipeline_vertex.js | 2 +- .../get_pipeline_vertex_stats_aggregation.js | 2 +- .../plugins/monitoring/server/plugin.js | 16 ++-- .../server/routes/api/v1/elasticsearch/ccr.js | 2 +- .../api/v1/elasticsearch/node_detail.js | 2 +- .../server/routes/api/v1/logstash/node.js | 4 +- .../pipelines/cluster_pipeline_ids.js | 2 +- .../telemetry_collection/get_cluster_uuids.ts | 2 +- .../telemetry_collection/get_es_stats.js | 2 +- .../get_high_level_stats.js | 2 +- .../legacy/plugins/monitoring/ui_exports.js | 2 +- 53 files changed, 186 insertions(+), 144 deletions(-) diff --git a/src/core/server/config/deprecation/core_deprecations.ts b/src/core/server/config/deprecation/core_deprecations.ts index c63c9384da9d8..3aa7f9e2aa8ad 100644 --- a/src/core/server/config/deprecation/core_deprecations.ts +++ b/src/core/server/config/deprecation/core_deprecations.ts @@ -119,6 +119,56 @@ export const coreDeprecationProvider: ConfigDeprecationProvider = ({ renameFromRoot('xpack.telemetry.config', 'telemetry.config'), renameFromRoot('xpack.telemetry.banner', 'telemetry.banner'), renameFromRoot('xpack.telemetry.url', 'telemetry.url'), + // Monitoring renames + // TODO: Remove these from here once the monitoring plugin is migrated to NP + renameFromRoot('xpack.monitoring.enabled', 'monitoring.enabled'), + renameFromRoot('xpack.monitoring.ui.enabled', 'monitoring.ui.enabled'), + renameFromRoot( + 'xpack.monitoring.kibana.collection.enabled', + 'monitoring.kibana.collection.enabled' + ), + renameFromRoot('xpack.monitoring.max_bucket_size', 'monitoring.ui.max_bucket_size'), + renameFromRoot('xpack.monitoring.min_interval_seconds', 'monitoring.ui.min_interval_seconds'), + renameFromRoot( + 'xpack.monitoring.show_license_expiration', + 'monitoring.ui.show_license_expiration' + ), + renameFromRoot( + 'xpack.monitoring.ui.container.elasticsearch.enabled', + 'monitoring.ui.container.elasticsearch.enabled' + ), + renameFromRoot( + 'xpack.monitoring.ui.container.logstash.enabled', + 'monitoring.ui.container.logstash.enabled' + ), + renameFromRoot( + 'xpack.monitoring.tests.cloud_detector.enabled', + 'monitoring.tests.cloud_detector.enabled' + ), + renameFromRoot( + 'xpack.monitoring.kibana.collection.interval', + 'monitoring.kibana.collection.interval' + ), + renameFromRoot('xpack.monitoring.elasticsearch.hosts', 'monitoring.ui.elasticsearch.hosts'), + renameFromRoot('xpack.monitoring.elasticsearch.username', 'monitoring.ui.elasticsearch.username'), + renameFromRoot('xpack.monitoring.elasticsearch.password', 'monitoring.ui.elasticsearch.password'), + renameFromRoot( + 'xpack.monitoring.xpack_api_polling_frequency_millis', + 'monitoring.xpack_api_polling_frequency_millis' + ), + renameFromRoot( + 'xpack.monitoring.cluster_alerts.email_notifications.enabled', + 'monitoring.cluster_alerts.email_notifications.enabled' + ), + renameFromRoot( + 'xpack.monitoring.cluster_alerts.email_notifications.email_address', + 'monitoring.cluster_alerts.email_notifications.email_address' + ), + renameFromRoot('xpack.monitoring.ccs.enabled', 'monitoring.ui.ccs.enabled'), + renameFromRoot( + 'xpack.monitoring.elasticsearch.logFetchCount', + 'monitoring.ui.elasticsearch.logFetchCount' + ), configPathDeprecation, dataPathDeprecation, rewriteBasePathDeprecation, diff --git a/x-pack/legacy/plugins/monitoring/config.js b/x-pack/legacy/plugins/monitoring/config.js index 91c1ee99a0b2e..778b656c056f2 100644 --- a/x-pack/legacy/plugins/monitoring/config.js +++ b/x-pack/legacy/plugins/monitoring/config.js @@ -15,12 +15,12 @@ export const config = Joi => { const DEFAULT_REQUEST_HEADERS = ['authorization']; return Joi.object({ - ccs: Joi.object({ - enabled: Joi.boolean().default(true), - }).default(), enabled: Joi.boolean().default(true), ui: Joi.object({ enabled: Joi.boolean().default(true), + ccs: Joi.object({ + enabled: Joi.boolean().default(true), + }).default(), container: Joi.object({ elasticsearch: Joi.object({ enabled: Joi.boolean().default(false), @@ -29,6 +29,51 @@ export const config = Joi => { enabled: Joi.boolean().default(false), }).default(), }).default(), + max_bucket_size: Joi.number().default(10000), + min_interval_seconds: Joi.number().default(10), + show_license_expiration: Joi.boolean().default(true), + elasticsearch: Joi.object({ + customHeaders: Joi.object().default({}), + logQueries: Joi.boolean().default(false), + requestHeadersWhitelist: Joi.array() + .items() + .single() + .default(DEFAULT_REQUEST_HEADERS), + sniffOnStart: Joi.boolean().default(false), + sniffInterval: Joi.number() + .allow(false) + .default(false), + sniffOnConnectionFault: Joi.boolean().default(false), + hosts: Joi.array() + .items(Joi.string().uri({ scheme: ['http', 'https'] })) + .single(), // if empty, use Kibana's connection config + username: Joi.string(), + password: Joi.string(), + requestTimeout: Joi.number().default(30000), + pingTimeout: Joi.number().default(30000), + ssl: Joi.object({ + verificationMode: Joi.string() + .valid('none', 'certificate', 'full') + .default('full'), + certificateAuthorities: Joi.array() + .single() + .items(Joi.string()), + certificate: Joi.string(), + key: Joi.string(), + keyPassphrase: Joi.string(), + keystore: Joi.object({ + path: Joi.string(), + password: Joi.string(), + }).default(), + truststore: Joi.object({ + path: Joi.string(), + password: Joi.string(), + }).default(), + alwaysPresentCertificate: Joi.boolean().default(false), + }).default(), + apiVersion: Joi.string().default('master'), + logFetchCount: Joi.number().default(10), + }).default(), }).default(), kibana: Joi.object({ collection: Joi.object({ @@ -46,56 +91,11 @@ export const config = Joi => { xpack_api_polling_frequency_millis: Joi.number().default( XPACK_INFO_API_DEFAULT_POLL_FREQUENCY_IN_MILLIS ), - max_bucket_size: Joi.number().default(10000), - min_interval_seconds: Joi.number().default(10), - show_license_expiration: Joi.boolean().default(true), agent: Joi.object({ interval: Joi.string() .regex(/[\d\.]+[yMwdhms]/) .default('10s'), }).default(), - elasticsearch: Joi.object({ - customHeaders: Joi.object().default({}), - logQueries: Joi.boolean().default(false), - requestHeadersWhitelist: Joi.array() - .items() - .single() - .default(DEFAULT_REQUEST_HEADERS), - sniffOnStart: Joi.boolean().default(false), - sniffInterval: Joi.number() - .allow(false) - .default(false), - sniffOnConnectionFault: Joi.boolean().default(false), - hosts: Joi.array() - .items(Joi.string().uri({ scheme: ['http', 'https'] })) - .single(), // if empty, use Kibana's connection config - username: Joi.string(), - password: Joi.string(), - requestTimeout: Joi.number().default(30000), - pingTimeout: Joi.number().default(30000), - ssl: Joi.object({ - verificationMode: Joi.string() - .valid('none', 'certificate', 'full') - .default('full'), - certificateAuthorities: Joi.array() - .single() - .items(Joi.string()), - certificate: Joi.string(), - key: Joi.string(), - keyPassphrase: Joi.string(), - keystore: Joi.object({ - path: Joi.string(), - password: Joi.string(), - }).default(), - truststore: Joi.object({ - path: Joi.string(), - password: Joi.string(), - }).default(), - alwaysPresentCertificate: Joi.boolean().default(false), - }).default(), - apiVersion: Joi.string().default('master'), - logFetchCount: Joi.number().default(10), - }).default(), tests: Joi.object({ cloud_detector: Joi.object({ enabled: Joi.boolean().default(true), diff --git a/x-pack/legacy/plugins/monitoring/index.js b/x-pack/legacy/plugins/monitoring/index.js index 8e0201bea710b..ca595836133c2 100644 --- a/x-pack/legacy/plugins/monitoring/index.js +++ b/x-pack/legacy/plugins/monitoring/index.js @@ -20,31 +20,31 @@ export const monitoring = kibana => new kibana.Plugin({ require: ['kibana', 'elasticsearch', 'xpack_main'], id: 'monitoring', - configPrefix: 'xpack.monitoring', + configPrefix: 'monitoring', publicDir: resolve(__dirname, 'public'), init(server) { const configs = [ - 'xpack.monitoring.ui.enabled', - 'xpack.monitoring.kibana.collection.enabled', - 'xpack.monitoring.max_bucket_size', - 'xpack.monitoring.min_interval_seconds', + 'monitoring.ui.enabled', + 'monitoring.kibana.collection.enabled', + 'monitoring.ui.max_bucket_size', + 'monitoring.ui.min_interval_seconds', 'kibana.index', - 'xpack.monitoring.show_license_expiration', - 'xpack.monitoring.ui.container.elasticsearch.enabled', - 'xpack.monitoring.ui.container.logstash.enabled', - 'xpack.monitoring.tests.cloud_detector.enabled', - 'xpack.monitoring.kibana.collection.interval', - 'xpack.monitoring.elasticsearch.hosts', - 'xpack.monitoring.elasticsearch', - 'xpack.monitoring.xpack_api_polling_frequency_millis', + 'monitoring.ui.show_license_expiration', + 'monitoring.ui.container.elasticsearch.enabled', + 'monitoring.ui.container.logstash.enabled', + 'monitoring.tests.cloud_detector.enabled', + 'monitoring.kibana.collection.interval', + 'monitoring.ui.elasticsearch.hosts', + 'monitoring.ui.elasticsearch', + 'monitoring.xpack_api_polling_frequency_millis', 'server.uuid', 'server.name', 'server.host', 'server.port', - 'xpack.monitoring.cluster_alerts.email_notifications.enabled', - 'xpack.monitoring.cluster_alerts.email_notifications.email_address', - 'xpack.monitoring.ccs.enabled', - 'xpack.monitoring.elasticsearch.logFetchCount', + 'monitoring.cluster_alerts.email_notifications.enabled', + 'monitoring.cluster_alerts.email_notifications.email_address', + 'monitoring.ui.ccs.enabled', + 'monitoring.ui.elasticsearch.logFetchCount', ]; const serverConfig = server.config(); diff --git a/x-pack/legacy/plugins/monitoring/server/cluster_alerts/alerts_cluster_search.js b/x-pack/legacy/plugins/monitoring/server/cluster_alerts/alerts_cluster_search.js index 0c9fb4bd04ee7..eff9875d794ad 100644 --- a/x-pack/legacy/plugins/monitoring/server/cluster_alerts/alerts_cluster_search.js +++ b/x-pack/legacy/plugins/monitoring/server/cluster_alerts/alerts_cluster_search.js @@ -157,7 +157,7 @@ export function alertsClusterSearch(req, alertsIndex, cluster, checkLicense, opt if (prodLicenseInfo.clusterAlerts.enabled) { const config = req.server.config(); - const size = options.size || config.get('xpack.monitoring.max_bucket_size'); + const size = options.size || config.get('monitoring.ui.max_bucket_size'); const params = { index: alertsIndex, diff --git a/x-pack/legacy/plugins/monitoring/server/cluster_alerts/verify_monitoring_license.js b/x-pack/legacy/plugins/monitoring/server/cluster_alerts/verify_monitoring_license.js index 9cc67e11c28d5..e94f4e08fbdb1 100644 --- a/x-pack/legacy/plugins/monitoring/server/cluster_alerts/verify_monitoring_license.js +++ b/x-pack/legacy/plugins/monitoring/server/cluster_alerts/verify_monitoring_license.js @@ -19,7 +19,7 @@ export function verifyMonitoringLicense(server) { const config = server.config(); // if cluster alerts are enabled, then ensure that we can use it according to the license - if (config.get('xpack.monitoring.cluster_alerts.enabled')) { + if (config.get('monitoring.cluster_alerts.enabled')) { const xpackInfo = get(server.plugins.monitoring, 'info'); if (xpackInfo) { const monitoringCluster = xpackInfo.feature('monitoring').getLicenseCheckResults(); diff --git a/x-pack/legacy/plugins/monitoring/server/es_client/__tests__/instantiate_client.js b/x-pack/legacy/plugins/monitoring/server/es_client/__tests__/instantiate_client.js index 6844bd5febf8e..88cf9734d5f57 100644 --- a/x-pack/legacy/plugins/monitoring/server/es_client/__tests__/instantiate_client.js +++ b/x-pack/legacy/plugins/monitoring/server/es_client/__tests__/instantiate_client.js @@ -11,8 +11,8 @@ import { exposeClient, hasMonitoringCluster } from '../instantiate_client'; function getMockServerFromConnectionUrl(monitoringClusterUrl) { const server = { - xpack: { - monitoring: { + monitoring: { + ui: { elasticsearch: { hosts: monitoringClusterUrl ? [monitoringClusterUrl] : [], username: 'monitoring-user-internal-test', @@ -27,7 +27,7 @@ function getMockServerFromConnectionUrl(monitoringClusterUrl) { }; return { - elasticsearchConfig: server.xpack.monitoring.elasticsearch, + elasticsearchConfig: server.monitoring.ui.elasticsearch, elasticsearchPlugin: { getCluster: sinon .stub() diff --git a/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.test.ts b/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.test.ts index c6f4e0fa68504..8d9b5335732c0 100644 --- a/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.test.ts +++ b/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.test.ts @@ -168,14 +168,14 @@ describe('throws when config is invalid', () => { it('throws if key and keystore.path are both specified', () => { const value = { ssl: { key: 'foo', keystore: { path: 'bar' } } }; expect(() => parse(value)).toThrowErrorMatchingInlineSnapshot( - `"[config validation of [xpack.monitoring.elasticsearch].ssl]: cannot use [key] when [keystore.path] is specified"` + `"[config validation of [monitoring.ui.elasticsearch].ssl]: cannot use [key] when [keystore.path] is specified"` ); }); it('throws if certificate and keystore.path are both specified', () => { const value = { ssl: { certificate: 'foo', keystore: { path: 'bar' } } }; expect(() => parse(value)).toThrowErrorMatchingInlineSnapshot( - `"[config validation of [xpack.monitoring.elasticsearch].ssl]: cannot use [certificate] when [keystore.path] is specified"` + `"[config validation of [monitoring.ui.elasticsearch].ssl]: cannot use [certificate] when [keystore.path] is specified"` ); }); }); diff --git a/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.ts b/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.ts index 70e6235602b5b..728b3433bf06c 100644 --- a/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.ts +++ b/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.ts @@ -7,7 +7,7 @@ import { readFileSync } from 'fs'; import { readPkcs12Truststore, readPkcs12Keystore } from '../../../../../../src/core/utils'; -const KEY = 'xpack.monitoring.elasticsearch'; +const KEY = 'monitoring.ui.elasticsearch'; /* * Parse a config object's Elasticsearch configuration, reading any diff --git a/x-pack/legacy/plugins/monitoring/server/init_monitoring_xpack_info.js b/x-pack/legacy/plugins/monitoring/server/init_monitoring_xpack_info.js index b43430ead23b0..ba07f512de896 100644 --- a/x-pack/legacy/plugins/monitoring/server/init_monitoring_xpack_info.js +++ b/x-pack/legacy/plugins/monitoring/server/init_monitoring_xpack_info.js @@ -15,7 +15,7 @@ export const initMonitoringXpackInfo = async ({ config, xpackMainPlugin, expose, const xpackInfo = hasMonitoringCluster(config) ? xpackMainPlugin.createXPackInfo({ clusterSource: 'monitoring', - pollFrequencyInMillis: config.get('xpack.monitoring.xpack_api_polling_frequency_millis'), + pollFrequencyInMillis: config.get('monitoring.xpack_api_polling_frequency_millis'), }) : xpackMainPlugin.info; diff --git a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/__tests__/get_default_admin_email.js b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/__tests__/get_default_admin_email.js index 96dc461c03fd3..10f52a82a830c 100644 --- a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/__tests__/get_default_admin_email.js +++ b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/__tests__/get_default_admin_email.js @@ -14,14 +14,10 @@ describe('getSettingsCollector / getDefaultAdminEmail', () => { function setup({ enabled = true, adminEmail = null } = {}) { const config = { get: sinon.stub() }; - config.get - .withArgs('xpack.monitoring.cluster_alerts.email_notifications.enabled') - .returns(enabled); + config.get.withArgs('monitoring.cluster_alerts.email_notifications.enabled').returns(enabled); if (adminEmail) { - config.get - .withArgs(`xpack.monitoring.${CLUSTER_ALERTS_ADDRESS_CONFIG_KEY}`) - .returns(adminEmail); + config.get.withArgs(`monitoring.${CLUSTER_ALERTS_ADDRESS_CONFIG_KEY}`).returns(adminEmail); } config.get.withArgs('kibana.index').returns('.kibana'); @@ -31,7 +27,7 @@ describe('getSettingsCollector / getDefaultAdminEmail', () => { return config; } - describe('xpack.monitoring.cluster_alerts.email_notifications.enabled = false', () => { + describe('monitoring.cluster_alerts.email_notifications.enabled = false', () => { it('returns null when email is defined', async () => { const config = setup({ enabled: false }); expect(await getDefaultAdminEmail(config)).to.be(null); @@ -43,7 +39,7 @@ describe('getSettingsCollector / getDefaultAdminEmail', () => { }); }); - describe('xpack.monitoring.cluster_alerts.email_notifications.enabled = true', () => { + describe('monitoring.cluster_alerts.email_notifications.enabled = true', () => { it('returns value when email is defined', async () => { const config = setup({ adminEmail: 'hello@world' }); expect(await getDefaultAdminEmail(config)).to.be('hello@world'); diff --git a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/get_settings_collector.js b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/get_settings_collector.js index d0e1d32a2baa4..f51e7d22a0c7c 100644 --- a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/get_settings_collector.js +++ b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/get_settings_collector.js @@ -11,11 +11,11 @@ import { CLUSTER_ALERTS_ADDRESS_CONFIG_KEY, KIBANA_SETTINGS_TYPE } from '../../. * If so, get email from kibana.yml */ export async function getDefaultAdminEmail(config) { - if (!config.get('xpack.monitoring.cluster_alerts.email_notifications.enabled')) { + if (!config.get('monitoring.cluster_alerts.email_notifications.enabled')) { return null; } - const emailAddressConfigKey = `xpack.monitoring.${CLUSTER_ALERTS_ADDRESS_CONFIG_KEY}`; + const emailAddressConfigKey = `monitoring.${CLUSTER_ALERTS_ADDRESS_CONFIG_KEY}`; const configuredEmailAddress = config.get(emailAddressConfigKey); return configuredEmailAddress || null; diff --git a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/ops_buffer/ops_buffer.js b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/ops_buffer/ops_buffer.js index d58f6f3254c76..699a364433b3e 100644 --- a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/ops_buffer/ops_buffer.js +++ b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/ops_buffer/ops_buffer.js @@ -17,7 +17,7 @@ export function opsBuffer({ config, log, getOSInfo }) { // determine the cloud service in the background const cloudDetector = new CloudDetector(); - if (config.get('xpack.monitoring.tests.cloud_detector.enabled')) { + if (config.get('monitoring.tests.cloud_detector.enabled')) { cloudDetector.detectCloudService(); } diff --git a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/init.js b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/init.js index bf79ddc210902..3c02e2be58dec 100644 --- a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/init.js +++ b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/init.js @@ -16,7 +16,7 @@ import { BulkUploader } from './bulk_uploader'; * @param {Object} server HapiJS server instance */ export function initBulkUploader({ config, ...params }) { - const interval = config.get('xpack.monitoring.kibana.collection.interval'); + const interval = config.get('monitoring.kibana.collection.interval'); return new BulkUploader({ interval, config, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/__tests__/ccs_utils.js b/x-pack/legacy/plugins/monitoring/server/lib/__tests__/ccs_utils.js index 844dfc96bb19b..2d310962238fd 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/__tests__/ccs_utils.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/__tests__/ccs_utils.js @@ -17,7 +17,7 @@ describe('ccs_utils', () => { const get = sinon.stub(); const config = { get }; - get.withArgs('xpack.monitoring.ccs.enabled').returns(false); + get.withArgs('monitoring.ui.ccs.enabled').returns(false); // falsy string values should be ignored const allPattern = prefixIndexPattern(config, indexPattern, '*'); @@ -32,7 +32,7 @@ describe('ccs_utils', () => { const get = sinon.stub(); const config = { get }; - get.withArgs('xpack.monitoring.ccs.enabled').returns(true); + get.withArgs('monitoring.ui.ccs.enabled').returns(true); // falsy string values should be ignored const undefinedPattern = prefixIndexPattern(config, indexPattern); @@ -49,7 +49,7 @@ describe('ccs_utils', () => { const get = sinon.stub(); const config = { get }; - get.withArgs('xpack.monitoring.ccs.enabled').returns(true); + get.withArgs('monitoring.ui.ccs.enabled').returns(true); const abcPattern = prefixIndexPattern(config, indexPattern, 'aBc'); const underscorePattern = prefixIndexPattern(config, indexPattern, 'cluster_one'); @@ -67,7 +67,7 @@ describe('ccs_utils', () => { const get = sinon.stub(); const config = { get }; - get.withArgs('xpack.monitoring.ccs.enabled').returns(true); + get.withArgs('monitoring.ui.ccs.enabled').returns(true); const pattern = prefixIndexPattern(config, indexPattern, '*'); diff --git a/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms.js b/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms.js index ef8db59620f1a..40070a6b0d0f2 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms.js @@ -84,7 +84,7 @@ export async function getApms(req, apmIndexPattern, clusterUuid) { const params = { index: apmIndexPattern, - size: config.get('xpack.monitoring.max_bucket_size'), // FIXME + size: config.get('monitoring.ui.max_bucket_size'), // FIXME ignoreUnavailable: true, filterPath: [ // only filter path can filter for inner_hits diff --git a/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms_for_clusters.js b/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms_for_clusters.js index 95ccb81f696be..a24936dc0f832 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms_for_clusters.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms_for_clusters.js @@ -35,7 +35,7 @@ export function getApmsForClusters(req, apmIndexPattern, clusters) { const start = req.payload.timeRange.min; const end = req.payload.timeRange.max; const config = req.server.config(); - const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); + const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); return Promise.all( clusters.map(async cluster => { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/apm/get_stats.js b/x-pack/legacy/plugins/monitoring/server/lib/apm/get_stats.js index 54a0609d945de..bfaec4f8a1294 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/apm/get_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/apm/get_stats.js @@ -28,7 +28,7 @@ export async function getStats(req, apmIndexPattern, clusterUuid) { const config = req.server.config(); const start = moment.utc(req.payload.timeRange.min).valueOf(); const end = moment.utc(req.payload.timeRange.max).valueOf(); - const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); + const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); const params = { index: apmIndexPattern, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats.js b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats.js index 5857ec32b2259..ef878e4892557 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats.js @@ -83,7 +83,7 @@ export async function getBeats(req, beatsIndexPattern, clusterUuid) { const params = { index: beatsIndexPattern, - size: config.get('xpack.monitoring.max_bucket_size'), // FIXME + size: config.get('monitoring.ui.max_bucket_size'), // FIXME ignoreUnavailable: true, filterPath: [ // only filter path can filter for inner_hits diff --git a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats_for_clusters.js b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats_for_clusters.js index 82a738755931d..624abb894e508 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats_for_clusters.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats_for_clusters.js @@ -34,7 +34,7 @@ export function getBeatsForClusters(req, beatsIndexPattern, clusters) { const start = req.payload.timeRange.min; const end = req.payload.timeRange.max; const config = req.server.config(); - const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); + const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); return Promise.all( clusters.map(async cluster => { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_latest_stats.js b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_latest_stats.js index d326c84634e12..1139489728dbf 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_latest_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_latest_stats.js @@ -71,7 +71,7 @@ export function getLatestStats(req, beatsIndexPattern, clusterUuid) { uuids: { terms: { field: 'beats_stats.beat.uuid', - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), }, }, }, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_stats.js b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_stats.js index 80851a8498c26..0f90750a293fb 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_stats.js @@ -28,7 +28,7 @@ export async function getStats(req, beatsIndexPattern, clusterUuid) { const config = req.server.config(); const start = moment.utc(req.payload.timeRange.min).valueOf(); const end = moment.utc(req.payload.timeRange.max).valueOf(); - const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); + const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); const params = { index: beatsIndexPattern, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/ccs_utils.js b/x-pack/legacy/plugins/monitoring/server/lib/ccs_utils.js index 5b3980d9619a8..3409462156a07 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/ccs_utils.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/ccs_utils.js @@ -16,7 +16,7 @@ * @return {String} The index pattern with the {@code cluster} prefix appropriately prepended. */ export function prefixIndexPattern(config, indexPattern, ccs) { - const ccsEnabled = config.get('xpack.monitoring.ccs.enabled'); + const ccsEnabled = config.get('monitoring.ui.ccs.enabled'); if (!ccsEnabled || !ccs) { return indexPattern; diff --git a/x-pack/legacy/plugins/monitoring/server/lib/cluster/get_clusters_stats.js b/x-pack/legacy/plugins/monitoring/server/lib/cluster/get_clusters_stats.js index c323cb381aaf2..54dc58a374c2c 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/cluster/get_clusters_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/cluster/get_clusters_stats.js @@ -46,7 +46,7 @@ function fetchClusterStats(req, esIndexPattern, clusterUuid) { const metric = ElasticsearchMetric.getMetricFields(); const params = { index: esIndexPattern, - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), ignoreUnavailable: true, filterPath: [ 'hits.hits._index', diff --git a/x-pack/legacy/plugins/monitoring/server/lib/details/__test__/get_metrics.test.js b/x-pack/legacy/plugins/monitoring/server/lib/details/__test__/get_metrics.test.js index b7c387e74ec96..fbe6c8ec4cfa3 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/details/__test__/get_metrics.test.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/details/__test__/get_metrics.test.js @@ -20,7 +20,7 @@ function getMockReq(metricsBuckets = []) { get: sinon.stub(), }; - config.get.withArgs('xpack.monitoring.min_interval_seconds').returns(10); + config.get.withArgs('monitoring.ui.min_interval_seconds').returns(10); return { server: { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/details/get_metrics.js b/x-pack/legacy/plugins/monitoring/server/lib/details/get_metrics.js index 798a94abbe484..0c4736e91ea10 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/details/get_metrics.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/details/get_metrics.js @@ -28,7 +28,7 @@ export async function getMetrics( // TODO: Pass in req parameters as explicit function parameters let min = moment.utc(req.payload.timeRange.min).valueOf(); const max = moment.utc(req.payload.timeRange.max).valueOf(); - const minIntervalSeconds = config.get('xpack.monitoring.min_interval_seconds'); + const minIntervalSeconds = config.get('monitoring.ui.min_interval_seconds'); const bucketSize = calculateTimeseriesInterval(min, max, minIntervalSeconds); const timezone = await getTimezone(req); diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/get_ml_jobs.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/get_ml_jobs.js index 658ee96c1f084..8aef402f881e8 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/get_ml_jobs.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/get_ml_jobs.js @@ -23,7 +23,7 @@ export function getMlJobs(req, esIndexPattern) { checkParam(esIndexPattern, 'esIndexPattern in getMlJobs'); const config = req.server.config(); - const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); + const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); const start = req.payload.timeRange.min; // no wrapping in moment :) const end = req.payload.timeRange.max; const clusterUuid = req.params.clusterUuid; diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/indices/get_indices.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/indices/get_indices.js index 6fe8ccfd89043..938a9b9d55e43 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/indices/get_indices.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/indices/get_indices.js @@ -97,7 +97,7 @@ export function getIndices(req, esIndexPattern, showSystemIndices = false, shard const params = { index: esIndexPattern, // TODO: composite aggregation - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), ignoreUnavailable: true, filterPath: [ // only filter path can filter for inner_hits diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_nodes.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_nodes.js index 7581a32590971..c248ad743e0ec 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_nodes.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_nodes.js @@ -44,7 +44,7 @@ export async function getNodes(req, esIndexPattern, pageOfNodes, clusterStats, n const min = start; const bucketSize = Math.max( - config.get('xpack.monitoring.min_interval_seconds'), + config.get('monitoring.ui.min_interval_seconds'), calculateAuto(100, duration).asSeconds() ); @@ -59,7 +59,7 @@ export async function getNodes(req, esIndexPattern, pageOfNodes, clusterStats, n const params = { index: esIndexPattern, - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), ignoreUnavailable: true, body: { query: createQuery({ @@ -78,7 +78,7 @@ export async function getNodes(req, esIndexPattern, pageOfNodes, clusterStats, n terms: { field: `source_node.uuid`, include: uuidsToInclude, - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), }, aggs: { by_date: { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_paginated_nodes.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_paginated_nodes.js index 51c61046e9cda..e18d328e8725b 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_paginated_nodes.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_paginated_nodes.js @@ -38,7 +38,7 @@ export async function getPaginatedNodes( { clusterStats, nodesShardCount } ) { const config = req.server.config(); - const size = config.get('xpack.monitoring.max_bucket_size'); + const size = config.get('monitoring.ui.max_bucket_size'); const nodes = await getNodeIds(req, esIndexPattern, { clusterUuid }, size); // Add `isOnline` and shards from the cluster state and shard stats @@ -63,7 +63,7 @@ export async function getPaginatedNodes( const groupBy = { field: `source_node.uuid`, include: nodes.map(node => node.uuid), - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), }; const metricSeriesData = await getMetrics( req, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_indices_unassigned_shard_stats.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_indices_unassigned_shard_stats.js index e8d484e7021f4..c77bcc4f62e61 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_indices_unassigned_shard_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_indices_unassigned_shard_stats.js @@ -12,7 +12,7 @@ import { calculateIndicesTotals } from './calculate_shard_stat_indices_totals'; async function getUnassignedShardData(req, esIndexPattern, cluster) { const config = req.server.config(); - const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); + const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); const metric = ElasticsearchMetric.getMetricFields(); const params = { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_nodes_shard_count.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_nodes_shard_count.js index c11bd4aead693..7823884dc749d 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_nodes_shard_count.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_nodes_shard_count.js @@ -11,7 +11,7 @@ import { ElasticsearchMetric } from '../../metrics'; async function getShardCountPerNode(req, esIndexPattern, cluster) { const config = req.server.config(); - const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); + const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); const metric = ElasticsearchMetric.getMetricFields(); const params = { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_allocation.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_allocation.js index 3be5650b7d3bc..40412c03b0ef9 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_allocation.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_allocation.js @@ -55,7 +55,7 @@ export function getShardAllocation( const metric = ElasticsearchMetric.getMetricFields(); const params = { index: esIndexPattern, - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), ignoreUnavailable: true, body: { query: createQuery({ type: 'shards', clusterUuid, metric, filters }), diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_stat_aggs.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_stat_aggs.js index eddd50612cdb1..8c4834e5d5e40 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_stat_aggs.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_stat_aggs.js @@ -9,7 +9,7 @@ * @param {Boolean} includeNodes - whether to add the aggs for node shards */ export function getShardAggs(config, includeNodes, includeIndices) { - const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); + const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); const aggSize = 10; const indicesAgg = { terms: { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas.js b/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas.js index af6563bae682d..c272c38f00d55 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas.js @@ -31,7 +31,7 @@ export function getKibanas(req, kbnIndexPattern, { clusterUuid }) { const params = { index: kbnIndexPattern, - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), ignoreUnavailable: true, body: { query: createQuery({ diff --git a/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas_for_clusters.js b/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas_for_clusters.js index dbf1c41dcf4e5..e50e8bda3c907 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas_for_clusters.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas_for_clusters.js @@ -49,7 +49,7 @@ export function getKibanasForClusters(req, kbnIndexPattern, clusters) { kibana_uuids: { terms: { field: 'kibana_stats.kibana.uuid', - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), }, aggs: { latest_report: { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logs/get_logs.js b/x-pack/legacy/plugins/monitoring/server/lib/logs/get_logs.js index 7a20d7737c5e8..b876e3ba05d70 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logs/get_logs.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logs/get_logs.js @@ -70,7 +70,7 @@ export async function getLogs( const params = { index: filebeatIndexPattern, - size: Math.min(50, config.get('xpack.monitoring.elasticsearch.logFetchCount')), + size: Math.min(50, config.get('monitoring.ui.elasticsearch.logFetchCount')), filterPath: [ 'hits.hits._source.message', 'hits.hits._source.log.level', diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_logstash_for_clusters.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_logstash_for_clusters.js index d0de2c3f5df3a..55baa3cf10b50 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_logstash_for_clusters.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_logstash_for_clusters.js @@ -60,7 +60,7 @@ export function getLogstashForClusters(req, lsIndexPattern, clusters) { logstash_uuids: { terms: { field: 'logstash_stats.logstash.uuid', - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), }, aggs: { latest_report: { @@ -119,7 +119,7 @@ export function getLogstashForClusters(req, lsIndexPattern, clusters) { logstash_versions: { terms: { field: 'logstash_stats.logstash.version', - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), }, }, pipelines_nested: { @@ -135,7 +135,7 @@ export function getLogstashForClusters(req, lsIndexPattern, clusters) { queue_types: { terms: { field: 'logstash_stats.pipelines.queue.type', - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), }, aggs: { num_pipelines: { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_nodes.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_nodes.js index 93b70d7b79f0a..06696abdb031f 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_nodes.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_nodes.js @@ -31,7 +31,7 @@ export function getNodes(req, lsIndexPattern, { clusterUuid }) { const params = { index: lsIndexPattern, - size: config.get('xpack.monitoring.max_bucket_size'), // FIXME + size: config.get('monitoring.ui.max_bucket_size'), // FIXME ignoreUnavailable: true, body: { query: createQuery({ diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_paginated_pipelines.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_paginated_pipelines.js index ef9ef90e8f310..ffc7e9ce1d6c2 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_paginated_pipelines.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_paginated_pipelines.js @@ -37,7 +37,7 @@ export async function getPaginatedPipelines( queryText ) { const config = req.server.config(); - const size = config.get('xpack.monitoring.max_bucket_size'); + const size = config.get('monitoring.ui.max_bucket_size'); const pipelines = await getLogstashPipelineIds( req, lsIndexPattern, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline.js index eeeffd74e91f7..35a4295de298b 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline.js @@ -111,7 +111,7 @@ export async function getPipeline(req, config, lsIndexPattern, clusterUuid, pipe }; // Determine metrics' timeseries interval based on version's timespan - const minIntervalSeconds = config.get('xpack.monitoring.min_interval_seconds'); + const minIntervalSeconds = config.get('monitoring.ui.min_interval_seconds'); const timeseriesInterval = calculateTimeseriesInterval( version.firstSeen, version.lastSeen, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_stats_aggregation.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_stats_aggregation.js index 1858674a01b86..d9c03819b0098 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_stats_aggregation.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_stats_aggregation.js @@ -171,7 +171,7 @@ export function getPipelineStatsAggregation( logstashIndexPattern, pipelineId, version, - config.get('xpack.monitoring.max_bucket_size'), + config.get('monitoring.ui.max_bucket_size'), callWithRequest, req ); diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_versions.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_versions.js index 7dfa8d4a163ce..7521389c379ea 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_versions.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_versions.js @@ -37,7 +37,7 @@ function fetchPipelineVersions(...args) { by_pipeline_hash: { terms: { field: 'logstash_stats.pipelines.hash', - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), order: { 'path_to_root>first_seen': 'desc' }, }, aggs: { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex.js index 49c2dff2d6080..134dd88b36ce6 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex.js @@ -130,7 +130,7 @@ export async function getPipelineVertex( }; // Determine metrics' timeseries interval based on version's timespan - const minIntervalSeconds = config.get('xpack.monitoring.min_interval_seconds'); + const minIntervalSeconds = config.get('monitoring.ui.min_interval_seconds'); const timeseriesInterval = calculateTimeseriesInterval( version.firstSeen, version.lastSeen, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex_stats_aggregation.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex_stats_aggregation.js index c91182188b213..425ca5731926c 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex_stats_aggregation.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex_stats_aggregation.js @@ -216,7 +216,7 @@ export function getPipelineVertexStatsAggregation( version, vertexId, timeSeriesIntervalInSeconds, - config.get('xpack.monitoring.max_bucket_size'), + config.get('monitoring.ui.max_bucket_size'), callWithRequest, req ); diff --git a/x-pack/legacy/plugins/monitoring/server/plugin.js b/x-pack/legacy/plugins/monitoring/server/plugin.js index 163bc43945be1..ef346e95ad075 100644 --- a/x-pack/legacy/plugins/monitoring/server/plugin.js +++ b/x-pack/legacy/plugins/monitoring/server/plugin.js @@ -48,7 +48,7 @@ export class Plugin { /* * End-user-facing services */ - const uiEnabled = config.get('xpack.monitoring.ui.enabled'); + const uiEnabled = config.get('monitoring.ui.enabled'); if (uiEnabled) { await instantiateClient({ @@ -98,7 +98,7 @@ export class Plugin { kbnServerStatus: kbnServer.status, kbnServerVersion: kbnServer.version, }); - const kibanaCollectionEnabled = config.get('xpack.monitoring.kibana.collection.enabled'); + const kibanaCollectionEnabled = config.get('monitoring.kibana.collection.enabled'); if (kibanaCollectionEnabled) { /* @@ -125,14 +125,12 @@ export class Plugin { core.injectUiAppVars('monitoring', () => { const config = core.config(); return { - maxBucketSize: config.get('xpack.monitoring.max_bucket_size'), - minIntervalSeconds: config.get('xpack.monitoring.min_interval_seconds'), + maxBucketSize: config.get('monitoring.ui.max_bucket_size'), + minIntervalSeconds: config.get('monitoring.ui.min_interval_seconds'), kbnIndex: config.get('kibana.index'), - showLicenseExpiration: config.get('xpack.monitoring.show_license_expiration'), - showCgroupMetricsElasticsearch: config.get( - 'xpack.monitoring.ui.container.elasticsearch.enabled' - ), - showCgroupMetricsLogstash: config.get('xpack.monitoring.ui.container.logstash.enabled'), // Note, not currently used, but see https://github.com/elastic/x-pack-kibana/issues/1559 part 2 + showLicenseExpiration: config.get('monitoring.ui.show_license_expiration'), + showCgroupMetricsElasticsearch: config.get('monitoring.ui.container.elasticsearch.enabled'), + showCgroupMetricsLogstash: config.get('monitoring.ui.container.logstash.enabled'), // Note, not currently used, but see https://github.com/elastic/x-pack-kibana/issues/1559 part 2 }; }); } diff --git a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/ccr.js b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/ccr.js index 2d4bded9fc4c8..fcdf4ad8a706c 100644 --- a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/ccr.js +++ b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/ccr.js @@ -26,7 +26,7 @@ function getBucketScript(max, min) { function buildRequest(req, config, esIndexPattern) { const min = moment.utc(req.payload.timeRange.min).valueOf(); const max = moment.utc(req.payload.timeRange.max).valueOf(); - const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); + const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); const aggs = { ops_synced_max: { max: { diff --git a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/node_detail.js b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/node_detail.js index 10226d74ed001..25ead723e3ddb 100644 --- a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/node_detail.js +++ b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/node_detail.js @@ -61,7 +61,7 @@ export function esNodeRoute(server) { metricSet = metricSetOverview; // set the cgroup option if needed const showCgroupMetricsElasticsearch = config.get( - 'xpack.monitoring.ui.container.elasticsearch.enabled' + 'monitoring.ui.container.elasticsearch.enabled' ); const metricCpu = metricSet.find(m => m.name === 'node_cpu_metric'); if (showCgroupMetricsElasticsearch) { diff --git a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/node.js b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/node.js index d5ce9d1686f8a..bd3ae5f5c2679 100644 --- a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/node.js +++ b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/node.js @@ -60,9 +60,7 @@ export function logstashNodeRoute(server) { } else { metricSet = metricSetOverview; // set the cgroup option if needed - const showCgroupMetricsLogstash = config.get( - 'xpack.monitoring.ui.container.logstash.enabled' - ); + const showCgroupMetricsLogstash = config.get('monitoring.ui.container.logstash.enabled'); const metricCpu = metricSet.find(m => m.name === 'logstash_node_cpu_metric'); if (showCgroupMetricsLogstash) { metricCpu.keys = ['logstash_node_cgroup_quota_as_cpu_utilization']; diff --git a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/cluster_pipeline_ids.js b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/cluster_pipeline_ids.js index c5fd76487cca1..93330880babcc 100644 --- a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/cluster_pipeline_ids.js +++ b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/cluster_pipeline_ids.js @@ -36,7 +36,7 @@ export function logstashClusterPipelineIdsRoute(server) { const { ccs } = req.payload; const clusterUuid = req.params.clusterUuid; const lsIndexPattern = prefixIndexPattern(config, INDEX_PATTERN_LOGSTASH, ccs); - const size = config.get('xpack.monitoring.max_bucket_size'); + const size = config.get('monitoring.ui.max_bucket_size'); try { const pipelines = await getLogstashPipelineIds(req, lsIndexPattern, { clusterUuid }, size); diff --git a/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_cluster_uuids.ts b/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_cluster_uuids.ts index fc85cbe442ddf..4738ab5b8af83 100644 --- a/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_cluster_uuids.ts +++ b/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_cluster_uuids.ts @@ -40,7 +40,7 @@ export function fetchClusterUuids({ server, callCluster, start, end }: StatsColl cluster_uuids: { terms: { field: 'cluster_uuid', - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), }, }, }, diff --git a/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_es_stats.js b/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_es_stats.js index 8e5a59361e52f..52d34258b5fa4 100644 --- a/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_es_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_es_stats.js @@ -31,7 +31,7 @@ export function fetchElasticsearchStats(server, callCluster, clusterUuids) { const config = server.config(); const params = { index: INDEX_PATTERN_ELASTICSEARCH, - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), ignoreUnavailable: true, filterPath: [ 'hits.hits._source.cluster_uuid', diff --git a/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_high_level_stats.js b/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_high_level_stats.js index 2632a8f6e041d..b87f632308e4d 100644 --- a/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_high_level_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_high_level_stats.js @@ -217,7 +217,7 @@ export async function fetchHighLevelStats(server, callCluster, clusterUuids, sta const params = { index: getIndexPatternForStackProduct(product), - size: config.get('xpack.monitoring.max_bucket_size'), + size: config.get('monitoring.ui.max_bucket_size'), headers: { 'X-QUERY-SOURCE': TELEMETRY_QUERY_SOURCE, }, diff --git a/x-pack/legacy/plugins/monitoring/ui_exports.js b/x-pack/legacy/plugins/monitoring/ui_exports.js index 2b5ea21a2bb45..9251deb673bd1 100644 --- a/x-pack/legacy/plugins/monitoring/ui_exports.js +++ b/x-pack/legacy/plugins/monitoring/ui_exports.js @@ -32,7 +32,7 @@ export const getUiExports = () => ({ injectDefaultVars(server) { const config = server.config(); return { - monitoringUiEnabled: config.get('xpack.monitoring.ui.enabled'), + monitoringUiEnabled: config.get('monitoring.ui.enabled'), }; }, hacks: ['plugins/monitoring/hacks/toggle_app_link_in_nav'], From 708713496d46eab0fc0373fa0d50cca21169c82b Mon Sep 17 00:00:00 2001 From: Brian Seeders Date: Tue, 28 Jan 2020 12:13:56 -0500 Subject: [PATCH 05/40] Skip flaky visualize_security test --- .../apps/visualize/feature_controls/visualize_security.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/test/functional/apps/visualize/feature_controls/visualize_security.ts b/x-pack/test/functional/apps/visualize/feature_controls/visualize_security.ts index 767dbd7165567..5f8b3f38436f6 100644 --- a/x-pack/test/functional/apps/visualize/feature_controls/visualize_security.ts +++ b/x-pack/test/functional/apps/visualize/feature_controls/visualize_security.ts @@ -116,7 +116,8 @@ export default function({ getPageObjects, getService }: FtrProviderContext) { await PageObjects.share.clickShareTopNavButton(); }); - it('allow saving via the saved query management component popover with no saved query loaded', async () => { + // Flaky: https://github.com/elastic/kibana/issues/50018 + it.skip('allow saving via the saved query management component popover with no saved query loaded', async () => { await queryBar.setQuery('response:200'); await savedQueryManagementComponent.saveNewQuery('foo', 'bar', true, false); await savedQueryManagementComponent.savedQueryExistOrFail('foo'); From b34db43057d061ddfd4a081754395a137f294811 Mon Sep 17 00:00:00 2001 From: Melissa Alvarez Date: Tue, 28 Jan 2020 12:19:04 -0500 Subject: [PATCH 06/40] [ML] Add functional tests for analytics UI: creation addition and regression/outlier results (#56059) * add description input functional test to analytics creation test * regression results functional tests - add initial tests * outlier results functional tests - add initial test * ensure description is saved correctly * fix no key react warning --- .../components/exploration/exploration.tsx | 2 +- .../regression_exploration/evaluate_panel.tsx | 6 ++++- .../regression_exploration/evaluate_stat.tsx | 5 +++-- .../regression_exploration/results_table.tsx | 3 ++- .../components/analytics_list/actions.tsx | 2 +- .../components/analytics_list/columns.tsx | 1 + .../outlier_detection_creation.ts | 12 ++++++++++ .../regression_creation.ts | 13 +++++++++++ .../machine_learning/data_frame_analytics.ts | 16 ++++++++++++++ .../data_frame_analytics_creation.ts | 22 +++++++++++++++++++ .../data_frame_analytics_table.ts | 15 +++++++++++++ 11 files changed, 91 insertions(+), 6 deletions(-) diff --git a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_exploration/components/exploration/exploration.tsx b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_exploration/components/exploration/exploration.tsx index 098f8f07bee44..bd1b60d92403e 100644 --- a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_exploration/components/exploration/exploration.tsx +++ b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_exploration/components/exploration/exploration.tsx @@ -453,7 +453,7 @@ export const Exploration: FC = React.memo(({ jobId, jobStatus }) => { const MlInMemoryTableBasic = mlInMemoryTableBasicFactory(); return ( - + diff --git a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_exploration/components/regression_exploration/evaluate_panel.tsx b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_exploration/components/regression_exploration/evaluate_panel.tsx index 30744c1a88d83..fe2676053dde3 100644 --- a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_exploration/components/regression_exploration/evaluate_panel.tsx +++ b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_exploration/components/regression_exploration/evaluate_panel.tsx @@ -229,7 +229,7 @@ export const EvaluatePanel: FC = ({ jobConfig, jobStatus, searchQuery }) }, [JSON.stringify(searchQuery)]); return ( - + @@ -296,6 +296,7 @@ export const EvaluatePanel: FC = ({ jobConfig, jobStatus, searchQuery }) = ({ jobConfig, jobStatus, searchQuery }) = ({ jobConfig, jobStatus, searchQuery }) = ({ jobConfig, jobStatus, searchQuery }) = ({ isLoading, isMSE, title }) => ( - +export const EvaluateStat: FC = ({ isLoading, isMSE, title, dataTestSubj }) => ( + = React.memo( : searchError; return ( - + @@ -461,6 +461,7 @@ export const ResultsTable: FC = React.memo( {docFields.map(({ name }) => ( field.name === name)} onChange={() => toggleColumn(name)} diff --git a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/components/analytics_list/actions.tsx b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/components/analytics_list/actions.tsx index fc3c00cbcf3e3..eb87bfd96c149 100644 --- a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/components/analytics_list/actions.tsx +++ b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/components/analytics_list/actions.tsx @@ -47,7 +47,7 @@ export const AnalyticsViewAction = { aria-label={i18n.translate('xpack.ml.dataframe.analyticsList.viewAriaLabel', { defaultMessage: 'View', })} - data-test-sub="mlAnalyticsJobViewButton" + data-test-subj="mlAnalyticsJobViewButton" > {i18n.translate('xpack.ml.dataframe.analyticsList.viewActionName', { defaultMessage: 'View', diff --git a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/components/analytics_list/columns.tsx b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/components/analytics_list/columns.tsx index 34f281cec57d3..07ae2c176c363 100644 --- a/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/components/analytics_list/columns.tsx +++ b/x-pack/legacy/plugins/ml/public/application/data_frame_analytics/pages/analytics_management/components/analytics_list/columns.tsx @@ -191,6 +191,7 @@ export const getColumns = ( }), sortable: true, truncateText: true, + 'data-test-subj': 'mlAnalyticsTableColumnJobDescription', }, { field: DataFrameAnalyticsListColumn.configSourceIndex, diff --git a/x-pack/test/functional/apps/machine_learning/data_frame_analytics/outlier_detection_creation.ts b/x-pack/test/functional/apps/machine_learning/data_frame_analytics/outlier_detection_creation.ts index 3e80a5782309f..2b64847602c4c 100644 --- a/x-pack/test/functional/apps/machine_learning/data_frame_analytics/outlier_detection_creation.ts +++ b/x-pack/test/functional/apps/machine_learning/data_frame_analytics/outlier_detection_creation.ts @@ -27,6 +27,7 @@ export default function({ getService }: FtrProviderContext) { suiteTitle: 'iowa house prices', jobType: 'outlier_detection', jobId: `ihp_1_${Date.now()}`, + jobDescription: 'This is the job description', source: 'ihp_outlier', get destinationIndex(): string { return `dest_${this.jobId}`; @@ -76,6 +77,11 @@ export default function({ getService }: FtrProviderContext) { await ml.dataFrameAnalyticsCreation.setJobId(testData.jobId); }); + it('inputs the job description', async () => { + await ml.dataFrameAnalyticsCreation.assertJobDescriptionInputExists(); + await ml.dataFrameAnalyticsCreation.setJobDescription(testData.jobDescription); + }); + it('selects the source index', async () => { await ml.dataFrameAnalyticsCreation.assertSourceIndexInputExists(); await ml.dataFrameAnalyticsCreation.selectSourceIndex(testData.source); @@ -139,6 +145,7 @@ export default function({ getService }: FtrProviderContext) { it('displays details for the created job in the analytics table', async () => { await ml.dataFrameAnalyticsTable.assertAnalyticsRowFields(testData.jobId, { id: testData.jobId, + description: testData.jobDescription, sourceIndex: testData.source, destinationIndex: testData.destinationIndex, type: testData.expected.row.type, @@ -151,6 +158,11 @@ export default function({ getService }: FtrProviderContext) { await ml.api.assertIndicesExist(testData.destinationIndex); await ml.api.assertIndicesNotEmpty(testData.destinationIndex); }); + + it('displays the results view for created job', async () => { + await ml.dataFrameAnalyticsTable.openResultsView(); + await ml.dataFrameAnalytics.assertOutlierTablePanelExists(); + }); }); } }); diff --git a/x-pack/test/functional/apps/machine_learning/data_frame_analytics/regression_creation.ts b/x-pack/test/functional/apps/machine_learning/data_frame_analytics/regression_creation.ts index 2de98c9b80240..1a514f4ad44e5 100644 --- a/x-pack/test/functional/apps/machine_learning/data_frame_analytics/regression_creation.ts +++ b/x-pack/test/functional/apps/machine_learning/data_frame_analytics/regression_creation.ts @@ -27,6 +27,7 @@ export default function({ getService }: FtrProviderContext) { suiteTitle: 'electrical grid stability', jobType: 'regression', jobId: `egs_1_${Date.now()}`, + jobDescription: 'This is the job description', source: 'egs_regression', get destinationIndex(): string { return `dest_${this.jobId}`; @@ -70,6 +71,11 @@ export default function({ getService }: FtrProviderContext) { await ml.dataFrameAnalyticsCreation.setJobId(testData.jobId); }); + it('inputs the job description', async () => { + await ml.dataFrameAnalyticsCreation.assertJobDescriptionInputExists(); + await ml.dataFrameAnalyticsCreation.setJobDescription(testData.jobDescription); + }); + it('selects the source index', async () => { await ml.dataFrameAnalyticsCreation.assertSourceIndexInputExists(); await ml.dataFrameAnalyticsCreation.selectSourceIndex(testData.source); @@ -143,6 +149,7 @@ export default function({ getService }: FtrProviderContext) { it('displays details for the created job in the analytics table', async () => { await ml.dataFrameAnalyticsTable.assertAnalyticsRowFields(testData.jobId, { id: testData.jobId, + description: testData.jobDescription, sourceIndex: testData.source, destinationIndex: testData.destinationIndex, type: testData.expected.row.type, @@ -155,6 +162,12 @@ export default function({ getService }: FtrProviderContext) { await ml.api.assertIndicesExist(testData.destinationIndex); await ml.api.assertIndicesNotEmpty(testData.destinationIndex); }); + + it('displays the results view for created job', async () => { + await ml.dataFrameAnalyticsTable.openResultsView(); + await ml.dataFrameAnalytics.assertRegressionEvaluatePanelElementsExists(); + await ml.dataFrameAnalytics.assertRegressionTablePanelExists(); + }); }); } }); diff --git a/x-pack/test/functional/services/machine_learning/data_frame_analytics.ts b/x-pack/test/functional/services/machine_learning/data_frame_analytics.ts index 8c8b5db1d2c52..95a4341e8a8d0 100644 --- a/x-pack/test/functional/services/machine_learning/data_frame_analytics.ts +++ b/x-pack/test/functional/services/machine_learning/data_frame_analytics.ts @@ -32,6 +32,22 @@ export function MachineLearningDataFrameAnalyticsProvider( await testSubjects.existOrFail('mlAnalyticsButtonCreate'); }, + async assertRegressionEvaluatePanelElementsExists() { + await testSubjects.existOrFail('mlDFAnalyticsRegressionExplorationEvaluatePanel'); + await testSubjects.existOrFail('mlDFAnalyticsRegressionGenMSEstat'); + await testSubjects.existOrFail('mlDFAnalyticsRegressionGenRSquaredStat'); + await testSubjects.existOrFail('mlDFAnalyticsRegressionTrainingMSEstat'); + await testSubjects.existOrFail('mlDFAnalyticsRegressionTrainingRSquaredStat'); + }, + + async assertRegressionTablePanelExists() { + await testSubjects.existOrFail('mlDFAnalyticsRegressionExplorationTablePanel'); + }, + + async assertOutlierTablePanelExists() { + await testSubjects.existOrFail('mlDFAnalyticsOutlierExplorationTablePanel'); + }, + async assertAnalyticsStatsBarExists() { await testSubjects.existOrFail('mlAnalyticsStatsBar'); }, diff --git a/x-pack/test/functional/services/machine_learning/data_frame_analytics_creation.ts b/x-pack/test/functional/services/machine_learning/data_frame_analytics_creation.ts index 6531ca04f22b0..b4e455ebaa63f 100644 --- a/x-pack/test/functional/services/machine_learning/data_frame_analytics_creation.ts +++ b/x-pack/test/functional/services/machine_learning/data_frame_analytics_creation.ts @@ -58,6 +58,10 @@ export function MachineLearningDataFrameAnalyticsCreationProvider({ await testSubjects.existOrFail('mlAnalyticsCreateJobFlyoutJobIdInput'); }, + async assertJobDescriptionInputExists() { + await testSubjects.existOrFail('mlDFAnalyticsJobCreationJobDescription'); + }, + async assertJobIdValue(expectedValue: string) { const actualJobId = await testSubjects.getAttribute( 'mlAnalyticsCreateJobFlyoutJobIdInput', @@ -69,6 +73,17 @@ export function MachineLearningDataFrameAnalyticsCreationProvider({ ); }, + async assertJobDescriptionValue(expectedValue: string) { + const actualJobDescription = await testSubjects.getAttribute( + 'mlDFAnalyticsJobCreationJobDescription', + 'value' + ); + expect(actualJobDescription).to.eql( + expectedValue, + `Job description should be '${expectedValue}' (got '${actualJobDescription}')` + ); + }, + async setJobId(jobId: string) { await testSubjects.setValue('mlAnalyticsCreateJobFlyoutJobIdInput', jobId, { clearWithKeyboard: true, @@ -76,6 +91,13 @@ export function MachineLearningDataFrameAnalyticsCreationProvider({ await this.assertJobIdValue(jobId); }, + async setJobDescription(jobDescription: string) { + await testSubjects.setValue('mlDFAnalyticsJobCreationJobDescription', jobDescription, { + clearWithKeyboard: true, + }); + await this.assertJobDescriptionValue(jobDescription); + }, + async assertSourceIndexInputExists() { await testSubjects.existOrFail('mlAnalyticsCreateJobFlyoutSourceIndexSelect > comboBoxInput'); }, diff --git a/x-pack/test/functional/services/machine_learning/data_frame_analytics_table.ts b/x-pack/test/functional/services/machine_learning/data_frame_analytics_table.ts index 17a7cfd4775eb..0324b440548bc 100644 --- a/x-pack/test/functional/services/machine_learning/data_frame_analytics_table.ts +++ b/x-pack/test/functional/services/machine_learning/data_frame_analytics_table.ts @@ -26,6 +26,11 @@ export function MachineLearningDataFrameAnalyticsTableProvider({ getService }: F .find('.euiTableCellContent') .text() .trim(), + description: $tr + .findTestSubject('mlAnalyticsTableColumnJobDescription') + .find('.euiTableCellContent') + .text() + .trim(), sourceIndex: $tr .findTestSubject('mlAnalyticsTableColumnSourceIndex') .find('.euiTableCellContent') @@ -71,6 +76,10 @@ export function MachineLearningDataFrameAnalyticsTableProvider({ getService }: F return await tableListContainer.findByClassName('euiFieldSearch'); } + async assertJobViewButtonExists() { + await testSubjects.existOrFail('mlAnalyticsJobViewButton'); + } + async assertAnalyticsSearchInputValue(expectedSearchValue: string) { const searchBarInput = await this.getAnalyticsSearchInput(); const actualSearchValue = await searchBarInput.getAttribute('value'); @@ -80,6 +89,12 @@ export function MachineLearningDataFrameAnalyticsTableProvider({ getService }: F ); } + public async openResultsView() { + await this.assertJobViewButtonExists(); + await testSubjects.click('mlAnalyticsJobViewButton'); + await testSubjects.existOrFail('mlPageDataFrameAnalyticsExploration', { timeout: 5000 }); + } + public async filterWithSearchString(filter: string) { await this.waitForAnalyticsToLoad(); const searchBarInput = await this.getAnalyticsSearchInput(); From 0b1d308e3af4aa9e12ce96680c2dbe0a505b4420 Mon Sep 17 00:00:00 2001 From: Ben Skelker <54019610+benskelker@users.noreply.github.com> Date: Tue, 28 Jan 2020 19:36:39 +0200 Subject: [PATCH 07/40] fixes map index message (#56104) --- .../__snapshots__/index_patterns_missing_prompt.test.tsx.snap | 2 +- .../components/embeddables/index_patterns_missing_prompt.tsx | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/x-pack/legacy/plugins/siem/public/components/embeddables/__snapshots__/index_patterns_missing_prompt.test.tsx.snap b/x-pack/legacy/plugins/siem/public/components/embeddables/__snapshots__/index_patterns_missing_prompt.test.tsx.snap index 2eefdf767dce1..171926b53e5b9 100644 --- a/x-pack/legacy/plugins/siem/public/components/embeddables/__snapshots__/index_patterns_missing_prompt.test.tsx.snap +++ b/x-pack/legacy/plugins/siem/public/components/embeddables/__snapshots__/index_patterns_missing_prompt.test.tsx.snap @@ -16,7 +16,7 @@ exports[`IndexPatternsMissingPrompt renders correctly against snapshot 1`] = `

{ <>

Date: Tue, 28 Jan 2020 10:47:28 -0700 Subject: [PATCH 08/40] [Reporting/NP] Migration of Reporting Security dependency (#56046) * first pass at new security integration * fix tests * cosmetic * specialize security parameter for get user factory --- x-pack/legacy/plugins/reporting/index.ts | 12 +- .../plugins/reporting/server/lib/get_user.ts | 12 +- .../legacy/plugins/reporting/server/plugin.ts | 5 +- .../server/routes/generate_from_jobparams.ts | 11 +- .../routes/generate_from_savedobject.ts | 12 +- .../generate_from_savedobject_immediate.ts | 18 +-- .../reporting/server/routes/generation.ts | 14 +- .../plugins/reporting/server/routes/index.ts | 8 +- .../reporting/server/routes/jobs.test.js | 14 +- .../plugins/reporting/server/routes/jobs.ts | 16 ++- .../lib/authorized_user_pre_routing.test.js | 125 ++++++++++++++---- .../routes/lib/authorized_user_pre_routing.ts | 6 +- .../server/routes/lib/get_document_payload.ts | 8 +- .../lib/reporting_feature_pre_routing.ts | 2 + .../routes/lib/route_config_factories.ts | 30 +++-- .../reporting/server/routes/types.d.ts | 2 +- 16 files changed, 201 insertions(+), 94 deletions(-) diff --git a/x-pack/legacy/plugins/reporting/index.ts b/x-pack/legacy/plugins/reporting/index.ts index 3fb297cb8d82c..d38e19dee2ef2 100644 --- a/x-pack/legacy/plugins/reporting/index.ts +++ b/x-pack/legacy/plugins/reporting/index.ts @@ -4,21 +4,21 @@ * you may not use this file except in compliance with the Elastic License. */ -import { resolve } from 'path'; import { i18n } from '@kbn/i18n'; import { Legacy } from 'kibana'; import { IUiSettingsClient } from 'kibana/server'; +import { resolve } from 'path'; +import { PluginStart as DataPluginStart } from '../../../../src/plugins/data/server'; +import { PluginSetupContract as SecurityPluginSetup } from '../../../plugins/security/server'; import { PLUGIN_ID, UI_SETTINGS_CUSTOM_PDF_LOGO } from './common/constants'; -import { ReportingConfigOptions, ReportingPluginSpecOptions } from './types.d'; import { config as reportingConfig } from './config'; import { LegacySetup, ReportingPlugin, - ReportingSetupDeps, reportingPluginFactory, + ReportingSetupDeps, } from './server/plugin'; - -import { PluginStart as DataPluginStart } from '../../../../src/plugins/data/server'; +import { ReportingConfigOptions, ReportingPluginSpecOptions } from './types.d'; const kbToBase64Length = (kb: number) => { return Math.floor((kb * 1024 * 8) / 6); @@ -75,6 +75,7 @@ export const reporting = (kibana: any) => { async init(server: Legacy.Server) { const coreSetup = server.newPlatform.setup.core; const pluginsSetup: ReportingSetupDeps = { + security: server.newPlatform.setup.plugins.security as SecurityPluginSetup, usageCollection: server.newPlatform.setup.plugins.usageCollection, }; @@ -92,7 +93,6 @@ export const reporting = (kibana: any) => { plugins: { elasticsearch: server.plugins.elasticsearch, xpack_main: server.plugins.xpack_main, - security: server.plugins.security, }, savedObjects: server.savedObjects, fieldFormatServiceFactory, diff --git a/x-pack/legacy/plugins/reporting/server/lib/get_user.ts b/x-pack/legacy/plugins/reporting/server/lib/get_user.ts index 9ee8d9a835c89..350004ddb78f8 100644 --- a/x-pack/legacy/plugins/reporting/server/lib/get_user.ts +++ b/x-pack/legacy/plugins/reporting/server/lib/get_user.ts @@ -5,19 +5,25 @@ */ import { Legacy } from 'kibana'; +import { KibanaRequest } from '../../../../../../src/core/server'; import { Logger, ServerFacade } from '../../types'; +import { ReportingSetupDeps } from '../plugin'; -export function getUserFactory(server: ServerFacade, logger: Logger) { +export function getUserFactory( + server: ServerFacade, + security: ReportingSetupDeps['security'], + logger: Logger +) { /* * Legacy.Request because this is called from routing middleware */ return async (request: Legacy.Request) => { - if (!server.plugins.security) { + if (!security) { return null; } try { - return await server.plugins.security.getUser(request); + return await security.authc.getCurrentUser(KibanaRequest.from(request)); } catch (err) { logger.error(err, ['getUser']); return null; diff --git a/x-pack/legacy/plugins/reporting/server/plugin.ts b/x-pack/legacy/plugins/reporting/server/plugin.ts index 42ef5c3df182e..cf66ec74969ca 100644 --- a/x-pack/legacy/plugins/reporting/server/plugin.ts +++ b/x-pack/legacy/plugins/reporting/server/plugin.ts @@ -7,6 +7,7 @@ import { Legacy } from 'kibana'; import { CoreSetup, CoreStart, Plugin, LoggerFactory } from 'src/core/server'; import { UsageCollectionSetup } from 'src/plugins/usage_collection/server'; +import { PluginSetupContract as SecurityPluginSetup } from '../../../../plugins/security/server'; import { XPackMainPlugin } from '../../xpack_main/server/xpack_main'; // @ts-ignore import { mirrorPluginStatus } from '../../../server/lib/mirror_plugin_status'; @@ -29,6 +30,7 @@ export type ReportingStart = object; export interface ReportingSetupDeps { usageCollection: UsageCollectionSetup; + security: SecurityPluginSetup; } export type ReportingStartDeps = object; @@ -39,7 +41,6 @@ export interface LegacySetup { info: Legacy.Server['info']; plugins: { elasticsearch: LegacyPlugins['elasticsearch']; - security: LegacyPlugins['security']; xpack_main: XPackMainPlugin & { status?: any; }; @@ -105,7 +106,7 @@ export function reportingPluginFactory( isCollectorReady = true; // Reporting routes - registerRoutes(__LEGACY, exportTypesRegistry, browserDriverFactory, logger); + registerRoutes(__LEGACY, plugins, exportTypesRegistry, browserDriverFactory, logger); return {}; } diff --git a/x-pack/legacy/plugins/reporting/server/routes/generate_from_jobparams.ts b/x-pack/legacy/plugins/reporting/server/routes/generate_from_jobparams.ts index d920015c4290c..ed761b1e684ae 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/generate_from_jobparams.ts +++ b/x-pack/legacy/plugins/reporting/server/routes/generate_from_jobparams.ts @@ -4,24 +4,26 @@ * you may not use this file except in compliance with the Elastic License. */ -import { Legacy } from 'kibana'; import boom from 'boom'; import Joi from 'joi'; +import { Legacy } from 'kibana'; import rison from 'rison-node'; import { API_BASE_URL } from '../../common/constants'; -import { ServerFacade, ReportingResponseToolkit, Logger } from '../../types'; +import { Logger, ReportingResponseToolkit, ServerFacade } from '../../types'; +import { ReportingSetupDeps } from '../plugin'; +import { makeRequestFacade } from './lib/make_request_facade'; import { - getRouteConfigFactoryReportingPre, GetRouteConfigFactoryFn, + getRouteConfigFactoryReportingPre, RouteConfigFactory, } from './lib/route_config_factories'; -import { makeRequestFacade } from './lib/make_request_facade'; import { HandlerErrorFunction, HandlerFunction } from './types'; const BASE_GENERATE = `${API_BASE_URL}/generate`; export function registerGenerateFromJobParams( server: ServerFacade, + plugins: ReportingSetupDeps, handler: HandlerFunction, handleError: HandlerErrorFunction, logger: Logger @@ -29,6 +31,7 @@ export function registerGenerateFromJobParams( const getRouteConfig = () => { const getOriginalRouteConfig: GetRouteConfigFactoryFn = getRouteConfigFactoryReportingPre( server, + plugins, logger ); const routeConfigFactory: RouteConfigFactory = getOriginalRouteConfig( diff --git a/x-pack/legacy/plugins/reporting/server/routes/generate_from_savedobject.ts b/x-pack/legacy/plugins/reporting/server/routes/generate_from_savedobject.ts index 0da8e40ea29c0..8696f36a45c62 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/generate_from_savedobject.ts +++ b/x-pack/legacy/plugins/reporting/server/routes/generate_from_savedobject.ts @@ -7,11 +7,12 @@ import { Legacy } from 'kibana'; import { get } from 'lodash'; import { API_BASE_GENERATE_V1, CSV_FROM_SAVEDOBJECT_JOB_TYPE } from '../../common/constants'; -import { ServerFacade, ReportingResponseToolkit, Logger } from '../../types'; -import { HandlerErrorFunction, HandlerFunction, QueuedJobPayload } from './types'; -import { getRouteOptionsCsv } from './lib/route_config_factories'; -import { makeRequestFacade } from './lib/make_request_facade'; import { getJobParamsFromRequest } from '../../export_types/csv_from_savedobject/server/lib/get_job_params_from_request'; +import { Logger, ReportingResponseToolkit, ServerFacade } from '../../types'; +import { ReportingSetupDeps } from '../plugin'; +import { makeRequestFacade } from './lib/make_request_facade'; +import { getRouteOptionsCsv } from './lib/route_config_factories'; +import { HandlerErrorFunction, HandlerFunction, QueuedJobPayload } from './types'; /* * This function registers API Endpoints for queuing Reporting jobs. The API inputs are: @@ -24,11 +25,12 @@ import { getJobParamsFromRequest } from '../../export_types/csv_from_savedobject */ export function registerGenerateCsvFromSavedObject( server: ServerFacade, + plugins: ReportingSetupDeps, handleRoute: HandlerFunction, handleRouteError: HandlerErrorFunction, logger: Logger ) { - const routeOptions = getRouteOptionsCsv(server, logger); + const routeOptions = getRouteOptionsCsv(server, plugins, logger); server.route({ path: `${API_BASE_GENERATE_V1}/csv/saved-object/{savedObjectType}:{savedObjectId}`, diff --git a/x-pack/legacy/plugins/reporting/server/routes/generate_from_savedobject_immediate.ts b/x-pack/legacy/plugins/reporting/server/routes/generate_from_savedobject_immediate.ts index 60799b20ce420..f3ed760bba430 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/generate_from_savedobject_immediate.ts +++ b/x-pack/legacy/plugins/reporting/server/routes/generate_from_savedobject_immediate.ts @@ -7,18 +7,19 @@ import { Legacy } from 'kibana'; import { API_BASE_GENERATE_V1 } from '../../common/constants'; import { createJobFactory, executeJobFactory } from '../../export_types/csv_from_savedobject'; +import { getJobParamsFromRequest } from '../../export_types/csv_from_savedobject/server/lib/get_job_params_from_request'; +import { JobDocPayloadPanelCsv } from '../../export_types/csv_from_savedobject/types'; import { - ServerFacade, - ResponseFacade, HeadlessChromiumDriverFactory, - ReportingResponseToolkit, - Logger, JobDocOutput, + Logger, + ReportingResponseToolkit, + ResponseFacade, + ServerFacade, } from '../../types'; -import { JobDocPayloadPanelCsv } from '../../export_types/csv_from_savedobject/types'; -import { getJobParamsFromRequest } from '../../export_types/csv_from_savedobject/server/lib/get_job_params_from_request'; -import { getRouteOptionsCsv } from './lib/route_config_factories'; +import { ReportingSetupDeps } from '../plugin'; import { makeRequestFacade } from './lib/make_request_facade'; +import { getRouteOptionsCsv } from './lib/route_config_factories'; /* * This function registers API Endpoints for immediate Reporting jobs. The API inputs are: @@ -31,9 +32,10 @@ import { makeRequestFacade } from './lib/make_request_facade'; */ export function registerGenerateCsvFromSavedObjectImmediate( server: ServerFacade, + plugins: ReportingSetupDeps, parentLogger: Logger ) { - const routeOptions = getRouteOptionsCsv(server, parentLogger); + const routeOptions = getRouteOptionsCsv(server, plugins, parentLogger); /* * CSV export with the `immediate` option does not queue a job with Reporting's ESQueue to run the job async. Instead, this does: diff --git a/x-pack/legacy/plugins/reporting/server/routes/generation.ts b/x-pack/legacy/plugins/reporting/server/routes/generation.ts index 2a3102d0dd159..3c9ef6987b2d9 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/generation.ts +++ b/x-pack/legacy/plugins/reporting/server/routes/generation.ts @@ -8,20 +8,22 @@ import boom from 'boom'; import { Legacy } from 'kibana'; import { API_BASE_URL } from '../../common/constants'; import { - ServerFacade, ExportTypesRegistry, HeadlessChromiumDriverFactory, - ReportingResponseToolkit, Logger, + ReportingResponseToolkit, + ServerFacade, } from '../../types'; +import { createQueueFactory, enqueueJobFactory } from '../lib'; +import { ReportingSetupDeps } from '../plugin'; import { registerGenerateFromJobParams } from './generate_from_jobparams'; import { registerGenerateCsvFromSavedObject } from './generate_from_savedobject'; import { registerGenerateCsvFromSavedObjectImmediate } from './generate_from_savedobject_immediate'; -import { createQueueFactory, enqueueJobFactory } from '../lib'; import { makeRequestFacade } from './lib/make_request_facade'; export function registerJobGenerationRoutes( server: ServerFacade, + plugins: ReportingSetupDeps, exportTypesRegistry: ExportTypesRegistry, browserDriverFactory: HeadlessChromiumDriverFactory, logger: Logger @@ -73,11 +75,11 @@ export function registerJobGenerationRoutes( return err; } - registerGenerateFromJobParams(server, handler, handleError, logger); + registerGenerateFromJobParams(server, plugins, handler, handleError, logger); // Register beta panel-action download-related API's if (config.get('xpack.reporting.csv.enablePanelActionDownload')) { - registerGenerateCsvFromSavedObject(server, handler, handleError, logger); - registerGenerateCsvFromSavedObjectImmediate(server, logger); + registerGenerateCsvFromSavedObject(server, plugins, handler, handleError, logger); + registerGenerateCsvFromSavedObjectImmediate(server, plugins, logger); } } diff --git a/x-pack/legacy/plugins/reporting/server/routes/index.ts b/x-pack/legacy/plugins/reporting/server/routes/index.ts index da664dcb91ae4..4cfa9dd465eab 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/index.ts +++ b/x-pack/legacy/plugins/reporting/server/routes/index.ts @@ -5,20 +5,22 @@ */ import { - ServerFacade, ExportTypesRegistry, HeadlessChromiumDriverFactory, Logger, + ServerFacade, } from '../../types'; +import { ReportingSetupDeps } from '../plugin'; import { registerJobGenerationRoutes } from './generation'; import { registerJobInfoRoutes } from './jobs'; export function registerRoutes( server: ServerFacade, + plugins: ReportingSetupDeps, exportTypesRegistry: ExportTypesRegistry, browserDriverFactory: HeadlessChromiumDriverFactory, logger: Logger ) { - registerJobGenerationRoutes(server, exportTypesRegistry, browserDriverFactory, logger); - registerJobInfoRoutes(server, exportTypesRegistry, logger); + registerJobGenerationRoutes(server, plugins, exportTypesRegistry, browserDriverFactory, logger); + registerJobInfoRoutes(server, plugins, exportTypesRegistry, logger); } diff --git a/x-pack/legacy/plugins/reporting/server/routes/jobs.test.js b/x-pack/legacy/plugins/reporting/server/routes/jobs.test.js index a5d75ef32af24..c9d4f9fc027be 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/jobs.test.js +++ b/x-pack/legacy/plugins/reporting/server/routes/jobs.test.js @@ -54,6 +54,10 @@ beforeEach(() => { }; }); +const mockPlugins = { + security: null, +}; + const getHits = (...sources) => { return { hits: { @@ -67,7 +71,7 @@ test(`returns 404 if job not found`, async () => { .getCluster('admin') .callWithInternalUser.mockReturnValue(Promise.resolve(getHits())); - registerJobInfoRoutes(mockServer, exportTypesRegistry, mockLogger); + registerJobInfoRoutes(mockServer, mockPlugins, exportTypesRegistry, mockLogger); const request = { method: 'GET', @@ -84,7 +88,7 @@ test(`returns 401 if not valid job type`, async () => { .getCluster('admin') .callWithInternalUser.mockReturnValue(Promise.resolve(getHits({ jobtype: 'invalidJobType' }))); - registerJobInfoRoutes(mockServer, exportTypesRegistry, mockLogger); + registerJobInfoRoutes(mockServer, mockPlugins, exportTypesRegistry, mockLogger); const request = { method: 'GET', @@ -103,7 +107,7 @@ describe(`when job is incomplete`, () => { Promise.resolve(getHits({ jobtype: 'unencodedJobType', status: 'pending' })) ); - registerJobInfoRoutes(mockServer, exportTypesRegistry, mockLogger); + registerJobInfoRoutes(mockServer, mockPlugins, exportTypesRegistry, mockLogger); const request = { method: 'GET', @@ -145,7 +149,7 @@ describe(`when job is failed`, () => { .getCluster('admin') .callWithInternalUser.mockReturnValue(Promise.resolve(hits)); - registerJobInfoRoutes(mockServer, exportTypesRegistry, mockLogger); + registerJobInfoRoutes(mockServer, mockPlugins, exportTypesRegistry, mockLogger); const request = { method: 'GET', @@ -190,7 +194,7 @@ describe(`when job is completed`, () => { .getCluster('admin') .callWithInternalUser.mockReturnValue(Promise.resolve(hits)); - registerJobInfoRoutes(mockServer, exportTypesRegistry, mockLogger); + registerJobInfoRoutes(mockServer, mockPlugins, exportTypesRegistry, mockLogger); const request = { method: 'GET', diff --git a/x-pack/legacy/plugins/reporting/server/routes/jobs.ts b/x-pack/legacy/plugins/reporting/server/routes/jobs.ts index 049ee0ce20ceb..f9b731db5a702 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/jobs.ts +++ b/x-pack/legacy/plugins/reporting/server/routes/jobs.ts @@ -5,25 +5,26 @@ */ import Boom from 'boom'; -import { Legacy } from 'kibana'; import { ResponseObject } from 'hapi'; +import { Legacy } from 'kibana'; import { API_BASE_URL } from '../../common/constants'; import { - ServerFacade, ExportTypesRegistry, - Logger, - ReportingResponseToolkit, JobDocOutput, JobSource, ListQuery, + Logger, + ReportingResponseToolkit, + ServerFacade, } from '../../types'; import { jobsQueryFactory } from '../lib/jobs_query'; +import { ReportingSetupDeps } from '../plugin'; import { jobResponseHandlerFactory } from './lib/job_response_handler'; +import { makeRequestFacade } from './lib/make_request_facade'; import { getRouteConfigFactoryDownloadPre, getRouteConfigFactoryManagementPre, } from './lib/route_config_factories'; -import { makeRequestFacade } from './lib/make_request_facade'; const MAIN_ENTRY = `${API_BASE_URL}/jobs`; @@ -33,12 +34,13 @@ function isResponse(response: Boom | ResponseObject): response is Response export function registerJobInfoRoutes( server: ServerFacade, + plugins: ReportingSetupDeps, exportTypesRegistry: ExportTypesRegistry, logger: Logger ) { const jobsQuery = jobsQueryFactory(server); - const getRouteConfig = getRouteConfigFactoryManagementPre(server, logger); - const getRouteConfigDownload = getRouteConfigFactoryDownloadPre(server, logger); + const getRouteConfig = getRouteConfigFactoryManagementPre(server, plugins, logger); + const getRouteConfigDownload = getRouteConfigFactoryDownloadPre(server, plugins, logger); // list jobs in the queue, paginated server.route({ diff --git a/x-pack/legacy/plugins/reporting/server/routes/lib/authorized_user_pre_routing.test.js b/x-pack/legacy/plugins/reporting/server/routes/lib/authorized_user_pre_routing.test.js index 841f753f0c09b..3460d22592e3d 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/lib/authorized_user_pre_routing.test.js +++ b/x-pack/legacy/plugins/reporting/server/routes/lib/authorized_user_pre_routing.test.js @@ -4,7 +4,6 @@ * you may not use this file except in compliance with the Elastic License. */ -import expect from '@kbn/expect'; import { authorizedUserPreRoutingFactory } from './authorized_user_pre_routing'; describe('authorized_user_pre_routing', function() { @@ -60,41 +59,88 @@ describe('authorized_user_pre_routing', function() { return mockServer; }; })(); - const getMockLogger = () => ({ warn: jest.fn() }); + + const mockRequestRaw = { + body: {}, + events: {}, + headers: {}, + isSystemRequest: false, + params: {}, + query: {}, + route: { settings: { payload: 'abc' }, options: { authRequired: true, body: {}, tags: [] } }, + withoutSecretHeaders: true, + }; + const getMockRequest = () => ({ + ...mockRequestRaw, + raw: { req: mockRequestRaw }, + }); + + const getMockPlugins = pluginSet => { + return pluginSet || { security: null }; + }; + + const getMockLogger = () => ({ + warn: jest.fn(), + error: msg => { + throw new Error(msg); + }, + }); it('should return with boom notFound when xpackInfo is undefined', async function() { const mockServer = createMockServer({ xpackInfoUndefined: true }); - const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger()); - const response = await authorizedUserPreRouting({}); - expect(response.isBoom).to.be(true); - expect(response.output.statusCode).to.be(404); + const authorizedUserPreRouting = authorizedUserPreRoutingFactory( + mockServer, + getMockPlugins(), + getMockLogger() + ); + const response = await authorizedUserPreRouting(getMockRequest()); + expect(response.isBoom).toBe(true); + expect(response.output.statusCode).toBe(404); }); it(`should return with boom notFound when xpackInfo isn't available`, async function() { const mockServer = createMockServer({ xpackInfoAvailable: false }); - const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger()); - const response = await authorizedUserPreRouting(); - expect(response.isBoom).to.be(true); - expect(response.output.statusCode).to.be(404); + const authorizedUserPreRouting = authorizedUserPreRoutingFactory( + mockServer, + getMockPlugins(), + getMockLogger() + ); + const response = await authorizedUserPreRouting(getMockRequest()); + expect(response.isBoom).toBe(true); + expect(response.output.statusCode).toBe(404); }); it('should return with null user when security is disabled in Elasticsearch', async function() { const mockServer = createMockServer({ securityEnabled: false }); - const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger()); - const response = await authorizedUserPreRouting(); - expect(response).to.be(null); + const authorizedUserPreRouting = authorizedUserPreRoutingFactory( + mockServer, + getMockPlugins(), + getMockLogger() + ); + const response = await authorizedUserPreRouting(getMockRequest()); + expect(response).toBe(null); }); it('should return with boom unauthenticated when security is enabled but no authenticated user', async function() { - const mockServer = createMockServer({ user: null }); + const mockServer = createMockServer({ + user: null, + config: { 'xpack.reporting.roles.allow': ['.reporting_user'] }, + }); + const mockPlugins = getMockPlugins({ + security: { authc: { getCurrentUser: () => null } }, + }); - const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger()); - const response = await authorizedUserPreRouting(); - expect(response.isBoom).to.be(true); - expect(response.output.statusCode).to.be(401); + const authorizedUserPreRouting = authorizedUserPreRoutingFactory( + mockServer, + mockPlugins, + getMockLogger() + ); + const response = await authorizedUserPreRouting(getMockRequest()); + expect(response.isBoom).toBe(true); + expect(response.output.statusCode).toBe(401); }); it(`should return with boom forbidden when security is enabled but user doesn't have allowed role`, async function() { @@ -102,11 +148,18 @@ describe('authorized_user_pre_routing', function() { user: { roles: [] }, config: { 'xpack.reporting.roles.allow': ['.reporting_user'] }, }); + const mockPlugins = getMockPlugins({ + security: { authc: { getCurrentUser: () => ({ roles: ['something_else'] }) } }, + }); - const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger()); - const response = await authorizedUserPreRouting(); - expect(response.isBoom).to.be(true); - expect(response.output.statusCode).to.be(403); + const authorizedUserPreRouting = authorizedUserPreRoutingFactory( + mockServer, + mockPlugins, + getMockLogger() + ); + const response = await authorizedUserPreRouting(getMockRequest()); + expect(response.isBoom).toBe(true); + expect(response.output.statusCode).toBe(403); }); it('should return with user when security is enabled and user has explicitly allowed role', async function() { @@ -115,10 +168,19 @@ describe('authorized_user_pre_routing', function() { user, config: { 'xpack.reporting.roles.allow': ['.reporting_user'] }, }); + const mockPlugins = getMockPlugins({ + security: { + authc: { getCurrentUser: () => ({ roles: ['.reporting_user', 'something_else'] }) }, + }, + }); - const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger()); - const response = await authorizedUserPreRouting(); - expect(response).to.be(user); + const authorizedUserPreRouting = authorizedUserPreRoutingFactory( + mockServer, + mockPlugins, + getMockLogger() + ); + const response = await authorizedUserPreRouting(getMockRequest()); + expect(response).toEqual(user); }); it('should return with user when security is enabled and user has superuser role', async function() { @@ -127,9 +189,16 @@ describe('authorized_user_pre_routing', function() { user, config: { 'xpack.reporting.roles.allow': [] }, }); + const mockPlugins = getMockPlugins({ + security: { authc: { getCurrentUser: () => ({ roles: ['superuser', 'something_else'] }) } }, + }); - const authorizedUserPreRouting = authorizedUserPreRoutingFactory(mockServer, getMockLogger()); - const response = await authorizedUserPreRouting(); - expect(response).to.be(user); + const authorizedUserPreRouting = authorizedUserPreRoutingFactory( + mockServer, + mockPlugins, + getMockLogger() + ); + const response = await authorizedUserPreRouting(getMockRequest()); + expect(response).toEqual(user); }); }); diff --git a/x-pack/legacy/plugins/reporting/server/routes/lib/authorized_user_pre_routing.ts b/x-pack/legacy/plugins/reporting/server/routes/lib/authorized_user_pre_routing.ts index 906f266290a42..874027251570c 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/lib/authorized_user_pre_routing.ts +++ b/x-pack/legacy/plugins/reporting/server/routes/lib/authorized_user_pre_routing.ts @@ -7,8 +7,9 @@ import Boom from 'boom'; import { Legacy } from 'kibana'; import { AuthenticatedUser } from '../../../../../../plugins/security/server'; +import { Logger, ServerFacade } from '../../../types'; import { getUserFactory } from '../../lib/get_user'; -import { ServerFacade, Logger } from '../../../types'; +import { ReportingSetupDeps } from '../../plugin'; const superuserRole = 'superuser'; @@ -18,9 +19,10 @@ export type PreRoutingFunction = ( export const authorizedUserPreRoutingFactory = function authorizedUserPreRoutingFn( server: ServerFacade, + plugins: ReportingSetupDeps, logger: Logger ) { - const getUser = getUserFactory(server, logger); + const getUser = getUserFactory(server, plugins.security, logger); const config = server.config(); return async function authorizedUserPreRouting(request: Legacy.Request) { diff --git a/x-pack/legacy/plugins/reporting/server/routes/lib/get_document_payload.ts b/x-pack/legacy/plugins/reporting/server/routes/lib/get_document_payload.ts index 1c0566100e197..fb3944ea33552 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/lib/get_document_payload.ts +++ b/x-pack/legacy/plugins/reporting/server/routes/lib/get_document_payload.ts @@ -4,17 +4,17 @@ * you may not use this file except in compliance with the Elastic License. */ -import * as _ from 'lodash'; // @ts-ignore import contentDisposition from 'content-disposition'; +import * as _ from 'lodash'; +import { CSV_JOB_TYPE } from '../../../common/constants'; import { - ServerFacade, - ExportTypesRegistry, ExportTypeDefinition, + ExportTypesRegistry, JobDocOutput, JobSource, + ServerFacade, } from '../../../types'; -import { CSV_JOB_TYPE } from '../../../common/constants'; interface ICustomHeaders { [x: string]: any; diff --git a/x-pack/legacy/plugins/reporting/server/routes/lib/reporting_feature_pre_routing.ts b/x-pack/legacy/plugins/reporting/server/routes/lib/reporting_feature_pre_routing.ts index 88c5e4edc12f8..7367fceb50857 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/lib/reporting_feature_pre_routing.ts +++ b/x-pack/legacy/plugins/reporting/server/routes/lib/reporting_feature_pre_routing.ts @@ -7,11 +7,13 @@ import Boom from 'boom'; import { Legacy } from 'kibana'; import { Logger, ServerFacade } from '../../../types'; +import { ReportingSetupDeps } from '../../plugin'; export type GetReportingFeatureIdFn = (request: Legacy.Request) => string; export const reportingFeaturePreRoutingFactory = function reportingFeaturePreRoutingFn( server: ServerFacade, + plugins: ReportingSetupDeps, logger: Logger ) { const xpackMainPlugin = server.plugins.xpack_main; diff --git a/x-pack/legacy/plugins/reporting/server/routes/lib/route_config_factories.ts b/x-pack/legacy/plugins/reporting/server/routes/lib/route_config_factories.ts index 25c08261490d5..931f642397bf8 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/lib/route_config_factories.ts +++ b/x-pack/legacy/plugins/reporting/server/routes/lib/route_config_factories.ts @@ -6,10 +6,13 @@ import Joi from 'joi'; import { CSV_FROM_SAVEDOBJECT_JOB_TYPE } from '../../../common/constants'; -import { ServerFacade, Logger } from '../../../types'; +import { Logger, ServerFacade } from '../../../types'; +import { ReportingSetupDeps } from '../../plugin'; import { authorizedUserPreRoutingFactory } from './authorized_user_pre_routing'; -import { reportingFeaturePreRoutingFactory } from './reporting_feature_pre_routing'; -import { GetReportingFeatureIdFn } from './reporting_feature_pre_routing'; +import { + GetReportingFeatureIdFn, + reportingFeaturePreRoutingFactory, +} from './reporting_feature_pre_routing'; const API_TAG = 'api'; @@ -27,10 +30,11 @@ export type GetRouteConfigFactoryFn = ( export function getRouteConfigFactoryReportingPre( server: ServerFacade, + plugins: ReportingSetupDeps, logger: Logger ): GetRouteConfigFactoryFn { - const authorizedUserPreRouting = authorizedUserPreRoutingFactory(server, logger); - const reportingFeaturePreRouting = reportingFeaturePreRoutingFactory(server, logger); + const authorizedUserPreRouting = authorizedUserPreRoutingFactory(server, plugins, logger); + const reportingFeaturePreRouting = reportingFeaturePreRoutingFactory(server, plugins, logger); return (getFeatureId?: GetReportingFeatureIdFn): RouteConfigFactory => { const preRouting: any[] = [{ method: authorizedUserPreRouting, assign: 'user' }]; @@ -45,8 +49,12 @@ export function getRouteConfigFactoryReportingPre( }; } -export function getRouteOptionsCsv(server: ServerFacade, logger: Logger) { - const getRouteConfig = getRouteConfigFactoryReportingPre(server, logger); +export function getRouteOptionsCsv( + server: ServerFacade, + plugins: ReportingSetupDeps, + logger: Logger +) { + const getRouteConfig = getRouteConfigFactoryReportingPre(server, plugins, logger); return { ...getRouteConfig(() => CSV_FROM_SAVEDOBJECT_JOB_TYPE), validate: { @@ -68,10 +76,11 @@ export function getRouteOptionsCsv(server: ServerFacade, logger: Logger) { export function getRouteConfigFactoryManagementPre( server: ServerFacade, + plugins: ReportingSetupDeps, logger: Logger ): GetRouteConfigFactoryFn { - const authorizedUserPreRouting = authorizedUserPreRoutingFactory(server, logger); - const reportingFeaturePreRouting = reportingFeaturePreRoutingFactory(server, logger); + const authorizedUserPreRouting = authorizedUserPreRoutingFactory(server, plugins, logger); + const reportingFeaturePreRouting = reportingFeaturePreRoutingFactory(server, plugins, logger); const managementPreRouting = reportingFeaturePreRouting(() => 'management'); return (): RouteConfigFactory => { @@ -91,9 +100,10 @@ export function getRouteConfigFactoryManagementPre( // download is loaded into memory. export function getRouteConfigFactoryDownloadPre( server: ServerFacade, + plugins: ReportingSetupDeps, logger: Logger ): GetRouteConfigFactoryFn { - const getManagementRouteConfig = getRouteConfigFactoryManagementPre(server, logger); + const getManagementRouteConfig = getRouteConfigFactoryManagementPre(server, plugins, logger); return (): RouteConfigFactory => ({ ...getManagementRouteConfig(), tags: [API_TAG], diff --git a/x-pack/legacy/plugins/reporting/server/routes/types.d.ts b/x-pack/legacy/plugins/reporting/server/routes/types.d.ts index f3660a22cbac1..28862a765d666 100644 --- a/x-pack/legacy/plugins/reporting/server/routes/types.d.ts +++ b/x-pack/legacy/plugins/reporting/server/routes/types.d.ts @@ -5,7 +5,7 @@ */ import { Legacy } from 'kibana'; -import { RequestFacade, ReportingResponseToolkit, JobDocPayload } from '../../types'; +import { JobDocPayload, ReportingResponseToolkit } from '../../types'; export type HandlerFunction = ( exportType: string, From b9d18c49300947dd3f176d1ec6d5d381db527037 Mon Sep 17 00:00:00 2001 From: Matthias Wilhelm Date: Tue, 28 Jan 2020 18:53:21 +0100 Subject: [PATCH 09/40] Skip 'context view for date_nanos with custom timestamp' functional test (#56178) --- test/functional/apps/context/_date_nanos_custom_timestamp.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/test/functional/apps/context/_date_nanos_custom_timestamp.js b/test/functional/apps/context/_date_nanos_custom_timestamp.js index 3901fa936e719..046cca0aba8c6 100644 --- a/test/functional/apps/context/_date_nanos_custom_timestamp.js +++ b/test/functional/apps/context/_date_nanos_custom_timestamp.js @@ -28,8 +28,9 @@ export default function({ getService, getPageObjects }) { const docTable = getService('docTable'); const PageObjects = getPageObjects(['common', 'context', 'timePicker', 'discover']); const esArchiver = getService('esArchiver'); - - describe('context view for date_nanos with custom timestamp', () => { + // skipped due to a recent change in ES that caused search_after queries with data containing + // custom timestamp formats like in the testdata to fail + describe.skip('context view for date_nanos with custom timestamp', () => { before(async function() { await esArchiver.loadIfNeeded('date_nanos_custom'); await kibanaServer.uiSettings.replace({ defaultIndex: TEST_INDEX_PATTERN }); From 04049609f8e07d9cd95b6be9f998b06627bf14bb Mon Sep 17 00:00:00 2001 From: Joe Portner <5295965+jportner@users.noreply.github.com> Date: Tue, 28 Jan 2020 13:01:24 -0500 Subject: [PATCH 10/40] Add lockfile symlinks check for correct path (#56043) Scanning tools may not be able to follow symlinks of symlinks. This adds an additional check to make sure the lockfile symlink points directly to the project root's lockfile. --- src/dev/run_check_lockfile_symlinks.js | 42 ++++++++++++++++++++++++-- x-pack/plugins/endpoint/yarn.lock | 2 +- 2 files changed, 41 insertions(+), 3 deletions(-) diff --git a/src/dev/run_check_lockfile_symlinks.js b/src/dev/run_check_lockfile_symlinks.js index c1ba22d3a7a44..e7fd7e8831405 100644 --- a/src/dev/run_check_lockfile_symlinks.js +++ b/src/dev/run_check_lockfile_symlinks.js @@ -17,7 +17,7 @@ * under the License. */ -import { existsSync, lstatSync, readFileSync } from 'fs'; +import { existsSync, lstatSync, readFileSync, readlinkSync } from 'fs'; import globby from 'globby'; import { dirname } from 'path'; @@ -63,6 +63,7 @@ async function checkLockfileSymlinks(log, files) { await checkOnlyLockfileAtProjectRoot(filtered); await checkSuperfluousSymlinks(log, filtered); await checkMissingSymlinks(log, filtered); + await checkIncorrectSymlinks(log, filtered); } async function checkOnlyLockfileAtProjectRoot(files) { @@ -157,8 +158,9 @@ async function checkMissingSymlinks(log, files) { try { const json = JSON.parse(manifest); if (json.dependencies && Object.keys(json.dependencies).length) { + const correctSymlink = getCorrectSymlink(lockfilePath); log.warning( - `Manifest at '${path}' has dependencies, but did not find an adjacent 'yarn.lock' symlink.` + `Manifest at '${path}' has dependencies, but did not find an adjacent 'yarn.lock' symlink to '${correctSymlink}'.` ); errorPaths.push(`${parent}/yarn.lock`); } @@ -177,6 +179,42 @@ async function checkMissingSymlinks(log, files) { } } +async function checkIncorrectSymlinks(log, files) { + const errorPaths = []; + + files + .filter(file => matchesAnyGlob(file.getRelativePath(), LOCKFILE_GLOBS)) + .forEach(file => { + const path = file.getRelativePath(); + const stats = lstatSync(path); + if (!stats.isSymbolicLink()) { + return; + } + + const symlink = readlinkSync(path); + const correctSymlink = getCorrectSymlink(path); + if (symlink !== correctSymlink) { + log.warning( + `Symlink at '${path}' points to '${symlink}', but it should point to '${correctSymlink}'.` + ); + errorPaths.push(path); + } + }); + + if (errorPaths.length) { + throw createFailError( + `These symlinks do NOT point to the 'yarn.lock' file in the project root:\n${listPaths( + errorPaths + )}` + ); + } +} + +function getCorrectSymlink(path) { + const count = path.split('/').length - 1; + return `${'../'.repeat(count)}yarn.lock`; +} + function listPaths(paths) { return paths.map(path => ` - ${path}`).join('\n'); } diff --git a/x-pack/plugins/endpoint/yarn.lock b/x-pack/plugins/endpoint/yarn.lock index 3f82ebc9cdbae..6e09764ec763b 120000 --- a/x-pack/plugins/endpoint/yarn.lock +++ b/x-pack/plugins/endpoint/yarn.lock @@ -1 +1 @@ -../../yarn.lock \ No newline at end of file +../../../yarn.lock \ No newline at end of file From 5108eb378d3e08e58b72cebfb804998409b0fd6b Mon Sep 17 00:00:00 2001 From: Frank Hassanabad Date: Tue, 28 Jan 2020 11:14:28 -0700 Subject: [PATCH 11/40] [SIEM][Detection Engine] critical blocker bug fixes ancestor mapping ## Summary * Fixes critical bug with ancestor mapping being object and not correct mappings. Testing you should now be able to do operations and it will show up on KQL Screen Shot 2020-01-28 at 9 33 59 AM Screen Shot 2020-01-28 at 9 33 22 AM ### Checklist Use ~~strikethroughs~~ to remove checklist items you don't feel are applicable to this PR. ~~- [ ] This was checked for cross-browser compatibility, [including a check against IE11](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility)~~ ~~- [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)~~ ~~- [ ] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials~~ ~~- [ ] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios~~ ~~- [ ] This was checked for [keyboard-only and screenreader accessibility](https://developer.mozilla.org/en-US/docs/Learn/Tools_and_testing/Cross_browser_testing/Accessibility#Accessibility_testing_checklist)~~ ### For maintainers ~~- [ ] This was checked for breaking API changes and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~~ ~~- [ ] This includes a feature addition or change that requires a release note and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~~ --- .../routes/index/signals_mapping.json | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/signals_mapping.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/signals_mapping.json index 4986c100f1b0b..714b39d1557a1 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/signals_mapping.json +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/signals_mapping.json @@ -23,7 +23,20 @@ } }, "ancestors": { - "type": "object" + "properties": { + "rule": { + "type": "keyword" + }, + "id": { + "type": "keyword" + }, + "type": { + "type": "keyword" + }, + "depth": { + "type": "long" + } + } }, "rule": { "properties": { From 54d40e36701fb4a06d13521d2c86c64c073d8261 Mon Sep 17 00:00:00 2001 From: cachedout Date: Tue, 28 Jan 2020 18:28:45 +0000 Subject: [PATCH 12/40] =?UTF-8?q?[Stack=20Monitoring]=20Prefer=20units=20i?= =?UTF-8?q?f=20they=20are=20defined=20when=20rende=E2=80=A6=20(#43709)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Prefer units if they are defined when rendering cells * Jest snapshot update * Lint recommendations Co-authored-by: Elastic Machine --- .../nodes/__tests__/__snapshots__/cells.test.js.snap | 4 ++-- .../public/components/elasticsearch/nodes/cells.js | 9 +++++---- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/x-pack/legacy/plugins/monitoring/public/components/elasticsearch/nodes/__tests__/__snapshots__/cells.test.js.snap b/x-pack/legacy/plugins/monitoring/public/components/elasticsearch/nodes/__tests__/__snapshots__/cells.test.js.snap index 789e2a5756b48..c7081dc439085 100644 --- a/x-pack/legacy/plugins/monitoring/public/components/elasticsearch/nodes/__tests__/__snapshots__/cells.test.js.snap +++ b/x-pack/legacy/plugins/monitoring/public/components/elasticsearch/nodes/__tests__/__snapshots__/cells.test.js.snap @@ -28,12 +28,12 @@ exports[`Node Listing Metric Cell should format a non-percentage metric 1`] = `

- 206.5 GB max + 206.5 GB max
- 206.3 GB min + 206.3 GB min
diff --git a/x-pack/legacy/plugins/monitoring/public/components/elasticsearch/nodes/cells.js b/x-pack/legacy/plugins/monitoring/public/components/elasticsearch/nodes/cells.js index fe925b337a31c..c5407864e8f81 100644 --- a/x-pack/legacy/plugins/monitoring/public/components/elasticsearch/nodes/cells.js +++ b/x-pack/legacy/plugins/monitoring/public/components/elasticsearch/nodes/cells.js @@ -21,11 +21,11 @@ const getSlopeArrow = slope => { return null; }; -const metricVal = (metric, format, isPercent) => { +const metricVal = (metric, format, isPercent, units) => { if (isPercent) { return formatMetric(metric, format, '%', { prependSpace: false }); } - return formatMetric(metric, format); + return formatMetric(metric, format, units); }; const noWrapStyle = { overflowX: 'hidden', whiteSpace: 'nowrap' }; @@ -34,6 +34,7 @@ function MetricCell({ isOnline, metric = {}, isPercent, ...props }) { if (isOnline) { const { lastVal, maxVal, minVal, slope } = get(metric, 'summary', {}); const format = get(metric, 'metric.format'); + const units = get(metric, 'metric.units'); return ( @@ -49,7 +50,7 @@ function MetricCell({ isOnline, metric = {}, isPercent, ...props }) { {i18n.translate('xpack.monitoring.elasticsearch.nodes.cells.maxText', { defaultMessage: '{metric} max', values: { - metric: metricVal(maxVal, format, isPercent), + metric: metricVal(maxVal, format, isPercent, units), }, })} @@ -57,7 +58,7 @@ function MetricCell({ isOnline, metric = {}, isPercent, ...props }) { {i18n.translate('xpack.monitoring.elasticsearch.nodes.cells.minText', { defaultMessage: '{metric} min', values: { - metric: metricVal(minVal, format, isPercent), + metric: metricVal(minVal, format, isPercent, units), }, })} From f97bc898bb827a9c98f7ccb280f2b2e6d01c904b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mike=20C=C3=B4t=C3=A9?= Date: Tue, 28 Jan 2020 13:33:43 -0500 Subject: [PATCH 13/40] Migrate UI capabilities to use new platform APIs (#56070) --- .../np_ready/public/application/app.tsx | 8 +- .../np_ready/public/application/home.tsx | 7 +- .../action_connector_form.test.tsx | 27 +++-- .../action_connector_form.tsx | 9 +- .../action_type_menu.test.tsx | 27 +++-- .../connector_add_flyout.test.tsx | 27 +++-- .../connector_edit_flyout.test.tsx | 27 +++-- .../actions_connectors_list.test.tsx | 108 ++++++++++-------- .../components/actions_connectors_list.tsx | 10 +- .../components/alerts_list.test.tsx | 108 ++++++++++-------- .../alerts_list/components/alerts_list.tsx | 11 +- .../components/collapsed_item_actions.tsx | 9 +- .../np_ready/public/plugin.ts | 25 ++-- .../np_ready/public/types.ts | 2 - .../triggers_actions_ui/public/legacy.ts | 2 - 15 files changed, 215 insertions(+), 192 deletions(-) diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/app.tsx b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/app.tsx index 3ad6b5b7c697d..57e6fc4a9e18b 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/app.tsx +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/app.tsx @@ -11,6 +11,7 @@ import { ToastsSetup, HttpSetup, IUiSettingsClient, + ApplicationStart, } from 'kibana/public'; import { BASE_PATH, Section } from './constants'; import { TriggersActionsUIHome } from './home'; @@ -27,6 +28,7 @@ export interface AppDeps { http: HttpSetup; uiSettings: IUiSettingsClient; legacy: LegacyDependencies; + capabilities: ApplicationStart['capabilities']; actionTypeRegistry: TypeRegistry; alertTypeRegistry: TypeRegistry; } @@ -46,10 +48,8 @@ export const App = (appDeps: AppDeps) => { }; export const AppWithoutRouter = ({ sectionsRegex }: any) => { - const { - legacy: { capabilities }, - } = useAppDependencies(); - const canShowAlerts = hasShowAlertsCapability(capabilities.get()); + const { capabilities } = useAppDependencies(); + const canShowAlerts = hasShowAlertsCapability(capabilities); const DEFAULT_SECTION: Section = canShowAlerts ? 'alerts' : 'connectors'; return ( diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/home.tsx b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/home.tsx index 3312f1a103b29..5d518bce569e4 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/home.tsx +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/home.tsx @@ -39,11 +39,12 @@ export const TriggersActionsUIHome: React.FunctionComponent { const { chrome, - legacy: { MANAGEMENT_BREADCRUMB, capabilities }, + capabilities, + legacy: { MANAGEMENT_BREADCRUMB }, } = useAppDependencies(); - const canShowActions = hasShowActionsCapability(capabilities.get()); - const canShowAlerts = hasShowAlertsCapability(capabilities.get()); + const canShowActions = hasShowActionsCapability(capabilities); + const canShowAlerts = hasShowAlertsCapability(capabilities); const tabs: Array<{ id: Section; name: React.ReactNode; diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/action_connector_form.test.tsx b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/action_connector_form.test.tsx index c129ce73c7176..6896ac954bb06 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/action_connector_form.test.tsx +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/action_connector_form.test.tsx @@ -20,7 +20,13 @@ describe('action_connector_form', () => { beforeAll(async () => { const mockes = coreMock.createSetup(); - const [{ chrome, docLinks }] = await mockes.getStartServices(); + const [ + { + chrome, + docLinks, + application: { capabilities }, + }, + ] = await mockes.getStartServices(); const deps = { chrome, docLinks, @@ -28,18 +34,15 @@ describe('action_connector_form', () => { injectedMetadata: mockes.injectedMetadata, http: mockes.http, uiSettings: mockes.uiSettings, + capabilities: { + ...capabilities, + actions: { + delete: true, + save: true, + show: true, + }, + }, legacy: { - capabilities: { - get() { - return { - actions: { - delete: true, - save: true, - show: true, - }, - }; - }, - } as any, MANAGEMENT_BREADCRUMB: { set: () => {} } as any, }, actionTypeRegistry: actionTypeRegistry as any, diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/action_connector_form.tsx b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/action_connector_form.tsx index 682c1fbb54b67..852e713b38ed7 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/action_connector_form.tsx +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/action_connector_form.tsx @@ -39,15 +39,10 @@ export const ActionConnectorForm = ({ actionTypeName, setFlyoutVisibility, }: ActionConnectorProps) => { - const { - http, - toastNotifications, - legacy: { capabilities }, - actionTypeRegistry, - } = useAppDependencies(); + const { http, toastNotifications, capabilities, actionTypeRegistry } = useAppDependencies(); const { reloadConnectors } = useActionsConnectorsContext(); - const canSave = hasSaveActionsCapability(capabilities.get()); + const canSave = hasSaveActionsCapability(capabilities); // hooks const [{ connector }, dispatch] = useReducer(connectorReducer, { connector: initialConnector }); diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/action_type_menu.test.tsx b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/action_type_menu.test.tsx index a9e2afb061720..6ef2f62315d9a 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/action_type_menu.test.tsx +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/action_type_menu.test.tsx @@ -18,7 +18,13 @@ describe('connector_add_flyout', () => { beforeAll(async () => { const mockes = coreMock.createSetup(); - const [{ chrome, docLinks }] = await mockes.getStartServices(); + const [ + { + chrome, + docLinks, + application: { capabilities }, + }, + ] = await mockes.getStartServices(); deps = { chrome, docLinks, @@ -26,18 +32,15 @@ describe('connector_add_flyout', () => { injectedMetadata: mockes.injectedMetadata, http: mockes.http, uiSettings: mockes.uiSettings, + capabilities: { + ...capabilities, + actions: { + delete: true, + save: true, + show: true, + }, + }, legacy: { - capabilities: { - get() { - return { - actions: { - delete: true, - save: true, - show: true, - }, - }; - }, - } as any, MANAGEMENT_BREADCRUMB: { set: () => {} } as any, }, actionTypeRegistry: actionTypeRegistry as any, diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/connector_add_flyout.test.tsx b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/connector_add_flyout.test.tsx index 5095cc140f9c9..71ba52f047d61 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/connector_add_flyout.test.tsx +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/connector_add_flyout.test.tsx @@ -20,7 +20,13 @@ describe('connector_add_flyout', () => { beforeAll(async () => { const mockes = coreMock.createSetup(); - const [{ chrome, docLinks }] = await mockes.getStartServices(); + const [ + { + chrome, + docLinks, + application: { capabilities }, + }, + ] = await mockes.getStartServices(); const deps = { chrome, docLinks, @@ -28,18 +34,15 @@ describe('connector_add_flyout', () => { injectedMetadata: mockes.injectedMetadata, http: mockes.http, uiSettings: mockes.uiSettings, + capabilities: { + ...capabilities, + actions: { + delete: true, + save: true, + show: true, + }, + }, legacy: { - capabilities: { - get() { - return { - actions: { - delete: true, - save: true, - show: true, - }, - }; - }, - } as any, MANAGEMENT_BREADCRUMB: { set: () => {} } as any, }, actionTypeRegistry: actionTypeRegistry as any, diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/connector_edit_flyout.test.tsx b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/connector_edit_flyout.test.tsx index d01539d7232fa..57e950a98eb2a 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/connector_edit_flyout.test.tsx +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/action_connector_form/connector_edit_flyout.test.tsx @@ -17,7 +17,13 @@ let deps: any; describe('connector_edit_flyout', () => { beforeAll(async () => { const mockes = coreMock.createSetup(); - const [{ chrome, docLinks }] = await mockes.getStartServices(); + const [ + { + chrome, + docLinks, + application: { capabilities }, + }, + ] = await mockes.getStartServices(); deps = { chrome, docLinks, @@ -25,18 +31,15 @@ describe('connector_edit_flyout', () => { injectedMetadata: mockes.injectedMetadata, http: mockes.http, uiSettings: mockes.uiSettings, + capabilities: { + ...capabilities, + actions: { + delete: true, + save: true, + show: true, + }, + }, legacy: { - capabilities: { - get() { - return { - actions: { - delete: true, - save: true, - show: true, - }, - }; - }, - } as any, MANAGEMENT_BREADCRUMB: { set: () => {} } as any, }, actionTypeRegistry: actionTypeRegistry as any, diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/actions_connectors_list/components/actions_connectors_list.test.tsx b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/actions_connectors_list/components/actions_connectors_list.test.tsx index 511deb8cf3b0d..da502fb86521b 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/actions_connectors_list/components/actions_connectors_list.test.tsx +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/actions_connectors_list/components/actions_connectors_list.test.tsx @@ -42,7 +42,13 @@ describe('actions_connectors_list component empty', () => { }, ]); const mockes = coreMock.createSetup(); - const [{ chrome, docLinks }] = await mockes.getStartServices(); + const [ + { + chrome, + docLinks, + application: { capabilities }, + }, + ] = await mockes.getStartServices(); const deps = { chrome, docLinks, @@ -50,18 +56,15 @@ describe('actions_connectors_list component empty', () => { injectedMetadata: mockes.injectedMetadata, http: mockes.http, uiSettings: mockes.uiSettings, + capabilities: { + ...capabilities, + siem: { + 'actions:show': true, + 'actions:save': true, + 'actions:delete': true, + }, + }, legacy: { - capabilities: { - get() { - return { - siem: { - 'actions:show': true, - 'actions:save': true, - 'actions:delete': true, - }, - }; - }, - } as any, MANAGEMENT_BREADCRUMB: { set: () => {} } as any, }, actionTypeRegistry: actionTypeRegistry as any, @@ -136,7 +139,13 @@ describe('actions_connectors_list component with items', () => { ]); const mockes = coreMock.createSetup(); - const [{ chrome, docLinks }] = await mockes.getStartServices(); + const [ + { + chrome, + docLinks, + application: { capabilities }, + }, + ] = await mockes.getStartServices(); const deps = { chrome, docLinks, @@ -144,18 +153,15 @@ describe('actions_connectors_list component with items', () => { injectedMetadata: mockes.injectedMetadata, http: mockes.http, uiSettings: mockes.uiSettings, + capabilities: { + ...capabilities, + siem: { + 'actions:show': true, + 'actions:save': true, + 'actions:delete': true, + }, + }, legacy: { - capabilities: { - get() { - return { - siem: { - 'actions:show': true, - 'actions:save': true, - 'actions:delete': true, - }, - }; - }, - } as any, MANAGEMENT_BREADCRUMB: { set: () => {} } as any, }, actionTypeRegistry: { @@ -217,7 +223,13 @@ describe('actions_connectors_list component empty with show only capability', () }, ]); const mockes = coreMock.createSetup(); - const [{ chrome, docLinks }] = await mockes.getStartServices(); + const [ + { + chrome, + docLinks, + application: { capabilities }, + }, + ] = await mockes.getStartServices(); const deps = { chrome, docLinks, @@ -225,18 +237,15 @@ describe('actions_connectors_list component empty with show only capability', () injectedMetadata: mockes.injectedMetadata, http: mockes.http, uiSettings: mockes.uiSettings, + capabilities: { + ...capabilities, + siem: { + 'actions:show': true, + 'actions:save': false, + 'actions:delete': false, + }, + }, legacy: { - capabilities: { - get() { - return { - siem: { - 'actions:show': true, - 'actions:save': false, - 'actions:delete': false, - }, - }; - }, - } as any, MANAGEMENT_BREADCRUMB: { set: () => {} } as any, }, actionTypeRegistry: { @@ -303,7 +312,13 @@ describe('actions_connectors_list with show only capability', () => { }, ]); const mockes = coreMock.createSetup(); - const [{ chrome, docLinks }] = await mockes.getStartServices(); + const [ + { + chrome, + docLinks, + application: { capabilities }, + }, + ] = await mockes.getStartServices(); const deps = { chrome, docLinks, @@ -311,18 +326,15 @@ describe('actions_connectors_list with show only capability', () => { injectedMetadata: mockes.injectedMetadata, http: mockes.http, uiSettings: mockes.uiSettings, + capabilities: { + ...capabilities, + siem: { + 'actions:show': true, + 'actions:save': false, + 'actions:delete': false, + }, + }, legacy: { - capabilities: { - get() { - return { - siem: { - 'actions:show': true, - 'actions:save': false, - 'actions:delete': false, - }, - }; - }, - } as any, MANAGEMENT_BREADCRUMB: { set: () => {} } as any, }, actionTypeRegistry: { diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/actions_connectors_list/components/actions_connectors_list.tsx b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/actions_connectors_list/components/actions_connectors_list.tsx index 1990ffefdf84e..e98c3b2c08749 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/actions_connectors_list/components/actions_connectors_list.tsx +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/actions_connectors_list/components/actions_connectors_list.tsx @@ -26,13 +26,9 @@ import { hasDeleteActionsCapability, hasSaveActionsCapability } from '../../../l import { DeleteConnectorsModal } from '../../../components/delete_connectors_modal'; export const ActionsConnectorsList: React.FunctionComponent = () => { - const { - http, - toastNotifications, - legacy: { capabilities }, - } = useAppDependencies(); - const canDelete = hasDeleteActionsCapability(capabilities.get()); - const canSave = hasSaveActionsCapability(capabilities.get()); + const { http, toastNotifications, capabilities } = useAppDependencies(); + const canDelete = hasDeleteActionsCapability(capabilities); + const canSave = hasSaveActionsCapability(capabilities); const [actionTypesIndex, setActionTypesIndex] = useState(undefined); const [actions, setActions] = useState([]); diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/alerts_list/components/alerts_list.test.tsx b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/alerts_list/components/alerts_list.test.tsx index 9f77bfb3f8760..ff1510ea873d3 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/alerts_list/components/alerts_list.test.tsx +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/alerts_list/components/alerts_list.test.tsx @@ -70,7 +70,13 @@ describe('alerts_list component empty', () => { }); const mockes = coreMock.createSetup(); - const [{ chrome, docLinks }] = await mockes.getStartServices(); + const [ + { + chrome, + docLinks, + application: { capabilities }, + }, + ] = await mockes.getStartServices(); const deps = { chrome, docLinks, @@ -84,18 +90,15 @@ describe('alerts_list component empty', () => { } as any, http: mockes.http, uiSettings: mockes.uiSettings, + capabilities: { + ...capabilities, + siem: { + 'alerting:show': true, + 'alerting:save': true, + 'alerting:delete': true, + }, + }, legacy: { - capabilities: { - get() { - return { - siem: { - 'alerting:show': true, - 'alerting:save': true, - 'alerting:delete': true, - }, - }; - }, - } as any, MANAGEMENT_BREADCRUMB: { set: () => {} } as any, }, actionTypeRegistry: actionTypeRegistry as any, @@ -193,7 +196,13 @@ describe('alerts_list component with items', () => { data: [], }); const mockes = coreMock.createSetup(); - const [{ chrome, docLinks }] = await mockes.getStartServices(); + const [ + { + chrome, + docLinks, + application: { capabilities }, + }, + ] = await mockes.getStartServices(); const deps = { chrome, docLinks, @@ -207,18 +216,15 @@ describe('alerts_list component with items', () => { } as any, http: mockes.http, uiSettings: mockes.uiSettings, + capabilities: { + ...capabilities, + siem: { + 'alerting:show': true, + 'alerting:save': true, + 'alerting:delete': true, + }, + }, legacy: { - capabilities: { - get() { - return { - siem: { - 'alerting:show': true, - 'alerting:save': true, - 'alerting:delete': true, - }, - }; - }, - } as any, MANAGEMENT_BREADCRUMB: { set: () => {} } as any, }, actionTypeRegistry: actionTypeRegistry as any, @@ -277,7 +283,13 @@ describe('alerts_list component empty with show only capability', () => { data: [], }); const mockes = coreMock.createSetup(); - const [{ chrome, docLinks }] = await mockes.getStartServices(); + const [ + { + chrome, + docLinks, + application: { capabilities }, + }, + ] = await mockes.getStartServices(); const deps = { chrome, docLinks, @@ -291,18 +303,15 @@ describe('alerts_list component empty with show only capability', () => { } as any, http: mockes.http, uiSettings: mockes.uiSettings, + capabilities: { + ...capabilities, + siem: { + 'alerting:show': true, + 'alerting:save': false, + 'alerting:delete': false, + }, + }, legacy: { - capabilities: { - get() { - return { - siem: { - 'alerting:show': true, - 'alerting:save': false, - 'alerting:delete': false, - }, - }; - }, - } as any, MANAGEMENT_BREADCRUMB: { set: () => {} } as any, }, actionTypeRegistry: { @@ -396,7 +405,13 @@ describe('alerts_list with show only capability', () => { data: [], }); const mockes = coreMock.createSetup(); - const [{ chrome, docLinks }] = await mockes.getStartServices(); + const [ + { + chrome, + docLinks, + application: { capabilities }, + }, + ] = await mockes.getStartServices(); const deps = { chrome, docLinks, @@ -410,18 +425,15 @@ describe('alerts_list with show only capability', () => { } as any, http: mockes.http, uiSettings: mockes.uiSettings, + capabilities: { + ...capabilities, + siem: { + 'alerting:show': true, + 'alerting:save': false, + 'alerting:delete': false, + }, + }, legacy: { - capabilities: { - get() { - return { - siem: { - 'alerting:show': true, - 'alerting:save': false, - 'alerting:delete': false, - }, - }; - }, - } as any, MANAGEMENT_BREADCRUMB: { set: () => {} } as any, }, actionTypeRegistry: actionTypeRegistry as any, diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/alerts_list/components/alerts_list.tsx b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/alerts_list/components/alerts_list.tsx index 4b5e0d1948bfb..12122983161bd 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/alerts_list/components/alerts_list.tsx +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/alerts_list/components/alerts_list.tsx @@ -43,14 +43,9 @@ interface AlertState { } export const AlertsList: React.FunctionComponent = () => { - const { - http, - injectedMetadata, - toastNotifications, - legacy: { capabilities }, - } = useAppDependencies(); - const canDelete = hasDeleteAlertsCapability(capabilities.get()); - const canSave = hasSaveAlertsCapability(capabilities.get()); + const { http, injectedMetadata, toastNotifications, capabilities } = useAppDependencies(); + const canDelete = hasDeleteAlertsCapability(capabilities); + const canSave = hasSaveAlertsCapability(capabilities); const createAlertUiEnabled = injectedMetadata.getInjectedVar('createAlertUiEnabled'); const [actionTypes, setActionTypes] = useState([]); diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/alerts_list/components/collapsed_item_actions.tsx b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/alerts_list/components/collapsed_item_actions.tsx index dc6fb15f0f236..aa1c6dd7c5b9a 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/alerts_list/components/collapsed_item_actions.tsx +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/application/sections/alerts_list/components/collapsed_item_actions.tsx @@ -36,13 +36,10 @@ export const CollapsedItemActions: React.FunctionComponent = ({ item, onAlertChanged, }: ComponentOpts) => { - const { - http, - legacy: { capabilities }, - } = useAppDependencies(); + const { http, capabilities } = useAppDependencies(); - const canDelete = hasDeleteAlertsCapability(capabilities.get()); - const canSave = hasSaveAlertsCapability(capabilities.get()); + const canDelete = hasDeleteAlertsCapability(capabilities); + const canSave = hasSaveAlertsCapability(capabilities); const [isPopoverOpen, setIsPopoverOpen] = useState(false); diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/plugin.ts b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/plugin.ts index 0b0f8a4ee6790..00dd2f51feaee 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/plugin.ts +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/plugin.ts @@ -42,12 +42,6 @@ export class Plugin implements CorePlugin { { application, notifications, http, uiSettings, injectedMetadata }: CoreSetup, { __LEGACY }: LegacyPlugins ): Setup { - const canShowActions = hasShowActionsCapability(__LEGACY.capabilities.get()); - const canShowAlerts = hasShowAlertsCapability(__LEGACY.capabilities.get()); - - if (!canShowActions && !canShowAlerts) { - return; - } registerBuiltInActionTypes({ actionTypeRegistry: this.actionTypeRegistry, }); @@ -61,6 +55,7 @@ export class Plugin implements CorePlugin { mount: async ( { core: { + application: applicationStart, docLinks, chrome, // Waiting for types to be updated. @@ -71,6 +66,16 @@ export class Plugin implements CorePlugin { }, { element } ) => { + const { capabilities } = applicationStart; + + const canShowActions = hasShowActionsCapability(capabilities); + const canShowAlerts = hasShowAlertsCapability(capabilities); + + if (!canShowActions && !canShowAlerts) { + // Render nothing + return () => {}; + } + const { boot } = await import('./application/boot'); return boot({ element, @@ -85,6 +90,7 @@ export class Plugin implements CorePlugin { legacy: { ...__LEGACY, }, + capabilities, actionTypeRegistry: this.actionTypeRegistry, alertTypeRegistry: this.alertTypeRegistry, }); @@ -93,9 +99,10 @@ export class Plugin implements CorePlugin { } public start(core: CoreStart, { __LEGACY }: LegacyPlugins) { - const { capabilities } = __LEGACY; - const canShowActions = hasShowActionsCapability(capabilities.get()); - const canShowAlerts = hasShowAlertsCapability(capabilities.get()); + const { capabilities } = core.application; + + const canShowActions = hasShowActionsCapability(capabilities); + const canShowAlerts = hasShowAlertsCapability(capabilities); // Don't register routes when user doesn't have access to the application if (!canShowActions && !canShowAlerts) { diff --git a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/types.ts b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/types.ts index 7a8a0ead5e8c5..ed63ade903104 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/types.ts +++ b/x-pack/legacy/plugins/triggers_actions_ui/np_ready/public/types.ts @@ -3,7 +3,6 @@ * or more contributor license agreements. Licensed under the Elastic License; * you may not use this file except in compliance with the Elastic License. */ -import { capabilities } from 'ui/capabilities'; import { TypeRegistry } from './application/type_registry'; import { SanitizedAlert as Alert } from '../../../alerting/common'; export { SanitizedAlert as Alert, AlertAction } from '../../../alerting/common'; @@ -94,5 +93,4 @@ export interface IErrorObject { export interface LegacyDependencies { MANAGEMENT_BREADCRUMB: { text: string; href?: string }; - capabilities: typeof capabilities; } diff --git a/x-pack/legacy/plugins/triggers_actions_ui/public/legacy.ts b/x-pack/legacy/plugins/triggers_actions_ui/public/legacy.ts index bae9104081267..95cac99630fb4 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/public/legacy.ts +++ b/x-pack/legacy/plugins/triggers_actions_ui/public/legacy.ts @@ -67,7 +67,6 @@ routes.when(`${BASE_PATH}:section?/:subsection?/:view?/:id?`, { ...(npSetup.plugins as typeof npSetup.plugins), __LEGACY: { MANAGEMENT_BREADCRUMB, - capabilities, }, }); @@ -75,7 +74,6 @@ routes.when(`${BASE_PATH}:section?/:subsection?/:view?/:id?`, { ...(npSetup.plugins as typeof npSetup.plugins), __LEGACY: { MANAGEMENT_BREADCRUMB, - capabilities, }, }); From febb8405709a952609a65b27fe4709968bb60428 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mike=20C=C3=B4t=C3=A9?= Date: Tue, 28 Jan 2020 13:35:39 -0500 Subject: [PATCH 14/40] Remove alerts and actions from feature catalogue (#56140) --- .../plugins/triggers_actions_ui/index.ts | 1 - .../public/hacks/register.ts | 25 ------------------- 2 files changed, 26 deletions(-) delete mode 100644 x-pack/legacy/plugins/triggers_actions_ui/public/hacks/register.ts diff --git a/x-pack/legacy/plugins/triggers_actions_ui/index.ts b/x-pack/legacy/plugins/triggers_actions_ui/index.ts index c6ac3649a1477..19930363d30bf 100644 --- a/x-pack/legacy/plugins/triggers_actions_ui/index.ts +++ b/x-pack/legacy/plugins/triggers_actions_ui/index.ts @@ -29,7 +29,6 @@ export function triggersActionsUI(kibana: any) { .default(); }, uiExports: { - home: ['plugins/triggers_actions_ui/hacks/register'], managementSections: ['plugins/triggers_actions_ui/legacy'], styleSheetPaths: resolve(__dirname, 'public/index.scss'), injectDefaultVars(server: Legacy.Server) { diff --git a/x-pack/legacy/plugins/triggers_actions_ui/public/hacks/register.ts b/x-pack/legacy/plugins/triggers_actions_ui/public/hacks/register.ts deleted file mode 100644 index 7991604fcc667..0000000000000 --- a/x-pack/legacy/plugins/triggers_actions_ui/public/hacks/register.ts +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License; - * you may not use this file except in compliance with the Elastic License. - */ - -import { i18n } from '@kbn/i18n'; -import { - FeatureCatalogueRegistryProvider, - FeatureCatalogueCategory, -} from 'ui/registry/feature_catalogue'; - -FeatureCatalogueRegistryProvider.register(() => { - return { - id: 'triggersActions', - title: 'Alerts and Actions', // This is a product name so we don't translate it. - description: i18n.translate('xpack.triggersActionsUI.triggersActionsDescription', { - defaultMessage: 'Data by creating, managing, and monitoring triggers and actions.', - }), - icon: 'triggersActionsApp', - path: '/app/kibana#/management/kibana/triggersActions', - showOnHomePage: true, - category: FeatureCatalogueCategory.ADMIN, - }; -}); From 06acf2f42ad71f14cd233d3bdeb31f8a1be96115 Mon Sep 17 00:00:00 2001 From: Mikhail Shustov Date: Tue, 28 Jan 2020 19:57:44 +0100 Subject: [PATCH 15/40] add owners for es_archiver (#56184) --- .github/CODEOWNERS | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index ba468c5a2d989..eff8c58a48b0d 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -87,6 +87,7 @@ /src/dev/ @elastic/kibana-operations /src/setup_node_env/ @elastic/kibana-operations /src/optimize/ @elastic/kibana-operations +/src/es_archiver/ @elastic/kibana-operations /packages/*eslint*/ @elastic/kibana-operations /packages/*babel*/ @elastic/kibana-operations /packages/kbn-dev-utils*/ @elastic/kibana-operations @@ -112,6 +113,7 @@ /src/legacy/server/logging/ @elastic/kibana-platform /src/legacy/server/saved_objects/ @elastic/kibana-platform /src/legacy/server/status/ @elastic/kibana-platform +/src/dev/run_check_core_api_changes.ts @elastic/kibana-platform # Security /src/core/server/csp/ @elastic/kibana-security @elastic/kibana-platform From bd08eb7efcd0df87581d91b6c69e270f4fe5670d Mon Sep 17 00:00:00 2001 From: Chris Roberson Date: Tue, 28 Jan 2020 14:05:23 -0500 Subject: [PATCH 16/40] Revert "[Monitoring] Change all configs to `monitoring.*`" (#56214) This reverts commit 04ad88cd77d077d71d4ec75182850681c862344e. --- .../config/deprecation/core_deprecations.ts | 50 ---------- x-pack/legacy/plugins/monitoring/config.js | 96 +++++++++---------- x-pack/legacy/plugins/monitoring/index.js | 34 +++---- .../cluster_alerts/alerts_cluster_search.js | 2 +- .../verify_monitoring_license.js | 2 +- .../es_client/__tests__/instantiate_client.js | 6 +- .../parse_elasticsearch_config.test.ts | 4 +- .../es_client/parse_elasticsearch_config.ts | 2 +- .../server/init_monitoring_xpack_info.js | 2 +- .../__tests__/get_default_admin_email.js | 12 ++- .../collectors/get_settings_collector.js | 4 +- .../collectors/ops_buffer/ops_buffer.js | 2 +- .../server/kibana_monitoring/init.js | 2 +- .../server/lib/__tests__/ccs_utils.js | 8 +- .../monitoring/server/lib/apm/get_apms.js | 2 +- .../server/lib/apm/get_apms_for_clusters.js | 2 +- .../monitoring/server/lib/apm/get_stats.js | 2 +- .../monitoring/server/lib/beats/get_beats.js | 2 +- .../lib/beats/get_beats_for_clusters.js | 2 +- .../server/lib/beats/get_latest_stats.js | 2 +- .../monitoring/server/lib/beats/get_stats.js | 2 +- .../monitoring/server/lib/ccs_utils.js | 2 +- .../server/lib/cluster/get_clusters_stats.js | 2 +- .../lib/details/__test__/get_metrics.test.js | 2 +- .../server/lib/details/get_metrics.js | 2 +- .../server/lib/elasticsearch/get_ml_jobs.js | 2 +- .../lib/elasticsearch/indices/get_indices.js | 2 +- .../nodes/get_nodes/get_nodes.js | 6 +- .../nodes/get_nodes/get_paginated_nodes.js | 4 +- .../get_indices_unassigned_shard_stats.js | 2 +- .../shards/get_nodes_shard_count.js | 2 +- .../shards/get_shard_allocation.js | 2 +- .../shards/get_shard_stat_aggs.js | 2 +- .../server/lib/kibana/get_kibanas.js | 2 +- .../lib/kibana/get_kibanas_for_clusters.js | 2 +- .../monitoring/server/lib/logs/get_logs.js | 2 +- .../lib/logstash/get_logstash_for_clusters.js | 6 +- .../server/lib/logstash/get_nodes.js | 2 +- .../lib/logstash/get_paginated_pipelines.js | 2 +- .../server/lib/logstash/get_pipeline.js | 2 +- .../get_pipeline_stats_aggregation.js | 2 +- .../lib/logstash/get_pipeline_versions.js | 2 +- .../lib/logstash/get_pipeline_vertex.js | 2 +- .../get_pipeline_vertex_stats_aggregation.js | 2 +- .../plugins/monitoring/server/plugin.js | 16 ++-- .../server/routes/api/v1/elasticsearch/ccr.js | 2 +- .../api/v1/elasticsearch/node_detail.js | 2 +- .../server/routes/api/v1/logstash/node.js | 4 +- .../pipelines/cluster_pipeline_ids.js | 2 +- .../telemetry_collection/get_cluster_uuids.ts | 2 +- .../telemetry_collection/get_es_stats.js | 2 +- .../get_high_level_stats.js | 2 +- .../legacy/plugins/monitoring/ui_exports.js | 2 +- 53 files changed, 144 insertions(+), 186 deletions(-) diff --git a/src/core/server/config/deprecation/core_deprecations.ts b/src/core/server/config/deprecation/core_deprecations.ts index 3aa7f9e2aa8ad..c63c9384da9d8 100644 --- a/src/core/server/config/deprecation/core_deprecations.ts +++ b/src/core/server/config/deprecation/core_deprecations.ts @@ -119,56 +119,6 @@ export const coreDeprecationProvider: ConfigDeprecationProvider = ({ renameFromRoot('xpack.telemetry.config', 'telemetry.config'), renameFromRoot('xpack.telemetry.banner', 'telemetry.banner'), renameFromRoot('xpack.telemetry.url', 'telemetry.url'), - // Monitoring renames - // TODO: Remove these from here once the monitoring plugin is migrated to NP - renameFromRoot('xpack.monitoring.enabled', 'monitoring.enabled'), - renameFromRoot('xpack.monitoring.ui.enabled', 'monitoring.ui.enabled'), - renameFromRoot( - 'xpack.monitoring.kibana.collection.enabled', - 'monitoring.kibana.collection.enabled' - ), - renameFromRoot('xpack.monitoring.max_bucket_size', 'monitoring.ui.max_bucket_size'), - renameFromRoot('xpack.monitoring.min_interval_seconds', 'monitoring.ui.min_interval_seconds'), - renameFromRoot( - 'xpack.monitoring.show_license_expiration', - 'monitoring.ui.show_license_expiration' - ), - renameFromRoot( - 'xpack.monitoring.ui.container.elasticsearch.enabled', - 'monitoring.ui.container.elasticsearch.enabled' - ), - renameFromRoot( - 'xpack.monitoring.ui.container.logstash.enabled', - 'monitoring.ui.container.logstash.enabled' - ), - renameFromRoot( - 'xpack.monitoring.tests.cloud_detector.enabled', - 'monitoring.tests.cloud_detector.enabled' - ), - renameFromRoot( - 'xpack.monitoring.kibana.collection.interval', - 'monitoring.kibana.collection.interval' - ), - renameFromRoot('xpack.monitoring.elasticsearch.hosts', 'monitoring.ui.elasticsearch.hosts'), - renameFromRoot('xpack.monitoring.elasticsearch.username', 'monitoring.ui.elasticsearch.username'), - renameFromRoot('xpack.monitoring.elasticsearch.password', 'monitoring.ui.elasticsearch.password'), - renameFromRoot( - 'xpack.monitoring.xpack_api_polling_frequency_millis', - 'monitoring.xpack_api_polling_frequency_millis' - ), - renameFromRoot( - 'xpack.monitoring.cluster_alerts.email_notifications.enabled', - 'monitoring.cluster_alerts.email_notifications.enabled' - ), - renameFromRoot( - 'xpack.monitoring.cluster_alerts.email_notifications.email_address', - 'monitoring.cluster_alerts.email_notifications.email_address' - ), - renameFromRoot('xpack.monitoring.ccs.enabled', 'monitoring.ui.ccs.enabled'), - renameFromRoot( - 'xpack.monitoring.elasticsearch.logFetchCount', - 'monitoring.ui.elasticsearch.logFetchCount' - ), configPathDeprecation, dataPathDeprecation, rewriteBasePathDeprecation, diff --git a/x-pack/legacy/plugins/monitoring/config.js b/x-pack/legacy/plugins/monitoring/config.js index 778b656c056f2..91c1ee99a0b2e 100644 --- a/x-pack/legacy/plugins/monitoring/config.js +++ b/x-pack/legacy/plugins/monitoring/config.js @@ -15,12 +15,12 @@ export const config = Joi => { const DEFAULT_REQUEST_HEADERS = ['authorization']; return Joi.object({ + ccs: Joi.object({ + enabled: Joi.boolean().default(true), + }).default(), enabled: Joi.boolean().default(true), ui: Joi.object({ enabled: Joi.boolean().default(true), - ccs: Joi.object({ - enabled: Joi.boolean().default(true), - }).default(), container: Joi.object({ elasticsearch: Joi.object({ enabled: Joi.boolean().default(false), @@ -29,51 +29,6 @@ export const config = Joi => { enabled: Joi.boolean().default(false), }).default(), }).default(), - max_bucket_size: Joi.number().default(10000), - min_interval_seconds: Joi.number().default(10), - show_license_expiration: Joi.boolean().default(true), - elasticsearch: Joi.object({ - customHeaders: Joi.object().default({}), - logQueries: Joi.boolean().default(false), - requestHeadersWhitelist: Joi.array() - .items() - .single() - .default(DEFAULT_REQUEST_HEADERS), - sniffOnStart: Joi.boolean().default(false), - sniffInterval: Joi.number() - .allow(false) - .default(false), - sniffOnConnectionFault: Joi.boolean().default(false), - hosts: Joi.array() - .items(Joi.string().uri({ scheme: ['http', 'https'] })) - .single(), // if empty, use Kibana's connection config - username: Joi.string(), - password: Joi.string(), - requestTimeout: Joi.number().default(30000), - pingTimeout: Joi.number().default(30000), - ssl: Joi.object({ - verificationMode: Joi.string() - .valid('none', 'certificate', 'full') - .default('full'), - certificateAuthorities: Joi.array() - .single() - .items(Joi.string()), - certificate: Joi.string(), - key: Joi.string(), - keyPassphrase: Joi.string(), - keystore: Joi.object({ - path: Joi.string(), - password: Joi.string(), - }).default(), - truststore: Joi.object({ - path: Joi.string(), - password: Joi.string(), - }).default(), - alwaysPresentCertificate: Joi.boolean().default(false), - }).default(), - apiVersion: Joi.string().default('master'), - logFetchCount: Joi.number().default(10), - }).default(), }).default(), kibana: Joi.object({ collection: Joi.object({ @@ -91,11 +46,56 @@ export const config = Joi => { xpack_api_polling_frequency_millis: Joi.number().default( XPACK_INFO_API_DEFAULT_POLL_FREQUENCY_IN_MILLIS ), + max_bucket_size: Joi.number().default(10000), + min_interval_seconds: Joi.number().default(10), + show_license_expiration: Joi.boolean().default(true), agent: Joi.object({ interval: Joi.string() .regex(/[\d\.]+[yMwdhms]/) .default('10s'), }).default(), + elasticsearch: Joi.object({ + customHeaders: Joi.object().default({}), + logQueries: Joi.boolean().default(false), + requestHeadersWhitelist: Joi.array() + .items() + .single() + .default(DEFAULT_REQUEST_HEADERS), + sniffOnStart: Joi.boolean().default(false), + sniffInterval: Joi.number() + .allow(false) + .default(false), + sniffOnConnectionFault: Joi.boolean().default(false), + hosts: Joi.array() + .items(Joi.string().uri({ scheme: ['http', 'https'] })) + .single(), // if empty, use Kibana's connection config + username: Joi.string(), + password: Joi.string(), + requestTimeout: Joi.number().default(30000), + pingTimeout: Joi.number().default(30000), + ssl: Joi.object({ + verificationMode: Joi.string() + .valid('none', 'certificate', 'full') + .default('full'), + certificateAuthorities: Joi.array() + .single() + .items(Joi.string()), + certificate: Joi.string(), + key: Joi.string(), + keyPassphrase: Joi.string(), + keystore: Joi.object({ + path: Joi.string(), + password: Joi.string(), + }).default(), + truststore: Joi.object({ + path: Joi.string(), + password: Joi.string(), + }).default(), + alwaysPresentCertificate: Joi.boolean().default(false), + }).default(), + apiVersion: Joi.string().default('master'), + logFetchCount: Joi.number().default(10), + }).default(), tests: Joi.object({ cloud_detector: Joi.object({ enabled: Joi.boolean().default(true), diff --git a/x-pack/legacy/plugins/monitoring/index.js b/x-pack/legacy/plugins/monitoring/index.js index ca595836133c2..8e0201bea710b 100644 --- a/x-pack/legacy/plugins/monitoring/index.js +++ b/x-pack/legacy/plugins/monitoring/index.js @@ -20,31 +20,31 @@ export const monitoring = kibana => new kibana.Plugin({ require: ['kibana', 'elasticsearch', 'xpack_main'], id: 'monitoring', - configPrefix: 'monitoring', + configPrefix: 'xpack.monitoring', publicDir: resolve(__dirname, 'public'), init(server) { const configs = [ - 'monitoring.ui.enabled', - 'monitoring.kibana.collection.enabled', - 'monitoring.ui.max_bucket_size', - 'monitoring.ui.min_interval_seconds', + 'xpack.monitoring.ui.enabled', + 'xpack.monitoring.kibana.collection.enabled', + 'xpack.monitoring.max_bucket_size', + 'xpack.monitoring.min_interval_seconds', 'kibana.index', - 'monitoring.ui.show_license_expiration', - 'monitoring.ui.container.elasticsearch.enabled', - 'monitoring.ui.container.logstash.enabled', - 'monitoring.tests.cloud_detector.enabled', - 'monitoring.kibana.collection.interval', - 'monitoring.ui.elasticsearch.hosts', - 'monitoring.ui.elasticsearch', - 'monitoring.xpack_api_polling_frequency_millis', + 'xpack.monitoring.show_license_expiration', + 'xpack.monitoring.ui.container.elasticsearch.enabled', + 'xpack.monitoring.ui.container.logstash.enabled', + 'xpack.monitoring.tests.cloud_detector.enabled', + 'xpack.monitoring.kibana.collection.interval', + 'xpack.monitoring.elasticsearch.hosts', + 'xpack.monitoring.elasticsearch', + 'xpack.monitoring.xpack_api_polling_frequency_millis', 'server.uuid', 'server.name', 'server.host', 'server.port', - 'monitoring.cluster_alerts.email_notifications.enabled', - 'monitoring.cluster_alerts.email_notifications.email_address', - 'monitoring.ui.ccs.enabled', - 'monitoring.ui.elasticsearch.logFetchCount', + 'xpack.monitoring.cluster_alerts.email_notifications.enabled', + 'xpack.monitoring.cluster_alerts.email_notifications.email_address', + 'xpack.monitoring.ccs.enabled', + 'xpack.monitoring.elasticsearch.logFetchCount', ]; const serverConfig = server.config(); diff --git a/x-pack/legacy/plugins/monitoring/server/cluster_alerts/alerts_cluster_search.js b/x-pack/legacy/plugins/monitoring/server/cluster_alerts/alerts_cluster_search.js index eff9875d794ad..0c9fb4bd04ee7 100644 --- a/x-pack/legacy/plugins/monitoring/server/cluster_alerts/alerts_cluster_search.js +++ b/x-pack/legacy/plugins/monitoring/server/cluster_alerts/alerts_cluster_search.js @@ -157,7 +157,7 @@ export function alertsClusterSearch(req, alertsIndex, cluster, checkLicense, opt if (prodLicenseInfo.clusterAlerts.enabled) { const config = req.server.config(); - const size = options.size || config.get('monitoring.ui.max_bucket_size'); + const size = options.size || config.get('xpack.monitoring.max_bucket_size'); const params = { index: alertsIndex, diff --git a/x-pack/legacy/plugins/monitoring/server/cluster_alerts/verify_monitoring_license.js b/x-pack/legacy/plugins/monitoring/server/cluster_alerts/verify_monitoring_license.js index e94f4e08fbdb1..9cc67e11c28d5 100644 --- a/x-pack/legacy/plugins/monitoring/server/cluster_alerts/verify_monitoring_license.js +++ b/x-pack/legacy/plugins/monitoring/server/cluster_alerts/verify_monitoring_license.js @@ -19,7 +19,7 @@ export function verifyMonitoringLicense(server) { const config = server.config(); // if cluster alerts are enabled, then ensure that we can use it according to the license - if (config.get('monitoring.cluster_alerts.enabled')) { + if (config.get('xpack.monitoring.cluster_alerts.enabled')) { const xpackInfo = get(server.plugins.monitoring, 'info'); if (xpackInfo) { const monitoringCluster = xpackInfo.feature('monitoring').getLicenseCheckResults(); diff --git a/x-pack/legacy/plugins/monitoring/server/es_client/__tests__/instantiate_client.js b/x-pack/legacy/plugins/monitoring/server/es_client/__tests__/instantiate_client.js index 88cf9734d5f57..6844bd5febf8e 100644 --- a/x-pack/legacy/plugins/monitoring/server/es_client/__tests__/instantiate_client.js +++ b/x-pack/legacy/plugins/monitoring/server/es_client/__tests__/instantiate_client.js @@ -11,8 +11,8 @@ import { exposeClient, hasMonitoringCluster } from '../instantiate_client'; function getMockServerFromConnectionUrl(monitoringClusterUrl) { const server = { - monitoring: { - ui: { + xpack: { + monitoring: { elasticsearch: { hosts: monitoringClusterUrl ? [monitoringClusterUrl] : [], username: 'monitoring-user-internal-test', @@ -27,7 +27,7 @@ function getMockServerFromConnectionUrl(monitoringClusterUrl) { }; return { - elasticsearchConfig: server.monitoring.ui.elasticsearch, + elasticsearchConfig: server.xpack.monitoring.elasticsearch, elasticsearchPlugin: { getCluster: sinon .stub() diff --git a/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.test.ts b/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.test.ts index 8d9b5335732c0..c6f4e0fa68504 100644 --- a/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.test.ts +++ b/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.test.ts @@ -168,14 +168,14 @@ describe('throws when config is invalid', () => { it('throws if key and keystore.path are both specified', () => { const value = { ssl: { key: 'foo', keystore: { path: 'bar' } } }; expect(() => parse(value)).toThrowErrorMatchingInlineSnapshot( - `"[config validation of [monitoring.ui.elasticsearch].ssl]: cannot use [key] when [keystore.path] is specified"` + `"[config validation of [xpack.monitoring.elasticsearch].ssl]: cannot use [key] when [keystore.path] is specified"` ); }); it('throws if certificate and keystore.path are both specified', () => { const value = { ssl: { certificate: 'foo', keystore: { path: 'bar' } } }; expect(() => parse(value)).toThrowErrorMatchingInlineSnapshot( - `"[config validation of [monitoring.ui.elasticsearch].ssl]: cannot use [certificate] when [keystore.path] is specified"` + `"[config validation of [xpack.monitoring.elasticsearch].ssl]: cannot use [certificate] when [keystore.path] is specified"` ); }); }); diff --git a/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.ts b/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.ts index 728b3433bf06c..70e6235602b5b 100644 --- a/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.ts +++ b/x-pack/legacy/plugins/monitoring/server/es_client/parse_elasticsearch_config.ts @@ -7,7 +7,7 @@ import { readFileSync } from 'fs'; import { readPkcs12Truststore, readPkcs12Keystore } from '../../../../../../src/core/utils'; -const KEY = 'monitoring.ui.elasticsearch'; +const KEY = 'xpack.monitoring.elasticsearch'; /* * Parse a config object's Elasticsearch configuration, reading any diff --git a/x-pack/legacy/plugins/monitoring/server/init_monitoring_xpack_info.js b/x-pack/legacy/plugins/monitoring/server/init_monitoring_xpack_info.js index ba07f512de896..b43430ead23b0 100644 --- a/x-pack/legacy/plugins/monitoring/server/init_monitoring_xpack_info.js +++ b/x-pack/legacy/plugins/monitoring/server/init_monitoring_xpack_info.js @@ -15,7 +15,7 @@ export const initMonitoringXpackInfo = async ({ config, xpackMainPlugin, expose, const xpackInfo = hasMonitoringCluster(config) ? xpackMainPlugin.createXPackInfo({ clusterSource: 'monitoring', - pollFrequencyInMillis: config.get('monitoring.xpack_api_polling_frequency_millis'), + pollFrequencyInMillis: config.get('xpack.monitoring.xpack_api_polling_frequency_millis'), }) : xpackMainPlugin.info; diff --git a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/__tests__/get_default_admin_email.js b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/__tests__/get_default_admin_email.js index 10f52a82a830c..96dc461c03fd3 100644 --- a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/__tests__/get_default_admin_email.js +++ b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/__tests__/get_default_admin_email.js @@ -14,10 +14,14 @@ describe('getSettingsCollector / getDefaultAdminEmail', () => { function setup({ enabled = true, adminEmail = null } = {}) { const config = { get: sinon.stub() }; - config.get.withArgs('monitoring.cluster_alerts.email_notifications.enabled').returns(enabled); + config.get + .withArgs('xpack.monitoring.cluster_alerts.email_notifications.enabled') + .returns(enabled); if (adminEmail) { - config.get.withArgs(`monitoring.${CLUSTER_ALERTS_ADDRESS_CONFIG_KEY}`).returns(adminEmail); + config.get + .withArgs(`xpack.monitoring.${CLUSTER_ALERTS_ADDRESS_CONFIG_KEY}`) + .returns(adminEmail); } config.get.withArgs('kibana.index').returns('.kibana'); @@ -27,7 +31,7 @@ describe('getSettingsCollector / getDefaultAdminEmail', () => { return config; } - describe('monitoring.cluster_alerts.email_notifications.enabled = false', () => { + describe('xpack.monitoring.cluster_alerts.email_notifications.enabled = false', () => { it('returns null when email is defined', async () => { const config = setup({ enabled: false }); expect(await getDefaultAdminEmail(config)).to.be(null); @@ -39,7 +43,7 @@ describe('getSettingsCollector / getDefaultAdminEmail', () => { }); }); - describe('monitoring.cluster_alerts.email_notifications.enabled = true', () => { + describe('xpack.monitoring.cluster_alerts.email_notifications.enabled = true', () => { it('returns value when email is defined', async () => { const config = setup({ adminEmail: 'hello@world' }); expect(await getDefaultAdminEmail(config)).to.be('hello@world'); diff --git a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/get_settings_collector.js b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/get_settings_collector.js index f51e7d22a0c7c..d0e1d32a2baa4 100644 --- a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/get_settings_collector.js +++ b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/get_settings_collector.js @@ -11,11 +11,11 @@ import { CLUSTER_ALERTS_ADDRESS_CONFIG_KEY, KIBANA_SETTINGS_TYPE } from '../../. * If so, get email from kibana.yml */ export async function getDefaultAdminEmail(config) { - if (!config.get('monitoring.cluster_alerts.email_notifications.enabled')) { + if (!config.get('xpack.monitoring.cluster_alerts.email_notifications.enabled')) { return null; } - const emailAddressConfigKey = `monitoring.${CLUSTER_ALERTS_ADDRESS_CONFIG_KEY}`; + const emailAddressConfigKey = `xpack.monitoring.${CLUSTER_ALERTS_ADDRESS_CONFIG_KEY}`; const configuredEmailAddress = config.get(emailAddressConfigKey); return configuredEmailAddress || null; diff --git a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/ops_buffer/ops_buffer.js b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/ops_buffer/ops_buffer.js index 699a364433b3e..d58f6f3254c76 100644 --- a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/ops_buffer/ops_buffer.js +++ b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/collectors/ops_buffer/ops_buffer.js @@ -17,7 +17,7 @@ export function opsBuffer({ config, log, getOSInfo }) { // determine the cloud service in the background const cloudDetector = new CloudDetector(); - if (config.get('monitoring.tests.cloud_detector.enabled')) { + if (config.get('xpack.monitoring.tests.cloud_detector.enabled')) { cloudDetector.detectCloudService(); } diff --git a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/init.js b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/init.js index 3c02e2be58dec..bf79ddc210902 100644 --- a/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/init.js +++ b/x-pack/legacy/plugins/monitoring/server/kibana_monitoring/init.js @@ -16,7 +16,7 @@ import { BulkUploader } from './bulk_uploader'; * @param {Object} server HapiJS server instance */ export function initBulkUploader({ config, ...params }) { - const interval = config.get('monitoring.kibana.collection.interval'); + const interval = config.get('xpack.monitoring.kibana.collection.interval'); return new BulkUploader({ interval, config, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/__tests__/ccs_utils.js b/x-pack/legacy/plugins/monitoring/server/lib/__tests__/ccs_utils.js index 2d310962238fd..844dfc96bb19b 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/__tests__/ccs_utils.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/__tests__/ccs_utils.js @@ -17,7 +17,7 @@ describe('ccs_utils', () => { const get = sinon.stub(); const config = { get }; - get.withArgs('monitoring.ui.ccs.enabled').returns(false); + get.withArgs('xpack.monitoring.ccs.enabled').returns(false); // falsy string values should be ignored const allPattern = prefixIndexPattern(config, indexPattern, '*'); @@ -32,7 +32,7 @@ describe('ccs_utils', () => { const get = sinon.stub(); const config = { get }; - get.withArgs('monitoring.ui.ccs.enabled').returns(true); + get.withArgs('xpack.monitoring.ccs.enabled').returns(true); // falsy string values should be ignored const undefinedPattern = prefixIndexPattern(config, indexPattern); @@ -49,7 +49,7 @@ describe('ccs_utils', () => { const get = sinon.stub(); const config = { get }; - get.withArgs('monitoring.ui.ccs.enabled').returns(true); + get.withArgs('xpack.monitoring.ccs.enabled').returns(true); const abcPattern = prefixIndexPattern(config, indexPattern, 'aBc'); const underscorePattern = prefixIndexPattern(config, indexPattern, 'cluster_one'); @@ -67,7 +67,7 @@ describe('ccs_utils', () => { const get = sinon.stub(); const config = { get }; - get.withArgs('monitoring.ui.ccs.enabled').returns(true); + get.withArgs('xpack.monitoring.ccs.enabled').returns(true); const pattern = prefixIndexPattern(config, indexPattern, '*'); diff --git a/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms.js b/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms.js index 40070a6b0d0f2..ef8db59620f1a 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms.js @@ -84,7 +84,7 @@ export async function getApms(req, apmIndexPattern, clusterUuid) { const params = { index: apmIndexPattern, - size: config.get('monitoring.ui.max_bucket_size'), // FIXME + size: config.get('xpack.monitoring.max_bucket_size'), // FIXME ignoreUnavailable: true, filterPath: [ // only filter path can filter for inner_hits diff --git a/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms_for_clusters.js b/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms_for_clusters.js index a24936dc0f832..95ccb81f696be 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms_for_clusters.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/apm/get_apms_for_clusters.js @@ -35,7 +35,7 @@ export function getApmsForClusters(req, apmIndexPattern, clusters) { const start = req.payload.timeRange.min; const end = req.payload.timeRange.max; const config = req.server.config(); - const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); + const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); return Promise.all( clusters.map(async cluster => { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/apm/get_stats.js b/x-pack/legacy/plugins/monitoring/server/lib/apm/get_stats.js index bfaec4f8a1294..54a0609d945de 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/apm/get_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/apm/get_stats.js @@ -28,7 +28,7 @@ export async function getStats(req, apmIndexPattern, clusterUuid) { const config = req.server.config(); const start = moment.utc(req.payload.timeRange.min).valueOf(); const end = moment.utc(req.payload.timeRange.max).valueOf(); - const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); + const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); const params = { index: apmIndexPattern, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats.js b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats.js index ef878e4892557..5857ec32b2259 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats.js @@ -83,7 +83,7 @@ export async function getBeats(req, beatsIndexPattern, clusterUuid) { const params = { index: beatsIndexPattern, - size: config.get('monitoring.ui.max_bucket_size'), // FIXME + size: config.get('xpack.monitoring.max_bucket_size'), // FIXME ignoreUnavailable: true, filterPath: [ // only filter path can filter for inner_hits diff --git a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats_for_clusters.js b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats_for_clusters.js index 624abb894e508..82a738755931d 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats_for_clusters.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_beats_for_clusters.js @@ -34,7 +34,7 @@ export function getBeatsForClusters(req, beatsIndexPattern, clusters) { const start = req.payload.timeRange.min; const end = req.payload.timeRange.max; const config = req.server.config(); - const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); + const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); return Promise.all( clusters.map(async cluster => { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_latest_stats.js b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_latest_stats.js index 1139489728dbf..d326c84634e12 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_latest_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_latest_stats.js @@ -71,7 +71,7 @@ export function getLatestStats(req, beatsIndexPattern, clusterUuid) { uuids: { terms: { field: 'beats_stats.beat.uuid', - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), }, }, }, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_stats.js b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_stats.js index 0f90750a293fb..80851a8498c26 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/beats/get_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/beats/get_stats.js @@ -28,7 +28,7 @@ export async function getStats(req, beatsIndexPattern, clusterUuid) { const config = req.server.config(); const start = moment.utc(req.payload.timeRange.min).valueOf(); const end = moment.utc(req.payload.timeRange.max).valueOf(); - const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); + const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); const params = { index: beatsIndexPattern, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/ccs_utils.js b/x-pack/legacy/plugins/monitoring/server/lib/ccs_utils.js index 3409462156a07..5b3980d9619a8 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/ccs_utils.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/ccs_utils.js @@ -16,7 +16,7 @@ * @return {String} The index pattern with the {@code cluster} prefix appropriately prepended. */ export function prefixIndexPattern(config, indexPattern, ccs) { - const ccsEnabled = config.get('monitoring.ui.ccs.enabled'); + const ccsEnabled = config.get('xpack.monitoring.ccs.enabled'); if (!ccsEnabled || !ccs) { return indexPattern; diff --git a/x-pack/legacy/plugins/monitoring/server/lib/cluster/get_clusters_stats.js b/x-pack/legacy/plugins/monitoring/server/lib/cluster/get_clusters_stats.js index 54dc58a374c2c..c323cb381aaf2 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/cluster/get_clusters_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/cluster/get_clusters_stats.js @@ -46,7 +46,7 @@ function fetchClusterStats(req, esIndexPattern, clusterUuid) { const metric = ElasticsearchMetric.getMetricFields(); const params = { index: esIndexPattern, - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), ignoreUnavailable: true, filterPath: [ 'hits.hits._index', diff --git a/x-pack/legacy/plugins/monitoring/server/lib/details/__test__/get_metrics.test.js b/x-pack/legacy/plugins/monitoring/server/lib/details/__test__/get_metrics.test.js index fbe6c8ec4cfa3..b7c387e74ec96 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/details/__test__/get_metrics.test.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/details/__test__/get_metrics.test.js @@ -20,7 +20,7 @@ function getMockReq(metricsBuckets = []) { get: sinon.stub(), }; - config.get.withArgs('monitoring.ui.min_interval_seconds').returns(10); + config.get.withArgs('xpack.monitoring.min_interval_seconds').returns(10); return { server: { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/details/get_metrics.js b/x-pack/legacy/plugins/monitoring/server/lib/details/get_metrics.js index 0c4736e91ea10..798a94abbe484 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/details/get_metrics.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/details/get_metrics.js @@ -28,7 +28,7 @@ export async function getMetrics( // TODO: Pass in req parameters as explicit function parameters let min = moment.utc(req.payload.timeRange.min).valueOf(); const max = moment.utc(req.payload.timeRange.max).valueOf(); - const minIntervalSeconds = config.get('monitoring.ui.min_interval_seconds'); + const minIntervalSeconds = config.get('xpack.monitoring.min_interval_seconds'); const bucketSize = calculateTimeseriesInterval(min, max, minIntervalSeconds); const timezone = await getTimezone(req); diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/get_ml_jobs.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/get_ml_jobs.js index 8aef402f881e8..658ee96c1f084 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/get_ml_jobs.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/get_ml_jobs.js @@ -23,7 +23,7 @@ export function getMlJobs(req, esIndexPattern) { checkParam(esIndexPattern, 'esIndexPattern in getMlJobs'); const config = req.server.config(); - const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); + const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); const start = req.payload.timeRange.min; // no wrapping in moment :) const end = req.payload.timeRange.max; const clusterUuid = req.params.clusterUuid; diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/indices/get_indices.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/indices/get_indices.js index 938a9b9d55e43..6fe8ccfd89043 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/indices/get_indices.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/indices/get_indices.js @@ -97,7 +97,7 @@ export function getIndices(req, esIndexPattern, showSystemIndices = false, shard const params = { index: esIndexPattern, // TODO: composite aggregation - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), ignoreUnavailable: true, filterPath: [ // only filter path can filter for inner_hits diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_nodes.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_nodes.js index c248ad743e0ec..7581a32590971 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_nodes.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_nodes.js @@ -44,7 +44,7 @@ export async function getNodes(req, esIndexPattern, pageOfNodes, clusterStats, n const min = start; const bucketSize = Math.max( - config.get('monitoring.ui.min_interval_seconds'), + config.get('xpack.monitoring.min_interval_seconds'), calculateAuto(100, duration).asSeconds() ); @@ -59,7 +59,7 @@ export async function getNodes(req, esIndexPattern, pageOfNodes, clusterStats, n const params = { index: esIndexPattern, - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), ignoreUnavailable: true, body: { query: createQuery({ @@ -78,7 +78,7 @@ export async function getNodes(req, esIndexPattern, pageOfNodes, clusterStats, n terms: { field: `source_node.uuid`, include: uuidsToInclude, - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), }, aggs: { by_date: { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_paginated_nodes.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_paginated_nodes.js index e18d328e8725b..51c61046e9cda 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_paginated_nodes.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/nodes/get_nodes/get_paginated_nodes.js @@ -38,7 +38,7 @@ export async function getPaginatedNodes( { clusterStats, nodesShardCount } ) { const config = req.server.config(); - const size = config.get('monitoring.ui.max_bucket_size'); + const size = config.get('xpack.monitoring.max_bucket_size'); const nodes = await getNodeIds(req, esIndexPattern, { clusterUuid }, size); // Add `isOnline` and shards from the cluster state and shard stats @@ -63,7 +63,7 @@ export async function getPaginatedNodes( const groupBy = { field: `source_node.uuid`, include: nodes.map(node => node.uuid), - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), }; const metricSeriesData = await getMetrics( req, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_indices_unassigned_shard_stats.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_indices_unassigned_shard_stats.js index c77bcc4f62e61..e8d484e7021f4 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_indices_unassigned_shard_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_indices_unassigned_shard_stats.js @@ -12,7 +12,7 @@ import { calculateIndicesTotals } from './calculate_shard_stat_indices_totals'; async function getUnassignedShardData(req, esIndexPattern, cluster) { const config = req.server.config(); - const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); + const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); const metric = ElasticsearchMetric.getMetricFields(); const params = { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_nodes_shard_count.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_nodes_shard_count.js index 7823884dc749d..c11bd4aead693 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_nodes_shard_count.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_nodes_shard_count.js @@ -11,7 +11,7 @@ import { ElasticsearchMetric } from '../../metrics'; async function getShardCountPerNode(req, esIndexPattern, cluster) { const config = req.server.config(); - const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); + const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); const metric = ElasticsearchMetric.getMetricFields(); const params = { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_allocation.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_allocation.js index 40412c03b0ef9..3be5650b7d3bc 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_allocation.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_allocation.js @@ -55,7 +55,7 @@ export function getShardAllocation( const metric = ElasticsearchMetric.getMetricFields(); const params = { index: esIndexPattern, - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), ignoreUnavailable: true, body: { query: createQuery({ type: 'shards', clusterUuid, metric, filters }), diff --git a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_stat_aggs.js b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_stat_aggs.js index 8c4834e5d5e40..eddd50612cdb1 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_stat_aggs.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/elasticsearch/shards/get_shard_stat_aggs.js @@ -9,7 +9,7 @@ * @param {Boolean} includeNodes - whether to add the aggs for node shards */ export function getShardAggs(config, includeNodes, includeIndices) { - const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); + const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); const aggSize = 10; const indicesAgg = { terms: { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas.js b/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas.js index c272c38f00d55..af6563bae682d 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas.js @@ -31,7 +31,7 @@ export function getKibanas(req, kbnIndexPattern, { clusterUuid }) { const params = { index: kbnIndexPattern, - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), ignoreUnavailable: true, body: { query: createQuery({ diff --git a/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas_for_clusters.js b/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas_for_clusters.js index e50e8bda3c907..dbf1c41dcf4e5 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas_for_clusters.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/kibana/get_kibanas_for_clusters.js @@ -49,7 +49,7 @@ export function getKibanasForClusters(req, kbnIndexPattern, clusters) { kibana_uuids: { terms: { field: 'kibana_stats.kibana.uuid', - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), }, aggs: { latest_report: { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logs/get_logs.js b/x-pack/legacy/plugins/monitoring/server/lib/logs/get_logs.js index b876e3ba05d70..7a20d7737c5e8 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logs/get_logs.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logs/get_logs.js @@ -70,7 +70,7 @@ export async function getLogs( const params = { index: filebeatIndexPattern, - size: Math.min(50, config.get('monitoring.ui.elasticsearch.logFetchCount')), + size: Math.min(50, config.get('xpack.monitoring.elasticsearch.logFetchCount')), filterPath: [ 'hits.hits._source.message', 'hits.hits._source.log.level', diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_logstash_for_clusters.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_logstash_for_clusters.js index 55baa3cf10b50..d0de2c3f5df3a 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_logstash_for_clusters.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_logstash_for_clusters.js @@ -60,7 +60,7 @@ export function getLogstashForClusters(req, lsIndexPattern, clusters) { logstash_uuids: { terms: { field: 'logstash_stats.logstash.uuid', - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), }, aggs: { latest_report: { @@ -119,7 +119,7 @@ export function getLogstashForClusters(req, lsIndexPattern, clusters) { logstash_versions: { terms: { field: 'logstash_stats.logstash.version', - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), }, }, pipelines_nested: { @@ -135,7 +135,7 @@ export function getLogstashForClusters(req, lsIndexPattern, clusters) { queue_types: { terms: { field: 'logstash_stats.pipelines.queue.type', - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), }, aggs: { num_pipelines: { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_nodes.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_nodes.js index 06696abdb031f..93b70d7b79f0a 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_nodes.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_nodes.js @@ -31,7 +31,7 @@ export function getNodes(req, lsIndexPattern, { clusterUuid }) { const params = { index: lsIndexPattern, - size: config.get('monitoring.ui.max_bucket_size'), // FIXME + size: config.get('xpack.monitoring.max_bucket_size'), // FIXME ignoreUnavailable: true, body: { query: createQuery({ diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_paginated_pipelines.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_paginated_pipelines.js index ffc7e9ce1d6c2..ef9ef90e8f310 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_paginated_pipelines.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_paginated_pipelines.js @@ -37,7 +37,7 @@ export async function getPaginatedPipelines( queryText ) { const config = req.server.config(); - const size = config.get('monitoring.ui.max_bucket_size'); + const size = config.get('xpack.monitoring.max_bucket_size'); const pipelines = await getLogstashPipelineIds( req, lsIndexPattern, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline.js index 35a4295de298b..eeeffd74e91f7 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline.js @@ -111,7 +111,7 @@ export async function getPipeline(req, config, lsIndexPattern, clusterUuid, pipe }; // Determine metrics' timeseries interval based on version's timespan - const minIntervalSeconds = config.get('monitoring.ui.min_interval_seconds'); + const minIntervalSeconds = config.get('xpack.monitoring.min_interval_seconds'); const timeseriesInterval = calculateTimeseriesInterval( version.firstSeen, version.lastSeen, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_stats_aggregation.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_stats_aggregation.js index d9c03819b0098..1858674a01b86 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_stats_aggregation.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_stats_aggregation.js @@ -171,7 +171,7 @@ export function getPipelineStatsAggregation( logstashIndexPattern, pipelineId, version, - config.get('monitoring.ui.max_bucket_size'), + config.get('xpack.monitoring.max_bucket_size'), callWithRequest, req ); diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_versions.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_versions.js index 7521389c379ea..7dfa8d4a163ce 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_versions.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_versions.js @@ -37,7 +37,7 @@ function fetchPipelineVersions(...args) { by_pipeline_hash: { terms: { field: 'logstash_stats.pipelines.hash', - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), order: { 'path_to_root>first_seen': 'desc' }, }, aggs: { diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex.js index 134dd88b36ce6..49c2dff2d6080 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex.js @@ -130,7 +130,7 @@ export async function getPipelineVertex( }; // Determine metrics' timeseries interval based on version's timespan - const minIntervalSeconds = config.get('monitoring.ui.min_interval_seconds'); + const minIntervalSeconds = config.get('xpack.monitoring.min_interval_seconds'); const timeseriesInterval = calculateTimeseriesInterval( version.firstSeen, version.lastSeen, diff --git a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex_stats_aggregation.js b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex_stats_aggregation.js index 425ca5731926c..c91182188b213 100644 --- a/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex_stats_aggregation.js +++ b/x-pack/legacy/plugins/monitoring/server/lib/logstash/get_pipeline_vertex_stats_aggregation.js @@ -216,7 +216,7 @@ export function getPipelineVertexStatsAggregation( version, vertexId, timeSeriesIntervalInSeconds, - config.get('monitoring.ui.max_bucket_size'), + config.get('xpack.monitoring.max_bucket_size'), callWithRequest, req ); diff --git a/x-pack/legacy/plugins/monitoring/server/plugin.js b/x-pack/legacy/plugins/monitoring/server/plugin.js index ef346e95ad075..163bc43945be1 100644 --- a/x-pack/legacy/plugins/monitoring/server/plugin.js +++ b/x-pack/legacy/plugins/monitoring/server/plugin.js @@ -48,7 +48,7 @@ export class Plugin { /* * End-user-facing services */ - const uiEnabled = config.get('monitoring.ui.enabled'); + const uiEnabled = config.get('xpack.monitoring.ui.enabled'); if (uiEnabled) { await instantiateClient({ @@ -98,7 +98,7 @@ export class Plugin { kbnServerStatus: kbnServer.status, kbnServerVersion: kbnServer.version, }); - const kibanaCollectionEnabled = config.get('monitoring.kibana.collection.enabled'); + const kibanaCollectionEnabled = config.get('xpack.monitoring.kibana.collection.enabled'); if (kibanaCollectionEnabled) { /* @@ -125,12 +125,14 @@ export class Plugin { core.injectUiAppVars('monitoring', () => { const config = core.config(); return { - maxBucketSize: config.get('monitoring.ui.max_bucket_size'), - minIntervalSeconds: config.get('monitoring.ui.min_interval_seconds'), + maxBucketSize: config.get('xpack.monitoring.max_bucket_size'), + minIntervalSeconds: config.get('xpack.monitoring.min_interval_seconds'), kbnIndex: config.get('kibana.index'), - showLicenseExpiration: config.get('monitoring.ui.show_license_expiration'), - showCgroupMetricsElasticsearch: config.get('monitoring.ui.container.elasticsearch.enabled'), - showCgroupMetricsLogstash: config.get('monitoring.ui.container.logstash.enabled'), // Note, not currently used, but see https://github.com/elastic/x-pack-kibana/issues/1559 part 2 + showLicenseExpiration: config.get('xpack.monitoring.show_license_expiration'), + showCgroupMetricsElasticsearch: config.get( + 'xpack.monitoring.ui.container.elasticsearch.enabled' + ), + showCgroupMetricsLogstash: config.get('xpack.monitoring.ui.container.logstash.enabled'), // Note, not currently used, but see https://github.com/elastic/x-pack-kibana/issues/1559 part 2 }; }); } diff --git a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/ccr.js b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/ccr.js index fcdf4ad8a706c..2d4bded9fc4c8 100644 --- a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/ccr.js +++ b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/ccr.js @@ -26,7 +26,7 @@ function getBucketScript(max, min) { function buildRequest(req, config, esIndexPattern) { const min = moment.utc(req.payload.timeRange.min).valueOf(); const max = moment.utc(req.payload.timeRange.max).valueOf(); - const maxBucketSize = config.get('monitoring.ui.max_bucket_size'); + const maxBucketSize = config.get('xpack.monitoring.max_bucket_size'); const aggs = { ops_synced_max: { max: { diff --git a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/node_detail.js b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/node_detail.js index 25ead723e3ddb..10226d74ed001 100644 --- a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/node_detail.js +++ b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/elasticsearch/node_detail.js @@ -61,7 +61,7 @@ export function esNodeRoute(server) { metricSet = metricSetOverview; // set the cgroup option if needed const showCgroupMetricsElasticsearch = config.get( - 'monitoring.ui.container.elasticsearch.enabled' + 'xpack.monitoring.ui.container.elasticsearch.enabled' ); const metricCpu = metricSet.find(m => m.name === 'node_cpu_metric'); if (showCgroupMetricsElasticsearch) { diff --git a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/node.js b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/node.js index bd3ae5f5c2679..d5ce9d1686f8a 100644 --- a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/node.js +++ b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/node.js @@ -60,7 +60,9 @@ export function logstashNodeRoute(server) { } else { metricSet = metricSetOverview; // set the cgroup option if needed - const showCgroupMetricsLogstash = config.get('monitoring.ui.container.logstash.enabled'); + const showCgroupMetricsLogstash = config.get( + 'xpack.monitoring.ui.container.logstash.enabled' + ); const metricCpu = metricSet.find(m => m.name === 'logstash_node_cpu_metric'); if (showCgroupMetricsLogstash) { metricCpu.keys = ['logstash_node_cgroup_quota_as_cpu_utilization']; diff --git a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/cluster_pipeline_ids.js b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/cluster_pipeline_ids.js index 93330880babcc..c5fd76487cca1 100644 --- a/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/cluster_pipeline_ids.js +++ b/x-pack/legacy/plugins/monitoring/server/routes/api/v1/logstash/pipelines/cluster_pipeline_ids.js @@ -36,7 +36,7 @@ export function logstashClusterPipelineIdsRoute(server) { const { ccs } = req.payload; const clusterUuid = req.params.clusterUuid; const lsIndexPattern = prefixIndexPattern(config, INDEX_PATTERN_LOGSTASH, ccs); - const size = config.get('monitoring.ui.max_bucket_size'); + const size = config.get('xpack.monitoring.max_bucket_size'); try { const pipelines = await getLogstashPipelineIds(req, lsIndexPattern, { clusterUuid }, size); diff --git a/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_cluster_uuids.ts b/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_cluster_uuids.ts index 4738ab5b8af83..fc85cbe442ddf 100644 --- a/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_cluster_uuids.ts +++ b/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_cluster_uuids.ts @@ -40,7 +40,7 @@ export function fetchClusterUuids({ server, callCluster, start, end }: StatsColl cluster_uuids: { terms: { field: 'cluster_uuid', - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), }, }, }, diff --git a/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_es_stats.js b/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_es_stats.js index 52d34258b5fa4..8e5a59361e52f 100644 --- a/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_es_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_es_stats.js @@ -31,7 +31,7 @@ export function fetchElasticsearchStats(server, callCluster, clusterUuids) { const config = server.config(); const params = { index: INDEX_PATTERN_ELASTICSEARCH, - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), ignoreUnavailable: true, filterPath: [ 'hits.hits._source.cluster_uuid', diff --git a/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_high_level_stats.js b/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_high_level_stats.js index b87f632308e4d..2632a8f6e041d 100644 --- a/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_high_level_stats.js +++ b/x-pack/legacy/plugins/monitoring/server/telemetry_collection/get_high_level_stats.js @@ -217,7 +217,7 @@ export async function fetchHighLevelStats(server, callCluster, clusterUuids, sta const params = { index: getIndexPatternForStackProduct(product), - size: config.get('monitoring.ui.max_bucket_size'), + size: config.get('xpack.monitoring.max_bucket_size'), headers: { 'X-QUERY-SOURCE': TELEMETRY_QUERY_SOURCE, }, diff --git a/x-pack/legacy/plugins/monitoring/ui_exports.js b/x-pack/legacy/plugins/monitoring/ui_exports.js index 9251deb673bd1..2b5ea21a2bb45 100644 --- a/x-pack/legacy/plugins/monitoring/ui_exports.js +++ b/x-pack/legacy/plugins/monitoring/ui_exports.js @@ -32,7 +32,7 @@ export const getUiExports = () => ({ injectDefaultVars(server) { const config = server.config(); return { - monitoringUiEnabled: config.get('monitoring.ui.enabled'), + monitoringUiEnabled: config.get('xpack.monitoring.ui.enabled'), }; }, hacks: ['plugins/monitoring/hacks/toggle_app_link_in_nav'], From 265c079a8a41fa99eb84ba58a703ff2d6916a7ae Mon Sep 17 00:00:00 2001 From: Tim Sullivan Date: Tue, 28 Jan 2020 12:30:55 -0700 Subject: [PATCH 17/40] [Reporting] Document the 8.0 breaking changes (#56187) --- docs/migration/migrate_8_0.asciidoc | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/docs/migration/migrate_8_0.asciidoc b/docs/migration/migrate_8_0.asciidoc index a36a93ce31825..df4d8a0b65ee7 100644 --- a/docs/migration/migrate_8_0.asciidoc +++ b/docs/migration/migrate_8_0.asciidoc @@ -80,4 +80,15 @@ specified explicitly. *Impact:* Any workflow that involved manually clearing generated bundles will have to be updated with the new path. + +[float] +[[breaking_80_reporting_changes]] +=== Reporting changes + +[float] +==== Legacy job parameters are no longer supported +*Details:* POST URL snippets that were copied in Kibana 6.2 or below are no longer supported. These logs have +been deprecated with warnings that have been logged throughout 7.x. Please use Kibana UI to re-generate the +POST URL snippets if you depend on these for automated PDF reports. + // end::notable-breaking-changes[] From ff37dd1c25ed16ba3abd904cc0d3aa4d6dabca4a Mon Sep 17 00:00:00 2001 From: Tyler Smalley Date: Tue, 28 Jan 2020 11:55:08 -0800 Subject: [PATCH 18/40] Sort server-side in SavedObject export (#55128) Signed-off-by: Tyler Smalley --- .../get_sorted_objects_for_export.test.ts | 79 +++++++++++++++++-- .../export/get_sorted_objects_for_export.ts | 19 +++-- 2 files changed, 85 insertions(+), 13 deletions(-) diff --git a/src/core/server/saved_objects/export/get_sorted_objects_for_export.test.ts b/src/core/server/saved_objects/export/get_sorted_objects_for_export.test.ts index 9a3449b65a941..fafa04447ddfe 100644 --- a/src/core/server/saved_objects/export/get_sorted_objects_for_export.test.ts +++ b/src/core/server/saved_objects/export/get_sorted_objects_for_export.test.ts @@ -108,8 +108,6 @@ describe('getSortedObjectsForExport()', () => { "namespace": undefined, "perPage": 500, "search": undefined, - "sortField": "_id", - "sortOrder": "asc", "type": Array [ "index-pattern", "search", @@ -256,8 +254,6 @@ describe('getSortedObjectsForExport()', () => { "namespace": undefined, "perPage": 500, "search": "foo", - "sortField": "_id", - "sortOrder": "asc", "type": Array [ "index-pattern", "search", @@ -345,8 +341,6 @@ describe('getSortedObjectsForExport()', () => { "namespace": "foo", "perPage": 500, "search": undefined, - "sortField": "_id", - "sortOrder": "asc", "type": Array [ "index-pattern", "search", @@ -399,6 +393,79 @@ describe('getSortedObjectsForExport()', () => { ).rejects.toThrowErrorMatchingInlineSnapshot(`"Can't export more than 1 objects"`); }); + test('sorts objects within type', async () => { + savedObjectsClient.find.mockResolvedValueOnce({ + total: 3, + per_page: 10000, + page: 1, + saved_objects: [ + { + id: '3', + type: 'index-pattern', + attributes: { + name: 'baz', + }, + references: [], + }, + { + id: '1', + type: 'index-pattern', + attributes: { + name: 'foo', + }, + references: [], + }, + { + id: '2', + type: 'index-pattern', + attributes: { + name: 'bar', + }, + references: [], + }, + ], + }); + const exportStream = await getSortedObjectsForExport({ + exportSizeLimit: 10000, + savedObjectsClient, + types: ['index-pattern'], + }); + const response = await readStreamToCompletion(exportStream); + expect(response).toMatchInlineSnapshot(` + Array [ + Object { + "attributes": Object { + "name": "foo", + }, + "id": "1", + "references": Array [], + "type": "index-pattern", + }, + Object { + "attributes": Object { + "name": "bar", + }, + "id": "2", + "references": Array [], + "type": "index-pattern", + }, + Object { + "attributes": Object { + "name": "baz", + }, + "id": "3", + "references": Array [], + "type": "index-pattern", + }, + Object { + "exportedCount": 3, + "missingRefCount": 0, + "missingReferences": Array [], + }, + ] + `); + }); + test('exports selected objects and sorts them', async () => { savedObjectsClient.bulkGet.mockResolvedValueOnce({ saved_objects: [ diff --git a/src/core/server/saved_objects/export/get_sorted_objects_for_export.ts b/src/core/server/saved_objects/export/get_sorted_objects_for_export.ts index e1a705a36db75..a4dfacfd9e34f 100644 --- a/src/core/server/saved_objects/export/get_sorted_objects_for_export.ts +++ b/src/core/server/saved_objects/export/get_sorted_objects_for_export.ts @@ -19,7 +19,7 @@ import Boom from 'boom'; import { createListStream } from '../../../../legacy/utils/streams'; -import { SavedObjectsClientContract } from '../types'; +import { SavedObjectsClientContract, SavedObject } from '../types'; import { fetchNestedDependencies } from './inject_nested_depdendencies'; import { sortObjects } from './sort_objects'; @@ -105,15 +105,17 @@ async function fetchObjectsToExport({ const findResponse = await savedObjectsClient.find({ type: types, search, - sortField: '_id', - sortOrder: 'asc', perPage: exportSizeLimit, namespace, }); if (findResponse.total > exportSizeLimit) { throw Boom.badRequest(`Can't export more than ${exportSizeLimit} objects`); } - return findResponse.saved_objects; + + // sorts server-side by _id, since it's only available in fielddata + return findResponse.saved_objects.sort((a: SavedObject, b: SavedObject) => + a.id > b.id ? 1 : -1 + ); } else { throw Boom.badRequest('Either `type` or `objects` are required.'); } @@ -137,14 +139,17 @@ export async function getSortedObjectsForExport({ exportSizeLimit, namespace, }); - let exportedObjects = [...rootObjects]; + let exportedObjects = []; let missingReferences: SavedObjectsExportResultDetails['missingReferences'] = []; + if (includeReferencesDeep) { const fetchResult = await fetchNestedDependencies(rootObjects, savedObjectsClient, namespace); - exportedObjects = fetchResult.objects; + exportedObjects = sortObjects(fetchResult.objects); missingReferences = fetchResult.missingRefs; + } else { + exportedObjects = sortObjects(rootObjects); } - exportedObjects = sortObjects(exportedObjects); + const exportDetails: SavedObjectsExportResultDetails = { exportedCount: exportedObjects.length, missingRefCount: missingReferences.length, From 8360faf7bd960b246141a6f6e9b6f8d2afe2e3fc Mon Sep 17 00:00:00 2001 From: "Devin W. Hurley" Date: Tue, 28 Jan 2020 14:56:31 -0500 Subject: [PATCH 19/40] [SIEM] [Detection Engine] Timestamps for rules (#56197) * utilize createdAt and updatedAt from the alerting saved object * revert accidental change to test rule * updatedAt is not a part of savedObject attributes passed back from alerting, it's at the top level --- .../routes/__mocks__/request_responses.ts | 2 -- .../routes/rules/create_rules_bulk_route.ts | 4 ---- .../routes/rules/create_rules_route.ts | 4 ---- .../routes/rules/import_rules_route.ts | 2 -- .../lib/detection_engine/routes/rules/utils.ts | 4 ++-- .../lib/detection_engine/rules/create_rules.ts | 2 -- .../rules/install_prepacked_rules.ts | 2 -- .../lib/detection_engine/rules/update_rules.ts | 1 - .../signals/__mocks__/es_results.ts | 2 -- .../signals/build_bulk_body.test.ts | 8 ++++++++ .../signals/build_bulk_body.ts | 6 ++++++ .../signals/build_rule.test.ts | 6 ++++++ .../lib/detection_engine/signals/build_rule.ts | 8 ++++++-- .../signals/search_after_bulk_create.test.ts | 16 ++++++++++++++++ .../signals/search_after_bulk_create.ts | 8 ++++++++ .../signals/signal_rule_alert_type.ts | 6 ++++-- .../signals/single_bulk_create.test.ts | 10 ++++++++++ .../signals/single_bulk_create.ts | 18 +++++++++++++++++- .../siem/server/lib/detection_engine/types.ts | 8 ++------ 19 files changed, 85 insertions(+), 32 deletions(-) diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_responses.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_responses.ts index d950d89eb22a6..eea25a1e89cc8 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_responses.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_responses.ts @@ -269,8 +269,6 @@ export const getResult = (): RuleAlertType => ({ alertTypeId: 'siem.signals', consumer: 'siem', params: { - createdAt: '2019-12-13T16:40:33.400Z', - updatedAt: '2019-12-13T16:40:33.400Z', description: 'Detecting root and admin users', ruleId: 'rule-1', index: ['auditbeat-*', 'filebeat-*', 'packetbeat-*', 'winlogbeat-*'], diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts index 68375043070f8..0ffa61e2e2bed 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts @@ -51,7 +51,6 @@ export const createCreateRulesBulkRoute = (server: ServerFacade): Hapi.ServerRou const rules = await Promise.all( request.payload.map(async payloadRule => { const { - created_at: createdAt, description, enabled, false_positives: falsePositives, @@ -73,7 +72,6 @@ export const createCreateRulesBulkRoute = (server: ServerFacade): Hapi.ServerRou threat, to, type, - updated_at: updatedAt, references, timeline_id: timelineId, timeline_title: timelineTitle, @@ -104,7 +102,6 @@ export const createCreateRulesBulkRoute = (server: ServerFacade): Hapi.ServerRou const createdRule = await createRules({ alertsClient, actionsClient, - createdAt, description, enabled, falsePositives, @@ -129,7 +126,6 @@ export const createCreateRulesBulkRoute = (server: ServerFacade): Hapi.ServerRou to, type, threat, - updatedAt, references, version, }); diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.ts index c631ed8f784ab..ec1df238f9483 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.ts @@ -35,7 +35,6 @@ export const createCreateRulesRoute = (server: ServerFacade): Hapi.ServerRoute = }, async handler(request: RulesRequest, headers) { const { - created_at: createdAt, description, enabled, false_positives: falsePositives, @@ -59,7 +58,6 @@ export const createCreateRulesRoute = (server: ServerFacade): Hapi.ServerRoute = threat, to, type, - updated_at: updatedAt, references, } = request.payload; const alertsClient = isFunction(request.getAlertsClient) ? request.getAlertsClient() : null; @@ -91,7 +89,6 @@ export const createCreateRulesRoute = (server: ServerFacade): Hapi.ServerRoute = const createdRule = await createRules({ alertsClient, actionsClient, - createdAt, description, enabled, falsePositives, @@ -116,7 +113,6 @@ export const createCreateRulesRoute = (server: ServerFacade): Hapi.ServerRoute = to, type, threat, - updatedAt, references, version: 1, }); diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.ts index 88a31c36a87fc..71fdef3623bc7 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.ts @@ -130,7 +130,6 @@ export const createImportRulesRoute = (server: ServerFacade): Hapi.ServerRoute = const createdRule = await createRules({ alertsClient, actionsClient, - createdAt: new Date().toISOString(), description, enabled, falsePositives, @@ -155,7 +154,6 @@ export const createImportRulesRoute = (server: ServerFacade): Hapi.ServerRoute = to, type, threat, - updatedAt: new Date().toISOString(), references, version, }); diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/utils.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/utils.ts index 663ddf3a835a6..b45db53c13d88 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/utils.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/utils.ts @@ -81,8 +81,8 @@ export const transformAlertToRule = ( ruleStatus?: SavedObject ): Partial => { return pickBy((value: unknown) => value != null, { - created_at: alert.params.createdAt, - updated_at: alert.params.updatedAt, + created_at: alert.createdAt.toISOString(), + updated_at: alert.updatedAt.toISOString(), created_by: alert.createdBy, description: alert.params.description, enabled: alert.enabled, diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules.ts index 30e8c4dbf9d88..82fe16882882e 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules.ts @@ -45,7 +45,6 @@ export const createRules = ({ alertTypeId: SIGNALS_ID, consumer: APP_ID, params: { - createdAt: new Date().toISOString(), description, ruleId, index, @@ -66,7 +65,6 @@ export const createRules = ({ threat, to, type, - updatedAt: new Date().toISOString(), references, version, }, diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/install_prepacked_rules.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/install_prepacked_rules.ts index 7e8ed62baf1cf..07e8c6940e747 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/install_prepacked_rules.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/install_prepacked_rules.ts @@ -75,8 +75,6 @@ export const installPrepackagedRules = ( threat, references, version, - createdAt: new Date().toISOString(), - updatedAt: new Date().toISOString(), }), ]; }, []); diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.ts index 8234b931ad89a..304cd1962afed 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.ts @@ -164,7 +164,6 @@ export const updateRules = async ({ threat, to, type, - updatedAt: new Date().toISOString(), references, version: calculatedVersion, } diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/__mocks__/es_results.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/__mocks__/es_results.ts index 6507e6ca73ede..fded0696ff8bf 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/__mocks__/es_results.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/__mocks__/es_results.ts @@ -35,8 +35,6 @@ export const sampleRuleAlertParams = ( meta: undefined, threat: undefined, version: 1, - updatedAt: '2019-12-17T15:04:25.343Z', - createdAt: '2019-12-17T15:04:37.105Z', }); export const sampleDocNoSortId = (someUuid: string = sampleIdGuid): SignalSourceHit => ({ diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.test.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.test.ts index de11bf6fcc3c1..b71a7080f4147 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.test.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.test.ts @@ -25,6 +25,8 @@ describe('buildBulkBody', () => { ruleParams: sampleParams, id: sampleRuleGuid, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -103,6 +105,8 @@ describe('buildBulkBody', () => { ruleParams: sampleParams, id: sampleRuleGuid, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -189,6 +193,8 @@ describe('buildBulkBody', () => { ruleParams: sampleParams, id: sampleRuleGuid, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -272,6 +278,8 @@ describe('buildBulkBody', () => { ruleParams: sampleParams, id: sampleRuleGuid, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.ts index 6d9f442515b2a..e77755073b374 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.ts @@ -15,7 +15,9 @@ interface BuildBulkBodyParams { ruleParams: RuleTypeParams; id: string; name: string; + createdAt: string; createdBy: string; + updatedAt: string; updatedBy: string; interval: string; enabled: boolean; @@ -28,7 +30,9 @@ export const buildBulkBody = ({ ruleParams, id, name, + createdAt, createdBy, + updatedAt, updatedBy, interval, enabled, @@ -39,7 +43,9 @@ export const buildBulkBody = ({ id, name, enabled, + createdAt, createdBy, + updatedAt, updatedBy, interval, tags, diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_rule.test.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_rule.test.ts index 451e493f3ed8a..af0883f4ce6b5 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_rule.test.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_rule.test.ts @@ -31,6 +31,8 @@ describe('buildRule', () => { name: 'some-name', id: sampleRuleGuid, enabled: false, + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: 'some interval', @@ -85,6 +87,8 @@ describe('buildRule', () => { name: 'some-name', id: sampleRuleGuid, enabled: true, + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: 'some interval', @@ -128,6 +132,8 @@ describe('buildRule', () => { name: 'some-name', id: sampleRuleGuid, enabled: true, + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: 'some interval', diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_rule.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_rule.ts index ba1b2f695156b..70465bf1d9201 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_rule.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_rule.ts @@ -12,7 +12,9 @@ interface BuildRuleParams { name: string; id: string; enabled: boolean; + createdAt: string; createdBy: string; + updatedAt: string; updatedBy: string; interval: string; tags: string[]; @@ -23,7 +25,9 @@ export const buildRule = ({ name, id, enabled, + createdAt, createdBy, + updatedAt, updatedBy, interval, tags, @@ -58,7 +62,7 @@ export const buildRule = ({ updated_by: updatedBy, threat: ruleParams.threat, version: ruleParams.version, - created_at: ruleParams.createdAt, - updated_at: ruleParams.updatedAt, + created_at: createdAt, + updated_at: updatedAt, }); }; diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.test.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.test.ts index 0644d5e467a5a..bf7a97a29aef3 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.test.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.test.ts @@ -40,6 +40,8 @@ describe('searchAfterAndBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -93,6 +95,8 @@ describe('searchAfterAndBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -117,6 +121,8 @@ describe('searchAfterAndBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -148,6 +154,8 @@ describe('searchAfterAndBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -179,6 +187,8 @@ describe('searchAfterAndBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -212,6 +222,8 @@ describe('searchAfterAndBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -245,6 +257,8 @@ describe('searchAfterAndBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -280,6 +294,8 @@ describe('searchAfterAndBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.ts index fb314e62ba943..8c8cef5dd3669 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.ts @@ -19,8 +19,10 @@ interface SearchAfterAndBulkCreateParams { id: string; signalsIndex: string; name: string; + createdAt: string; createdBy: string; updatedBy: string; + updatedAt: string; interval: string; enabled: boolean; pageSize: number; @@ -38,8 +40,10 @@ export const searchAfterAndBulkCreate = async ({ signalsIndex, filter, name, + createdAt, createdBy, updatedBy, + updatedAt, interval, enabled, pageSize, @@ -58,7 +62,9 @@ export const searchAfterAndBulkCreate = async ({ id, signalsIndex, name, + createdAt, createdBy, + updatedAt, updatedBy, interval, enabled, @@ -118,7 +124,9 @@ export const searchAfterAndBulkCreate = async ({ id, signalsIndex, name, + createdAt, createdBy, + updatedAt, updatedBy, interval, enabled, diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.ts index 370ed65280849..cd28f348a27c3 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.ts @@ -35,7 +35,6 @@ export const signalRulesAlertType = ({ actionGroups: ['default'], validate: { params: schema.object({ - createdAt: schema.string(), description: schema.string(), falsePositives: schema.arrayOf(schema.string(), { defaultValue: [] }), from: schema.string(), @@ -56,7 +55,6 @@ export const signalRulesAlertType = ({ threat: schema.nullable(schema.arrayOf(schema.object({}, { allowUnknowns: true }))), to: schema.string(), type: schema.string(), - updatedAt: schema.string(), references: schema.arrayOf(schema.string(), { defaultValue: [] }), version: schema.number({ defaultValue: 1 }), }), @@ -121,7 +119,9 @@ export const signalRulesAlertType = ({ const tags: string[] = savedObject.attributes.tags; const createdBy: string = savedObject.attributes.createdBy; + const createdAt: string = savedObject.attributes.createdAt; const updatedBy: string = savedObject.attributes.updatedBy; + const updatedAt: string = savedObject.updated_at ?? ''; const interval: string = savedObject.attributes.schedule.interval; const enabled: boolean = savedObject.attributes.enabled; const gap = getGapBetweenRuns({ @@ -210,7 +210,9 @@ export const signalRulesAlertType = ({ filter: esFilter, name, createdBy, + createdAt, updatedBy, + updatedAt, interval, enabled, pageSize: searchAfterSize, diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.test.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.test.ts index d5f11c91a2b7c..09e2c6b4fd586 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.test.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.test.ts @@ -152,6 +152,8 @@ describe('singleBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -180,6 +182,8 @@ describe('singleBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -200,6 +204,8 @@ describe('singleBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -221,6 +227,8 @@ describe('singleBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', @@ -244,6 +252,8 @@ describe('singleBulkCreate', () => { id: sampleRuleGuid, signalsIndex: DEFAULT_SIGNALS_INDEX, name: 'rule-name', + createdAt: '2020-01-28T15:58:34.810Z', + updatedAt: '2020-01-28T15:59:14.004Z', createdBy: 'elastic', updatedBy: 'elastic', interval: '5m', diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.ts index cb5de4c974927..adc7919a09758 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.ts @@ -21,7 +21,9 @@ interface SingleBulkCreateParams { id: string; signalsIndex: string; name: string; + createdAt: string; createdBy: string; + updatedAt: string; updatedBy: string; interval: string; enabled: boolean; @@ -59,7 +61,9 @@ export const singleBulkCreate = async ({ id, signalsIndex, name, + createdAt, createdBy, + updatedAt, updatedBy, interval, enabled, @@ -91,7 +95,19 @@ export const singleBulkCreate = async ({ ), }, }, - buildBulkBody({ doc, ruleParams, id, name, createdBy, updatedBy, interval, enabled, tags }), + buildBulkBody({ + doc, + ruleParams, + id, + name, + createdAt, + createdBy, + updatedAt, + updatedBy, + interval, + enabled, + tags, + }), ]); const start = performance.now(); const response: BulkResponse = await services.callCluster('bulk', { diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/types.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/types.ts index d1c9845dbbcfc..e1069db98c8fc 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/types.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/types.ts @@ -22,7 +22,6 @@ export interface ThreatParams { } export interface RuleAlertParams { - createdAt: string; description: string; enabled: boolean; falsePositives: string[]; @@ -49,7 +48,6 @@ export interface RuleAlertParams { threat: ThreatParams[] | undefined | null; type: 'query' | 'saved_query'; version: number; - updatedAt: string; } export type RuleTypeParams = Omit; @@ -65,8 +63,6 @@ export type RuleAlertParamsRest = Omit< | 'timelineId' | 'timelineTitle' | 'outputIndex' - | 'updatedAt' - | 'createdAt' > & Omit< IRuleStatusAttributes, @@ -86,8 +82,8 @@ export type RuleAlertParamsRest = Omit< max_signals: RuleAlertParams['maxSignals']; risk_score: RuleAlertParams['riskScore']; output_index: RuleAlertParams['outputIndex']; - created_at: RuleAlertParams['createdAt']; - updated_at: RuleAlertParams['updatedAt']; + created_at: string; + updated_at: string; status?: IRuleStatusAttributes['status'] | undefined; status_date?: IRuleStatusAttributes['statusDate'] | undefined; last_failure_at?: IRuleStatusAttributes['lastFailureAt'] | undefined; From b8c81019a1d861fe3cd59777da2623df478a1f15 Mon Sep 17 00:00:00 2001 From: Brian Seeders Date: Tue, 28 Jan 2020 15:13:07 -0500 Subject: [PATCH 20/40] Skip tests that depend on other skipped test --- .../visualize/feature_controls/visualize_security.ts | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/x-pack/test/functional/apps/visualize/feature_controls/visualize_security.ts b/x-pack/test/functional/apps/visualize/feature_controls/visualize_security.ts index 5f8b3f38436f6..bdcdc4b7cd3ec 100644 --- a/x-pack/test/functional/apps/visualize/feature_controls/visualize_security.ts +++ b/x-pack/test/functional/apps/visualize/feature_controls/visualize_security.ts @@ -124,7 +124,8 @@ export default function({ getPageObjects, getService }: FtrProviderContext) { await savedQueryManagementComponent.closeSavedQueryManagementComponent(); }); - it('allow saving a currently loaded saved query as a new query via the saved query management component ', async () => { + // Depends on skipped test above + it.skip('allow saving a currently loaded saved query as a new query via the saved query management component ', async () => { await savedQueryManagementComponent.saveCurrentlyLoadedAsNewQuery( 'foo2', 'bar2', @@ -135,7 +136,8 @@ export default function({ getPageObjects, getService }: FtrProviderContext) { await savedQueryManagementComponent.closeSavedQueryManagementComponent(); }); - it('allow saving changes to a currently loaded query via the saved query management component', async () => { + // Depends on skipped test above + it.skip('allow saving changes to a currently loaded query via the saved query management component', async () => { await savedQueryManagementComponent.loadSavedQuery('foo2'); await queryBar.setQuery('response:404'); await savedQueryManagementComponent.updateCurrentlyLoadedQuery('bar2', false, false); @@ -145,7 +147,8 @@ export default function({ getPageObjects, getService }: FtrProviderContext) { expect(queryString).to.eql('response:404'); }); - it('allows deleting saved queries in the saved query management component ', async () => { + // Depends on skipped test above + it.skip('allows deleting saved queries in the saved query management component ', async () => { await savedQueryManagementComponent.deleteSavedQuery('foo2'); await savedQueryManagementComponent.savedQueryMissingOrFail('foo2'); }); From 597e7ea64b75b0a77b9968aa4fde0c8be0075546 Mon Sep 17 00:00:00 2001 From: Brandon Kobel Date: Tue, 28 Jan 2020 12:59:13 -0800 Subject: [PATCH 21/40] Consistent timeouts for the Space onPostAuth interceptor tests (#56158) * Consistent timeouts for the Space onPostAuth interceptor tests * Run 100 times * Revert "Run 100 times" This reverts commit 6054ac462e68643e453585e60b22d476d671f4a9. --- .../on_post_auth_interceptor.test.ts | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/x-pack/plugins/spaces/server/lib/request_interceptors/on_post_auth_interceptor.test.ts b/x-pack/plugins/spaces/server/lib/request_interceptors/on_post_auth_interceptor.test.ts index c1f557f164ad6..776275715921b 100644 --- a/x-pack/plugins/spaces/server/lib/request_interceptors/on_post_auth_interceptor.test.ts +++ b/x-pack/plugins/spaces/server/lib/request_interceptors/on_post_auth_interceptor.test.ts @@ -32,6 +32,7 @@ import { securityMock } from '../../../../security/server/mocks'; describe('onPostAuthInterceptor', () => { let root: ReturnType; + jest.setTimeout(30000); const headers = { authorization: `Basic ${Buffer.from( @@ -41,7 +42,7 @@ describe('onPostAuthInterceptor', () => { beforeEach(async () => { root = kbnTestServer.createRoot(); - }, 30000); + }); afterEach(async () => await root.shutdown()); @@ -241,7 +242,7 @@ describe('onPostAuthInterceptor', () => { expect(response.status).toEqual(302); expect(response.header.location).toEqual(`/spaces/space_selector`); - }, 30000); + }); it('when accessing the kibana app it always allows the request to continue', async () => { const spaces = [ @@ -258,7 +259,7 @@ describe('onPostAuthInterceptor', () => { const { response } = await request('/s/a-space/app/kibana', spaces); expect(response.status).toEqual(200); - }, 30000); + }); it('allows the request to continue when accessing an API endpoint within a non-existent space', async () => { const spaces = [ @@ -274,7 +275,7 @@ describe('onPostAuthInterceptor', () => { const { response } = await request('/s/not-found/api/test/foo', spaces); expect(response.status).toEqual(200); - }, 30000); + }); }); describe('requests handled completely in the new platform', () => { @@ -293,7 +294,7 @@ describe('onPostAuthInterceptor', () => { expect(response.status).toEqual(302); expect(response.header.location).toEqual(`/spaces/space_selector`); - }, 30000); + }); it('allows the request to continue when accessing an API endpoint within a non-existent space', async () => { const spaces = [ @@ -309,7 +310,7 @@ describe('onPostAuthInterceptor', () => { const { response } = await request('/s/not-found/api/np_test/foo', spaces); expect(response.status).toEqual(200); - }, 30000); + }); }); it('handles space retrieval errors gracefully when requesting the root, responding with headers returned from ES', async () => { @@ -421,7 +422,7 @@ describe('onPostAuthInterceptor', () => { }), }) ); - }, 30000); + }); it('redirects to the "enter space" endpoint when accessing the root of a non-default space', async () => { const spaces = [ @@ -454,7 +455,7 @@ describe('onPostAuthInterceptor', () => { }), }) ); - }, 30000); + }); describe('with a single available space', () => { it('it redirects to the "enter space" endpoint within the context of the single Space when navigating to Kibana root', async () => { From 57f5d77a408d2ed613353ef08ec4b40bd7cde31a Mon Sep 17 00:00:00 2001 From: Frank Hassanabad Date: Tue, 28 Jan 2020 15:07:24 -0700 Subject: [PATCH 22/40] [SIEM][Detection Engine] critical blocker with the UI crashing ## Summary If you have filters which do not have a $app and state it blows up which isn't what we want to happen. This adds a function which default adds it on the UI if it does not exist Screen Shot 2020-01-28 at 10 07 39 AM Test: Post query with everything ```ts ./post_rule.sh ./rules/queries/query_with_everything.json ``` Then visit in the details section of the UI and it should no longer blow up. ### Checklist Use ~~strikethroughs~~ to remove checklist items you don't feel are applicable to this PR. ~~- [ ] This was checked for cross-browser compatibility, [including a check against IE11](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility)~~ ~~- [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)~~ ~~- [ ] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials~~ - [x] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios ~~- [ ] This was checked for [keyboard-only and screenreader accessibility](https://developer.mozilla.org/en-US/docs/Learn/Tools_and_testing/Cross_browser_testing/Accessibility#Accessibility_testing_checklist)~~ ### For maintainers ~~- [ ] This was checked for breaking API changes and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~~ - [x] This includes a feature addition or change that requires a release note and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process) --- .../description_step/index.test.tsx | 185 ++++++++++++++++++ .../components/description_step/index.tsx | 12 +- 2 files changed, 196 insertions(+), 1 deletion(-) create mode 100644 x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.test.tsx diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.test.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.test.tsx new file mode 100644 index 0000000000000..fab689f7d821f --- /dev/null +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.test.tsx @@ -0,0 +1,185 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { addFilterStateIfNotThere } from './'; + +import { esFilters } from '../../../../../../../../../../src/plugins/data/public'; + +describe('description_step', () => { + describe('addFilterStateIfNotThere', () => { + test('it does not change the state if it is global', () => { + const filters: esFilters.Filter[] = [ + { + $state: { + store: esFilters.FilterStateStore.GLOBAL_STATE, + }, + meta: { + alias: null, + disabled: false, + key: 'event.category', + negate: false, + params: { + query: 'file', + }, + type: 'phrase', + }, + query: { + match_phrase: { + 'event.category': 'file', + }, + }, + }, + { + $state: { + store: esFilters.FilterStateStore.GLOBAL_STATE, + }, + meta: { + alias: null, + disabled: false, + key: 'event.category', + negate: false, + params: { + query: 'file', + }, + type: 'phrase', + }, + query: { + match_phrase: { + 'event.category': 'file', + }, + }, + }, + ]; + const output = addFilterStateIfNotThere(filters); + const expected: esFilters.Filter[] = [ + { + $state: { + store: esFilters.FilterStateStore.GLOBAL_STATE, + }, + meta: { + alias: null, + disabled: false, + key: 'event.category', + negate: false, + params: { + query: 'file', + }, + type: 'phrase', + }, + query: { + match_phrase: { + 'event.category': 'file', + }, + }, + }, + { + $state: { + store: esFilters.FilterStateStore.GLOBAL_STATE, + }, + meta: { + alias: null, + disabled: false, + key: 'event.category', + negate: false, + params: { + query: 'file', + }, + type: 'phrase', + }, + query: { + match_phrase: { + 'event.category': 'file', + }, + }, + }, + ]; + expect(output).toEqual(expected); + }); + + test('it adds the state if it does not exist as local', () => { + const filters: esFilters.Filter[] = [ + { + meta: { + alias: null, + disabled: false, + key: 'event.category', + negate: false, + params: { + query: 'file', + }, + type: 'phrase', + }, + query: { + match_phrase: { + 'event.category': 'file', + }, + }, + }, + { + meta: { + alias: null, + disabled: false, + key: 'event.category', + negate: false, + params: { + query: 'file', + }, + type: 'phrase', + }, + query: { + match_phrase: { + 'event.category': 'file', + }, + }, + }, + ]; + const output = addFilterStateIfNotThere(filters); + const expected: esFilters.Filter[] = [ + { + $state: { + store: esFilters.FilterStateStore.APP_STATE, + }, + meta: { + alias: null, + disabled: false, + key: 'event.category', + negate: false, + params: { + query: 'file', + }, + type: 'phrase', + }, + query: { + match_phrase: { + 'event.category': 'file', + }, + }, + }, + { + $state: { + store: esFilters.FilterStateStore.APP_STATE, + }, + meta: { + alias: null, + disabled: false, + key: 'event.category', + negate: false, + params: { + query: 'file', + }, + type: 'phrase', + }, + query: { + match_phrase: { + 'event.category': 'file', + }, + }, + }, + ]; + expect(output).toEqual(expected); + }); + }); +}); diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.tsx index f1d2609cde8fe..96c98a67b7662 100644 --- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.tsx @@ -97,6 +97,16 @@ const buildListItems = ( [] ); +export const addFilterStateIfNotThere = (filters: esFilters.Filter[]): esFilters.Filter[] => { + return filters.map(filter => { + if (filter.$state == null) { + return { $state: { store: esFilters.FilterStateStore.APP_STATE }, ...filter }; + } else { + return filter; + } + }); +}; + const getDescriptionItem = ( field: string, label: string, @@ -105,7 +115,7 @@ const getDescriptionItem = ( indexPatterns?: IIndexPattern ): ListItems[] => { if (field === 'queryBar') { - const filters = get('queryBar.filters', value) as esFilters.Filter[]; + const filters = addFilterStateIfNotThere(get('queryBar.filters', value)); const query = get('queryBar.query', value) as Query; const savedId = get('queryBar.saved_id', value); return buildQueryBarDescription({ From 6826be2927abfa0b84455f258b1671a039ecf1e4 Mon Sep 17 00:00:00 2001 From: Tudor Golubenco Date: Tue, 28 Jan 2020 23:10:15 +0100 Subject: [PATCH 23/40] [SIEM] Put the notice for rules in comment block (#56123) * Put the notice for rules in comment block This comment block marked by `@notice` is picked up by automation and included in the Kibana NOTICE.txt that we ship with the tar.gz. Follow up for #56090. --- NOTICE.txt | 34 ++++++++++++++++++ .../rules/prepackaged_rules/NOTICE.txt | 20 ----------- .../rules/prepackaged_rules/notice.ts | 36 +++++++++++++++++++ 3 files changed, 70 insertions(+), 20 deletions(-) delete mode 100644 x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/NOTICE.txt create mode 100644 x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/notice.ts diff --git a/NOTICE.txt b/NOTICE.txt index 955c3127fa955..e0c5d94eff6b3 100644 --- a/NOTICE.txt +++ b/NOTICE.txt @@ -153,6 +153,40 @@ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +--- +This product bundles rules based on https://github.com/BlueTeamLabs/sentinel-attack +which is available under a "MIT" license. The files based on this license are: + +- windows_defense_evasion_via_filter_manager.json +- windows_process_discovery_via_tasklist_command.json +- windows_priv_escalation_via_accessibility_features.json +- windows_persistence_via_application_shimming.json +- windows_execution_via_trusted_developer_utilities.json +- windows_execution_via_net_com_assemblies.json +- windows_execution_via_connection_manager.json + +MIT License + +Copyright (c) 2019 Edoardo Gerosa, Olaf Hartong + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +of the Software, and to permit persons to whom the Software is furnished to do +so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + --- This product includes code that is adapted from mapbox-gl-js, which is available under a "BSD-3-Clause" license. diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/NOTICE.txt b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/NOTICE.txt deleted file mode 100644 index cd5f1cc6f886c..0000000000000 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/NOTICE.txt +++ /dev/null @@ -1,20 +0,0 @@ -This product bundles rules based on https://github.com/BlueTeamLabs/sentinel-attack -which is available under a "MIT" license. The files based on this license are: - -- windows_defense_evasion_via_filter_manager.json -- windows_process_discovery_via_tasklist_command.json -- windows_priv_escalation_via_accessibility_features.json -- windows_persistence_via_application_shimming.json -- windows_execution_via_trusted_developer_utilities.json -- windows_execution_via_net_com_assemblies.json -- windows_execution_via_connection_manager.json - -MIT License - -Copyright (c) 2019 Edoardo Gerosa, Olaf Hartong - -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/notice.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/notice.ts new file mode 100644 index 0000000000000..cd24d823b8cd6 --- /dev/null +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/notice.ts @@ -0,0 +1,36 @@ +/* eslint-disable @kbn/eslint/require-license-header */ + +/* @notice + * This product bundles rules based on https://github.com/BlueTeamLabs/sentinel-attack + * which is available under a "MIT" license. The files based on this license are: + * + * - windows_defense_evasion_via_filter_manager.json + * - windows_process_discovery_via_tasklist_command.json + * - windows_priv_escalation_via_accessibility_features.json + * - windows_persistence_via_application_shimming.json + * - windows_execution_via_trusted_developer_utilities.json + * - windows_execution_via_net_com_assemblies.json + * - windows_execution_via_connection_manager.json + * + * MIT License + * + * Copyright (c) 2019 Edoardo Gerosa, Olaf Hartong + * + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies + * of the Software, and to permit persons to whom the Software is furnished to do + * so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ From 76628cd3cdcab54e336c0db23ca183a5d0005b17 Mon Sep 17 00:00:00 2001 From: Chris Cowan Date: Tue, 28 Jan 2020 16:46:11 -0600 Subject: [PATCH 24/40] [Metrics UI] Fixing title truncation in Metrics Explorer (#55917) Co-authored-by: Elastic Machine --- .../infra/public/components/metrics_explorer/chart.tsx | 4 ++-- x-pack/legacy/plugins/infra/public/index.scss | 8 +++++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/x-pack/legacy/plugins/infra/public/components/metrics_explorer/chart.tsx b/x-pack/legacy/plugins/infra/public/components/metrics_explorer/chart.tsx index 6153ebce5e0da..f66ae867eef5a 100644 --- a/x-pack/legacy/plugins/infra/public/components/metrics_explorer/chart.tsx +++ b/x-pack/legacy/plugins/infra/public/components/metrics_explorer/chart.tsx @@ -86,7 +86,7 @@ export const MetricsExplorerChart = ({ - + {title} @@ -159,7 +159,7 @@ export const MetricsExplorerChart = ({ }; const ChartTitle = euiStyled.div` - width: 100% + width: 100%; overflow: hidden; text-overflow: ellipsis; white-space: nowrap; diff --git a/x-pack/legacy/plugins/infra/public/index.scss b/x-pack/legacy/plugins/infra/public/index.scss index 4cef6d6baa915..afee4ab8b0389 100644 --- a/x-pack/legacy/plugins/infra/public/index.scss +++ b/x-pack/legacy/plugins/infra/public/index.scss @@ -36,6 +36,12 @@ .infrastructureChart .echTooltip__label { overflow-x: hidden; - white-space: no-wrap; + white-space: nowrap; text-overflow: ellipsis; } + +.metricsExplorerTitleAnchor { + white-space: nowrap; + text-overflow: ellipsis; + display: inline; +} From fe037bb28e3347849cc6eff4a1c0fdfca831a181 Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Tue, 28 Jan 2020 17:47:42 -0500 Subject: [PATCH 25/40] [SIEM] Add link to endpoint app through reference.url (#56211) * add rule.reference * Fix Load more * Fix spacing * Fix loading on hist graph detections * add tooltip --- .../alerts_viewer/default_headers.ts | 1 + .../timeline/body/renderers/constants.tsx | 2 + .../body/renderers/formatted_field.tsx | 31 ++-- .../renderers/formatted_field_helpers.tsx | 155 ++++++++++++++++++ .../timeline/body/renderers/translations.ts | 7 + .../components/timeline/footer/index.test.tsx | 2 +- .../timeline/footer/translations.ts | 2 +- .../detection_engine/signals/use_query.tsx | 2 +- .../containers/timeline/index.gql_query.ts | 3 + .../siem/public/graphql/introspection.json | 27 +++ .../plugins/siem/public/graphql/types.ts | 18 +- .../components/signals/default_config.tsx | 16 +- .../detection_engine/rules/details/index.tsx | 12 +- .../public/utils/logo_endpoint/64_color.svg | 7 + .../siem/server/graphql/ecs/schema.gql.ts | 5 + .../plugins/siem/server/graphql/types.ts | 26 +++ .../siem/server/lib/ecs_fields/index.ts | 5 + 17 files changed, 287 insertions(+), 34 deletions(-) create mode 100644 x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/formatted_field_helpers.tsx create mode 100644 x-pack/legacy/plugins/siem/public/utils/logo_endpoint/64_color.svg diff --git a/x-pack/legacy/plugins/siem/public/components/alerts_viewer/default_headers.ts b/x-pack/legacy/plugins/siem/public/components/alerts_viewer/default_headers.ts index 936d43fff0b48..af9a5ab765571 100644 --- a/x-pack/legacy/plugins/siem/public/components/alerts_viewer/default_headers.ts +++ b/x-pack/legacy/plugins/siem/public/components/alerts_viewer/default_headers.ts @@ -19,6 +19,7 @@ export const alertsHeaders: ColumnHeader[] = [ columnHeaderType: defaultColumnHeaderType, id: 'event.module', width: DEFAULT_COLUMN_MIN_WIDTH, + linkField: 'rule.reference', }, { columnHeaderType: defaultColumnHeaderType, diff --git a/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/constants.tsx b/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/constants.tsx index 0330fb458e364..e8074c2f6f381 100644 --- a/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/constants.tsx +++ b/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/constants.tsx @@ -8,4 +8,6 @@ export const DATE_FIELD_TYPE = 'date'; export const HOST_NAME_FIELD_NAME = 'host.name'; export const IP_FIELD_TYPE = 'ip'; export const MESSAGE_FIELD_NAME = 'message'; +export const EVENT_MODULE_FIELD_NAME = 'event.module'; +export const RULE_REFERENCE_FIELD_NAME = 'rule.reference'; export const SIGNAL_RULE_NAME_FIELD_NAME = 'signal.rule.name'; diff --git a/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/formatted_field.tsx b/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/formatted_field.tsx index 010a328d2993d..0f650d6386194 100644 --- a/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/formatted_field.tsx +++ b/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/formatted_field.tsx @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ -import { EuiFlexGroup, EuiFlexItem, EuiToolTip, EuiLink } from '@elastic/eui'; +import { EuiFlexGroup, EuiFlexItem, EuiToolTip } from '@elastic/eui'; import { isNumber, isString, isEmpty } from 'lodash/fp'; import React from 'react'; @@ -15,7 +15,7 @@ import { getOrEmptyTagFromValue, getEmptyTagValue } from '../../../empty_value'; import { FormattedDate } from '../../../formatted_date'; import { FormattedIp } from '../../../formatted_ip'; import { HostDetailsLink } from '../../../links'; -import { getRuleDetailsUrl } from '../../../link_to/redirect_to_detection_engine'; + import { Port, PORT_NAMES } from '../../../port'; import { TruncatableText } from '../../../truncatable_text'; import { @@ -23,8 +23,11 @@ import { HOST_NAME_FIELD_NAME, IP_FIELD_TYPE, MESSAGE_FIELD_NAME, + EVENT_MODULE_FIELD_NAME, + RULE_REFERENCE_FIELD_NAME, SIGNAL_RULE_NAME_FIELD_NAME, } from './constants'; +import { renderRuleName, renderEventModule, renderRulReference } from './formatted_field_helpers'; // simple black-list to prevent dragging and dropping fields such as message name const columnNamesNotDraggable = [MESSAGE_FIELD_NAME]; @@ -88,6 +91,12 @@ const FormattedFieldValueComponent: React.FC<{ return ( ); + } else if (fieldName === SIGNAL_RULE_NAME_FIELD_NAME) { + return renderRuleName({ contextId, eventId, fieldName, linkValue, truncate, value }); + } else if (fieldName === EVENT_MODULE_FIELD_NAME) { + return renderEventModule({ contextId, eventId, fieldName, linkValue, truncate, value }); + } else if (fieldName === RULE_REFERENCE_FIELD_NAME) { + return renderRulReference({ contextId, eventId, fieldName, linkValue, truncate, value }); } else if (columnNamesNotDraggable.includes(fieldName)) { return truncate && !isEmpty(value) ? ( @@ -110,24 +119,6 @@ const FormattedFieldValueComponent: React.FC<{ ) : ( <>{value} ); - } else if (fieldName === SIGNAL_RULE_NAME_FIELD_NAME) { - const ruleName = `${value}`; - const ruleId = linkValue; - - return isString(value) && ruleName.length > 0 && ruleId != null ? ( - - - {value} - - - ) : ( - getEmptyTagValue() - ); } else { const contentValue = getOrEmptyTagFromValue(value); const content = truncate ? {contentValue} : contentValue; diff --git a/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/formatted_field_helpers.tsx b/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/formatted_field_helpers.tsx new file mode 100644 index 0000000000000..dc21cf03d0445 --- /dev/null +++ b/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/formatted_field_helpers.tsx @@ -0,0 +1,155 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { EuiLink, EuiFlexGroup, EuiFlexItem, EuiIcon, EuiToolTip } from '@elastic/eui'; +import { isString, isEmpty } from 'lodash/fp'; +import React from 'react'; + +import { DefaultDraggable } from '../../../draggables'; +import { getEmptyTagValue } from '../../../empty_value'; +import { getRuleDetailsUrl } from '../../../link_to/redirect_to_detection_engine'; +import { TruncatableText } from '../../../truncatable_text'; + +import { isUrlInvalid } from '../../../../pages/detection_engine/rules/components/step_about_rule/helpers'; +import endPointSvg from '../../../../utils/logo_endpoint/64_color.svg'; + +import * as i18n from './translations'; + +export const renderRuleName = ({ + contextId, + eventId, + fieldName, + linkValue, + truncate, + value, +}: { + contextId: string; + eventId: string; + fieldName: string; + linkValue: string | null | undefined; + truncate?: boolean; + value: string | number | null | undefined; +}) => { + const ruleName = `${value}`; + const ruleId = linkValue; + + const content = truncate ? {value} : value; + + return isString(value) && ruleName.length > 0 && ruleId != null ? ( + + {content} + + ) : ( + getEmptyTagValue() + ); +}; + +export const renderEventModule = ({ + contextId, + eventId, + fieldName, + linkValue, + truncate, + value, +}: { + contextId: string; + eventId: string; + fieldName: string; + linkValue: string | null | undefined; + truncate?: boolean; + value: string | number | null | undefined; +}) => { + const moduleName = `${value}`; + const endpointRefUrl = linkValue; + + const content = truncate ? {value} : value; + + return isString(value) && moduleName.length > 0 ? ( + + + + {content} + + + {endpointRefUrl != null && + !isEmpty(endpointRefUrl) && + !isUrlInvalid(endpointRefUrl) && + endpointRefUrl.includes('/alerts/') && ( + + +

{i18n.LINK_ELASTIC_ENDPOINT_SECURITY}

+

{endpointRefUrl}

+ + } + > + + + + + + )} + + ) : ( + getEmptyTagValue() + ); +}; + +export const renderRulReference = ({ + contextId, + eventId, + fieldName, + linkValue, + truncate, + value, +}: { + contextId: string; + eventId: string; + fieldName: string; + linkValue: string | null | undefined; + truncate?: boolean; + value: string | number | null | undefined; +}) => { + const referenceUrlName = `${value}`; + + const content = truncate ? {value} : value; + + return isString(value) && referenceUrlName.length > 0 ? ( + + {!isUrlInvalid(referenceUrlName) && ( + + {content} + + )} + {isUrlInvalid(referenceUrlName) && <>{content}} + + ) : ( + getEmptyTagValue() + ); +}; diff --git a/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/translations.ts b/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/translations.ts index 2c3c3efdb2993..5bdeccbd0f4ba 100644 --- a/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/translations.ts +++ b/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/translations.ts @@ -29,3 +29,10 @@ export const IN = i18n.translate('xpack.siem.auditd.inDescription', { export const NON_EXISTENT = i18n.translate('xpack.siem.auditd.nonExistentDescription', { defaultMessage: 'an unknown process', }); + +export const LINK_ELASTIC_ENDPOINT_SECURITY = i18n.translate( + 'xpack.siem.event.module.linkToElasticEndpointSecurityDescription', + { + defaultMessage: 'Open in Elastic Endpoint Security', + } +); diff --git a/x-pack/legacy/plugins/siem/public/components/timeline/footer/index.test.tsx b/x-pack/legacy/plugins/siem/public/components/timeline/footer/index.test.tsx index b6ca4fe125c69..cbad2d42cf8af 100644 --- a/x-pack/legacy/plugins/siem/public/components/timeline/footer/index.test.tsx +++ b/x-pack/legacy/plugins/siem/public/components/timeline/footer/index.test.tsx @@ -121,7 +121,7 @@ describe('Footer Timeline Component', () => { .find('[data-test-subj="TimelineMoreButton"]') .dive() .text(); - expect(loadButton).toContain('Load More'); + expect(loadButton).toContain('Load more'); }); test('it does NOT render the loadMore button because there is nothing else to fetch', () => { diff --git a/x-pack/legacy/plugins/siem/public/components/timeline/footer/translations.ts b/x-pack/legacy/plugins/siem/public/components/timeline/footer/translations.ts index 886866ce1b0c2..814311d4e14de 100644 --- a/x-pack/legacy/plugins/siem/public/components/timeline/footer/translations.ts +++ b/x-pack/legacy/plugins/siem/public/components/timeline/footer/translations.ts @@ -27,7 +27,7 @@ export const LOADING = i18n.translate('xpack.siem.footer.loadingLabel', { }); export const LOAD_MORE = i18n.translate('xpack.siem.footer.loadMoreLabel', { - defaultMessage: 'Load More', + defaultMessage: 'Load more', }); export const TOTAL_COUNT_OF_EVENTS = i18n.translate('xpack.siem.footer.totalCountOfEvents', { diff --git a/x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/use_query.tsx b/x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/use_query.tsx index 3dc6bac07be34..45f191f4a6fe5 100644 --- a/x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/use_query.tsx +++ b/x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/use_query.tsx @@ -45,10 +45,10 @@ export const useQuerySignals = ( useEffect(() => { let isSubscribed = true; const abortCtrl = new AbortController(); - setLoading(true); async function fetchData() { try { + setLoading(true); const signalResponse = await fetchQuerySignals({ query, signal: abortCtrl.signal, diff --git a/x-pack/legacy/plugins/siem/public/containers/timeline/index.gql_query.ts b/x-pack/legacy/plugins/siem/public/containers/timeline/index.gql_query.ts index 9bd580f832230..c54238c5d8687 100644 --- a/x-pack/legacy/plugins/siem/public/containers/timeline/index.gql_query.ts +++ b/x-pack/legacy/plugins/siem/public/containers/timeline/index.gql_query.ts @@ -134,6 +134,9 @@ export const timelineQuery = gql` name ip } + rule { + reference + } source { bytes ip diff --git a/x-pack/legacy/plugins/siem/public/graphql/introspection.json b/x-pack/legacy/plugins/siem/public/graphql/introspection.json index a9247403bf22c..b356b67b75c7b 100644 --- a/x-pack/legacy/plugins/siem/public/graphql/introspection.json +++ b/x-pack/legacy/plugins/siem/public/graphql/introspection.json @@ -3985,6 +3985,14 @@ "isDeprecated": false, "deprecationReason": null }, + { + "name": "rule", + "description": "", + "args": [], + "type": { "kind": "OBJECT", "name": "RuleEcsField", "ofType": null }, + "isDeprecated": false, + "deprecationReason": null + }, { "name": "signal", "description": "", @@ -4743,6 +4751,25 @@ "enumValues": null, "possibleTypes": null }, + { + "kind": "OBJECT", + "name": "RuleEcsField", + "description": "", + "fields": [ + { + "name": "reference", + "description": "", + "args": [], + "type": { "kind": "SCALAR", "name": "ToStringArray", "ofType": null }, + "isDeprecated": false, + "deprecationReason": null + } + ], + "inputFields": null, + "interfaces": [], + "enumValues": null, + "possibleTypes": null + }, { "kind": "OBJECT", "name": "SignalField", diff --git a/x-pack/legacy/plugins/siem/public/graphql/types.ts b/x-pack/legacy/plugins/siem/public/graphql/types.ts index 6a24ffcc13020..0103713a8c8a2 100644 --- a/x-pack/legacy/plugins/siem/public/graphql/types.ts +++ b/x-pack/legacy/plugins/siem/public/graphql/types.ts @@ -791,6 +791,8 @@ export interface Ecs { network?: Maybe; + rule?: Maybe; + signal?: Maybe; source?: Maybe; @@ -970,6 +972,10 @@ export interface NetworkEcsField { transport?: Maybe; } +export interface RuleEcsField { + reference?: Maybe; +} + export interface SignalField { rule?: Maybe; @@ -4456,6 +4462,8 @@ export namespace GetTimelineQuery { host: Maybe; + rule: Maybe; + source: Maybe<_Source>; destination: Maybe; @@ -4671,6 +4679,12 @@ export namespace GetTimelineQuery { ip: Maybe; }; + export type Rule = { + __typename?: 'RuleEcsField'; + + reference: Maybe; + }; + export type _Source = { __typename?: 'SourceEcsFields'; @@ -4792,10 +4806,10 @@ export namespace GetTimelineQuery { original_time: Maybe; - rule: Maybe; + rule: Maybe<_Rule>; }; - export type Rule = { + export type _Rule = { __typename?: 'RuleField'; id: Maybe; diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals/default_config.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals/default_config.tsx index f5d138a3afcb8..e6bbffa4fd927 100644 --- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals/default_config.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals/default_config.tsx @@ -86,6 +86,11 @@ export const buildSignalsRuleIdFilter = (ruleId: string): esFilters.Filter[] => ]; export const signalsHeaders: ColumnHeader[] = [ + { + columnHeaderType: defaultColumnHeaderType, + id: '@timestamp', + width: DEFAULT_DATE_COLUMN_MIN_WIDTH, + }, { columnHeaderType: defaultColumnHeaderType, id: 'signal.rule.name', @@ -117,6 +122,12 @@ export const signalsHeaders: ColumnHeader[] = [ label: i18n.SIGNALS_HEADERS_RISK_SCORE, width: 120, }, + { + columnHeaderType: defaultColumnHeaderType, + id: 'event.module', + linkField: 'rule.reference', + width: DEFAULT_COLUMN_MIN_WIDTH, + }, { category: 'event', columnHeaderType: defaultColumnHeaderType, @@ -150,11 +161,6 @@ export const signalsHeaders: ColumnHeader[] = [ id: 'destination.ip', width: 140, }, - { - columnHeaderType: defaultColumnHeaderType, - id: '@timestamp', - width: DEFAULT_DATE_COLUMN_MIN_WIDTH, - }, ]; export const signalsDefaultModel: SubsetTimelineModel = { diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/details/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/details/index.tsx index 1914f967813a1..7b615d5f159c2 100644 --- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/details/index.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/details/index.tsx @@ -24,7 +24,11 @@ import { ActionCreator } from 'typescript-fsa'; import { connect } from 'react-redux'; import { FiltersGlobal } from '../../../../components/filters_global'; import { FormattedDate } from '../../../../components/formatted_date'; -import { DETECTION_ENGINE_PAGE_NAME } from '../../../../components/link_to/redirect_to_detection_engine'; +import { + getDetectionEngineUrl, + getEditRuleUrl, + getRulesUrl, +} from '../../../../components/link_to/redirect_to_detection_engine'; import { SiemSearchBar } from '../../../../components/search_bar'; import { WrapperPage } from '../../../../components/wrapper_page'; import { useRule } from '../../../../containers/detection_engine/rules'; @@ -237,7 +241,7 @@ const RuleDetailsPageComponent: FC = ({ isAuthenticated != null && (!isSignalIndexExists || !isAuthenticated) ) { - return ; + return ; } return ( @@ -257,7 +261,7 @@ const RuleDetailsPageComponent: FC = ({ = ({ diff --git a/x-pack/legacy/plugins/siem/public/utils/logo_endpoint/64_color.svg b/x-pack/legacy/plugins/siem/public/utils/logo_endpoint/64_color.svg new file mode 100644 index 0000000000000..b03007a76ffcc --- /dev/null +++ b/x-pack/legacy/plugins/siem/public/utils/logo_endpoint/64_color.svg @@ -0,0 +1,7 @@ + + + + + + + diff --git a/x-pack/legacy/plugins/siem/server/graphql/ecs/schema.gql.ts b/x-pack/legacy/plugins/siem/server/graphql/ecs/schema.gql.ts index 730e6b884a182..f897236b3470e 100644 --- a/x-pack/legacy/plugins/siem/server/graphql/ecs/schema.gql.ts +++ b/x-pack/legacy/plugins/siem/server/graphql/ecs/schema.gql.ts @@ -417,6 +417,10 @@ export const ecsSchema = gql` original_time: ToStringArray } + type RuleEcsField { + reference: ToStringArray + } + type ECS { _id: String! _index: String @@ -428,6 +432,7 @@ export const ecsSchema = gql` geo: GeoEcsFields host: HostEcsFields network: NetworkEcsField + rule: RuleEcsField signal: SignalField source: SourceEcsFields suricata: SuricataEcsFields diff --git a/x-pack/legacy/plugins/siem/server/graphql/types.ts b/x-pack/legacy/plugins/siem/server/graphql/types.ts index 303262ece5c7f..c3fd6e9dde286 100644 --- a/x-pack/legacy/plugins/siem/server/graphql/types.ts +++ b/x-pack/legacy/plugins/siem/server/graphql/types.ts @@ -793,6 +793,8 @@ export interface Ecs { network?: Maybe; + rule?: Maybe; + signal?: Maybe; source?: Maybe; @@ -972,6 +974,10 @@ export interface NetworkEcsField { transport?: Maybe; } +export interface RuleEcsField { + reference?: Maybe; +} + export interface SignalField { rule?: Maybe; @@ -4279,6 +4285,8 @@ export namespace EcsResolvers { network?: NetworkResolver, TypeParent, TContext>; + rule?: RuleResolver, TypeParent, TContext>; + signal?: SignalResolver, TypeParent, TContext>; source?: SourceResolver, TypeParent, TContext>; @@ -4358,6 +4366,11 @@ export namespace EcsResolvers { Parent = Ecs, TContext = SiemContext > = Resolver; + export type RuleResolver< + R = Maybe, + Parent = Ecs, + TContext = SiemContext + > = Resolver; export type SignalResolver< R = Maybe, Parent = Ecs, @@ -4935,6 +4948,18 @@ export namespace NetworkEcsFieldResolvers { > = Resolver; } +export namespace RuleEcsFieldResolvers { + export interface Resolvers { + reference?: ReferenceResolver, TypeParent, TContext>; + } + + export type ReferenceResolver< + R = Maybe, + Parent = RuleEcsField, + TContext = SiemContext + > = Resolver; +} + export namespace SignalFieldResolvers { export interface Resolvers { rule?: RuleResolver, TypeParent, TContext>; @@ -9231,6 +9256,7 @@ export type IResolvers = { EndgameEcsFields?: EndgameEcsFieldsResolvers.Resolvers; EventEcsFields?: EventEcsFieldsResolvers.Resolvers; NetworkEcsField?: NetworkEcsFieldResolvers.Resolvers; + RuleEcsField?: RuleEcsFieldResolvers.Resolvers; SignalField?: SignalFieldResolvers.Resolvers; RuleField?: RuleFieldResolvers.Resolvers; SuricataEcsFields?: SuricataEcsFieldsResolvers.Resolvers; diff --git a/x-pack/legacy/plugins/siem/server/lib/ecs_fields/index.ts b/x-pack/legacy/plugins/siem/server/lib/ecs_fields/index.ts index f85fb2c9fd753..eb483de000915 100644 --- a/x-pack/legacy/plugins/siem/server/lib/ecs_fields/index.ts +++ b/x-pack/legacy/plugins/siem/server/lib/ecs_fields/index.ts @@ -318,6 +318,10 @@ export const signalFieldsMap: Readonly> = { 'signal.rule.version': 'signal.rule.version', }; +export const ruleFieldsMap: Readonly> = { + 'rule.reference': 'rule.reference', +}; + export const eventFieldsMap: Readonly> = { timestamp: '@timestamp', '@timestamp': '@timestamp', @@ -331,6 +335,7 @@ export const eventFieldsMap: Readonly> = { ...{ ...geoFieldsMap }, ...{ ...hostFieldsMap }, ...{ ...networkFieldsMap }, + ...{ ...ruleFieldsMap }, ...{ ...signalFieldsMap }, ...{ ...sourceFieldsMap }, ...{ ...suricataFieldsMap }, From 2bab2cc84a81b2ee5a32fc21995480d29251f92f Mon Sep 17 00:00:00 2001 From: Frank Hassanabad Date: Tue, 28 Jan 2020 16:37:25 -0700 Subject: [PATCH 26/40] [SIEM][Detection Engine] critical blocker, fixes ordering issue that causes rules to not run the first time ## Summary Fixes ordering issue that @mikecote found for us with rules where we need to first update the rule before trying to enable it so there aren't issues with API keys. These types of errors should no longer be seen: ``` {"type":"log","@timestamp":"2020-01-11T09:06:25-07:00","tags":["error","plugins","siem"],"pid":61190,"message":"Error from signal rule name: \"Windows Execution via Connection Manager\", id: \"0624c880-8e64-4c7c-90b4-226b77311ac4\", rule_id: \"f2728299-167a-489c-913c-2e0955ac3c40\" message: [security_exception] missing authentication credentials for REST request [/auditbeat-*%2Cendgame-*%2Cfilebeat-*%2Cpacketbeat-*%2Cwinlogbeat-*/_search?allow_no_indices=true&size=100&ignore_unavailable=true], with { header={ WWW-Authenticate={ 0=\"Bearer realm=\\\"security\\\"\" & 1=\"ApiKey\" & 2=\"Basic realm=\\\"security\\\" charset=\\\"UTF-8\\\"\" } } }"} ``` Testing: ```ts ./hard_reset.sh ``` Then load the pre-packaged rules and enable them all at once. Ensure you don't see any errors such as the ones above. ### Checklist Use ~~strikethroughs~~ to remove checklist items you don't feel are applicable to this PR. ~~- [ ] This was checked for cross-browser compatibility, [including a check against IE11](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility)~~ ~~- [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)~~ ~~- [ ] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials~~ - [x] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios ~~- [ ] This was checked for [keyboard-only and screenreader accessibility](https://developer.mozilla.org/en-US/docs/Learn/Tools_and_testing/Cross_browser_testing/Accessibility#Accessibility_testing_checklist)~~ ### For maintainers ~~- [ ] This was checked for breaking API changes and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~~ - [x] This includes a feature addition or change that requires a release note and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process) --- .../detection_engine/rules/update_rules.ts | 33 +++++++++++-------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.ts index 304cd1962afed..634c0d5a52cb1 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.ts @@ -5,6 +5,7 @@ */ import { defaults, pickBy, isEmpty } from 'lodash/fp'; +import { PartialAlert } from '../../../../../alerting/server/types'; import { readRules } from './read_rules'; import { UpdateRuleParams, IRuleSavedAttributesSavedObjectAttributes } from './types'; import { addTags } from './add_tags'; @@ -108,7 +109,7 @@ export const updateRules = async ({ type, references, version, -}: UpdateRuleParams) => { +}: UpdateRuleParams): Promise => { const rule = await readRules({ alertsClient, ruleId, id }); if (rule == null) { return null; @@ -169,6 +170,18 @@ export const updateRules = async ({ } ); + const update = await alertsClient.update({ + id: rule.id, + data: { + tags: addTags(tags ?? rule.tags, rule.params.ruleId, immutable ?? rule.params.immutable), + name: calculateName({ updatedName: name, originalName: rule.name }), + schedule: { + interval: calculateInterval(interval, rule.schedule.interval), + }, + actions: rule.actions, + params: nextParams, + }, + }); if (rule.enabled && enabled === false) { await alertsClient.disable({ id: rule.id }); } else if (!rule.enabled && enabled === true) { @@ -194,16 +207,10 @@ export const updateRules = async ({ } else { // enabled is null or undefined and we do not touch the rule } - return alertsClient.update({ - id: rule.id, - data: { - tags: addTags(tags ?? rule.tags, rule.params.ruleId, immutable ?? rule.params.immutable), - name: calculateName({ updatedName: name, originalName: rule.name }), - schedule: { - interval: calculateInterval(interval, rule.schedule.interval), - }, - actions: rule.actions, - params: nextParams, - }, - }); + + if (enabled != null) { + return { ...update, enabled }; + } else { + return update; + } }; From 06890107b4676b0daa56d38850166f495b8036a4 Mon Sep 17 00:00:00 2001 From: Frank Hassanabad Date: Tue, 28 Jan 2020 17:31:31 -0700 Subject: [PATCH 27/40] [SIEM][Detection Engine] critical blocker for updated rules ## Summary Critical blocker for updated rules and content we need for the release. Given to me by randomuserid and from randomuserid ### Checklist Use ~~strikethroughs~~ to remove checklist items you don't feel are applicable to this PR. ~~- [ ] This was checked for cross-browser compatibility, [including a check against IE11](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility)~~ ~~- [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)~~ ~~- [ ] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials~~ - [x] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios ~~- [ ] This was checked for [keyboard-only and screenreader accessibility](https://developer.mozilla.org/en-US/docs/Learn/Tools_and_testing/Cross_browser_testing/Accessibility#Accessibility_testing_checklist)~~ ### For maintainers ~~- [ ] This was checked for breaking API changes and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~~ ~~- [ ] This includes a feature addition or change that requires a release note and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)~~ --- .../rules/prepackaged_rules/index.ts | 102 +++++++++--------- .../linux_shell_activity_by_web_server.json | 2 +- .../linux_ssh_forwarding.json | 43 -------- .../linux_strace_activity.json | 2 +- .../network_port_26_activity.json | 2 +- ...te_desktop_protocol_from_the_internet.json | 2 +- ...mote_procedure_call_from_the_internet.json | 2 +- ...file_sharing_activity_to_the_internet.json | 2 +- .../prepackaged_rules/null_user_agent.json | 2 +- .../prepackaged_rules/sqlmap_user_agent.json | 2 +- 10 files changed, 58 insertions(+), 103 deletions(-) delete mode 100644 x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_ssh_forwarding.json diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/index.ts b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/index.ts index cd6d899133bff..b454501e9f563 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/index.ts +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/index.ts @@ -69,57 +69,56 @@ import rule59 from './linux_nping_activity.json'; import rule60 from './linux_process_started_in_temp_directory.json'; import rule61 from './linux_shell_activity_by_web_server.json'; import rule62 from './linux_socat_activity.json'; -import rule63 from './linux_ssh_forwarding.json'; -import rule64 from './linux_strace_activity.json'; -import rule65 from './linux_tcpdump_activity.json'; -import rule66 from './linux_whoami_commmand.json'; -import rule67 from './network_dns_directly_to_the_internet.json'; -import rule68 from './network_ftp_file_transfer_protocol_activity_to_the_internet.json'; -import rule69 from './network_irc_internet_relay_chat_protocol_activity_to_the_internet.json'; -import rule70 from './network_nat_traversal_port_activity.json'; -import rule71 from './network_port_26_activity.json'; -import rule72 from './network_port_8000_activity_to_the_internet.json'; -import rule73 from './network_pptp_point_to_point_tunneling_protocol_activity.json'; -import rule74 from './network_proxy_port_activity_to_the_internet.json'; -import rule75 from './network_rdp_remote_desktop_protocol_from_the_internet.json'; -import rule76 from './network_rdp_remote_desktop_protocol_to_the_internet.json'; -import rule77 from './network_rpc_remote_procedure_call_from_the_internet.json'; -import rule78 from './network_rpc_remote_procedure_call_to_the_internet.json'; -import rule79 from './network_smb_windows_file_sharing_activity_to_the_internet.json'; -import rule80 from './network_smtp_to_the_internet.json'; -import rule81 from './network_sql_server_port_activity_to_the_internet.json'; -import rule82 from './network_ssh_secure_shell_from_the_internet.json'; -import rule83 from './network_ssh_secure_shell_to_the_internet.json'; -import rule84 from './network_telnet_port_activity.json'; -import rule85 from './network_tor_activity_to_the_internet.json'; -import rule86 from './network_vnc_virtual_network_computing_from_the_internet.json'; -import rule87 from './network_vnc_virtual_network_computing_to_the_internet.json'; -import rule88 from './null_user_agent.json'; -import rule89 from './sqlmap_user_agent.json'; -import rule90 from './windows_background_intelligent_transfer_service_bits_connecting_to_the_internet.json'; -import rule91 from './windows_certutil_connecting_to_the_internet.json'; -import rule92 from './windows_command_prompt_connecting_to_the_internet.json'; -import rule93 from './windows_command_shell_started_by_internet_explorer.json'; -import rule94 from './windows_command_shell_started_by_powershell.json'; -import rule95 from './windows_command_shell_started_by_svchost.json'; -import rule96 from './windows_defense_evasion_via_filter_manager.json'; -import rule97 from './windows_execution_via_compiled_html_file.json'; -import rule98 from './windows_execution_via_connection_manager.json'; -import rule99 from './windows_execution_via_net_com_assemblies.json'; -import rule100 from './windows_execution_via_regsvr32.json'; -import rule101 from './windows_execution_via_trusted_developer_utilities.json'; -import rule102 from './windows_html_help_executable_program_connecting_to_the_internet.json'; -import rule103 from './windows_misc_lolbin_connecting_to_the_internet.json'; -import rule104 from './windows_net_command_activity_by_the_system_account.json'; -import rule105 from './windows_persistence_via_application_shimming.json'; -import rule106 from './windows_priv_escalation_via_accessibility_features.json'; -import rule107 from './windows_process_discovery_via_tasklist_command.json'; -import rule108 from './windows_process_execution_via_wmi.json'; -import rule109 from './windows_register_server_program_connecting_to_the_internet.json'; -import rule110 from './windows_signed_binary_proxy_execution.json'; -import rule111 from './windows_signed_binary_proxy_execution_download.json'; -import rule112 from './windows_suspicious_process_started_by_a_script.json'; -import rule113 from './windows_whoami_command_activity.json'; +import rule63 from './linux_strace_activity.json'; +import rule64 from './linux_tcpdump_activity.json'; +import rule65 from './linux_whoami_commmand.json'; +import rule66 from './network_dns_directly_to_the_internet.json'; +import rule67 from './network_ftp_file_transfer_protocol_activity_to_the_internet.json'; +import rule68 from './network_irc_internet_relay_chat_protocol_activity_to_the_internet.json'; +import rule69 from './network_nat_traversal_port_activity.json'; +import rule70 from './network_port_26_activity.json'; +import rule71 from './network_port_8000_activity_to_the_internet.json'; +import rule72 from './network_pptp_point_to_point_tunneling_protocol_activity.json'; +import rule73 from './network_proxy_port_activity_to_the_internet.json'; +import rule74 from './network_rdp_remote_desktop_protocol_from_the_internet.json'; +import rule75 from './network_rdp_remote_desktop_protocol_to_the_internet.json'; +import rule76 from './network_rpc_remote_procedure_call_from_the_internet.json'; +import rule77 from './network_rpc_remote_procedure_call_to_the_internet.json'; +import rule78 from './network_smb_windows_file_sharing_activity_to_the_internet.json'; +import rule79 from './network_smtp_to_the_internet.json'; +import rule80 from './network_sql_server_port_activity_to_the_internet.json'; +import rule81 from './network_ssh_secure_shell_from_the_internet.json'; +import rule82 from './network_ssh_secure_shell_to_the_internet.json'; +import rule83 from './network_telnet_port_activity.json'; +import rule84 from './network_tor_activity_to_the_internet.json'; +import rule85 from './network_vnc_virtual_network_computing_from_the_internet.json'; +import rule86 from './network_vnc_virtual_network_computing_to_the_internet.json'; +import rule87 from './null_user_agent.json'; +import rule88 from './sqlmap_user_agent.json'; +import rule89 from './windows_background_intelligent_transfer_service_bits_connecting_to_the_internet.json'; +import rule90 from './windows_certutil_connecting_to_the_internet.json'; +import rule91 from './windows_command_prompt_connecting_to_the_internet.json'; +import rule92 from './windows_command_shell_started_by_internet_explorer.json'; +import rule93 from './windows_command_shell_started_by_powershell.json'; +import rule94 from './windows_command_shell_started_by_svchost.json'; +import rule95 from './windows_defense_evasion_via_filter_manager.json'; +import rule96 from './windows_execution_via_compiled_html_file.json'; +import rule97 from './windows_execution_via_connection_manager.json'; +import rule98 from './windows_execution_via_net_com_assemblies.json'; +import rule99 from './windows_execution_via_regsvr32.json'; +import rule100 from './windows_execution_via_trusted_developer_utilities.json'; +import rule101 from './windows_html_help_executable_program_connecting_to_the_internet.json'; +import rule102 from './windows_misc_lolbin_connecting_to_the_internet.json'; +import rule103 from './windows_net_command_activity_by_the_system_account.json'; +import rule104 from './windows_persistence_via_application_shimming.json'; +import rule105 from './windows_priv_escalation_via_accessibility_features.json'; +import rule106 from './windows_process_discovery_via_tasklist_command.json'; +import rule107 from './windows_process_execution_via_wmi.json'; +import rule108 from './windows_register_server_program_connecting_to_the_internet.json'; +import rule109 from './windows_signed_binary_proxy_execution.json'; +import rule110 from './windows_signed_binary_proxy_execution_download.json'; +import rule111 from './windows_suspicious_process_started_by_a_script.json'; +import rule112 from './windows_whoami_command_activity.json'; export const rawRules = [ rule1, rule2, @@ -233,5 +232,4 @@ export const rawRules = [ rule110, rule111, rule112, - rule113, ]; diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_shell_activity_by_web_server.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_shell_activity_by_web_server.json index c7d856cbe61f3..ac817762fdb71 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_shell_activity_by_web_server.json +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_shell_activity_by_web_server.json @@ -32,7 +32,7 @@ { "id": "T1100", "name": "Web Shell", - "reference": "https://attack.mitre.org/techniques/T1215/" + "reference": "https://attack.mitre.org/techniques/T1100/" } ] } diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_ssh_forwarding.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_ssh_forwarding.json deleted file mode 100644 index 3b61814ab66fd..0000000000000 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_ssh_forwarding.json +++ /dev/null @@ -1,43 +0,0 @@ -{ - "description": "An SSH processes ran with the `-R` flag which can be used to forward a port to a remote destination for purposes of pivoting and persistence. This technique often used to create encrypted tunnels and circumvent firewalls, security groups or network access lists.", - "false_positives": [ - "Some normal use of this command may originate from usage by engineers as an alternative or ad-hoc remote access solution. Use of this command by non-administrative users is uncommon." - ], - "index": [ - "auditbeat-*" - ], - "language": "kuery", - "max_signals": 33, - "name": "Potential Lateral Movement via SSH Port Forwarding", - "query": "process.name:ssh and process.args:\"-R\" and event.action:executed", - "references": [ - "https://www.ssh.com/ssh/tunneling", - "https://www.ssh.com/ssh/tunneling/example" - ], - "risk_score": 47, - "rule_id": "45d256ab-e665-445b-8306-2f83a8db59f8", - "severity": "medium", - "tags": [ - "Elastic", - "Linux" - ], - "threat": [ - { - "framework": "MITRE ATT&CK", - "tactic": { - "id": "TA0008", - "name": "Lateral Movement", - "reference": "https://attack.mitre.org/tactics/TA0008/" - }, - "technique": [ - { - "id": "T1184", - "name": "SSH Hijacking", - "reference": "https://attack.mitre.org/techniques/T1184/" - } - ] - } - ], - "type": "query", - "version": 1 -} diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_strace_activity.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_strace_activity.json index 6f8bc112fd011..f5488ae49d0fb 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_strace_activity.json +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_strace_activity.json @@ -1,5 +1,5 @@ { - "description": "Strace runs in a privileged context and can be used to escape restrictive environments by instantiating a shell in order to elevate privlieges or move laterally.", + "description": "Strace runs in a privileged context and can be used to escape restrictive environments by instantiating a shell in order to elevate privileges or move laterally.", "false_positives": [ "Strace is a dual-use tool that can be used for benign or malicious activity. Some normal use of this command may originate from developers or SREs engaged in debugging or system call tracing." ], diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_port_26_activity.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_port_26_activity.json index 59db16c7b7d3d..352fc5e44dc80 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_port_26_activity.json +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_port_26_activity.json @@ -49,7 +49,7 @@ }, "technique": [ { - "id": "T1043", + "id": "T1048", "name": "Exfiltration Over Alternative Protocol", "reference": "https://attack.mitre.org/techniques/T1048/" } diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rdp_remote_desktop_protocol_from_the_internet.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rdp_remote_desktop_protocol_from_the_internet.json index 76528da19a57c..e3853c30e6ad9 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rdp_remote_desktop_protocol_from_the_internet.json +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rdp_remote_desktop_protocol_from_the_internet.json @@ -45,7 +45,7 @@ }, "technique": [ { - "id": "T1190", + "id": "T1021", "name": "Remote Services", "reference": "https://attack.mitre.org/techniques/T1021/" } diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rpc_remote_procedure_call_from_the_internet.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rpc_remote_procedure_call_from_the_internet.json index ca6715ac48785..1570d3d155fea 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rpc_remote_procedure_call_from_the_internet.json +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rpc_remote_procedure_call_from_the_internet.json @@ -29,7 +29,7 @@ { "id": "T1190", "name": "Exploit Public-Facing Application", - "reference": "https://attack.mitre.org/techniques/T1043/" + "reference": "https://attack.mitre.org/techniques/T1190/" } ] } diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_smb_windows_file_sharing_activity_to_the_internet.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_smb_windows_file_sharing_activity_to_the_internet.json index ee47dff73db40..991c626c11d33 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_smb_windows_file_sharing_activity_to_the_internet.json +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_smb_windows_file_sharing_activity_to_the_internet.json @@ -42,7 +42,7 @@ }, "technique": [ { - "id": "T1043", + "id": "T1048", "name": "Exfiltration Over Alternative Protocol", "reference": "https://attack.mitre.org/techniques/T1048/" } diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/null_user_agent.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/null_user_agent.json index 87a3119ac780d..7975c30a4ea38 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/null_user_agent.json +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/null_user_agent.json @@ -1,7 +1,7 @@ { "description": "A request to a web application server contained no identifying user agent string.", "false_positives": [ - "Some normal applications and scripts may contain no user agent. Most legitmate web requests from the Internet contain a user agent string. Requests from web browsers almost always contain a user agent string. If the source is unexpected, or the user is unauthorized, or the request is unusual, these may be suspicious or malicious activity." + "Some normal applications and scripts may contain no user agent. Most legitimate web requests from the Internet contain a user agent string. Requests from web browsers almost always contain a user agent string. If the source is unexpected, or the user is unauthorized, or the request is unusual, these may be suspicious or malicious activity." ], "filters": [ { diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/sqlmap_user_agent.json b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/sqlmap_user_agent.json index 72d85dcbffc06..44e112d09a45b 100644 --- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/sqlmap_user_agent.json +++ b/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/sqlmap_user_agent.json @@ -1,7 +1,7 @@ { "description": "This is an example of how to detect an unwanted web client user agent. This search matches the user agent for sqlmap 1.3.11 which is a popular FOSS tool for testing web applications for SQL injection vulnerabilities. ", "false_positives": [ - "This signal does not indicate that a SQL injection attack occured, only that the sqlmap tool was used. Security scans and tests may result in these errors. If the source is not an authorized security tester, this is generally suspicious or malicious activity." + "This signal does not indicate that a SQL injection attack occurred, only that the sqlmap tool was used. Security scans and tests may result in these errors. If the source is not an authorized security tester, this is generally suspicious or malicious activity." ], "index": [ "apm-*-transaction*" From 02befdebd26232714e701b8040d8fa71e9fbb4fd Mon Sep 17 00:00:00 2001 From: Ryland Herrick Date: Tue, 28 Jan 2020 21:06:37 -0600 Subject: [PATCH 28/40] [SIEM] Adds ability to infer the newsfeed.enabled setting (#56236) * Always return a contract from the newsfeed plugin Without a contract, dependent plugins have no way of knowing whether the plugin is enabled or not as the contract will always be undefined. * Export newsfeed contract types from public index So that dependent plugins can use them. * Declare newsfeed as an optional dependency of SIEM We're going to use the availability of the newsfeed plugin as part of our determination for whether or not to show the security newsfeed. If users set `newsfeed.enabled: false`, the plugin will be unavailable and the security feed will not be shown. * Respect global newsfeed.enabled config in Security newsfeed The presence of the newsfeed plugin means that newsfeed.enabled is true. If both that and our local setting are true, we will show the Security feed. * Prefer object type over empty interface Co-authored-by: Elastic Machine --- src/plugins/newsfeed/public/index.ts | 4 +++- src/plugins/newsfeed/public/plugin.tsx | 10 +++++++--- .../siem/public/components/news_feed/index.tsx | 12 ++++++++---- x-pack/legacy/plugins/siem/public/plugin.tsx | 2 ++ 4 files changed, 20 insertions(+), 8 deletions(-) diff --git a/src/plugins/newsfeed/public/index.ts b/src/plugins/newsfeed/public/index.ts index 1217de60d9638..b70606b09a34f 100644 --- a/src/plugins/newsfeed/public/index.ts +++ b/src/plugins/newsfeed/public/index.ts @@ -18,7 +18,9 @@ */ import { PluginInitializerContext } from 'src/core/public'; -import { NewsfeedPublicPlugin } from './plugin'; +import { Setup, Start, NewsfeedPublicPlugin } from './plugin'; + +export { Setup, Start }; export function plugin(initializerContext: PluginInitializerContext) { return new NewsfeedPublicPlugin(initializerContext); diff --git a/src/plugins/newsfeed/public/plugin.tsx b/src/plugins/newsfeed/public/plugin.tsx index c4e042fe452f9..d21cf75a1a65e 100644 --- a/src/plugins/newsfeed/public/plugin.tsx +++ b/src/plugins/newsfeed/public/plugin.tsx @@ -27,8 +27,8 @@ import { FetchResult, NewsfeedPluginInjectedConfig } from '../types'; import { NewsfeedNavButton, NewsfeedApiFetchResult } from './components/newsfeed_header_nav_button'; import { getApi } from './lib/api'; -export type Setup = void; -export type Start = void; +export type Setup = object; +export type Start = object; export class NewsfeedPublicPlugin implements Plugin { private readonly kibanaVersion: string; @@ -38,7 +38,9 @@ export class NewsfeedPublicPlugin implements Plugin { this.kibanaVersion = initializerContext.env.packageInfo.version; } - public setup(core: CoreSetup): Setup {} + public setup(core: CoreSetup): Setup { + return {}; + } public start(core: CoreStart): Start { const api$ = this.fetchNewsfeed(core); @@ -46,6 +48,8 @@ export class NewsfeedPublicPlugin implements Plugin { order: 1000, mount: target => this.mount(api$, target), }); + + return {}; } public stop() { diff --git a/x-pack/legacy/plugins/siem/public/components/news_feed/index.tsx b/x-pack/legacy/plugins/siem/public/components/news_feed/index.tsx index 95f12758d5e63..6a5e08b287f96 100644 --- a/x-pack/legacy/plugins/siem/public/components/news_feed/index.tsx +++ b/x-pack/legacy/plugins/siem/public/components/news_feed/index.tsx @@ -8,7 +8,7 @@ import React, { useEffect, useState } from 'react'; import chrome from 'ui/chrome'; import { fetchNews, getNewsFeedUrl, getNewsItemsFromApiResponse } from './helpers'; -import { useUiSetting$ } from '../../lib/kibana'; +import { useKibana, useUiSetting$ } from '../../lib/kibana'; import { NewsFeed } from './news_feed'; import { NewsItem } from './types'; @@ -16,10 +16,14 @@ export const StatefulNewsFeed = React.memo<{ enableNewsFeedSetting: string; newsFeedSetting: string; }>(({ enableNewsFeedSetting, newsFeedSetting }) => { + const kibanaNewsfeedEnabled = useKibana().services.newsfeed; const [enableNewsFeed] = useUiSetting$(enableNewsFeedSetting); const [newsFeedUrlSetting] = useUiSetting$(newsFeedSetting); const [news, setNews] = useState(null); + // respect kibana's global newsfeed.enabled setting + const newsfeedEnabled = kibanaNewsfeedEnabled && enableNewsFeed; + const newsFeedUrl = getNewsFeedUrl({ newsFeedUrlSetting, getKibanaVersion: chrome.getKibanaVersion, @@ -42,16 +46,16 @@ export const StatefulNewsFeed = React.memo<{ } }; - if (enableNewsFeed) { + if (newsfeedEnabled) { fetchData(); } return () => { canceled = true; }; - }, [enableNewsFeed, newsFeedUrl]); + }, [newsfeedEnabled, newsFeedUrl]); - return <>{enableNewsFeed ? : null}; + return <>{newsfeedEnabled ? : null}; }); StatefulNewsFeed.displayName = 'StatefulNewsFeed'; diff --git a/x-pack/legacy/plugins/siem/public/plugin.tsx b/x-pack/legacy/plugins/siem/public/plugin.tsx index 057ed3a91c3b9..7911b5eb9833b 100644 --- a/x-pack/legacy/plugins/siem/public/plugin.tsx +++ b/x-pack/legacy/plugins/siem/public/plugin.tsx @@ -14,6 +14,7 @@ import { import { HomePublicPluginSetup } from '../../../../../src/plugins/home/public'; import { DataPublicPluginStart } from '../../../../../src/plugins/data/public'; import { IEmbeddableStart } from '../../../../../src/plugins/embeddable/public'; +import { Start as NewsfeedStart } from '../../../../../src/plugins/newsfeed/public'; import { Start as InspectorStart } from '../../../../../src/plugins/inspector/public'; import { IUiActionsStart } from '../../../../../src/plugins/ui_actions/public'; import { UsageCollectionSetup } from '../../../../../src/plugins/usage_collection/public'; @@ -29,6 +30,7 @@ export interface StartPlugins { data: DataPublicPluginStart; embeddable: IEmbeddableStart; inspector: InspectorStart; + newsfeed?: NewsfeedStart; uiActions: IUiActionsStart; } export type StartServices = CoreStart & StartPlugins; From 0d2ac94c6b08a7399a28423e2a807db6b836580c Mon Sep 17 00:00:00 2001 From: patrykkopycinski Date: Wed, 29 Jan 2020 04:32:07 +0100 Subject: [PATCH 29/40] [SIEM] Fix filters on Hosts and Network page (#56234) * [SIEM] Fix Hosts and Network Tabs filters * cleanup Co-authored-by: Elastic Machine --- .../public/components/alerts_viewer/index.tsx | 2 - .../components/matrix_histogram/index.tsx | 87 ++++++++++--------- .../anomalies_query_tab_body/index.tsx | 2 - .../detection_engine/detection_engine.tsx | 1 - .../plugins/siem/public/pages/hosts/hosts.tsx | 12 ++- .../authentications_query_tab_body.tsx | 2 - .../navigation/events_query_tab_body.tsx | 2 - .../navigation/conditional_flex_group.tsx | 2 +- .../network/navigation/dns_query_tab_body.tsx | 2 - .../siem/public/pages/network/network.tsx | 12 ++- .../siem/public/pages/overview/overview.tsx | 4 - 11 files changed, 64 insertions(+), 64 deletions(-) diff --git a/x-pack/legacy/plugins/siem/public/components/alerts_viewer/index.tsx b/x-pack/legacy/plugins/siem/public/components/alerts_viewer/index.tsx index 2d10928da570a..a8c2f429040ea 100644 --- a/x-pack/legacy/plugins/siem/public/components/alerts_viewer/index.tsx +++ b/x-pack/legacy/plugins/siem/public/components/alerts_viewer/index.tsx @@ -5,7 +5,6 @@ */ import { noop } from 'lodash/fp'; import React, { useEffect, useCallback } from 'react'; -import { EuiSpacer } from '@elastic/eui'; import numeral from '@elastic/numeral'; import { AlertsComponentsQueryProps } from './types'; @@ -79,7 +78,6 @@ export const AlertsView = ({ type={type} updateDateRange={updateDateRange} /> - ); diff --git a/x-pack/legacy/plugins/siem/public/components/matrix_histogram/index.tsx b/x-pack/legacy/plugins/siem/public/components/matrix_histogram/index.tsx index f8853deeaed52..cdbac6a67b4ef 100644 --- a/x-pack/legacy/plugins/siem/public/components/matrix_histogram/index.tsx +++ b/x-pack/legacy/plugins/siem/public/components/matrix_histogram/index.tsx @@ -7,7 +7,7 @@ import React, { useState, useEffect, useCallback } from 'react'; import { ScaleType } from '@elastic/charts'; -import { EuiFlexGroup, EuiFlexItem, EuiProgress, EuiSelect } from '@elastic/eui'; +import { EuiFlexGroup, EuiFlexItem, EuiProgress, EuiSelect, EuiSpacer } from '@elastic/eui'; import { noop } from 'lodash/fp'; import * as i18n from './translations'; import { BarChart } from '../charts/barchart'; @@ -141,48 +141,51 @@ export const MatrixHistogramComponent: React.FC - - {loading && !isInitialLoading && ( - - )} + <> + + + {loading && !isInitialLoading && ( + + )} - {isInitialLoading ? ( - <> - - - - ) : ( - <> - = 0 ? subtitleWithCounts : null)} - > - - - {stackByOptions?.length > 1 && ( - - )} - - {headerChildren} - - - - - )} - - + {isInitialLoading ? ( + <> + + + + ) : ( + <> + = 0 ? subtitleWithCounts : null)} + > + + + {stackByOptions?.length > 1 && ( + + )} + + {headerChildren} + + + + + )} + + + + ); }; diff --git a/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/index.tsx b/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/index.tsx index 2d9ac8b7645ca..e34832aa88c93 100644 --- a/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/index.tsx +++ b/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/index.tsx @@ -5,7 +5,6 @@ */ import React, { useEffect } from 'react'; -import { EuiSpacer } from '@elastic/eui'; import * as i18n from './translations'; import { AnomaliesQueryTabBodyProps } from './types'; import { getAnomaliesFilterQuery } from './utils'; @@ -80,7 +79,6 @@ export const AnomaliesQueryTabBody = ({ type={type} updateDateRange={updateDateRange} /> - setQuery={setQuery} to={to} /> - )} diff --git a/x-pack/legacy/plugins/siem/public/pages/hosts/hosts.tsx b/x-pack/legacy/plugins/siem/public/pages/hosts/hosts.tsx index 2c475e4ba6ac5..f989f5a9ba6dd 100644 --- a/x-pack/legacy/plugins/siem/public/pages/hosts/hosts.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/hosts/hosts.tsx @@ -56,7 +56,7 @@ export const HostsComponent = React.memo( const capabilities = React.useContext(MlCapabilitiesContext); const kibana = useKibana(); const { tabName } = useParams(); - const hostsFilters = React.useMemo(() => { + const tabsFilters = React.useMemo(() => { if (tabName === HostsTableType.alerts) { return filters.length > 0 ? [...filters, ...filterAlertsHosts] : filterAlertsHosts; } @@ -77,7 +77,13 @@ export const HostsComponent = React.memo( config: esQuery.getEsQueryConfig(kibana.services.uiSettings), indexPattern, queries: [query], - filters: hostsFilters, + filters, + }); + const tabsFilterQuery = convertToBuildEsQuery({ + config: esQuery.getEsQueryConfig(kibana.services.uiSettings), + indexPattern, + queries: [query], + filters: tabsFilters, }); return indicesExistOrDataTemporarilyUnavailable(indicesExist) ? ( @@ -123,7 +129,7 @@ export const HostsComponent = React.memo( - - - ( const kibana = useKibana(); const { tabName } = useParams(); - const networkFilters = useMemo(() => { + const tabsFilters = useMemo(() => { if (tabName === NetworkRouteType.alerts) { return filters.length > 0 ? [...filters, ...filterAlertsNetwork] : filterAlertsNetwork; } @@ -76,7 +76,13 @@ const NetworkComponent = React.memo( config: esQuery.getEsQueryConfig(kibana.services.uiSettings), indexPattern, queries: [query], - filters: networkFilters, + filters, + }); + const tabsFilterQuery = convertToBuildEsQuery({ + config: esQuery.getEsQueryConfig(kibana.services.uiSettings), + indexPattern, + queries: [query], + filters: tabsFilters, }); return indicesExistOrDataTemporarilyUnavailable(indicesExist) ? ( @@ -133,7 +139,7 @@ const NetworkComponent = React.memo( = ({ to={to} /> - - = ({ to={to} /> - - Date: Tue, 28 Jan 2020 20:37:19 -0700 Subject: [PATCH 30/40] Basic Functionality Alert List (#55800) * sets up initial grid and data type * data feeds in from backend but doesnt update * sample data feeding in correctly * Fix combineReducers issue by importing Redux type from 'redux' package * Add usePageId hook that fires action when user navigates to page * Strict typing for middleware * addresses comments and uses better types * move types to common/types.ts * Move types to endpoint/types.ts, address PR comments blah 2 Co-authored-by: Pedro Jaramillo --- x-pack/plugins/endpoint/common/types.ts | 52 + .../public/applications/endpoint/index.tsx | 2 + .../public/applications/endpoint/lib/saga.ts | 2 +- .../applications/endpoint/store/action.ts | 11 + .../endpoint/store/alerts/action.ts | 14 + .../store/{actions.ts => alerts/index.ts} | 5 +- .../endpoint/store/alerts/middleware.ts | 19 + .../endpoint/store/alerts/reducer.ts | 29 + .../endpoint/store/alerts/selectors.ts | 9 + .../endpoint/store/endpoint_list/reducer.ts | 8 +- .../applications/endpoint/store/index.ts | 7 +- .../applications/endpoint/store/reducer.ts | 11 +- .../endpoint/store/routing/action.ts | 14 + .../endpoint/store/routing/index.ts | 7 + .../applications/endpoint/store/selectors.ts | 31 + .../public/applications/endpoint/types.ts | 26 + .../endpoint/view/alerts/index.tsx | 80 + .../applications/endpoint/view/use_page_id.ts | 20 + .../resolver/store/camera/action.ts | 2 +- x-pack/plugins/endpoint/server/plugin.ts | 2 + .../plugins/endpoint/server/routes/alerts.ts | 31 + .../endpoint/server/routes/sampledata.json | 11350 ++++++++++++++++ 22 files changed, 11716 insertions(+), 16 deletions(-) create mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/action.ts create mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/action.ts rename x-pack/plugins/endpoint/public/applications/endpoint/store/{actions.ts => alerts/index.ts} (71%) create mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/middleware.ts create mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/reducer.ts create mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/selectors.ts create mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/routing/action.ts create mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/routing/index.ts create mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/store/selectors.ts create mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/types.ts create mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx create mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/view/use_page_id.ts create mode 100644 x-pack/plugins/endpoint/server/routes/alerts.ts create mode 100644 x-pack/plugins/endpoint/server/routes/sampledata.json diff --git a/x-pack/plugins/endpoint/common/types.ts b/x-pack/plugins/endpoint/common/types.ts index 1a1402671aa01..5e69aa0d18b68 100644 --- a/x-pack/plugins/endpoint/common/types.ts +++ b/x-pack/plugins/endpoint/common/types.ts @@ -4,6 +4,24 @@ * you may not use this file except in compliance with the Elastic License. */ +/** + * A deep readonly type that will make all children of a given object readonly recursively + */ +export type Immutable = T extends undefined | null | boolean | string | number + ? T + : T extends Array + ? ImmutableArray + : T extends Map + ? ImmutableMap + : T extends Set + ? ImmutableSet + : ImmutableObject; + +export type ImmutableArray = ReadonlyArray>; +export type ImmutableMap = ReadonlyMap, Immutable>; +export type ImmutableSet = ReadonlySet>; +export type ImmutableObject = { readonly [K in keyof T]: Immutable }; + export class EndpointAppConstants { static ENDPOINT_INDEX_NAME = 'endpoint-agent*'; } @@ -44,3 +62,37 @@ export interface EndpointMetadata { }; }; } + +export interface AlertData { + value: { + source: { + endgame: { + data: { + file_operation: string; + malware_classification: { + score: number; + }; + }; + metadata: { + key: string; + }; + timestamp_utc: Date; + }; + labels: { + endpoint_id: string; + }; + host: { + hostname: string; + ip: string; + os: { + name: string; + }; + }; + }; + }; +} + +/** + * The PageId type is used for the payload when firing userNavigatedToPage actions + */ +export type PageId = 'alertsPage' | 'endpointListPage'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx index 7598141bdea65..9bea41126d296 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx +++ b/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx @@ -12,6 +12,7 @@ import { Route, BrowserRouter, Switch } from 'react-router-dom'; import { Provider } from 'react-redux'; import { Store } from 'redux'; import { appStoreFactory } from './store'; +import { AlertIndex } from './view/alerts'; /** * This module will be loaded asynchronously to reduce the bundle size of your plugin's main bundle. @@ -64,6 +65,7 @@ const AppRoot: React.FunctionComponent = React.memo(({ basename, st ); }} /> + ( diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/lib/saga.ts b/x-pack/plugins/endpoint/public/applications/endpoint/lib/saga.ts index bca6aa6563fe5..2a79827847f2e 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/lib/saga.ts +++ b/x-pack/plugins/endpoint/public/applications/endpoint/lib/saga.ts @@ -5,7 +5,7 @@ */ import { AnyAction, Dispatch, Middleware, MiddlewareAPI } from 'redux'; -import { GlobalState } from '../store'; +import { GlobalState } from '../types'; interface QueuedAction { /** diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/action.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/action.ts new file mode 100644 index 0000000000000..593041af75c05 --- /dev/null +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/action.ts @@ -0,0 +1,11 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { EndpointListAction } from './endpoint_list'; +import { AlertAction } from './alerts'; +import { RoutingAction } from './routing'; + +export type AppAction = EndpointListAction | AlertAction | RoutingAction; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/action.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/action.ts new file mode 100644 index 0000000000000..431b0d8d6fcf8 --- /dev/null +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/action.ts @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { AlertData, Immutable } from '../../../../../common/types'; + +type ServerReturnedAlertsData = Immutable<{ + type: 'serverReturnedAlertsData'; + payload: AlertData[]; +}>; + +export type AlertAction = ServerReturnedAlertsData; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/actions.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/index.ts similarity index 71% rename from x-pack/plugins/endpoint/public/applications/endpoint/store/actions.ts rename to x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/index.ts index 796dabce1d76a..5545218d9abd6 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/actions.ts +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/index.ts @@ -4,6 +4,5 @@ * you may not use this file except in compliance with the Elastic License. */ -import { EndpointListAction } from './endpoint_list'; - -export type AppAction = EndpointListAction; +export { alertListReducer } from './reducer'; +export { AlertAction } from './action'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/middleware.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/middleware.ts new file mode 100644 index 0000000000000..00ba8eddf9e67 --- /dev/null +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/middleware.ts @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { AlertData, ImmutableArray } from '../../../../../common/types'; +import { AppAction } from '../action'; +import { MiddlewareFactory } from '../../types'; + +export const alertMiddlewareFactory: MiddlewareFactory = coreStart => { + return api => next => async (action: AppAction) => { + next(action); + if (action.type === 'userNavigatedToPage' && action.payload === 'alertsPage') { + const response: ImmutableArray = await coreStart.http.get('/api/endpoint/alerts'); + api.dispatch({ type: 'serverReturnedAlertsData', payload: response }); + } + }; +}; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/reducer.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/reducer.ts new file mode 100644 index 0000000000000..4ad815ee10b23 --- /dev/null +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/reducer.ts @@ -0,0 +1,29 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Reducer } from 'redux'; +import { AlertListState } from '../../types'; +import { AppAction } from '../action'; + +const initialState = (): AlertListState => { + return { + alerts: [], + }; +}; + +export const alertListReducer: Reducer = ( + state = initialState(), + action +) => { + if (action.type === 'serverReturnedAlertsData') { + return { + ...state, + alerts: action.payload, + }; + } + + return state; +}; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/selectors.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/selectors.ts new file mode 100644 index 0000000000000..51903a0a641e8 --- /dev/null +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/alerts/selectors.ts @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { AlertListState } from '../../types'; + +export const alertListData = (state: AlertListState) => state.alerts; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/endpoint_list/reducer.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/endpoint_list/reducer.ts index 9813777c988ef..e57d9683e4707 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/endpoint_list/reducer.ts +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/endpoint_list/reducer.ts @@ -4,8 +4,9 @@ * you may not use this file except in compliance with the Elastic License. */ +import { Reducer } from 'redux'; import { EndpointListState } from './types'; -import { EndpointListAction } from './action'; +import { AppAction } from '../action'; const initialState = (): EndpointListState => { return { @@ -16,7 +17,10 @@ const initialState = (): EndpointListState => { }; }; -export const endpointListReducer = (state = initialState(), action: EndpointListAction) => { +export const endpointListReducer: Reducer = ( + state = initialState(), + action +) => { if (action.type === 'serverReturnedEndpointList') { return { ...state, diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/index.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/index.ts index bfa1385b9f0ac..a32f310392ca9 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/index.ts +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/index.ts @@ -8,8 +8,7 @@ import { createStore, compose, applyMiddleware, Store } from 'redux'; import { CoreStart } from 'kibana/public'; import { appSagaFactory } from './saga'; import { appReducer } from './reducer'; - -export { GlobalState } from './reducer'; +import { alertMiddlewareFactory } from './alerts/middleware'; const composeWithReduxDevTools = (window as any).__REDUX_DEVTOOLS_EXTENSION_COMPOSE__ ? (window as any).__REDUX_DEVTOOLS_EXTENSION_COMPOSE__({ name: 'EndpointApp' }) @@ -19,7 +18,9 @@ export const appStoreFactory = (coreStart: CoreStart): [Store, () => void] => { const sagaReduxMiddleware = appSagaFactory(coreStart); const store = createStore( appReducer, - composeWithReduxDevTools(applyMiddleware(sagaReduxMiddleware)) + composeWithReduxDevTools( + applyMiddleware(alertMiddlewareFactory(coreStart), appSagaFactory(coreStart)) + ) ); sagaReduxMiddleware.start(); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/reducer.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/reducer.ts index 59ca4de91ac83..a9cf6d9980519 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/store/reducer.ts +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/reducer.ts @@ -4,13 +4,12 @@ * you may not use this file except in compliance with the Elastic License. */ import { combineReducers, Reducer } from 'redux'; -import { endpointListReducer, EndpointListState } from './endpoint_list'; -import { AppAction } from './actions'; - -export interface GlobalState { - endpointList: EndpointListState; -} +import { endpointListReducer } from './endpoint_list'; +import { AppAction } from './action'; +import { alertListReducer } from './alerts'; +import { GlobalState } from '../types'; export const appReducer: Reducer = combineReducers({ endpointList: endpointListReducer, + alertList: alertListReducer, }); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/routing/action.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/routing/action.ts new file mode 100644 index 0000000000000..263a3f72d57d5 --- /dev/null +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/routing/action.ts @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { PageId } from '../../../../../common/types'; + +interface UserNavigatedToPage { + readonly type: 'userNavigatedToPage'; + readonly payload: PageId; +} + +export type RoutingAction = UserNavigatedToPage; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/routing/index.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/routing/index.ts new file mode 100644 index 0000000000000..68fd04d6a8355 --- /dev/null +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/routing/index.ts @@ -0,0 +1,7 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export { RoutingAction } from './action'; diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/store/selectors.ts b/x-pack/plugins/endpoint/public/applications/endpoint/store/selectors.ts new file mode 100644 index 0000000000000..2766707271cde --- /dev/null +++ b/x-pack/plugins/endpoint/public/applications/endpoint/store/selectors.ts @@ -0,0 +1,31 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { GlobalState } from '../types'; +import * as alertListSelectors from './alerts/selectors'; + +export const alertListData = composeSelectors( + alertListStateSelector, + alertListSelectors.alertListData +); + +/** + * Returns the alert list state from within Global State + */ +function alertListStateSelector(state: GlobalState) { + return state.alertList; +} + +/** + * Calls the `secondSelector` with the result of the `selector`. Use this when re-exporting a + * concern-specific selector. `selector` should return the concern-specific state. + */ +function composeSelectors( + selector: (state: OuterState) => InnerState, + secondSelector: (state: InnerState) => ReturnValue +): (state: OuterState) => ReturnValue { + return state => secondSelector(selector(state)); +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/types.ts b/x-pack/plugins/endpoint/public/applications/endpoint/types.ts new file mode 100644 index 0000000000000..525983c9f8523 --- /dev/null +++ b/x-pack/plugins/endpoint/public/applications/endpoint/types.ts @@ -0,0 +1,26 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { Dispatch, MiddlewareAPI } from 'redux'; +import { CoreStart } from 'kibana/public'; +import { Immutable, AlertData } from '../../../common/types'; +import { EndpointListState } from './store/endpoint_list'; +import { AppAction } from './store/action'; + +export type MiddlewareFactory = ( + coreStart: CoreStart +) => ( + api: MiddlewareAPI, GlobalState> +) => (next: Dispatch) => (action: AppAction) => unknown; + +export type AlertListState = Immutable<{ + alerts: AlertData[]; +}>; + +export interface GlobalState { + readonly endpointList: EndpointListState; + readonly alertList: AlertListState; +} diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx new file mode 100644 index 0000000000000..dcb324e3597c2 --- /dev/null +++ b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx @@ -0,0 +1,80 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { memo, useState, useMemo } from 'react'; +import React from 'react'; +import { EuiDataGrid } from '@elastic/eui'; +import { useSelector } from 'react-redux'; +import * as selectors from '../../store/selectors'; +import { usePageId } from '../use_page_id'; + +export const AlertIndex = memo(() => { + usePageId('alertsPage'); + + const columns: Array<{ id: string }> = useMemo(() => { + return [ + { id: 'alert_type' }, + { id: 'event_type' }, + { id: 'os' }, + { id: 'ip_address' }, + { id: 'host_name' }, + { id: 'timestamp' }, + { id: 'archived' }, + { id: 'malware_score' }, + ]; + }, []); + + const [visibleColumns, setVisibleColumns] = useState(() => columns.map(({ id }) => id)); + + const json = useSelector(selectors.alertListData); + + const renderCellValue = useMemo(() => { + return ({ rowIndex, columnId }: { rowIndex: number; columnId: string }) => { + if (rowIndex > json.length) { + return null; + } + + const row = json[rowIndex]; + + if (columnId === 'alert_type') { + return row.value.source.endgame.metadata.key; + } else if (columnId === 'event_type') { + return row.value.source.endgame.data.file_operation; + } else if (columnId === 'os') { + return row.value.source.host.os.name; + } else if (columnId === 'ip_address') { + return row.value.source.host.ip; + } else if (columnId === 'host_name') { + return row.value.source.host.hostname; + } else if (columnId === 'timestamp') { + return row.value.source.endgame.timestamp_utc; + } else if (columnId === 'archived') { + return null; + } else if (columnId === 'malware_score') { + return row.value.source.endgame.data.malware_classification.score; + } + return null; + }; + }, [json]); + + return ( + + ); +}); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/use_page_id.ts b/x-pack/plugins/endpoint/public/applications/endpoint/view/use_page_id.ts new file mode 100644 index 0000000000000..9e241af4c0445 --- /dev/null +++ b/x-pack/plugins/endpoint/public/applications/endpoint/view/use_page_id.ts @@ -0,0 +1,20 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { useEffect } from 'react'; +import { useDispatch } from 'react-redux'; +import { PageId } from '../../../../common/types'; +import { RoutingAction } from '../store/routing'; + +/** + * Dispatches a 'userNavigatedToPage' action with the given 'pageId' as the action payload + */ +export function usePageId(pageId: PageId) { + const dispatch: (action: RoutingAction) => unknown = useDispatch(); + useEffect(() => { + dispatch({ type: 'userNavigatedToPage', payload: pageId }); + }, [dispatch, pageId]); +} diff --git a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/action.ts b/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/action.ts index 4153070ab04e7..7d3e64ab34f23 100644 --- a/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/action.ts +++ b/x-pack/plugins/endpoint/public/embeddables/resolver/store/camera/action.ts @@ -28,7 +28,7 @@ interface UserZoomed { * A value to zoom in by. Should be a fraction of `1`. For a `'wheel'` event when `event.deltaMode` is `'pixel'`, * pass `event.deltaY / -renderHeight` where `renderHeight` is the height of the Resolver element in pixels. */ - payload: number; + readonly payload: number; } interface UserSetRasterSize { diff --git a/x-pack/plugins/endpoint/server/plugin.ts b/x-pack/plugins/endpoint/server/plugin.ts index b1ae2adbdbb35..1f34ba1d36d97 100644 --- a/x-pack/plugins/endpoint/server/plugin.ts +++ b/x-pack/plugins/endpoint/server/plugin.ts @@ -10,6 +10,7 @@ import { PluginSetupContract as FeaturesPluginSetupContract } from '../../featur import { createConfig$, EndpointConfigType } from './config'; import { registerEndpointRoutes } from './routes/endpoints'; import { EndpointAppContext } from './types'; +import { registerAlertRoutes } from './routes/alerts'; export type EndpointPluginStart = void; export type EndpointPluginSetup = void; @@ -68,6 +69,7 @@ export class EndpointPlugin const router = core.http.createRouter(); addRoutes(router); registerEndpointRoutes(router, endpointContext); + registerAlertRoutes(router); } public start() { diff --git a/x-pack/plugins/endpoint/server/routes/alerts.ts b/x-pack/plugins/endpoint/server/routes/alerts.ts new file mode 100644 index 0000000000000..68992b5890928 --- /dev/null +++ b/x-pack/plugins/endpoint/server/routes/alerts.ts @@ -0,0 +1,31 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { IRouter } from 'kibana/server'; + +import json from './sampledata.json'; + +export function registerAlertRoutes(router: IRouter) { + router.get( + { + path: '/api/endpoint/alerts', + validate: false, + options: { authRequired: true }, + }, + async (context, req, res) => { + try { + return res.ok({ + body: json, + headers: { + 'Content-Type': 'application/json', + }, + }); + } catch (err) { + return res.internalError({ body: err }); + } + } + ); +} diff --git a/x-pack/plugins/endpoint/server/routes/sampledata.json b/x-pack/plugins/endpoint/server/routes/sampledata.json new file mode 100644 index 0000000000000..b0d6ae02f9f92 --- /dev/null +++ b/x-pack/plugins/endpoint/server/routes/sampledata.json @@ -0,0 +1,11350 @@ +[ + { + "type": "doc", + "value": { + "id": "huVEc20BW148Je-rzxwQ", + "index": "test_alert_data", + "source": { + "@timestamp": 1542789433000, + "agent": { + "id": "5085268f-7443-4f15-85d2-bf14b2a69c60", + "type": "endgame", + "version": "3.0.0" + }, + "ecs": { + "version": "1.1.0" + }, + "endgame": { + "data": { + "alert_details": { + "acting_process": { + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "12 fb c3 65 d3 1e 18 e4 43 7e ed f7 77 5e 0c fb ", + "subject_name": "Cybereason Inc" + }, + "cert_timestamp": { + "issuer_name": "", + "serial_number": "", + "subject_name": "", + "timestamp_string": "" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "cmdline": "\"C:\\Program Files\\Cybereason ActiveProbe\\AmSvc.exe\"", + "create_time": 1542788400, + "domain": "NT AUTHORITY", + "exe": "C:\\Program Files\\Cybereason ActiveProbe\\AmSvc.exe", + "hashes": { + "md5": "1f2d082566b0fc5f2c238a5180db7451", + "sha1": "ca85243c0af6a6471bdaa560685c51eefd6dbc0d", + "sha256": "8ad40c90a611d36eb8f9eb24fa04f7dbca713db383ff55a03aa0f382e92061a2" + }, + "imphash": "c30d230b81c734e82e86e2e2fe01cd01", + "is_sensor": false, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "md5": "1f2d082566b0fc5f2c238a5180db7451", + "modules": [ + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "12 fb c3 65 d3 1e 18 e4 43 7e ed f7 77 5e 0c fb ", + "subject_name": "Cybereason Inc" + }, + "cert_timestamp": { + "issuer_name": "", + "serial_number": "", + "subject_name": "", + "timestamp_string": "" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1534424710, + "hashes": { + "imphash": "c30d230b81c734e82e86e2e2fe01cd01", + "md5": "1f2d082566b0fc5f2c238a5180db7451", + "sha1": "ca85243c0af6a6471bdaa560685c51eefd6dbc0d", + "sha256": "8ad40c90a611d36eb8f9eb24fa04f7dbca713db383ff55a03aa0f382e92061a2" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 5362483200, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\AmSvc.exe", + "signature_signer": "Cybereason Inc", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 b3 f5 00 00 00 00 00 0d ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 05:28" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258681, + "hashes": { + "imphash": "d41d8cd98f00b204e9800998ecf8427e", + "md5": "3556d5a8bf2cc508bdab51dec38d7c61", + "sha1": "92015f7bbdb9dad35e41c533d2c5b85f1cd63d85", + "sha256": "91e3d98ad3119e8addf8d2aa1dd6795162842fff7101e4c70c5137e847b4ff50" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 2006056960, + "mapped_size": 0, + "path": "C:\\Windows\\SYSTEM32\\ntdll.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258315, + "hashes": { + "imphash": "9165b02c931d76a9b666d8d42128111b", + "md5": "7a6326d96d53048fdec542df23d875a0", + "sha1": "5c02af0206c299f5bcab8da4237cfc92e3e93495", + "sha256": "182351570856cd6eedd9df7e2fb8ab76bd4d8fc70be11ad5de6484cfd70c21c6" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 2004877312, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\kernel32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258316, + "hashes": { + "imphash": "3f7fb1504bb73a54888bf1c3650fe4cf", + "md5": "da68c291b4ef2dec9c5963266bcae454", + "sha1": "5696e8c68fcf64104499e20e7cd5452b58b4f4ba", + "sha256": "21aa4779fc21e762178517268c95467238c92851ad9160bffc36b2379c58337f" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791760109568, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\KERNELBASE.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258929, + "hashes": { + "imphash": "2cb501375ed127591bf5cfee7f1e52fe", + "md5": "fe70103391a64039a921dbfff9c7ab1b", + "sha1": "e0019d9442aeebd3bb42a24c38aa2fae4c6bd4f5", + "sha256": "f7d219d75037bc98f6c69143b00ab6000a31f8b5e211e0af514f4f4b681522a0" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 2003828736, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\USER32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258001, + "hashes": { + "imphash": "51945fdf9aaf56aeb9d6fa1f21b638ce", + "md5": "1084aa52ccc324ea54c7121fa24c2221", + "sha1": "b13ef924708fa88577931ed0337000e90adcdf5b", + "sha256": "6e972cf624f7c0de8190434b3b30279a01c551713109f97b9ebb77fac9364754" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791780163584, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\GDI32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534943, + "hashes": { + "imphash": "919110853c18aa198ad129945337b1dd", + "md5": "d202223587518b13d72d68937b7e3f70", + "sha1": "916a3ce858f074f57dd9dac01be5cd4649f19887", + "sha256": "9db971b866d058adbb518dd99b87c5db8dd1e7c9073755b989ae7e9fb62901e8" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791780622336, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\LPK.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258933, + "hashes": { + "imphash": "17bf46cf6bf6c8cae48be5b75615a353", + "md5": "2f8b1e3ee3545d3b5a8d56fa1ae07b65", + "sha1": "66310680ee38904b2852717af13028e53b4e8b8e", + "sha256": "2a3ec01f3bafe7d7d656886437f7ffecce440c0d3f3467804769ab4bf1ff7a99" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791788552192, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\USP10.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535038, + "hashes": { + "imphash": "8c99b1c0f6cf68b07336751f460f1dba", + "md5": "7319bb10fa1f86e49e3dcf4136f6c957", + "sha1": "3eea5ee8bafb2b9975b236c5c5655df6f4b42aa1", + "sha256": "60de43ab267fd41c9804369b569139add30ed4e295c425f44fc04d3fcc95fca2" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791775444992, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\msvcrt.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534699, + "hashes": { + "imphash": "e1ee2d71958d21e0e1bf887dfe76af7f", + "md5": "6df46d2bd74e3da1b45f08f10d172732", + "sha1": "3491f8f9a73c00b158e43a530210d67a4f0598ae", + "sha256": "2dc945f6f2c4a82189bc7da2fcbb7d9a0e2588a909539249e55ba82468e0c677" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791781736448, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\ADVAPI32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535198, + "hashes": { + "imphash": "b8ba136689cdc8d8b25fc04902f39a22", + "md5": "83404dcbce4925b6a5a77c5170f46d86", + "sha1": "22bda6b9da4fcf492b4dd16554b0c0e27e1b8667", + "sha256": "d669614d0b4461db244ad99fbe1ba92ceb9b4ed5ec8e987e23764e77d9ac7074" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791777214464, + "mapped_size": 0, + "path": "C:\\Windows\\SYSTEM32\\sechost.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258798, + "hashes": { + "imphash": "46876e4adb924a616ddbbb1992d61257", + "md5": "0611473c1ad9e2d991cd9482068417f7", + "sha1": "c4a3fa902dedad5d448e1d8b2d113cae1dcf2f7a", + "sha256": "90afcc2a60350ece27e75e76459132ef0fa28ef283ce88fced4b82735a93ecda" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791787307008, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\RPCRT4.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "12 fb c3 65 d3 1e 18 e4 43 7e ed f7 77 5e 0c fb ", + "subject_name": "Cybereason Inc" + }, + "cert_timestamp": { + "issuer_name": "", + "serial_number": "", + "subject_name": "", + "timestamp_string": "" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1534424472, + "hashes": { + "imphash": "a24cfb84e3006f3634d5b09aed45c264", + "md5": "56e6aa240cf6503265fbe5cf4d5889e8", + "sha1": "2678a3c08b2f82598527bd0c064eb1be5877e277", + "sha256": "4e7e127e2818eeb2de34a9369dcaca233443f085e53706c969592a9907df2ae8" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791710957568, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\AP.dll", + "signature_signer": "Cybereason Inc", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "12 fb c3 65 d3 1e 18 e4 43 7e ed f7 77 5e 0c fb ", + "subject_name": "Cybereason Inc" + }, + "cert_timestamp": { + "issuer_name": "", + "serial_number": "", + "subject_name": "", + "timestamp_string": "" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1534424450, + "hashes": { + "imphash": "f12460104bb4725d7964cf569f727f61", + "md5": "58017789505c114426b63c775debc12b", + "sha1": "0a348ca38bbcf851083578b77a8263765bd9b5e7", + "sha256": "1bd7d7b7b69e15adb6fcf0b520a7107eb5270163935e1f50fcee85ed65440b46" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791706894336, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\Protobuf.dll", + "signature_signer": "Cybereason Inc", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "12 fb c3 65 d3 1e 18 e4 43 7e ed f7 77 5e 0c fb ", + "subject_name": "Cybereason Inc" + }, + "cert_timestamp": { + "issuer_name": "", + "serial_number": "", + "subject_name": "", + "timestamp_string": "" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1438071093, + "hashes": { + "imphash": "341d1190606326748a708433d5d0cc36", + "md5": "0a2be3ed5a71082e5f9296f79323a639", + "sha1": "6acb15e8191b5530297c807d3066b1a71f4326d4", + "sha256": "8847013e01db09adab6a1dc338803df3696730577a0dda847847540529048aae" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791705714688, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\libprotobuf.dll", + "signature_signer": "Cybereason Inc", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Code Signing PCA", + "serial_number": "33 00 00 00 b0 11 af 0a 8b d0 3b 9f dd 00 01 00 00 00 b0 ", + "subject_name": "Microsoft Corporation" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "33 00 00 00 2b 39 32 48 c1 b2 c9 48 f3 00 00 00 00 00 2b ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "10/04/2013 22:49" + }, + "more_info_link": "http://microsoft.com", + "program_name": "msvcp120.dll", + "publisher_link": "" + }, + "compile_time": 1380942867, + "hashes": { + "imphash": "d0a59246eab41d54812cd63c2326e1f1", + "md5": "46060c35f697281bc5e7337aee3722b1", + "sha1": "d0164c041707f297a73abb9ea854111953e99cf1", + "sha256": "2abf0aab5a3c5ae9424b64e9d19d9d6d4aebc67814d7e92e4927b9798fef2848" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791704993792, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\MSVCP120.dll", + "signature_signer": "Microsoft Corporation", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Code Signing PCA", + "serial_number": "33 00 00 00 b0 11 af 0a 8b d0 3b 9f dd 00 01 00 00 00 b0 ", + "subject_name": "Microsoft Corporation" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "33 00 00 00 2b 39 32 48 c1 b2 c9 48 f3 00 00 00 00 00 2b ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "10/04/2013 22:49" + }, + "more_info_link": "http://microsoft.com", + "program_name": "msvcr120.dll", + "publisher_link": "" + }, + "compile_time": 1380942847, + "hashes": { + "imphash": "8f18e22935ef8b336e246ee763fbec97", + "md5": "9c861c079dd81762b6c54e37597b7712", + "sha1": "62cb65a1d79e2c5ada0c7bfc04c18693567c90d0", + "sha256": "ad32240bb1de55c3f5fcac8789f583a17057f9d14914c538c2a7a5ad346b341c" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791704010752, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\MSVCR120.dll", + "signature_signer": "Microsoft Corporation", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258732, + "hashes": { + "imphash": "faad2d5bf5c0ca9639e07a49e8c5d8ae", + "md5": "6c60b5aca7442efb794082cdacfc001c", + "sha1": "aae17944782b25f41f7b3a756532b4923f4ae817", + "sha256": "fc1d9124856a70ff232ef3057d66bee803295847624ce23b4d0217f23af52c75" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791791894528, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\ole32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258736, + "hashes": { + "imphash": "774fed8966de60d3af2dd9070df5be6f", + "md5": "42f05f980f164e084db65b2e8cd8430f", + "sha1": "86498b3c5bbc240b9de0a10f2cb4185e754de6d7", + "sha256": "0813749847b08f6577791d18ad9eca6dff5b41c2f727ab5ee9e5bf9602ed50cb" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791783899136, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\OLEAUT32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258981, + "hashes": { + "imphash": "1ec347d133df2fe4da3e5f8944caeae8", + "md5": "4bbfa57f594f7e8a8edc8f377184c3f0", + "sha1": "d48aafa576b40a5e386e609bba1010472551154a", + "sha256": "9f3ac5dea5a6250c3dbb97af79c81c0a48429486521f807355a1d7d3d861b75f" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791779835904, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WS2_32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535145, + "hashes": { + "imphash": "579f52f57e43aa6ff0d07e88af5d0ff5", + "md5": "044fe45ffd6ad40e3bbbe60b7f41babe", + "sha1": "94233c0d4169c02c85514adb1f05cd3298c87f43", + "sha256": "a1688a5e6e0f7037c850699462c2655006a7d873c97f9ab406c59d81749b6f09" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791791828992, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\NSI.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258859, + "hashes": { + "imphash": "4b37cbf60127ea0550ec30e0b1c52984", + "md5": "eaf32cb8c1f810e4715b4dfbe785c7ff", + "sha1": "3b099b193abb9064e6937101d0c309f04d713882", + "sha256": "db6ad07fded42433e669508ab73faff6daff04575d6f1d016fe3eb6ecec4dd5d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791784816640, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\SHLWAPI.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257495, + "hashes": { + "imphash": "fd8a6a2046d9572b7f8f4288ae251c61", + "md5": "497bfeddaf3950dd909c3b0c5558a25d", + "sha1": "5d55bdc156372f51eb126f7bc2a8af161a1ef254", + "sha256": "980ea189929d95eb36e35980fff0c81f7b78de9422771fde8f4ac7a779f5bd89" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791730683904, + "mapped_size": 0, + "path": "C:\\Windows\\WinSxS\\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\\gdiplus.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258138, + "hashes": { + "imphash": "0bc508389b6b5577cf3cca214ca523a7", + "md5": "2b81776da02017a37fe26c662827470e", + "sha1": "8c85389640bea73a009d83079f8b4c963697035f", + "sha256": "a656353c50ee08422145d00db9cfd9f6d3e664753b3c454b171e2a56a8aa94dc" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791725375488, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\IPHLPAPI.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535281, + "hashes": { + "imphash": "e710d6d30f2346e7cd91c89ec3b602d9", + "md5": "4c9210e8f4e052f6a4eb87716da0c24c", + "sha1": "d4fa50aded12eb162478d7606f1270b78dd1a44b", + "sha256": "460f7990bdadb7d58d6dc95b094d30a2efdc4ceed444b18a2f36e8d9076fb8b9" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791725113344, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WINNSI.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247527581, + "hashes": { + "imphash": "be693a67b5b884d7609eaf574ba00955", + "md5": "d87e1e59c73c1f98d5ded5b3850c40f5", + "sha1": "141c0ebecdd2733b90431f18b188ee0b64456268", + "sha256": "536419bff9f877d4314b5d0c045d9a6e729489c389863fadf07e382050bc84fd" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 2007957504, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\PSAPI.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "12 fb c3 65 d3 1e 18 e4 43 7e ed f7 77 5e 0c fb ", + "subject_name": "Cybereason Inc" + }, + "cert_timestamp": { + "issuer_name": "", + "serial_number": "", + "subject_name": "", + "timestamp_string": "" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1472978395, + "hashes": { + "imphash": "3a8c832bddbba9333df28c1da212318e", + "md5": "e1c637922e34d868ebcd6ef199cf1394", + "sha1": "01c19a0137082a03ecace613506af5fe9a66a12b", + "sha256": "0c0c7b4c9926413c285fa2345f08b895888887156277e535851a1f1d774e6c6c" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791703158784, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\SQLite2015.dll", + "signature_signer": "Cybereason Inc", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534912, + "hashes": { + "imphash": "d76d7be0b8ac9aafe17d2cc7deb32b29", + "md5": "aa2c08ce85653b1a0d2e4ab407fa176c", + "sha1": "0119c23d88292a0e4fec04d5cf8629005a44e37c", + "sha256": "83dfd0c119b20aedb07114c9d1cf9ce2dfa938d0f1070256b0591a9e2c3997fa" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791790977024, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\IMM32.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535018, + "hashes": { + "imphash": "b523fff180cb22465ccf191b827e9923", + "md5": "c431eaf5caa1c82cac2534a2eab348a3", + "sha1": "e425577ccfc9b92efbbcb760d21fcaa478d3e51a", + "sha256": "addf850128dc675e67faba9a3d0d27e684f01f733962ca22927bb94503549e44" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791776100352, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\MSCTF.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534874, + "hashes": { + "imphash": "621a31b25a9ef1d128ea281b3eab572b", + "md5": "0040c486584a8e582c861cfb57ab5387", + "sha1": "bcf326e3f79b3db028c2ef1cc1a47d9697e867e7", + "sha256": "5ee17b55cb702d14ae75b19226de21cd2498bda6c6ef5872fdb8a718f401fed1" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791724654592, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\fwpuclnt.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258848, + "hashes": { + "imphash": "cc4d63ca30fdbb90048e549782d2116a", + "md5": "858df0795cb5b4bace0f33708925a414", + "sha1": "e629ed78e6e1829263890974760dad8a431edf69", + "sha256": "a9063af8d5c73a722bd269d144d8a65c98db4cfdd9f626e3a8283754e22c8c9c" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791753031680, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\Secur32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258854, + "hashes": { + "imphash": "9c631776d86c9b15258c3cc2a6a7891d", + "md5": "26e716ed95dc48cf6e5ac046089366af", + "sha1": "2bd96b8ae5ae3ad14c16d2a98a91a9a9f26d179d", + "sha256": "f686d557b7ac1688efc7cb48311290d713d3db2e9e61e947098a7c80e3a1b9e9" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791761092608, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\shell32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "3d b2 9a 36 51 f3 f5 e4 9c e0 79 d2 83 95 76 30 ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "11/29/2016 03:22" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1480418473, + "hashes": { + "imphash": "f89e0a919d52e2b37d82d27f521530cf", + "md5": "f1a6e89598aa63a2efcfd1e31b44fe7c", + "sha1": "cd3a39758e72f42ef077c0ad9dd700509a032da6", + "sha256": "1ee6540520a7a84bc22036be42052303b5aed9911c9e8a04184a0688c63576f8" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791699816448, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\BDUpdateServiceCom.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258594, + "hashes": { + "imphash": "2bd8f9f72a13c2803ac3d34b805130b9", + "md5": "764908fe1fa96f93c95b1b67a0fced29", + "sha1": "88d0027e5d10158e3678d9eb2326779fef8a64d1", + "sha256": "26ef25ab307903c5e806a8cc3b750a491049e5d1225ceddfce64dd51aa6f592b" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791720656896, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\NETAPI32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258588, + "hashes": { + "imphash": "96f28fef38c977afbf3f6e8f39c0d6b9", + "md5": "6ceca4c6a489c9b2e6073afdaae3f607", + "sha1": "b228f6208642cb99e5bcdf2d3ebda2b8bc4fb020", + "sha256": "127506d1db38275614cbeb047c133718ef9d03266ba9c98be55ec7847cfc9c3d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791720198144, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\netutils.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258920, + "hashes": { + "imphash": "2d37f2d4b3c246f361ca150fc7ebf8d4", + "md5": "3a9c9baf610b0dd4967086040b3b62a9", + "sha1": "3207ac7f895eab34623d994548d7810e54be3e79", + "sha256": "e8e9a0f42b1ee7806edceed08aa024d037215d06ca317e3678bd5364ad513d23" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791751524352, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\srvcli.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290259010, + "hashes": { + "imphash": "6ad99a405bde55d6a18debafd3f5e5c5", + "md5": "3c91392d448f6e5d525a85b7550d8ba9", + "sha1": "b62eaf7d80617e136a8f3c9161c23464e6f2a171", + "sha256": "6fd0dc73dbe7519e2c643554c2a7f8fbe4f9a678c4241bb54b3c6e65d2abcf3a" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791720067072, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\wkscli.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535234, + "hashes": { + "imphash": "13ecfa3a285149680a7a4b174c8b8f5b", + "md5": "94e026870a55aaeaff7853c1754091e9", + "sha1": "a4f845318e095d841b05e1400747ee4c28e1f28e", + "sha256": "b2f5d5629d12bdfa98dbed3898368f37d9009c7531b6909c7285a2c11c9a0f93" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791741169664, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\VERSION.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "3d b2 9a 36 51 f3 f5 e4 9c e0 79 d2 83 95 76 30 ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "01/18/2017 09:26" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1484760175, + "hashes": { + "imphash": "b33f679b12d9d05d922e720c0e21818c", + "md5": "1e5ea729f6dc5a8aff675a45706d389d", + "sha1": "f5a70ab4772325946a93c9eaf48ebe1dd1e7d3a3", + "sha256": "35da922b25ec8389a733f46a6c0d37c2c6b05463a123cde9fee48402c473e1ef" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791699161088, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\scan.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "3d b2 9a 36 51 f3 f5 e4 9c e0 79 d2 83 95 76 30 ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "11/22/2016 08:08" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1479830743, + "hashes": { + "imphash": "513a166377e008d25aa2e22983dd13ff", + "md5": "3450d998edec5cdbd03b0df09c17e02d", + "sha1": "558979fb1a9368acdf2dc1e3d1afd94e7343f914", + "sha256": "c1f24493e4fc2a9c5d17e077455c3a610ad1e5fa46590f0f9598e680e5a07556" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791698702336, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\gzfltum.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "3d b2 9a 36 51 f3 f5 e4 9c e0 79 d2 83 95 76 30 ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "01/16/2017 05:34" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1484573247, + "hashes": { + "imphash": "d6d5dc292fe4d710905e9f280360309d", + "md5": "9f1bcf84eaa34afbdfcf19f22fc1d6f5", + "sha1": "e15e023d46738f4848f64ce853ada6a3083f8b7f", + "sha256": "d1c30b1a7fc63c4f52b00628c3e73f571db52ff2b87718bcb5a6322923f58987" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791696343040, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\bdquar.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "3d b2 9a 36 51 f3 f5 e4 9c e0 79 d2 83 95 76 30 ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "01/16/2017 05:34" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1484573248, + "hashes": { + "imphash": "4e1a791e94ac955105ddfaac387de22f", + "md5": "874d6017f89a2ef255a16280ed4b1bf7", + "sha1": "8951c3ab1c9ea0c312206b98d22a9779c8a89c8c", + "sha256": "00512202b78037c17a77b095fcb3458381002dbd20de8dee0c99ff7701343cda" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791693721600, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\BDSmartDB.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257756, + "hashes": { + "imphash": "5cd9d6761799e2ff681533ef1ffbb31d", + "md5": "2477a28081bdaee622cf045acf8ee124", + "sha1": "304c5f29fa847fbd994ad7a0471214198b928c14", + "sha256": "00a09caf9129e84feea98fa03ce9012c9f961b64fee15c4f268822c0f82acc3c" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791757291520, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CFGMGR32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "DigiCert Assured ID Code Signing CA-1", + "serial_number": "0f b5 4c 96 fd 63 93 fd 7b b9 9c d1 d0 d5 16 ed ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "09/12/2018 01:20" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1512623776, + "hashes": { + "imphash": "e2dab13fa4a67b25d3fbae65a189c521", + "md5": "627d7f1de23e6b01d6251b4c6962e765", + "sha1": "5e1d1854861016198ce4a1dbdea883f257de9463", + "sha256": "82bdf513b5f5b55ff740482ee839b14455b2296e2a911cb9a1ae622969412ed5" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791688937472, + "mapped_size": 0, + "path": "C:\\ProgramData\\apv2\\bd_db\\1\\bdcore.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "3d b2 9a 36 51 f3 f5 e4 9c e0 79 d2 83 95 76 30 ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "09/13/2017 23:13" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1505278115, + "hashes": { + "imphash": "c2979e6e570392ed85b4e15810f2e90f", + "md5": "3b4c71b64bc20b0c6578a091a031c0fb", + "sha1": "00cb578e723555e929e4ad8e820772b56ce29475", + "sha256": "52db08c10a5f1482dda8527d592f71b33c1cfecfa5a5a2d0be5a78325c41dd7b" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791679827968, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\bdnc.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257999, + "hashes": { + "imphash": "04534d8dae5ab230b9bee9b1b0b2829d", + "md5": "3f9f2afa135f0663946a006dd5ffd897", + "sha1": "ea6456859b04b68af8dcd453381dd168af53fc5e", + "sha256": "276d1c9c78c529625c2ef3d77079324628686ea184767971901a1de93681c133" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791758209024, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CRYPT32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258373, + "hashes": { + "imphash": "2e50bc5d9fe777770c8a6b2cfaf6b2e9", + "md5": "884415bd4269c02eaf8e2613bf85500d", + "sha1": "c3a64f05c210b38c69d8f1fc1d74a71b56ada30c", + "sha256": "efe771709ec942694fd206ac8d0a48ed7dcd35036f074268e4aecd68ac982cea" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791757225984, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\MSASN1.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535280, + "hashes": { + "imphash": "af1203c1d6d810c97729856780869b12", + "md5": "ef2ae43bcd46abb13fc3e5b2b1935c73", + "sha1": "c53e005cd04d99331ce3114ac119256133202313", + "sha256": "81fc06f306f620845d7dd8d06e706309e70bc89b589c81f3478302a3f5f73431" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791679172608, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WINMM.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258927, + "hashes": { + "imphash": "b32250da0d30f7782b5b900d4d9c519a", + "md5": "2a86e54b441ad41557f75dc5609b9793", + "sha1": "83ddcf8a1a0ca423bf8417f5e59b5c431bf50c43", + "sha256": "8fede6909413c0fa5b63d58d39affd0f6c3beeaf19b7b2f8674913abfd79a912" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791754866688, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\SSPICLI.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258493, + "hashes": { + "imphash": "466f15f36f10655b30e9347e7dfc2b52", + "md5": "1d5185a4c7e6695431ae4b55c3d7d333", + "sha1": "5e9f739d46e20541ffc0a6421dc6be416ca8f261", + "sha256": "16f3906c54f1d71559836fdfcf4e83e7c9f454463d78fd577ad2d7022e0bcb51" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791748378624, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\mswsock.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535287, + "hashes": { + "imphash": "f967c6b35a5d1b7765016056a842e331", + "md5": "31559f3244c6bc00a52030caa83b6b91", + "sha1": "7943540153c7b7878101a4901d7935e05e7cfd32", + "sha256": "b2025742b5f0025ace9821d5722de3f997eeeab21d2f381c9e307882df422579" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791742021632, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\wshtcpip.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534998, + "hashes": { + "imphash": "77870f98ca4d25a823c74d7404a64bfd", + "md5": "d0c2fbb6d97416b0166478fc7ae2b212", + "sha1": "e290bdf2312ac30a4e9f2a96d7c84714eee84899", + "sha256": "7eab6c37f0a845e645ca44cc060ac6c56e386c7ef7a64716c6786c9602ad8c9d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791748771840, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CRYPTSP.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 17:43" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1247535161, + "hashes": { + "imphash": "b8c20a01e4d94df61ee21f5350389f9c", + "md5": "5d8874a8c11dddde29e12de0e2013493", + "sha1": "a1c8e3e6ee44dcb68752d44b3b6f4ecce89c388d", + "sha256": "3e9a57137bf622af83e3e4d58971e2c0200559cca7545d16cf263aa03ee9c7d2" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791745626112, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\rsaenh.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534993, + "hashes": { + "imphash": "f0c6fd6831905d958b05645b680db89f", + "md5": "784fa3df338e2e8f5f0389d6fac428af", + "sha1": "6d32c67c91c6d374854e907c6719db2538540867", + "sha256": "9c8aa0cfdeb9e38aaf8eb08626070e0f0364f4f8a793cfe3532ec6c007980c34" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791755456512, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CRYPTBASE.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257906, + "hashes": { + "imphash": "ff74e3ff0a015c2023b747f613061e42", + "md5": "a52b6cc24063cc83c78c0e6f24deec01", + "sha1": "a5384efac7d1f9213aaf0423ed0b021bc986b9df", + "sha256": "77e0d2b2356e71f9be52fa479c9dde17c453c198bb49cd4a97f2309628d82e3b" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791746805760, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\DNSAPI.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534791, + "hashes": { + "imphash": "59b31e42f8fae7b5809ba7fcae732e0c", + "md5": "4cbcc37856ea2039c27a2fb661dda0e5", + "sha1": "cc666108d34168420a1d1942dda1e090154c7296", + "sha256": "74cbfab3092a9564bddfcb84db3e3f8bcfd1492938adf187423d3355d73d21c6" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791722557440, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\dhcpcsvc6.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534790, + "hashes": { + "imphash": "f17020f0f66b64fbdf51c75b43f3729d", + "md5": "f568f7c08458d69e4fcd8675bbb107e4", + "sha1": "c1e05f0255a6f386711044b11e2d04dfd328b26a", + "sha256": "a5fa25ecf248999a68ccecfbb508bfa1add18a23e20a9a9081a87c41caaa36c0" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791722426368, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\dhcpcsvc.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534847, + "hashes": { + "imphash": "dda6776607f283829d85b996f5e46d03", + "md5": "f3d202f53a222d5f6944d459b73cf967", + "sha1": "c9db224ce8ec34aa2f341b6766ea67aa12f8b4a7", + "sha256": "e9f1d48eb333d32331bcfd0348fe07bee7d5352292e6020571da395f596affe7" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791675961344, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\FLTLIB.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535135, + "hashes": { + "imphash": "ff720e05e534d67b814b8562265058f5", + "md5": "2c942733a5983dd4502219ff37c7ebc7", + "sha1": "263e8fbf77c0ceead0c9bca56394bffa4a664361", + "sha256": "34b20b6b0d7274e4b5b783f1d2345bc3dd9888964d5c2c65712f041a00cf5b45" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791756308480, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\profapi.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290259008, + "hashes": { + "imphash": "b2ecd39ae0055d9e1b8aa5bc78942cba", + "md5": "eb3f9c2de1236b5d46b2291d82970e43", + "sha1": "0ce9ddc1063256ab571b916389321fd7f572ddc0", + "sha256": "8a43d335f3d573bed98af54bb51e82546c2acc025da8a48d801213eb14e9d5d4" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791759847424, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WINTRUST.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534778, + "hashes": { + "imphash": "37afbae3e0f359c3718e379261f7ccfc", + "md5": "25983de69b57142039ac8d95e71cd9c9", + "sha1": "01691e3b0bfa569e64bdb7dc3d637a867ed2dc08", + "sha256": "a677da7ebcbcb6073d27e8a38809f51e971e83ed379bc599aaad6ef4216348da" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791791173632, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CLBCatQ.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258799, + "hashes": { + "imphash": "a198edd0f73abd7cdbb54eef82ab1fc6", + "md5": "c2a8cb1275ecb85d246a9ecc02a728e3", + "sha1": "4417207821fc8f5c72ff531683f183caef297882", + "sha256": "3603fadca0060bd201148f9d59e4e2627f024609a6463ab525b5d1ad17bdcd10" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791756177408, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\RpcRtRemote.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258979, + "hashes": { + "imphash": "207b35260128e01bb777acc1377dc241", + "md5": "58f4493bf748a3a89689997b7bd00e95", + "sha1": "9974ba41e8215f6669deb765988cfe34e9c1b56e", + "sha256": "ec5deec73e357c7c87b001275c4e635011a9cf39419f2b86e2c2b8d7e388c551" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791697915904, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\winhttp.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258934, + "hashes": { + "imphash": "01ecfbe4437ca8d85dd9400611c1b90e", + "md5": "bc9489df517c426d4044d99f14449134", + "sha1": "814f9c8c59ee59f2ff3fc1b5e21d5e270babb506", + "sha256": "cabd014ba29a548252bb8d5bd46d047dbfc445489492d9df75b29cede0ac9f8b" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791697457152, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\webio.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257996, + "hashes": { + "imphash": "eb1c8dd21e1f92a8be35a76b165ce8da", + "md5": "52d3d5e3586988d4d9e34acaac33105c", + "sha1": "2c20246d2c45fb6e8976b37ad62465f5f4255f2b", + "sha256": "c61b60ba962b25b8334f0941c3535ea4aca1cc060b8a196e396ca3e11ceef8a1" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791744577536, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\credssp.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535281, + "hashes": { + "imphash": "9e65c315ab3a48dda5ab558165a5002b", + "md5": "ec7cbff96b05ecf3d366355b3c64adcf", + "sha1": "fa74a61ea56a7bc3149860b5344c51fa9b6555bb", + "sha256": "f69ed45ebedca9cf000ac03281f0ec2c351f98513fba90e63394e4e561d6c7a2" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791748313088, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\wship6.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535149, + "hashes": { + "imphash": "c2a02641f5327bf07de486ae7ec62117", + "md5": "88351b29b622b30962d2feb6ca8d860b", + "sha1": "3338d73b6c86fce85b07236ac230e5e2f4601818", + "sha256": "a16cad7d94c1c9807083bb36e9b4c3c14e6482c4ca2bdfacbcc86e737ddce42e" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791678255104, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\rasadhlp.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258810, + "hashes": { + "imphash": "34991d52051c8576ed061e7a2c5a4ae0", + "md5": "a199de544bf5c61c134b22c7592226fc", + "sha1": "03d97c806e4a28bb37d8c8384deddd6ac28acc9d", + "sha256": "af0cc2da847036f5fe6dd9fbeda7c3d05af291873d4eae121676dc6e8841a78f" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791746215936, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\schannel.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535060, + "hashes": { + "imphash": "6a351d0e14283da2cd897563f0062c5b", + "md5": "2e8c52a0ec788d90fa35d9507d828771", + "sha1": "0725085c62d3a5a9a0d50256c2a56161aaca0a07", + "sha256": "dd5aaa10e075f209d9827c7a192ad5645d1156c149db9b5ac1ef7b5e0b5f11de" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791750344704, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\ncrypt.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534713, + "hashes": { + "imphash": "9f3aab7eb2ffeeba57cb67496b05f365", + "md5": "b9a95365e52f421a20e1501935fadda5", + "sha1": "958a7ba90043f8e3b94da849a2da8bb139fc39c9", + "sha256": "ddb4cb575139233efaf2c59b7e9b04af36bbccc63190181f3b2a7e6bfc86e77e" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791750148096, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\bcrypt.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 34 64 00 00 00 00 00 0c ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 05:28" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257648, + "hashes": { + "imphash": "738644d200eea1ceb5661b1ac09aa146", + "md5": "d6c7780a364c6bbacfa796bab9f1b374", + "sha1": "15236c349be131790d21a63550d725cc62b1bf13", + "sha256": "3b5ed1a030bfd0bb73d4ffcd67a6a0b8501ef70293f223efaa12f430adf270f9" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791744839680, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\bcryptprimitives.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258932, + "hashes": { + "imphash": "0e8a67fa12ce3d22a9e1d18bda5c3260", + "md5": "7a17485dc7d8a7ac81321a42cd034519", + "sha1": "83d1722a35eb16b010d8c9f72c627e97d4642101", + "sha256": "88d8705fa901793fc8c1cfd0175e49a6502bf0fc94a066ba573d2fd13aa5f04a" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791743201280, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\USERENV.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534853, + "hashes": { + "imphash": "1bcae470249f30c5f912c1293a2d3470", + "md5": "9c9307c95671ac962f3d6eb3a4a89bae", + "sha1": "6190ce7b101c5946b1d773245d286a1e592f5181", + "sha256": "d1433791c9b8bceead8937ec18d33e89e4e2012b5975228a8500fd141bc30078" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791743070208, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\GPAPI.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + } + ], + "name": "AmSvc.exe", + "parent_exe": "C:\\Windows\\System32\\services.exe", + "parent_name": "services.exe", + "pid": 1076, + "ppid": 432, + "primary_token": { + "domain": "NT AUTHORITY", + "integrity_level": 16384, + "integrity_level_name": "system", + "privileges": [ + { + "description": "Replace a process level token", + "enabled": false, + "name": "SeAssignPrimaryTokenPrivilege" + }, + { + "description": "Lock pages in memory", + "enabled": true, + "name": "SeLockMemoryPrivilege" + }, + { + "description": "Adjust memory quotas for a process", + "enabled": false, + "name": "SeIncreaseQuotaPrivilege" + }, + { + "description": "Act as part of the operating system", + "enabled": true, + "name": "SeTcbPrivilege" + }, + { + "description": "Manage auditing and security log", + "enabled": false, + "name": "SeSecurityPrivilege" + }, + { + "description": "Take ownership of files or other objects", + "enabled": false, + "name": "SeTakeOwnershipPrivilege" + }, + { + "description": "Load and unload device drivers", + "enabled": true, + "name": "SeLoadDriverPrivilege" + }, + { + "description": "Profile system performance", + "enabled": true, + "name": "SeSystemProfilePrivilege" + }, + { + "description": "Change the system time", + "enabled": false, + "name": "SeSystemtimePrivilege" + }, + { + "description": "Profile single process", + "enabled": true, + "name": "SeProfileSingleProcessPrivilege" + }, + { + "description": "Increase scheduling priority", + "enabled": true, + "name": "SeIncreaseBasePriorityPrivilege" + }, + { + "description": "Create a pagefile", + "enabled": true, + "name": "SeCreatePagefilePrivilege" + }, + { + "description": "Create permanent shared objects", + "enabled": true, + "name": "SeCreatePermanentPrivilege" + }, + { + "description": "Back up files and directories", + "enabled": true, + "name": "SeBackupPrivilege" + }, + { + "description": "Restore files and directories", + "enabled": true, + "name": "SeRestorePrivilege" + }, + { + "description": "Shut down the system", + "enabled": false, + "name": "SeShutdownPrivilege" + }, + { + "description": "Debug programs", + "enabled": true, + "name": "SeDebugPrivilege" + }, + { + "description": "Generate security audits", + "enabled": true, + "name": "SeAuditPrivilege" + }, + { + "description": "Modify firmware environment values", + "enabled": false, + "name": "SeSystemEnvironmentPrivilege" + }, + { + "description": "Bypass traverse checking", + "enabled": true, + "name": "SeChangeNotifyPrivilege" + }, + { + "description": "Remove computer from docking station", + "enabled": false, + "name": "SeUndockPrivilege" + }, + { + "description": "Perform volume maintenance tasks", + "enabled": false, + "name": "SeManageVolumePrivilege" + }, + { + "description": "Impersonate a client after authentication", + "enabled": true, + "name": "SeImpersonatePrivilege" + }, + { + "description": "Create global objects", + "enabled": true, + "name": "SeCreateGlobalPrivilege" + }, + { + "description": "Increase a process working set", + "enabled": true, + "name": "SeIncreaseWorkingSetPrivilege" + }, + { + "description": "Change the time zone", + "enabled": true, + "name": "SeTimeZonePrivilege" + }, + { + "description": "Create symbolic links", + "enabled": true, + "name": "SeCreateSymbolicLinkPrivilege" + } + ], + "sid": "S-1-5-18", + "type": "tokenPrimary", + "user": "SYSTEM" + }, + "services": [ + { + "name": "CybereasonAntiMalware" + } + ], + "sha1": "ca85243c0af6a6471bdaa560685c51eefd6dbc0d", + "sha256": "8ad40c90a611d36eb8f9eb24fa04f7dbca713db383ff55a03aa0f382e92061a2", + "sid": "S-1-5-18", + "signature_signer": "Cybereason Inc", + "signature_status": "trusted", + "threads": [ + { + "create_time": 1542788400, + "entrypoint": 5362733988, + "thread_id": 1080, + "up_time": 1084 + }, + { + "create_time": 1542788400, + "entrypoint": 2006167232, + "thread_id": 1108, + "up_time": 1083 + }, + { + "create_time": 1542788400, + "entrypoint": 8791693804752, + "thread_id": 1232, + "up_time": 1080 + }, + { + "create_time": 1542788400, + "entrypoint": 8791693762672, + "thread_id": 1244, + "up_time": 1080 + }, + { + "create_time": 1542788400, + "entrypoint": 8791679862464, + "thread_id": 1392, + "up_time": 1070 + }, + { + "create_time": 1542788400, + "entrypoint": 8791679862464, + "thread_id": 1396, + "up_time": 1070 + }, + { + "create_time": 1542788400, + "entrypoint": 8791679865776, + "thread_id": 1400, + "up_time": 1070 + }, + { + "create_time": 1542788400, + "entrypoint": 8791679929872, + "thread_id": 1404, + "up_time": 1070 + }, + { + "create_time": 1542788400, + "entrypoint": 2006186944, + "thread_id": 1480, + "up_time": 1067 + }, + { + "create_time": 1542788400, + "entrypoint": 8791704162340, + "thread_id": 1632, + "up_time": 1033 + }, + { + "create_time": 1542788400, + "entrypoint": 8791698721056, + "thread_id": 1640, + "up_time": 1033 + }, + { + "create_time": 1542788400, + "entrypoint": 8791698721056, + "thread_id": 1644, + "up_time": 1033 + }, + { + "create_time": 1542788400, + "entrypoint": 8791698721056, + "thread_id": 1648, + "up_time": 1033 + }, + { + "create_time": 1542788400, + "entrypoint": 8791698721056, + "thread_id": 1652, + "up_time": 1033 + }, + { + "create_time": 1542788400, + "entrypoint": 8791698721392, + "thread_id": 1656, + "up_time": 1033 + }, + { + "create_time": 1542788400, + "entrypoint": 8791698720112, + "thread_id": 1660, + "up_time": 1033 + }, + { + "create_time": 1542788400, + "entrypoint": 8791698720736, + "thread_id": 1664, + "up_time": 1033 + }, + { + "create_time": 1542788400, + "entrypoint": 8791698722160, + "thread_id": 1668, + "up_time": 1033 + }, + { + "create_time": 1542788400, + "entrypoint": 5362651040, + "thread_id": 1672, + "up_time": 1033 + }, + { + "create_time": 1542788400, + "entrypoint": 5362651040, + "thread_id": 1680, + "up_time": 1033 + }, + { + "create_time": 1542788900, + "entrypoint": 8791680004352, + "thread_id": 1808, + "up_time": 587 + }, + { + "create_time": 1542789000, + "entrypoint": 2006186944, + "thread_id": 2284, + "up_time": 432 + }, + { + "create_time": 1542789100, + "entrypoint": 2006186944, + "thread_id": 1780, + "up_time": 364 + }, + { + "create_time": 1542789100, + "entrypoint": 2006186944, + "thread_id": 12, + "up_time": 343 + }, + { + "create_time": 1542789200, + "entrypoint": 8791748438592, + "thread_id": 2476, + "up_time": 168 + } + ], + "unique_pid": 22, + "unique_ppid": 8, + "up_time": 1084, + "user": "SYSTEM" + }, + "acting_thread": { + "create_time": 1542788400, + "service_name": "CybereasonAntiMalware", + "thread_id": 1648, + "thread_start_address": 8791698721056, + "thread_start_address_module": "C:\\Program Files\\Cybereason ActiveProbe\\gzfltum.dll" + } + }, + "captured_file": false, + "file_name": "C:\\Windows\\TEMP\\tmp0000008f\\tmp00001c75", + "file_operation": "creation", + "file_owner": "Administrators", + "file_size": 188416, + "hashes": { + "imphash": "835d619dfdf3cc727cebd91300ab3462", + "md5": "4ace3baaa509d08510405e1b169e325b", + "sha1": "27fb21cf5db95ffca43b234affa99becc4023b9d", + "sha256": "6ed1c836dbf099be7845bdab7671def2c157643761b52251e04e9b6ee109ec75" + }, + "is_signature_trusted": false, + "malware_classification": { + "compressed_malware_features": { + "data_buffer": "eAHtnU1oHHUUwHsQ7MGDiIIUD4sH8WBBxJtopiLoUY0pYo2ZTbJJ0yQ17m4+ms/NRzeVWpuUWCL4sWlEYvFQ8KJQ6NCTEA8eRD30sIo3PdSriLi7837Pko3LbHZ2M5m+XObHm/d/X////83O7jCZvzacHBpPplNdfalkdjSdyty674Ft59dN71Dpb9v5eKh8LMEHjsCF2wIfVlRKsHROYPGkQO5+gY2vBSYYdWZFYGwEO/cITHMqkxPYnBBY+07gtCuQ9gSGigJ5lPPYGXcE+jA4z3Ad1ZtAUiDUyrEEPYzqRnIKgxd/Rgc7gygPo5wn95PouN7OeEYJ1UXiJgRmvscgp/LOziIkkSyT+xRVnXhZ4DKh5goCkzidRHkGO4uvCyw9LDDtCay8ILCAzrJOJaGuZwUuvSewivJVIPsklq8JbL4qMJsTSCcExrGs83WKU295ZFo5lr2TaZbcUw5FeJy8tgTeLpCy2iGeS67ABXzlgbEi1UC5FxcZnA4y/CLK82Qxi847FGGZRTLsCUxR1aWEwOp1AmOjDRYYzgwusL9WfqBiGJxnVAanixTq7Dp22LBdlWMJzlOx8wmBK2Rx5WmBLJIRwtAijOQE+ooCb2B5xBOYRtlfNeXpLpA7oyZRTqHzGenkmIJPnhBIMrzTwSA6H93CO5l+c1NA99f6IwLH8fUKdjTmDpTbgS50+gGVnECnE4PpooC2guPoaPADSHrcncNHmEHtAFkq3+EI+A37zsrrTvH3WTkvJLoOTyBp10wx2JcgVCRahA4NrICE4a+hrMXsA3qAHItW188E8ejO7XV3eh/KCYwxlamEwCgL8lN2wTntfrhY/U0g/5KAdvUpT+AszWqBdqH7VLeeZrExK9Cv1UgIDKA8g/cx7QAEP+AhAfRaMKB2HOJh+BSFSqKjSytNGBlc6PrpxvK7lCVDxbSG3Z7AhCMwx6gelwgLAltXBXJUTH29j+U1LHdipx/QprfKfGnF0sBpdBYxmEQyTzW0h6/0khcuhhJYRufym+i4VKMocJMs/KvfoW3/UJb4PeZOSZVONThZz4djP/75TAXa/CVfOvX3RgVLIDreLPN1pP1osW7lGmHsEhjBOzf+EPBE4vndvWz5xb/cChxGcv1LAb+tluALKnZ47isf1MXvz1ZMlsCXbXtPceqhrcp1ps6YHwQeBXLEPCf7q23tl9uJui0bGBgYRAccv7uXr/g5Af+2oNTrpgTa/vnpjBvpLAwM4gRBPvIZGBgYGBgYGBgYGBgYGBgYGBgYGBgYNAOc9oMXs4GBgYFBcNBnww5QzDXgRtPSaZ5lg/itsRaslgZ3bnWEEVnhMetIBwiiVnlbCbWrEftrt11zdwWnseFW1QO63w1is3ptD1pV9xG0t+zvfUrzrvh380qwXWAVCw6h78GIfG7ZlzltXu6hd+y92fECRFhjuH3bXG8N43oXEHperdzvUbteaDxhVTUeq25fqhG1X6Ai8mtF6BDXz2wR+dzSgg4Qsxls5T11XMG+82y8GkG+b7kL69xg7mF1SFvhBgYGsYH/Xi7HE+PVkiB2jt1bNZxT+k4558jR53ydz5//1m1KOgYGBgYGBgYGEQfnsYaG2z1sdPJS79XQSu91ndobOAHCaN5vNzUk1bceQVzUpbw3iOuT+UFmR18bHrp3gyhDC56lCd1y85w2+HSNUwVhhdGC7blLf+bV/fqtvhMg1NDjCcugB1QXswbs8ekj/v1BgzFHBIIsyP+HfwFdMpzu", + "decompressed_size": 27831, + "encoding": "zlib" + }, + "identifier": "endpointpe", + "prevention_threshold": 0.66, + "score": 1, + "threshold": 0.66, + "version": "3.0.33" + }, + "pid": 1076, + "ppid": 432, + "signature_signer": "", + "temp_file_path": "C:\\Windows\\TEMP\\27fef9a8-bd80-4784-934c-76b383147d3f", + "timestamp": { + "accessed": 1542789400, + "created": 1542789400, + "modified": 1542789400 + }, + "user_blacklisted": false + }, + "event_subtype_full": "file_classification_event", + "event_type_full": "alert_event", + "metadata": { + "beta_alert": false, + "chunk_id": 0, + "collection_time": 1542789400, + "correlation_id": "3aab8e43-2cdb-4d32-b46b-b8382ff11939", + "destination_plugin": "send", + "final": true, + "is_alert": true, + "key": "fileClassificationEventResponse", + "message_id": "31b54c77-fdbb-4550-9259-0dce12b98ec2", + "origination_task_id": "7aa040c3-7751-4b8f-9629-9ed4d84c1507", + "os_type": "windows", + "priority": 80, + "result": { + "local_code": 0, + "local_msg": "Success" + }, + "semantic_version": "3.50.0", + "sensor_version": "3.50.0", + "task_id": "7aa040c3-7751-4b8f-9629-9ed4d84c1507", + "type": "detection" + }, + "opcode": 8, + "serial_event_id": 167011, + "timestamp": 132140242101035230, + "timestamp_utc": "2019-09-27 02:16:50Z" + }, + "event": { + "action": "file_classification_event", + "dataset": "esensor", + "kind": "alert", + "module": "endgame" + }, + "host": { + "hostname": "HD-ssm-0b0d26ad", + "ip": "10.81.164.74", + "name": "HD-ssm-0b0d26ad", + "os": { + "name": "Windows", + "platform": "windows", + "version": "6.1" + } + }, + "labels": { + "account_id": "8c48070b-4b61-4ded-86d5-1b9a7a78229c", + "endpoint_id": "5085268f-7443-4f15-85d2-bf14b2a69c60" + }, + "user": { + "group": { + } + } + }, + "type": "_doc" + } + }, + { + "type": "doc", + "value": { + "id": "kuNEc20BW148Je-rmp1N", + "index": "test_alert_data", + "source": { + "@timestamp": 1542341895000, + "agent": { + "id": "ced9c68e-b94a-4d66-bb4c-6106514f0a2f", + "type": "endgame", + "version": "3.0.0" + }, + "ecs": { + "version": "1.1.0" + }, + "endgame": { + "data": { + "alert_details": { + "acting_process": { + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "cmdline": "C:\\Windows\\Explorer.EXE", + "create_time": 1542341500, + "domain": "WIN-Q3DOP1UKA81", + "exe": "C:\\Windows\\explorer.exe", + "hashes": { + "md5": "ac4c51eb24aa95b77f705ab159189e24", + "sha1": "4583daf9442880204730fb2c8a060430640494b1", + "sha256": "6a671b92a69755de6fd063fcbe4ba926d83b49f78c42dbaeed8cdb6bbc57576a" + }, + "imphash": "6422e341c67ba0880e012f8c7c634c21", + "is_sensor": false, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "md5": "ac4c51eb24aa95b77f705ab159189e24", + "modules": [ + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290248516, + "hashes": { + "imphash": "6422e341c67ba0880e012f8c7c634c21", + "md5": "ac4c51eb24aa95b77f705ab159189e24", + "sha1": "4583daf9442880204730fb2c8a060430640494b1", + "sha256": "6a671b92a69755de6fd063fcbe4ba926d83b49f78c42dbaeed8cdb6bbc57576a" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 4278845440, + "mapped_size": 0, + "path": "C:\\Windows\\Explorer.EXE", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 b3 f5 00 00 00 00 00 0d ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 05:28" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258681, + "hashes": { + "imphash": "d41d8cd98f00b204e9800998ecf8427e", + "md5": "3556d5a8bf2cc508bdab51dec38d7c61", + "sha1": "92015f7bbdb9dad35e41c533d2c5b85f1cd63d85", + "sha256": "91e3d98ad3119e8addf8d2aa1dd6795162842fff7101e4c70c5137e847b4ff50" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 2007891968, + "mapped_size": 0, + "path": "C:\\Windows\\SYSTEM32\\ntdll.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258315, + "hashes": { + "imphash": "9165b02c931d76a9b666d8d42128111b", + "md5": "7a6326d96d53048fdec542df23d875a0", + "sha1": "5c02af0206c299f5bcab8da4237cfc92e3e93495", + "sha256": "182351570856cd6eedd9df7e2fb8ab76bd4d8fc70be11ad5de6484cfd70c21c6" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 2006712320, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\kernel32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258316, + "hashes": { + "imphash": "3f7fb1504bb73a54888bf1c3650fe4cf", + "md5": "da68c291b4ef2dec9c5963266bcae454", + "sha1": "5696e8c68fcf64104499e20e7cd5452b58b4f4ba", + "sha256": "21aa4779fc21e762178517268c95467238c92851ad9160bffc36b2379c58337f" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791760175104, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\KERNELBASE.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534699, + "hashes": { + "imphash": "e1ee2d71958d21e0e1bf887dfe76af7f", + "md5": "6df46d2bd74e3da1b45f08f10d172732", + "sha1": "3491f8f9a73c00b158e43a530210d67a4f0598ae", + "sha256": "2dc945f6f2c4a82189bc7da2fcbb7d9a0e2588a909539249e55ba82468e0c677" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791763779584, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\ADVAPI32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535038, + "hashes": { + "imphash": "8c99b1c0f6cf68b07336751f460f1dba", + "md5": "7319bb10fa1f86e49e3dcf4136f6c957", + "sha1": "3eea5ee8bafb2b9975b236c5c5655df6f4b42aa1", + "sha256": "60de43ab267fd41c9804369b569139add30ed4e295c425f44fc04d3fcc95fca2" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791790780416, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\msvcrt.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535198, + "hashes": { + "imphash": "b8ba136689cdc8d8b25fc04902f39a22", + "md5": "83404dcbce4925b6a5a77c5170f46d86", + "sha1": "22bda6b9da4fcf492b4dd16554b0c0e27e1b8667", + "sha256": "d669614d0b4461db244ad99fbe1ba92ceb9b4ed5ec8e987e23764e77d9ac7074" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791793074176, + "mapped_size": 0, + "path": "C:\\Windows\\SYSTEM32\\sechost.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258798, + "hashes": { + "imphash": "46876e4adb924a616ddbbb1992d61257", + "md5": "0611473c1ad9e2d991cd9482068417f7", + "sha1": "c4a3fa902dedad5d448e1d8b2d113cae1dcf2f7a", + "sha256": "90afcc2a60350ece27e75e76459132ef0fa28ef283ce88fced4b82735a93ecda" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791762403328, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\RPCRT4.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258001, + "hashes": { + "imphash": "51945fdf9aaf56aeb9d6fa1f21b638ce", + "md5": "1084aa52ccc324ea54c7121fa24c2221", + "sha1": "b13ef924708fa88577931ed0337000e90adcdf5b", + "sha256": "6e972cf624f7c0de8190434b3b30279a01c551713109f97b9ebb77fac9364754" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791792615424, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\GDI32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258929, + "hashes": { + "imphash": "2cb501375ed127591bf5cfee7f1e52fe", + "md5": "fe70103391a64039a921dbfff9c7ab1b", + "sha1": "e0019d9442aeebd3bb42a24c38aa2fae4c6bd4f5", + "sha256": "f7d219d75037bc98f6c69143b00ab6000a31f8b5e211e0af514f4f4b681522a0" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 2005663744, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\USER32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534943, + "hashes": { + "imphash": "919110853c18aa198ad129945337b1dd", + "md5": "d202223587518b13d72d68937b7e3f70", + "sha1": "916a3ce858f074f57dd9dac01be5cd4649f19887", + "sha256": "9db971b866d058adbb518dd99b87c5db8dd1e7c9073755b989ae7e9fb62901e8" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791763714048, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\LPK.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258933, + "hashes": { + "imphash": "17bf46cf6bf6c8cae48be5b75615a353", + "md5": "2f8b1e3ee3545d3b5a8d56fa1ae07b65", + "sha1": "66310680ee38904b2852717af13028e53b4e8b8e", + "sha256": "2a3ec01f3bafe7d7d656886437f7ffecce440c0d3f3467804769ab4bf1ff7a99" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791782522880, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\USP10.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258859, + "hashes": { + "imphash": "4b37cbf60127ea0550ec30e0b1c52984", + "md5": "eaf32cb8c1f810e4715b4dfbe785c7ff", + "sha1": "3b099b193abb9064e6937101d0c309f04d713882", + "sha256": "db6ad07fded42433e669508ab73faff6daff04575d6f1d016fe3eb6ecec4dd5d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791792091136, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\SHLWAPI.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258854, + "hashes": { + "imphash": "9c631776d86c9b15258c3cc2a6a7891d", + "md5": "26e716ed95dc48cf6e5ac046089366af", + "sha1": "2bd96b8ae5ae3ad14c16d2a98a91a9a9f26d179d", + "sha256": "f686d557b7ac1688efc7cb48311290d713d3db2e9e61e947098a7c80e3a1b9e9" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791765811200, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\SHELL32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258732, + "hashes": { + "imphash": "faad2d5bf5c0ca9639e07a49e8c5d8ae", + "md5": "6c60b5aca7442efb794082cdacfc001c", + "sha1": "aae17944782b25f41f7b3a756532b4923f4ae817", + "sha256": "fc1d9124856a70ff232ef3057d66bee803295847624ce23b4d0217f23af52c75" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791783374848, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\ole32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258736, + "hashes": { + "imphash": "774fed8966de60d3af2dd9070df5be6f", + "md5": "42f05f980f164e084db65b2e8cd8430f", + "sha1": "86498b3c5bbc240b9de0a10f2cb4185e754de6d7", + "sha256": "0813749847b08f6577791d18ad9eca6dff5b41c2f727ab5ee9e5bf9602ed50cb" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791785537536, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\OLEAUT32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258088, + "hashes": { + "imphash": "ec96d3f694248151f968633563d10a36", + "md5": "eed05d42d91835064703e2318552ed25", + "sha1": "aa7e817ccad26070bce1161894f97e10aaa56fb9", + "sha256": "e9ee1e2253445b207b76f5d3073c612ed979a982522c1515e0fe8fa9641ae568" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791634935808, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\EXPLORERFRAME.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534886, + "hashes": { + "imphash": "c0e1a4a34891e5dd2a6cbaa0895a8d38", + "md5": "8ccde014a4cdf84564e03ace064ca753", + "sha1": "957e29e029fe60b8ff43ff732463c39230b78226", + "sha256": "dd663029b2eb7b12fdb00fce403d8326141e540e3b9ce84cd5871473d3e2e2cf" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791735599104, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\DUser.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534885, + "hashes": { + "imphash": "9353143c2b77b94cc82ab55c5fecf99c", + "md5": "3cb6a7286422c72c34dab54a5dff1a34", + "sha1": "5b93896a6abb36c2b8957973e3ce1860c1059367", + "sha256": "98d21efff511e407336a226420701e82554da01fa05661303836b6860d63749d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791721181184, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\DUI70.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534912, + "hashes": { + "imphash": "d76d7be0b8ac9aafe17d2cc7deb32b29", + "md5": "aa2c08ce85653b1a0d2e4ab407fa176c", + "sha1": "0119c23d88292a0e4fec04d5cf8629005a44e37c", + "sha256": "83dfd0c119b20aedb07114c9d1cf9ce2dfa938d0f1070256b0591a9e2c3997fa" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791793205248, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\IMM32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535018, + "hashes": { + "imphash": "b523fff180cb22465ccf191b827e9923", + "md5": "c431eaf5caa1c82cac2534a2eab348a3", + "sha1": "e425577ccfc9b92efbbcb760d21fcaa478d3e51a", + "sha256": "addf850128dc675e67faba9a3d0d27e684f01f733962ca22927bb94503549e44" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791764697088, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\MSCTF.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535251, + "hashes": { + "imphash": "56e651a119cdb899aadd2df3832bbcd1", + "md5": "d29e998e8277666982b4f0303bf4e7af", + "sha1": "e803b0af61ea2ddcd58b5a63b1cfbb73266318ea", + "sha256": "4f19ab5dc173e278ebe45832f6ceaa40e2df6a2eddc81b2828122442fe5d376c" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791742480384, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\UxTheme.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535202, + "hashes": { + "imphash": "1c419f7cfacebfcd8e903e6be290407e", + "md5": "716175021bda290504ce434273f666bc", + "sha1": "4f00fbf4e9a88fae9e6682989032831b3d2eba86", + "sha256": "fa18ca2d8a5f4335e051e2933147d3c1e7308f7d446e2aeb6596cdef6e2afc88" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791718690816, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\POWRPROF.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258850, + "hashes": { + "imphash": "a7a25e8b145e75fdeb21026d3895033a", + "md5": "5d8e6c95156ed1f79a63d1eade6f9ed5", + "sha1": "cadd211d74385550c5e055d3312303f4d64fdebc", + "sha256": "12130837d7f89a2c7e9d25747a8e5b9001e0a38d545178b49b450c23ae62664a" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791788814336, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\SETUPAPI.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257756, + "hashes": { + "imphash": "5cd9d6761799e2ff681533ef1ffbb31d", + "md5": "2477a28081bdaee622cf045acf8ee124", + "sha1": "304c5f29fa847fbd994ad7a0471214198b928c14", + "sha256": "00a09caf9129e84feea98fa03ce9012c9f961b64fee15c4f268822c0f82acc3c" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791760633856, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CFGMGR32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534817, + "hashes": { + "imphash": "2dbdaadf7e151289a49662379e253dfd", + "md5": "06fec9e8117103bb1141a560e98077da", + "sha1": "a8922793a930d602409b62be5ff01d5baec60000", + "sha256": "c5e61b11ddbbbbba3d9488970524f0975ea5fbdf16e2fa31f579f8bfa48353b1" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791760044032, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\DEVOBJ.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534887, + "hashes": { + "imphash": "e7f2585307f1db90e7e5e48c40dc7134", + "md5": "da1b7075260f3872585bfcdd668c648b", + "sha1": "f2bd334006d728422721b7c639145a6ec59a459b", + "sha256": "3e10ef6e1a5c341b478322cb78a0ab7bfc70ad8023779b8b4542a7cb4ca756ab" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791742873600, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\dwmapi.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535203, + "hashes": { + "imphash": "6a5a31c99a1562b9e5e10f4b4445be95", + "md5": "be097f5bb10f9079fceb2dc4e7e20f02", + "sha1": "dd572bac50bc4718126389c628d56a83d5c4d88a", + "sha256": "90a88986c8c5f30fb153ec803feda6572b2c2630a6c9578fcc017800692694d5" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791732256768, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\slc.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257495, + "hashes": { + "imphash": "fd8a6a2046d9572b7f8f4288ae251c61", + "md5": "497bfeddaf3950dd909c3b0c5558a25d", + "sha1": "5d55bdc156372f51eb126f7bc2a8af161a1ef254", + "sha256": "980ea189929d95eb36e35980fff0c81f7b78de9422771fde8f4ac7a779f5bd89" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791732453376, + "mapped_size": 0, + "path": "C:\\Windows\\WinSxS\\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\\gdiplus.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258848, + "hashes": { + "imphash": "cc4d63ca30fdbb90048e549782d2116a", + "md5": "858df0795cb5b4bace0f33708925a414", + "sha1": "e629ed78e6e1829263890974760dad8a431edf69", + "sha256": "a9063af8d5c73a722bd269d144d8a65c98db4cfdd9f626e3a8283754e22c8c9c" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791754801152, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\Secur32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258927, + "hashes": { + "imphash": "b32250da0d30f7782b5b900d4d9c519a", + "md5": "2a86e54b441ad41557f75dc5609b9793", + "sha1": "83ddcf8a1a0ca423bf8417f5e59b5c431bf50c43", + "sha256": "8fede6909413c0fa5b63d58d39affd0f6c3beeaf19b7b2f8674913abfd79a912" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791756701696, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\SSPICLI.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258762, + "hashes": { + "imphash": "26c2856b9813d8990c01c5a711b5063a", + "md5": "f06bb4e336ea57511fdbafafcc47de62", + "sha1": "bfee1b9d2269d26d99c8e462825ee8399c8bd4ec", + "sha256": "be43ec62548e9ff89a9495a1722e22dbb76eec3764f86e64057b636f27d15765" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791728259072, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\PROPSYS.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534993, + "hashes": { + "imphash": "f0c6fd6831905d958b05645b680db89f", + "md5": "784fa3df338e2e8f5f0389d6fac428af", + "sha1": "6d32c67c91c6d374854e907c6719db2538540867", + "sha256": "9c8aa0cfdeb9e38aaf8eb08626070e0f0364f4f8a793cfe3532ec6c007980c34" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791757291520, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CRYPTBASE.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257499, + "hashes": { + "imphash": "cd11f800bc54ae45ead9d98c96048145", + "md5": "7fa8fdc2c2a27817fd0f624e78d3b50c", + "sha1": "b4aa8e16396b1882eb75c28dfbec9949608afdde", + "sha256": "7b63f6aa2cd6d4d07ea3c595b868b1a0749bb11620027a2bd9b935e3055481e4" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791736123392, + "mapped_size": 0, + "path": "C:\\Windows\\WinSxS\\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\\comctl32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258974, + "hashes": { + "imphash": "b03f7d8315f3384d06c11e961e6fee07", + "md5": "26b73a85855681500bcc25c7cd9ff5b1", + "sha1": "393ed9ebbe380c77935df6d0eda2047cdd2224fe", + "sha256": "94d134a6af53ad629a4505b8b0ea37f61bb43af4db71874e7e87853163a9282a" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791724851200, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WindowsCodecs.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535135, + "hashes": { + "imphash": "ff720e05e534d67b814b8562265058f5", + "md5": "2c942733a5983dd4502219ff37c7ebc7", + "sha1": "263e8fbf77c0ceead0c9bca56394bffa4a664361", + "sha256": "34b20b6b0d7274e4b5b783f1d2345bc3dd9888964d5c2c65712f041a00cf5b45" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791758143488, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\profapi.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257558, + "hashes": { + "imphash": "6af6d846a78a6532fcb989d0d8aeb17d", + "md5": "90499f3163a9f815cf196a205ea3cd5d", + "sha1": "f97ff54dc4b132756fcf7041e55d645163f19851", + "sha256": "29b4ed3795cec1177eb367132914ce21c194cdec5db9dc923fd928c85e94d821" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791756898304, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\apphelp.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534778, + "hashes": { + "imphash": "37afbae3e0f359c3718e379261f7ccfc", + "md5": "25983de69b57142039ac8d95e71cd9c9", + "sha1": "01691e3b0bfa569e64bdb7dc3d637a867ed2dc08", + "sha256": "a677da7ebcbcb6073d27e8a38809f51e971e83ed379bc599aaad6ef4216348da" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791787700224, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CLBCatQ.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534842, + "hashes": { + "imphash": "cbda3eb1c9c46a2121362e9775f60b47", + "md5": "024352feec9042260bb4cfb4d79a206b", + "sha1": "79c23ce566219f87ade8e55a292aaaabe4a639ec", + "sha256": "60cb39086e10c5b66ebc15e4df219620b344b4358d2918ab6bb3448a0ac8be36" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791731994624, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\EhStorShell.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258701, + "hashes": { + "imphash": "37dad3873d5388f07576532bc042f677", + "md5": "7bbf670114373ce6a203fa155a9e0d0a", + "sha1": "104d89dde030b661d05c4c63a03fae1f46ab52d2", + "sha256": "36ef0a36c679e53b1b169289bd3c05d7c2839dc20c8c87bf520b633911fde198" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791647518720, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\ntshrui.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258920, + "hashes": { + "imphash": "2d37f2d4b3c246f361ca150fc7ebf8d4", + "md5": "3a9c9baf610b0dd4967086040b3b62a9", + "sha1": "3207ac7f895eab34623d994548d7810e54be3e79", + "sha256": "e8e9a0f42b1ee7806edceed08aa024d037215d06ca317e3678bd5364ad513d23" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791753228288, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\srvcli.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258010, + "hashes": { + "imphash": "2ba777561101c3b07566cc50db3a564c", + "md5": "1bf0cb861a48feb1638228760750f3cb", + "sha1": "fbc77224c1b444a6ec25e99f995f2f355e4d1d26", + "sha256": "37c781a8c546ead8b4d28bd7d730b9ac78eb799599ad69dad9054b6f9f1dd6bd" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791649091584, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\cscapi.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:35" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1247534897, + "hashes": { + "imphash": "5bf52e420b6d5991bdcce16ada0828dc", + "md5": "1d63f4366288b8a7595397e27010fd44", + "sha1": "e459e1227083e4eabd19ee20e13754560fc7e02d", + "sha256": "99ea4ddd88d9c4a4cc9b238f533cb4d2c062d46239173997e8594d8a75811a01" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791735533568, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\IconCodecService.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534998, + "hashes": { + "imphash": "77870f98ca4d25a823c74d7404a64bfd", + "md5": "d0c2fbb6d97416b0166478fc7ae2b212", + "sha1": "e290bdf2312ac30a4e9f2a96d7c84714eee84899", + "sha256": "7eab6c37f0a845e645ca44cc060ac6c56e386c7ef7a64716c6786c9602ad8c9d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791750606848, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CRYPTSP.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 17:43" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1247535161, + "hashes": { + "imphash": "b8c20a01e4d94df61ee21f5350389f9c", + "md5": "5d8874a8c11dddde29e12de0e2013493", + "sha1": "a1c8e3e6ee44dcb68752d44b3b6f4ecce89c388d", + "sha256": "3e9a57137bf622af83e3e4d58971e2c0200559cca7545d16cf263aa03ee9c7d2" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791747461120, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\rsaenh.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258799, + "hashes": { + "imphash": "a198edd0f73abd7cdbb54eef82ab1fc6", + "md5": "c2a8cb1275ecb85d246a9ecc02a728e3", + "sha1": "4417207821fc8f5c72ff531683f183caef297882", + "sha256": "3603fadca0060bd201148f9d59e4e2627f024609a6463ab525b5d1ad17bdcd10" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791758012416, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\RpcRtRemote.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258895, + "hashes": { + "imphash": "4fe9beaa9bd4aa01f5063a7352325c89", + "md5": "d7f1ef374a90709b31591823b002f918", + "sha1": "336ac44b8ee88a6af3f3eaf461b8bdf94fa657ff", + "sha256": "05fd2837c9b03d14bb2a969c1ad77caef047d93dc5d0f6c2acbf0888e8f7b359" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791730683904, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\SndVolSSO.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534873, + "hashes": { + "imphash": "0a90384377303e2a2625725018566a89", + "md5": "896f15a6434d93edb42519d5e18e6b50", + "sha1": "b91a3512a80c4201c3fcfaf62abace894fbba328", + "sha256": "9263f0cec58d45ebe3fb9c3061fb9392c55a7933b84b4592e6ee13cfc86d5a50" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791731929088, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\HID.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534952, + "hashes": { + "imphash": "98a24f570dbcd3a092d95b3bd4e51a53", + "md5": "227e2c382a1e02f8d4965e664d3bbe43", + "sha1": "c4971ba9c1e4fdf0106c7cfab626a3d8737bbd07", + "sha256": "1cff20a8bf87ace4fa4935ebeed72bfb1a1fe902a754899e2f50798d67df5642" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791729504256, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\MMDevApi.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258898, + "hashes": { + "imphash": "e99757a4c1beee1b5bf8b7b33b444dcc", + "md5": "1fcb1a72bf5c784f7358e6bef38e4571", + "sha1": "ef944a320de79bf05f0e30f54f3f8b2ba2e82c4a", + "sha256": "12da4240f8c964eda6223257bd9723fd9372e63ae86f00509163b1de12a5f6c5" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791637426176, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\timedate.cpl", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534704, + "hashes": { + "imphash": "d6de6fde05f96ac848accdb1aef473e4", + "md5": "58775492ffd419248b08325e583c527f", + "sha1": "b0e9ca05d46cb53049c4ca33fe04bd08989a78f9", + "sha256": "dbb013971f5894f25c222c2d4d50a29db6df3c413792ee9ccc1a9e6d85469093" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791732322304, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\ATL.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535266, + "hashes": { + "imphash": "fa1e670045065ff088a4ac664f9ac3d7", + "md5": "9f2bacd5e1776a4bb7cc0ec3c3a4f96d", + "sha1": "ad8c7ec85d532e5725b8535830f27c1abcf139b4", + "sha256": "19959d18601712901f03b83150d15e34ebcab355bb4692c9a28511a72f57fc66" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791730618368, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WINBRAND.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257498, + "hashes": { + "imphash": "53f2c3eaeaa6e619e0ccd6e671e96145", + "md5": "e6f0f82788e8bd0f7a616350efa0761c", + "sha1": "9aa4aafda89325853ffa66169e697529164a23a2", + "sha256": "13091dcb3e3f4f52c3ff210e93aaf1dce142cfc09f671aeac5b922393b23e67b" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791633952768, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\actxprxy.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535165, + "hashes": { + "imphash": "ae5e5f76641aadaf99f0ca29d2e1cadd", + "md5": "1f4492fe41767cdb8b89d17655847cdd", + "sha1": "c836a5e65d56900b6658fdaa3df8579bdd07ec69", + "sha256": "184547fac0c3d7148faa3f601929a7089de393bd19929a137dad743331dd3f77" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791719739392, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\ntmarta.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290259030, + "hashes": { + "imphash": "f792b6ec2e11bc79d8eb1bb1bcb79a91", + "md5": "4e4ffb09d895aa000dd56d1404f69a7e", + "sha1": "40f5c1890f6de5284f6c897255e6907b0272349a", + "sha256": "d999e04bb35780088480eab322176570591a21e311d204bdcab010a63b34d24c" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791794974720, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WLDAP32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258853, + "hashes": { + "imphash": "2507624727988c72eb2a628a990000fd", + "md5": "c4f40f6cacd796a8e16671d0e9a2f319", + "sha1": "0881ae2a2fd3c5f03654410c474e5a25317942b2", + "sha256": "44853c645915d910ed0cc6d38f68b6c222528ec5fcbe990e238010f41204e682" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791729897472, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\shdocvw.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534923, + "hashes": { + "imphash": "e52a872655c57d1b906101b6d5449bbf", + "md5": "a0a65d306a5490d2eb8e7de66898ecfd", + "sha1": "880ac520eb1d38ebb591707a26e6dd300df40643", + "sha256": "ce5da408f4edd5e81ce0925867f03c9a35172cf1571fe4c4c052e45ab69822bb" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791729831936, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\LINKINFO.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258932, + "hashes": { + "imphash": "0e8a67fa12ce3d22a9e1d18bda5c3260", + "md5": "7a17485dc7d8a7ac81321a42cd034519", + "sha1": "83d1722a35eb16b010d8c9f72c627e97d4642101", + "sha256": "88d8705fa901793fc8c1cfd0175e49a6502bf0fc94a066ba573d2fd13aa5f04a" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791745036288, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\USERENV.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258852, + "hashes": { + "imphash": "8b5c65294bec1cf89e97325a24b8cfc5", + "md5": "4e9c2db10f7e6ae91bf761139d4b745b", + "sha1": "6e8e6a53269ca8acc8c2456c80cd3a56d8deb98d", + "sha256": "8f63f78294f5585d599a114af449dcc447ccb239d0f0b490bfe6b34a2146e730" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791704207360, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\shacct.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535152, + "hashes": { + "imphash": "44b39e98ae2946f304f4dbadcfffa307", + "md5": "5b3ebfc3da142324b388ddcc4465e1ff", + "sha1": "86e20ebf70fd35723eb635c4f3684891a2547a7b", + "sha256": "5d58642305311f9bc9b779c9598bfc4e7433b3ea58404bf1ff9466838a2328c7" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791716069376, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\SAMLIB.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258793, + "hashes": { + "imphash": "7fec5787890bfedd3b3aa4082f53a08e", + "md5": "fc51229c7d4afa0d6f186133728b95ab", + "sha1": "f7a2f224356e68b612ecce4512c99f5b9c264d7d", + "sha256": "37e58c8e1c8437d1981725a5dcdaca7316cefbb570370cefc8d122f523b96ac0" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791714168832, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\samcli.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258588, + "hashes": { + "imphash": "96f28fef38c977afbf3f6e8f39c0d6b9", + "md5": "6ceca4c6a489c9b2e6073afdaae3f607", + "sha1": "b228f6208642cb99e5bcdf2d3ebda2b8bc4fb020", + "sha256": "127506d1db38275614cbeb047c133718ef9d03266ba9c98be55ec7847cfc9c3d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791722426368, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\netutils.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535084, + "hashes": { + "imphash": "14bd8d9a93b98b2479e1f6cd57b7c790", + "md5": "7cb3acb163de051169095dc6507b8977", + "sha1": "b891ebebb25655157f7c612d5763e995c86009a2", + "sha256": "45d4deb0695440d8b5e959945b3f7a773e02e2ab305e316123a1064fc1905402" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791703945216, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\msls31.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257535, + "hashes": { + "imphash": "bf738a2fc0ab0601eea36f35e4cbcd27", + "md5": "0bee002c68e28ce6da161dcf1376d7d7", + "sha1": "d5cc3bec12c801e11217acc6927e1e6e401fe208", + "sha256": "1d4ee0b9ce22d139478008d5591b8c9f027c235cba601f95a96547cf98159d4b" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791631134720, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\authui.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258007, + "hashes": { + "imphash": "76801e47683b36a4115dbe046717edbe", + "md5": "b3bfbd758506ecb50c5804aaa76318f9", + "sha1": "bf6c922467347a6690eb19c5e82be09b3295778b", + "sha256": "34e079a6ab2d41d1e0b3887b6ae31c43941061b7176fff2801c3f465c2c89578" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791630020608, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CRYPTUI.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257999, + "hashes": { + "imphash": "04534d8dae5ab230b9bee9b1b0b2829d", + "md5": "3f9f2afa135f0663946a006dd5ffd897", + "sha1": "ea6456859b04b68af8dcd453381dd168af53fc5e", + "sha256": "276d1c9c78c529625c2ef3d77079324628686ea184767971901a1de93681c133" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791760896000, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CRYPT32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258373, + "hashes": { + "imphash": "2e50bc5d9fe777770c8a6b2cfaf6b2e9", + "md5": "884415bd4269c02eaf8e2613bf85500d", + "sha1": "c3a64f05c210b38c69d8f1fc1d74a71b56ada30c", + "sha256": "efe771709ec942694fd206ac8d0a48ed7dcd35036f074268e4aecd68ac982cea" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791759060992, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\MSASN1.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258922, + "hashes": { + "imphash": "75124ca243f494ff6127697f3ebc418a", + "md5": "5fada8b707318e1bd63a7e2b81e6c8cb", + "sha1": "c5ad1c9bbc2f565237a144b9cf44711dfcf65ea5", + "sha256": "2590e88cab52fcc1b24cb262d293131c6280a5f234e0c130e77aa8697efa3b5f" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791793401856, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\urlmon.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258980, + "hashes": { + "imphash": "248b27a31ddf696c2e3bfe6aed9c3eba", + "md5": "f6c5302e1f4813d552f41a0ac82455e5", + "sha1": "f0ec3ad7e90f559d1bc9b8849cf5668cafba2031", + "sha256": "e3ebf44621efc6381baae0f0efc13c356dcb6ee31bb258137edb3cc3e18549b5" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791786455040, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WININET.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258097, + "hashes": { + "imphash": "f6db6123d8a383f58cf318d00d2e7d1d", + "md5": "5180380d353277d395d3b36d790aa93e", + "sha1": "d5622ec5d922233867422d1e143969e226bb9a1c", + "sha256": "89b894eccf65704d00d30ea3bd45b184bfab8345b779f9ae2be66b9fc7226f72" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791780032512, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\iertutil.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535234, + "hashes": { + "imphash": "13ecfa3a285149680a7a4b174c8b8f5b", + "md5": "94e026870a55aaeaff7853c1754091e9", + "sha1": "a4f845318e095d841b05e1400747ee4c28e1f28e", + "sha256": "b2f5d5629d12bdfa98dbed3898368f37d9009c7531b6909c7285a2c11c9a0f93" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791743004672, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\VERSION.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290259004, + "hashes": { + "imphash": "da0bcac0c5f9dc653d00eecd5fb1c801", + "md5": "0d9764d58c5efd672b7184854b152e5e", + "sha1": "99d78db040987c69b6a70a42af86641ba0413956", + "sha256": "9827b43dabbec39ab2e2294408d9c5304ef27a684903c5234c6070387723d49e" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791758209024, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WINSTA.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535280, + "hashes": { + "imphash": "af1203c1d6d810c97729856780869b12", + "md5": "ef2ae43bcd46abb13fc3e5b2b1935c73", + "sha1": "c53e005cd04d99331ce3114ac119256133202313", + "sha256": "81fc06f306f620845d7dd8d06e706309e70bc89b589c81f3478302a3f5f73431" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791683301376, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WINMM.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258936, + "hashes": { + "imphash": "7e9874f9ecf2191b91f9a4dfa37f2ba1", + "md5": "1473768973453de50dc738c2955fc4dd", + "sha1": "7b046f6070844e3bc7deae115a1dfe5825030513", + "sha256": "14bc5da2442cb726acc1f277ddbeccf5d61e3a0a3e083a55a0bb610191e35220" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791648239616, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\wdmaud.drv", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535081, + "hashes": { + "imphash": "086996ef0b01a463f114deb5244861b9", + "md5": "8560fffc8eb3a806dcd4f82252cfc8c6", + "sha1": "7562bbb63b0db6e4986ebdb86495c4fe284a1eaa", + "sha256": "cc27bc092369a89d6147b16568fedeb68b584d5738cd686c31f7fae22ed17b3b" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 1968373760, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\ksuser.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534742, + "hashes": { + "imphash": "690cce63d22e22d9aa225c4a9290b2c4", + "md5": "78a1e65207484b7f8d3217507745f47c", + "sha1": "3542a591e9c97b48739f69e2a193dff461ea097c", + "sha256": "35f413adb9d157f3666dd15dd58104d629cd9143198a1ab914b73a4a3c9903dd" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791718625280, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\AVRT.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257517, + "hashes": { + "imphash": "64661addcde8896487dcc7cd32a4eda9", + "md5": "dc220ae6f64819099f7ebd6f137e32e7", + "sha1": "5707f15b666c7d3b07dfce9dac665a2e45c39113", + "sha256": "b8fe13b859fa83500dd95637fa6d4a5b8392c2a363e41d014d3b5374f636e1de" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791659118592, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\AUDIOSES.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534992, + "hashes": { + "imphash": "3bf8d3fd03f9d07b7821df4b1da2be9d", + "md5": "1b7c3a37362c7b2890168c5fc61c8d9b", + "sha1": "78ba8d596c0ac4c38acb498416957891570a2a1d", + "sha256": "03727930e5bb5f9d91bab901fc9a2e3b795d68e2aee6a2cc3477f356c45a9c54" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791728062464, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\msacm32.drv", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534991, + "hashes": { + "imphash": "9611d7fd4fe3c571fbf1db3d718ba82c", + "md5": "10ac5ce9f78dc281a1bbd9b8cc587b8a", + "sha1": "207582f9d9bec00a932fba886d575ee5b6502d42", + "sha256": "72288c0a88916d3c3828dbd948dbdb0928f26106319f8e60102d6c9004514d60" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791716659200, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\MSACM32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535038, + "hashes": { + "imphash": "5a8ee2f48e79ef6ac4b33366d6642b50", + "md5": "ca2a0750ed830678997695ff61b04c30", + "sha1": "a27df990dde73e72bb02105f8af689a1ac324e59", + "sha256": "e84860cd97aa3c4565abb2d5d406a5c42b1ad2d8ba1b8cf81fe564d91f15f976" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791727996928, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\midimap.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 b3 f5 00 00 00 00 00 0d ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 07:10" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1247535256, + "hashes": { + "imphash": "04a5e982c134477b1914ebcd7b6436d0", + "md5": "d6f630c1fd7f436316093ae500363b19", + "sha1": "197897b74f411040ba7df41a5bd3c1030661b904", + "sha256": "73a94b4938430396ea4240b1a6676b4e6c19cfaf8c52efb9a69b4b2175a86307" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791727734784, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\XmlLite.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258889, + "hashes": { + "imphash": "8181b1ef70ff3d29984db497f92a2662", + "md5": "c3761661c17c2248a9379a8fb89e3de1", + "sha1": "d2ea41e02bbaa77f8b93b09277596a34cdae8853", + "sha256": "ce3477fa2b4058eb80739e0161fe957545f13cf86d313f6422732901d35f75f2" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791617568768, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\stobject.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257641, + "hashes": { + "imphash": "fbe995ff97475c5aa2777a4bc493d4b1", + "md5": "f832eeea97cdda1af577e721f652a0d1", + "sha1": "48f227a1e10d49edf56e3559e05c871bc285c199", + "sha256": "ebbb7ca199ba4df231123922bd310d43de0104c6185b70fe0281b938d5336f2e" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791616782336, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\BatMeter.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535260, + "hashes": { + "imphash": "5d8fff13bf206e589cae241fc7f4d464", + "md5": "bd3674be7fc9d8d3732c83e8499576ed", + "sha1": "cb96190d6366e11dd6e6b48f4cdc4332015cfa67", + "sha256": "e6716a5895d629263a4d21959f48840429ab6f4b55a5fa2663ee5e86c9ca2bf1" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791727538176, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WTSAPI32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290259008, + "hashes": { + "imphash": "b2ecd39ae0055d9e1b8aa5bc78942cba", + "md5": "eb3f9c2de1236b5d46b2291d82970e43", + "sha1": "0ce9ddc1063256ab571b916389321fd7f572ddc0", + "sha256": "8a43d335f3d573bed98af54bb51e82546c2acc025da8a48d801213eb14e9d5d4" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791759781888, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WINTRUST.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534970, + "hashes": { + "imphash": "8accd78cb7feca81ac448f0485be30dc", + "md5": "4166f82be4d24938977dd1746be9b8a0", + "sha1": "5174036d781677f5444d9a23079baf18f4bbda44", + "sha256": "24121751b7306225ad1c808442d7b030def377e9316aa0a3c5c7460e87317881" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791730159616, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\es.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257970, + "hashes": { + "imphash": "8c20d7b93902b8c193a7fc1b4b58e9aa", + "md5": "42a9cb6906d9a8bedc83b57163e62924", + "sha1": "50e5592460d91205e912d55f60a2dd3cc4da4329", + "sha256": "e18522d3137653140757829efbfce624a5baa5842e2bba10b9e5ab6c84be49e1" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791614619648, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\dxp.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258826, + "hashes": { + "imphash": "1df61af51096e9bbbdc1834405984e4c", + "md5": "2d2a6ec8ead30ec3ace2fd6fb1b3e122", + "sha1": "1e77948378474e155307d290b998994f720206bf", + "sha256": "e7ea375a3bde8fc764cb09524344370b9ee25f98ad6c83e6f37a569eb8d277d6" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791614160896, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\prnfldr.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290259000, + "hashes": { + "imphash": "2f59265cb3df847423b60921203365be", + "md5": "0015acfbbdd164a8a730009908868ca7", + "sha1": "671c084513461900550bd49d3dccb58bdbe05adf", + "sha256": "e1ff243ad2cf959fab81efe701592414991c03416ff296adc93906e76b707c4d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791654924288, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WINSPOOL.DRV", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535225, + "hashes": { + "imphash": "3d49b728c9125f451e7f2f215e9d3bbb", + "md5": "2bc7c9fd0a9f2c9afc373f3ad1ee3891", + "sha1": "1b7c6960a72509d1f408022d791c6a65acb2a75d", + "sha256": "0a82a475301202791a7c10f978f952eab7db146a702d4ea67e24e2c98bc19638" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791648108544, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\Syncreg.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258789, + "hashes": { + "imphash": "c5c69e7d20ca382ddbc49947d651a8e7", + "md5": "10f815be90a66aafc6c713d1bd626064", + "sha1": "3e21f173a6bcdf629c442d89abadc48137c61bb2", + "sha256": "01139fc04bc53594296f6a0e16b8d20b940f64bc8119fe7705c03c4947958f39" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791612325888, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\pnidui.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258791, + "hashes": { + "imphash": "6437e4761b1278fdecf142a679216f7b", + "md5": "b9f0a4020aa98b7a20287bf7fe99a1fd", + "sha1": "1f28ac7493ce972b45de191780a190504d1d0c44", + "sha256": "21138f161eeea46198890c7a2d073f2c82829e15676131bdad9f237edc7477cd" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791612194816, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\QUtil.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535239, + "hashes": { + "imphash": "deeb658dae29d8df1c8dbb08f06801b0", + "md5": "3c073b0c596a0af84933e7406766b040", + "sha1": "06185554c38353211430f5f075c490558e46fb3d", + "sha256": "4698bba678f553e15ad4b07ad7fb236281f872defee97bfd637114476c8f97b3" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791752769536, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\wevtapi.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258586, + "hashes": { + "imphash": "97bb6eee9e1ea3e5751077b655b54de5", + "md5": "a42f2c1eb3b66c54fb3c7b79d30c1a6d", + "sha1": "cee705de8d3dfcc9e2a14e0249d6be61fcd54a18", + "sha256": "a63836db3b01835dc1311526a95198d6ebccb1dc9ddafbc38ec36c128cdb98b9" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791609507840, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\netshell.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258138, + "hashes": { + "imphash": "0bc508389b6b5577cf3cca214ca523a7", + "md5": "2b81776da02017a37fe26c662827470e", + "sha1": "8c85389640bea73a009d83079f8b4c963697035f", + "sha256": "a656353c50ee08422145d00db9cfd9f6d3e664753b3c454b171e2a56a8aa94dc" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791727210496, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\IPHLPAPI.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535145, + "hashes": { + "imphash": "579f52f57e43aa6ff0d07e88af5d0ff5", + "md5": "044fe45ffd6ad40e3bbbe60b7f41babe", + "sha1": "94233c0d4169c02c85514adb1f05cd3298c87f43", + "sha256": "a1688a5e6e0f7037c850699462c2655006a7d873c97f9ab406c59d81749b6f09" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791763648512, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\NSI.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535281, + "hashes": { + "imphash": "e710d6d30f2346e7cd91c89ec3b602d9", + "md5": "4c9210e8f4e052f6a4eb87716da0c24c", + "sha1": "d4fa50aded12eb162478d7606f1270b78dd1a44b", + "sha256": "460f7990bdadb7d58d6dc95b094d30a2efdc4ceed444b18a2f36e8d9076fb8b9" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791726948352, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\WINNSI.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258583, + "hashes": { + "imphash": "7e01da4b2a8806d2944a3ff2e271958f", + "md5": "2df36f15b2bc1571a6a542a3c2107920", + "sha1": "660a44b660d8e57ef7d7efbbc006ac390a7901fa", + "sha256": "a918f1ee95269df973421af2f5713deeaf15ef0f77baa7e8c515ffb69896fb7a" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791735992320, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\nlaapi.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534791, + "hashes": { + "imphash": "59b31e42f8fae7b5809ba7fcae732e0c", + "md5": "4cbcc37856ea2039c27a2fb661dda0e5", + "sha1": "cc666108d34168420a1d1942dda1e090154c7296", + "sha256": "74cbfab3092a9564bddfcb84db3e3f8bcfd1492938adf187423d3355d73d21c6" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791723999232, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\dhcpcsvc6.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258981, + "hashes": { + "imphash": "1ec347d133df2fe4da3e5f8944caeae8", + "md5": "4bbfa57f594f7e8a8edc8f377184c3f0", + "sha1": "d48aafa576b40a5e386e609bba1010472551154a", + "sha256": "9f3ac5dea5a6250c3dbb97af79c81c0a48429486521f807355a1d7d3d861b75f" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791788486656, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WS2_32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:35" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257492, + "hashes": { + "imphash": "f5d0254c5435291634c8b7357aa536bd", + "md5": "92dbf0a4c9239169010fc6e07859c82e", + "sha1": "634d8c12de82c422dfeba8f9a5fa84d03b7bcd35", + "sha256": "00fb2cf4420f0ffef519afe732a708cf249640121e2a891caa164313abd7f804" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791608655872, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\Actioncenter.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534790, + "hashes": { + "imphash": "f17020f0f66b64fbdf51c75b43f3729d", + "md5": "f568f7c08458d69e4fcd8675bbb107e4", + "sha1": "c1e05f0255a6f386711044b11e2d04dfd328b26a", + "sha256": "a5fa25ecf248999a68ccecfbb508bfa1add18a23e20a9a9081a87c41caaa36c0" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791723868160, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\dhcpcsvc.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257996, + "hashes": { + "imphash": "eb1c8dd21e1f92a8be35a76b165ce8da", + "md5": "52d3d5e3586988d4d9e34acaac33105c", + "sha1": "2c20246d2c45fb6e8976b37ad62465f5f4255f2b", + "sha256": "c61b60ba962b25b8334f0941c3535ea4aca1cc060b8a196e396ca3e11ceef8a1" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791746412544, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\credssp.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258110, + "hashes": { + "imphash": "9ba63732839305b29ebe539451171b45", + "md5": "8130391f82d52d36c0441f714136957f", + "sha1": "e2bb102565986a42d0a43bd3f337f94dbe54eead", + "sha256": "1fd4fee7caf63e450f27729e07ea2a2f09288629fd872dbb6e8710b16d8dbd5d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791608131584, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\imapi2.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258038, + "hashes": { + "imphash": "e070eff3751fea77ccd424469a9a07e6", + "md5": "6a5c1a8ac0b572679361026d0e900420", + "sha1": "fd9241fdda4b9d08ff1e205f9d5f78923ab884d8", + "sha256": "b5e693b48b462e97738a3d4e58b60846159649eb15f4d11074b4bc107cc88562" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791607345152, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\hgcpl.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535139, + "hashes": { + "imphash": "1e00eab90042e5099339cb82841b434a", + "md5": "f7073c962c4fb7c415565dde109de49f", + "sha1": "671c2e910ff954700b3a1f80608423697895c0a9", + "sha256": "781e7088dcefbc34a808c3e7da41a56112b3f23abe9f54b5ef4d5cd9cd016b1d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791680090112, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\npmproxy.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258777, + "hashes": { + "imphash": "d402ebf00a5cffa66b6682780c262457", + "md5": "6b851e682a36453e1b1ee297ffb6e2ab", + "sha1": "3dc85ba13d1f720e8039865817bcc65dc0f1d35b", + "sha256": "a641d3fd9463c4788b45b8b5584ea4489c1f63a71b4b595ae85ff3482cd5eda6" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791606099968, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\QAgent.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534818, + "hashes": { + "imphash": "09bf801b36364c598a2a8fdff079932c", + "md5": "cd1b5ad07e5f7fef30e055dcc9e96180", + "sha1": "4e835fdadd0c67fde44e385f69a1014d6ad11f4f", + "sha256": "63c58551f32b0b09377f64a6ae1fa81af93b8a707a57a8c18722086906ad3046" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791745167360, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\DEVRTL.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258413, + "hashes": { + "imphash": "08a9b8e4e42e5520be662b4663289747", + "md5": "1eac1a8ca6874bf5b15e2efb9a9a7b86", + "sha1": "30cff16f17833aa042d8b6cc32d86c4a39c77c67", + "sha256": "e15ed4fefc3010c213694331ddfdc03767682325c898d773ab243e2dc8b08461" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791633100800, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\MsftEdit.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258939, + "hashes": { + "imphash": "6ac24d44010fe2db4d5e9e0651b7a3cf", + "md5": "f9959237f106f2b2609e61a290c0652e", + "sha1": "7f7c92c4fe8244a7deac7fed4d5576042bfba29e", + "sha256": "fccc12e5aae1773bf87b1c4bce71d017db1a5a7ac189559058ea1ecc72075a82" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791628709888, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\werconcpl.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535233, + "hashes": { + "imphash": "cce75846cdf9d74f85e44fc728ee8440", + "md5": "9689a9c7f7c2a1a423cda2c3b43fff65", + "sha1": "ebe6b3066634239a4f62780a8a6e27f33b0afc87", + "sha256": "914ad22d98975578bc14d821f72e8dfce24f2092f9c299d24ebbaf5408fe8b8b" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791646994432, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\wer.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257998, + "hashes": { + "imphash": "6e52c6bdbfd3d257064382284bd4f59c", + "md5": "1484b9ebf567346582de571b0e164ae0", + "sha1": "6b87eb7005fe659f976732307fe12b96747dfc8d", + "sha256": "9862bf22b2e32dabe7a82acee5b4ea1f0a93bdc3c71b20a6a4e568cccd76a7a6" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791628382208, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\framedynos.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535235, + "hashes": { + "imphash": "64b92457c7762d63f903189058d583ca", + "md5": "7e591867422dc788b9e5bd337a669a08", + "sha1": "3bd1b2a2271d6756351d9b4876193efd8a845da0", + "sha256": "484e6bccdf7adce9a1aacad1bc7c7d7694b9e40fa90d94b14d80c607784f6c75" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791628251136, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\wercplsupport.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258497, + "hashes": { + "imphash": "2814c7c81c59e8a913c288a8c72a9c1c", + "md5": "5c29199c9f0ede64f17f268084ec4392", + "sha1": "a767e893427f9b24fe06cbb3a155dd54162a402a", + "sha256": "ea9fd588a8c89399dd287399a912b356a4234cfe418239b227d255749f5ddde2" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791652564992, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\msxml6.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:35" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1247534858, + "hashes": { + "imphash": "2ab209fb6a68c8e15483324a442c1c4c", + "md5": "809ae7d4ace06bbcf621e5c504bf6fc8", + "sha1": "c0e2202d99db67a9efa6c67226410ad3c7b657a6", + "sha256": "0baab89fb57468f27446947d75cbd6ddfc92d9b8f040144a12656803b2f7bf65" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791722491904, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\hcproviders.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 b3 f5 00 00 00 00 00 0d ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:36" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258095, + "hashes": { + "imphash": "328b1cd6b239c7c01904019379bede4b", + "md5": "77a8a1791145710c7efe76ea82bf0763", + "sha1": "e421318d7b6d66c9214722c736f5b3d4207acf74", + "sha256": "9488b96e065299d273f9dcc82aa1203b48f0038d4f27324da19e9bfd925ca737" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791627726848, + "mapped_size": 0, + "path": "C:\\Program Files\\Internet Explorer\\ieproxy.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258892, + "hashes": { + "imphash": "ec50511b4e46da8b1a467667a84f8047", + "md5": "9cead32e79a62150fe9f8557e58e008b", + "sha1": "4cbd17b96209b5e2da683382e05cef55f48d6107", + "sha256": "afe4c1725ee94d7de0749ae1495a4e5cc33c369f29b2a589da66ffe27ff9777e" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791757357056, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\SXS.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258896, + "hashes": { + "imphash": "d75a096a9c47b1fd385a268e9c6f2f68", + "md5": "24f4b480f335a6c724af352253c5d98b", + "sha1": "a388cc90338cec7b5eec66e921599de0cc275a2b", + "sha256": "011413b236cad7b78ce0a0eec3e3085d48c7576a3205d025ba6ebfdf590538e4" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791660232704, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\thumbcache.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247527581, + "hashes": { + "imphash": "be693a67b5b884d7609eaf574ba00955", + "md5": "d87e1e59c73c1f98d5ded5b3850c40f5", + "sha1": "141c0ebecdd2733b90431f18b188ee0b64456268", + "sha256": "536419bff9f877d4314b5d0c045d9a6e729489c389863fadf07e382050bc84fd" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 2009726976, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\PSAPI.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 b3 f5 00 00 00 00 00 0d ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:36" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258093, + "hashes": { + "imphash": "39d5c5468a8e87803234025334b9dc09", + "md5": "f1115299b9f4c983bc4523b33e3a506c", + "sha1": "639946c23b630798284a92117882990ea31d702e", + "sha256": "01a1d8b3e5cf727f92f4a43d5c5f81022127d58a850d29d3f084ad411efbc9dd" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791578836992, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\ieframe.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535131, + "hashes": { + "imphash": "84786d42c8a896b9a971b3c9eb8feb4c", + "md5": "9869a4a10b90546dbd56947839fb4b87", + "sha1": "5d9642f314d62dc5834cbd7950230bad3f85d982", + "sha256": "66c84dcf39d9f6896d55b1623184a028891a0a98abe6044de1d4bad60c3c8d72" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791591157760, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\OLEACC.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258887, + "hashes": { + "imphash": "e6c083bfcedd032db2c66cd04f74c620", + "md5": "4e81439902079c348b61d7ff027fe147", + "sha1": "4386a5580b459aa4a0701addb753c3f9bf3da6f7", + "sha256": "e652c9ec77745504689532b3c394959f9b5bc29e9c008cb9ee09cda818514fa9" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791658594304, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\StructuredQuery.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258589, + "hashes": { + "imphash": "45badcf3f18f69f9f72af5245898d1cb", + "md5": "405f4d32d2185f1f1bd753d8eeaffb3a", + "sha1": "68bc45bac1e1584c789a6b3134bee5a2540f3e56", + "sha256": "cac42c3e09c43be96592b670d70821386014db22d8239a9cfb9e33e54fb5c3d5" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791656890368, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\NetworkExplorer.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258495, + "hashes": { + "imphash": "cdb39fb77293fb1bb86c2d5980ea8e88", + "md5": "022b05cee68d7826a93aedb4f1eb369e", + "sha1": "e7055d6cacb8c3fae06dc10ad480c8e6b8b7b592", + "sha256": "3b864d1471ed0949b02f1fa251b987185abeaddcbecd44efdbb6a7b7f03ca8bc" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791625760768, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\msxml3.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258914, + "hashes": { + "imphash": "6b6c83729fa36b04c301494d1eb07752", + "md5": "bb074f35b49eb2ea416962b596281e1e", + "sha1": "355fdb9e66ffad42144b1b6ec4d8eb357ed05d52", + "sha256": "e07208204b9616027e5144e2f3ef1ba81168365b7d2a761210b0fbc65b97871e" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791623598080, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\systemcpl.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258594, + "hashes": { + "imphash": "2bd8f9f72a13c2803ac3d34b805130b9", + "md5": "764908fe1fa96f93c95b1b67a0fced29", + "sha1": "88d0027e5d10158e3678d9eb2326779fef8a64d1", + "sha256": "26ef25ab307903c5e806a8cc3b750a491049e5d1225ceddfce64dd51aa6f592b" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791722557440, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\NETAPI32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290259010, + "hashes": { + "imphash": "6ad99a405bde55d6a18debafd3f5e5c5", + "md5": "3c91392d448f6e5d525a85b7550d8ba9", + "sha1": "b62eaf7d80617e136a8f3c9161c23464e6f2a171", + "sha256": "6fd0dc73dbe7519e2c643554c2a7f8fbe4f9a678c4241bb54b3c6e65d2abcf3a" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791722295296, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\wkscli.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534877, + "hashes": { + "imphash": "3e340766bf7f54e3e9746a945d4dcb71", + "md5": "a77be7cb3222b4fb0ac6c71d1c2698d4", + "sha1": "e68b4e0058fb130c765e5aa98af36e26563809db", + "sha256": "73566223914bf670df6b5931fa213e546713531b10391ed65b5256bbd7abde7f" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791735926784, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\DSROLE.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258758, + "hashes": { + "imphash": "c888173aa662e52d4b6194ed15819a13", + "md5": "db76db15efc6e4d1153a6c5bc895948d", + "sha1": "00dc6172c4507def32e4a269c08e76ab09abc3fe", + "sha256": "71ddf02c7ee2df66a08f1a2a08da39802c354624880a2be93a706ea7476422a3" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791690641408, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\SPPC.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 b3 f5 00 00 00 00 00 0d ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 07:10" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1247535243, + "hashes": { + "imphash": "9484a9d0a0e3ef20592c9f66412400a6", + "md5": "666a60f6f5e719856ff6254e0966eff7", + "sha1": "10258e708443bd21997e7a977b5ee36bd758e368", + "sha256": "58c072e7e215991e19c1ca062c476081982f7b9f039714539ae7feb4981c200f" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791716200448, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\wbem\\wbemprox.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 b3 f5 00 00 00 00 00 0d ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 07:10" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258938, + "hashes": { + "imphash": "03a62984ba62616e18740e69949df533", + "md5": "7db5aa22a8a8e5c2d335f44853c1f6de", + "sha1": "add6f6e2b6df5f571d06db724de5c7badad4e775", + "sha256": "a734a20357026c42950394682a52cbc3af956d09f1949e1b4e95467e999bc428" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791690051584, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\wbemcomn.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535244, + "hashes": { + "imphash": "6178a249d43f815225b0a9205f1f4f70", + "md5": "718b6f51ab7f6fe2988a36868f9ad3ab", + "sha1": "7cc84a20d6597f58eebabea5489d72239c6e746b", + "sha256": "76141b4e94c2766e2c34cef523092948771a7893212efadbe88d2171b85ff012" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791683170304, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\wbem\\wbemsvc.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 b3 f5 00 00 00 00 00 0d ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 07:10" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1247534846, + "hashes": { + "imphash": "c93ca8ec08e734d1b95c2a2d28884c47", + "md5": "a3f5e8ec1316c3e2562b82694a251c9e", + "sha1": "f0cdc2b44e609950ee97d9967c7459055a2af1a8", + "sha256": "f3dc6aa6a9d3b5bbc730668fc52c1d4bb5d515d404578bddd3d4869a7ed58822" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791688675328, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\wbem\\fastprox.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535150, + "hashes": { + "imphash": "29f9ce11d25836037034b49be93790c6", + "md5": "ee26d130808d16c0e417bbbed0451b34", + "sha1": "962d52fb4d8f9965c5fc11a98f2f9048a2a5d918", + "sha256": "4886dce4faef146a40babd492a8000a2022fea542a6135a9bafd4cd09297b4e5" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791688478720, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\NTDSAPI.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258103, + "hashes": { + "imphash": "ba45ab39c8fb40e4076d27cf8e0f4180", + "md5": "b8509dcfcfd577f568be4026bfd982c0", + "sha1": "1923c5995faf94d9b1767aca04e3134a5cedc07a", + "sha256": "e3608e6de15c400fa437349e7295fef10a1a0213ca3b532a58964b8c89749110" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791788355584, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\imagehlp.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + } + ], + "name": "explorer.exe", + "parent_exe": "", + "parent_name": "", + "pid": 784, + "ppid": 704, + "primary_token": { + "domain": "WIN-Q3DOP1UKA81", + "integrity_level": 12288, + "integrity_level_name": "high", + "privileges": [ + { + "description": "Adjust memory quotas for a process", + "enabled": false, + "name": "SeIncreaseQuotaPrivilege" + }, + { + "description": "Manage auditing and security log", + "enabled": false, + "name": "SeSecurityPrivilege" + }, + { + "description": "Take ownership of files or other objects", + "enabled": false, + "name": "SeTakeOwnershipPrivilege" + }, + { + "description": "Load and unload device drivers", + "enabled": false, + "name": "SeLoadDriverPrivilege" + }, + { + "description": "Profile system performance", + "enabled": false, + "name": "SeSystemProfilePrivilege" + }, + { + "description": "Change the system time", + "enabled": false, + "name": "SeSystemtimePrivilege" + }, + { + "description": "Profile single process", + "enabled": false, + "name": "SeProfileSingleProcessPrivilege" + }, + { + "description": "Increase scheduling priority", + "enabled": false, + "name": "SeIncreaseBasePriorityPrivilege" + }, + { + "description": "Create a pagefile", + "enabled": false, + "name": "SeCreatePagefilePrivilege" + }, + { + "description": "Back up files and directories", + "enabled": false, + "name": "SeBackupPrivilege" + }, + { + "description": "Restore files and directories", + "enabled": false, + "name": "SeRestorePrivilege" + }, + { + "description": "Shut down the system", + "enabled": false, + "name": "SeShutdownPrivilege" + }, + { + "description": "Debug programs", + "enabled": false, + "name": "SeDebugPrivilege" + }, + { + "description": "Modify firmware environment values", + "enabled": false, + "name": "SeSystemEnvironmentPrivilege" + }, + { + "description": "Bypass traverse checking", + "enabled": true, + "name": "SeChangeNotifyPrivilege" + }, + { + "description": "Force shutdown from a remote system", + "enabled": false, + "name": "SeRemoteShutdownPrivilege" + }, + { + "description": "Remove computer from docking station", + "enabled": false, + "name": "SeUndockPrivilege" + }, + { + "description": "Perform volume maintenance tasks", + "enabled": false, + "name": "SeManageVolumePrivilege" + }, + { + "description": "Impersonate a client after authentication", + "enabled": true, + "name": "SeImpersonatePrivilege" + }, + { + "description": "Create global objects", + "enabled": true, + "name": "SeCreateGlobalPrivilege" + }, + { + "description": "Increase a process working set", + "enabled": false, + "name": "SeIncreaseWorkingSetPrivilege" + }, + { + "description": "Change the time zone", + "enabled": false, + "name": "SeTimeZonePrivilege" + }, + { + "description": "Create symbolic links", + "enabled": false, + "name": "SeCreateSymbolicLinkPrivilege" + } + ], + "sid": "S-1-5-21-2016385190-3414718578-1263322444-500", + "type": "tokenPrimary", + "user": "Administrator" + }, + "sha1": "4583daf9442880204730fb2c8a060430640494b1", + "sha256": "6a671b92a69755de6fd063fcbe4ba926d83b49f78c42dbaeed8cdb6bbc57576a", + "sid": "S-1-5-21-2016385190-3414718578-1263322444-500", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted", + "threads": [ + { + "create_time": 1542341500, + "entrypoint": 4279023504, + "thread_id": 1920, + "up_time": 437 + }, + { + "create_time": 1542341500, + "entrypoint": 2008002240, + "thread_id": 1812, + "up_time": 437 + }, + { + "create_time": 1542341500, + "entrypoint": 8791783440744, + "thread_id": 2472, + "up_time": 436 + }, + { + "create_time": 1542341500, + "entrypoint": 8791792141832, + "thread_id": 2468, + "up_time": 436 + }, + { + "create_time": 1542341500, + "entrypoint": 8791790810108, + "thread_id": 2464, + "up_time": 436 + }, + { + "create_time": 1542341500, + "entrypoint": 8791792141832, + "thread_id": 2476, + "up_time": 435 + }, + { + "create_time": 1542341500, + "entrypoint": 2008021952, + "thread_id": 1800, + "up_time": 434 + }, + { + "create_time": 1542341500, + "entrypoint": 2008021952, + "thread_id": 2516, + "up_time": 433 + }, + { + "create_time": 1542341500, + "entrypoint": 8791792141832, + "thread_id": 2500, + "up_time": 433 + }, + { + "create_time": 1542341500, + "entrypoint": 8791792141832, + "thread_id": 1068, + "up_time": 432 + }, + { + "create_time": 1542341500, + "entrypoint": 8791792141832, + "thread_id": 2676, + "up_time": 428 + }, + { + "create_time": 1542341500, + "entrypoint": 8791792141832, + "thread_id": 2660, + "up_time": 428 + }, + { + "create_time": 1542341500, + "entrypoint": 8791792141832, + "thread_id": 2748, + "up_time": 428 + }, + { + "create_time": 1542341500, + "entrypoint": 8791729529348, + "thread_id": 2636, + "up_time": 428 + }, + { + "create_time": 1542341500, + "entrypoint": 8791792141832, + "thread_id": 2732, + "up_time": 424 + }, + { + "create_time": 1542341500, + "entrypoint": 8791783440744, + "thread_id": 1472, + "up_time": 419 + }, + { + "create_time": 1542341500, + "entrypoint": 2008021952, + "thread_id": 2220, + "up_time": 415 + }, + { + "create_time": 1542341800, + "entrypoint": 2008021952, + "thread_id": 2332, + "up_time": 104 + }, + { + "create_time": 1542341800, + "entrypoint": 2008021952, + "thread_id": 3712, + "up_time": 99 + }, + { + "create_time": 1542341800, + "entrypoint": 8791792141832, + "thread_id": 2080, + "up_time": 85 + }, + { + "create_time": 1542341800, + "entrypoint": 2008021952, + "thread_id": 4012, + "up_time": 81 + }, + { + "create_time": 1542341800, + "entrypoint": 2008021952, + "thread_id": 4060, + "up_time": 81 + }, + { + "create_time": 1542341800, + "entrypoint": 2008021952, + "thread_id": 520, + "up_time": 77 + }, + { + "create_time": 1542341800, + "entrypoint": 2008021952, + "thread_id": 3236, + "up_time": 74 + }, + { + "create_time": 1542341800, + "entrypoint": 2008021952, + "thread_id": 3260, + "up_time": 72 + }, + { + "create_time": 1542341900, + "entrypoint": 8791792141832, + "thread_id": 3680, + "up_time": 56 + }, + { + "create_time": 1542341900, + "entrypoint": 2008021952, + "thread_id": 3708, + "up_time": 55 + }, + { + "create_time": 1542341900, + "entrypoint": 2008021952, + "thread_id": 2512, + "up_time": 55 + }, + { + "create_time": 1542341900, + "entrypoint": 8791792141832, + "thread_id": 3748, + "up_time": 54 + }, + { + "create_time": 1542341900, + "entrypoint": 8791690668104, + "thread_id": 3872, + "up_time": 51 + }, + { + "create_time": 1542341900, + "entrypoint": 8791683305488, + "thread_id": 1016, + "up_time": 26 + }, + { + "create_time": 1542341900, + "entrypoint": 2008021952, + "thread_id": 3520, + "up_time": 26 + }, + { + "create_time": 1542341900, + "entrypoint": 8791792141832, + "thread_id": 3992, + "up_time": 13 + }, + { + "create_time": 1542341900, + "entrypoint": 8791760904360, + "thread_id": 3604, + "up_time": 12 + } + ], + "unique_pid": 35, + "unique_ppid": 0, + "up_time": 437, + "user": "Administrator" + } + }, + "captured_file": false, + "file_name": "C:\\Users\\Administrator\\Downloads\\endpointpe-blacklist-test.exe", + "file_operation": "open", + "file_owner": "Administrators", + "file_size": 188416, + "hashes": { + "imphash": "835d619dfdf3cc727cebd91300ab3462", + "md5": "4ace3baaa509d08510405e1b169e325b", + "sha1": "27fb21cf5db95ffca43b234affa99becc4023b9d", + "sha256": "6ed1c836dbf099be7845bdab7671def2c157643761b52251e04e9b6ee109ec75" + }, + "is_signature_trusted": false, + "malware_classification": { + "compressed_malware_features": { + "data_buffer": "eAHtnU1oHHUUwHsQ7MGDiIIUD4sH8WBBxJtopiLoUY0pYo2ZTbJJ0yQ17m4+ms/NRzeVWpuUWCL4sWlEYvFQ8KJQ6NCTEA8eRD30sIo3PdSriLi7837Pko3LbHZ2M5m+XObHm/d/X////83O7jCZvzacHBpPplNdfalkdjSdyty674Ft59dN71Dpb9v5eKh8LMEHjsCF2wIfVlRKsHROYPGkQO5+gY2vBSYYdWZFYGwEO/cITHMqkxPYnBBY+07gtCuQ9gSGigJ5lPPYGXcE+jA4z3Ad1ZtAUiDUyrEEPYzqRnIKgxd/Rgc7gygPo5wn95PouN7OeEYJ1UXiJgRmvscgp/LOziIkkSyT+xRVnXhZ4DKh5goCkzidRHkGO4uvCyw9LDDtCay8ILCAzrJOJaGuZwUuvSewivJVIPsklq8JbL4qMJsTSCcExrGs83WKU295ZFo5lr2TaZbcUw5FeJy8tgTeLpCy2iGeS67ABXzlgbEi1UC5FxcZnA4y/CLK82Qxi847FGGZRTLsCUxR1aWEwOp1AmOjDRYYzgwusL9WfqBiGJxnVAanixTq7Dp22LBdlWMJzlOx8wmBK2Rx5WmBLJIRwtAijOQE+ooCb2B5xBOYRtlfNeXpLpA7oyZRTqHzGenkmIJPnhBIMrzTwSA6H93CO5l+c1NA99f6IwLH8fUKdjTmDpTbgS50+gGVnECnE4PpooC2guPoaPADSHrcncNHmEHtAFkq3+EI+A37zsrrTvH3WTkvJLoOTyBp10wx2JcgVCRahA4NrICE4a+hrMXsA3qAHItW188E8ejO7XV3eh/KCYwxlamEwCgL8lN2wTntfrhY/U0g/5KAdvUpT+AszWqBdqH7VLeeZrExK9Cv1UgIDKA8g/cx7QAEP+AhAfRaMKB2HOJh+BSFSqKjSytNGBlc6PrpxvK7lCVDxbSG3Z7AhCMwx6gelwgLAltXBXJUTH29j+U1LHdipx/QprfKfGnF0sBpdBYxmEQyTzW0h6/0khcuhhJYRufym+i4VKMocJMs/KvfoW3/UJb4PeZOSZVONThZz4djP/75TAXa/CVfOvX3RgVLIDreLPN1pP1osW7lGmHsEhjBOzf+EPBE4vndvWz5xb/cChxGcv1LAb+tluALKnZ47isf1MXvz1ZMlsCXbXtPceqhrcp1ps6YHwQeBXLEPCf7q23tl9uJui0bGBgYRAccv7uXr/g5Af+2oNTrpgTa/vnpjBvpLAwM4gRBPvIZGBgYGBgYGBgYGBgYGBgYGBgYGBgYNAOc9oMXs4GBgYFBcNBnww5QzDXgRtPSaZ5lg/itsRaslgZ3bnWEEVnhMetIBwiiVnlbCbWrEftrt11zdwWnseFW1QO63w1is3ptD1pV9xG0t+zvfUrzrvh380qwXWAVCw6h78GIfG7ZlzltXu6hd+y92fECRFhjuH3bXG8N43oXEHperdzvUbteaDxhVTUeq25fqhG1X6Ai8mtF6BDXz2wR+dzSgg4Qsxls5T11XMG+82y8GkG+b7kL69xg7mF1SFvhBgYGsYH/Xi7HE+PVkiB2jt1bNZxT+k4558jR53ydz5//1m1KOgYGBgYGBgYGEQfnsYaG2z1sdPJS79XQSu91ndobOAHCaN5vNzUk1bceQVzUpbw3iOuT+UFmR18bHrp3gyhDC56lCd1y85w2+HSNUwVhhdGC7blLf+bV/fqtvhMg1NDjCcugB1QXswbs8ekj/v1BgzFHBIIsyP+HfwFdMpzu", + "decompressed_size": 27831, + "encoding": "zlib" + }, + "identifier": "endpointpe", + "prevention_threshold": 0.66, + "score": 1, + "threshold": 0.66, + "version": "3.0.33" + }, + "pid": 784, + "ppid": 704, + "signature_signer": "", + "temp_file_path": "C:\\Windows\\TEMP\\581ac9e2-e9ea-499e-8ec6-d7eed985b6c3", + "timestamp": { + "accessed": 1542341100, + "created": 1542341100, + "modified": 1542341100 + }, + "user_blacklisted": false + }, + "event_subtype_full": "file_classification_event", + "event_type_full": "alert_event", + "metadata": { + "beta_alert": false, + "chunk_id": 0, + "collection_time": 1542341900, + "correlation_id": "9a754fa1-f526-4390-9adf-640cae174f66", + "destination_plugin": "send", + "final": true, + "is_alert": true, + "key": "fileClassificationEventResponse", + "message_id": "7b97295f-3aae-4dc8-944f-039f1064c55b", + "origination_task_id": "010d9a4e-dd34-4dfa-b283-a492a5785e90", + "os_type": "windows", + "priority": 80, + "result": { + "local_code": 0, + "local_msg": "Success" + }, + "semantic_version": "3.50.0", + "sensor_version": "3.50.0", + "task_id": "010d9a4e-dd34-4dfa-b283-a492a5785e90", + "type": "prevention" + }, + "opcode": 8, + "serial_event_id": 141336, + "timestamp": 132140205750594450, + "timestamp_utc": "2019-09-27 01:16:15Z" + }, + "event": { + "action": "file_classification_event", + "dataset": "esensor", + "kind": "alert", + "module": "endgame" + }, + "host": { + "hostname": "HD-c15-bc09190a", + "ip": "10.179.244.14", + "name": "HD-c15-bc09190a", + "os": { + "name": "Windows", + "platform": "windows", + "version": "6.1" + } + }, + "labels": { + "account_id": "8c48070b-4b61-4ded-86d5-1b9a7a78229c", + "endpoint_id": "ced9c68e-b94a-4d66-bb4c-6106514f0a2f" + }, + "user": { + "group": { + } + } + }, + "type": "_doc" + } + }, + { + "type": "doc", + "value": { + "id": "9ONEc20BW148Je-ro712", + "index": "test_alert_data", + "source": { + "@timestamp": 1542346435000, + "agent": { + "id": "c89dc040-2350-4d59-baea-9ff2e369136f", + "type": "endgame", + "version": "3.0.0" + }, + "ecs": { + "version": "1.1.0" + }, + "endgame": { + "data": { + "alert_details": { + "acting_process": { + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "12 fb c3 65 d3 1e 18 e4 43 7e ed f7 77 5e 0c fb ", + "subject_name": "Cybereason Inc" + }, + "cert_timestamp": { + "issuer_name": "", + "serial_number": "", + "subject_name": "", + "timestamp_string": "" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "cmdline": "\"C:\\Program Files\\Cybereason ActiveProbe\\AmSvc.exe\"", + "create_time": 1542345900, + "domain": "NT AUTHORITY", + "exe": "C:\\Program Files\\Cybereason ActiveProbe\\AmSvc.exe", + "hashes": { + "md5": "1f2d082566b0fc5f2c238a5180db7451", + "sha1": "ca85243c0af6a6471bdaa560685c51eefd6dbc0d", + "sha256": "8ad40c90a611d36eb8f9eb24fa04f7dbca713db383ff55a03aa0f382e92061a2" + }, + "imphash": "c30d230b81c734e82e86e2e2fe01cd01", + "is_sensor": false, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "md5": "1f2d082566b0fc5f2c238a5180db7451", + "modules": [ + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "12 fb c3 65 d3 1e 18 e4 43 7e ed f7 77 5e 0c fb ", + "subject_name": "Cybereason Inc" + }, + "cert_timestamp": { + "issuer_name": "", + "serial_number": "", + "subject_name": "", + "timestamp_string": "" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1534424710, + "hashes": { + "imphash": "c30d230b81c734e82e86e2e2fe01cd01", + "md5": "1f2d082566b0fc5f2c238a5180db7451", + "sha1": "ca85243c0af6a6471bdaa560685c51eefd6dbc0d", + "sha256": "8ad40c90a611d36eb8f9eb24fa04f7dbca713db383ff55a03aa0f382e92061a2" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 5354225664, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\AmSvc.exe", + "signature_signer": "Cybereason Inc", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 b3 f5 00 00 00 00 00 0d ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 05:28" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258681, + "hashes": { + "imphash": "d41d8cd98f00b204e9800998ecf8427e", + "md5": "3556d5a8bf2cc508bdab51dec38d7c61", + "sha1": "92015f7bbdb9dad35e41c533d2c5b85f1cd63d85", + "sha256": "91e3d98ad3119e8addf8d2aa1dd6795162842fff7101e4c70c5137e847b4ff50" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 2001141760, + "mapped_size": 0, + "path": "C:\\Windows\\SYSTEM32\\ntdll.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258315, + "hashes": { + "imphash": "9165b02c931d76a9b666d8d42128111b", + "md5": "7a6326d96d53048fdec542df23d875a0", + "sha1": "5c02af0206c299f5bcab8da4237cfc92e3e93495", + "sha256": "182351570856cd6eedd9df7e2fb8ab76bd4d8fc70be11ad5de6484cfd70c21c6" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 1999962112, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\kernel32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258316, + "hashes": { + "imphash": "3f7fb1504bb73a54888bf1c3650fe4cf", + "md5": "da68c291b4ef2dec9c5963266bcae454", + "sha1": "5696e8c68fcf64104499e20e7cd5452b58b4f4ba", + "sha256": "21aa4779fc21e762178517268c95467238c92851ad9160bffc36b2379c58337f" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791752769536, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\KERNELBASE.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258929, + "hashes": { + "imphash": "2cb501375ed127591bf5cfee7f1e52fe", + "md5": "fe70103391a64039a921dbfff9c7ab1b", + "sha1": "e0019d9442aeebd3bb42a24c38aa2fae4c6bd4f5", + "sha256": "f7d219d75037bc98f6c69143b00ab6000a31f8b5e211e0af514f4f4b681522a0" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 1998913536, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\USER32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258001, + "hashes": { + "imphash": "51945fdf9aaf56aeb9d6fa1f21b638ce", + "md5": "1084aa52ccc324ea54c7121fa24c2221", + "sha1": "b13ef924708fa88577931ed0337000e90adcdf5b", + "sha256": "6e972cf624f7c0de8190434b3b30279a01c551713109f97b9ebb77fac9364754" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791766269952, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\GDI32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534943, + "hashes": { + "imphash": "919110853c18aa198ad129945337b1dd", + "md5": "d202223587518b13d72d68937b7e3f70", + "sha1": "916a3ce858f074f57dd9dac01be5cd4649f19887", + "sha256": "9db971b866d058adbb518dd99b87c5db8dd1e7c9073755b989ae7e9fb62901e8" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791758929920, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\LPK.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258933, + "hashes": { + "imphash": "17bf46cf6bf6c8cae48be5b75615a353", + "md5": "2f8b1e3ee3545d3b5a8d56fa1ae07b65", + "sha1": "66310680ee38904b2852717af13028e53b4e8b8e", + "sha256": "2a3ec01f3bafe7d7d656886437f7ffecce440c0d3f3467804769ab4bf1ff7a99" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791760175104, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\USP10.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535038, + "hashes": { + "imphash": "8c99b1c0f6cf68b07336751f460f1dba", + "md5": "7319bb10fa1f86e49e3dcf4136f6c957", + "sha1": "3eea5ee8bafb2b9975b236c5c5655df6f4b42aa1", + "sha256": "60de43ab267fd41c9804369b569139add30ed4e295c425f44fc04d3fcc95fca2" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791765286912, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\msvcrt.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534699, + "hashes": { + "imphash": "e1ee2d71958d21e0e1bf887dfe76af7f", + "md5": "6df46d2bd74e3da1b45f08f10d172732", + "sha1": "3491f8f9a73c00b158e43a530210d67a4f0598ae", + "sha256": "2dc945f6f2c4a82189bc7da2fcbb7d9a0e2588a909539249e55ba82468e0c677" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791761027072, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\ADVAPI32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535198, + "hashes": { + "imphash": "b8ba136689cdc8d8b25fc04902f39a22", + "md5": "83404dcbce4925b6a5a77c5170f46d86", + "sha1": "22bda6b9da4fcf492b4dd16554b0c0e27e1b8667", + "sha256": "d669614d0b4461db244ad99fbe1ba92ceb9b4ed5ec8e987e23764e77d9ac7074" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791789010944, + "mapped_size": 0, + "path": "C:\\Windows\\SYSTEM32\\sechost.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258798, + "hashes": { + "imphash": "46876e4adb924a616ddbbb1992d61257", + "md5": "0611473c1ad9e2d991cd9482068417f7", + "sha1": "c4a3fa902dedad5d448e1d8b2d113cae1dcf2f7a", + "sha256": "90afcc2a60350ece27e75e76459132ef0fa28ef283ce88fced4b82735a93ecda" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791770726400, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\RPCRT4.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "12 fb c3 65 d3 1e 18 e4 43 7e ed f7 77 5e 0c fb ", + "subject_name": "Cybereason Inc" + }, + "cert_timestamp": { + "issuer_name": "", + "serial_number": "", + "subject_name": "", + "timestamp_string": "" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1534424472, + "hashes": { + "imphash": "a24cfb84e3006f3634d5b09aed45c264", + "md5": "56e6aa240cf6503265fbe5cf4d5889e8", + "sha1": "2678a3c08b2f82598527bd0c064eb1be5877e277", + "sha256": "4e7e127e2818eeb2de34a9369dcaca233443f085e53706c969592a9907df2ae8" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791706042368, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\AP.dll", + "signature_signer": "Cybereason Inc", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "12 fb c3 65 d3 1e 18 e4 43 7e ed f7 77 5e 0c fb ", + "subject_name": "Cybereason Inc" + }, + "cert_timestamp": { + "issuer_name": "", + "serial_number": "", + "subject_name": "", + "timestamp_string": "" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1534424450, + "hashes": { + "imphash": "f12460104bb4725d7964cf569f727f61", + "md5": "58017789505c114426b63c775debc12b", + "sha1": "0a348ca38bbcf851083578b77a8263765bd9b5e7", + "sha256": "1bd7d7b7b69e15adb6fcf0b520a7107eb5270163935e1f50fcee85ed65440b46" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791701979136, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\Protobuf.dll", + "signature_signer": "Cybereason Inc", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "12 fb c3 65 d3 1e 18 e4 43 7e ed f7 77 5e 0c fb ", + "subject_name": "Cybereason Inc" + }, + "cert_timestamp": { + "issuer_name": "", + "serial_number": "", + "subject_name": "", + "timestamp_string": "" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1438071093, + "hashes": { + "imphash": "341d1190606326748a708433d5d0cc36", + "md5": "0a2be3ed5a71082e5f9296f79323a639", + "sha1": "6acb15e8191b5530297c807d3066b1a71f4326d4", + "sha256": "8847013e01db09adab6a1dc338803df3696730577a0dda847847540529048aae" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791700799488, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\libprotobuf.dll", + "signature_signer": "Cybereason Inc", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Code Signing PCA", + "serial_number": "33 00 00 00 b0 11 af 0a 8b d0 3b 9f dd 00 01 00 00 00 b0 ", + "subject_name": "Microsoft Corporation" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "33 00 00 00 2b 39 32 48 c1 b2 c9 48 f3 00 00 00 00 00 2b ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "10/04/2013 22:49" + }, + "more_info_link": "http://microsoft.com", + "program_name": "msvcp120.dll", + "publisher_link": "" + }, + "compile_time": 1380942867, + "hashes": { + "imphash": "d0a59246eab41d54812cd63c2326e1f1", + "md5": "46060c35f697281bc5e7337aee3722b1", + "sha1": "d0164c041707f297a73abb9ea854111953e99cf1", + "sha256": "2abf0aab5a3c5ae9424b64e9d19d9d6d4aebc67814d7e92e4927b9798fef2848" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791700078592, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\MSVCP120.dll", + "signature_signer": "Microsoft Corporation", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Code Signing PCA", + "serial_number": "33 00 00 00 b0 11 af 0a 8b d0 3b 9f dd 00 01 00 00 00 b0 ", + "subject_name": "Microsoft Corporation" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "33 00 00 00 2b 39 32 48 c1 b2 c9 48 f3 00 00 00 00 00 2b ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "10/04/2013 22:49" + }, + "more_info_link": "http://microsoft.com", + "program_name": "msvcr120.dll", + "publisher_link": "" + }, + "compile_time": 1380942847, + "hashes": { + "imphash": "8f18e22935ef8b336e246ee763fbec97", + "md5": "9c861c079dd81762b6c54e37597b7712", + "sha1": "62cb65a1d79e2c5ada0c7bfc04c18693567c90d0", + "sha256": "ad32240bb1de55c3f5fcac8789f583a17057f9d14914c538c2a7a5ad346b341c" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791699095552, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\MSVCR120.dll", + "signature_signer": "Microsoft Corporation", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258732, + "hashes": { + "imphash": "faad2d5bf5c0ca9639e07a49e8c5d8ae", + "md5": "6c60b5aca7442efb794082cdacfc001c", + "sha1": "aae17944782b25f41f7b3a756532b4923f4ae817", + "sha256": "fc1d9124856a70ff232ef3057d66bee803295847624ce23b4d0217f23af52c75" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791767121920, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\ole32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258736, + "hashes": { + "imphash": "774fed8966de60d3af2dd9070df5be6f", + "md5": "42f05f980f164e084db65b2e8cd8430f", + "sha1": "86498b3c5bbc240b9de0a10f2cb4185e754de6d7", + "sha256": "0813749847b08f6577791d18ad9eca6dff5b41c2f727ab5ee9e5bf9602ed50cb" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791769808896, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\OLEAUT32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258981, + "hashes": { + "imphash": "1ec347d133df2fe4da3e5f8944caeae8", + "md5": "4bbfa57f594f7e8a8edc8f377184c3f0", + "sha1": "d48aafa576b40a5e386e609bba1010472551154a", + "sha256": "9f3ac5dea5a6250c3dbb97af79c81c0a48429486521f807355a1d7d3d861b75f" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791771971584, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WS2_32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535145, + "hashes": { + "imphash": "579f52f57e43aa6ff0d07e88af5d0ff5", + "md5": "044fe45ffd6ad40e3bbbe60b7f41babe", + "sha1": "94233c0d4169c02c85514adb1f05cd3298c87f43", + "sha256": "a1688a5e6e0f7037c850699462c2655006a7d873c97f9ab406c59d81749b6f09" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791756898304, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\NSI.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258859, + "hashes": { + "imphash": "4b37cbf60127ea0550ec30e0b1c52984", + "md5": "eaf32cb8c1f810e4715b4dfbe785c7ff", + "sha1": "3b099b193abb9064e6937101d0c309f04d713882", + "sha256": "db6ad07fded42433e669508ab73faff6daff04575d6f1d016fe3eb6ecec4dd5d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791759650816, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\SHLWAPI.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257495, + "hashes": { + "imphash": "fd8a6a2046d9572b7f8f4288ae251c61", + "md5": "497bfeddaf3950dd909c3b0c5558a25d", + "sha1": "5d55bdc156372f51eb126f7bc2a8af161a1ef254", + "sha256": "980ea189929d95eb36e35980fff0c81f7b78de9422771fde8f4ac7a779f5bd89" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791725768704, + "mapped_size": 0, + "path": "C:\\Windows\\WinSxS\\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\\gdiplus.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258138, + "hashes": { + "imphash": "0bc508389b6b5577cf3cca214ca523a7", + "md5": "2b81776da02017a37fe26c662827470e", + "sha1": "8c85389640bea73a009d83079f8b4c963697035f", + "sha256": "a656353c50ee08422145d00db9cfd9f6d3e664753b3c454b171e2a56a8aa94dc" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791720460288, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\IPHLPAPI.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535281, + "hashes": { + "imphash": "e710d6d30f2346e7cd91c89ec3b602d9", + "md5": "4c9210e8f4e052f6a4eb87716da0c24c", + "sha1": "d4fa50aded12eb162478d7606f1270b78dd1a44b", + "sha256": "460f7990bdadb7d58d6dc95b094d30a2efdc4ceed444b18a2f36e8d9076fb8b9" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791720198144, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WINNSI.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247527581, + "hashes": { + "imphash": "be693a67b5b884d7609eaf574ba00955", + "md5": "d87e1e59c73c1f98d5ded5b3850c40f5", + "sha1": "141c0ebecdd2733b90431f18b188ee0b64456268", + "sha256": "536419bff9f877d4314b5d0c045d9a6e729489c389863fadf07e382050bc84fd" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 2003042304, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\PSAPI.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "12 fb c3 65 d3 1e 18 e4 43 7e ed f7 77 5e 0c fb ", + "subject_name": "Cybereason Inc" + }, + "cert_timestamp": { + "issuer_name": "", + "serial_number": "", + "subject_name": "", + "timestamp_string": "" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1472978395, + "hashes": { + "imphash": "3a8c832bddbba9333df28c1da212318e", + "md5": "e1c637922e34d868ebcd6ef199cf1394", + "sha1": "01c19a0137082a03ecace613506af5fe9a66a12b", + "sha256": "0c0c7b4c9926413c285fa2345f08b895888887156277e535851a1f1d774e6c6c" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791698243584, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\SQLite2015.dll", + "signature_signer": "Cybereason Inc", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534912, + "hashes": { + "imphash": "d76d7be0b8ac9aafe17d2cc7deb32b29", + "md5": "aa2c08ce85653b1a0d2e4ab407fa176c", + "sha1": "0119c23d88292a0e4fec04d5cf8629005a44e37c", + "sha256": "83dfd0c119b20aedb07114c9d1cf9ce2dfa938d0f1070256b0591a9e2c3997fa" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791766073344, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\IMM32.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535018, + "hashes": { + "imphash": "b523fff180cb22465ccf191b827e9923", + "md5": "c431eaf5caa1c82cac2534a2eab348a3", + "sha1": "e425577ccfc9b92efbbcb760d21fcaa478d3e51a", + "sha256": "addf850128dc675e67faba9a3d0d27e684f01f733962ca22927bb94503549e44" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791761944576, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\MSCTF.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534874, + "hashes": { + "imphash": "621a31b25a9ef1d128ea281b3eab572b", + "md5": "0040c486584a8e582c861cfb57ab5387", + "sha1": "bcf326e3f79b3db028c2ef1cc1a47d9697e867e7", + "sha256": "5ee17b55cb702d14ae75b19226de21cd2498bda6c6ef5872fdb8a718f401fed1" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791719346176, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\fwpuclnt.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258848, + "hashes": { + "imphash": "cc4d63ca30fdbb90048e549782d2116a", + "md5": "858df0795cb5b4bace0f33708925a414", + "sha1": "e629ed78e6e1829263890974760dad8a431edf69", + "sha256": "a9063af8d5c73a722bd269d144d8a65c98db4cfdd9f626e3a8283754e22c8c9c" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791748050944, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\Secur32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258854, + "hashes": { + "imphash": "9c631776d86c9b15258c3cc2a6a7891d", + "md5": "26e716ed95dc48cf6e5ac046089366af", + "sha1": "2bd96b8ae5ae3ad14c16d2a98a91a9a9f26d179d", + "sha256": "f686d557b7ac1688efc7cb48311290d713d3db2e9e61e947098a7c80e3a1b9e9" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791772299264, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\shell32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "3d b2 9a 36 51 f3 f5 e4 9c e0 79 d2 83 95 76 30 ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "11/29/2016 03:22" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1480418473, + "hashes": { + "imphash": "f89e0a919d52e2b37d82d27f521530cf", + "md5": "f1a6e89598aa63a2efcfd1e31b44fe7c", + "sha1": "cd3a39758e72f42ef077c0ad9dd700509a032da6", + "sha256": "1ee6540520a7a84bc22036be42052303b5aed9911c9e8a04184a0688c63576f8" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791694901248, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\BDUpdateServiceCom.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258594, + "hashes": { + "imphash": "2bd8f9f72a13c2803ac3d34b805130b9", + "md5": "764908fe1fa96f93c95b1b67a0fced29", + "sha1": "88d0027e5d10158e3678d9eb2326779fef8a64d1", + "sha256": "26ef25ab307903c5e806a8cc3b750a491049e5d1225ceddfce64dd51aa6f592b" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791715807232, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\NETAPI32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258588, + "hashes": { + "imphash": "96f28fef38c977afbf3f6e8f39c0d6b9", + "md5": "6ceca4c6a489c9b2e6073afdaae3f607", + "sha1": "b228f6208642cb99e5bcdf2d3ebda2b8bc4fb020", + "sha256": "127506d1db38275614cbeb047c133718ef9d03266ba9c98be55ec7847cfc9c3d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791715676160, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\netutils.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258920, + "hashes": { + "imphash": "2d37f2d4b3c246f361ca150fc7ebf8d4", + "md5": "3a9c9baf610b0dd4967086040b3b62a9", + "sha1": "3207ac7f895eab34623d994548d7810e54be3e79", + "sha256": "e8e9a0f42b1ee7806edceed08aa024d037215d06ca317e3678bd5364ad513d23" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791746609152, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\srvcli.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290259010, + "hashes": { + "imphash": "6ad99a405bde55d6a18debafd3f5e5c5", + "md5": "3c91392d448f6e5d525a85b7550d8ba9", + "sha1": "b62eaf7d80617e136a8f3c9161c23464e6f2a171", + "sha256": "6fd0dc73dbe7519e2c643554c2a7f8fbe4f9a678c4241bb54b3c6e65d2abcf3a" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791715545088, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\wkscli.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535234, + "hashes": { + "imphash": "13ecfa3a285149680a7a4b174c8b8f5b", + "md5": "94e026870a55aaeaff7853c1754091e9", + "sha1": "a4f845318e095d841b05e1400747ee4c28e1f28e", + "sha256": "b2f5d5629d12bdfa98dbed3898368f37d9009c7531b6909c7285a2c11c9a0f93" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791736254464, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\VERSION.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "3d b2 9a 36 51 f3 f5 e4 9c e0 79 d2 83 95 76 30 ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "01/18/2017 09:26" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1484760175, + "hashes": { + "imphash": "b33f679b12d9d05d922e720c0e21818c", + "md5": "1e5ea729f6dc5a8aff675a45706d389d", + "sha1": "f5a70ab4772325946a93c9eaf48ebe1dd1e7d3a3", + "sha256": "35da922b25ec8389a733f46a6c0d37c2c6b05463a123cde9fee48402c473e1ef" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791694245888, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\scan.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "3d b2 9a 36 51 f3 f5 e4 9c e0 79 d2 83 95 76 30 ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "11/22/2016 08:08" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1479830743, + "hashes": { + "imphash": "513a166377e008d25aa2e22983dd13ff", + "md5": "3450d998edec5cdbd03b0df09c17e02d", + "sha1": "558979fb1a9368acdf2dc1e3d1afd94e7343f914", + "sha256": "c1f24493e4fc2a9c5d17e077455c3a610ad1e5fa46590f0f9598e680e5a07556" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791694114816, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\gzfltum.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "3d b2 9a 36 51 f3 f5 e4 9c e0 79 d2 83 95 76 30 ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "01/16/2017 05:34" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1484573247, + "hashes": { + "imphash": "d6d5dc292fe4d710905e9f280360309d", + "md5": "9f1bcf84eaa34afbdfcf19f22fc1d6f5", + "sha1": "e15e023d46738f4848f64ce853ada6a3083f8b7f", + "sha256": "d1c30b1a7fc63c4f52b00628c3e73f571db52ff2b87718bcb5a6322923f58987" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791693000704, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\bdquar.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "3d b2 9a 36 51 f3 f5 e4 9c e0 79 d2 83 95 76 30 ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "01/16/2017 05:34" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1484573248, + "hashes": { + "imphash": "4e1a791e94ac955105ddfaac387de22f", + "md5": "874d6017f89a2ef255a16280ed4b1bf7", + "sha1": "8951c3ab1c9ea0c312206b98d22a9779c8a89c8c", + "sha256": "00512202b78037c17a77b095fcb3458381002dbd20de8dee0c99ff7701343cda" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791691427840, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\BDSmartDB.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257756, + "hashes": { + "imphash": "5cd9d6761799e2ff681533ef1ffbb31d", + "md5": "2477a28081bdaee622cf045acf8ee124", + "sha1": "304c5f29fa847fbd994ad7a0471214198b928c14", + "sha256": "00a09caf9129e84feea98fa03ce9012c9f961b64fee15c4f268822c0f82acc3c" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791752376320, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CFGMGR32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "DigiCert Assured ID Code Signing CA-1", + "serial_number": "0f b5 4c 96 fd 63 93 fd 7b b9 9c d1 d0 d5 16 ed ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "09/12/2018 01:20" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1512623776, + "hashes": { + "imphash": "e2dab13fa4a67b25d3fbae65a189c521", + "md5": "627d7f1de23e6b01d6251b4c6962e765", + "sha1": "5e1d1854861016198ce4a1dbdea883f257de9463", + "sha256": "82bdf513b5f5b55ff740482ee839b14455b2296e2a911cb9a1ae622969412ed5" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791684612096, + "mapped_size": 0, + "path": "C:\\ProgramData\\apv2\\bd_db\\1\\bdcore.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "VeriSign Class 3 Code Signing 2010 CA", + "serial_number": "3d b2 9a 36 51 f3 f5 e4 9c e0 79 d2 83 95 76 30 ", + "subject_name": "Bitdefender SRL" + }, + "cert_timestamp": { + "issuer_name": "Symantec Time Stamping Services CA - G2", + "serial_number": "0e cf f4 38 c8 fe bf 35 6e 04 d8 6a 98 1b 1a 50 ", + "subject_name": "Symantec Time Stamping Services Signer - G4", + "timestamp_string": "09/13/2017 23:13" + }, + "more_info_link": "", + "program_name": "", + "publisher_link": "" + }, + "compile_time": 1505278115, + "hashes": { + "imphash": "c2979e6e570392ed85b4e15810f2e90f", + "md5": "3b4c71b64bc20b0c6578a091a031c0fb", + "sha1": "00cb578e723555e929e4ad8e820772b56ce29475", + "sha256": "52db08c10a5f1482dda8527d592f71b33c1cfecfa5a5a2d0be5a78325c41dd7b" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791673536512, + "mapped_size": 0, + "path": "C:\\Program Files\\Cybereason ActiveProbe\\bdnc.dll", + "signature_signer": "Bitdefender SRL", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257999, + "hashes": { + "imphash": "04534d8dae5ab230b9bee9b1b0b2829d", + "md5": "3f9f2afa135f0663946a006dd5ffd897", + "sha1": "ea6456859b04b68af8dcd453381dd168af53fc5e", + "sha256": "276d1c9c78c529625c2ef3d77079324628686ea184767971901a1de93681c133" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791753490432, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CRYPT32.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258373, + "hashes": { + "imphash": "2e50bc5d9fe777770c8a6b2cfaf6b2e9", + "md5": "884415bd4269c02eaf8e2613bf85500d", + "sha1": "c3a64f05c210b38c69d8f1fc1d74a71b56ada30c", + "sha256": "efe771709ec942694fd206ac8d0a48ed7dcd35036f074268e4aecd68ac982cea" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791752310784, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\MSASN1.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535280, + "hashes": { + "imphash": "af1203c1d6d810c97729856780869b12", + "md5": "ef2ae43bcd46abb13fc3e5b2b1935c73", + "sha1": "c53e005cd04d99331ce3114ac119256133202313", + "sha256": "81fc06f306f620845d7dd8d06e706309e70bc89b589c81f3478302a3f5f73431" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791680024576, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WINMM.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258927, + "hashes": { + "imphash": "b32250da0d30f7782b5b900d4d9c519a", + "md5": "2a86e54b441ad41557f75dc5609b9793", + "sha1": "83ddcf8a1a0ca423bf8417f5e59b5c431bf50c43", + "sha256": "8fede6909413c0fa5b63d58d39affd0f6c3beeaf19b7b2f8674913abfd79a912" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791749951488, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\SSPICLI.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290258493, + "hashes": { + "imphash": "466f15f36f10655b30e9347e7dfc2b52", + "md5": "1d5185a4c7e6695431ae4b55c3d7d333", + "sha1": "5e9f739d46e20541ffc0a6421dc6be416ca8f261", + "sha256": "16f3906c54f1d71559836fdfcf4e83e7c9f454463d78fd577ad2d7022e0bcb51" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791743463424, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\mswsock.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535287, + "hashes": { + "imphash": "f967c6b35a5d1b7765016056a842e331", + "md5": "31559f3244c6bc00a52030caa83b6b91", + "sha1": "7943540153c7b7878101a4901d7935e05e7cfd32", + "sha256": "b2025742b5f0025ace9821d5722de3f997eeeab21d2f381c9e307882df422579" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791737106432, + "mapped_size": 0, + "path": "C:\\Windows\\System32\\wshtcpip.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534998, + "hashes": { + "imphash": "77870f98ca4d25a823c74d7404a64bfd", + "md5": "d0c2fbb6d97416b0166478fc7ae2b212", + "sha1": "e290bdf2312ac30a4e9f2a96d7c84714eee84899", + "sha256": "7eab6c37f0a845e645ca44cc060ac6c56e386c7ef7a64716c6786c9602ad8c9d" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791743856640, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CRYPTSP.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 04 ca 69 00 00 00 00 00 08 ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 17:43" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1247535161, + "hashes": { + "imphash": "b8c20a01e4d94df61ee21f5350389f9c", + "md5": "5d8874a8c11dddde29e12de0e2013493", + "sha1": "a1c8e3e6ee44dcb68752d44b3b6f4ecce89c388d", + "sha256": "3e9a57137bf622af83e3e4d58971e2c0200559cca7545d16cf263aa03ee9c7d2" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791740710912, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\rsaenh.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534993, + "hashes": { + "imphash": "f0c6fd6831905d958b05645b680db89f", + "md5": "784fa3df338e2e8f5f0389d6fac428af", + "sha1": "6d32c67c91c6d374854e907c6719db2538540867", + "sha256": "9c8aa0cfdeb9e38aaf8eb08626070e0f0364f4f8a793cfe3532ec6c007980c34" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791750541312, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\CRYPTBASE.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290257906, + "hashes": { + "imphash": "ff74e3ff0a015c2023b747f613061e42", + "md5": "a52b6cc24063cc83c78c0e6f24deec01", + "sha1": "a5384efac7d1f9213aaf0423ed0b021bc986b9df", + "sha256": "77e0d2b2356e71f9be52fa479c9dde17c453c198bb49cd4a97f2309628d82e3b" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791741890560, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\DNSAPI.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534791, + "hashes": { + "imphash": "59b31e42f8fae7b5809ba7fcae732e0c", + "md5": "4cbcc37856ea2039c27a2fb661dda0e5", + "sha1": "cc666108d34168420a1d1942dda1e090154c7296", + "sha256": "74cbfab3092a9564bddfcb84db3e3f8bcfd1492938adf187423d3355d73d21c6" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791717642240, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\dhcpcsvc6.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534790, + "hashes": { + "imphash": "f17020f0f66b64fbdf51c75b43f3729d", + "md5": "f568f7c08458d69e4fcd8675bbb107e4", + "sha1": "c1e05f0255a6f386711044b11e2d04dfd328b26a", + "sha256": "a5fa25ecf248999a68ccecfbb508bfa1add18a23e20a9a9081a87c41caaa36c0" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791717117952, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\dhcpcsvc.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247534847, + "hashes": { + "imphash": "dda6776607f283829d85b996f5e46d03", + "md5": "f3d202f53a222d5f6944d459b73cf967", + "sha1": "c9db224ce8ec34aa2f341b6766ea67aa12f8b4a7", + "sha256": "e9f1d48eb333d32331bcfd0348fe07bee7d5352292e6020571da395f596affe7" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791668686848, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\FLTLIB.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 01 c6 c1 00 00 00 00 00 07 ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "07/13/2009 19:17" + }, + "more_info_link": "http://www.microsoft.com/windows", + "program_name": "Windows System Catalog", + "publisher_link": "" + }, + "compile_time": 1247535135, + "hashes": { + "imphash": "ff720e05e534d67b814b8562265058f5", + "md5": "2c942733a5983dd4502219ff37c7ebc7", + "sha1": "263e8fbf77c0ceead0c9bca56394bffa4a664361", + "sha256": "34b20b6b0d7274e4b5b783f1d2345bc3dd9888964d5c2c65712f041a00cf5b45" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791751393280, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\profapi.dll", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + }, + { + "architecture": "x64", + "authenticode": { + "cert_signer": { + "issuer_name": "Microsoft Windows Verification PCA", + "serial_number": "61 15 23 0f 00 00 00 00 00 0a ", + "subject_name": "Microsoft Windows" + }, + "cert_timestamp": { + "issuer_name": "Microsoft Time-Stamp PCA", + "serial_number": "61 03 dc f6 00 00 00 00 00 0c ", + "subject_name": "Microsoft Time-Stamp Service", + "timestamp_string": "11/20/2010 11:37" + }, + "more_info_link": "http://www.microsoft.com", + "program_name": "Microsoft Windows", + "publisher_link": "" + }, + "compile_time": 1290259008, + "hashes": { + "imphash": "b2ecd39ae0055d9e1b8aa5bc78942cba", + "md5": "eb3f9c2de1236b5d46b2291d82970e43", + "sha1": "0ce9ddc1063256ab571b916389321fd7f572ddc0", + "sha256": "8a43d335f3d573bed98af54bb51e82546c2acc025da8a48d801213eb14e9d5d4" + }, + "malware_classification": { + "identifier": "Whitelisted", + "score": 0, + "threshold": 0, + "version": "3.0.0" + }, + "mapped_address": 8791753228288, + "mapped_size": 0, + "path": "C:\\Windows\\system32\\WINTRUST.DLL", + "signature_signer": "Microsoft Windows", + "signature_status": "trusted" + } + ], + "name": "AmSvc.exe", + "parent_exe": "C:\\Windows\\System32\\services.exe", + "parent_name": "services.exe", + "pid": 1084, + "ppid": 436, + "primary_token": { + "domain": "NT AUTHORITY", + "integrity_level": 16384, + "integrity_level_name": "system", + "privileges": [ + { + "description": "Replace a process level token", + "enabled": false, + "name": "SeAssignPrimaryTokenPrivilege" + }, + { + "description": "Lock pages in memory", + "enabled": true, + "name": "SeLockMemoryPrivilege" + }, + { + "description": "Adjust memory quotas for a process", + "enabled": false, + "name": "SeIncreaseQuotaPrivilege" + }, + { + "description": "Act as part of the operating system", + "enabled": true, + "name": "SeTcbPrivilege" + }, + { + "description": "Manage auditing and security log", + "enabled": false, + "name": "SeSecurityPrivilege" + }, + { + "description": "Take ownership of files or other objects", + "enabled": false, + "name": "SeTakeOwnershipPrivilege" + }, + { + "description": "Load and unload device drivers", + "enabled": true, + "name": "SeLoadDriverPrivilege" + }, + { + "description": "Profile system performance", + "enabled": true, + "name": "SeSystemProfilePrivilege" + }, + { + "description": "Change the system time", + "enabled": false, + "name": "SeSystemtimePrivilege" + }, + { + "description": "Profile single process", + "enabled": true, + "name": "SeProfileSingleProcessPrivilege" + }, + { + "description": "Increase scheduling priority", + "enabled": true, + "name": "SeIncreaseBasePriorityPrivilege" + }, + { + "description": "Create a pagefile", + "enabled": true, + "name": "SeCreatePagefilePrivilege" + }, + { + "description": "Create permanent shared objects", + "enabled": true, + "name": "SeCreatePermanentPrivilege" + }, + { + "description": "Back up files and directories", + "enabled": true, + "name": "SeBackupPrivilege" + }, + { + "description": "Restore files and directories", + "enabled": true, + "name": "SeRestorePrivilege" + }, + { + "description": "Shut down the system", + "enabled": false, + "name": "SeShutdownPrivilege" + }, + { + "description": "Debug programs", + "enabled": true, + "name": "SeDebugPrivilege" + }, + { + "description": "Generate security audits", + "enabled": true, + "name": "SeAuditPrivilege" + }, + { + "description": "Modify firmware environment values", + "enabled": false, + "name": "SeSystemEnvironmentPrivilege" + }, + { + "description": "Bypass traverse checking", + "enabled": true, + "name": "SeChangeNotifyPrivilege" + }, + { + "description": "Remove computer from docking station", + "enabled": false, + "name": "SeUndockPrivilege" + }, + { + "description": "Perform volume maintenance tasks", + "enabled": false, + "name": "SeManageVolumePrivilege" + }, + { + "description": "Impersonate a client after authentication", + "enabled": true, + "name": "SeImpersonatePrivilege" + }, + { + "description": "Create global objects", + "enabled": true, + "name": "SeCreateGlobalPrivilege" + }, + { + "description": "Increase a process working set", + "enabled": true, + "name": "SeIncreaseWorkingSetPrivilege" + }, + { + "description": "Change the time zone", + "enabled": true, + "name": "SeTimeZonePrivilege" + }, + { + "description": "Create symbolic links", + "enabled": true, + "name": "SeCreateSymbolicLinkPrivilege" + } + ], + "sid": "S-1-5-18", + "type": "tokenPrimary", + "user": "SYSTEM" + }, + "services": [ + { + "name": "CybereasonAntiMalware" + } + ], + "sha1": "ca85243c0af6a6471bdaa560685c51eefd6dbc0d", + "sha256": "8ad40c90a611d36eb8f9eb24fa04f7dbca713db383ff55a03aa0f382e92061a2", + "sid": "S-1-5-18", + "signature_signer": "Cybereason Inc", + "signature_status": "trusted", + "threads": [ + { + "create_time": 1542345900, + "entrypoint": 5354476452, + "thread_id": 1088, + "up_time": 601 + }, + { + "create_time": 1542345900, + "entrypoint": 2001252032, + "thread_id": 1116, + "up_time": 600 + }, + { + "create_time": 1542345900, + "entrypoint": 8791691510992, + "thread_id": 1204, + "up_time": 598 + }, + { + "create_time": 1542345900, + "entrypoint": 8791691468912, + "thread_id": 1220, + "up_time": 598 + }, + { + "create_time": 1542345900, + "entrypoint": 8791673571008, + "thread_id": 1392, + "up_time": 586 + }, + { + "create_time": 1542345900, + "entrypoint": 8791673571008, + "thread_id": 1396, + "up_time": 586 + }, + { + "create_time": 1542345900, + "entrypoint": 8791673574320, + "thread_id": 1400, + "up_time": 586 + }, + { + "create_time": 1542345900, + "entrypoint": 8791673638416, + "thread_id": 1404, + "up_time": 586 + }, + { + "create_time": 1542345900, + "entrypoint": 2001271744, + "thread_id": 1520, + "up_time": 584 + }, + { + "create_time": 1542345900, + "entrypoint": 8791699247140, + "thread_id": 1888, + "up_time": 547 + }, + { + "create_time": 1542345900, + "entrypoint": 8791694133536, + "thread_id": 1904, + "up_time": 547 + }, + { + "create_time": 1542345900, + "entrypoint": 8791694133536, + "thread_id": 1908, + "up_time": 547 + }, + { + "create_time": 1542345900, + "entrypoint": 8791694133536, + "thread_id": 1912, + "up_time": 547 + }, + { + "create_time": 1542345900, + "entrypoint": 8791694133536, + "thread_id": 1916, + "up_time": 547 + }, + { + "create_time": 1542345900, + "entrypoint": 8791694133872, + "thread_id": 1920, + "up_time": 547 + }, + { + "create_time": 1542345900, + "entrypoint": 8791694132592, + "thread_id": 1924, + "up_time": 547 + }, + { + "create_time": 1542345900, + "entrypoint": 8791694133216, + "thread_id": 1928, + "up_time": 547 + }, + { + "create_time": 1542345900, + "entrypoint": 8791694134640, + "thread_id": 1932, + "up_time": 547 + }, + { + "create_time": 1542345900, + "entrypoint": 5354393504, + "thread_id": 1936, + "up_time": 547 + }, + { + "create_time": 1542345900, + "entrypoint": 5354393504, + "thread_id": 1944, + "up_time": 547 + }, + { + "create_time": 1542346000, + "entrypoint": 2001271744, + "thread_id": 2372, + "up_time": 509 + }, + { + "create_time": 1542346400, + "entrypoint": 8791743523392, + "thread_id": 4036, + "up_time": 43 + }, + { + "create_time": 1542346400, + "entrypoint": 8791673712896, + "thread_id": 4040, + "up_time": 43 + }, + { + "create_time": 1542346400, + "entrypoint": 2002168128, + "thread_id": 3372, + "up_time": 28 + } + ], + "unique_pid": 21, + "unique_ppid": 8, + "up_time": 601, + "user": "SYSTEM" + }, + "acting_thread": { + "create_time": 1542345900, + "service_name": "CybereasonAntiMalware", + "thread_id": 1912, + "thread_start_address": 8791694133536, + "thread_start_address_module": "C:\\Program Files\\Cybereason ActiveProbe\\gzfltum.dll" + } + }, + "captured_file": false, + "file_name": "C:\\Windows\\TEMP\\tmp0000045c\\tmp00001b4a", + "file_operation": "creation", + "file_owner": "Administrators", + "file_size": 188416, + "hashes": { + "imphash": "835d619dfdf3cc727cebd91300ab3462", + "md5": "4ace3baaa509d08510405e1b169e325b", + "sha1": "27fb21cf5db95ffca43b234affa99becc4023b9d", + "sha256": "6ed1c836dbf099be7845bdab7671def2c157643761b52251e04e9b6ee109ec75" + }, + "is_signature_trusted": false, + "malware_classification": { + "compressed_malware_features": { + "data_buffer": "eAHtnU1oHHUUwHsQ7MGDiIIUD4sH8WBBxJtopiLoUY0pYo2ZTbJJ0yQ17m4+ms/NRzeVWpuUWCL4sWlEYvFQ8KJQ6NCTEA8eRD30sIo3PdSriLi7837Pko3LbHZ2M5m+XObHm/d/X////83O7jCZvzacHBpPplNdfalkdjSdyty674Ft59dN71Dpb9v5eKh8LMEHjsCF2wIfVlRKsHROYPGkQO5+gY2vBSYYdWZFYGwEO/cITHMqkxPYnBBY+07gtCuQ9gSGigJ5lPPYGXcE+jA4z3Ad1ZtAUiDUyrEEPYzqRnIKgxd/Rgc7gygPo5wn95PouN7OeEYJ1UXiJgRmvscgp/LOziIkkSyT+xRVnXhZ4DKh5goCkzidRHkGO4uvCyw9LDDtCay8ILCAzrJOJaGuZwUuvSewivJVIPsklq8JbL4qMJsTSCcExrGs83WKU295ZFo5lr2TaZbcUw5FeJy8tgTeLpCy2iGeS67ABXzlgbEi1UC5FxcZnA4y/CLK82Qxi847FGGZRTLsCUxR1aWEwOp1AmOjDRYYzgwusL9WfqBiGJxnVAanixTq7Dp22LBdlWMJzlOx8wmBK2Rx5WmBLJIRwtAijOQE+ooCb2B5xBOYRtlfNeXpLpA7oyZRTqHzGenkmIJPnhBIMrzTwSA6H93CO5l+c1NA99f6IwLH8fUKdjTmDpTbgS50+gGVnECnE4PpooC2guPoaPADSHrcncNHmEHtAFkq3+EI+A37zsrrTvH3WTkvJLoOTyBp10wx2JcgVCRahA4NrICE4a+hrMXsA3qAHItW188E8ejO7XV3eh/KCYwxlamEwCgL8lN2wTntfrhY/U0g/5KAdvUpT+AszWqBdqH7VLeeZrExK9Cv1UgIDKA8g/cx7QAEP+AhAfRaMKB2HOJh+BSFSqKjSytNGBlc6PrpxvK7lCVDxbSG3Z7AhCMwx6gelwgLAltXBXJUTH29j+U1LHdipx/QprfKfGnF0sBpdBYxmEQyTzW0h6/0khcuhhJYRufym+i4VKMocJMs/KvfoW3/UJb4PeZOSZVONThZz4djP/75TAXa/CVfOvX3RgVLIDreLPN1pP1osW7lGmHsEhjBOzf+EPBE4vndvWz5xb/cChxGcv1LAb+tluALKnZ47isf1MXvz1ZMlsCXbXtPceqhrcp1ps6YHwQeBXLEPCf7q23tl9uJui0bGBgYRAccv7uXr/g5Af+2oNTrpgTa/vnpjBvpLAwM4gRBPvIZGBgYGBgYGBgYGBgYGBgYGBgYGBgYNAOc9oMXs4GBgYFBcNBnww5QzDXgRtPSaZ5lg/itsRaslgZ3bnWEEVnhMetIBwiiVnlbCbWrEftrt11zdwWnseFW1QO63w1is3ptD1pV9xG0t+zvfUrzrvh380qwXWAVCw6h78GIfG7ZlzltXu6hd+y92fECRFhjuH3bXG8N43oXEHperdzvUbteaDxhVTUeq25fqhG1X6Ai8mtF6BDXz2wR+dzSgg4Qsxls5T11XMG+82y8GkG+b7kL69xg7mF1SFvhBgYGsYH/Xi7HE+PVkiB2jt1bNZxT+k4558jR53ydz5//1m1KOgYGBgYGBgYGEQfnsYaG2z1sdPJS79XQSu91ndobOAHCaN5vNzUk1bceQVzUpbw3iOuT+UFmR18bHrp3gyhDC56lCd1y85w2+HSNUwVhhdGC7blLf+bV/fqtvhMg1NDjCcugB1QXswbs8ekj/v1BgzFHBIIsyP+HfwFdMpzu", + "decompressed_size": 27831, + "encoding": "zlib" + }, + "identifier": "endpointpe", + "prevention_threshold": 0.66, + "score": 1, + "threshold": 0.66, + "version": "3.0.33" + }, + "pid": 1084, + "ppid": 436, + "signature_signer": "", + "temp_file_path": "C:\\Windows\\TEMP\\37c97b4b-6ee8-476c-bfdd-c0cd6783b86d", + "timestamp": { + "accessed": 1542346400, + "created": 1542346400, + "modified": 1542346500 + }, + "user_blacklisted": false + }, + "event_subtype_full": "file_classification_event", + "event_type_full": "alert_event", + "metadata": { + "beta_alert": false, + "chunk_id": 0, + "collection_time": 1542346500, + "correlation_id": "2c827da1-f977-42a7-994b-ab7e5cc50329", + "destination_plugin": "send", + "final": true, + "is_alert": true, + "key": "fileClassificationEventResponse", + "message_id": "2280efbc-8bdf-49bf-a712-bc44acdf3eaa", + "origination_task_id": "4d9d9e7e-4ea1-4373-954c-e8cdbb85c61d", + "os_type": "windows", + "priority": 80, + "result": { + "local_code": 0, + "local_msg": "Success" + }, + "semantic_version": "3.50.0", + "sensor_version": "3.50.0", + "task_id": "4d9d9e7e-4ea1-4373-954c-e8cdbb85c61d", + "type": "detection" + }, + "opcode": 8, + "serial_event_id": 144711, + "timestamp": 132140207402716480, + "timestamp_utc": "2019-09-27 01:19:00Z" + }, + "event": { + "action": "file_classification_event", + "dataset": "esensor", + "kind": "alert", + "module": "endgame" + }, + "host": { + "hostname": "HD-m3z-4c803698", + "ip": "10.176.220.187", + "name": "HD-m3z-4c803698", + "os": { + "name": "Windows", + "platform": "windows", + "version": "10.0" + } + }, + "labels": { + "account_id": "8c48070b-4b61-4ded-86d5-1b9a7a78229c", + "endpoint_id": "c89dc040-2350-4d59-baea-9ff2e369136f" + }, + "user": { + "group": { + } + } + }, + "type": "_doc" + } + } + ] \ No newline at end of file From 9d709c7563bb2d22918529fddec19d4723e7e4ae Mon Sep 17 00:00:00 2001 From: Xavier Mouligneau <189600+XavierM@users.noreply.github.com> Date: Tue, 28 Jan 2020 22:53:17 -0500 Subject: [PATCH 31/40] [SIEM] [TIMELINE] Only add endpoint logo when on event.module === endgame (#56263) * only add endpoint logo when on event.module === endgame * fix filter for value --- .../helpers.ts | 21 ++++++--- .../renderers/formatted_field_helpers.tsx | 44 ++++++++++--------- 2 files changed, 38 insertions(+), 27 deletions(-) diff --git a/x-pack/legacy/plugins/siem/public/components/page/add_filter_to_global_search_bar/helpers.ts b/x-pack/legacy/plugins/siem/public/components/page/add_filter_to_global_search_bar/helpers.ts index bd0859bac2d13..6fb53d67c1a6d 100644 --- a/x-pack/legacy/plugins/siem/public/components/page/add_filter_to_global_search_bar/helpers.ts +++ b/x-pack/legacy/plugins/siem/public/components/page/add_filter_to_global_search_bar/helpers.ts @@ -4,8 +4,14 @@ * you may not use this file except in compliance with the Elastic License. */ -export const createFilter = (key: string, value: string | null | undefined) => - value != null +import { esFilters } from '../../../../../../../../src/plugins/data/public'; + +export const createFilter = ( + key: string, + value: string[] | string | null | undefined +): esFilters.Filter => { + const queryValue = value != null ? (Array.isArray(value) ? value[0] : value) : null; + return queryValue != null ? { meta: { alias: null, @@ -13,21 +19,21 @@ export const createFilter = (key: string, value: string | null | undefined) => disabled: false, type: 'phrase', key, - value, + value: queryValue, params: { - query: value, + query: queryValue, }, }, query: { match: { [key]: { - query: value, + query: queryValue, type: 'phrase', }, }, }, } - : { + : ({ exists: { field: key, }, @@ -39,4 +45,5 @@ export const createFilter = (key: string, value: string | null | undefined) => type: 'exists', value: 'exists', }, - }; + } as esFilters.Filter); +}; diff --git a/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/formatted_field_helpers.tsx b/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/formatted_field_helpers.tsx index dc21cf03d0445..b48cc546fe78c 100644 --- a/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/formatted_field_helpers.tsx +++ b/x-pack/legacy/plugins/siem/public/components/timeline/body/renderers/formatted_field_helpers.tsx @@ -52,6 +52,13 @@ export const renderRuleName = ({ ); }; +const canYouAddEndpointLogo = (moduleName: string, endpointUrl: string | null | undefined) => + moduleName.trim().toLocaleLowerCase() === 'endgame' && + endpointUrl != null && + !isEmpty(endpointUrl) && + !isUrlInvalid(endpointUrl) && + endpointUrl.includes('/alerts/'); + export const renderEventModule = ({ contextId, eventId, @@ -90,26 +97,23 @@ export const renderEventModule = ({ {content} - {endpointRefUrl != null && - !isEmpty(endpointRefUrl) && - !isUrlInvalid(endpointRefUrl) && - endpointRefUrl.includes('/alerts/') && ( - - -

{i18n.LINK_ELASTIC_ENDPOINT_SECURITY}

-

{endpointRefUrl}

- - } - > - - - - - - )} + {endpointRefUrl != null && canYouAddEndpointLogo(moduleName, endpointRefUrl) && ( + + +

{i18n.LINK_ELASTIC_ENDPOINT_SECURITY}

+

{endpointRefUrl}

+ + } + > + + + + + + )} ) : ( getEmptyTagValue() From fd597e0a9eb94d252ba875bef9af70d38b9db6ea Mon Sep 17 00:00:00 2001 From: Maryia Lapata Date: Wed, 29 Jan 2020 09:08:42 +0300 Subject: [PATCH 32/40] [NP Cleanup] Remove ui/public/inspector (#55677) * Use src/plugins/inspector instead of ui/inspector * Remove unused ui/inspector * Use `inspector` plugin directly to register view * Fix path * Use inspector from NP * Revert view registration to a separate file --- .../kibana/public/discover/kibana_services.ts | 3 -- .../discover/np_ready/angular/discover.js | 2 +- .../np_ready/embeddable/search_embeddable.ts | 3 +- src/legacy/ui/public/agg_types/agg_type.ts | 2 +- src/legacy/ui/public/inspector/README.md | 6 --- .../ui/public/inspector/adapters/index.ts | 27 ------------ src/legacy/ui/public/inspector/index.ts | 22 ---------- src/legacy/ui/public/inspector/inspector.tsx | 42 ------------------- src/legacy/ui/public/inspector/types.ts | 33 --------------- .../public/inspector/ui/inspector_panel.tsx | 27 ------------ .../inspector/ui/inspector_view_chooser.tsx | 27 ------------ .../ui/public/inspector/view_registry.ts | 34 --------------- .../embeddable/embeddable.test.tsx | 2 +- .../maps/public/angular/map_controller.js | 5 +-- .../{register_views.js => register_views.ts} | 7 ++-- .../plugins/maps/public/kibana_services.js | 6 +++ x-pack/legacy/plugins/maps/public/plugin.ts | 6 ++- .../reducers/non_serializable_instances.js | 2 +- 18 files changed, 21 insertions(+), 235 deletions(-) delete mode 100644 src/legacy/ui/public/inspector/README.md delete mode 100644 src/legacy/ui/public/inspector/adapters/index.ts delete mode 100644 src/legacy/ui/public/inspector/index.ts delete mode 100644 src/legacy/ui/public/inspector/inspector.tsx delete mode 100644 src/legacy/ui/public/inspector/types.ts delete mode 100644 src/legacy/ui/public/inspector/ui/inspector_panel.tsx delete mode 100644 src/legacy/ui/public/inspector/ui/inspector_view_chooser.tsx delete mode 100644 src/legacy/ui/public/inspector/view_registry.ts rename x-pack/legacy/plugins/maps/public/inspector/views/{register_views.js => register_views.ts} (72%) diff --git a/src/legacy/core_plugins/kibana/public/discover/kibana_services.ts b/src/legacy/core_plugins/kibana/public/discover/kibana_services.ts index 27aa920c98aad..58406c74e9f38 100644 --- a/src/legacy/core_plugins/kibana/public/discover/kibana_services.ts +++ b/src/legacy/core_plugins/kibana/public/discover/kibana_services.ts @@ -62,8 +62,6 @@ export { getRequestInspectorStats, getResponseInspectorStats } from '../../../da export { intervalOptions } from 'ui/agg_types/buckets/_interval_options'; // @ts-ignore export { migrateLegacyQuery } from 'ui/utils/migrate_legacy_query'; -// @ts-ignore -export { RequestAdapter } from 'ui/inspector/adapters'; export { SavedObjectSaveModal } from 'ui/saved_objects/components/saved_object_save_modal'; export { showSaveModal } from 'ui/saved_objects/show_saved_object_save_modal'; export { stateMonitorFactory } from 'ui/state_management/state_monitor_factory'; @@ -92,7 +90,6 @@ export { SortDirection, } from '../../../../../plugins/data/public'; export { ElasticSearchHit } from './np_ready/doc_views/doc_views_types'; -export { Adapters } from 'ui/inspector/types'; export { registerTimefilterWithGlobalStateFactory } from 'ui/timefilter/setup_router'; export { FieldName } from 'ui/directives/field_name/field_name'; export { getFormat } from 'ui/visualize/loader/pipeline_helpers/utilities'; diff --git a/src/legacy/core_plugins/kibana/public/discover/np_ready/angular/discover.js b/src/legacy/core_plugins/kibana/public/discover/np_ready/angular/discover.js index dd782f97b075d..3f3333b7caec2 100644 --- a/src/legacy/core_plugins/kibana/public/discover/np_ready/angular/discover.js +++ b/src/legacy/core_plugins/kibana/public/discover/np_ready/angular/discover.js @@ -25,6 +25,7 @@ import dateMath from '@elastic/datemath'; import { i18n } from '@kbn/i18n'; import '../components/field_chooser/field_chooser'; +import { RequestAdapter } from '../../../../../../../plugins/inspector/public'; // doc table import './doc_table'; import { getSort } from './doc_table/lib/get_sort'; @@ -46,7 +47,6 @@ import { hasSearchStategyForIndexPattern, intervalOptions, migrateLegacyQuery, - RequestAdapter, showSaveModal, unhashUrl, stateMonitorFactory, diff --git a/src/legacy/core_plugins/kibana/public/discover/np_ready/embeddable/search_embeddable.ts b/src/legacy/core_plugins/kibana/public/discover/np_ready/embeddable/search_embeddable.ts index c840f1fbd87ed..f47cf52c756ac 100644 --- a/src/legacy/core_plugins/kibana/public/discover/np_ready/embeddable/search_embeddable.ts +++ b/src/legacy/core_plugins/kibana/public/discover/np_ready/embeddable/search_embeddable.ts @@ -21,6 +21,7 @@ import * as Rx from 'rxjs'; import { Subscription } from 'rxjs'; import { i18n } from '@kbn/i18n'; import { TExecuteTriggerActions } from 'src/plugins/ui_actions/public'; +import { RequestAdapter, Adapters } from '../../../../../../../plugins/inspector/public'; import { esFilters, TimeRange, @@ -43,13 +44,11 @@ import { ISearchEmbeddable, SearchInput, SearchOutput } from './types'; import { SortOrder } from '../angular/doc_table/components/table_header/helpers'; import { getSortForSearchSource } from '../angular/doc_table/lib/get_sort_for_search_source'; import { - Adapters, angular, getRequestInspectorStats, getResponseInspectorStats, getServices, IndexPattern, - RequestAdapter, ISearchSource, } from '../../kibana_services'; import { SEARCH_EMBEDDABLE_TYPE } from './constants'; diff --git a/src/legacy/ui/public/agg_types/agg_type.ts b/src/legacy/ui/public/agg_types/agg_type.ts index f9b48c373e02f..a590a253d8a6c 100644 --- a/src/legacy/ui/public/agg_types/agg_type.ts +++ b/src/legacy/ui/public/agg_types/agg_type.ts @@ -24,7 +24,7 @@ import { initParams } from './agg_params'; import { AggConfig } from '../vis'; import { AggConfigs } from './agg_configs'; -import { Adapters } from '../inspector'; +import { Adapters } from '../../../../plugins/inspector/public'; import { BaseParamType } from './param_types/base'; import { AggParamType } from '../agg_types/param_types/agg'; import { KBN_FIELD_TYPES, fieldFormats, ISearchSource } from '../../../../plugins/data/public'; diff --git a/src/legacy/ui/public/inspector/README.md b/src/legacy/ui/public/inspector/README.md deleted file mode 100644 index c8133d0d9238d..0000000000000 --- a/src/legacy/ui/public/inspector/README.md +++ /dev/null @@ -1,6 +0,0 @@ -# Inspector - -- Inspector has been moved to `inspector` New Platform plugin. -- You can find its documentation in `src/plugins/inspector/README.md`. -- This folder will be deleted soon, it is deprecated, do not use anything from here. -- This folder is ready to be deleted, as soon as nothing imports from here anymore. diff --git a/src/legacy/ui/public/inspector/adapters/index.ts b/src/legacy/ui/public/inspector/adapters/index.ts deleted file mode 100644 index 55df5a33a178b..0000000000000 --- a/src/legacy/ui/public/inspector/adapters/index.ts +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -/* eslint-disable */ - -/** - * Do not use this, use NP `inspector` plugin instead. - * - * @deprecated - */ -export * from '../../../../../plugins/inspector/public/adapters/index'; diff --git a/src/legacy/ui/public/inspector/index.ts b/src/legacy/ui/public/inspector/index.ts deleted file mode 100644 index db82508f36ada..0000000000000 --- a/src/legacy/ui/public/inspector/index.ts +++ /dev/null @@ -1,22 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -export { Inspector } from './inspector'; -export { viewRegistry } from './view_registry'; -export { Adapters } from './types'; diff --git a/src/legacy/ui/public/inspector/inspector.tsx b/src/legacy/ui/public/inspector/inspector.tsx deleted file mode 100644 index d65245c11cfe1..0000000000000 --- a/src/legacy/ui/public/inspector/inspector.tsx +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import { npStart } from '../new_platform'; -export { InspectorSession } from '../../../../plugins/inspector/public'; - -/** - * @deprecated - * - * Do not use this, use New Platform `inspector` plugin instead. - */ -export const Inspector = { - /** - * @deprecated - * - * Do not use this, use New Platform `inspector` plugin instead. - */ - isAvailable: npStart.plugins.inspector.isAvailable, - - /** - * @deprecated - * - * Do not use this, use New Platform `inspector` plugin instead. - */ - open: npStart.plugins.inspector.open, -}; diff --git a/src/legacy/ui/public/inspector/types.ts b/src/legacy/ui/public/inspector/types.ts deleted file mode 100644 index 98f2cf487eb43..0000000000000 --- a/src/legacy/ui/public/inspector/types.ts +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -/** - * Do not import these types from here, instead import them from `inspector` plugin. - * - * ```ts - * import { InspectorViewDescription } from 'src/plugins/inspector/public'; - * ``` - * - * @deprecated - */ -export { - Adapters, - InspectorViewProps, - InspectorViewDescription, -} from '../../../../plugins/inspector/public'; diff --git a/src/legacy/ui/public/inspector/ui/inspector_panel.tsx b/src/legacy/ui/public/inspector/ui/inspector_panel.tsx deleted file mode 100644 index 92ed169bf15e8..0000000000000 --- a/src/legacy/ui/public/inspector/ui/inspector_panel.tsx +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -/* eslint-disable */ - -/** - * Do not use this, use NP `inspector` plugin instead. - * - * @deprecated - */ -export * from '../../../../../plugins/inspector/public/ui/inspector_panel'; diff --git a/src/legacy/ui/public/inspector/ui/inspector_view_chooser.tsx b/src/legacy/ui/public/inspector/ui/inspector_view_chooser.tsx deleted file mode 100644 index 017e5c91095f6..0000000000000 --- a/src/legacy/ui/public/inspector/ui/inspector_view_chooser.tsx +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -/* eslint-disable */ - -/** - * Do not use this, use NP `inspector` plugin instead. - * - * @deprecated - */ -export * from '../../../../../plugins/inspector/public/ui/inspector_view_chooser'; diff --git a/src/legacy/ui/public/inspector/view_registry.ts b/src/legacy/ui/public/inspector/view_registry.ts deleted file mode 100644 index 5958be66ca184..0000000000000 --- a/src/legacy/ui/public/inspector/view_registry.ts +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import { npSetup } from 'ui/new_platform'; -export { InspectorViewDescription } from './types'; - -/** - * Do not use this, instead use `inspector` plugin directly. - * - * ```ts - * import { npSetup } from 'ui/new_platform'; - * - * npSetup.plugins.inspector.registerView(view); - * ``` - * - * @deprecated - */ -export const viewRegistry = npSetup.plugins.inspector.__LEGACY.views; diff --git a/x-pack/legacy/plugins/lens/public/editor_frame_plugin/embeddable/embeddable.test.tsx b/x-pack/legacy/plugins/lens/public/editor_frame_plugin/embeddable/embeddable.test.tsx index bc61c6ae34ce5..1f0620c43f7f7 100644 --- a/x-pack/legacy/plugins/lens/public/editor_frame_plugin/embeddable/embeddable.test.tsx +++ b/x-pack/legacy/plugins/lens/public/editor_frame_plugin/embeddable/embeddable.test.tsx @@ -9,7 +9,7 @@ import { ExpressionRendererProps } from 'src/plugins/expressions/public'; import { Query, TimeRange, esFilters } from 'src/plugins/data/public'; import { Document } from '../../persistence'; -jest.mock('../../../../../../../src/legacy/ui/public/inspector', () => ({ +jest.mock('../../../../../../../src/plugins/inspector/public/', () => ({ isAvailable: false, open: false, })); diff --git a/x-pack/legacy/plugins/maps/public/angular/map_controller.js b/x-pack/legacy/plugins/maps/public/angular/map_controller.js index ece775f5a7e25..5f058e2ba7806 100644 --- a/x-pack/legacy/plugins/maps/public/angular/map_controller.js +++ b/x-pack/legacy/plugins/maps/public/angular/map_controller.js @@ -43,9 +43,8 @@ import { getLayerListRaw, } from '../selectors/map_selectors'; import { getInspectorAdapters } from '../reducers/non_serializable_instances'; -import { Inspector } from 'ui/inspector'; import { docTitle } from 'ui/doc_title'; -import { indexPatternService } from '../kibana_services'; +import { indexPatternService, getInspector } from '../kibana_services'; import { SavedObjectSaveModal } from 'ui/saved_objects/components/saved_object_save_modal'; import { showSaveModal } from 'ui/saved_objects/show_saved_object_save_modal'; import { toastNotifications } from 'ui/notify'; @@ -510,7 +509,7 @@ app.controller( testId: 'openInspectorButton', run() { const inspectorAdapters = getInspectorAdapters(store.getState()); - Inspector.open(inspectorAdapters, {}); + getInspector().open(inspectorAdapters, {}); }, }, ...(capabilities.get().maps.save diff --git a/x-pack/legacy/plugins/maps/public/inspector/views/register_views.js b/x-pack/legacy/plugins/maps/public/inspector/views/register_views.ts similarity index 72% rename from x-pack/legacy/plugins/maps/public/inspector/views/register_views.js rename to x-pack/legacy/plugins/maps/public/inspector/views/register_views.ts index 6cca73f899cfd..59c0595668300 100644 --- a/x-pack/legacy/plugins/maps/public/inspector/views/register_views.js +++ b/x-pack/legacy/plugins/maps/public/inspector/views/register_views.ts @@ -4,8 +4,9 @@ * you may not use this file except in compliance with the Elastic License. */ -import { MapView } from './map_view'; +import { npSetup } from 'ui/new_platform'; -import { viewRegistry } from 'ui/inspector'; +// @ts-ignore +import { MapView } from './map_view'; -viewRegistry.register(MapView); +npSetup.plugins.inspector.registerView(MapView); diff --git a/x-pack/legacy/plugins/maps/public/kibana_services.js b/x-pack/legacy/plugins/maps/public/kibana_services.js index dadae7a3fdca9..60fda398b4f3e 100644 --- a/x-pack/legacy/plugins/maps/public/kibana_services.js +++ b/x-pack/legacy/plugins/maps/public/kibana_services.js @@ -21,6 +21,12 @@ export const getLicenseId = () => { return licenseId; }; +let inspector; +export const setInspector = newInspector => (inspector = newInspector); +export const getInspector = () => { + return inspector; +}; + export async function fetchSearchSourceAndRecordWithInspector({ searchSource, requestId, diff --git a/x-pack/legacy/plugins/maps/public/plugin.ts b/x-pack/legacy/plugins/maps/public/plugin.ts index 0df7109852486..e5f765a11d219 100644 --- a/x-pack/legacy/plugins/maps/public/plugin.ts +++ b/x-pack/legacy/plugins/maps/public/plugin.ts @@ -10,7 +10,7 @@ import { wrapInI18nContext } from 'ui/i18n'; // @ts-ignore import { MapListing } from './components/map_listing'; // @ts-ignore -import { setLicenseId } from './kibana_services'; +import { setLicenseId, setInspector } from './kibana_services'; /** * These are the interfaces with your public contracts. You should export these @@ -39,5 +39,7 @@ export class MapsPlugin implements Plugin { } } - public start(core: CoreStart, plugins: any) {} + public start(core: CoreStart, plugins: any) { + setInspector(plugins.np.inspector); + } } diff --git a/x-pack/legacy/plugins/maps/public/reducers/non_serializable_instances.js b/x-pack/legacy/plugins/maps/public/reducers/non_serializable_instances.js index 689212b8e5ff0..c7de2beff0cf6 100644 --- a/x-pack/legacy/plugins/maps/public/reducers/non_serializable_instances.js +++ b/x-pack/legacy/plugins/maps/public/reducers/non_serializable_instances.js @@ -5,7 +5,7 @@ */ import chrome from 'ui/chrome'; -import { RequestAdapter } from 'ui/inspector/adapters'; +import { RequestAdapter } from '../../../../../../src/plugins/inspector/public'; import { MapAdapter } from '../inspector/adapters/map_adapter'; const REGISTER_CANCEL_CALLBACK = 'REGISTER_CANCEL_CALLBACK'; From 0b45c24043b2e50726447a5af03917321834e113 Mon Sep 17 00:00:00 2001 From: MadameSheema Date: Wed, 29 Jan 2020 07:20:56 +0100 Subject: [PATCH 33/40] refactor (#56131) --- .../smoke_tests/navigation/navigation.spec.ts | 23 +++++++------------ .../plugins/siem/cypress/screens/header.ts | 8 +++++++ .../plugins/siem/cypress/tasks/header.ts | 9 ++++++++ .../plugins/siem/cypress/urls/navigation.ts | 7 ++++++ 4 files changed, 32 insertions(+), 15 deletions(-) create mode 100644 x-pack/legacy/plugins/siem/cypress/tasks/header.ts create mode 100644 x-pack/legacy/plugins/siem/cypress/urls/navigation.ts diff --git a/x-pack/legacy/plugins/siem/cypress/integration/smoke_tests/navigation/navigation.spec.ts b/x-pack/legacy/plugins/siem/cypress/integration/smoke_tests/navigation/navigation.spec.ts index a549b5eec2e7c..364864b395d41 100644 --- a/x-pack/legacy/plugins/siem/cypress/integration/smoke_tests/navigation/navigation.spec.ts +++ b/x-pack/legacy/plugins/siem/cypress/integration/smoke_tests/navigation/navigation.spec.ts @@ -4,39 +4,32 @@ * you may not use this file except in compliance with the Elastic License. */ -import { TIMELINES_PAGE } from '../../lib/urls'; -import { - NAVIGATION_HOSTS, - NAVIGATION_NETWORK, - NAVIGATION_OVERVIEW, - NAVIGATION_TIMELINES, -} from '../../lib/navigation/selectors'; -import { loginAndWaitForPage } from '../../lib/util/helpers'; +import { TIMELINES_PAGE } from '../../../urls/navigation'; +import { HOSTS, NETWORK, OVERVIEW, TIMELINES } from '../../../screens/header'; +import { loginAndWaitForPage } from '../../../tasks/login'; +import { navigateFromHeaderTo } from '../../../tasks/header'; describe('top-level navigation common to all pages in the SIEM app', () => { before(() => { loginAndWaitForPage(TIMELINES_PAGE); }); it('navigates to the Overview page', () => { - cy.get(NAVIGATION_OVERVIEW).click({ force: true }); + navigateFromHeaderTo(OVERVIEW); cy.url().should('include', '/siem#/overview'); }); it('navigates to the Hosts page', () => { - cy.get(NAVIGATION_HOSTS).click({ force: true }); - + navigateFromHeaderTo(HOSTS); cy.url().should('include', '/siem#/hosts'); }); it('navigates to the Network page', () => { - cy.get(NAVIGATION_NETWORK).click({ force: true }); - + navigateFromHeaderTo(NETWORK); cy.url().should('include', '/siem#/network'); }); it('navigates to the Timelines page', () => { - cy.get(NAVIGATION_TIMELINES).click({ force: true }); - + navigateFromHeaderTo(TIMELINES); cy.url().should('include', '/siem#/timelines'); }); }); diff --git a/x-pack/legacy/plugins/siem/cypress/screens/header.ts b/x-pack/legacy/plugins/siem/cypress/screens/header.ts index cb018cda8f68d..6e4f5fc0e35cb 100644 --- a/x-pack/legacy/plugins/siem/cypress/screens/header.ts +++ b/x-pack/legacy/plugins/siem/cypress/screens/header.ts @@ -5,3 +5,11 @@ */ export const KQL_INPUT = '[data-test-subj="queryInput"]'; + +export const HOSTS = '[data-test-subj="navigation-hosts"]'; + +export const NETWORK = '[data-test-subj="navigation-network"]'; + +export const OVERVIEW = '[data-test-subj="navigation-overview"]'; + +export const TIMELINES = '[data-test-subj="navigation-timelines"]'; diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/header.ts b/x-pack/legacy/plugins/siem/cypress/tasks/header.ts new file mode 100644 index 0000000000000..96412b1eb6a3c --- /dev/null +++ b/x-pack/legacy/plugins/siem/cypress/tasks/header.ts @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export const navigateFromHeaderTo = (page: string) => { + cy.get(page).click({ force: true }); +}; diff --git a/x-pack/legacy/plugins/siem/cypress/urls/navigation.ts b/x-pack/legacy/plugins/siem/cypress/urls/navigation.ts new file mode 100644 index 0000000000000..4675829df839a --- /dev/null +++ b/x-pack/legacy/plugins/siem/cypress/urls/navigation.ts @@ -0,0 +1,7 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export const TIMELINES_PAGE = '/app/siem#/timelines'; From 9d4414d523ffa2f94e9c924231fa38aa520b08f1 Mon Sep 17 00:00:00 2001 From: Andrew Goldstein Date: Wed, 29 Jan 2020 00:33:40 -0700 Subject: [PATCH 34/40] [SIEM] Overview page feedback (#56261) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## [SIEM] Overview page feedback Implements feedback and fixes to the Overview page ### Overview (default theme) ![01-overview-default-theme](https://user-images.githubusercontent.com/4459398/73315509-899c5500-41ed-11ea-9949-82853dd4ba59.png) ### Overview (dark theme) ![02-overview-dark-theme](https://user-images.githubusercontent.com/4459398/73315527-902acc80-41ed-11ea-9701-6a2c5fa40cce.png) ## Highlights * The new order of widgets is Signals, Alerts, Events, Host Events, Network events, per https://github.com/elastic/siem-team/issues/494 * Changed the default `External alerts count` `Stack by` to `event.module` https://github.com/elastic/siem-team/issues/491 * Added `event.module` to the `Events count` histogram https://github.com/elastic/siem-team/issues/491 * Widget titles will no longer include the currently selected `Stack by option`. The widgets will use the same static title text that appears on the other pages (i.e.. `Signals count`, `External alerts count`, and `Events count`) https://github.com/elastic/siem-team/issues/491 * The `Signals count` includes a `Stack by` that defaults to `signal.rule.threat.tatic.name` * Standardized on a 300px widget height for all histograms in the app (thanks @MichaelMarcialis for paring on this!) * The `Open as duplicate timeline` action is `Recent timelines` is now only shown when hovering over a recent timeline ## Loading States * The `Recent timelines` and `Security news` widgets now use the horizontal bar loading indicator * The `Host events` and `Network events` widgets now use the horizontal bar loading indicator * The `Host events` and `Network events` Showing _n_ events subtitles are now hidden on initial load * The counts in the `Host events` and `Network events` Showing _n_ events subtitles are now hidden on initial load * We no longer hide some histogram subtitles after initial load, to prevent shifting of content when a user makes a `Stack by` selection ## News Feed Error State ![news-feed-error-state](https://user-images.githubusercontent.com/4459398/73316060-1e538280-41ef-11ea-83f5-b8d6e9fa3741.png) * Fixed an issue where the `Security news` header was hidden when an invalid URL is configured * Added a space between the word `via` and the `SIEM advanced settings` link * Removed the capital “N” from "News" in the error message ## Misc Visual Changes * Fixed text truncation of the `Severity` column in the `Detections` page's `Signals` table * Added the “showing” subtitle to the `Signals count` histogram on the Detections page * Increased the `Stack by` histogram selector and the `View signals | alerts | events' buttons from 8 to 24px * Tweaked the border rendering in the Overview `Host Events` and `Network events` widget headers * Added 8px of spacing between the Overview `Host Events` and `Network events` widget accordion headers and their contents * Fixed an issue where the `Host events` and `Networ events` widgets didn't render in ie11 https://github.com/elastic/siem-team/issues/499 ## Non-Visual Fixes * Removed an incorrect usage of `usememo` * Removed the placeholder client-side username query from `x-pack/legacy/plugins/siem/public/components/recent_timelines/index.tsx` * Updated the query of the Overview `Host events` widget to filter by "host.name exists" * Updated the query of the Overview `Network events` widget to filter by "source.ip exists or destination.ip : exists" --- .../components/matrix_histogram/index.tsx | 44 +- .../matrix_histogram/matrix_loader.tsx | 2 +- .../components/matrix_histogram/types.ts | 2 + .../components/matrix_histogram/utils.ts | 6 +- .../public/components/news_feed/news_feed.tsx | 43 +- .../components/news_feed/no_news/index.tsx | 2 +- .../components/news_feed/translations.ts | 2 +- .../overview/loading_placeholders/index.tsx | 26 + .../overview/overview_host/index.test.tsx | 144 +++ .../page/overview/overview_host/index.tsx | 25 +- .../__snapshots__/index.test.tsx.snap | 979 +++++++++--------- .../overview/overview_host_stats/index.tsx | 77 +- .../overview/overview_network/index.test.tsx | 137 +++ .../page/overview/overview_network/index.tsx | 134 +-- .../__snapshots__/index.test.tsx.snap | 555 +++++----- .../overview/overview_network_stats/index.tsx | 75 +- .../components/page/overview/stat_value.tsx | 78 +- .../recent_timelines/counts/index.tsx | 4 +- .../recent_timelines/header/index.tsx | 56 +- .../components/recent_timelines/index.tsx | 47 +- .../recent_timelines/recent_timelines.tsx | 66 +- .../containers/matrix_histogram/index.tsx | 2 + .../overview/overview_host/index.tsx | 58 +- .../components/signals/default_config.tsx | 4 +- .../signals_histogram_panel/index.tsx | 53 +- .../signals_histogram.tsx | 15 +- .../detection_engine/detection_engine.tsx | 3 +- .../plugins/siem/public/pages/hosts/hosts.tsx | 4 +- .../navigation/alerts_query_tab_body.tsx | 4 +- .../navigation/events_query_tab_body.tsx | 4 + .../navigation/alerts_query_tab_body.tsx | 4 +- .../siem/public/pages/network/network.tsx | 4 +- .../overview/alerts_by_category/index.tsx | 151 +-- .../overview/event_counts/index.test.tsx | 51 + .../pages/overview/event_counts/index.tsx | 14 +- .../overview/events_by_dataset/index.tsx | 160 +-- .../siem/public/pages/overview/overview.tsx | 96 +- .../pages/overview/overview_empty/index.tsx | 8 +- .../overview/signals_by_category/index.tsx | 89 +- .../public/pages/overview/translations.ts | 18 +- 40 files changed, 1858 insertions(+), 1388 deletions(-) create mode 100644 x-pack/legacy/plugins/siem/public/components/page/overview/loading_placeholders/index.tsx create mode 100644 x-pack/legacy/plugins/siem/public/components/page/overview/overview_host/index.test.tsx create mode 100644 x-pack/legacy/plugins/siem/public/components/page/overview/overview_network/index.test.tsx create mode 100644 x-pack/legacy/plugins/siem/public/pages/overview/event_counts/index.test.tsx diff --git a/x-pack/legacy/plugins/siem/public/components/matrix_histogram/index.tsx b/x-pack/legacy/plugins/siem/public/components/matrix_histogram/index.tsx index cdbac6a67b4ef..04b988f8270f3 100644 --- a/x-pack/legacy/plugins/siem/public/components/matrix_histogram/index.tsx +++ b/x-pack/legacy/plugins/siem/public/components/matrix_histogram/index.tsx @@ -6,6 +6,7 @@ import React, { useState, useEffect, useCallback } from 'react'; import { ScaleType } from '@elastic/charts'; +import styled from 'styled-components'; import { EuiFlexGroup, EuiFlexItem, EuiProgress, EuiSelect, EuiSpacer } from '@elastic/eui'; import { noop } from 'lodash/fp'; @@ -25,8 +26,21 @@ import { import { ChartSeriesData } from '../charts/common'; import { InspectButtonContainer } from '../inspect'; +const DEFAULT_PANEL_HEIGHT = 300; + +const HeaderChildrenFlexItem = styled(EuiFlexItem)` + margin-left: 24px; +`; + +const HistogramPanel = styled(Panel)<{ height?: number }>` + display: flex; + flex-direction: column; + ${({ height }) => (height != null ? `height: ${height}px;` : '')} +`; + export const MatrixHistogramComponent: React.FC = ({ + chartHeight, dataKey, defaultStackByOption, endDate, @@ -43,6 +57,7 @@ export const MatrixHistogramComponent: React.FC { const barchartConfigs = getBarchartConfigs({ + chartHeight, from: startDate, legendPosition, to: endDate, @@ -143,7 +159,7 @@ export const MatrixHistogramComponent: React.FC - + {loading && !isInitialLoading && ( - + = 0 ? subtitleWithCounts : null)} + > + + + {stackByOptions?.length > 1 && ( + + )} + + {headerChildren} + + ) : ( @@ -163,7 +197,7 @@ export const MatrixHistogramComponent: React.FC= 0 ? subtitleWithCounts : null)} + subtitle={!isInitialLoading && (totalCount >= 0 ? subtitleWithCounts : null)} > @@ -176,13 +210,13 @@ export const MatrixHistogramComponent: React.FC )} - {headerChildren} + {headerChildren} )} - + diff --git a/x-pack/legacy/plugins/siem/public/components/matrix_histogram/matrix_loader.tsx b/x-pack/legacy/plugins/siem/public/components/matrix_histogram/matrix_loader.tsx index 769ef170898b0..036526a14f77d 100644 --- a/x-pack/legacy/plugins/siem/public/components/matrix_histogram/matrix_loader.tsx +++ b/x-pack/legacy/plugins/siem/public/components/matrix_histogram/matrix_loader.tsx @@ -9,7 +9,7 @@ import { EuiFlexGroup, EuiFlexItem, EuiLoadingSpinner } from '@elastic/eui'; import styled from 'styled-components'; const StyledEuiFlexGroup = styled(EuiFlexGroup)` - height: 350px; /* to avoid jump when histogram loads */ + flex 1; `; const MatrixLoaderComponent = () => ( diff --git a/x-pack/legacy/plugins/siem/public/components/matrix_histogram/types.ts b/x-pack/legacy/plugins/siem/public/components/matrix_histogram/types.ts index e2b5600d539af..88f8f1ff28fa9 100644 --- a/x-pack/legacy/plugins/siem/public/components/matrix_histogram/types.ts +++ b/x-pack/legacy/plugins/siem/public/components/matrix_histogram/types.ts @@ -31,6 +31,7 @@ export type GetSubTitle = (count: number) => string; export type GetTitle = (matrixHistogramOption: MatrixHistogramOption) => string; export interface MatrixHistogramBasicProps { + chartHeight?: number; defaultIndex: string[]; defaultStackByOption: MatrixHistogramOption; endDate: number; @@ -39,6 +40,7 @@ export interface MatrixHistogramBasicProps { id: string; legendPosition?: Position; mapping?: MatrixHistogramMappingTypes; + panelHeight?: number; setQuery: SetQuery; sourceId: string; startDate: number; diff --git a/x-pack/legacy/plugins/siem/public/components/matrix_histogram/utils.ts b/x-pack/legacy/plugins/siem/public/components/matrix_histogram/utils.ts index 6e932f0c87347..95b1cd806cf6c 100644 --- a/x-pack/legacy/plugins/siem/public/components/matrix_histogram/utils.ts +++ b/x-pack/legacy/plugins/siem/public/components/matrix_histogram/utils.ts @@ -11,6 +11,7 @@ import { MatrixHistogramDataTypes, MatrixHistogramMappingTypes } from './types'; import { histogramDateTimeFormatter } from '../utils'; interface GetBarchartConfigsProps { + chartHeight?: number; from: number; legendPosition?: Position; to: number; @@ -20,7 +21,10 @@ interface GetBarchartConfigsProps { showLegend?: boolean; } +export const DEFAULT_CHART_HEIGHT = 174; + export const getBarchartConfigs = ({ + chartHeight, from, legendPosition, to, @@ -65,7 +69,7 @@ export const getBarchartConfigs = ({ }, }, }, - customHeight: 324, + customHeight: chartHeight ?? DEFAULT_CHART_HEIGHT, }); export const formatToChartDataItem = ([key, value]: [ diff --git a/x-pack/legacy/plugins/siem/public/components/news_feed/news_feed.tsx b/x-pack/legacy/plugins/siem/public/components/news_feed/news_feed.tsx index d41ce357d9b7b..98eea1eaa6454 100644 --- a/x-pack/legacy/plugins/siem/public/components/news_feed/news_feed.tsx +++ b/x-pack/legacy/plugins/siem/public/components/news_feed/news_feed.tsx @@ -4,39 +4,42 @@ * you may not use this file except in compliance with the Elastic License. */ -import { EuiLoadingSpinner, EuiSpacer } from '@elastic/eui'; +import { EuiSpacer } from '@elastic/eui'; import React from 'react'; -import { NoNews } from './no_news'; +import { LoadingPlaceholders } from '../page/overview/loading_placeholders'; import { NEWS_FEED_TITLE } from '../../pages/overview/translations'; -import { Post } from './post'; import { SidebarHeader } from '../sidebar_header'; + +import { NoNews } from './no_news'; +import { Post } from './post'; import { NewsItem } from './types'; interface Props { news: NewsItem[] | null | undefined; } -export const NewsFeed = React.memo(({ news }) => { - if (news == null) { - return ; - } - - if (news.length === 0) { - return ; - } +const SHOW_PLACEHOLDERS = 5; +const LINES_PER_LOADING_PLACEHOLDER = 4; - return ( - <> - - {news.map((n: NewsItem) => ( +const NewsFeedComponent: React.FC = ({ news }) => ( + <> + + {news == null ? ( + + ) : news.length === 0 ? ( + + ) : ( + news.map((n: NewsItem) => ( - ))} - - ); -}); + )) + )} + +); + +NewsFeedComponent.displayName = 'NewsFeedComponent'; -NewsFeed.displayName = 'NewsFeed'; +export const NewsFeed = React.memo(NewsFeedComponent); diff --git a/x-pack/legacy/plugins/siem/public/components/news_feed/no_news/index.tsx b/x-pack/legacy/plugins/siem/public/components/news_feed/no_news/index.tsx index bd6648025d2aa..c4e0482c6b30a 100644 --- a/x-pack/legacy/plugins/siem/public/components/news_feed/no_news/index.tsx +++ b/x-pack/legacy/plugins/siem/public/components/news_feed/no_news/index.tsx @@ -12,7 +12,7 @@ import * as i18n from '../translations'; export const NoNews = React.memo(() => ( <> - {i18n.NO_NEWS_MESSAGE} + {i18n.NO_NEWS_MESSAGE}{' '} {i18n.ADVANCED_SETTINGS_LINK_TITLE} diff --git a/x-pack/legacy/plugins/siem/public/components/news_feed/translations.ts b/x-pack/legacy/plugins/siem/public/components/news_feed/translations.ts index 71981723cc937..5d3b4171f501e 100644 --- a/x-pack/legacy/plugins/siem/public/components/news_feed/translations.ts +++ b/x-pack/legacy/plugins/siem/public/components/news_feed/translations.ts @@ -8,7 +8,7 @@ import { i18n } from '@kbn/i18n'; export const NO_NEWS_MESSAGE = i18n.translate('xpack.siem.newsFeed.noNewsMessage', { defaultMessage: - 'Your current News feed URL returned no recent news. You may update the URL or disable security news via', + 'Your current news feed URL returned no recent news. You may update the URL or disable security news via', }); export const ADVANCED_SETTINGS_LINK_TITLE = i18n.translate( diff --git a/x-pack/legacy/plugins/siem/public/components/page/overview/loading_placeholders/index.tsx b/x-pack/legacy/plugins/siem/public/components/page/overview/loading_placeholders/index.tsx new file mode 100644 index 0000000000000..1dcc6b75f32e5 --- /dev/null +++ b/x-pack/legacy/plugins/siem/public/components/page/overview/loading_placeholders/index.tsx @@ -0,0 +1,26 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { EuiLoadingContent, EuiSpacer } from '@elastic/eui'; +import React from 'react'; + +const LoadingPlaceholdersComponent: React.FC<{ + lines: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10; + placeholders: number; +}> = ({ lines, placeholders }) => ( + <> + {[...Array(placeholders).keys()].map((_, i) => ( + + + {i !== placeholders - 1 && } + + ))} + +); + +LoadingPlaceholdersComponent.displayName = 'LoadingPlaceholdersComponent'; + +export const LoadingPlaceholders = React.memo(LoadingPlaceholdersComponent); diff --git a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host/index.test.tsx b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host/index.test.tsx new file mode 100644 index 0000000000000..568cf032fb01c --- /dev/null +++ b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host/index.test.tsx @@ -0,0 +1,144 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { cloneDeep } from 'lodash/fp'; +import { mount } from 'enzyme'; +import React from 'react'; + +import { apolloClientObservable, mockGlobalState, TestProviders } from '../../../../mock'; + +import { OverviewHost } from '.'; +import { createStore, State } from '../../../../store'; +import { overviewHostQuery } from '../../../../containers/overview/overview_host/index.gql_query'; +import { GetOverviewHostQuery } from '../../../../graphql/types'; +import { MockedProvider } from 'react-apollo/test-utils'; +import { wait } from '../../../../lib/helpers'; + +jest.mock('../../../../lib/kibana'); + +const startDate = 1579553397080; +const endDate = 1579639797080; + +interface MockedProvidedQuery { + request: { + query: GetOverviewHostQuery.Query; + fetchPolicy: string; + variables: GetOverviewHostQuery.Variables; + }; + result: { + data: { + source: unknown; + }; + }; +} + +const mockOpenTimelineQueryResults: MockedProvidedQuery[] = [ + { + request: { + query: overviewHostQuery, + fetchPolicy: 'cache-and-network', + variables: { + sourceId: 'default', + timerange: { interval: '12h', from: startDate, to: endDate }, + filterQuery: undefined, + defaultIndex: [ + 'apm-*-transaction*', + 'auditbeat-*', + 'endgame-*', + 'filebeat-*', + 'packetbeat-*', + 'winlogbeat-*', + ], + inspect: false, + }, + }, + result: { + data: { + source: { + id: 'default', + OverviewHost: { + auditbeatAuditd: 1, + auditbeatFIM: 1, + auditbeatLogin: 1, + auditbeatPackage: 1, + auditbeatProcess: 1, + auditbeatUser: 1, + endgameDns: 1, + endgameFile: 1, + endgameImageLoad: 1, + endgameNetwork: 1, + endgameProcess: 1, + endgameRegistry: 1, + endgameSecurity: 1, + filebeatSystemModule: 1, + winlogbeatSecurity: 1, + winlogbeatMWSysmonOperational: 1, + }, + }, + }, + }, + }, +]; + +describe('OverviewHost', () => { + const state: State = mockGlobalState; + + let store = createStore(state, apolloClientObservable); + + beforeEach(() => { + const myState = cloneDeep(state); + store = createStore(myState, apolloClientObservable); + }); + + test('it renders the expected widget title', () => { + const wrapper = mount( + + + + ); + + expect( + wrapper + .find('[data-test-subj="header-section-title"]') + .first() + .text() + ).toEqual('Host events'); + }); + + test('it renders an empty subtitle while loading', () => { + const wrapper = mount( + + + + ); + + expect( + wrapper + .find('[data-test-subj="header-panel-subtitle"]') + .first() + .text() + ).toEqual(''); + }); + + test('it renders the expected event count in the subtitle after loading events', async () => { + const wrapper = mount( + + + + + + ); + await wait(); + wrapper.update(); + + expect( + wrapper + .find('[data-test-subj="header-panel-subtitle"]') + .first() + .text() + ).toEqual('Showing: 16 events'); + }); +}); diff --git a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host/index.tsx b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host/index.tsx index 31d8467025f96..3868885fa29ee 100644 --- a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host/index.tsx +++ b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host/index.tsx @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ +import { isEmpty } from 'lodash/fp'; import { EuiButton, EuiFlexItem, EuiPanel } from '@elastic/eui'; import numeral from '@elastic/numeral'; import { FormattedMessage } from '@kbn/i18n/react'; @@ -41,7 +42,7 @@ export interface OwnProps { } const OverviewHostStatsManage = manageQuery(OverviewHostStats); -type OverviewHostProps = OwnProps; +export type OverviewHostProps = OwnProps; const OverviewHostComponent: React.FC = ({ endDate, @@ -56,6 +57,7 @@ const OverviewHostComponent: React.FC = ({ = ({ return ( <> + !isEmpty(overviewHost) ? ( + + ) : ( + <>{''} + ) } title={ + - - - + - - - - - - - - - - - - - + + + + + + - - - - - - - - - - - + + + - - - - - - - - - - - - - + + + + + + - - - - - - - - - - - + + + - - - - - - - + + + + + + + + + + - - - - - + + + + + + + + + + + - - - - - - - + + + + + + + + + + - - - + + + + + + + + + + + + - - - + - - - - - - - - - - - - - + + + + + + - - - - - - - - - - - + + + - - - - - - - - - - - - - + + + + + + - - - - - - - - - - - + + + - - - - - - - - - - - - + + + + + + + + + + - - - - - - - + + + + + + + + + + - - - - - + + + + + + + + + + + - - - - - - - + + + + + + + + + + - - - + + + + + + + + + + + + - - - + - - - - - - - - - - + + + + + + + + + + + - - - + - - - - - - - - - - - - - + + + + + + - - - - - - + + + - - - + + + + + + + + + + + + `; diff --git a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host_stats/index.tsx b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host_stats/index.tsx index 7dca259ca3db4..b811a3615b148 100644 --- a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host_stats/index.tsx +++ b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host_stats/index.tsx @@ -6,7 +6,7 @@ import { EuiAccordion, EuiFlexGroup, EuiFlexItem, EuiHorizontalRule, EuiText } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; -import React, { useMemo } from 'react'; +import React from 'react'; import styled from 'styled-components'; import { OverviewHostData } from '../../../../graphql/types'; @@ -203,7 +203,11 @@ const Title = styled.div` margin-left: 24px; `; -export const OverviewHostStats = React.memo(({ data, loading }) => { +const AccordionContent = styled.div` + margin-top: 8px; +`; + +const OverviewHostStatsComponent: React.FC = ({ data, loading }) => { const allHostStats = getOverviewHostStats(data); const allHostStatsCount = allHostStats.reduce((total, stat) => total + stat.count, 0); @@ -213,56 +217,55 @@ export const OverviewHostStats = React.memo(({ data, loading const statsForGroup = allHostStats.filter(s => statGroup.statIds.includes(s.id)); const statsForGroupCount = statsForGroup.reduce((total, stat) => total + stat.count, 0); - const accordionButton = useMemo( - () => ( - - - {statGroup.name} - - - - - - ), - [statGroup, statsForGroupCount, loading, allHostStatsCount] - ); - return ( + - {statsForGroup.map(stat => ( - + buttonContent={ + - - {stat.title} - + {statGroup.name} - + - ))} + } + buttonContentClassName="accordion-button" + > + + {statsForGroup.map(stat => ( + + + + {stat.title} + + + + + + + ))} + - {i !== hostStatGroups.length - 1 && } ); })} ); -}); +}; + +OverviewHostStatsComponent.displayName = 'OverviewHostStatsComponent'; -OverviewHostStats.displayName = 'OverviewHostStats'; +export const OverviewHostStats = React.memo(OverviewHostStatsComponent); diff --git a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network/index.test.tsx b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network/index.test.tsx new file mode 100644 index 0000000000000..151bb444cfe75 --- /dev/null +++ b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network/index.test.tsx @@ -0,0 +1,137 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { cloneDeep } from 'lodash/fp'; +import { mount } from 'enzyme'; +import React from 'react'; + +import { apolloClientObservable, mockGlobalState, TestProviders } from '../../../../mock'; + +import { OverviewNetwork } from '.'; +import { createStore, State } from '../../../../store'; +import { overviewNetworkQuery } from '../../../../containers/overview/overview_network/index.gql_query'; +import { GetOverviewHostQuery } from '../../../../graphql/types'; +import { MockedProvider } from 'react-apollo/test-utils'; +import { wait } from '../../../../lib/helpers'; + +jest.mock('../../../../lib/kibana'); + +const startDate = 1579553397080; +const endDate = 1579639797080; + +interface MockedProvidedQuery { + request: { + query: GetOverviewHostQuery.Query; + fetchPolicy: string; + variables: GetOverviewHostQuery.Variables; + }; + result: { + data: { + source: unknown; + }; + }; +} + +const mockOpenTimelineQueryResults: MockedProvidedQuery[] = [ + { + request: { + query: overviewNetworkQuery, + fetchPolicy: 'cache-and-network', + variables: { + sourceId: 'default', + timerange: { interval: '12h', from: startDate, to: endDate }, + filterQuery: undefined, + defaultIndex: [ + 'apm-*-transaction*', + 'auditbeat-*', + 'endgame-*', + 'filebeat-*', + 'packetbeat-*', + 'winlogbeat-*', + ], + inspect: false, + }, + }, + result: { + data: { + source: { + id: 'default', + OverviewNetwork: { + auditbeatSocket: 1, + filebeatCisco: 1, + filebeatNetflow: 1, + filebeatPanw: 1, + filebeatSuricata: 1, + filebeatZeek: 1, + packetbeatDNS: 1, + packetbeatFlow: 1, + packetbeatTLS: 1, + }, + }, + }, + }, + }, +]; + +describe('OverviewNetwork', () => { + const state: State = mockGlobalState; + + let store = createStore(state, apolloClientObservable); + + beforeEach(() => { + const myState = cloneDeep(state); + store = createStore(myState, apolloClientObservable); + }); + + test('it renders the expected widget title', () => { + const wrapper = mount( + + + + ); + + expect( + wrapper + .find('[data-test-subj="header-section-title"]') + .first() + .text() + ).toEqual('Network events'); + }); + + test('it renders an empty subtitle while loading', () => { + const wrapper = mount( + + + + ); + + expect( + wrapper + .find('[data-test-subj="header-panel-subtitle"]') + .first() + .text() + ).toEqual(''); + }); + + test('it renders the expected event count in the subtitle after loading events', async () => { + const wrapper = mount( + + + + + + ); + await wait(); + wrapper.update(); + + expect( + wrapper + .find('[data-test-subj="header-panel-subtitle"]') + .first() + .text() + ).toEqual('Showing: 9 events'); + }); +}); diff --git a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network/index.tsx b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network/index.tsx index 36af58c4879a7..100abd997ee6b 100644 --- a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network/index.tsx +++ b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network/index.tsx @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ +import { isEmpty } from 'lodash/fp'; import { EuiButton, EuiFlexItem, EuiPanel } from '@elastic/eui'; import numeral from '@elastic/numeral'; import { FormattedMessage } from '@kbn/i18n/react'; @@ -23,7 +24,7 @@ import { getOverviewNetworkStats, OverviewNetworkStats } from '../overview_netwo import { getNetworkUrl } from '../../../link_to'; import { InspectButtonContainer } from '../../../inspect'; -export interface OwnProps { +export interface OverviewNetworkProps { startDate: number; endDate: number; filterQuery?: ESQuery | string; @@ -42,35 +43,40 @@ export interface OwnProps { const OverviewNetworkStatsManage = manageQuery(OverviewNetworkStats); -export const OverviewNetwork = React.memo( - ({ endDate, filterQuery, startDate, setQuery }) => { - const [defaultNumberFormat] = useUiSetting$(DEFAULT_NUMBER_FORMAT); +const OverviewNetworkComponent: React.FC = ({ + endDate, + filterQuery, + startDate, + setQuery, +}) => { + const [defaultNumberFormat] = useUiSetting$(DEFAULT_NUMBER_FORMAT); - return ( - - - - - {({ overviewNetwork, loading, id, inspect, refetch }) => { - const networkEventsCount = getOverviewNetworkStats(overviewNetwork).reduce( - (total, stat) => total + stat.count, - 0 - ); - const formattedNetworkEventsCount = numeral(networkEventsCount).format( - defaultNumberFormat - ); + return ( + + + + + {({ overviewNetwork, loading, id, inspect, refetch }) => { + const networkEventsCount = getOverviewNetworkStats(overviewNetwork).reduce( + (total, stat) => total + stat.count, + 0 + ); + const formattedNetworkEventsCount = numeral(networkEventsCount).format( + defaultNumberFormat + ); - return ( - <> - + ( networkEventsCount, }} /> - } - title={ - - } - > - - - - + ) : ( + <>{''} + ) + } + title={ + + } + > + + + + + + + + ); + }} + + + + + ); +}; - - - ); - }} - - - - - ); - } -); +OverviewNetworkComponent.displayName = 'OverviewNetworkComponent'; -OverviewNetwork.displayName = 'OverviewNetwork'; +export const OverviewNetwork = React.memo(OverviewNetworkComponent); diff --git a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network_stats/__snapshots__/index.test.tsx.snap b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network_stats/__snapshots__/index.test.tsx.snap index 4544c05f7b180..fb59ba382f489 100644 --- a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network_stats/__snapshots__/index.test.tsx.snap +++ b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network_stats/__snapshots__/index.test.tsx.snap @@ -4,6 +4,9 @@ exports[`Overview Network Stat Data rendering it renders the default OverviewNet + - - - + - - - - - - - - - - + + + + + + + + + + + - - - + - - - - - - - - - - - - - + + + + + + - - - - - - - - - - - + + + - - - - - - - - - - - - - + + + + + + - - - - - - + + + - - - - - + + + + + + + + + + + - - - - - - - + + + + + + + + + + - - - + + + + + + + + + + + + - - - + - - - - - - - - - - - - - + + + + + + - - - - - - - - - - - + + + - - - - - - - + + + + + + + + + + - - - + + + + + + + + + + + + `; diff --git a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network_stats/index.tsx b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network_stats/index.tsx index 123f7f21a75fd..260b1d6895140 100644 --- a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network_stats/index.tsx +++ b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network_stats/index.tsx @@ -6,7 +6,7 @@ import { EuiAccordion, EuiFlexGroup, EuiFlexItem, EuiHorizontalRule, EuiText } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; -import React, { useMemo } from 'react'; +import React from 'react'; import styled from 'styled-components'; import { OverviewNetworkData } from '../../../../graphql/types'; @@ -126,6 +126,10 @@ const Title = styled.div` margin-left: 24px; `; +const AccordionContent = styled.div` + margin-top: 8px; +`; + export const OverviewNetworkStats = React.memo(({ data, loading }) => { const allNetworkStats = getOverviewNetworkStats(data); const allNetworkStatsCount = allNetworkStats.reduce((total, stat) => total + stat.count, 0); @@ -136,54 +140,51 @@ export const OverviewNetworkStats = React.memo(({ data, lo const statsForGroup = allNetworkStats.filter(s => statGroup.statIds.includes(s.id)); const statsForGroupCount = statsForGroup.reduce((total, stat) => total + stat.count, 0); - const accordionButton = useMemo( - () => ( - - - {statGroup.name} - - - - - - ), - [statGroup, statsForGroupCount, loading, allNetworkStatsCount] - ); - return ( + - {statsForGroup.map(stat => ( - + buttonContent={ + - - {stat.title} - + {statGroup.name} - + - ))} + } + buttonContentClassName="accordion-button" + > + + {statsForGroup.map(stat => ( + + + + {stat.title} + + + + + + + ))} + - {i !== networkStatGroups.length - 1 && } ); })} diff --git a/x-pack/legacy/plugins/siem/public/components/page/overview/stat_value.tsx b/x-pack/legacy/plugins/siem/public/components/page/overview/stat_value.tsx index 5a496ba78eb6c..7615001eec9da 100644 --- a/x-pack/legacy/plugins/siem/public/components/page/overview/stat_value.tsx +++ b/x-pack/legacy/plugins/siem/public/components/page/overview/stat_value.tsx @@ -4,51 +4,67 @@ * you may not use this file except in compliance with the Elastic License. */ -import { EuiFlexGroup, EuiFlexItem, EuiLoadingSpinner, EuiProgress, EuiText } from '@elastic/eui'; +import { EuiFlexGroup, EuiFlexItem, EuiLoadingContent, EuiProgress, EuiText } from '@elastic/eui'; import numeral from '@elastic/numeral'; -import React from 'react'; +import React, { useEffect, useState } from 'react'; import styled from 'styled-components'; import { DEFAULT_NUMBER_FORMAT } from '../../../../common/constants'; import { useUiSetting$ } from '../../../lib/kibana'; const ProgressContainer = styled.div` - width: 100px; + margin-left: 8px; + min-width: 100px; `; -export const StatValue = React.memo<{ +const LoadingContent = styled(EuiLoadingContent)` + .euiLoadingContent__singleLine { + margin-bottom: 0px; + } +`; + +const StatValueComponent: React.FC<{ count: number; - isLoading: boolean; isGroupStat: boolean; + isLoading: boolean; max: number; -}>(({ count, isGroupStat, isLoading, max }) => { +}> = ({ count, isGroupStat, isLoading, max }) => { const [defaultNumberFormat] = useUiSetting$(DEFAULT_NUMBER_FORMAT); + const [isInitialLoading, setIsInitialLoading] = useState(true); + + useEffect(() => { + if (isInitialLoading && !isLoading) { + setIsInitialLoading(false); + } + }, [isLoading, isInitialLoading, setIsInitialLoading]); return ( - <> - {isLoading ? ( - - ) : ( - - - - {numeral(count).format(defaultNumberFormat)} - - - - - - - - - )} - + + + {!isInitialLoading && ( + + {numeral(count).format(defaultNumberFormat)} + + )} + + + + {isLoading ? ( + + ) : ( + + )} + + + ); -}); +}; + +StatValueComponent.displayName = 'StatValueComponent'; -StatValue.displayName = 'StatValue'; +export const StatValue = React.memo(StatValueComponent); diff --git a/x-pack/legacy/plugins/siem/public/components/recent_timelines/counts/index.tsx b/x-pack/legacy/plugins/siem/public/components/recent_timelines/counts/index.tsx index 42ac3c19ff792..e04b6319cfb24 100644 --- a/x-pack/legacy/plugins/siem/public/components/recent_timelines/counts/index.tsx +++ b/x-pack/legacy/plugins/siem/public/components/recent_timelines/counts/index.tsx @@ -45,14 +45,14 @@ export const RecentTimelineCounts = React.memo<{ timeline: OpenTimelineResult; }>(({ timeline }) => { return ( - <> +
- +
); }); diff --git a/x-pack/legacy/plugins/siem/public/components/recent_timelines/header/index.tsx b/x-pack/legacy/plugins/siem/public/components/recent_timelines/header/index.tsx index 886a2345248a2..89c7ae6f1eed9 100644 --- a/x-pack/legacy/plugins/siem/public/components/recent_timelines/header/index.tsx +++ b/x-pack/legacy/plugins/siem/public/components/recent_timelines/header/index.tsx @@ -4,62 +4,26 @@ * you may not use this file except in compliance with the Elastic License. */ -import { - EuiFlexGroup, - EuiFlexItem, - EuiText, - EuiLink, - EuiToolTip, - EuiButtonIcon, -} from '@elastic/eui'; -import React from 'react'; +import { EuiText, EuiLink } from '@elastic/eui'; +import React, { useCallback } from 'react'; import { isUntitled } from '../../open_timeline/helpers'; import { OnOpenTimeline, OpenTimelineResult } from '../../open_timeline/types'; - import * as i18n from '../translations'; -export interface MeApiResponse { - username: string; -} - export const RecentTimelineHeader = React.memo<{ onOpenTimeline: OnOpenTimeline; timeline: OpenTimelineResult; -}>(({ onOpenTimeline, timeline }) => { - const { title, savedObjectId } = timeline; +}>(({ onOpenTimeline, timeline, timeline: { title, savedObjectId } }) => { + const onClick = useCallback( + () => onOpenTimeline({ duplicate: false, timelineId: `${savedObjectId}` }), + [onOpenTimeline, savedObjectId] + ); return ( - - - - onOpenTimeline({ duplicate: false, timelineId: `${savedObjectId}` })} - > - {isUntitled(timeline) ? i18n.UNTITLED_TIMELINE : title} - - - - - - - - onOpenTimeline({ - duplicate: true, - timelineId: `${savedObjectId}`, - }) - } - size="s" - /> - - - + + {isUntitled(timeline) ? i18n.UNTITLED_TIMELINE : title} + ); }); diff --git a/x-pack/legacy/plugins/siem/public/components/recent_timelines/index.tsx b/x-pack/legacy/plugins/siem/public/components/recent_timelines/index.tsx index f1e22d1901d47..d5157e81b0fc8 100644 --- a/x-pack/legacy/plugins/siem/public/components/recent_timelines/index.tsx +++ b/x-pack/legacy/plugins/siem/public/components/recent_timelines/index.tsx @@ -5,23 +5,22 @@ */ import ApolloClient from 'apollo-client'; -import { EuiHorizontalRule, EuiLink, EuiLoadingSpinner, EuiText } from '@elastic/eui'; -import React, { useCallback, useEffect, useMemo, useState } from 'react'; +import { EuiHorizontalRule, EuiLink, EuiText } from '@elastic/eui'; +import React, { useCallback } from 'react'; import { connect } from 'react-redux'; import { Dispatch } from 'redux'; import { ActionCreator } from 'typescript-fsa'; -import chrome from 'ui/chrome'; import { AllTimelinesQuery } from '../../containers/timeline/all'; import { SortFieldTimeline, Direction } from '../../graphql/types'; -import { fetchUsername, getMeApiUrl } from './helpers'; import { queryTimelineById, dispatchUpdateTimeline } from '../open_timeline/helpers'; import { DispatchUpdateTimeline, OnOpenTimeline } from '../open_timeline/types'; -import { RecentTimelines } from './recent_timelines'; +import { LoadingPlaceholders } from '../page/overview/loading_placeholders'; import { updateIsLoading as dispatchUpdateIsLoading } from '../../store/timeline/actions'; -import { FilterMode } from './types'; +import { RecentTimelines } from './recent_timelines'; import * as i18n from './translations'; +import { FilterMode } from './types'; export interface MeApiResponse { username: string; @@ -42,8 +41,6 @@ export type Props = OwnProps & DispatchProps; const StatefulRecentTimelinesComponent = React.memo( ({ apolloClient, filterBy, updateIsLoading, updateTimeline }) => { const actionDispatcher = updateIsLoading as ActionCreator<{ id: string; isLoading: boolean }>; - const [username, setUsername] = useState(undefined); - const LoadingSpinner = useMemo(() => , []); const onOpenTimeline: OnOpenTimeline = useCallback( ({ duplicate, timelineId }: { duplicate: boolean; timelineId: string }) => { queryTimelineById({ @@ -57,38 +54,6 @@ const StatefulRecentTimelinesComponent = React.memo( [apolloClient, updateIsLoading, updateTimeline] ); - useEffect(() => { - let canceled = false; - - const fetchData = async () => { - try { - const loggedInUser = await fetchUsername(getMeApiUrl(chrome.getBasePath)); - - if (!canceled) { - setUsername(loggedInUser); - } - } catch (e) { - if (!canceled) { - setUsername(null); - } - } - }; - - fetchData(); - - return () => { - canceled = true; - }; - }, []); - - if (username === undefined) { - return LoadingSpinner; - } else if (username == null) { - return null; - } - - // TODO: why does `createdBy: ` specified as a `search` query does not match results? - const noTimelinesMessage = filterBy === 'favorites' ? i18n.NO_FAVORITE_TIMELINES : i18n.NO_TIMELINES; @@ -108,7 +73,7 @@ const StatefulRecentTimelinesComponent = React.memo( {({ timelines, loading }) => ( <> {loading ? ( - <>{LoadingSpinner} + ) : ( {timelines.map((t, i) => ( -
- - - {t.description && t.description.length && ( - <> - - - {t.description} - - - )} - {i !== timelines.length - 1 && } -
+ + ( + + + + + {t.description && t.description.length && ( + <> + + + {t.description} + + + )} + + + {showHoverContent && ( + + + + onOpenTimeline({ + duplicate: true, + timelineId: `${t.savedObjectId}`, + }) + } + size="s" + /> + + + )} + + )} + /> + <>{i !== timelines.length - 1 && } + ))} ); diff --git a/x-pack/legacy/plugins/siem/public/containers/matrix_histogram/index.tsx b/x-pack/legacy/plugins/siem/public/containers/matrix_histogram/index.tsx index d5fd325bb9a26..9e0b1579a7b65 100644 --- a/x-pack/legacy/plugins/siem/public/containers/matrix_histogram/index.tsx +++ b/x-pack/legacy/plugins/siem/public/containers/matrix_histogram/index.tsx @@ -24,6 +24,7 @@ import { UpdateDateRange } from '../../components/charts/common'; import { SetQuery } from '../../pages/hosts/navigation/types'; export interface OwnProps extends QueryTemplateProps { + chartHeight?: number; dataKey: string | string[]; defaultStackByOption: MatrixHistogramOption; errorMessage: string; @@ -37,6 +38,7 @@ export interface OwnProps extends QueryTemplateProps { isEventsHistogram?: boolean; legendPosition?: Position; mapping?: MatrixHistogramMappingTypes; + panelHeight?: number; query: Maybe; setQuery: SetQuery; showLegend?: boolean; diff --git a/x-pack/legacy/plugins/siem/public/containers/overview/overview_host/index.tsx b/x-pack/legacy/plugins/siem/public/containers/overview/overview_host/index.tsx index 36cadd7872cc8..8c40c4044a746 100644 --- a/x-pack/legacy/plugins/siem/public/containers/overview/overview_host/index.tsx +++ b/x-pack/legacy/plugins/siem/public/containers/overview/overview_host/index.tsx @@ -41,34 +41,36 @@ export interface OverviewHostProps extends QueryTemplateProps { } const OverviewHostComponentQuery = React.memo( - ({ id = ID, children, filterQuery, isInspected, sourceId, startDate, endDate }) => ( - - query={overviewHostQuery} - fetchPolicy={getDefaultFetchPolicy()} - variables={{ - sourceId, - timerange: { - interval: '12h', - from: startDate, - to: endDate, - }, - filterQuery: createFilter(filterQuery), - defaultIndex: useUiSetting(DEFAULT_INDEX_KEY), - inspect: isInspected, - }} - > - {({ data, loading, refetch }) => { - const overviewHost = getOr({}, `source.OverviewHost`, data); - return children({ - id, - inspect: getOr(null, 'source.OverviewHost.inspect', data), - overviewHost, - loading, - refetch, - }); - }} - - ) + ({ id = ID, children, filterQuery, isInspected, sourceId, startDate, endDate }) => { + return ( + + query={overviewHostQuery} + fetchPolicy={getDefaultFetchPolicy()} + variables={{ + sourceId, + timerange: { + interval: '12h', + from: startDate, + to: endDate, + }, + filterQuery: createFilter(filterQuery), + defaultIndex: useUiSetting(DEFAULT_INDEX_KEY), + inspect: isInspected, + }} + > + {({ data, loading, refetch }) => { + const overviewHost = getOr({}, `source.OverviewHost`, data); + return children({ + id, + inspect: getOr(null, 'source.OverviewHost.inspect', data), + overviewHost, + loading, + refetch, + }); + }} + + ); + } ); OverviewHostComponentQuery.displayName = 'OverviewHostComponentQuery'; diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals/default_config.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals/default_config.tsx index e6bbffa4fd927..6cf515050a39f 100644 --- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals/default_config.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals/default_config.tsx @@ -114,13 +114,13 @@ export const signalsHeaders: ColumnHeader[] = [ columnHeaderType: defaultColumnHeaderType, id: 'signal.rule.severity', label: i18n.SIGNALS_HEADERS_SEVERITY, - width: 100, + width: 105, }, { columnHeaderType: defaultColumnHeaderType, id: 'signal.rule.risk_score', label: i18n.SIGNALS_HEADERS_RISK_SCORE, - width: 120, + width: 115, }, { columnHeaderType: defaultColumnHeaderType, diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/index.tsx index 2cdafe38a7434..29aaa951ff71a 100644 --- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/index.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/index.tsx @@ -4,7 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ import { Position } from '@elastic/charts'; -import { EuiButton, EuiSelect, EuiPanel } from '@elastic/eui'; +import { EuiButton, EuiFlexGroup, EuiFlexItem, EuiSelect, EuiPanel } from '@elastic/eui'; import numeral from '@elastic/numeral'; import React, { memo, useCallback, useMemo, useState, useEffect } from 'react'; import styled from 'styled-components'; @@ -12,8 +12,6 @@ import { isEmpty } from 'lodash/fp'; import { HeaderSection } from '../../../../components/header_section'; import { SignalsHistogram } from './signals_histogram'; - -import * as i18n from './translations'; import { Query } from '../../../../../../../../../src/plugins/data/common/query'; import { esFilters, esQuery } from '../../../../../../../../../src/plugins/data/common/es_query'; import { RegisterQuery, SignalsHistogramOption, SignalsAggregation, SignalsTotal } from './types'; @@ -26,8 +24,14 @@ import { useQuerySignals } from '../../../../containers/detection_engine/signals import { MatrixLoader } from '../../../../components/matrix_histogram/matrix_loader'; import { formatSignalsData, getSignalsHistogramQuery } from './helpers'; +import * as i18n from './translations'; + +const DEFAULT_PANEL_HEIGHT = 300; -const StyledEuiPanel = styled(EuiPanel)` +const StyledEuiPanel = styled(EuiPanel)<{ height?: number }>` + display: flex; + flex-direction: column; + ${({ height }) => (height != null ? `height: ${height}px;` : '')} position: relative; `; @@ -38,7 +42,12 @@ const defaultTotalSignalsObj: SignalsTotal = { export const DETECTIONS_HISTOGRAM_ID = 'detections-histogram'; +const ViewSignalsFlexItem = styled(EuiFlexItem)` + margin-left: 24px; +`; + interface SignalsHistogramPanelProps { + chartHeight?: number; defaultStackByOption?: SignalsHistogramOption; deleteQuery?: ({ id }: { id: string }) => void; filters?: esFilters.Filter[]; @@ -46,6 +55,7 @@ interface SignalsHistogramPanelProps { query?: Query; legendPosition?: Position; loadingInitial?: boolean; + panelHeight?: number; signalIndexName: string | null; setQuery: (params: RegisterQuery) => void; showLinkToSignals?: boolean; @@ -58,6 +68,7 @@ interface SignalsHistogramPanelProps { export const SignalsHistogramPanel = memo( ({ + chartHeight, defaultStackByOption = signalsHistogramOptions[0], deleteQuery, filters, @@ -65,6 +76,7 @@ export const SignalsHistogramPanel = memo( from, legendPosition = 'right', loadingInitial = false, + panelHeight = DEFAULT_PANEL_HEIGHT, setQuery, signalIndexName, showLinkToSignals = false, @@ -171,7 +183,7 @@ export const SignalsHistogramPanel = memo( return ( - + {isInitialLoading ? ( <> @@ -184,26 +196,33 @@ export const SignalsHistogramPanel = memo( title={title} subtitle={showTotalSignalsCount && totalSignals} > - {stackByOptions && ( - - )} - {showLinkToSignals && ( - {i18n.VIEW_SIGNALS} - )} + + + {stackByOptions && ( + + )} + + {showLinkToSignals && ( + + {i18n.VIEW_SIGNALS} + + )} + )} diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/signals_histogram.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/signals_histogram.tsx index 9d2af1e78f285..92f6740e4d767 100644 --- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/signals_histogram.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/signals_histogram.tsx @@ -19,7 +19,10 @@ import { useTheme } from '../../../../components/charts/common'; import { histogramDateTimeFormatter } from '../../../../components/utils'; import { HistogramData } from './types'; +const DEFAULT_CHART_HEIGHT = 174; + interface HistogramSignalsProps { + chartHeight?: number; from: number; legendPosition?: Position; loading: boolean; @@ -29,7 +32,15 @@ interface HistogramSignalsProps { } export const SignalsHistogram = React.memo( - ({ to, from, legendPosition = 'right', data, updateDateRange, loading }) => { + ({ + chartHeight = DEFAULT_CHART_HEIGHT, + data, + from, + legendPosition = 'right', + loading, + to, + updateDateRange, + }) => { const theme = useTheme(); return ( @@ -43,7 +54,7 @@ export const SignalsHistogram = React.memo( /> )} - + from={from} loadingInitial={loading} query={query} - signalIndexName={signalIndexName} setQuery={setQuery} + showTotalSignalsCount={true} + signalIndexName={signalIndexName} stackByOptions={signalsHistogramOptions} to={to} updateDateRange={updateDateRangeCallback} diff --git a/x-pack/legacy/plugins/siem/public/pages/hosts/hosts.tsx b/x-pack/legacy/plugins/siem/public/pages/hosts/hosts.tsx index f989f5a9ba6dd..2e2986fb632b1 100644 --- a/x-pack/legacy/plugins/siem/public/pages/hosts/hosts.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/hosts/hosts.tsx @@ -36,7 +36,7 @@ import { HostsTabs } from './hosts_tabs'; import { navTabsHosts } from './nav_tabs'; import * as i18n from './translations'; import { HostsComponentProps, HostsComponentReduxProps } from './types'; -import { filterAlertsHosts } from './navigation'; +import { filterHostData } from './navigation'; import { HostsTableType } from '../../store/hosts/model'; const KpiHostsComponentManage = manageQuery(KpiHostsComponent); @@ -58,7 +58,7 @@ export const HostsComponent = React.memo( const { tabName } = useParams(); const tabsFilters = React.useMemo(() => { if (tabName === HostsTableType.alerts) { - return filters.length > 0 ? [...filters, ...filterAlertsHosts] : filterAlertsHosts; + return filters.length > 0 ? [...filters, ...filterHostData] : filterHostData; } return filters; }, [tabName, filters]); diff --git a/x-pack/legacy/plugins/siem/public/pages/hosts/navigation/alerts_query_tab_body.tsx b/x-pack/legacy/plugins/siem/public/pages/hosts/navigation/alerts_query_tab_body.tsx index b893acd4dbb3b..e9809766dc01b 100644 --- a/x-pack/legacy/plugins/siem/public/pages/hosts/navigation/alerts_query_tab_body.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/hosts/navigation/alerts_query_tab_body.tsx @@ -10,7 +10,7 @@ import { esFilters } from '../../../../../../../../src/plugins/data/common/es_qu import { AlertsView } from '../../../components/alerts_viewer'; import { AlertsComponentQueryProps } from './types'; -export const filterAlertsHosts: esFilters.Filter[] = [ +export const filterHostData: esFilters.Filter[] = [ { query: { bool: { @@ -44,7 +44,7 @@ export const filterAlertsHosts: esFilters.Filter[] = [ export const HostAlertsQueryTabBody = React.memo((alertsProps: AlertsComponentQueryProps) => { const { pageFilters, ...rest } = alertsProps; const hostPageFilters = useMemo( - () => (pageFilters != null ? [...filterAlertsHosts, ...pageFilters] : filterAlertsHosts), + () => (pageFilters != null ? [...filterHostData, ...pageFilters] : filterHostData), [pageFilters] ); diff --git a/x-pack/legacy/plugins/siem/public/pages/hosts/navigation/events_query_tab_body.tsx b/x-pack/legacy/plugins/siem/public/pages/hosts/navigation/events_query_tab_body.tsx index e3d1f6397044c..9ee1f994704ea 100644 --- a/x-pack/legacy/plugins/siem/public/pages/hosts/navigation/events_query_tab_body.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/hosts/navigation/events_query_tab_body.tsx @@ -26,6 +26,10 @@ export const eventsStackByOptions: MatrixHistogramOption[] = [ text: 'event.dataset', value: 'event.dataset', }, + { + text: 'event.module', + value: 'event.module', + }, ]; export const EventsQueryTabBody = ({ diff --git a/x-pack/legacy/plugins/siem/public/pages/network/navigation/alerts_query_tab_body.tsx b/x-pack/legacy/plugins/siem/public/pages/network/navigation/alerts_query_tab_body.tsx index 3eeabd3007afa..88fadab1d3f0e 100644 --- a/x-pack/legacy/plugins/siem/public/pages/network/navigation/alerts_query_tab_body.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/network/navigation/alerts_query_tab_body.tsx @@ -10,7 +10,7 @@ import { esFilters } from '../../../../../../../../src/plugins/data/common/es_qu import { AlertsView } from '../../../components/alerts_viewer'; import { NetworkComponentQueryProps } from './types'; -export const filterAlertsNetwork: esFilters.Filter[] = [ +export const filterNetworkData: esFilters.Filter[] = [ { query: { bool: { @@ -62,7 +62,7 @@ export const filterAlertsNetwork: esFilters.Filter[] = [ ]; export const NetworkAlertsQueryTabBody = React.memo((alertsProps: NetworkComponentQueryProps) => ( - + )); NetworkAlertsQueryTabBody.displayName = 'NetworkAlertsQueryTabBody'; diff --git a/x-pack/legacy/plugins/siem/public/pages/network/network.tsx b/x-pack/legacy/plugins/siem/public/pages/network/network.tsx index bd8552aa608af..0f9eaaef48aa7 100644 --- a/x-pack/legacy/plugins/siem/public/pages/network/network.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/network/network.tsx @@ -29,7 +29,7 @@ import { networkModel, State, inputsSelectors } from '../../store'; import { setAbsoluteRangeDatePicker as dispatchSetAbsoluteRangeDatePicker } from '../../store/inputs/actions'; import { SpyRoute } from '../../utils/route/spy_routes'; import { navTabsNetwork, NetworkRoutes, NetworkRoutesLoading } from './navigation'; -import { filterAlertsNetwork } from './navigation/alerts_query_tab_body'; +import { filterNetworkData } from './navigation/alerts_query_tab_body'; import { NetworkEmptyPage } from './network_empty_page'; import * as i18n from './translations'; import { NetworkComponentProps } from './types'; @@ -56,7 +56,7 @@ const NetworkComponent = React.memo( const tabsFilters = useMemo(() => { if (tabName === NetworkRouteType.alerts) { - return filters.length > 0 ? [...filters, ...filterAlertsNetwork] : filterAlertsNetwork; + return filters.length > 0 ? [...filters, ...filterNetworkData] : filterNetworkData; } return filters; }, [tabName, filters]); diff --git a/x-pack/legacy/plugins/siem/public/pages/overview/alerts_by_category/index.tsx b/x-pack/legacy/plugins/siem/public/pages/overview/alerts_by_category/index.tsx index 7d00fb0c18006..07b0176172401 100644 --- a/x-pack/legacy/plugins/siem/public/pages/overview/alerts_by_category/index.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/overview/alerts_by_category/index.tsx @@ -7,9 +7,8 @@ import { EuiButton } from '@elastic/eui'; import numeral from '@elastic/numeral'; import React, { useCallback, useEffect, useMemo } from 'react'; -import { esFilters, IIndexPattern, Query } from 'src/plugins/data/public'; -import styled from 'styled-components'; +import { DEFAULT_NUMBER_FORMAT } from '../../../../common/constants'; import { ERROR_FETCHING_ALERTS_DATA, SHOWING, @@ -22,10 +21,14 @@ import { MatrixHistogramGqlQuery } from '../../../containers/matrix_histogram/in import { useKibana, useUiSetting$ } from '../../../lib/kibana'; import { convertToBuildEsQuery } from '../../../lib/keury'; import { SetAbsoluteRangeDatePicker } from '../../network/types'; -import { esQuery } from '../../../../../../../../src/plugins/data/public'; +import { + esFilters, + esQuery, + IIndexPattern, + Query, +} from '../../../../../../../../src/plugins/data/public'; import { inputsModel } from '../../../store'; import { HostsType } from '../../../store/hosts/model'; -import { DEFAULT_NUMBER_FORMAT } from '../../../../common/constants'; import * as i18n from '../translations'; @@ -33,6 +36,7 @@ const ID = 'alertsByCategoryOverview'; const NO_FILTERS: esFilters.Filter[] = []; const DEFAULT_QUERY: Query = { query: '', language: 'kuery' }; +const DEFAULT_STACK_BY = 'event.module'; interface Props { deleteQuery?: ({ id }: { id: string }) => void; @@ -51,80 +55,77 @@ interface Props { to: number; } -const ViewAlertsButton = styled(EuiButton)` - margin-left: 8px; -`; +const AlertsByCategoryComponent: React.FC = ({ + deleteQuery, + filters = NO_FILTERS, + from, + hideHeaderChildren = false, + indexPattern, + query = DEFAULT_QUERY, + setAbsoluteRangeDatePicker, + setQuery, + to, +}) => { + useEffect(() => { + return () => { + if (deleteQuery) { + deleteQuery({ id: ID }); + } + }; + }, []); + + const kibana = useKibana(); + const [defaultNumberFormat] = useUiSetting$(DEFAULT_NUMBER_FORMAT); -export const AlertsByCategory = React.memo( - ({ - deleteQuery, - filters = NO_FILTERS, - from, - hideHeaderChildren = false, - indexPattern, - query = DEFAULT_QUERY, - setAbsoluteRangeDatePicker, - setQuery, - to, - }) => { - useEffect(() => { - return () => { - if (deleteQuery) { - deleteQuery({ id: ID }); - } - }; - }, []); + const updateDateRangeCallback = useCallback( + (min: number, max: number) => { + setAbsoluteRangeDatePicker!({ id: 'global', from: min, to: max }); + }, + [setAbsoluteRangeDatePicker] + ); + const alertsCountViewAlertsButton = useMemo( + () => {i18n.VIEW_ALERTS}, + [] + ); - const kibana = useKibana(); - const [defaultNumberFormat] = useUiSetting$(DEFAULT_NUMBER_FORMAT); + const getSubtitle = useCallback( + (totalCount: number) => + `${SHOWING}: ${numeral(totalCount).format(defaultNumberFormat)} ${UNIT(totalCount)}`, + [] + ); - const updateDateRangeCallback = useCallback( - (min: number, max: number) => { - setAbsoluteRangeDatePicker!({ id: 'global', from: min, to: max }); - }, - [setAbsoluteRangeDatePicker] - ); - const alertsCountViewAlertsButton = useMemo( - () => ( - {i18n.VIEW_ALERTS} - ), - [] - ); + const defaultStackByOption = + alertsStackByOptions.find(o => o.text === DEFAULT_STACK_BY) ?? alertsStackByOptions[0]; - const getSubtitle = useCallback( - (totalCount: number) => - `${SHOWING}: ${numeral(totalCount).format(defaultNumberFormat)} ${UNIT(totalCount)}`, - [] - ); + return ( + + ); +}; - return ( - - ); - } -); +AlertsByCategoryComponent.displayName = 'AlertsByCategoryComponent'; -AlertsByCategory.displayName = 'AlertsByCategory'; +export const AlertsByCategory = React.memo(AlertsByCategoryComponent); diff --git a/x-pack/legacy/plugins/siem/public/pages/overview/event_counts/index.test.tsx b/x-pack/legacy/plugins/siem/public/pages/overview/event_counts/index.test.tsx new file mode 100644 index 0000000000000..f5419a3ff50e9 --- /dev/null +++ b/x-pack/legacy/plugins/siem/public/pages/overview/event_counts/index.test.tsx @@ -0,0 +1,51 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { mount } from 'enzyme'; +import React from 'react'; + +import { OverviewHostProps } from '../../../components/page/overview/overview_host'; +import { OverviewNetworkProps } from '../../../components/page/overview/overview_network'; +import { mockIndexPattern, TestProviders } from '../../../mock'; + +import { EventCounts } from '.'; + +describe('EventCounts', () => { + const from = 1579553397080; + const to = 1579639797080; + + test('it filters the `Host events` widget with a `host.name` `exists` filter', () => { + const wrapper = mount( + + + + ); + + expect( + (wrapper + .find('[data-test-subj="overview-host-query"]') + .first() + .props() as OverviewHostProps).filterQuery + ).toContain('[{"bool":{"should":[{"exists":{"field":"host.name"}}]'); + }); + + test('it filters the `Network events` widget with a `source.ip` or `destination.ip` `exists` filter', () => { + const wrapper = mount( + + + + ); + + expect( + (wrapper + .find('[data-test-subj="overview-network-query"]') + .first() + .props() as OverviewNetworkProps).filterQuery + ).toContain( + '{"bool":{"filter":[{"bool":{"should":[{"bool":{"should":[{"exists":{"field":"source.ip"}}],"minimum_should_match":1}},{"bool":{"should":[{"exists":{"field":"destination.ip"}}],"minimum_should_match":1}}],"minimum_should_match":1}}]}}]' + ); + }); +}); diff --git a/x-pack/legacy/plugins/siem/public/pages/overview/event_counts/index.tsx b/x-pack/legacy/plugins/siem/public/pages/overview/event_counts/index.tsx index 2a35dbf96d6d7..b13f723772c95 100644 --- a/x-pack/legacy/plugins/siem/public/pages/overview/event_counts/index.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/overview/event_counts/index.tsx @@ -6,14 +6,20 @@ import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; import React from 'react'; -import { esFilters, IIndexPattern, Query } from 'src/plugins/data/public'; import styled from 'styled-components'; import { OverviewHost } from '../../../components/page/overview/overview_host'; import { OverviewNetwork } from '../../../components/page/overview/overview_network'; +import { filterHostData } from '../../hosts/navigation/alerts_query_tab_body'; import { useKibana } from '../../../lib/kibana'; import { convertToBuildEsQuery } from '../../../lib/keury'; -import { esQuery } from '../../../../../../../../src/plugins/data/public'; +import { filterNetworkData } from '../../network/navigation/alerts_query_tab_body'; +import { + esFilters, + esQuery, + IIndexPattern, + Query, +} from '../../../../../../../../src/plugins/data/public'; import { inputsModel } from '../../../store'; const HorizontalSpacer = styled(EuiFlexItem)` @@ -56,7 +62,7 @@ const EventCountsComponent: React.FC = ({ config: esQuery.getEsQueryConfig(kibana.services.uiSettings), indexPattern, queries: [query], - filters, + filters: [...filters, ...filterHostData], })} startDate={from} setQuery={setQuery} @@ -72,7 +78,7 @@ const EventCountsComponent: React.FC = ({ config: esQuery.getEsQueryConfig(kibana.services.uiSettings), indexPattern, queries: [query], - filters, + filters: [...filters, ...filterNetworkData], })} startDate={from} setQuery={setQuery} diff --git a/x-pack/legacy/plugins/siem/public/pages/overview/events_by_dataset/index.tsx b/x-pack/legacy/plugins/siem/public/pages/overview/events_by_dataset/index.tsx index 191b4a2592695..3269c1e585f5a 100644 --- a/x-pack/legacy/plugins/siem/public/pages/overview/events_by_dataset/index.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/overview/events_by_dataset/index.tsx @@ -7,8 +7,6 @@ import { EuiButton } from '@elastic/eui'; import numeral from '@elastic/numeral'; import React, { useCallback, useEffect, useMemo } from 'react'; -import { esFilters, IIndexPattern, Query } from 'src/plugins/data/public'; -import styled from 'styled-components'; import { ERROR_FETCHING_EVENTS_DATA, @@ -20,10 +18,14 @@ import { SetAbsoluteRangeDatePicker } from '../../network/types'; import { getTabsOnHostsUrl } from '../../../components/link_to/redirect_to_hosts'; import { MatrixHistogramContainer } from '../../../containers/matrix_histogram'; import { MatrixHistogramGqlQuery } from '../../../containers/matrix_histogram/index.gql_query'; -import { MatrixHistogramOption } from '../../../components/matrix_histogram/types'; import { eventsStackByOptions } from '../../hosts/navigation'; import { useKibana, useUiSetting$ } from '../../../lib/kibana'; -import { esQuery } from '../../../../../../../../src/plugins/data/public'; +import { + esFilters, + esQuery, + IIndexPattern, + Query, +} from '../../../../../../../../src/plugins/data/public'; import { inputsModel } from '../../../store'; import { HostsTableType, HostsType } from '../../../store/hosts/model'; import { DEFAULT_NUMBER_FORMAT } from '../../../../common/constants'; @@ -32,6 +34,7 @@ import * as i18n from '../translations'; const NO_FILTERS: esFilters.Filter[] = []; const DEFAULT_QUERY: Query = { query: '', language: 'kuery' }; +const DEFAULT_STACK_BY = 'event.dataset'; const ID = 'eventsByDatasetOverview'; @@ -51,85 +54,82 @@ interface Props { to: number; } -const ViewEventsButton = styled(EuiButton)` - margin-left: 8px; -`; +const EventsByDatasetComponent: React.FC = ({ + deleteQuery, + filters = NO_FILTERS, + from, + indexPattern, + query = DEFAULT_QUERY, + setAbsoluteRangeDatePicker, + setQuery, + to, +}) => { + useEffect(() => { + return () => { + if (deleteQuery) { + deleteQuery({ id: ID }); + } + }; + }, []); + + const kibana = useKibana(); + const [defaultNumberFormat] = useUiSetting$(DEFAULT_NUMBER_FORMAT); + + const updateDateRangeCallback = useCallback( + (min: number, max: number) => { + setAbsoluteRangeDatePicker!({ id: 'global', from: min, to: max }); + }, + [setAbsoluteRangeDatePicker] + ); + const eventsCountViewEventsButton = useMemo( + () => {i18n.VIEW_EVENTS}, + [] + ); -export const EventsByDataset = React.memo( - ({ - deleteQuery, - filters = NO_FILTERS, - from, - indexPattern, - query = DEFAULT_QUERY, - setAbsoluteRangeDatePicker, - setQuery, - to, - }) => { - useEffect(() => { - return () => { - if (deleteQuery) { - deleteQuery({ id: ID }); - } - }; - }, []); + const getSubtitle = useCallback( + (totalCount: number) => + `${SHOWING}: ${numeral(totalCount).format(defaultNumberFormat)} ${UNIT(totalCount)}`, + [] + ); - const kibana = useKibana(); - const [defaultNumberFormat] = useUiSetting$(DEFAULT_NUMBER_FORMAT); + const defaultStackByOption = + eventsStackByOptions.find(o => o.text === DEFAULT_STACK_BY) ?? eventsStackByOptions[0]; - const updateDateRangeCallback = useCallback( - (min: number, max: number) => { - setAbsoluteRangeDatePicker!({ id: 'global', from: min, to: max }); - }, - [setAbsoluteRangeDatePicker] - ); - const eventsCountViewEventsButton = useMemo( - () => ( - - {i18n.VIEW_EVENTS} - - ), - [] - ); + const filterQuery = useMemo( + () => + convertToBuildEsQuery({ + config: esQuery.getEsQueryConfig(kibana.services.uiSettings), + indexPattern, + queries: [query], + filters, + }), + [kibana, indexPattern, query, filters] + ); - const getTitle = useCallback( - (option: MatrixHistogramOption) => i18n.EVENTS_COUNT_BY(option.text), - [] - ); - const getSubtitle = useCallback( - (totalCount: number) => - `${SHOWING}: ${numeral(totalCount).format(defaultNumberFormat)} ${UNIT(totalCount)}`, - [] - ); + return ( + + ); +}; - return ( - - ); - } -); +EventsByDatasetComponent.displayName = 'EventsByDatasetComponent'; -EventsByDataset.displayName = 'EventsByDataset'; +export const EventsByDataset = React.memo(EventsByDatasetComponent); diff --git a/x-pack/legacy/plugins/siem/public/pages/overview/overview.tsx b/x-pack/legacy/plugins/siem/public/pages/overview/overview.tsx index 0b588e31be879..2009878a51c61 100644 --- a/x-pack/legacy/plugins/siem/public/pages/overview/overview.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/overview/overview.tsx @@ -64,51 +64,57 @@ const OverviewComponent: React.FC = ({ {({ from, deleteQuery, setQuery, to }) => ( - <> - - - - - - - - - - + + + + + + + + + + + + + + + + + + )} diff --git a/x-pack/legacy/plugins/siem/public/pages/overview/overview_empty/index.tsx b/x-pack/legacy/plugins/siem/public/pages/overview/overview_empty/index.tsx index 43883515574ac..9565b764b09e7 100644 --- a/x-pack/legacy/plugins/siem/public/pages/overview/overview_empty/index.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/overview/overview_empty/index.tsx @@ -13,7 +13,7 @@ import { useKibana } from '../../../lib/kibana'; const basePath = chrome.getBasePath(); -export const OverviewEmpty = React.memo(() => { +const OverviewEmptyComponent: React.FC = () => { const docLinks = useKibana().services.docLinks; return ( @@ -30,6 +30,8 @@ export const OverviewEmpty = React.memo(() => { title={i18nCommon.EMPTY_TITLE} /> ); -}); +}; -OverviewEmpty.displayName = 'OverviewEmpty'; +OverviewEmptyComponent.displayName = 'OverviewEmptyComponent'; + +export const OverviewEmpty = React.memo(OverviewEmptyComponent); diff --git a/x-pack/legacy/plugins/siem/public/pages/overview/signals_by_category/index.tsx b/x-pack/legacy/plugins/siem/public/pages/overview/signals_by_category/index.tsx index fcf726723bdc1..7b25c6838a787 100644 --- a/x-pack/legacy/plugins/siem/public/pages/overview/signals_by_category/index.tsx +++ b/x-pack/legacy/plugins/siem/public/pages/overview/signals_by_category/index.tsx @@ -5,16 +5,18 @@ */ import React, { useCallback } from 'react'; -import { esFilters, IIndexPattern, Query } from 'src/plugins/data/public'; -import { useSignalIndex } from '../../../containers/detection_engine/signals/use_signal_index'; import { SignalsHistogramPanel } from '../../detection_engine/components/signals_histogram_panel'; +import { signalsHistogramOptions } from '../../detection_engine/components/signals_histogram_panel/config'; +import { useSignalIndex } from '../../../containers/detection_engine/signals/use_signal_index'; import { SetAbsoluteRangeDatePicker } from '../../network/types'; +import { esFilters, IIndexPattern, Query } from '../../../../../../../../src/plugins/data/public'; import { inputsModel } from '../../../store'; import * as i18n from '../translations'; -const NO_FILTERS: esFilters.Filter[] = []; const DEFAULT_QUERY: Query = { query: '', language: 'kuery' }; +const DEFAULT_STACK_BY = 'signal.rule.threat.tactic.name'; +const NO_FILTERS: esFilters.Filter[] = []; interface Props { deleteQuery?: ({ id }: { id: string }) => void; @@ -32,47 +34,46 @@ interface Props { to: number; } -export const SignalsByCategory = React.memo( - ({ - deleteQuery, - filters = NO_FILTERS, - from, - query = DEFAULT_QUERY, - setAbsoluteRangeDatePicker, - setQuery, - to, - }) => { - const updateDateRangeCallback = useCallback( - (min: number, max: number) => { - setAbsoluteRangeDatePicker!({ id: 'global', from: min, to: max }); - }, - [setAbsoluteRangeDatePicker] - ); - const defaultStackByOption = { - text: `${i18n.SIGNALS_BY_CATEGORY}`, - value: 'signal.rule.threat', - }; +const SignalsByCategoryComponent: React.FC = ({ + deleteQuery, + filters = NO_FILTERS, + from, + query = DEFAULT_QUERY, + setAbsoluteRangeDatePicker, + setQuery, + to, +}) => { + const { signalIndexName } = useSignalIndex(); + const updateDateRangeCallback = useCallback( + (min: number, max: number) => { + setAbsoluteRangeDatePicker!({ id: 'global', from: min, to: max }); + }, + [setAbsoluteRangeDatePicker] + ); + + const defaultStackByOption = + signalsHistogramOptions.find(o => o.text === DEFAULT_STACK_BY) ?? signalsHistogramOptions[0]; - const { signalIndexName } = useSignalIndex(); + return ( + + ); +}; - return ( - - ); - } -); +SignalsByCategoryComponent.displayName = 'SignalsByCategoryComponent'; -SignalsByCategory.displayName = 'SignalsByCategory'; +export const SignalsByCategory = React.memo(SignalsByCategoryComponent); diff --git a/x-pack/legacy/plugins/siem/public/pages/overview/translations.ts b/x-pack/legacy/plugins/siem/public/pages/overview/translations.ts index 656abd3dc0570..e20083bf51772 100644 --- a/x-pack/legacy/plugins/siem/public/pages/overview/translations.ts +++ b/x-pack/legacy/plugins/siem/public/pages/overview/translations.ts @@ -6,21 +6,13 @@ import { i18n } from '@kbn/i18n'; -export const ALERTS_COUNT_BY = (groupByField: string) => - i18n.translate('xpack.siem.overview.alertsCountByTitle', { - values: { groupByField }, - defaultMessage: 'Alerts count by {groupByField}', - }); - export const ALERTS_GRAPH_TITLE = i18n.translate('xpack.siem.overview.alertsGraphTitle', { defaultMessage: 'External alerts count', }); -export const EVENTS_COUNT_BY = (groupByField: string) => - i18n.translate('xpack.siem.overview.eventsCountByTitle', { - values: { groupByField }, - defaultMessage: 'Events count by {groupByField}', - }); +export const EVENTS = i18n.translate('xpack.siem.overview.eventsTitle', { + defaultMessage: 'Events count', +}); export const NEWS_FEED_TITLE = i18n.translate('xpack.siem.overview.newsFeedSidebarTitle', { defaultMessage: 'Security news', @@ -38,8 +30,8 @@ export const RECENT_TIMELINES = i18n.translate('xpack.siem.overview.recentTimeli defaultMessage: 'Recent timelines', }); -export const SIGNALS_BY_CATEGORY = i18n.translate('xpack.siem.overview.signalsByCategoryTitle', { - defaultMessage: 'Signals count by MITRE ATT&CK\\u2122 category', +export const SIGNAL_COUNT = i18n.translate('xpack.siem.overview.signalCountTitle', { + defaultMessage: 'Signals count', }); export const VIEW_ALERTS = i18n.translate('xpack.siem.overview.viewAlertsButtonLabel', { From d8adb395b1284173563a86b5263e26808c2adc07 Mon Sep 17 00:00:00 2001 From: Matthias Wilhelm Date: Wed, 29 Jan 2020 13:31:47 +0100 Subject: [PATCH 35/40] Migrate saved_object_save_as_checkbox directive to timelion (#56114) - since it's only used there --- src/legacy/core_plugins/timelion/public/app.js | 2 +- .../directives}/saved_object_save_as_checkbox.html | 4 ++-- .../directives}/saved_object_save_as_checkbox.js | 2 +- src/legacy/ui/public/saved_objects/saved_object.ts | 11 ----------- x-pack/plugins/translations/translations/ja-JP.json | 6 +++--- x-pack/plugins/translations/translations/zh-CN.json | 6 +++--- 6 files changed, 10 insertions(+), 21 deletions(-) rename src/legacy/{ui/public/saved_objects/ui => core_plugins/timelion/public/directives}/saved_object_save_as_checkbox.html (90%) rename src/legacy/{ui/public/saved_objects/ui => core_plugins/timelion/public/directives}/saved_object_save_as_checkbox.js (96%) diff --git a/src/legacy/core_plugins/timelion/public/app.js b/src/legacy/core_plugins/timelion/public/app.js index e9f8e3496acf4..a7fa9e0290a1c 100644 --- a/src/legacy/core_plugins/timelion/public/app.js +++ b/src/legacy/core_plugins/timelion/public/app.js @@ -38,7 +38,7 @@ import 'ui/directives/input_focus'; import './directives/saved_object_finder'; import 'ui/directives/listen'; import 'ui/kbn_top_nav'; -import 'ui/saved_objects/ui/saved_object_save_as_checkbox'; +import './directives/saved_object_save_as_checkbox'; import '../../data/public/legacy'; import './services/saved_sheet_register'; diff --git a/src/legacy/ui/public/saved_objects/ui/saved_object_save_as_checkbox.html b/src/legacy/core_plugins/timelion/public/directives/saved_object_save_as_checkbox.html similarity index 90% rename from src/legacy/ui/public/saved_objects/ui/saved_object_save_as_checkbox.html rename to src/legacy/core_plugins/timelion/public/directives/saved_object_save_as_checkbox.html index 77b4489f0c1d7..3e4a1526113c3 100644 --- a/src/legacy/ui/public/saved_objects/ui/saved_object_save_as_checkbox.html +++ b/src/legacy/core_plugins/timelion/public/directives/saved_object_save_as_checkbox.html @@ -2,7 +2,7 @@
diff --git a/src/legacy/ui/public/saved_objects/ui/saved_object_save_as_checkbox.js b/src/legacy/core_plugins/timelion/public/directives/saved_object_save_as_checkbox.js similarity index 96% rename from src/legacy/ui/public/saved_objects/ui/saved_object_save_as_checkbox.js rename to src/legacy/core_plugins/timelion/public/directives/saved_object_save_as_checkbox.js index f67b36bcdfc99..ac830092ce670 100644 --- a/src/legacy/ui/public/saved_objects/ui/saved_object_save_as_checkbox.js +++ b/src/legacy/core_plugins/timelion/public/directives/saved_object_save_as_checkbox.js @@ -17,7 +17,7 @@ * under the License. */ -import { uiModules } from '../../modules'; +import { uiModules } from 'ui/modules'; import saveObjectSaveAsCheckboxTemplate from './saved_object_save_as_checkbox.html'; uiModules.get('kibana').directive('savedObjectSaveAsCheckBox', function() { diff --git a/src/legacy/ui/public/saved_objects/saved_object.ts b/src/legacy/ui/public/saved_objects/saved_object.ts index 91182e67aac0d..ca0746410a7dd 100644 --- a/src/legacy/ui/public/saved_objects/saved_object.ts +++ b/src/legacy/ui/public/saved_objects/saved_object.ts @@ -27,7 +27,6 @@ * This class seems to interface with ES primarily through the es Angular * service and the saved object api. */ -import { npStart } from 'ui/new_platform'; import { SavedObject, SavedObjectConfig, SavedObjectKibanaServices } from './types'; import { buildSavedObject } from './helpers/build_saved_object'; @@ -51,13 +50,3 @@ export function createSavedObjectClass(services: SavedObjectKibanaServices) { return SavedObjectClass as new (config: SavedObjectConfig) => SavedObject; } -// the old angular way, should be removed once no longer used -export function SavedObjectProvider() { - const services = { - savedObjectsClient: npStart.core.savedObjects.client, - indexPatterns: npStart.plugins.data.indexPatterns, - chrome: npStart.core.chrome, - overlays: npStart.core.overlays, - }; - return createSavedObjectClass(services); -} diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 408845449adc8..68a8768b550c1 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -463,9 +463,7 @@ "common.ui.savedObjects.confirmModal.overwriteTitle": "{name} を上書きしますか?", "common.ui.savedObjects.confirmModal.saveDuplicateButtonLabel": "{name} を保存", "common.ui.savedObjects.confirmModal.saveDuplicateConfirmationMessage": "「{title}」というタイトルの {name} が既に存在します。保存を続けますか?", - "common.ui.savedObjects.howToSaveAsNewDescription": "Kibana の以前のバージョンでは、{savedObjectName} の名前を変更すると新しい名前でコピーが作成されました。今後この操作を行うには、「新規 {savedObjectName} として保存」を使用します。", "common.ui.savedObjects.overwriteRejectedDescription": "上書き確認が拒否されました", - "common.ui.savedObjects.saveAsNewLabel": "新規 {savedObjectName} として保存", "common.ui.savedObjects.saveDuplicateRejectedDescription": "重複ファイルの保存確認が拒否されました", "common.ui.scriptingLanguages.errorFetchingToastDescription": "Elasticsearch から利用可能なスクリプト言語の取得中にエラーが発生しました", "common.ui.stateManagement.unableToParseUrlErrorMessage": "URL をパースできません", @@ -2930,6 +2928,8 @@ "timelion.panels.timechart.unknownIntervalErrorMessage": "不明な間隔", "timelion.registerFeatureDescription": "時系列データを分析して結果を可視化するには、式言語を使用してください。", "timelion.requestHandlerErrorTitle": "Timelion リクエストエラー", + "timelion.savedObjects.howToSaveAsNewDescription": "Kibana の以前のバージョンでは、{savedObjectName} の名前を変更すると新しい名前でコピーが作成されました。今後この操作を行うには、「新規 {savedObjectName} として保存」を使用します。", + "timelion.savedObjects.saveAsNewLabel": "新規 {savedObjectName} として保存", "timelion.saveExpression.successNotificationText": "保存された式「{title}」", "timelion.saveSheet.successNotificationText": "保存されたシート「{title}」", "timelion.search.submitAriaLabel": "検索", @@ -13201,4 +13201,4 @@ "xpack.watcher.watchEdit.thresholdWatchExpression.aggType.fieldIsRequiredValidationMessage": "フィールドを選択してください。", "xpack.watcher.watcherDescription": "アラートの作成、管理、監視によりデータへの変更を検知します。" } -} \ No newline at end of file +} diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 58b6a96793ccb..e98ca26410e2c 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -463,9 +463,7 @@ "common.ui.savedObjects.confirmModal.overwriteTitle": "覆盖“{name}”?", "common.ui.savedObjects.confirmModal.saveDuplicateButtonLabel": "保存“{name}”", "common.ui.savedObjects.confirmModal.saveDuplicateConfirmationMessage": "具有标题 “{title}” 的 “{name}” 已存在。是否确定要保存?", - "common.ui.savedObjects.howToSaveAsNewDescription": "在 Kibana 的以前版本中,更改 {savedObjectName} 的名称将创建具有新名称的副本。使用“另存为新的 {savedObjectName}” 复选框可立即达到此目的。", "common.ui.savedObjects.overwriteRejectedDescription": "已拒绝覆盖确认", - "common.ui.savedObjects.saveAsNewLabel": "另存为新的 {savedObjectName}", "common.ui.savedObjects.saveDuplicateRejectedDescription": "已拒绝使用重复标题保存确认", "common.ui.scriptingLanguages.errorFetchingToastDescription": "从 Elasticsearch 获取可用的脚本语言时出错", "common.ui.stateManagement.unableToParseUrlErrorMessage": "无法解析 URL", @@ -2930,6 +2928,8 @@ "timelion.panels.timechart.unknownIntervalErrorMessage": "时间间隔未知", "timelion.registerFeatureDescription": "使用表达式语言分析时间序列数据,并将结果可视化。", "timelion.requestHandlerErrorTitle": "Timelion 请求错误", + "timelion.savedObjects.howToSaveAsNewDescription": "在 Kibana 的以前版本中,更改 {savedObjectName} 的名称将创建具有新名称的副本。使用“另存为新的 {savedObjectName}” 复选框可立即达到此目的。", + "timelion.savedObjects.saveAsNewLabel": "另存为新的 {savedObjectName}", "timelion.saveExpression.successNotificationText": "已保存表达式“{title}”", "timelion.saveSheet.successNotificationText": "已保存工作表“{title}”", "timelion.search.submitAriaLabel": "搜索", @@ -13200,4 +13200,4 @@ "xpack.watcher.watchEdit.thresholdWatchExpression.aggType.fieldIsRequiredValidationMessage": "此字段必填。", "xpack.watcher.watcherDescription": "通过创建、管理和监测警报来检测数据中的更改。" } -} \ No newline at end of file +} From 1838d76af624e9ea82a3af337b5c74271300c4be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cau=C3=AA=20Marcondes?= <55978943+cauemarcondes@users.noreply.github.com> Date: Wed, 29 Jan 2020 13:29:35 +0000 Subject: [PATCH 36/40] [APM] x-axis labels on Error occurrences chart are incorrect based on Kibana timezone (#55686) * adjusting x-axis to use kibana timezone * adjusting x-axis to use kibana timezone * refactoring --- .../ErrorGroupDetails/Distribution/index.tsx | 19 +++++- .../shared/charts/CustomPlot/plotUtils.tsx | 21 ++---- .../shared/charts/Histogram/index.js | 18 ++++- .../charts/helper/__test__/timezone.test.ts | 68 +++++++++++++++++++ .../shared/charts/helper/timezone.ts | 31 +++++++++ 5 files changed, 137 insertions(+), 20 deletions(-) create mode 100644 x-pack/legacy/plugins/apm/public/components/shared/charts/helper/__test__/timezone.test.ts create mode 100644 x-pack/legacy/plugins/apm/public/components/shared/charts/helper/timezone.ts diff --git a/x-pack/legacy/plugins/apm/public/components/app/ErrorGroupDetails/Distribution/index.tsx b/x-pack/legacy/plugins/apm/public/components/app/ErrorGroupDetails/Distribution/index.tsx index daba164a4a00c..c67bb491910b7 100644 --- a/x-pack/legacy/plugins/apm/public/components/app/ErrorGroupDetails/Distribution/index.tsx +++ b/x-pack/legacy/plugins/apm/public/components/app/ErrorGroupDetails/Distribution/index.tsx @@ -6,11 +6,14 @@ import { EuiTitle } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; +import { scaleUtc } from 'd3-scale'; +import d3 from 'd3'; import React from 'react'; +import { asRelativeDateTimeRange } from '../../../../utils/formatters'; +import { getTimezoneOffsetInMs } from '../../../shared/charts/CustomPlot/getTimezoneOffsetInMs'; // @ts-ignore import Histogram from '../../../shared/charts/Histogram'; import { EmptyMessage } from '../../../shared/EmptyMessage'; -import { asRelativeDateTimeRange } from '../../../../utils/formatters'; interface IBucket { key: number; @@ -61,7 +64,7 @@ export function ErrorDistribution({ distribution, title }: Props) { distribution.bucketSize ); - if (distribution.noHits) { + if (!buckets || distribution.noHits) { return ( d.x0); + const xMax = d3.max(buckets, d => d.x); + const tickFormat = scaleUtc() + .domain([xMin, xMax]) + .tickFormat(); + return (
@@ -79,7 +88,11 @@ export function ErrorDistribution({ distribution, title }: Props) { bucket.x} - xType="time" + xType="time-utc" + formatX={(value: Date) => { + const time = value.getTime(); + return tickFormat(new Date(time - getTimezoneOffsetInMs(time))); + }} buckets={buckets} bucketSize={distribution.bucketSize} formatYShort={(value: number) => diff --git a/x-pack/legacy/plugins/apm/public/components/shared/charts/CustomPlot/plotUtils.tsx b/x-pack/legacy/plugins/apm/public/components/shared/charts/CustomPlot/plotUtils.tsx index 10eb4659ea695..64350a5741647 100644 --- a/x-pack/legacy/plugins/apm/public/components/shared/charts/CustomPlot/plotUtils.tsx +++ b/x-pack/legacy/plugins/apm/public/components/shared/charts/CustomPlot/plotUtils.tsx @@ -13,7 +13,7 @@ import React from 'react'; import { TimeSeries, Coordinate } from '../../../../../typings/timeseries'; import { unit } from '../../../../style/variables'; -import { getTimezoneOffsetInMs } from './getTimezoneOffsetInMs'; +import { getDomainTZ, getTimeTicksTZ } from '../helper/timezone'; const XY_HEIGHT = unit * 16; const XY_MARGIN = { @@ -73,7 +73,6 @@ export function getPlotValues( ); const xMin = d3.min(flattenedCoordinates, d => d.x); - const xMax = d3.max(flattenedCoordinates, d => d.x); if (yMax === 'max') { @@ -83,9 +82,7 @@ export function getPlotValues( yMin = d3.min(flattenedCoordinates, d => d.y ?? 0); } - const [xMinZone, xMaxZone] = [xMin, xMax].map(x => { - return x - getTimezoneOffsetInMs(x); - }); + const [xMinZone, xMaxZone] = getDomainTZ(xMin, xMax); const xScale = getXScale(xMin, xMax, width); const yScale = getYScale(yMin, yMax); @@ -97,15 +94,11 @@ export function getPlotValues( // d3 will determine the exact number of ticks based on the selected range const xTickTotal = Math.floor(width / 100); - const xTickValues = d3.time.scale - .utc() - .domain([xMinZone, xMaxZone]) - .range([0, width]) - .ticks(xTickTotal) - .map(x => { - const time = x.getTime(); - return new Date(time + getTimezoneOffsetInMs(time)); - }); + const xTickValues = getTimeTicksTZ({ + domain: [xMinZone, xMaxZone], + totalTicks: xTickTotal, + width + }); return { x: xScale, diff --git a/x-pack/legacy/plugins/apm/public/components/shared/charts/Histogram/index.js b/x-pack/legacy/plugins/apm/public/components/shared/charts/Histogram/index.js index 50c94fe88e6ad..d8f7815d25be6 100644 --- a/x-pack/legacy/plugins/apm/public/components/shared/charts/Histogram/index.js +++ b/x-pack/legacy/plugins/apm/public/components/shared/charts/Histogram/index.js @@ -25,6 +25,7 @@ import { unit } from '../../../../style/variables'; import Tooltip from '../Tooltip'; import theme from '@elastic/eui/dist/eui_theme_light.json'; import { tint } from 'polished'; +import { getTimeTicksTZ, getDomainTZ } from '../helper/timezone'; const XY_HEIGHT = unit * 10; const XY_MARGIN = { @@ -104,6 +105,9 @@ export class HistogramInner extends PureComponent { return null; } + const isTimeSeries = + this.props.xType === 'time' || this.props.xType === 'time-utc'; + const xMin = d3.min(buckets, d => d.x0); const xMax = d3.max(buckets, d => d.x); const yMin = 0; @@ -120,11 +124,18 @@ export class HistogramInner extends PureComponent { .range([XY_HEIGHT, 0]) .nice(); + const [xMinZone, xMaxZone] = getDomainTZ(xMin, xMax); + const xTickValues = isTimeSeries + ? getTimeTicksTZ({ + domain: [xMinZone, xMaxZone], + totalTicks: X_TICK_TOTAL, + width: XY_WIDTH + }) + : undefined; + const xDomain = x.domain(); const yDomain = y.domain(); const yTickValues = [0, yDomain[1] / 2, yDomain[1]]; - const isTimeSeries = - this.props.xType === 'time' || this.props.xType === 'time-utc'; const shouldShowTooltip = hoveredBucket.x > 0 && (hoveredBucket.y > 0 || isTimeSeries); @@ -150,6 +161,7 @@ export class HistogramInner extends PureComponent { tickSizeInner={0} tickTotal={X_TICK_TOTAL} tickFormat={formatX} + tickValues={xTickValues} /> { + nodes={buckets.map(bucket => { return { ...bucket, xCenter: (bucket.x0 + bucket.x) / 2 diff --git a/x-pack/legacy/plugins/apm/public/components/shared/charts/helper/__test__/timezone.test.ts b/x-pack/legacy/plugins/apm/public/components/shared/charts/helper/__test__/timezone.test.ts new file mode 100644 index 0000000000000..ab4c599dfcf75 --- /dev/null +++ b/x-pack/legacy/plugins/apm/public/components/shared/charts/helper/__test__/timezone.test.ts @@ -0,0 +1,68 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import moment from 'moment-timezone'; +import { getDomainTZ, getTimeTicksTZ } from '../timezone'; + +describe('Timezone helper', () => { + let originalTimezone: moment.MomentZone | null; + const min = new Date('Tue Jan 28 2020 05:36:00 GMT+0100').valueOf(); + const max = new Date('Wed Jan 29 2020 07:12:00 GMT+0100').valueOf(); + + afterAll(() => { + moment.tz.setDefault(originalTimezone ? originalTimezone.name : ''); + }); + describe('getTimeTicksTZ', () => { + it('returns ticks when in Ameca/New_York timezone', () => { + moment.tz.setDefault('America/New_York'); + expect( + getTimeTicksTZ({ domain: [min, max], totalTicks: 8, width: 1138 }) + ).toEqual([ + new Date('2020-01-28T11:00:00.000Z'), + new Date('2020-01-28T14:00:00.000Z'), + new Date('2020-01-28T17:00:00.000Z'), + new Date('2020-01-28T20:00:00.000Z'), + new Date('2020-01-28T23:00:00.000Z'), + new Date('2020-01-29T02:00:00.000Z'), + new Date('2020-01-29T05:00:00.000Z'), + new Date('2020-01-29T08:00:00.000Z'), + new Date('2020-01-29T11:00:00.000Z') + ]); + }); + it('returns ticks when in Europe/Amsterdam timezone', () => { + moment.tz.setDefault('Europe/Amsterdam'); + expect( + getTimeTicksTZ({ domain: [min, max], totalTicks: 8, width: 1138 }) + ).toEqual([ + new Date('2020-01-28T05:00:00.000Z'), + new Date('2020-01-28T08:00:00.000Z'), + new Date('2020-01-28T11:00:00.000Z'), + new Date('2020-01-28T14:00:00.000Z'), + new Date('2020-01-28T17:00:00.000Z'), + new Date('2020-01-28T20:00:00.000Z'), + new Date('2020-01-28T23:00:00.000Z'), + new Date('2020-01-29T02:00:00.000Z'), + new Date('2020-01-29T05:00:00.000Z') + ]); + }); + }); + + describe('getDomainTZ', () => { + it('returns domain when in Ameca/New_York timezone', () => { + moment.tz.setDefault('America/New_York'); + expect(getDomainTZ(min, max)).toEqual([ + new Date('Tue Jan 28 2020 00:36:00 GMT+0100').valueOf(), + new Date('Wed Jan 29 2020 02:12:00 GMT+0100').valueOf() + ]); + }); + it('returns domain when in Europe/Amsterdam timezone', () => { + moment.tz.setDefault('Europe/Amsterdam'); + expect(getDomainTZ(min, max)).toEqual([ + new Date('Tue Jan 28 2020 06:36:00 GMT+0100').valueOf(), + new Date('Wed Jan 29 2020 08:12:00 GMT+0100').valueOf() + ]); + }); + }); +}); diff --git a/x-pack/legacy/plugins/apm/public/components/shared/charts/helper/timezone.ts b/x-pack/legacy/plugins/apm/public/components/shared/charts/helper/timezone.ts new file mode 100644 index 0000000000000..1a6be1a76ea63 --- /dev/null +++ b/x-pack/legacy/plugins/apm/public/components/shared/charts/helper/timezone.ts @@ -0,0 +1,31 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import d3 from 'd3'; +import { getTimezoneOffsetInMs } from '../CustomPlot/getTimezoneOffsetInMs'; + +interface Params { + domain: [number, number]; + totalTicks: number; + width: number; +} + +export const getTimeTicksTZ = ({ domain, totalTicks, width }: Params) => + d3.time.scale + .utc() + .domain(domain) + .range([0, width]) + .ticks(totalTicks) + .map(x => { + const time = x.getTime(); + return new Date(time + getTimezoneOffsetInMs(time)); + }); + +export const getDomainTZ = (min: number, max: number): [number, number] => { + const [xMinZone, xMaxZone] = [min, max].map( + time => time - getTimezoneOffsetInMs(time) + ); + return [xMinZone, xMaxZone]; +}; From 25fb555a53f71e1720ddc3749aad0196a798cf4f Mon Sep 17 00:00:00 2001 From: Dmitry Lemeshko Date: Wed, 29 Jan 2020 14:36:47 +0100 Subject: [PATCH 37/40] Code coverage: run functional tests from repo copy (#55195) * run functional tests from cloned folders * do not copy kibana.yml Co-authored-by: Elastic Machine --- .ci/Jenkinsfile_coverage | 11 ++--------- test/scripts/jenkins_ci_group.sh | 17 ++++++++++++++++- test/scripts/jenkins_xpack_ci_group.sh | 17 ++++++++++++++++- 3 files changed, 34 insertions(+), 11 deletions(-) diff --git a/.ci/Jenkinsfile_coverage b/.ci/Jenkinsfile_coverage index 01c18b10d0804..e40cc584dc376 100644 --- a/.ci/Jenkinsfile_coverage +++ b/.ci/Jenkinsfile_coverage @@ -40,16 +40,11 @@ stage("Kibana Pipeline") { // This stage is just here to help the BlueOcean UI a 'oss-ciGroup11': kibanaPipeline.getOssCiGroupWorker(11), 'oss-ciGroup12': kibanaPipeline.getOssCiGroupWorker(12), ]), - 'kibana-xpack-agent-1': kibanaPipeline.withWorkers('kibana-xpack-tests-1', { kibanaPipeline.buildXpack() }, [ + 'kibana-xpack-agent': kibanaPipeline.withWorkers('kibana-xpack-tests', { kibanaPipeline.buildXpack() }, [ 'xpack-ciGroup1': kibanaPipeline.getXpackCiGroupWorker(1), 'xpack-ciGroup2': kibanaPipeline.getXpackCiGroupWorker(2), - ]), - 'kibana-xpack-agent-2': kibanaPipeline.withWorkers('kibana-xpack-tests-2', { kibanaPipeline.buildXpack() }, [ 'xpack-ciGroup3': kibanaPipeline.getXpackCiGroupWorker(3), 'xpack-ciGroup4': kibanaPipeline.getXpackCiGroupWorker(4), - ]), - - 'kibana-xpack-agent-3': kibanaPipeline.withWorkers('kibana-xpack-tests-3', { kibanaPipeline.buildXpack() }, [ 'xpack-ciGroup5': kibanaPipeline.getXpackCiGroupWorker(5), 'xpack-ciGroup6': kibanaPipeline.getXpackCiGroupWorker(6), 'xpack-ciGroup7': kibanaPipeline.getXpackCiGroupWorker(7), @@ -75,9 +70,7 @@ stage("Kibana Pipeline") { // This stage is just here to help the BlueOcean UI a echo extracting kibana-oss-tests tar -xzf /tmp/downloaded_coverage/coverage/kibana-oss-tests/kibana-coverage.tar.gz -C /tmp/extracted_coverage echo extracting kibana-xpack-tests - for i in {1..3}; do - tar -xzf /tmp/downloaded_coverage/coverage/kibana-xpack-tests-${i}/kibana-coverage.tar.gz -C /tmp/extracted_coverage - done + tar -xzf /tmp/downloaded_coverage/coverage/kibana-xpack-tests/kibana-coverage.tar.gz -C /tmp/extracted_coverage # replace path in json files to have valid html report pwd=$(pwd) du -sh /tmp/extracted_coverage/target/kibana-coverage/ diff --git a/test/scripts/jenkins_ci_group.sh b/test/scripts/jenkins_ci_group.sh index bef6b518b1999..4b6b7a9262539 100755 --- a/test/scripts/jenkins_ci_group.sh +++ b/test/scripts/jenkins_ci_group.sh @@ -14,5 +14,20 @@ if [[ -z "$CODE_COVERAGE" ]]; then else echo " -> Running Functional tests with code coverage" export NODE_OPTIONS=--max_old_space_size=8192 + + echo " -> making hard link clones" + cd .. + cp -RlP kibana "kibana${CI_GROUP}" + cd "kibana${CI_GROUP}" + + echo " -> running tests from the clone folder" yarn run grunt "run:functionalTests_ciGroup${CI_GROUP}"; -fi + + if [[ -d target/kibana-coverage/functional ]]; then + echo " -> replacing kibana${CI_GROUP} with kibana in json files" + sed -i "s|kibana${CI_GROUP}|kibana|g" target/kibana-coverage/functional/*.json + echo " -> copying coverage to the original folder" + mkdir -p ../kibana/target/kibana-coverage/functional + cp -R target/kibana-coverage/functional/. ../kibana/target/kibana-coverage/functional/ + fi +fi \ No newline at end of file diff --git a/test/scripts/jenkins_xpack_ci_group.sh b/test/scripts/jenkins_xpack_ci_group.sh index b599dc73005ec..9790ebfb4ef40 100755 --- a/test/scripts/jenkins_xpack_ci_group.sh +++ b/test/scripts/jenkins_xpack_ci_group.sh @@ -16,5 +16,20 @@ if [[ -z "$CODE_COVERAGE" ]]; then else echo " -> Running X-Pack functional tests with code coverage" export NODE_OPTIONS=--max_old_space_size=8192 + + echo " -> making hard link clones" + cd .. + cp -RlP kibana "kibana${CI_GROUP}" + cd "kibana${CI_GROUP}/x-pack" + + echo " -> running tests from the clone folder" node scripts/functional_tests --debug --include-tag "ciGroup$CI_GROUP" -fi + + if [[ -d ../target/kibana-coverage/functional ]]; then + echo " -> replacing kibana${CI_GROUP} with kibana in json files" + sed -i "s|kibana${CI_GROUP}|kibana|g" ../target/kibana-coverage/functional/*.json + echo " -> copying coverage to the original folder" + mkdir -p ../../kibana/target/kibana-coverage/functional + cp -R ../target/kibana-coverage/functional/. ../../kibana/target/kibana-coverage/functional/ + fi +fi \ No newline at end of file From c2aff7e2fb39060a2a4d572c08199a2204097103 Mon Sep 17 00:00:00 2001 From: Jean-Louis Leysens Date: Wed, 29 Jan 2020 14:40:23 +0100 Subject: [PATCH 38/40] Re-enable watcher FireFox functional test (#56112) Co-authored-by: Elastic Machine --- x-pack/test/functional/apps/watcher/watcher_test.js | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/x-pack/test/functional/apps/watcher/watcher_test.js b/x-pack/test/functional/apps/watcher/watcher_test.js index 8f9dccf853e9e..a3b955f8fccee 100644 --- a/x-pack/test/functional/apps/watcher/watcher_test.js +++ b/x-pack/test/functional/apps/watcher/watcher_test.js @@ -18,8 +18,7 @@ export default function({ getService, getPageObjects }) { const esSupertest = getService('esSupertest'); const PageObjects = getPageObjects(['security', 'common', 'header', 'settings', 'watcher']); - // Failing: https://github.com/elastic/kibana/issues/56014 - describe.skip('watcher_test', function() { + describe('watcher_test', function() { before('initialize tests', async () => { // There may be system watches if monitoring was previously enabled // These cannot be deleted via the UI, so we need to delete via the API @@ -34,7 +33,11 @@ export default function({ getService, getPageObjects }) { } await browser.setWindowSize(1600, 1000); - await PageObjects.common.navigateToApp('watcher'); + // TODO: Remove the retry.try wrapper once https://github.com/elastic/kibana/issues/55985 is resolved + retry.try(async () => { + await PageObjects.common.navigateToApp('watcher'); + await testSubjects.find('createWatchButton'); + }); }); it('create and save a new watch', async () => { From 7f63118d6bca9746de04b67a687eded04c95e57c Mon Sep 17 00:00:00 2001 From: Daniil Suleiman <31325372+sulemanof@users.noreply.github.com> Date: Wed, 29 Jan 2020 17:41:18 +0300 Subject: [PATCH 39/40] Vis default editor plugin (#55612) * Shim the default_editor * Update paths in vis_default_editor * Update paths in dependent plugins * Update the dependent plugins * Create an entry point * Wrap the editor with kibana context * Fix circular re-renders * Update sub aggs mapping * Move schemas and agg_groups to agg_types, update jest tests * Use services from kibana context, other fixes * Fix useEffect maximum update depth * Create i18n namesapce for visDefaultEditor, rename translations * Fix tests * Resolve paths * Remove ui/vis/vis_types * Fix vis import * Move editor_config_provider to ui/vis --- .eslintrc.js | 8 + .i18nrc.json | 1 + .../public/components/editor/controls_tab.tsx | 4 +- .../components/editor/options_tab.test.tsx | 2 +- .../public/components/editor/options_tab.tsx | 2 +- .../public/legacy_imports.ts | 2 - .../public/vis_controller.tsx | 3 +- .../kibana/public/discover/kibana_services.ts | 1 - .../discover/np_ready/angular/discover.js | 2 +- .../kibana/public/visualize/legacy_imports.ts | 2 +- .../visualize/np_ready/editor/editor.js | 2 +- .../np_ready/editor/visualization_editor.js | 5 +- .../public/visualize/np_ready/types.d.ts | 7 +- .../__tests__/region_map_visualization.js | 2 +- .../public/components/region_map_options.tsx | 2 +- .../region_map/public/region_map_type.js | 2 +- .../coordinate_maps_visualization.js | 2 +- .../public/components/tile_map_options.tsx | 2 +- .../public/components/wms_options.tsx | 2 +- .../tile_map/public/tile_map_type.js | 4 +- .../vis_default_editor/index.ts} | 25 +- .../vis_default_editor/package.json | 4 + .../vis_default_editor/public}/_agg.scss | 0 .../public}/_agg_params.scss | 0 .../vis_default_editor/public}/_default.scss | 0 .../vis_default_editor/public}/_sidebar.scss | 9 - .../__snapshots__/agg.test.tsx.snap | 0 .../__snapshots__/agg_group.test.tsx.snap | 0 .../__snapshots__/agg_params.test.tsx.snap | 0 .../public}/components/agg.test.tsx | 17 +- .../public}/components/agg.tsx | 41 +-- .../public}/components/agg_add.tsx | 14 +- .../public}/components/agg_common_props.ts | 6 +- .../public}/components/agg_group.test.tsx | 23 +- .../public}/components/agg_group.tsx | 11 +- .../components/agg_group_helper.test.ts | 2 +- .../public}/components/agg_group_helper.tsx | 2 +- .../public}/components/agg_group_state.tsx | 2 +- .../public}/components/agg_param.tsx | 2 +- .../public}/components/agg_param_props.ts | 8 +- .../public}/components/agg_params.test.tsx | 18 +- .../public}/components/agg_params.tsx | 32 +-- .../components/agg_params_helper.test.ts | 34 +-- .../public}/components/agg_params_helper.ts | 35 ++- .../public/components/agg_params_map.ts | 106 ++++++++ .../public}/components/agg_params_state.ts | 0 .../public}/components/agg_select.tsx | 20 +- .../extended_bounds.test.tsx.snap | 0 .../__snapshots__/metric_agg.test.tsx.snap | 0 .../controls/__snapshots__/size.test.tsx.snap | 2 +- .../__snapshots__/top_aggregate.test.tsx.snap | 2 +- .../controls/agg_control_props.tsx | 5 +- .../components}/controls/agg_utils.test.tsx | 4 +- .../components}/controls/auto_precision.tsx | 4 +- .../controls/components/from_to_list.tsx | 9 +- .../controls/components/input_list.tsx | 2 +- .../controls/components/mask_list.tsx | 9 +- .../__snapshots__/number_list.test.tsx.snap | 2 +- .../__snapshots__/number_row.test.tsx.snap | 0 .../controls/components/number_list/index.ts | 0 .../number_list/number_list.test.tsx | 0 .../components/number_list/number_list.tsx | 6 +- .../number_list/number_row.test.tsx | 0 .../components/number_list/number_row.tsx | 11 +- .../components/number_list/range.test.ts | 0 .../controls/components/number_list/range.ts | 0 .../components/number_list/utils.test.ts | 0 .../controls/components/number_list/utils.ts | 2 +- .../components}/controls/date_ranges.test.tsx | 2 +- .../components}/controls/date_ranges.tsx | 37 +-- .../components}/controls/drop_partials.tsx | 6 +- .../controls/extended_bounds.test.tsx | 2 +- .../components}/controls/extended_bounds.tsx | 11 +- .../components}/controls/field.test.tsx | 8 +- .../public/components}/controls/field.tsx | 20 +- .../public/components}/controls/filter.tsx | 61 ++--- .../public/components}/controls/filters.tsx | 14 +- .../controls/has_extended_bounds.tsx | 9 +- .../public/components/controls/index.ts | 53 ++++ .../components}/controls/ip_range_type.tsx | 9 +- .../public/components}/controls/ip_ranges.tsx | 3 +- .../controls/is_filtered_by_collar.tsx | 22 +- .../components}/controls/metric_agg.test.tsx | 8 +- .../components}/controls/metric_agg.tsx | 7 +- .../components}/controls/min_doc_count.tsx | 6 +- .../components}/controls/missing_bucket.tsx | 24 +- .../components}/controls/number_interval.tsx | 16 +- .../public/components}/controls/order.tsx | 10 +- .../components}/controls/order_agg.test.tsx | 2 + .../public/components}/controls/order_agg.tsx | 8 +- .../public/components}/controls/order_by.tsx | 33 +-- .../components}/controls/other_bucket.tsx | 7 +- .../components}/controls/percentile_ranks.tsx | 21 +- .../components}/controls/percentiles.tsx | 21 +- .../public/components}/controls/precision.tsx | 16 +- .../controls/radius_ratio_option.tsx | 5 +- .../components/controls/range_control.tsx} | 7 +- .../public/components}/controls/ranges.tsx | 30 ++- .../public/components}/controls/raw_json.tsx | 9 +- .../components}/controls/rows_or_columns.tsx | 6 +- .../components}/controls/scale_metrics.tsx | 7 +- .../public/components}/controls/size.test.tsx | 0 .../public/components}/controls/size.tsx | 5 +- .../public/components}/controls/string.tsx | 4 +- .../public/components}/controls/sub_agg.tsx | 6 +- .../components}/controls/sub_metric.tsx | 10 +- .../public/components}/controls/switch.tsx | 4 +- .../public/components}/controls/test_utils.ts | 5 +- .../components}/controls/time_interval.tsx | 28 ++- .../controls/top_aggregate.test.tsx | 2 +- .../components}/controls/top_aggregate.tsx | 13 +- .../public/components}/controls/top_field.tsx | 7 +- .../public/components}/controls/top_size.tsx | 5 +- .../components}/controls/top_sort_field.tsx | 7 +- .../components}/controls/use_geocentroid.tsx | 5 +- .../components/controls/utils}/agg_utils.ts | 11 +- .../public/components/controls/utils/index.ts | 23 ++ .../controls/utils}/inline_comp_wrapper.tsx | 2 +- .../strings/comma_separated_list.test.ts} | 40 ++- .../utils/strings/comma_separated_list.ts} | 2 +- .../controls/utils/strings/index.ts} | 0 .../controls/utils/strings/prose.test.ts | 50 ++++ .../controls/utils/strings/prose.ts} | 9 +- .../controls/utils/use_handlers.ts} | 4 +- .../public}/components/sidebar/controls.tsx | 18 +- .../public}/components/sidebar/data_tab.tsx | 16 +- .../public}/components/sidebar/index.ts | 0 .../public}/components/sidebar/navbar.tsx | 0 .../public}/components/sidebar/sidebar.tsx | 11 +- .../components/sidebar/state/actions.ts | 4 +- .../components/sidebar/state/constants.ts | 0 .../sidebar/state/editor_form_state.ts | 0 .../public}/components/sidebar/state/index.ts | 2 +- .../components/sidebar/state/reducers.ts | 6 +- .../public}/default_editor.tsx | 16 +- .../public}/default_editor_controller.tsx | 25 +- .../vis_default_editor/public}/editor_size.ts | 0 .../vis_default_editor/public/index.scss} | 2 + .../vis_default_editor/public}/index.ts | 8 +- .../public/legacy_imports.ts | 58 +++++ .../vis_default_editor/public}/utils.test.tsx | 4 +- .../vis_default_editor/public}/utils.tsx | 0 .../public}/vis_options_props.tsx | 5 +- .../public}/vis_type_agg_filter.ts | 6 +- .../public/markdown_options.tsx | 2 +- .../vis_type_markdown/public/markdown_vis.ts | 3 +- .../public/settings_options.tsx | 2 +- .../components/metric_vis_component.test.tsx | 2 +- .../components/metric_vis_component.tsx | 4 +- .../public/components/metric_vis_options.tsx | 2 +- .../vis_type_metric/public/legacy_imports.ts | 6 +- .../public/components/table_vis_options.tsx | 3 +- .../vis_type_table/public/legacy_imports.ts | 6 +- .../__tests__/tag_cloud_visualization.js | 2 +- .../public/components/tag_cloud_options.tsx | 2 +- .../public/legacy_imports.ts} | 2 +- .../public/tag_cloud_type.ts | 4 +- .../public/components/timelion_interval.tsx | 2 +- .../public/components/timelion_vis.tsx | 2 +- .../helpers/timelion_request_handler.ts | 5 +- .../public/legacy_imports.ts | 5 - .../public/timelion_options.tsx | 2 +- .../public/timelion_vis_type.tsx | 10 +- .../public/__tests__/vega_visualization.js | 2 +- .../public/components/vega_vis_editor.tsx | 2 +- .../vis_type_vega/public/vega_type.ts | 4 +- .../components/common/basic_options.tsx | 2 +- .../public/components/common/color_ranges.tsx | 2 +- .../public/components/common/color_schema.tsx | 2 +- .../components/common/validation_wrapper.tsx | 2 +- .../public/components/options/gauge/index.tsx | 2 +- .../components/options/gauge/style_panel.tsx | 2 +- .../components/options/heatmap/index.tsx | 2 +- .../options/heatmap/labels_panel.tsx | 2 +- .../metrics_axes/category_axis_panel.tsx | 2 +- .../options/metrics_axes/chart_options.tsx | 2 +- .../options/metrics_axes/label_options.tsx | 2 +- .../options/metrics_axes/line_options.tsx | 2 +- .../options/metrics_axes/series_panel.tsx | 2 +- .../public/components/options/pie.tsx | 2 +- .../options/point_series/grid_panel.tsx | 2 +- .../vis_type_vislib/public/gauge.ts | 3 +- .../vis_type_vislib/public/heatmap.ts | 3 +- .../vis_type_vislib/public/legacy_imports.ts | 6 +- .../public/utils/common_config.tsx | 2 +- .../vis_type_vislib/public/vis_controller.tsx | 2 +- .../__tests__/visualizations/pie_chart.js | 3 +- .../core_plugins/visualizations/index.ts | 2 +- .../embeddable}/query_geohash_bounds.ts | 13 +- .../public/embeddable/visualize_embeddable.ts | 4 +- .../visualizations/public/index.ts | 2 - .../visualizations/public/legacy_imports.ts | 1 - .../public/np_ready/public/mocks.ts | 1 - .../np_ready/public/types/base_vis_type.js | 2 +- .../public/saved_visualizations/_saved_vis.ts | 5 +- .../tabify/__tests__/_get_columns.js | 2 +- .../tabify/__tests__/_integration.js | 2 +- .../tabify/__tests__/_response_writer.js | 2 +- .../agg_response/tabify/_get_columns.ts | 2 +- .../buckets/_terms_other_bucket_helper.js | 2 +- src/legacy/ui/public/agg_types/agg_config.ts | 4 +- src/legacy/ui/public/agg_types/agg_configs.ts | 12 +- .../default => agg_types}/agg_groups.ts | 4 +- src/legacy/ui/public/agg_types/agg_type.ts | 3 +- .../agg_types/buckets/_bucket_agg_type.ts | 2 +- .../buckets/_terms_other_bucket_helper.js | 2 +- .../agg_types/buckets/bucket_agg_types.ts | 1 + .../agg_types/buckets/date_histogram.ts | 6 - .../ui/public/agg_types/buckets/date_range.ts | 2 - .../ui/public/agg_types/buckets/filters.ts | 20 +- .../ui/public/agg_types/buckets/geo_hash.ts | 10 +- .../ui/public/agg_types/buckets/histogram.ts | 8 - .../ui/public/agg_types/buckets/ip_range.ts | 4 - .../ui/public/agg_types/buckets/range.ts | 4 - .../agg_types/buckets/significant_terms.ts | 2 - .../ui/public/agg_types/buckets/terms.ts | 37 +-- .../agg_types/filter/agg_type_filters.test.ts | 3 +- .../agg_types/filter/agg_type_filters.ts | 5 +- src/legacy/ui/public/agg_types/index.ts | 8 +- .../metrics/lib/parent_pipeline_agg_helper.ts | 27 +- .../lib/sibling_pipeline_agg_helper.ts | 20 +- .../agg_types/metrics/parent_pipeline.test.ts | 14 +- .../agg_types/metrics/percentile_ranks.ts | 2 - .../public/agg_types/metrics/percentiles.ts | 2 - .../metrics/sibling_pipeline.test.ts | 8 +- .../ui/public/agg_types/metrics/top_hit.ts | 10 - .../ui/public/agg_types/param_types/agg.ts | 4 +- .../ui/public/agg_types/param_types/base.ts | 4 +- .../ui/public/agg_types/param_types/field.ts | 4 +- .../param_types/filter/field_filters.test.ts | 2 +- .../param_types/filter/field_filters.ts | 4 +- .../ui/public/agg_types/param_types/json.ts | 6 +- .../public/agg_types/param_types/optioned.ts | 2 +- .../ui/public/agg_types/param_types/string.ts | 5 +- .../editors/default => agg_types}/schemas.ts | 11 +- .../ui/public/vis/__tests__/_agg_config.js | 2 +- .../ui/public/vis/__tests__/_agg_configs.js | 7 +- src/legacy/ui/public/vis/_index.scss | 1 - .../config/editor_config_providers.test.ts | 2 +- .../config/editor_config_providers.ts | 18 +- .../public/vis/{index.js => config/index.ts} | 3 +- .../public/vis/{editors => }/config/types.ts | 0 src/legacy/ui/public/vis/editors/_index.scss | 1 - .../public/vis/{index.d.ts => lib/index.ts} | 4 +- .../public/vis/vis_types/angular_vis_type.js | 72 ------ .../loader/pipeline_helpers/utilities.ts | 3 +- src/legacy/utils/index.d.ts | 4 - src/legacy/utils/index.js | 2 - src/legacy/utils/strings/__tests__/prose.js | 65 ----- .../public/layers/joins/inner_join.test.js | 5 +- .../es_geo_grid_source/es_geo_grid_source.js | 3 +- .../es_pew_pew_source/es_pew_pew_source.js | 3 +- .../public/layers/sources/es_term_source.js | 3 +- .../layers/sources/es_term_source.test.js | 3 +- .../rollup/public/visualize/editor_config.js | 2 +- .../translations/translations/ja-JP.json | 234 +++++++++--------- .../translations/translations/zh-CN.json | 234 +++++++++--------- 257 files changed, 1353 insertions(+), 1192 deletions(-) rename src/legacy/{ui/public/vis/vis_types/index.js => core_plugins/vis_default_editor/index.ts} (51%) create mode 100644 src/legacy/core_plugins/vis_default_editor/package.json rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/_agg.scss (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/_agg_params.scss (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/_default.scss (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/_sidebar.scss (92%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/__snapshots__/agg.test.tsx.snap (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/__snapshots__/agg_group.test.tsx.snap (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/__snapshots__/agg_params.test.tsx.snap (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg.test.tsx (96%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg.tsx (86%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_add.tsx (86%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_common_props.ts (90%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_group.test.tsx (90%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_group.tsx (94%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_group_helper.test.ts (98%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_group_helper.tsx (97%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_group_state.tsx (96%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_param.tsx (98%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_param_props.ts (85%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_params.test.tsx (93%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_params.tsx (91%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_params_helper.test.ts (90%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_params_helper.ts (83%) create mode 100644 src/legacy/core_plugins/vis_default_editor/public/components/agg_params_map.ts rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_params_state.ts (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/agg_select.tsx (87%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/__snapshots__/extended_bounds.test.tsx.snap (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/__snapshots__/metric_agg.test.tsx.snap (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/__snapshots__/size.test.tsx.snap (93%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/__snapshots__/top_aggregate.test.tsx.snap (95%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/agg_control_props.tsx (84%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/agg_utils.test.tsx (98%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/auto_precision.tsx (90%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/from_to_list.tsx (91%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/input_list.tsx (98%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/mask_list.tsx (89%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/number_list/__snapshots__/number_list.test.tsx.snap (95%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/number_list/__snapshots__/number_row.test.tsx.snap (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/number_list/index.ts (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/number_list/number_list.test.tsx (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/number_list/number_list.tsx (96%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/number_list/number_row.test.tsx (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/number_list/number_row.tsx (91%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/number_list/range.test.ts (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/number_list/range.ts (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/number_list/utils.test.ts (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/components/number_list/utils.ts (97%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/date_ranges.test.tsx (98%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/date_ranges.tsx (84%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/drop_partials.tsx (84%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/extended_bounds.test.tsx (98%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/extended_bounds.tsx (88%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/field.test.tsx (96%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/field.tsx (84%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/filter.tsx (64%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/filters.tsx (90%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/has_extended_bounds.tsx (84%) create mode 100644 src/legacy/core_plugins/vis_default_editor/public/components/controls/index.ts rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/ip_range_type.tsx (85%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/ip_ranges.tsx (97%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/is_filtered_by_collar.tsx (67%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/metric_agg.test.tsx (96%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/metric_agg.tsx (93%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/min_doc_count.tsx (83%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/missing_bucket.tsx (65%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/number_interval.tsx (86%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/order.tsx (89%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/order_agg.test.tsx (99%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/order_agg.tsx (90%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/order_by.tsx (75%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/other_bucket.tsx (84%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/percentile_ranks.tsx (80%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/percentiles.tsx (79%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/precision.tsx (82%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/radius_ratio_option.tsx (93%) rename src/legacy/{ui/public/agg_types/buckets/range_editor.tsx => core_plugins/vis_default_editor/public/components/controls/range_control.tsx} (81%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/ranges.tsx (89%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/raw_json.tsx (88%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/rows_or_columns.tsx (88%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/scale_metrics.tsx (86%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/size.test.tsx (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/size.tsx (93%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/string.tsx (96%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/sub_agg.tsx (91%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/sub_metric.tsx (86%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/switch.tsx (96%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/test_utils.ts (87%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/time_interval.tsx (85%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/top_aggregate.test.tsx (99%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/top_aggregate.tsx (92%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/top_field.tsx (86%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/top_size.tsx (92%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/top_sort_field.tsx (85%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public/components}/controls/use_geocentroid.tsx (90%) rename src/legacy/{ui/public/vis/editors/default/controls => core_plugins/vis_default_editor/public/components/controls/utils}/agg_utils.ts (91%) create mode 100644 src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/index.ts rename src/legacy/{ui/public/agg_types/buckets => core_plugins/vis_default_editor/public/components/controls/utils}/inline_comp_wrapper.tsx (94%) rename src/legacy/{utils/strings/__tests__/comma_separated_list.js => core_plugins/vis_default_editor/public/components/controls/utils/strings/comma_separated_list.test.ts} (51%) rename src/legacy/{utils/strings/comma_separated_list.js => core_plugins/vis_default_editor/public/components/controls/utils/strings/comma_separated_list.ts} (94%) rename src/legacy/{utils/strings/index.js => core_plugins/vis_default_editor/public/components/controls/utils/strings/index.ts} (100%) create mode 100644 src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/prose.test.ts rename src/legacy/{utils/strings/prose.js => core_plugins/vis_default_editor/public/components/controls/utils/strings/prose.ts} (88%) rename src/legacy/{ui/public/vis/editors/default/controls/utils.ts => core_plugins/vis_default_editor/public/components/controls/utils/use_handlers.ts} (94%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/sidebar/controls.tsx (85%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/sidebar/data_tab.tsx (90%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/sidebar/index.ts (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/sidebar/navbar.tsx (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/sidebar/sidebar.tsx (94%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/sidebar/state/actions.ts (97%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/sidebar/state/constants.ts (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/sidebar/state/editor_form_state.ts (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/sidebar/state/index.ts (95%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/components/sidebar/state/reducers.ts (96%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/default_editor.tsx (84%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/default_editor_controller.tsx (71%) rename src/legacy/{ui/public/vis => core_plugins/vis_default_editor/public}/editor_size.ts (100%) rename src/legacy/{ui/public/vis/editors/default/_index.scss => core_plugins/vis_default_editor/public/index.scss} (72%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/index.ts (78%) create mode 100644 src/legacy/core_plugins/vis_default_editor/public/legacy_imports.ts rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/utils.test.tsx (98%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/utils.tsx (100%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/vis_options_props.tsx (89%) rename src/legacy/{ui/public/vis/editors/default => core_plugins/vis_default_editor/public}/vis_type_agg_filter.ts (84%) rename src/legacy/{ui/public/visualize/loader/utils/index.ts => core_plugins/vis_type_tagcloud/public/legacy_imports.ts} (92%) rename src/legacy/{ui/public/visualize/loader/utils => core_plugins/visualizations/public/embeddable}/query_geohash_bounds.ts (91%) rename src/legacy/ui/public/{vis/editors/default => agg_types}/agg_groups.ts (86%) rename src/legacy/ui/public/{vis/editors/default => agg_types}/schemas.ts (83%) rename src/legacy/ui/public/vis/{editors => }/config/editor_config_providers.test.ts (99%) rename src/legacy/ui/public/vis/{editors => }/config/editor_config_providers.ts (92%) rename src/legacy/ui/public/vis/{index.js => config/index.ts} (89%) rename src/legacy/ui/public/vis/{editors => }/config/types.ts (100%) delete mode 100644 src/legacy/ui/public/vis/editors/_index.scss rename src/legacy/ui/public/vis/{index.d.ts => lib/index.ts} (84%) delete mode 100644 src/legacy/ui/public/vis/vis_types/angular_vis_type.js delete mode 100644 src/legacy/utils/strings/__tests__/prose.js diff --git a/.eslintrc.js b/.eslintrc.js index 310949b23fe36..97a35d8b50e56 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -88,6 +88,14 @@ module.exports = { 'react-hooks/exhaustive-deps': 'off', }, }, + { + files: [ + 'src/legacy/core_plugins/vis_default_editor/public/components/controls/**/*.{ts,tsx}', + ], + rules: { + 'react-hooks/exhaustive-deps': 'off', + }, + }, { files: ['src/legacy/ui/public/vis/**/*.{js,ts,tsx}'], rules: { diff --git a/.i18nrc.json b/.i18nrc.json index 4c115296b5b3e..af21f3426d75e 100644 --- a/.i18nrc.json +++ b/.i18nrc.json @@ -35,6 +35,7 @@ "tileMap": "src/legacy/core_plugins/tile_map", "timelion": ["src/legacy/core_plugins/timelion", "src/legacy/core_plugins/vis_type_timelion", "src/plugins/timelion"], "uiActions": "src/plugins/ui_actions", + "visDefaultEditor": "src/legacy/core_plugins/vis_default_editor", "visTypeMarkdown": "src/legacy/core_plugins/vis_type_markdown", "visTypeMetric": "src/legacy/core_plugins/vis_type_metric", "visTypeTable": "src/legacy/core_plugins/vis_type_table", diff --git a/src/legacy/core_plugins/input_control_vis/public/components/editor/controls_tab.tsx b/src/legacy/core_plugins/input_control_vis/public/components/editor/controls_tab.tsx index 214cff4ddf9d5..029e1f149d052 100644 --- a/src/legacy/core_plugins/input_control_vis/public/components/editor/controls_tab.tsx +++ b/src/legacy/core_plugins/input_control_vis/public/components/editor/controls_tab.tsx @@ -30,6 +30,8 @@ import { EuiSelect, } from '@elastic/eui'; +import { VisOptionsProps } from 'src/legacy/core_plugins/vis_default_editor/public'; +import { IIndexPattern } from 'src/plugins/data/public'; import { ControlEditor } from './control_editor'; import { addControl, @@ -42,8 +44,6 @@ import { ControlParamsOptions, } from '../../editor_utils'; import { getLineageMap, getParentCandidates } from '../../lineage'; -import { IIndexPattern } from '../../../../../../plugins/data/public'; -import { VisOptionsProps } from '../../legacy_imports'; import { InputControlVisDependencies } from '../../plugin'; interface ControlsTabUiState { diff --git a/src/legacy/core_plugins/input_control_vis/public/components/editor/options_tab.test.tsx b/src/legacy/core_plugins/input_control_vis/public/components/editor/options_tab.test.tsx index 36ec4d4446fd6..8c77f1b7c4b4f 100644 --- a/src/legacy/core_plugins/input_control_vis/public/components/editor/options_tab.test.tsx +++ b/src/legacy/core_plugins/input_control_vis/public/components/editor/options_tab.test.tsx @@ -21,8 +21,8 @@ import React from 'react'; import { shallow } from 'enzyme'; import { mountWithIntl } from 'test_utils/enzyme_helpers'; +import { Vis } from 'src/legacy/core_plugins/visualizations/public'; import { OptionsTab, OptionsTabProps } from './options_tab'; -import { Vis } from '../../legacy_imports'; describe('OptionsTab', () => { let props: OptionsTabProps; diff --git a/src/legacy/core_plugins/input_control_vis/public/components/editor/options_tab.tsx b/src/legacy/core_plugins/input_control_vis/public/components/editor/options_tab.tsx index 43f9e15302e51..95b14619c3416 100644 --- a/src/legacy/core_plugins/input_control_vis/public/components/editor/options_tab.tsx +++ b/src/legacy/core_plugins/input_control_vis/public/components/editor/options_tab.tsx @@ -23,7 +23,7 @@ import { EuiForm, EuiFormRow, EuiSwitch } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; import { EuiSwitchEvent } from '@elastic/eui'; -import { VisOptionsProps } from '../../legacy_imports'; +import { VisOptionsProps } from 'src/legacy/core_plugins/vis_default_editor/public'; interface OptionsTabParams { updateFiltersOnChange: boolean; diff --git a/src/legacy/core_plugins/input_control_vis/public/legacy_imports.ts b/src/legacy/core_plugins/input_control_vis/public/legacy_imports.ts index 9270cff84cc07..b6c4eb28e974f 100644 --- a/src/legacy/core_plugins/input_control_vis/public/legacy_imports.ts +++ b/src/legacy/core_plugins/input_control_vis/public/legacy_imports.ts @@ -22,8 +22,6 @@ import { SearchSource as SearchSourceClass, ISearchSource } from '../../../../pl export { SearchSourceFields } from '../../../../plugins/data/public'; -export { Vis, VisParams } from 'ui/vis'; -export { VisOptionsProps } from 'ui/vis/editors/default'; export { ValidatedDualRange } from 'ui/validated_range'; export type SearchSource = Class; diff --git a/src/legacy/core_plugins/input_control_vis/public/vis_controller.tsx b/src/legacy/core_plugins/input_control_vis/public/vis_controller.tsx index 849b58b8ee2da..9cdf777992ec5 100644 --- a/src/legacy/core_plugins/input_control_vis/public/vis_controller.tsx +++ b/src/legacy/core_plugins/input_control_vis/public/vis_controller.tsx @@ -21,7 +21,7 @@ import React from 'react'; import { render, unmountComponentAtNode } from 'react-dom'; import { I18nStart } from 'kibana/public'; -import { Vis, VisParams, SearchSource } from './legacy_imports'; +import { SearchSource } from './legacy_imports'; import { InputControlVis } from './components/vis/input_control_vis'; import { getControlFactory } from './control/control_factory'; @@ -31,6 +31,7 @@ import { RangeControl } from './control/range_control_factory'; import { ListControl } from './control/list_control_factory'; import { InputControlVisDependencies } from './plugin'; import { FilterManager, esFilters } from '../../../../plugins/data/public'; +import { VisParams, Vis } from '../../visualizations/public'; export const createInputControlVisController = (deps: InputControlVisDependencies) => { return class InputControlVisController { diff --git a/src/legacy/core_plugins/kibana/public/discover/kibana_services.ts b/src/legacy/core_plugins/kibana/public/discover/kibana_services.ts index 58406c74e9f38..9a0b0731b6b11 100644 --- a/src/legacy/core_plugins/kibana/public/discover/kibana_services.ts +++ b/src/legacy/core_plugins/kibana/public/discover/kibana_services.ts @@ -76,7 +76,6 @@ export { unhashUrl } from '../../../../../plugins/kibana_utils/public'; export { formatMsg, formatStack } from 'ui/notify/lib/index'; // EXPORT types -export { Vis } from 'ui/vis'; export { IndexPatternsContract, IIndexPattern, diff --git a/src/legacy/core_plugins/kibana/public/discover/np_ready/angular/discover.js b/src/legacy/core_plugins/kibana/public/discover/np_ready/angular/discover.js index 3f3333b7caec2..5e99cab1b3297 100644 --- a/src/legacy/core_plugins/kibana/public/discover/np_ready/angular/discover.js +++ b/src/legacy/core_plugins/kibana/public/discover/np_ready/angular/discover.js @@ -52,12 +52,12 @@ import { stateMonitorFactory, subscribeWithScope, tabifyAggResponse, - Vis, SavedObjectSaveModal, getAngularModule, ensureDefaultIndexPattern, registerTimefilterWithGlobalStateFactory, } from '../../kibana_services'; +import { Vis } from '../../../../../visualizations/public'; const { core, diff --git a/src/legacy/core_plugins/kibana/public/visualize/legacy_imports.ts b/src/legacy/core_plugins/kibana/public/visualize/legacy_imports.ts index e5165cac5c11e..b185dc577a3aa 100644 --- a/src/legacy/core_plugins/kibana/public/visualize/legacy_imports.ts +++ b/src/legacy/core_plugins/kibana/public/visualize/legacy_imports.ts @@ -65,9 +65,9 @@ export { KbnUrlProvider, RedirectWhenMissingProvider } from 'ui/url'; export { absoluteToParsedUrl } from 'ui/url/absolute_to_parsed_url'; export { KibanaParsedUrl } from 'ui/url/kibana_parsed_url'; -export { VisType } from 'ui/vis'; export { wrapInI18nContext } from 'ui/i18n'; export { DashboardConstants } from '../dashboard/np_ready/dashboard_constants'; export { VisSavedObject } from '../../../visualizations/public/embeddable/visualize_embeddable'; export { VISUALIZE_EMBEDDABLE_TYPE } from '../../../visualizations/public/embeddable'; +export { VisType } from '../../../visualizations/public'; diff --git a/src/legacy/core_plugins/kibana/public/visualize/np_ready/editor/editor.js b/src/legacy/core_plugins/kibana/public/visualize/np_ready/editor/editor.js index 2a4fdeb4e4016..96a583bec7dc9 100644 --- a/src/legacy/core_plugins/kibana/public/visualize/np_ready/editor/editor.js +++ b/src/legacy/core_plugins/kibana/public/visualize/np_ready/editor/editor.js @@ -57,7 +57,7 @@ export function initEditorDirective(app, deps) { }; }); - initVisEditorDirective(app); + initVisEditorDirective(app, deps); initVisualizationDirective(app, deps); } diff --git a/src/legacy/core_plugins/kibana/public/visualize/np_ready/editor/visualization_editor.js b/src/legacy/core_plugins/kibana/public/visualize/np_ready/editor/visualization_editor.js index 930dd1d930019..b2386f83b252c 100644 --- a/src/legacy/core_plugins/kibana/public/visualize/np_ready/editor/visualization_editor.js +++ b/src/legacy/core_plugins/kibana/public/visualize/np_ready/editor/visualization_editor.js @@ -17,7 +17,7 @@ * under the License. */ -export function initVisEditorDirective(app) { +export function initVisEditorDirective(app, deps) { app.directive('visualizationEditor', function($timeout, getAppState) { return { restrict: 'E', @@ -34,6 +34,9 @@ export function initVisEditorDirective(app) { $scope.renderFunction = () => { editor.render({ + core: deps.core, + data: deps.data, + embeddables: deps.embeddables, uiState: $scope.uiState, timeRange: $scope.timeRange, filters: $scope.filters, diff --git a/src/legacy/core_plugins/kibana/public/visualize/np_ready/types.d.ts b/src/legacy/core_plugins/kibana/public/visualize/np_ready/types.d.ts index 2e0eaeb484c0a..d3a8602226b57 100644 --- a/src/legacy/core_plugins/kibana/public/visualize/np_ready/types.d.ts +++ b/src/legacy/core_plugins/kibana/public/visualize/np_ready/types.d.ts @@ -17,11 +17,16 @@ * under the License. */ -import { TimeRange, Query, esFilters } from 'src/plugins/data/public'; +import { TimeRange, Query, esFilters, DataPublicPluginStart } from 'src/plugins/data/public'; +import { IEmbeddableStart } from 'src/plugins/embeddable/public'; +import { LegacyCoreStart } from 'kibana/public'; import { VisSavedObject, AppState, PersistedState } from '../legacy_imports'; export interface EditorRenderProps { appState: AppState; + core: LegacyCoreStart; + data: DataPublicPluginStart; + embeddables: IEmbeddableStart; filters: esFilters.Filter[]; uiState: PersistedState; timeRange: TimeRange; diff --git a/src/legacy/core_plugins/region_map/public/__tests__/region_map_visualization.js b/src/legacy/core_plugins/region_map/public/__tests__/region_map_visualization.js index b8caf8a9d13a2..55447905e6421 100644 --- a/src/legacy/core_plugins/region_map/public/__tests__/region_map_visualization.js +++ b/src/legacy/core_plugins/region_map/public/__tests__/region_map_visualization.js @@ -22,7 +22,6 @@ import ngMock from 'ng_mock'; import _ from 'lodash'; import ChoroplethLayer from '../choropleth_layer'; import LogstashIndexPatternStubProvider from 'fixtures/stubbed_logstash_index_pattern'; -import { Vis } from 'ui/vis'; import { ImageComparator } from 'test_utils/image_comparator'; import worldJson from './world.json'; import EMS_CATALOGUE from '../../../../ui/public/vis/__tests__/map/ems_mocks/sample_manifest.json'; @@ -40,6 +39,7 @@ import afterdatachangeandresizePng from './afterdatachangeandresize.png'; import aftercolorchangePng from './aftercolorchange.png'; import changestartupPng from './changestartup.png'; import { setup as visualizationsSetup } from '../../../visualizations/public/np_ready/public/legacy'; +import { Vis } from '../../../visualizations/public/np_ready/public/vis'; import { createRegionMapVisualization } from '../region_map_visualization'; import { createRegionMapTypeDefinition } from '../region_map_type'; diff --git a/src/legacy/core_plugins/region_map/public/components/region_map_options.tsx b/src/legacy/core_plugins/region_map/public/components/region_map_options.tsx index 287fb87e735a2..4219e2e715150 100644 --- a/src/legacy/core_plugins/region_map/public/components/region_map_options.tsx +++ b/src/legacy/core_plugins/region_map/public/components/region_map_options.tsx @@ -23,7 +23,7 @@ import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; import { FileLayerField, VectorLayer, ServiceSettings } from 'ui/vis/map/service_settings'; -import { VisOptionsProps } from 'ui/vis/editors/default'; +import { VisOptionsProps } from 'src/legacy/core_plugins/vis_default_editor/public'; import { NumberInputOption, SelectOption, SwitchOption } from '../../../vis_type_vislib/public'; import { WmsOptions } from '../../../tile_map/public/components/wms_options'; import { RegionMapVisParams } from '../types'; diff --git a/src/legacy/core_plugins/region_map/public/region_map_type.js b/src/legacy/core_plugins/region_map/public/region_map_type.js index c6c345782d5f5..a03fbe4b291e2 100644 --- a/src/legacy/core_plugins/region_map/public/region_map_type.js +++ b/src/legacy/core_plugins/region_map/public/region_map_type.js @@ -18,7 +18,7 @@ */ import React from 'react'; import { i18n } from '@kbn/i18n'; -import { Schemas } from 'ui/vis/editors/default/schemas'; +import { Schemas } from 'ui/agg_types'; import { mapToLayerWithId } from './util'; import { createRegionMapVisualization } from './region_map_visualization'; import { Status } from '../../visualizations/public'; diff --git a/src/legacy/core_plugins/tile_map/public/__tests__/coordinate_maps_visualization.js b/src/legacy/core_plugins/tile_map/public/__tests__/coordinate_maps_visualization.js index 2d32f85913dba..ef2ea831e84fd 100644 --- a/src/legacy/core_plugins/tile_map/public/__tests__/coordinate_maps_visualization.js +++ b/src/legacy/core_plugins/tile_map/public/__tests__/coordinate_maps_visualization.js @@ -20,7 +20,6 @@ import expect from '@kbn/expect'; import ngMock from 'ng_mock'; import LogstashIndexPatternStubProvider from 'fixtures/stubbed_logstash_index_pattern'; -import { Vis } from 'ui/vis'; import { ImageComparator } from 'test_utils/image_comparator'; import dummyESResponse from './dummy_es_response.json'; import initial from './initial.png'; @@ -34,6 +33,7 @@ import EMS_STYLE_ROAD_MAP_BRIGHT from '../../../../ui/public/vis/__tests__/map/e import EMS_STYLE_ROAD_MAP_DESATURATED from '../../../../ui/public/vis/__tests__/map/ems_mocks/sample_style_desaturated'; import EMS_STYLE_DARK_MAP from '../../../../ui/public/vis/__tests__/map/ems_mocks/sample_style_dark'; import { setup as visualizationsSetup } from '../../../visualizations/public/np_ready/public/legacy'; +import { Vis } from '../../../visualizations/public/np_ready/public/vis'; import { createTileMapVisualization } from '../tile_map_visualization'; import { createTileMapTypeDefinition } from '../tile_map_type'; diff --git a/src/legacy/core_plugins/tile_map/public/components/tile_map_options.tsx b/src/legacy/core_plugins/tile_map/public/components/tile_map_options.tsx index 4ab9f95ee4c3c..168f56b771b7e 100644 --- a/src/legacy/core_plugins/tile_map/public/components/tile_map_options.tsx +++ b/src/legacy/core_plugins/tile_map/public/components/tile_map_options.tsx @@ -21,7 +21,7 @@ import React, { useEffect } from 'react'; import { EuiPanel, EuiSpacer } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { VisOptionsProps } from 'ui/vis/editors/default'; +import { VisOptionsProps } from 'src/legacy/core_plugins/vis_default_editor/public'; import { BasicOptions, RangeOption, diff --git a/src/legacy/core_plugins/tile_map/public/components/wms_options.tsx b/src/legacy/core_plugins/tile_map/public/components/wms_options.tsx index a0b7a0a844f55..204ad5efa9b40 100644 --- a/src/legacy/core_plugins/tile_map/public/components/wms_options.tsx +++ b/src/legacy/core_plugins/tile_map/public/components/wms_options.tsx @@ -23,7 +23,7 @@ import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; import { TmsLayer } from 'ui/vis/map/service_settings'; -import { Vis } from 'ui/vis'; +import { Vis } from '../../../visualizations/public'; import { RegionMapVisParams } from '../../../region_map/public/types'; import { SelectOption, SwitchOption } from '../../../vis_type_vislib/public'; import { WmsInternalOptions } from './wms_internal_options'; diff --git a/src/legacy/core_plugins/tile_map/public/tile_map_type.js b/src/legacy/core_plugins/tile_map/public/tile_map_type.js index b4fca3009352a..80cec5b93f485 100644 --- a/src/legacy/core_plugins/tile_map/public/tile_map_type.js +++ b/src/legacy/core_plugins/tile_map/public/tile_map_type.js @@ -20,11 +20,11 @@ import React from 'react'; import { i18n } from '@kbn/i18n'; -import { Schemas } from 'ui/vis/editors/default/schemas'; import { convertToGeoJson } from 'ui/vis/map/convert_to_geojson'; +import { Schemas } from 'ui/agg_types'; -import { createTileMapVisualization } from './tile_map_visualization'; import { Status } from '../../visualizations/public'; +import { createTileMapVisualization } from './tile_map_visualization'; import { TileMapOptions } from './components/tile_map_options'; import { MapTypes } from './map_types'; import { supportsCssFilters } from './css_filters'; diff --git a/src/legacy/ui/public/vis/vis_types/index.js b/src/legacy/core_plugins/vis_default_editor/index.ts similarity index 51% rename from src/legacy/ui/public/vis/vis_types/index.js rename to src/legacy/core_plugins/vis_default_editor/index.ts index 113aa903df52f..ee7b5ee4a62ff 100644 --- a/src/legacy/ui/public/vis/vis_types/index.js +++ b/src/legacy/core_plugins/vis_default_editor/index.ts @@ -17,7 +17,26 @@ * under the License. */ -import { BaseVisType } from '../../../../core_plugins/visualizations/public/np_ready/public/types/base_vis_type'; -import { ReactVisType } from '../../../../core_plugins/visualizations/public/np_ready/public/types/react_vis_type'; +import { resolve } from 'path'; +import { Legacy } from 'kibana'; -export { BaseVisType, ReactVisType }; +import { LegacyPluginApi, LegacyPluginInitializer } from '../../../../src/legacy/types'; + +const vidDefaultEditorPluginInitializer: LegacyPluginInitializer = ({ Plugin }: LegacyPluginApi) => + new Plugin({ + id: 'vis_default_editor', + require: [], + publicDir: resolve(__dirname, 'public'), + uiExports: { + styleSheetPaths: resolve(__dirname, 'public/index.scss'), + }, + init: (server: Legacy.Server) => ({}), + config(Joi: any) { + return Joi.object({ + enabled: Joi.boolean().default(true), + }).default(); + }, + } as Legacy.PluginSpecOptions); + +// eslint-disable-next-line import/no-default-export +export default vidDefaultEditorPluginInitializer; diff --git a/src/legacy/core_plugins/vis_default_editor/package.json b/src/legacy/core_plugins/vis_default_editor/package.json new file mode 100644 index 0000000000000..77dcaff41da6b --- /dev/null +++ b/src/legacy/core_plugins/vis_default_editor/package.json @@ -0,0 +1,4 @@ +{ + "name": "vis_default_editor", + "version": "kibana" +} diff --git a/src/legacy/ui/public/vis/editors/default/_agg.scss b/src/legacy/core_plugins/vis_default_editor/public/_agg.scss similarity index 100% rename from src/legacy/ui/public/vis/editors/default/_agg.scss rename to src/legacy/core_plugins/vis_default_editor/public/_agg.scss diff --git a/src/legacy/ui/public/vis/editors/default/_agg_params.scss b/src/legacy/core_plugins/vis_default_editor/public/_agg_params.scss similarity index 100% rename from src/legacy/ui/public/vis/editors/default/_agg_params.scss rename to src/legacy/core_plugins/vis_default_editor/public/_agg_params.scss diff --git a/src/legacy/ui/public/vis/editors/default/_default.scss b/src/legacy/core_plugins/vis_default_editor/public/_default.scss similarity index 100% rename from src/legacy/ui/public/vis/editors/default/_default.scss rename to src/legacy/core_plugins/vis_default_editor/public/_default.scss diff --git a/src/legacy/ui/public/vis/editors/default/_sidebar.scss b/src/legacy/core_plugins/vis_default_editor/public/_sidebar.scss similarity index 92% rename from src/legacy/ui/public/vis/editors/default/_sidebar.scss rename to src/legacy/core_plugins/vis_default_editor/public/_sidebar.scss index cbe7172d62341..a38c729cb4622 100644 --- a/src/legacy/ui/public/vis/editors/default/_sidebar.scss +++ b/src/legacy/core_plugins/vis_default_editor/public/_sidebar.scss @@ -59,15 +59,6 @@ + .visEditorSidebar__section { margin-top: $euiSizeS; } - - label:not([class^='eui']) { - @include __legacyLabelStyles__bad; - display: block; - } - - .form-group label { - margin-bottom: $euiSizeS; - } } // Collapsible section diff --git a/src/legacy/ui/public/vis/editors/default/components/__snapshots__/agg.test.tsx.snap b/src/legacy/core_plugins/vis_default_editor/public/components/__snapshots__/agg.test.tsx.snap similarity index 100% rename from src/legacy/ui/public/vis/editors/default/components/__snapshots__/agg.test.tsx.snap rename to src/legacy/core_plugins/vis_default_editor/public/components/__snapshots__/agg.test.tsx.snap diff --git a/src/legacy/ui/public/vis/editors/default/components/__snapshots__/agg_group.test.tsx.snap b/src/legacy/core_plugins/vis_default_editor/public/components/__snapshots__/agg_group.test.tsx.snap similarity index 100% rename from src/legacy/ui/public/vis/editors/default/components/__snapshots__/agg_group.test.tsx.snap rename to src/legacy/core_plugins/vis_default_editor/public/components/__snapshots__/agg_group.test.tsx.snap diff --git a/src/legacy/ui/public/vis/editors/default/components/__snapshots__/agg_params.test.tsx.snap b/src/legacy/core_plugins/vis_default_editor/public/components/__snapshots__/agg_params.test.tsx.snap similarity index 100% rename from src/legacy/ui/public/vis/editors/default/components/__snapshots__/agg_params.test.tsx.snap rename to src/legacy/core_plugins/vis_default_editor/public/components/__snapshots__/agg_params.test.tsx.snap diff --git a/src/legacy/ui/public/vis/editors/default/components/agg.test.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/agg.test.tsx similarity index 96% rename from src/legacy/ui/public/vis/editors/default/components/agg.test.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/agg.test.tsx index 6849d00158b06..81c866923232e 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg.test.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg.test.tsx @@ -19,15 +19,18 @@ import React from 'react'; import { mount, shallow } from 'enzyme'; -import { VisState } from '../../..'; -import { AggGroupNames } from '../agg_groups'; -import { DefaultEditorAgg, DefaultEditorAggProps } from './agg'; import { act } from 'react-dom/test-utils'; + +import { IndexPattern } from 'src/plugins/data/public'; +import { VisState } from 'src/legacy/core_plugins/visualizations/public'; + +import { AggType, AggGroupNames } from '../legacy_imports'; +import { DefaultEditorAgg, DefaultEditorAggProps } from './agg'; import { DefaultEditorAggParams } from './agg_params'; -import { AggType } from 'ui/agg_types'; -import { IndexPattern } from '../../../../../../../plugins/data/public'; import { AGGS_ACTION_KEYS } from './agg_group_state'; +jest.mock('ui/new_platform'); + jest.mock('./agg_params', () => ({ DefaultEditorAggParams: () => null, })); @@ -173,11 +176,11 @@ describe('DefaultEditorAgg component', () => { it('should add schema component', () => { defaultProps.agg.schema = { - editorComponent: () =>
, + name: 'split', } as any; const comp = mount(); - expect(comp.find('.schemaComponent').exists()).toBeTruthy(); + expect(comp.find('RowsOrColumnsControl').exists()).toBeTruthy(); }); describe('agg actions', () => { diff --git a/src/legacy/ui/public/vis/editors/default/components/agg.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/agg.tsx similarity index 86% rename from src/legacy/ui/public/vis/editors/default/components/agg.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/agg.tsx index 5c5905abdb9f0..871bd0cdf6811 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg.tsx @@ -28,10 +28,12 @@ import { } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { AggConfig } from '../../..'; +import { AggConfig } from '../legacy_imports'; import { DefaultEditorAggParams } from './agg_params'; import { DefaultEditorAggCommonProps } from './agg_common_props'; import { AGGS_ACTION_KEYS, AggsAction } from './agg_group_state'; +import { RowsOrColumnsControl } from './controls/rows_or_columns'; +import { RadiusRatioOptionControl } from './controls/radius_ratio_option'; export interface DefaultEditorAggProps extends DefaultEditorAggCommonProps { agg: AggConfig; @@ -70,18 +72,27 @@ function DefaultEditorAgg({ const [validState, setValidState] = useState(true); const showDescription = !isEditorOpen && validState; const showError = !isEditorOpen && !validState; + const aggName = agg.type?.name; let disabledParams; let aggError; // When a Parent Pipeline agg is selected and this agg is the last bucket. const isLastBucketAgg = isLastBucket && lastParentPipelineAggTitle && agg.type; - const SchemaComponent = agg.schema.editorComponent; + let SchemaComponent; + + if (agg.schema.name === 'split') { + SchemaComponent = RowsOrColumnsControl; + } + + if (agg.schema.name === 'radius') { + SchemaComponent = RadiusRatioOptionControl; + } if (isLastBucketAgg) { - if (['date_histogram', 'histogram'].includes(agg.type.name)) { + if (['date_histogram', 'histogram'].includes(aggName)) { disabledParams = ['min_doc_count']; } else { - aggError = i18n.translate('common.ui.aggTypes.metrics.wrongLastBucketTypeErrorMessage', { + aggError = i18n.translate('visDefaultEditor.metrics.wrongLastBucketTypeErrorMessage', { defaultMessage: 'Last bucket aggregation must be "Date Histogram" or "Histogram" when using "{type}" metric aggregation.', values: { type: lastParentPipelineAggTitle }, @@ -104,16 +115,16 @@ function DefaultEditorAgg({ } useEffect(() => { - if (isLastBucketAgg && ['date_histogram', 'histogram'].includes(agg.type.name)) { + if (isLastBucketAgg && ['date_histogram', 'histogram'].includes(aggName)) { setAggParamValue( agg.id, 'min_doc_count', // "histogram" agg has an editor for "min_doc_count" param, which accepts boolean // "date_histogram" agg doesn't have an editor for "min_doc_count" param, it should be set as a numeric value - agg.type.name === 'histogram' ? true : 0 + aggName === 'histogram' ? true : 0 ); } - }, [lastParentPipelineAggTitle, isLastBucket, agg.type]); + }, [aggName, isLastBucketAgg, agg.id, setAggParamValue]); const setTouched = useCallback( (touched: boolean) => { @@ -123,7 +134,7 @@ function DefaultEditorAgg({ aggId: agg.id, }); }, - [setAggsState] + [agg.id, setAggsState] ); const setValidity = useCallback( @@ -135,7 +146,7 @@ function DefaultEditorAgg({ }); setValidState(isValid); }, - [setAggsState] + [agg.id, setAggsState] ); const onToggle = useCallback( @@ -156,7 +167,7 @@ function DefaultEditorAgg({ id: 'hasErrors', color: 'danger', type: 'alert', - tooltip: i18n.translate('common.ui.vis.editors.agg.errorsAriaLabel', { + tooltip: i18n.translate('visDefaultEditor.agg.errorsAriaLabel', { defaultMessage: 'Aggregation has errors', }), dataTestSubj: 'hasErrorsAggregationIcon', @@ -170,7 +181,7 @@ function DefaultEditorAgg({ disabled: isDisabled, type: 'eye', onClick: () => onToggleEnableAgg(agg.id, false), - tooltip: i18n.translate('common.ui.vis.editors.agg.disableAggButtonTooltip', { + tooltip: i18n.translate('visDefaultEditor.agg.disableAggButtonTooltip', { defaultMessage: 'Disable aggregation', }), dataTestSubj: 'toggleDisableAggregationBtn disable', @@ -182,7 +193,7 @@ function DefaultEditorAgg({ color: 'text', type: 'eyeClosed', onClick: () => onToggleEnableAgg(agg.id, true), - tooltip: i18n.translate('common.ui.vis.editors.agg.enableAggButtonTooltip', { + tooltip: i18n.translate('visDefaultEditor.agg.enableAggButtonTooltip', { defaultMessage: 'Enable aggregation', }), dataTestSubj: 'toggleDisableAggregationBtn enable', @@ -192,7 +203,7 @@ function DefaultEditorAgg({ actionIcons.push({ id: 'dragHandle', type: 'grab', - tooltip: i18n.translate('common.ui.vis.editors.agg.modifyPriorityButtonTooltip', { + tooltip: i18n.translate('visDefaultEditor.agg.modifyPriorityButtonTooltip', { defaultMessage: 'Modify priority by dragging', }), dataTestSubj: 'dragHandleBtn', @@ -204,7 +215,7 @@ function DefaultEditorAgg({ color: 'danger', type: 'cross', onClick: () => removeAgg(agg.id), - tooltip: i18n.translate('common.ui.vis.editors.agg.removeDimensionButtonTooltip', { + tooltip: i18n.translate('visDefaultEditor.agg.removeDimensionButtonTooltip', { defaultMessage: 'Remove dimension', }), dataTestSubj: 'removeDimensionBtn', @@ -259,7 +270,7 @@ function DefaultEditorAgg({ buttonClassName="eui-textTruncate" buttonContentClassName="visEditorSidebar__aggGroupAccordionButtonContent eui-textTruncate" className="visEditorSidebar__section visEditorSidebar__collapsible visEditorSidebar__collapsible--marginBottom" - aria-label={i18n.translate('common.ui.vis.editors.agg.toggleEditorButtonAriaLabel', { + aria-label={i18n.translate('visDefaultEditor.agg.toggleEditorButtonAriaLabel', { defaultMessage: 'Toggle {schema} editor', values: { schema: agg.schema.title }, })} diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_add.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/agg_add.tsx similarity index 86% rename from src/legacy/ui/public/vis/editors/default/components/agg_add.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_add.tsx index 21ee5b507e3b6..f5175126c31c1 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_add.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_add.tsx @@ -29,9 +29,7 @@ import { } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; import { i18n } from '@kbn/i18n'; -import { AggConfig } from '../../..'; -import { Schema } from '../schemas'; -import { AggGroupNames } from '../agg_groups'; +import { AggConfig, AggGroupNames, Schema } from '../legacy_imports'; interface DefaultEditorAggAddProps { group?: AggConfig[]; @@ -64,14 +62,14 @@ function DefaultEditorAggAdd({ data-test-subj={`visEditorAdd_${groupName}`} onClick={() => setIsPopoverOpen(!isPopoverOpen)} > - + ); const groupNameLabel = groupName === AggGroupNames.Buckets - ? i18n.translate('common.ui.vis.editors.aggAdd.bucketLabel', { defaultMessage: 'bucket' }) - : i18n.translate('common.ui.vis.editors.aggAdd.metricLabel', { defaultMessage: 'metric' }); + ? i18n.translate('visDefaultEditor.aggAdd.bucketLabel', { defaultMessage: 'bucket' }) + : i18n.translate('visDefaultEditor.aggAdd.metricLabel', { defaultMessage: 'metric' }); const isSchemaDisabled = (schema: Schema): boolean => { const count = group.filter(agg => agg.schema.name === schema.name).length; @@ -92,14 +90,14 @@ function DefaultEditorAggAdd({ {(groupName !== AggGroupNames.Buckets || !stats.count) && ( )} {groupName === AggGroupNames.Buckets && stats.count > 0 && ( diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_common_props.ts b/src/legacy/core_plugins/vis_default_editor/public/components/agg_common_props.ts similarity index 90% rename from src/legacy/ui/public/vis/editors/default/components/agg_common_props.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_common_props.ts index a0ddc9a757cc7..8d803810b647a 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_common_props.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_common_props.ts @@ -17,10 +17,8 @@ * under the License. */ -import { AggType } from 'ui/agg_types'; -import { AggConfig, VisState, VisParams } from 'ui/vis'; -import { AggGroupNames } from '../agg_groups'; -import { Schema } from '../schemas'; +import { VisState, VisParams } from 'src/legacy/core_plugins/visualizations/public'; +import { AggType, AggConfig, AggGroupNames, Schema } from '../legacy_imports'; type AggId = AggConfig['id']; type AggParams = AggConfig['params']; diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_group.test.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/agg_group.test.tsx similarity index 90% rename from src/legacy/ui/public/vis/editors/default/components/agg_group.test.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_group.test.tsx index ae36503c16133..9cbcc31bdc60e 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_group.test.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_group.test.tsx @@ -20,10 +20,8 @@ import React from 'react'; import { mount, shallow } from 'enzyme'; import { act } from 'react-dom/test-utils'; -import { VisState, AggConfig } from '../../../'; -import { Schema } from '../schemas'; -import { AggGroupNames } from '../agg_groups'; -import { AggConfigs } from '../../../../agg_types/agg_configs'; +import { VisState } from 'src/legacy/core_plugins/visualizations/public'; +import { AggConfigs, AggConfig, Schema } from '../legacy_imports'; import { DefaultEditorAggGroup, DefaultEditorAggGroupProps } from './agg_group'; import { DefaultEditorAgg } from './agg'; import { DefaultEditorAggAdd } from './agg_add'; @@ -37,6 +35,17 @@ jest.mock('@elastic/eui', () => ({ EuiPanel: 'eui-panel', })); +jest.mock('../legacy_imports', () => ({ + aggGroupNamesMap: () => ({ + metrics: 'Metrics', + buckets: 'Buckets', + }), + AggGroupNames: { + Metrics: 'metrics', + Buckets: 'buckets', + }, +})); + jest.mock('./agg', () => ({ DefaultEditorAgg: () =>
, })); @@ -92,7 +101,7 @@ describe('DefaultEditorAgg component', () => { defaultProps = { formIsTouched: false, metricAggs: [], - groupName: AggGroupNames.Metrics, + groupName: 'metrics', state: { aggs, } as VisState, @@ -129,7 +138,7 @@ describe('DefaultEditorAgg component', () => { }); it('should last bucket has truthy isLastBucket prop', () => { - defaultProps.groupName = AggGroupNames.Buckets; + defaultProps.groupName = 'buckets'; const comp = mount(); const lastAgg = comp.find(DefaultEditorAgg).last(); @@ -150,7 +159,7 @@ describe('DefaultEditorAgg component', () => { }); it('should show add button when schemas count is less than max', () => { - defaultProps.groupName = AggGroupNames.Buckets; + defaultProps.groupName = 'buckets'; const comp = shallow(); expect(comp.find(DefaultEditorAggAdd).exists()).toBeTruthy(); diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_group.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/agg_group.tsx similarity index 94% rename from src/legacy/ui/public/vis/editors/default/components/agg_group.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_group.tsx index 7416c36bd5cf1..3491414bec809 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_group.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_group.tsx @@ -30,8 +30,7 @@ import { } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { AggConfig } from '../../../../agg_types/agg_config'; -import { aggGroupNamesMap, AggGroupNames } from '../agg_groups'; +import { AggConfig, aggGroupNamesMap, AggGroupNames, Schema } from '../legacy_imports'; import { DefaultEditorAgg } from './agg'; import { DefaultEditorAggAdd } from './agg_add'; import { AddSchema, ReorderAggs, DefaultEditorAggCommonProps } from './agg_common_props'; @@ -42,7 +41,6 @@ import { getEnabledMetricAggsCount, } from './agg_group_helper'; import { aggGroupReducer, initAggsState, AGGS_ACTION_KEYS } from './agg_group_state'; -import { Schema } from '../schemas'; export interface DefaultEditorAggGroupProps extends DefaultEditorAggCommonProps { schemas: Schema[]; @@ -73,7 +71,7 @@ function DefaultEditorAggGroup({ // e.g. buckets can have no aggs const group: AggConfig[] = useMemo( () => state.aggs.aggs.filter((agg: AggConfig) => agg.schema.group === groupName) || [], - [state.aggs.aggs] + [groupName, state.aggs.aggs] ); const stats = { @@ -89,7 +87,7 @@ function DefaultEditorAggGroup({ const bucketsError = lastParentPipelineAggTitle && groupName === AggGroupNames.Buckets && !group.length - ? i18n.translate('common.ui.aggTypes.buckets.mustHaveBucketErrorMessage', { + ? i18n.translate('visDefaultEditor.buckets.mustHaveBucketErrorMessage', { defaultMessage: 'Add a bucket with "Date Histogram" or "Histogram" aggregation.', description: 'Date Histogram and Histogram should not be translated', }) @@ -120,6 +118,9 @@ function DefaultEditorAggGroup({ }); }); } + // adding all of the values to the deps array cause a circular re-render + // the logic should be rewised + // eslint-disable-next-line react-hooks/exhaustive-deps }, [formIsTouched]); useEffect(() => { diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_group_helper.test.ts b/src/legacy/core_plugins/vis_default_editor/public/components/agg_group_helper.test.ts similarity index 98% rename from src/legacy/ui/public/vis/editors/default/components/agg_group_helper.test.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_group_helper.test.ts index 6bb27d4a0c14e..dc007a294e0e1 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_group_helper.test.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_group_helper.test.ts @@ -17,7 +17,7 @@ * under the License. */ -import { AggConfig } from '../../../../agg_types/agg_config'; +import { AggConfig } from '../legacy_imports'; import { isAggRemovable, calcAggIsTooLow, diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_group_helper.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/agg_group_helper.tsx similarity index 97% rename from src/legacy/ui/public/vis/editors/default/components/agg_group_helper.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_group_helper.tsx index 847aa0b87d2d3..87f0d00d50a1d 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_group_helper.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_group_helper.tsx @@ -18,7 +18,7 @@ */ import { findIndex, isEmpty } from 'lodash'; -import { AggConfig } from '../../../../agg_types/agg_config'; +import { AggConfig } from '../legacy_imports'; import { AggsState } from './agg_group_state'; const isAggRemovable = (agg: AggConfig, group: AggConfig[]) => { diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_group_state.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/agg_group_state.tsx similarity index 96% rename from src/legacy/ui/public/vis/editors/default/components/agg_group_state.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_group_state.tsx index 0b787e45a5008..b06ca1c2ce57a 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_group_state.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_group_state.tsx @@ -17,7 +17,7 @@ * under the License. */ -import { AggConfig } from '../../../../agg_types/agg_config'; +import { AggConfig } from '../legacy_imports'; export enum AGGS_ACTION_KEYS { TOUCHED = 'aggsTouched', diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_param.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/agg_param.tsx similarity index 98% rename from src/legacy/ui/public/vis/editors/default/components/agg_param.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_param.tsx index d3bbf3cc9903a..44ddb1fac047d 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_param.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_param.tsx @@ -75,7 +75,7 @@ function DefaultEditorAggParam(props: DefaultEditorAggParamProps) { if (aggParam.shouldShow && !aggParam.shouldShow(agg)) { setValidity(true); } - }, [agg, agg.params.field]); + }, [agg, agg.params.field, aggParam, setValidity]); if (aggParam.shouldShow && !aggParam.shouldShow(agg)) { return null; diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_param_props.ts b/src/legacy/core_plugins/vis_default_editor/public/components/agg_param_props.ts similarity index 85% rename from src/legacy/ui/public/vis/editors/default/components/agg_param_props.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_param_props.ts index 953f49d84f5c5..01a41d3c412c2 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_param_props.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_param_props.ts @@ -17,12 +17,10 @@ * under the License. */ -import { AggParam } from 'ui/agg_types'; -import { AggConfig } from '../../../../agg_types/agg_config'; +import { Field } from 'src/plugins/data/public'; +import { VisState } from 'src/legacy/core_plugins/visualizations/public'; +import { AggConfig, AggParam, EditorConfig } from '../legacy_imports'; import { ComboBoxGroupedOptions } from '../utils'; -import { EditorConfig } from '../../config/types'; -import { VisState } from '../../..'; -import { Field } from '../../../../../../../plugins/data/public'; // NOTE: we cannot export the interface with export { InterfaceName } // as there is currently a bug on babel typescript transform plugin for it diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_params.test.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/agg_params.test.tsx similarity index 93% rename from src/legacy/ui/public/vis/editors/default/components/agg_params.test.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_params.test.tsx index 8c59d69da9478..d782c819c7c41 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_params.test.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_params.test.tsx @@ -19,10 +19,11 @@ import React from 'react'; import { mount, shallow } from 'enzyme'; -import { AggConfig, VisState } from '../../..'; + +import { VisState } from 'src/legacy/core_plugins/visualizations/public'; +import { IndexPattern } from 'src/plugins/data/public'; import { DefaultEditorAggParams, DefaultEditorAggParamsProps } from './agg_params'; -import { AggGroupNames } from '../agg_groups'; -import { IndexPattern } from '../../../../../../../plugins/data/public'; +import { AggConfig, AggGroupNames } from '../legacy_imports'; const mockEditorConfig = { useNormalizedEsInterval: { hidden: false, fixedValue: false }, @@ -34,15 +35,8 @@ const mockEditorConfig = { }, }; -jest.mock('ui/agg_types', () => ({ - aggTypes: { - byType: { - metrics: [], - buckets: [], - }, - }, -})); -jest.mock('../../config/editor_config_providers', () => ({ +jest.mock('ui/new_platform'); +jest.mock('ui/vis/config', () => ({ editorConfigProviders: { getConfigForAgg: jest.fn(() => mockEditorConfig), }, diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_params.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/agg_params.tsx similarity index 91% rename from src/legacy/ui/public/vis/editors/default/components/agg_params.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_params.tsx index 0f47d9a555d21..0d83860a1475a 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_params.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_params.tsx @@ -22,8 +22,15 @@ import { EuiForm, EuiAccordion, EuiSpacer, EuiFormRow } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import useUnmount from 'react-use/lib/useUnmount'; -import { AggConfig } from 'ui/agg_types/'; -import { IndexPattern } from '../../../../../../../plugins/data/public'; +import { IndexPattern } from 'src/plugins/data/public'; +import { + AggConfig, + AggGroupNames, + editorConfigProviders, + FixedParam, + TimeIntervalParam, + EditorParamConfig, +} from '../legacy_imports'; import { DefaultEditorAggSelect } from './agg_select'; import { DefaultEditorAggParam } from './agg_param'; @@ -38,9 +45,6 @@ import { AGG_PARAMS_ACTION_KEYS, initAggParamsState, } from './agg_params_state'; -import { editorConfigProviders } from '../../config/editor_config_providers'; -import { FixedParam, TimeIntervalParam, EditorParamConfig } from '../../config/types'; -import { AggGroupNames } from '../agg_groups'; import { DefaultEditorCommonProps } from './agg_common_props'; const FIXED_VALUE_PROP = 'fixedValue'; @@ -84,7 +88,7 @@ function DefaultEditorAggParams({ groupName, ]); const error = aggIsTooLow - ? i18n.translate('common.ui.vis.editors.aggParams.errors.aggWrongRunOrderErrorMessage', { + ? i18n.translate('visDefaultEditor.aggParams.errors.aggWrongRunOrderErrorMessage', { defaultMessage: '"{schema}" aggs must run before all other buckets!', values: { schema: agg.schema.title }, }) @@ -160,20 +164,21 @@ function DefaultEditorAggParams({ } } }); + // eslint-disable-next-line react-hooks/exhaustive-deps }, [editorConfig]); useEffect(() => { setTouched(false); - }, [agg.type]); + }, [agg.type, setTouched]); useEffect(() => { setValidity(isFormValid); - }, [isFormValid, agg.type]); + }, [isFormValid, agg.type, setValidity]); useEffect(() => { // when all invalid controls were touched or they are untouched setTouched(isAllInvalidParamsTouched); - }, [isAllInvalidParamsTouched]); + }, [isAllInvalidParamsTouched, setTouched]); return ( {params.advanced.map(param => { diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_params_helper.test.ts b/src/legacy/core_plugins/vis_default_editor/public/components/agg_params_helper.test.ts similarity index 90% rename from src/legacy/ui/public/vis/editors/default/components/agg_params_helper.test.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_params_helper.test.ts index c983bb7813de7..6f584b4329500 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_params_helper.test.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_params_helper.test.ts @@ -17,27 +17,29 @@ * under the License. */ -import { AggConfig, VisState } from '../../..'; -import { AggType } from 'ui/agg_types'; -import { IndexedArray } from 'ui/indexed_array'; +import { IndexPattern, Field } from 'src/plugins/data/public'; +import { VisState } from 'src/legacy/core_plugins/visualizations/public'; +import { + AggConfig, + AggType, + AggGroupNames, + BUCKET_TYPES, + IndexedArray, + EditorConfig, +} from '../legacy_imports'; import { getAggParamsToRender, getAggTypeOptions, isInvalidParamsTouched, } from './agg_params_helper'; -import { EditorConfig } from '../../config/types'; -import { IndexPattern, Field } from '../../../../../../../plugins/data/public'; - -jest.mock('ui/agg_types', () => ({ - aggTypes: { - metrics: [], - buckets: [], - }, -})); +import { FieldParamEditor, OrderByParamEditor } from './controls'; + jest.mock('../utils', () => ({ groupAndSortBy: jest.fn(() => ['indexedFields']), })); +jest.mock('ui/new_platform'); + describe('DefaultEditorAggParams helpers', () => { describe('getAggParamsToRender', () => { let agg: AggConfig; @@ -102,6 +104,8 @@ describe('DefaultEditorAggParams helpers', () => { const filterFieldTypes = ['number', 'boolean', 'date']; agg = ({ type: { + type: AggGroupNames.Buckets, + name: BUCKET_TYPES.TERMS, params: [ { name: 'field', @@ -110,11 +114,9 @@ describe('DefaultEditorAggParams helpers', () => { getAvailableFields: jest.fn((fields: IndexedArray) => fields.filter(({ type }) => filterFieldTypes.includes(type)) ), - editorComponent: jest.fn(), }, { name: 'orderBy', - editorComponent: jest.fn(), }, ], }, @@ -139,7 +141,7 @@ describe('DefaultEditorAggParams helpers', () => { aggParam: agg.type.params[0], editorConfig, indexedFields: ['indexedFields'], - paramEditor: agg.type.params[0].editorComponent, + paramEditor: FieldParamEditor, metricAggs, state, value: agg.params.field, @@ -149,7 +151,7 @@ describe('DefaultEditorAggParams helpers', () => { aggParam: agg.type.params[1], editorConfig, indexedFields: [], - paramEditor: agg.type.params[1].editorComponent, + paramEditor: OrderByParamEditor, metricAggs, state, value: agg.params.orderBy, diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_params_helper.ts b/src/legacy/core_plugins/vis_default_editor/public/components/agg_params_helper.ts similarity index 83% rename from src/legacy/ui/public/vis/editors/default/components/agg_params_helper.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_params_helper.ts index 3970238a68435..21154bd7ad603 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_params_helper.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_params_helper.ts @@ -18,15 +18,23 @@ */ import { get, isEmpty } from 'lodash'; -import { aggTypeFilters } from 'ui/agg_types/filter'; -import { aggTypes, AggParam, FieldParamType, AggType } from 'ui/agg_types'; -import { aggTypeFieldFilters } from 'ui/agg_types/param_types/filter'; -import { AggConfig, VisState } from '../../..'; + +import { IndexPattern, Field } from 'src/plugins/data/public'; +import { VisState } from 'src/legacy/core_plugins/visualizations/public'; import { groupAndSortBy, ComboBoxGroupedOptions } from '../utils'; -import { EditorConfig } from '../../config/types'; import { AggTypeState, AggParamsState } from './agg_params_state'; import { AggParamEditorProps } from './agg_param_props'; -import { IndexPattern, Field } from '../../../../../../../plugins/data/public'; +import { aggParamsMap } from './agg_params_map'; +import { + aggTypeFilters, + aggTypeFieldFilters, + aggTypes, + AggConfig, + AggParam, + FieldParamType, + AggType, + EditorConfig, +} from '../legacy_imports'; interface ParamInstanceBase { agg: AggConfig; @@ -79,14 +87,25 @@ function getAggParamsToRender({ agg, editorConfig, metricAggs, state }: ParamIns const type = param.advanced ? 'advanced' : 'basic'; + let paramEditor: ParamInstance['paramEditor']; + + if (agg.type.subtype && aggParamsMap[agg.type.subtype]) { + paramEditor = get(aggParamsMap, [agg.type.subtype, param.name]); + } else { + const aggType = agg.type.type; + const aggName = agg.type.name; + const aggParams = get(aggParamsMap, [aggType, aggName], {}); + paramEditor = get(aggParams, param.name) || get(aggParamsMap, ['common', param.type]); + } + // show params with an editor component - if (param.editorComponent) { + if (paramEditor) { params[type].push({ agg, aggParam: param, editorConfig, indexedFields, - paramEditor: param.editorComponent, + paramEditor, metricAggs, state, value: agg.params[param.name], diff --git a/src/legacy/core_plugins/vis_default_editor/public/components/agg_params_map.ts b/src/legacy/core_plugins/vis_default_editor/public/components/agg_params_map.ts new file mode 100644 index 0000000000000..7caa775dd4fa4 --- /dev/null +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_params_map.ts @@ -0,0 +1,106 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import * as controls from './controls'; +import { + AggGroupNames, + BUCKET_TYPES, + METRIC_TYPES, + siblingPipelineType, + parentPipelineType, +} from '../legacy_imports'; +import { wrapWithInlineComp } from './controls/utils'; + +const buckets = { + [BUCKET_TYPES.DATE_HISTOGRAM]: { + scaleMetricValues: controls.ScaleMetricsParamEditor, + interval: controls.TimeIntervalParamEditor, + drop_partials: controls.DropPartialsParamEditor, + }, + [BUCKET_TYPES.DATE_RANGE]: { + ranges: controls.DateRangesParamEditor, + }, + [BUCKET_TYPES.FILTERS]: { + filters: controls.FiltersParamEditor, + }, + [BUCKET_TYPES.GEOHASH_GRID]: { + autoPrecision: controls.AutoPrecisionParamEditor, + precision: controls.PrecisionParamEditor, + useGeocentroid: controls.UseGeocentroidParamEditor, + isFilteredByCollar: controls.IsFilteredByCollarParamEditor, + }, + [BUCKET_TYPES.HISTOGRAM]: { + interval: controls.NumberIntervalParamEditor, + min_doc_count: controls.MinDocCountParamEditor, + has_extended_bounds: controls.HasExtendedBoundsParamEditor, + extended_bounds: controls.ExtendedBoundsParamEditor, + }, + [BUCKET_TYPES.IP_RANGE]: { + ipRangeType: controls.IpRangeTypeParamEditor, + ranges: controls.IpRangesParamEditor, + }, + [BUCKET_TYPES.RANGE]: { + ranges: controls.RangesControl, + }, + [BUCKET_TYPES.SIGNIFICANT_TERMS]: { + size: controls.SizeParamEditor, + }, + [BUCKET_TYPES.TERMS]: { + orderBy: controls.OrderByParamEditor, + orderAgg: controls.OrderAggParamEditor, + order: wrapWithInlineComp(controls.OrderParamEditor), + size: wrapWithInlineComp(controls.SizeParamEditor), + otherBucket: controls.OtherBucketParamEditor, + missingBucket: controls.MissingBucketParamEditor, + }, +}; + +const metrics = { + [METRIC_TYPES.TOP_HITS]: { + field: controls.TopFieldParamEditor, + aggregate: wrapWithInlineComp(controls.TopAggregateParamEditor), + size: wrapWithInlineComp(controls.TopSizeParamEditor), + sortField: controls.TopSortFieldParamEditor, + sortOrder: controls.OrderParamEditor, + }, + [METRIC_TYPES.PERCENTILES]: { + percents: controls.PercentilesEditor, + }, + [METRIC_TYPES.PERCENTILE_RANKS]: { + values: controls.PercentileRanksEditor, + }, +}; + +export const aggParamsMap = { + common: { + string: controls.StringParamEditor, + json: controls.RawJsonParamEditor, + field: controls.FieldParamEditor, + }, + [siblingPipelineType]: { + customBucket: controls.SubMetricParamEditor, + customMetric: controls.SubMetricParamEditor, + }, + [parentPipelineType]: { + metricAgg: controls.MetricAggParamEditor, + customMetric: controls.SubAggParamEditor, + }, + [AggGroupNames.Buckets]: buckets, + [AggGroupNames.Metrics]: metrics, +}; diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_params_state.ts b/src/legacy/core_plugins/vis_default_editor/public/components/agg_params_state.ts similarity index 100% rename from src/legacy/ui/public/vis/editors/default/components/agg_params_state.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_params_state.ts diff --git a/src/legacy/ui/public/vis/editors/default/components/agg_select.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/agg_select.tsx similarity index 87% rename from src/legacy/ui/public/vis/editors/default/components/agg_select.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/agg_select.tsx index 6b6bb93b29b3e..2a9c74521e525 100644 --- a/src/legacy/ui/public/vis/editors/default/components/agg_select.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/agg_select.tsx @@ -22,10 +22,10 @@ import React, { useEffect, useCallback } from 'react'; import { EuiComboBox, EuiComboBoxOptionProps, EuiFormRow, EuiLink, EuiText } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { AggType } from 'ui/agg_types'; -import { documentationLinks } from '../../../../documentation_links/documentation_links'; + +import { IndexPattern } from 'src/plugins/data/public'; +import { AggType, documentationLinks } from '../legacy_imports'; import { ComboBoxGroupedOptions } from '../utils'; -import { IndexPattern } from '../../../../../../../plugins/data/public'; import { AGG_TYPE_ACTION_KEYS, AggTypeAction } from './agg_params_state'; interface DefaultEditorAggSelectProps { @@ -57,12 +57,12 @@ function DefaultEditorAggSelect({ const label = isSubAggregation ? ( ) : ( ); @@ -76,7 +76,7 @@ function DefaultEditorAggSelect({ @@ -88,7 +88,7 @@ function DefaultEditorAggSelect({ if (!aggTypeOptions.length) { errors.push( - i18n.translate('common.ui.vis.defaultEditor.aggSelect.noCompatibleAggsDescription', { + i18n.translate('visDefaultEditor.aggSelect.noCompatibleAggsDescription', { defaultMessage: 'The index pattern {indexPatternTitle} does not have any aggregatable fields.', values: { @@ -121,13 +121,13 @@ function DefaultEditorAggSelect({ useEffect(() => { setValidity(isValid); - }, [isValid]); + }, [isValid, setValidity]); useEffect(() => { if (errors.length) { setTouched(); } - }, [errors.length]); + }, [errors.length, setTouched]); return ( diff --git a/src/legacy/ui/public/vis/editors/default/controls/__snapshots__/top_aggregate.test.tsx.snap b/src/legacy/core_plugins/vis_default_editor/public/components/controls/__snapshots__/top_aggregate.test.tsx.snap similarity index 95% rename from src/legacy/ui/public/vis/editors/default/controls/__snapshots__/top_aggregate.test.tsx.snap rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/__snapshots__/top_aggregate.test.tsx.snap index b3a2c058de976..2a1e688026307 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/__snapshots__/top_aggregate.test.tsx.snap +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/__snapshots__/top_aggregate.test.tsx.snap @@ -13,7 +13,7 @@ exports[`TopAggregateParamEditor should init with the default set of props 1`] = diff --git a/src/legacy/ui/public/vis/editors/default/controls/agg_control_props.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/agg_control_props.tsx similarity index 84% rename from src/legacy/ui/public/vis/editors/default/controls/agg_control_props.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/agg_control_props.tsx index 55cd237a56689..c8b5196d3b299 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/agg_control_props.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/agg_control_props.tsx @@ -17,8 +17,9 @@ * under the License. */ -import { AggConfig, VisParams } from 'ui/vis'; -import { DefaultEditorAggCommonProps } from '../components/agg_common_props'; +import { VisParams } from 'src/legacy/core_plugins/visualizations/public'; +import { AggConfig } from '../../legacy_imports'; +import { DefaultEditorAggCommonProps } from '../agg_common_props'; export interface AggControlProps { agg: AggConfig; diff --git a/src/legacy/ui/public/vis/editors/default/controls/agg_utils.test.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/agg_utils.test.tsx similarity index 98% rename from src/legacy/ui/public/vis/editors/default/controls/agg_utils.test.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/agg_utils.test.tsx index 9a96cc2221bd4..5c69fd0f1c091 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/agg_utils.test.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/agg_utils.test.tsx @@ -20,14 +20,14 @@ import React, { FunctionComponent } from 'react'; import { mount, ReactWrapper } from 'enzyme'; -import { AggConfig } from 'ui/agg_types'; +import { AggConfig } from '../../legacy_imports'; import { safeMakeLabel, useAvailableOptions, useFallbackMetric, useValidation, CUSTOM_METRIC, -} from './agg_utils'; +} from './utils'; type Callback = () => void; diff --git a/src/legacy/ui/public/vis/editors/default/controls/auto_precision.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/auto_precision.tsx similarity index 90% rename from src/legacy/ui/public/vis/editors/default/controls/auto_precision.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/auto_precision.tsx index 53f74465e90a5..e49a12333bdca 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/auto_precision.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/auto_precision.tsx @@ -21,10 +21,10 @@ import React from 'react'; import { EuiSwitch, EuiFormRow } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { AggParamEditorProps } from '..'; +import { AggParamEditorProps } from '../agg_param_props'; function AutoPrecisionParamEditor({ value = false, setValue }: AggParamEditorProps) { - const label = i18n.translate('common.ui.aggTypes.changePrecisionLabel', { + const label = i18n.translate('visDefaultEditor.controls.changePrecisionLabel', { defaultMessage: 'Change precision on map zoom', }); diff --git a/src/legacy/ui/public/vis/editors/default/controls/components/from_to_list.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/components/from_to_list.tsx similarity index 91% rename from src/legacy/ui/public/vis/editors/default/controls/components/from_to_list.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/components/from_to_list.tsx index 57787c58a2e5b..e52b2c85b63fa 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/components/from_to_list.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/components/from_to_list.tsx @@ -20,7 +20,8 @@ import React from 'react'; import { EuiFieldText, EuiFlexItem, EuiIcon } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { Ipv4Address } from '../../../../../../../../plugins/kibana_utils/public'; + +import { Ipv4Address } from '../../../../../../../plugins/kibana_utils/public'; import { InputList, InputListConfig, InputModel, InputObject, InputItem } from './input_list'; const EMPTY_STRING = ''; @@ -59,7 +60,7 @@ function FromToList({ showValidation, onBlur, ...rest }: FromToListProps) { to: { value: item.to || EMPTY_STRING, model: item.to || EMPTY_STRING, isInvalid: false }, }), getRemoveBtnAriaLabel: (item: FromToModel) => - i18n.translate('common.ui.aggTypes.ipRanges.removeRangeAriaLabel', { + i18n.translate('visDefaultEditor.controls.ipRanges.removeRangeAriaLabel', { defaultMessage: 'Remove the range of {from} to {to}', values: { from: item.from.value || '*', to: item.to.value || '*' }, }), @@ -78,7 +79,7 @@ function FromToList({ showValidation, onBlur, ...rest }: FromToListProps) { <> diff --git a/src/legacy/ui/public/vis/editors/default/controls/components/mask_list.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/components/mask_list.tsx similarity index 89% rename from src/legacy/ui/public/vis/editors/default/controls/components/mask_list.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/components/mask_list.tsx index b48f07512332e..625b09b05d28f 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/components/mask_list.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/components/mask_list.tsx @@ -20,8 +20,9 @@ import React from 'react'; import { EuiFieldText, EuiFlexItem } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { CidrMask } from '../../../../../agg_types/buckets/lib/cidr_mask'; + import { InputList, InputListConfig, InputObject, InputModel, InputItem } from './input_list'; +import { CidrMask } from '../../../legacy_imports'; const EMPTY_STRING = ''; @@ -56,11 +57,11 @@ function MaskList({ showValidation, onBlur, ...rest }: MaskListProps) { }), getRemoveBtnAriaLabel: (item: MaskModel) => item.mask.value - ? i18n.translate('common.ui.aggTypes.ipRanges.removeCidrMaskButtonAriaLabel', { + ? i18n.translate('visDefaultEditor.controls.ipRanges.removeCidrMaskButtonAriaLabel', { defaultMessage: 'Remove the CIDR mask value of {mask}', values: { mask: item.mask.value }, }) - : i18n.translate('common.ui.aggTypes.ipRanges.removeEmptyCidrMaskButtonAriaLabel', { + : i18n.translate('visDefaultEditor.controls.ipRanges.removeEmptyCidrMaskButtonAriaLabel', { defaultMessage: 'Remove the CIDR mask default value', }), onChangeFn: ({ mask }: MaskModel) => { @@ -73,7 +74,7 @@ function MaskList({ showValidation, onBlur, ...rest }: MaskListProps) { renderInputRow: ({ mask }: MaskModel, index, onChangeValue) => ( diff --git a/src/legacy/ui/public/vis/editors/default/controls/components/number_list/number_row.test.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/number_row.test.tsx similarity index 100% rename from src/legacy/ui/public/vis/editors/default/controls/components/number_list/number_row.test.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/number_row.test.tsx diff --git a/src/legacy/ui/public/vis/editors/default/controls/components/number_list/number_row.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/number_row.tsx similarity index 91% rename from src/legacy/ui/public/vis/editors/default/controls/components/number_list/number_row.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/number_row.tsx index 777b0a94f0f3d..6101cce182d46 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/components/number_list/number_row.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/number_row.tsx @@ -54,7 +54,7 @@ function NumberRow({ onChange, }: NumberRowProps) { const deleteBtnAriaLabel = i18n.translate( - 'common.ui.aggTypes.numberList.removeUnitButtonAriaLabel', + 'visDefaultEditor.controls.numberList.removeUnitButtonAriaLabel', { defaultMessage: 'Remove the rank value of {value}', values: { value: model.value }, @@ -80,9 +80,12 @@ function NumberRow({ autoFocus={autoFocus} compressed={true} isInvalid={isInvalid} - placeholder={i18n.translate('common.ui.aggTypes.numberList.enterValuePlaceholder', { - defaultMessage: 'Enter a value', - })} + placeholder={i18n.translate( + 'visDefaultEditor.controls.numberList.enterValuePlaceholder', + { + defaultMessage: 'Enter a value', + } + )} onChange={onValueChanged} value={model.value} fullWidth={true} diff --git a/src/legacy/ui/public/vis/editors/default/controls/components/number_list/range.test.ts b/src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/range.test.ts similarity index 100% rename from src/legacy/ui/public/vis/editors/default/controls/components/number_list/range.test.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/range.test.ts diff --git a/src/legacy/ui/public/vis/editors/default/controls/components/number_list/range.ts b/src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/range.ts similarity index 100% rename from src/legacy/ui/public/vis/editors/default/controls/components/number_list/range.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/range.ts diff --git a/src/legacy/ui/public/vis/editors/default/controls/components/number_list/utils.test.ts b/src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/utils.test.ts similarity index 100% rename from src/legacy/ui/public/vis/editors/default/controls/components/number_list/utils.test.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/utils.test.ts diff --git a/src/legacy/ui/public/vis/editors/default/controls/components/number_list/utils.ts b/src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/utils.ts similarity index 97% rename from src/legacy/ui/public/vis/editors/default/controls/components/number_list/utils.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/utils.ts index 399253f27445c..e0f32366fc265 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/components/number_list/utils.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/components/number_list/utils.ts @@ -51,7 +51,7 @@ function validateValue(value: number | '', numberRange: NumberListRange) { result.isInvalid = true; } else if (!numberRange.within(value)) { result.isInvalid = true; - result.error = i18n.translate('common.ui.aggTypes.numberList.invalidRangeErrorMessage', { + result.error = i18n.translate('visDefaultEditor.controls.numberList.invalidRangeErrorMessage', { defaultMessage: 'The value should be in the range of {min} to {max}.', values: { min: numberRange.min, max: numberRange.max }, }); diff --git a/src/legacy/ui/public/vis/editors/default/controls/date_ranges.test.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/date_ranges.test.tsx similarity index 98% rename from src/legacy/ui/public/vis/editors/default/controls/date_ranges.test.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/date_ranges.test.tsx index ec5fadab5fd2d..92212c3ad1a5c 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/date_ranges.test.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/date_ranges.test.tsx @@ -21,7 +21,7 @@ import React from 'react'; import { mountWithIntl } from 'test_utils/enzyme_helpers'; import { DateRangesParamEditor } from './date_ranges'; -jest.mock('../../../../documentation_links', () => ({ +jest.mock('../../legacy_imports', () => ({ getDocLink: jest.fn(), })); diff --git a/src/legacy/ui/public/vis/editors/default/controls/date_ranges.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/date_ranges.tsx similarity index 84% rename from src/legacy/ui/public/vis/editors/default/controls/date_ranges.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/date_ranges.tsx index 9cef3e1b218e9..adeadc6e38535 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/date_ranges.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/date_ranges.tsx @@ -36,8 +36,9 @@ import dateMath from '@elastic/datemath'; import { FormattedMessage } from '@kbn/i18n/react'; import { i18n } from '@kbn/i18n'; import { isEqual, omit } from 'lodash'; -import { getDocLink } from '../../../../documentation_links'; -import { AggParamEditorProps } from '..'; + +import { AggParamEditorProps } from '../agg_param_props'; +import { getDocLink } from '../../legacy_imports'; const FROM_PLACEHOLDER = '\u2212\u221E'; const TO_PLACEHOLDER = '+\u221E'; @@ -116,7 +117,7 @@ function DateRangesParamEditor({ @@ -125,7 +126,7 @@ function DateRangesParamEditor({ {ranges.map(({ from, to, id }) => { const deleteBtnTitle = i18n.translate( - 'common.ui.aggTypes.dateRanges.removeRangeButtonAriaLabel', + 'visDefaultEditor.controls.dateRanges.removeRangeButtonAriaLabel', { defaultMessage: 'Remove the range of {from} to {to}', values: { from: from || FROM_PLACEHOLDER, to: to || TO_PLACEHOLDER }, @@ -138,11 +139,14 @@ function DateRangesParamEditor({ @@ -197,7 +204,7 @@ function DateRangesParamEditor({ diff --git a/src/legacy/ui/public/vis/editors/default/controls/drop_partials.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/drop_partials.tsx similarity index 84% rename from src/legacy/ui/public/vis/editors/default/controls/drop_partials.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/drop_partials.tsx index 52189452af776..b112598d1a09b 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/drop_partials.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/drop_partials.tsx @@ -20,16 +20,16 @@ import React from 'react'; import { i18n } from '@kbn/i18n'; import { SwitchParamEditor } from './switch'; -import { AggParamEditorProps } from '..'; +import { AggParamEditorProps } from '../agg_param_props'; function DropPartialsParamEditor(props: AggParamEditorProps) { return ( { let defaultProps: Partial>; diff --git a/src/legacy/ui/public/vis/editors/default/controls/extended_bounds.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/extended_bounds.tsx similarity index 88% rename from src/legacy/ui/public/vis/editors/default/controls/extended_bounds.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/extended_bounds.tsx index c933261cb45e6..14652f435cf5b 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/extended_bounds.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/extended_bounds.tsx @@ -22,8 +22,9 @@ import React, { ChangeEvent } from 'react'; import { EuiFieldNumber, EuiFlexGroup, EuiFlexItem, EuiFormRow } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { isUndefined } from 'lodash'; -import { useValidation } from './agg_utils'; -import { AggParamEditorProps } from '..'; + +import { useValidation } from './utils'; +import { AggParamEditorProps } from '../agg_param_props'; export interface Bounds { min: number | ''; @@ -45,11 +46,11 @@ function ExtendedBoundsParamEditor({ showValidation, setTouched, }: AggParamEditorProps) { - const minLabel = i18n.translate('common.ui.aggTypes.extendedBounds.minLabel', { + const minLabel = i18n.translate('visDefaultEditor.controls.extendedBounds.minLabel', { defaultMessage: 'Min', }); - const maxLabel = i18n.translate('common.ui.aggTypes.extendedBounds.maxLabel', { + const maxLabel = i18n.translate('visDefaultEditor.controls.extendedBounds.maxLabel', { defaultMessage: 'Max', }); @@ -57,7 +58,7 @@ function ExtendedBoundsParamEditor({ let error; if (!isValid) { - error = i18n.translate('common.ui.aggTypes.extendedBounds.errorMessage', { + error = i18n.translate('visDefaultEditor.controls.extendedBounds.errorMessage', { defaultMessage: 'Min should be less than or equal to Max.', }); } diff --git a/src/legacy/ui/public/vis/editors/default/controls/field.test.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/field.test.tsx similarity index 96% rename from src/legacy/ui/public/vis/editors/default/controls/field.test.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/field.test.tsx index 67ce3ba6d5072..e43304fe07347 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/field.test.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/field.test.tsx @@ -21,10 +21,12 @@ import React from 'react'; import { act } from 'react-dom/test-utils'; import { mount, shallow, ReactWrapper } from 'enzyme'; import { EuiComboBoxProps, EuiComboBox } from '@elastic/eui'; -import { Field } from '../../../../../../../plugins/data/public'; -import { ComboBoxGroupedOptions } from '..'; + +import { Field } from 'src/plugins/data/public'; +import { VisState } from 'src/legacy/core_plugins/visualizations/public'; +import { ComboBoxGroupedOptions } from '../../utils'; import { FieldParamEditor, FieldParamEditorProps } from './field'; -import { AggConfig, VisState } from '../../..'; +import { AggConfig } from '../../legacy_imports'; function callComboBoxOnChange(comp: ReactWrapper, value: any = []) { const comboBoxProps: EuiComboBoxProps = comp.find(EuiComboBox).props(); diff --git a/src/legacy/ui/public/vis/editors/default/controls/field.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/field.tsx similarity index 84% rename from src/legacy/ui/public/vis/editors/default/controls/field.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/field.tsx index b8cd0d630a019..38c55e8fe3f24 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/field.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/field.tsx @@ -22,14 +22,16 @@ import React, { useEffect } from 'react'; import { EuiComboBox, EuiComboBoxOptionProps, EuiFormRow } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { AggConfig } from '../../..'; -import { Field } from '../../../../../../../plugins/data/public'; -import { formatListAsProse, parseCommaSeparatedList } from '../../../../../../utils'; -import { AggParam, FieldParamType } from '../../../../agg_types'; -import { useValidation } from './agg_utils'; -import { AggParamEditorProps, ComboBoxGroupedOptions } from '..'; -const label = i18n.translate('common.ui.aggTypes.field.fieldLabel', { defaultMessage: 'Field' }); +import { Field } from 'src/plugins/data/public'; +import { AggConfig, AggParam, FieldParamType } from '../../legacy_imports'; +import { formatListAsProse, parseCommaSeparatedList, useValidation } from './utils'; +import { AggParamEditorProps } from '../agg_param_props'; +import { ComboBoxGroupedOptions } from '../../utils'; + +const label = i18n.translate('visDefaultEditor.controls.field.fieldLabel', { + defaultMessage: 'Field', +}); export interface FieldParamEditorProps extends AggParamEditorProps { customError?: string; @@ -66,7 +68,7 @@ function FieldParamEditor({ if (!indexedFields.length) { errors.push( - i18n.translate('common.ui.aggTypes.field.noCompatibleFieldsDescription', { + i18n.translate('visDefaultEditor.controls.field.noCompatibleFieldsDescription', { defaultMessage: 'The index pattern {indexPatternTitle} does not contain any of the following compatible field types: {fieldTypes}', values: { @@ -106,7 +108,7 @@ function FieldParamEditor({ > setShowCustomLabel(!showCustomLabel)} @@ -75,15 +75,17 @@ function FilterRow({ iconType="trash" color="danger" disabled={disableRemove} - aria-label={i18n.translate('common.ui.aggTypes.filters.removeFilterButtonAriaLabel', { - defaultMessage: 'Remove this filter', - })} + aria-label={i18n.translate( + 'visDefaultEditor.controls.filters.removeFilterButtonAriaLabel', + { + defaultMessage: 'Remove this filter', + } + )} onClick={() => onRemoveFilter(id)} />
); - // TODO: KibanaContextProvider should be raised to the top of the vis plugin return ( - - onChangeValue(id, query, customLabel)} - disableAutoFocus={!autoFocus} - dataTestSubj={dataTestSubj} - bubbleSubmitEvent={true} - languageSwitcherPopoverAnchorPosition="leftDown" - /> - + onChangeValue(id, query, customLabel)} + disableAutoFocus={!autoFocus} + dataTestSubj={dataTestSubj} + bubbleSubmitEvent={true} + languageSwitcherPopoverAnchorPosition="leftDown" + /> {showCustomLabel ? ( onChangeValue(id, value, ev.target.value)} diff --git a/src/legacy/ui/public/vis/editors/default/controls/filters.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/filters.tsx similarity index 90% rename from src/legacy/ui/public/vis/editors/default/controls/filters.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/filters.tsx index aa654d26a23fd..be4c62ab08aa2 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/filters.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/filters.tsx @@ -21,15 +21,15 @@ import React, { useState, useEffect } from 'react'; import { omit, isEqual } from 'lodash'; import { htmlIdGenerator, EuiButton, EuiSpacer } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; + import { Query } from 'src/plugins/data/public'; -import chrome from '../../../../chrome'; +import { useKibana } from '../../../../../../plugins/kibana_react/public'; import { FilterRow } from './filter'; -import { AggParamEditorProps } from '..'; +import { AggParamEditorProps } from '../agg_param_props'; const generateId = htmlIdGenerator(); -const config = chrome.getUiSettingsClient(); -export interface FilterValue { +interface FilterValue { input: Query; label: string; id: string; @@ -61,11 +61,13 @@ function FiltersParamEditor({ agg, value = [], setValue }: AggParamEditorProps updateFilters([ ...filters, { - input: { query: '', language: config.get('search:queryLanguage') }, + input: { query: '', language: services.uiSettings.get('search:queryLanguage') }, label: '', id: generateId(), }, @@ -111,7 +113,7 @@ function FiltersParamEditor({ agg, value = [], setValue }: AggParamEditorProps diff --git a/src/legacy/ui/public/vis/editors/default/controls/has_extended_bounds.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/has_extended_bounds.tsx similarity index 84% rename from src/legacy/ui/public/vis/editors/default/controls/has_extended_bounds.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/has_extended_bounds.tsx index 5ab41e1abcde2..416f925da8c1e 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/has_extended_bounds.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/has_extended_bounds.tsx @@ -19,9 +19,10 @@ import React, { useEffect } from 'react'; import { i18n } from '@kbn/i18n'; + import { SwitchParamEditor } from './switch'; -import { isType } from '../../../../agg_types/buckets/migrate_include_exclude_format'; -import { AggParamEditorProps } from '..'; +import { isType } from '../../legacy_imports'; +import { AggParamEditorProps } from '../agg_param_props'; function HasExtendedBoundsParamEditor(props: AggParamEditorProps) { useEffect(() => { @@ -30,10 +31,10 @@ function HasExtendedBoundsParamEditor(props: AggParamEditorProps) { return ( diff --git a/src/legacy/ui/public/vis/editors/default/controls/ip_ranges.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/ip_ranges.tsx similarity index 97% rename from src/legacy/ui/public/vis/editors/default/controls/ip_ranges.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/ip_ranges.tsx index e279c3075e93d..c4b90649aaaae 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/ip_ranges.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/ip_ranges.tsx @@ -23,7 +23,8 @@ import { EuiFormRow } from '@elastic/eui'; import { FromToList, FromToObject } from './components/from_to_list'; import { MaskList, MaskObject } from './components/mask_list'; import { IpRangeTypes } from './ip_range_type'; -import { AggParamEditorProps } from '..'; +import { AggParamEditorProps } from '../agg_param_props'; + interface IpRange { fromTo: FromToObject[]; mask: MaskObject[]; diff --git a/src/legacy/ui/public/vis/editors/default/controls/is_filtered_by_collar.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/is_filtered_by_collar.tsx similarity index 67% rename from src/legacy/ui/public/vis/editors/default/controls/is_filtered_by_collar.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/is_filtered_by_collar.tsx index 012e8f30534eb..5a71f5c3a2fce 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/is_filtered_by_collar.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/is_filtered_by_collar.tsx @@ -20,18 +20,24 @@ import React from 'react'; import { i18n } from '@kbn/i18n'; import { SwitchParamEditor } from './switch'; -import { AggParamEditorProps } from '..'; +import { AggParamEditorProps } from '../agg_param_props'; function IsFilteredByCollarParamEditor(props: AggParamEditorProps) { return ( diff --git a/src/legacy/ui/public/vis/editors/default/controls/metric_agg.test.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/metric_agg.test.tsx similarity index 96% rename from src/legacy/ui/public/vis/editors/default/controls/metric_agg.test.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/metric_agg.test.tsx index 24c506ca31738..9b6fd204e7207 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/metric_agg.test.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/metric_agg.test.tsx @@ -20,11 +20,10 @@ import React from 'react'; import { mount, shallow } from 'enzyme'; -import { AggConfig } from 'ui/agg_types'; +import { AggConfig } from '../../legacy_imports'; import { DEFAULT_OPTIONS, aggFilter, MetricAggParamEditor } from './metric_agg'; -import { AggParamEditorProps } from '..'; -jest.mock('./agg_utils', () => ({ +jest.mock('./utils', () => ({ useAvailableOptions: jest.fn((aggFilterArray, filteredMetrics, defaultOptions) => [ ...filteredMetrics.map(({ id, type }: { id: string; type: { name: string } }) => ({ text: type.name, @@ -36,7 +35,8 @@ jest.mock('./agg_utils', () => ({ useValidation: jest.fn(), })); -import { useAvailableOptions, useFallbackMetric, useValidation } from './agg_utils'; +import { useAvailableOptions, useFallbackMetric, useValidation } from './utils'; +import { AggParamEditorProps } from '../agg_param_props'; const agg = { id: '1', diff --git a/src/legacy/ui/public/vis/editors/default/controls/metric_agg.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/metric_agg.tsx similarity index 93% rename from src/legacy/ui/public/vis/editors/default/controls/metric_agg.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/metric_agg.tsx index 9d25a02606ed2..41e638b8d85fe 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/metric_agg.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/metric_agg.tsx @@ -20,8 +20,9 @@ import React, { useMemo, useCallback } from 'react'; import { EuiFormRow, EuiSelect } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { useAvailableOptions, useFallbackMetric, useValidation } from './agg_utils'; -import { AggParamEditorProps } from '..'; + +import { useAvailableOptions, useFallbackMetric, useValidation } from './utils'; +import { AggParamEditorProps } from '../agg_param_props'; const aggFilter = ['!top_hits', '!percentiles', '!percentile_ranks', '!median', '!std_dev']; const EMPTY_VALUE = 'EMPTY_VALUE'; @@ -36,7 +37,7 @@ function MetricAggParamEditor({ setTouched, metricAggs = [], }: AggParamEditorProps) { - const label = i18n.translate('common.ui.aggTypes.metricLabel', { + const label = i18n.translate('visDefaultEditor.controls.metricLabel', { defaultMessage: 'Metric', }); const isValid = !!value; diff --git a/src/legacy/ui/public/vis/editors/default/controls/min_doc_count.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/min_doc_count.tsx similarity index 83% rename from src/legacy/ui/public/vis/editors/default/controls/min_doc_count.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/min_doc_count.tsx index e366c2daa9007..06b8908d95896 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/min_doc_count.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/min_doc_count.tsx @@ -21,15 +21,15 @@ import React from 'react'; import { i18n } from '@kbn/i18n'; import { SwitchParamEditor } from './switch'; -import { AggParamEditorProps } from '..'; +import { AggParamEditorProps } from '../agg_param_props'; function MinDocCountParamEditor(props: AggParamEditorProps) { return ( ) { const fieldTypeIsNotString = !isStringType(props.agg); @@ -35,16 +36,19 @@ function MissingBucketParamEditor(props: AggParamEditorProps) { return ( diff --git a/src/legacy/ui/public/vis/editors/default/controls/number_interval.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/number_interval.tsx similarity index 86% rename from src/legacy/ui/public/vis/editors/default/controls/number_interval.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/number_interval.tsx index 1084d6e8212e2..6ab5ee2d260a1 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/number_interval.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/number_interval.tsx @@ -23,19 +23,20 @@ import React, { useEffect, useCallback } from 'react'; import { EuiFieldNumber, EuiFormRow, EuiIconTip } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { AggParamEditorProps } from '..'; + +import { AggParamEditorProps } from '../agg_param_props'; const label = ( <> {' '} @@ -86,9 +87,12 @@ function NumberIntervalParamEditor({ onBlur={setTouched} fullWidth={true} compressed - placeholder={i18n.translate('common.ui.aggTypes.numberInterval.selectIntervalPlaceholder', { - defaultMessage: 'Enter an interval', - })} + placeholder={i18n.translate( + 'visDefaultEditor.controls.numberInterval.selectIntervalPlaceholder', + { + defaultMessage: 'Enter an interval', + } + )} /> ); diff --git a/src/legacy/ui/public/vis/editors/default/controls/order.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/order.tsx similarity index 89% rename from src/legacy/ui/public/vis/editors/default/controls/order.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/order.tsx index ec9be206fe130..f40143251e46a 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/order.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/order.tsx @@ -20,11 +20,9 @@ import React, { useEffect } from 'react'; import { EuiFormRow, EuiSelect } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { - OptionedValueProp, - OptionedParamEditorProps, -} from '../../../../agg_types/param_types/optioned'; -import { AggParamEditorProps } from '..'; + +import { OptionedValueProp, OptionedParamEditorProps } from '../../legacy_imports'; +import { AggParamEditorProps } from '../agg_param_props'; function OrderParamEditor({ aggParam, @@ -34,7 +32,7 @@ function OrderParamEditor({ setValidity, setTouched, }: AggParamEditorProps & OptionedParamEditorProps) { - const label = i18n.translate('common.ui.aggTypes.orderLabel', { + const label = i18n.translate('visDefaultEditor.controls.orderLabel', { defaultMessage: 'Order', }); const isValid = !!value; diff --git a/src/legacy/ui/public/vis/editors/default/controls/order_agg.test.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/order_agg.test.tsx similarity index 99% rename from src/legacy/ui/public/vis/editors/default/controls/order_agg.test.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/order_agg.test.tsx index 4c843791153b0..01f5ed9b6a2f1 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/order_agg.test.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/order_agg.test.tsx @@ -21,6 +21,8 @@ import React from 'react'; import { mount } from 'enzyme'; import { OrderByParamEditor } from './order_by'; +jest.mock('ui/new_platform'); + describe('OrderAggParamEditor component', () => { let setValue: jest.Mock; let setValidity: jest.Mock; diff --git a/src/legacy/ui/public/vis/editors/default/controls/order_agg.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/order_agg.tsx similarity index 90% rename from src/legacy/ui/public/vis/editors/default/controls/order_agg.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/order_agg.tsx index efa8366ec550b..6bb9ad334d149 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/order_agg.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/order_agg.tsx @@ -19,11 +19,11 @@ import React, { useEffect } from 'react'; import { EuiSpacer } from '@elastic/eui'; -import { AggParamType } from '../../../../agg_types/param_types/agg'; -import { AggConfig } from '../../..'; + +import { AggParamType, AggConfig, AggGroupNames } from '../../legacy_imports'; import { useSubAggParamsHandlers } from './utils'; -import { AggGroupNames } from '../agg_groups'; -import { AggParamEditorProps, DefaultEditorAggParams } from '..'; +import { AggParamEditorProps } from '../agg_param_props'; +import { DefaultEditorAggParams } from '../agg_params'; function OrderAggParamEditor({ agg, diff --git a/src/legacy/ui/public/vis/editors/default/controls/order_by.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/order_by.tsx similarity index 75% rename from src/legacy/ui/public/vis/editors/default/controls/order_by.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/order_by.tsx index 644135c068275..c0391358ec6e2 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/order_by.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/order_by.tsx @@ -20,38 +20,27 @@ import React, { useEffect } from 'react'; import { EuiFormRow, EuiSelect } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; + import { isCompatibleAggregation, useAvailableOptions, useFallbackMetric, useValidation, -} from './agg_utils'; -import { AggParamEditorProps } from '..'; +} from './utils'; +import { AggParamEditorProps } from '../agg_param_props'; +import { termsAggFilter } from '../../legacy_imports'; const DEFAULT_VALUE = '_key'; const DEFAULT_OPTIONS = [ { - text: i18n.translate('common.ui.aggTypes.orderAgg.alphabeticalLabel', { + text: i18n.translate('visDefaultEditor.controls.orderAgg.alphabeticalLabel', { defaultMessage: 'Alphabetical', }), value: DEFAULT_VALUE, }, ]; -const aggFilter = [ - '!top_hits', - '!percentiles', - '!median', - '!std_dev', - '!derivative', - '!moving_avg', - '!serial_diff', - '!cumulative_sum', - '!avg_bucket', - '!max_bucket', - '!min_bucket', - '!sum_bucket', -]; -const isCompatibleAgg = isCompatibleAggregation(aggFilter); + +const isCompatibleAgg = isCompatibleAggregation(termsAggFilter); function OrderByParamEditor({ agg, @@ -62,7 +51,7 @@ function OrderByParamEditor({ setTouched, metricAggs, }: AggParamEditorProps) { - const label = i18n.translate('common.ui.aggTypes.orderAgg.orderByLabel', { + const label = i18n.translate('visDefaultEditor.controls.orderAgg.orderByLabel', { defaultMessage: 'Order by', }); const isValid = !!value; @@ -82,9 +71,9 @@ function OrderByParamEditor({ } }, []); - useFallbackMetric(setValue, aggFilter, metricAggs, value, DEFAULT_VALUE); + useFallbackMetric(setValue, termsAggFilter, metricAggs, value, DEFAULT_VALUE); - const options = useAvailableOptions(aggFilter, metricAggs, DEFAULT_OPTIONS); + const options = useAvailableOptions(termsAggFilter, metricAggs, DEFAULT_OPTIONS); return ( @@ -102,4 +91,4 @@ function OrderByParamEditor({ ); } -export { OrderByParamEditor, aggFilter }; +export { OrderByParamEditor }; diff --git a/src/legacy/ui/public/vis/editors/default/controls/other_bucket.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/other_bucket.tsx similarity index 84% rename from src/legacy/ui/public/vis/editors/default/controls/other_bucket.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/other_bucket.tsx index 80a1e8fa362be..055fa76e8b280 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/other_bucket.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/other_bucket.tsx @@ -19,17 +19,18 @@ import React from 'react'; import { i18n } from '@kbn/i18n'; + import { SwitchParamEditor } from './switch'; -import { AggParamEditorProps } from '..'; +import { AggParamEditorProps } from '../agg_param_props'; function OtherBucketParamEditor(props: AggParamEditorProps) { return ( >) { - const label = i18n.translate('common.ui.aggTypes.percentileRanks.valuesLabel', { + const label = i18n.translate('visDefaultEditor.controls.percentileRanks.valuesLabel', { defaultMessage: 'Values', }); const [isValid, setIsValid] = useState(true); - const setModelValidity = (isListValid: boolean) => { - setIsValid(isListValid); - setValidity(isListValid); - }; + const setModelValidity = useCallback( + (isListValid: boolean) => { + setIsValid(isListValid); + setValidity(isListValid); + }, + [setValidity] + ); return ( >) { - const label = i18n.translate('common.ui.aggTypes.percentiles.percentsLabel', { + const label = i18n.translate('visDefaultEditor.controls.percentiles.percentsLabel', { defaultMessage: 'Percents', }); const [isValid, setIsValid] = useState(true); - const setModelValidity = (isListValid: boolean) => { - setIsValid(isListValid); - setValidity(isListValid); - }; + const setModelValidity = useCallback( + (isListValid: boolean) => { + setIsValid(isListValid); + setValidity(isListValid); + }, + [setValidity] + ); return ( ) { + const { services } = useKibana(); + const label = i18n.translate('visDefaultEditor.controls.precisionLabel', { + defaultMessage: 'Precision', + }); + if (agg.params.autoPrecision) { return null; } - const label = i18n.translate('common.ui.aggTypes.precisionLabel', { - defaultMessage: 'Precision', - }); - return ( | React.MouseEvent) => setValue(Number(ev.currentTarget.value)) diff --git a/src/legacy/ui/public/vis/editors/default/controls/radius_ratio_option.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/radius_ratio_option.tsx similarity index 93% rename from src/legacy/ui/public/vis/editors/default/controls/radius_ratio_option.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/radius_ratio_option.tsx index 4d481bd74e8a3..c64b079e4f802 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/radius_ratio_option.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/radius_ratio_option.tsx @@ -21,6 +21,7 @@ import React, { useEffect, useCallback } from 'react'; import { EuiFormRow, EuiIconTip, EuiRange, EuiSpacer } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; + import { AggControlProps } from './agg_control_props'; const DEFAULT_VALUE = 50; @@ -30,11 +31,11 @@ function RadiusRatioOptionControl({ editorStateParams, setStateParamValue }: Agg const label = ( <> {' '} ) => ( +import { AggParamEditorProps } from '../agg_param_props'; +import { RangesParamEditor } from './ranges'; + +export const RangesControl = (props: AggParamEditorProps) => ( ); diff --git a/src/legacy/ui/public/vis/editors/default/controls/ranges.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/ranges.tsx similarity index 89% rename from src/legacy/ui/public/vis/editors/default/controls/ranges.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/ranges.tsx index a216ad5d928b6..27de9dfe68ee0 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/ranges.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/ranges.tsx @@ -139,7 +139,7 @@ function RangesParamEditor({ <> {ranges.map(({ from, to, id }, index) => { const deleteBtnTitle = i18n.translate( - 'common.ui.aggTypes.ranges.removeRangeButtonAriaLabel', + 'visDefaultEditor.controls.ranges.removeRangeButtonAriaLabel', { defaultMessage: 'Remove the range of {from} to {to}', values: { @@ -157,30 +157,36 @@ function RangesParamEditor({ } const gtePrependLabel = i18n.translate( - 'common.ui.aggTypes.ranges.greaterThanOrEqualPrepend', + 'visDefaultEditor.controls.ranges.greaterThanOrEqualPrepend', { defaultMessage: '\u2265', } ); const gteTooltipContent = i18n.translate( - 'common.ui.aggTypes.ranges.greaterThanOrEqualTooltip', + 'visDefaultEditor.controls.ranges.greaterThanOrEqualTooltip', { defaultMessage: 'Greater than or equal to', } ); - const ltPrependLabel = i18n.translate('common.ui.aggTypes.ranges.lessThanPrepend', { - defaultMessage: '\u003c', - }); - const ltTooltipContent = i18n.translate('common.ui.aggTypes.ranges.lessThanTooltip', { - defaultMessage: 'Less than', - }); + const ltPrependLabel = i18n.translate( + 'visDefaultEditor.controls.ranges.lessThanPrepend', + { + defaultMessage: '\u003c', + } + ); + const ltTooltipContent = i18n.translate( + 'visDefaultEditor.controls.ranges.lessThanTooltip', + { + defaultMessage: 'Less than', + } + ); return ( diff --git a/src/legacy/ui/public/vis/editors/default/controls/raw_json.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/raw_json.tsx similarity index 88% rename from src/legacy/ui/public/vis/editors/default/controls/raw_json.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/raw_json.tsx index 78ef1bf939b7d..32939c420155f 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/raw_json.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/raw_json.tsx @@ -22,8 +22,9 @@ import React, { useEffect } from 'react'; import { EuiFormRow, EuiIconTip, EuiTextArea } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { isValidJson } from '../../../../agg_types/utils'; -import { AggParamEditorProps } from '..'; + +import { isValidJson } from '../../legacy_imports'; +import { AggParamEditorProps } from '../agg_param_props'; function RawJsonParamEditor({ agg, @@ -35,10 +36,10 @@ function RawJsonParamEditor({ }: AggParamEditorProps) { const label = ( <> - {' '} + {' '} ) { return ( { iconTip?: React.ReactNode; @@ -39,7 +40,7 @@ function SizeParamEditor({ }: SizeParamEditorProps) { const label = ( <> - + {iconTip} ); diff --git a/src/legacy/ui/public/vis/editors/default/controls/string.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/string.tsx similarity index 96% rename from src/legacy/ui/public/vis/editors/default/controls/string.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/string.tsx index dbfd0a7db33fb..ff12942e340e7 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/string.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/string.tsx @@ -18,9 +18,9 @@ */ import React, { useEffect, useCallback } from 'react'; - import { EuiFieldText, EuiFormRow } from '@elastic/eui'; -import { AggParamEditorProps } from '..'; + +import { AggParamEditorProps } from '../agg_param_props'; function StringParamEditor({ agg, diff --git a/src/legacy/ui/public/vis/editors/default/controls/sub_agg.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/sub_agg.tsx similarity index 91% rename from src/legacy/ui/public/vis/editors/default/controls/sub_agg.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/sub_agg.tsx index b233480cb35ba..71a8294541bbd 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/sub_agg.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/sub_agg.tsx @@ -20,10 +20,10 @@ import React, { useEffect } from 'react'; import { EuiSpacer } from '@elastic/eui'; -import { AggParamType } from 'ui/agg_types/param_types/agg'; -import { AggConfig } from '../../..'; +import { AggParamType, AggConfig, AggGroupNames } from '../../legacy_imports'; import { useSubAggParamsHandlers } from './utils'; -import { AggParamEditorProps, DefaultEditorAggParams, AggGroupNames } from '..'; +import { AggParamEditorProps } from '../agg_param_props'; +import { DefaultEditorAggParams } from '../agg_params'; function SubAggParamEditor({ agg, diff --git a/src/legacy/ui/public/vis/editors/default/controls/sub_metric.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/sub_metric.tsx similarity index 86% rename from src/legacy/ui/public/vis/editors/default/controls/sub_metric.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/sub_metric.tsx index d0a44d1d35d1c..9898d943870bc 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/sub_metric.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/sub_metric.tsx @@ -21,10 +21,10 @@ import React, { useEffect } from 'react'; import { EuiFormLabel, EuiSpacer } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { AggParamType } from 'ui/agg_types/param_types/agg'; -import { AggConfig } from '../../../../agg_types/agg_config'; +import { AggParamType, AggConfig, AggGroupNames } from '../../legacy_imports'; import { useSubAggParamsHandlers } from './utils'; -import { AggParamEditorProps, DefaultEditorAggParams, AggGroupNames } from '..'; +import { AggParamEditorProps } from '../agg_param_props'; +import { DefaultEditorAggParams } from '../agg_params'; function SubMetricParamEditor({ agg, @@ -36,10 +36,10 @@ function SubMetricParamEditor({ setValidity, setTouched, }: AggParamEditorProps) { - const metricTitle = i18n.translate('common.ui.aggTypes.metrics.metricTitle', { + const metricTitle = i18n.translate('visDefaultEditor.controls.metrics.metricTitle', { defaultMessage: 'Metric', }); - const bucketTitle = i18n.translate('common.ui.aggTypes.metrics.bucketTitle', { + const bucketTitle = i18n.translate('visDefaultEditor.controls.metrics.bucketTitle', { defaultMessage: 'Bucket', }); const type = aggParam.name; diff --git a/src/legacy/ui/public/vis/editors/default/controls/switch.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/switch.tsx similarity index 96% rename from src/legacy/ui/public/vis/editors/default/controls/switch.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/switch.tsx index de675386d9100..12e82e8c2009e 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/switch.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/switch.tsx @@ -18,9 +18,9 @@ */ import React from 'react'; - import { EuiFormRow, EuiSwitch, EuiToolTip } from '@elastic/eui'; -import { AggParamEditorProps } from '..'; + +import { AggParamEditorProps } from '../agg_param_props'; interface SwitchParamEditorProps extends AggParamEditorProps { dataTestSubj?: string; diff --git a/src/legacy/ui/public/vis/editors/default/controls/test_utils.ts b/src/legacy/core_plugins/vis_default_editor/public/components/controls/test_utils.ts similarity index 87% rename from src/legacy/ui/public/vis/editors/default/controls/test_utils.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/test_utils.ts index c5abf31a3cd8f..4e811f4543412 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/test_utils.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/test_utils.ts @@ -17,9 +17,8 @@ * under the License. */ -import { AggConfig, VisState } from '../../..'; -import { EditorConfig } from '../../config/types'; -import { AggParam } from '../../../../agg_types'; +import { VisState } from 'src/legacy/core_plugins/visualizations/public'; +import { AggConfig, AggParam, EditorConfig } from '../../legacy_imports'; export const aggParamCommonPropsMock = { agg: {} as AggConfig, diff --git a/src/legacy/ui/public/vis/editors/default/controls/time_interval.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/time_interval.tsx similarity index 85% rename from src/legacy/ui/public/vis/editors/default/controls/time_interval.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/time_interval.tsx index 8c3590386b49a..6168890c2f2da 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/time_interval.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/time_interval.tsx @@ -19,13 +19,12 @@ import { get, find } from 'lodash'; import React, { useEffect } from 'react'; - import { EuiFormRow, EuiIconTip, EuiComboBox, EuiComboBoxOptionProps } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { AggParamOption } from '../../../../agg_types/agg_params'; -import { isValidInterval } from '../../../../agg_types/utils'; -import { AggParamEditorProps } from '..'; + +import { isValidInterval, AggParamOption } from '../../legacy_imports'; +import { AggParamEditorProps } from '../agg_param_props'; interface ComboBoxOption extends EuiComboBoxOptionProps { key: string; @@ -68,7 +67,7 @@ function TimeIntervalParamEditor({ interval && interval.scaled && isValid ? ( {' '} @@ -91,7 +90,7 @@ function TimeIntervalParamEditor({ if (!isValid && value) { errors.push( - i18n.translate('common.ui.aggTypes.timeInterval.invalidFormatErrorMessage', { + i18n.translate('visDefaultEditor.controls.timeInterval.invalidFormatErrorMessage', { defaultMessage: 'Invalid interval format.', }) ); @@ -126,7 +125,7 @@ function TimeIntervalParamEditor({ fullWidth={true} helpText={helpText} isInvalid={showValidation ? !isValid : false} - label={i18n.translate('common.ui.aggTypes.timeInterval.minimumIntervalLabel', { + label={i18n.translate('visDefaultEditor.controls.timeInterval.minimumIntervalLabel', { defaultMessage: 'Minimum interval', })} > @@ -141,9 +140,12 @@ function TimeIntervalParamEditor({ options={options} selectedOptions={selectedOptions} singleSelection={{ asPlainText: true }} - placeholder={i18n.translate('common.ui.aggTypes.timeInterval.selectIntervalPlaceholder', { - defaultMessage: 'Select an interval', - })} + placeholder={i18n.translate( + 'visDefaultEditor.controls.timeInterval.selectIntervalPlaceholder', + { + defaultMessage: 'Select an interval', + } + )} onBlur={setTouched} /> @@ -152,19 +154,19 @@ function TimeIntervalParamEditor({ const tooManyBucketsTooltip = ( ); const tooLargeBucketsTooltip = ( ); const selectOptionHelpText = ( ); diff --git a/src/legacy/ui/public/vis/editors/default/controls/top_aggregate.test.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/top_aggregate.test.tsx similarity index 99% rename from src/legacy/ui/public/vis/editors/default/controls/top_aggregate.test.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/top_aggregate.test.tsx index 654c5f5b20ba2..b0c3fe00606aa 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/top_aggregate.test.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/top_aggregate.test.tsx @@ -19,13 +19,13 @@ import React from 'react'; import { mountWithIntl, shallowWithIntl } from 'test_utils/enzyme_helpers'; -import { AggConfig } from '../../..'; import { AggregateValueProp, TopAggregateParamEditor, TopAggregateParamEditorProps, } from './top_aggregate'; import { aggParamCommonPropsMock } from './test_utils'; +import { AggConfig } from '../../legacy_imports'; describe('TopAggregateParamEditor', () => { let agg: AggConfig; diff --git a/src/legacy/ui/public/vis/editors/default/controls/top_aggregate.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/top_aggregate.tsx similarity index 92% rename from src/legacy/ui/public/vis/editors/default/controls/top_aggregate.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/top_aggregate.tsx index 45f898805709e..338e2fe463a80 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/top_aggregate.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/top_aggregate.tsx @@ -21,14 +21,15 @@ import React, { useEffect, useRef } from 'react'; import { EuiFormRow, EuiIconTip, EuiSelect } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { AggConfig } from '../../..'; -import { AggParam } from '../../../../agg_types/agg_params'; + import { + AggConfig, + AggParam, OptionedValueProp, OptionedParamEditorProps, OptionedParamType, -} from '../../../../agg_types/param_types/optioned'; -import { AggParamEditorProps } from '..'; +} from '../../legacy_imports'; +import { AggParamEditorProps } from '../agg_param_props'; export interface AggregateValueProp extends OptionedValueProp { isCompatible(aggConfig: AggConfig): boolean; @@ -66,13 +67,13 @@ export function TopAggregateParamEditor({ const label = ( <> {' '} ) { const compatibleAggs = getCompatibleAggs(props.agg); let customError; if (props.value && !compatibleAggs.length) { - customError = i18n.translate('common.ui.aggTypes.aggregateWith.noAggsErrorTooltip', { + customError = i18n.translate('visDefaultEditor.controls.aggregateWith.noAggsErrorTooltip', { defaultMessage: 'The chosen field has no compatible aggregations.', }); } diff --git a/src/legacy/ui/public/vis/editors/default/controls/top_size.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/top_size.tsx similarity index 92% rename from src/legacy/ui/public/vis/editors/default/controls/top_size.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/top_size.tsx index 4810b6fa9c232..6d237f73aadb5 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/top_size.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/top_size.tsx @@ -20,9 +20,10 @@ import React from 'react'; import { EuiIconTip } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; + import { SizeParamEditor } from './size'; import { getCompatibleAggs } from './top_aggregate'; -import { AggParamEditorProps } from '..'; +import { AggParamEditorProps } from '../agg_param_props'; function TopSizeParamEditor(props: AggParamEditorProps) { const iconTip = ( @@ -30,7 +31,7 @@ function TopSizeParamEditor(props: AggParamEditorProps) { {' '} ) { - const customLabel = i18n.translate('common.ui.aggTypes.sortOnLabel', { + const customLabel = i18n.translate('visDefaultEditor.controls.sortOnLabel', { defaultMessage: 'Sort on', }); diff --git a/src/legacy/ui/public/vis/editors/default/controls/use_geocentroid.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/use_geocentroid.tsx similarity index 90% rename from src/legacy/ui/public/vis/editors/default/controls/use_geocentroid.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/use_geocentroid.tsx index 932a4d19b495c..ce22794a7aef8 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/use_geocentroid.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/use_geocentroid.tsx @@ -18,13 +18,12 @@ */ import React from 'react'; - import { EuiSwitch, EuiFormRow } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { AggParamEditorProps } from '..'; +import { AggParamEditorProps } from '../agg_param_props'; function UseGeocentroidParamEditor({ value = false, setValue }: AggParamEditorProps) { - const label = i18n.translate('common.ui.aggTypes.placeMarkersOffGridLabel', { + const label = i18n.translate('visDefaultEditor.controls.placeMarkersOffGridLabel', { defaultMessage: 'Place markers off grid (use geocentroid)', }); diff --git a/src/legacy/ui/public/vis/editors/default/controls/agg_utils.ts b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/agg_utils.ts similarity index 91% rename from src/legacy/ui/public/vis/editors/default/controls/agg_utils.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/agg_utils.ts index 98e4931b23ea3..4c8ba23e63268 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/agg_utils.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/agg_utils.ts @@ -19,13 +19,14 @@ import { useEffect, useCallback, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; -import { AggConfig } from 'ui/agg_types'; + +import { AggConfig } from '../../../legacy_imports'; type AggFilter = string[]; const DEFAULT_METRIC = 'custom'; const CUSTOM_METRIC = { - text: i18n.translate('common.ui.aggTypes.customMetricLabel', { + text: i18n.translate('visDefaultEditor.controls.customMetricLabel', { defaultMessage: 'Custom metric', }), value: DEFAULT_METRIC, @@ -76,7 +77,7 @@ function useAvailableOptions( const options = useMemo( () => [ ...metricAggs.map(respAgg => ({ - text: i18n.translate('common.ui.aggTypes.definiteMetricLabel', { + text: i18n.translate('visDefaultEditor.controls.definiteMetricLabel', { defaultMessage: 'Metric: {metric}', values: { metric: safeMakeLabel(respAgg), @@ -103,14 +104,14 @@ function useValidation(setValidity: (isValid: boolean) => void, isValid: boolean setValidity(isValid); return () => setValidity(true); - }, [isValid]); + }, [isValid, setValidity]); } function safeMakeLabel(agg: AggConfig): string { try { return agg.makeLabel(); } catch (e) { - return i18n.translate('common.ui.aggTypes.aggNotValidLabel', { + return i18n.translate('visDefaultEditor.controls.aggNotValidLabel', { defaultMessage: '- agg not valid -', }); } diff --git a/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/index.ts b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/index.ts new file mode 100644 index 0000000000000..a1c9027143b1b --- /dev/null +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/index.ts @@ -0,0 +1,23 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +export { useSubAggParamsHandlers } from './use_handlers'; +export { wrapWithInlineComp } from './inline_comp_wrapper'; +export * from './strings'; +export * from './agg_utils'; diff --git a/src/legacy/ui/public/agg_types/buckets/inline_comp_wrapper.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/inline_comp_wrapper.tsx similarity index 94% rename from src/legacy/ui/public/agg_types/buckets/inline_comp_wrapper.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/inline_comp_wrapper.tsx index ac113f4d69451..c0c87eb63c888 100644 --- a/src/legacy/ui/public/agg_types/buckets/inline_comp_wrapper.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/inline_comp_wrapper.tsx @@ -18,7 +18,7 @@ */ import React, { ComponentType } from 'react'; -import { AggParamEditorProps } from 'ui/vis/editors/default'; +import { AggParamEditorProps } from '../../agg_param_props'; export const wrapWithInlineComp = ( WrapComponent: ComponentType> diff --git a/src/legacy/utils/strings/__tests__/comma_separated_list.js b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/comma_separated_list.test.ts similarity index 51% rename from src/legacy/utils/strings/__tests__/comma_separated_list.js rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/comma_separated_list.test.ts index 0ff8818389d64..c3736ed8105f7 100644 --- a/src/legacy/utils/strings/__tests__/comma_separated_list.js +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/comma_separated_list.test.ts @@ -17,38 +17,36 @@ * under the License. */ -import expect from '@kbn/expect'; - -import { parseCommaSeparatedList } from '../comma_separated_list'; +import { parseCommaSeparatedList } from './comma_separated_list'; describe('utils parseCommaSeparatedList()', () => { - it('supports non-string values', () => { - expect(parseCommaSeparatedList(0)).to.eql([]); - expect(parseCommaSeparatedList(1)).to.eql(['1']); - expect(parseCommaSeparatedList({})).to.eql(['[object Object]']); - expect(parseCommaSeparatedList(() => {})).to.eql(['() => {}']); - expect(parseCommaSeparatedList((a, b) => b)).to.eql(['(a', 'b) => b']); - expect(parseCommaSeparatedList(/foo/)).to.eql(['/foo/']); - expect(parseCommaSeparatedList(null)).to.eql([]); - expect(parseCommaSeparatedList(undefined)).to.eql([]); - expect(parseCommaSeparatedList(false)).to.eql([]); - expect(parseCommaSeparatedList(true)).to.eql(['true']); + test('supports non-string values', () => { + expect(parseCommaSeparatedList(0)).toEqual([]); + expect(parseCommaSeparatedList(1)).toEqual(['1']); + expect(parseCommaSeparatedList({})).toEqual(['[object Object]']); + expect(parseCommaSeparatedList(() => {})).toEqual(['() => {}']); + expect(parseCommaSeparatedList((a: any, b: any) => b)).toEqual(['(a', 'b) => b']); + expect(parseCommaSeparatedList(/foo/)).toEqual(['/foo/']); + expect(parseCommaSeparatedList(null)).toEqual([]); + expect(parseCommaSeparatedList(undefined)).toEqual([]); + expect(parseCommaSeparatedList(false)).toEqual([]); + expect(parseCommaSeparatedList(true)).toEqual(['true']); }); - it('returns argument untouched if it is an array', () => { + test('returns argument untouched if it is an array', () => { const inputs = [[], [1], ['foo,bar']]; for (const input of inputs) { const json = JSON.stringify(input); - expect(parseCommaSeparatedList(input)).to.be(input); - expect(json).to.be(JSON.stringify(input)); + expect(parseCommaSeparatedList(input)).toBe(input); + expect(json).toBe(JSON.stringify(input)); } }); - it('trims whitespace around elements', () => { - expect(parseCommaSeparatedList('1 , 2, 3 , 4')).to.eql(['1', '2', '3', '4']); + test('trims whitespace around elements', () => { + expect(parseCommaSeparatedList('1 , 2, 3 , 4')).toEqual(['1', '2', '3', '4']); }); - it('ignored empty elements between multiple commas', () => { - expect(parseCommaSeparatedList('foo , , ,,,,, , ,bar')).to.eql(['foo', 'bar']); + test('ignored empty elements between multiple commas', () => { + expect(parseCommaSeparatedList('foo , , ,,,,, , ,bar')).toEqual(['foo', 'bar']); }); }); diff --git a/src/legacy/utils/strings/comma_separated_list.js b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/comma_separated_list.ts similarity index 94% rename from src/legacy/utils/strings/comma_separated_list.js rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/comma_separated_list.ts index 9290b999a56e1..af14227382164 100644 --- a/src/legacy/utils/strings/comma_separated_list.js +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/comma_separated_list.ts @@ -17,7 +17,7 @@ * under the License. */ -export function parseCommaSeparatedList(input) { +export function parseCommaSeparatedList(input: any) { if (Array.isArray(input)) { return input; } diff --git a/src/legacy/utils/strings/index.js b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/index.ts similarity index 100% rename from src/legacy/utils/strings/index.js rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/index.ts diff --git a/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/prose.test.ts b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/prose.test.ts new file mode 100644 index 0000000000000..745e333ff44ff --- /dev/null +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/prose.test.ts @@ -0,0 +1,50 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { formatListAsProse } from './prose'; + +describe('utils formatListAsProse()', () => { + describe('defaults', () => { + it('joins items together with "and" and commas', () => { + expect(formatListAsProse(['1', '2'])).toEqual('1 and 2'); + expect(formatListAsProse(['1', '2', '3'])).toEqual('1, 2, and 3'); + expect(formatListAsProse(['4', '3', '2', '1'])).toEqual('4, 3, 2, and 1'); + }); + }); + + describe('inclusive=true', () => { + it('joins items together with "and" and commas', () => { + expect(formatListAsProse(['1', '2'], { inclusive: true })).toEqual('1 and 2'); + expect(formatListAsProse(['1', '2', '3'], { inclusive: true })).toEqual('1, 2, and 3'); + expect(formatListAsProse(['4', '3', '2', '1'], { inclusive: true })).toEqual( + '4, 3, 2, and 1' + ); + }); + }); + + describe('inclusive=false', () => { + it('joins items together with "or" and commas', () => { + expect(formatListAsProse(['1', '2'], { inclusive: false })).toEqual('1 or 2'); + expect(formatListAsProse(['1', '2', '3'], { inclusive: false })).toEqual('1, 2, or 3'); + expect(formatListAsProse(['4', '3', '2', '1'], { inclusive: false })).toEqual( + '4, 3, 2, or 1' + ); + }); + }); +}); diff --git a/src/legacy/utils/strings/prose.js b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/prose.ts similarity index 88% rename from src/legacy/utils/strings/prose.js rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/prose.ts index 43bf543dda89e..0c33c491c86b9 100644 --- a/src/legacy/utils/strings/prose.js +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/strings/prose.ts @@ -20,19 +20,14 @@ /** * Converts an array of items into a sentence-ready string. * - * @param {Array} list + * @param {Array} list * @param {Object} [options={}] * @property {Boolean} [options.inclusive=true] Creates an inclusive list using "and" * when `true` (default), otherwise uses "or" * @return {String} */ -export function formatListAsProse(list, options = {}) { +export function formatListAsProse(list: string[], options: { inclusive?: boolean } = {}) { const { inclusive = true } = options; - - if (!Array.isArray(list)) { - throw new TypeError('formatListAsProse() requires an array'); - } - const count = list.length; const conjunction = inclusive ? 'and' : 'or'; diff --git a/src/legacy/ui/public/vis/editors/default/controls/utils.ts b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/use_handlers.ts similarity index 94% rename from src/legacy/ui/public/vis/editors/default/controls/utils.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/use_handlers.ts index 5fd7c284fa23d..c2da648edcf81 100644 --- a/src/legacy/ui/public/vis/editors/default/controls/utils.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/components/controls/utils/use_handlers.ts @@ -18,8 +18,8 @@ */ import { useCallback } from 'react'; -import { AggConfig } from 'ui/vis'; -import { AggParamType } from 'ui/agg_types/param_types/agg'; + +import { AggConfig, AggParamType } from '../../../legacy_imports'; type SetValue = (value?: AggConfig) => void; diff --git a/src/legacy/ui/public/vis/editors/default/components/sidebar/controls.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/controls.tsx similarity index 85% rename from src/legacy/ui/public/vis/editors/default/components/sidebar/controls.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/sidebar/controls.tsx index ab0c0d8407b26..55d5bc2426e92 100644 --- a/src/legacy/ui/public/vis/editors/default/components/sidebar/controls.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/controls.tsx @@ -30,7 +30,7 @@ import { FormattedMessage } from '@kbn/i18n/react'; import { i18n } from '@kbn/i18n'; import { useDebounce } from 'react-use'; -import { Vis } from 'ui/vis'; +import { Vis } from 'src/legacy/core_plugins/visualizations/public'; import { discardChanges, EditorAction } from './state'; interface DefaultEditorControlsProps { @@ -78,7 +78,7 @@ function DefaultEditorControls({ size="s" > @@ -87,13 +87,13 @@ function DefaultEditorControls({ {isInvalid && isTouched ? ( @@ -108,7 +108,7 @@ function DefaultEditorControls({ size="s" > @@ -120,19 +120,19 @@ function DefaultEditorControls({ findLast( metricAggs, - ({ type }: { type: MetricAggType }) => type.subtype === parentPipelineAggHelper.subtype + ({ type }: { type: MetricAggType }) => type.subtype === parentPipelineType ), [metricAggs] ); diff --git a/src/legacy/ui/public/vis/editors/default/components/sidebar/index.ts b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/index.ts similarity index 100% rename from src/legacy/ui/public/vis/editors/default/components/sidebar/index.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/sidebar/index.ts diff --git a/src/legacy/ui/public/vis/editors/default/components/sidebar/navbar.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/navbar.tsx similarity index 100% rename from src/legacy/ui/public/vis/editors/default/components/sidebar/navbar.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/sidebar/navbar.tsx diff --git a/src/legacy/ui/public/vis/editors/default/components/sidebar/sidebar.tsx b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/sidebar.tsx similarity index 94% rename from src/legacy/ui/public/vis/editors/default/components/sidebar/sidebar.tsx rename to src/legacy/core_plugins/vis_default_editor/public/components/sidebar/sidebar.tsx index bf35c46dbb7b5..e33e83fd19fec 100644 --- a/src/legacy/ui/public/vis/editors/default/components/sidebar/sidebar.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/sidebar.tsx @@ -22,12 +22,11 @@ import { get, isEqual } from 'lodash'; import { i18n } from '@kbn/i18n'; import { keyCodes, EuiButtonIcon, EuiFlexGroup, EuiFlexItem, EuiTitle } from '@elastic/eui'; -import { Vis } from 'ui/vis'; -import { PersistedState } from 'ui/persisted_state'; +import { Vis } from 'src/legacy/core_plugins/visualizations/public'; +import { PersistedState, AggGroupNames } from '../../legacy_imports'; import { DefaultEditorNavBar, OptionTab } from './navbar'; import { DefaultEditorControls } from './controls'; import { setStateParamValue, useEditorReducer, useEditorFormState } from './state'; -import { AggGroupNames } from '../../agg_groups'; import { DefaultEditorAggCommonProps } from '../agg_common_props'; interface DefaultEditorSideBarProps { @@ -90,7 +89,7 @@ function DefaultEditorSideBar({ isDirty: false, }); setTouched(false); - }, [vis, state, formState.invalid, setDirty, setTouched, isDirty]); + }, [vis, state, formState.invalid, setTouched, isDirty]); const onSubmit: KeyboardEventHandler = useCallback( event => { @@ -154,7 +153,7 @@ function DefaultEditorSideBar({ {vis.type.requiresSearch && vis.type.options.showIndexSelection ? (

{ type: T; diff --git a/src/legacy/ui/public/vis/editors/default/components/sidebar/state/constants.ts b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/state/constants.ts similarity index 100% rename from src/legacy/ui/public/vis/editors/default/components/sidebar/state/constants.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/sidebar/state/constants.ts diff --git a/src/legacy/ui/public/vis/editors/default/components/sidebar/state/editor_form_state.ts b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/state/editor_form_state.ts similarity index 100% rename from src/legacy/ui/public/vis/editors/default/components/sidebar/state/editor_form_state.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/sidebar/state/editor_form_state.ts diff --git a/src/legacy/ui/public/vis/editors/default/components/sidebar/state/index.ts b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/state/index.ts similarity index 95% rename from src/legacy/ui/public/vis/editors/default/components/sidebar/state/index.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/sidebar/state/index.ts index 6dbd9a69d82c0..df5ba3f6121c7 100644 --- a/src/legacy/ui/public/vis/editors/default/components/sidebar/state/index.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/state/index.ts @@ -20,7 +20,7 @@ import { useEffect, useReducer, useCallback } from 'react'; import { isEqual } from 'lodash'; -import { Vis, VisState, VisParams } from 'ui/vis'; +import { Vis, VisState, VisParams } from 'src/legacy/core_plugins/visualizations/public'; import { editorStateReducer, initEditorState } from './reducers'; import { EditorStateActionTypes } from './constants'; import { EditorAction, updateStateParams } from './actions'; diff --git a/src/legacy/ui/public/vis/editors/default/components/sidebar/state/reducers.ts b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/state/reducers.ts similarity index 96% rename from src/legacy/ui/public/vis/editors/default/components/sidebar/state/reducers.ts rename to src/legacy/core_plugins/vis_default_editor/public/components/sidebar/state/reducers.ts index db52291c823e7..8e1cfd6bc9c13 100644 --- a/src/legacy/ui/public/vis/editors/default/components/sidebar/state/reducers.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/components/sidebar/state/reducers.ts @@ -19,11 +19,9 @@ import { cloneDeep } from 'lodash'; -import { AggConfigs, AggConfig } from 'ui/agg_types'; -import { Vis, VisState } from 'ui/vis'; -import { move } from 'ui/utils/collection'; +import { Vis, VisState } from 'src/legacy/core_plugins/visualizations/public'; +import { AggConfigs, AggConfig, AggGroupNames, move } from '../../../legacy_imports'; import { EditorStateActionTypes } from './constants'; -import { AggGroupNames } from '../../../agg_groups'; import { getEnabledMetricAggsCount } from '../../agg_group_helper'; import { EditorAction } from './actions'; diff --git a/src/legacy/ui/public/vis/editors/default/default_editor.tsx b/src/legacy/core_plugins/vis_default_editor/public/default_editor.tsx similarity index 84% rename from src/legacy/ui/public/vis/editors/default/default_editor.tsx rename to src/legacy/core_plugins/vis_default_editor/public/default_editor.tsx index efe5a79cd027e..48a1a6f9d2121 100644 --- a/src/legacy/ui/public/vis/editors/default/default_editor.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/default_editor.tsx @@ -19,18 +19,18 @@ import React, { useEffect, useRef, useState, useCallback } from 'react'; -import { start as embeddables } from '../../../../../core_plugins/embeddable_api/public/np_ready/public/legacy'; -import { EditorRenderProps } from '../../../../../core_plugins/kibana/public/visualize/np_ready/types'; -import { VisualizeEmbeddable } from '../../../../../core_plugins/visualizations/public/embeddable'; -import { VisualizeEmbeddableFactory } from '../../../../../core_plugins/visualizations/public/embeddable/visualize_embeddable_factory'; -import { PanelsContainer, Panel } from '../../../../../../plugins/kibana_react/public'; +import { EditorRenderProps } from '../../kibana/public/visualize/np_ready/types'; +import { VisualizeEmbeddable } from '../../visualizations/public/embeddable'; +import { VisualizeEmbeddableFactory } from '../../visualizations/public/embeddable/visualize_embeddable_factory'; +import { PanelsContainer, Panel } from '../../../../plugins/kibana_react/public'; import './vis_type_agg_filter'; import { DefaultEditorSideBar } from './components/sidebar'; import { DefaultEditorControllerState } from './default_editor_controller'; -import { getInitialWidth } from '../../editor_size'; +import { getInitialWidth } from './editor_size'; function DefaultEditor({ + embeddables, savedObj, uiState, timeRange, @@ -38,7 +38,7 @@ function DefaultEditor({ appState, optionTabs, query, -}: DefaultEditorControllerState & EditorRenderProps) { +}: DefaultEditorControllerState & Omit) { const visRef = useRef(null); const visHandler = useRef(null); const [isCollapsed, setIsCollapsed] = useState(false); @@ -82,7 +82,7 @@ function DefaultEditor({ } visualize(); - }, [uiState, savedObj, timeRange, filters, appState, query, factory]); + }, [uiState, savedObj, timeRange, filters, appState, query, factory, embeddables]); useEffect(() => { return () => { diff --git a/src/legacy/ui/public/vis/editors/default/default_editor_controller.tsx b/src/legacy/core_plugins/vis_default_editor/public/default_editor_controller.tsx similarity index 71% rename from src/legacy/ui/public/vis/editors/default/default_editor_controller.tsx rename to src/legacy/core_plugins/vis_default_editor/public/default_editor_controller.tsx index bf843a98deaa5..d3090d277aef9 100644 --- a/src/legacy/ui/public/vis/editors/default/default_editor_controller.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/default_editor_controller.tsx @@ -22,11 +22,15 @@ import { render, unmountComponentAtNode } from 'react-dom'; import { i18n } from '@kbn/i18n'; import { I18nProvider } from '@kbn/i18n/react'; -import { EditorRenderProps } from '../../../../../core_plugins/kibana/public/visualize/np_ready/types'; -import { VisSavedObject } from '../../../../../core_plugins/visualizations/public/embeddable/visualize_embeddable'; +import { EditorRenderProps } from 'src/legacy/core_plugins/kibana/public/visualize/np_ready/types'; +import { VisSavedObject } from 'src/legacy/core_plugins/visualizations/public/embeddable/visualize_embeddable'; +import { Storage } from '../../../../plugins/kibana_utils/public'; +import { KibanaContextProvider } from '../../../../plugins/kibana_react/public'; import { DefaultEditor } from './default_editor'; import { DefaultEditorDataTab, OptionTab } from './components/sidebar'; +const localStorage = new Storage(window.localStorage); + export interface DefaultEditorControllerState { savedObj: VisSavedObject; optionTabs: OptionTab[]; @@ -45,7 +49,7 @@ class DefaultEditorController { ? [ { name: 'data', - title: i18n.translate('common.ui.vis.editors.sidebar.tabs.dataLabel', { + title: i18n.translate('visDefaultEditor.sidebar.tabs.dataLabel', { defaultMessage: 'Data', }), editor: DefaultEditorDataTab, @@ -57,7 +61,7 @@ class DefaultEditorController { ? [ { name: 'options', - title: i18n.translate('common.ui.vis.editors.sidebar.tabs.optionsLabel', { + title: i18n.translate('visDefaultEditor.sidebar.tabs.optionsLabel', { defaultMessage: 'Options', }), editor: visType.editorConfig.optionsTemplate, @@ -72,10 +76,19 @@ class DefaultEditorController { }; } - render(props: EditorRenderProps) { + render({ data, core, ...props }: EditorRenderProps) { render( - + + + , this.el ); diff --git a/src/legacy/ui/public/vis/editor_size.ts b/src/legacy/core_plugins/vis_default_editor/public/editor_size.ts similarity index 100% rename from src/legacy/ui/public/vis/editor_size.ts rename to src/legacy/core_plugins/vis_default_editor/public/editor_size.ts diff --git a/src/legacy/ui/public/vis/editors/default/_index.scss b/src/legacy/core_plugins/vis_default_editor/public/index.scss similarity index 72% rename from src/legacy/ui/public/vis/editors/default/_index.scss rename to src/legacy/core_plugins/vis_default_editor/public/index.scss index 6abb45dc546a3..ec51ee8bd5780 100644 --- a/src/legacy/ui/public/vis/editors/default/_index.scss +++ b/src/legacy/core_plugins/vis_default_editor/public/index.scss @@ -1,3 +1,5 @@ +@import 'src/legacy/ui/public/styles/styling_constants'; + $vis-editor-sidebar-min-width: 350px; // Main layout diff --git a/src/legacy/ui/public/vis/editors/default/index.ts b/src/legacy/core_plugins/vis_default_editor/public/index.ts similarity index 78% rename from src/legacy/ui/public/vis/editors/default/index.ts rename to src/legacy/core_plugins/vis_default_editor/public/index.ts index fada4e5d2266f..fa6c2ee6d5ec7 100644 --- a/src/legacy/ui/public/vis/editors/default/index.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/index.ts @@ -17,9 +17,9 @@ * under the License. */ -export { AggParamEditorProps } from './components/agg_param_props'; -export { DefaultEditorAggParams } from './components/agg_params'; -export { ComboBoxGroupedOptions } from './utils'; +export { DefaultEditorController } from './default_editor_controller'; +export { useValidation } from './components/controls/utils'; +export { RangesParamEditor, RangeValues } from './components/controls/ranges'; +export * from './editor_size'; export * from './vis_options_props'; export * from './utils'; -export * from './agg_groups'; diff --git a/src/legacy/core_plugins/vis_default_editor/public/legacy_imports.ts b/src/legacy/core_plugins/vis_default_editor/public/legacy_imports.ts new file mode 100644 index 0000000000000..5c617f3dc8681 --- /dev/null +++ b/src/legacy/core_plugins/vis_default_editor/public/legacy_imports.ts @@ -0,0 +1,58 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +/* `ui/agg_types` dependencies */ +export { + AggType, + AggConfig, + AggConfigs, + AggParam, + AggGroupNames, + aggGroupNamesMap, + aggTypes, + FieldParamType, + BUCKET_TYPES, + METRIC_TYPES, + ISchemas, + Schema, + termsAggFilter, +} from 'ui/agg_types'; +export { aggTypeFilters, propFilter } from 'ui/agg_types/filter'; +export { aggTypeFieldFilters } from 'ui/agg_types/param_types/filter'; +export { AggParamType } from 'ui/agg_types/param_types/agg'; +export { MetricAggType } from 'ui/agg_types/metrics/metric_agg_type'; +export { parentPipelineType } from 'ui/agg_types/metrics/lib/parent_pipeline_agg_helper'; +export { siblingPipelineType } from 'ui/agg_types/metrics/lib/sibling_pipeline_agg_helper'; +export { isType, isStringType } from 'ui/agg_types/buckets/migrate_include_exclude_format'; +export { + OptionedValueProp, + OptionedParamEditorProps, + OptionedParamType, +} from 'ui/agg_types/param_types/optioned'; +export { isValidJson, isValidInterval } from 'ui/agg_types/utils'; +export { AggParamOption } from 'ui/agg_types/agg_params'; +export { CidrMask } from 'ui/agg_types/buckets/lib/cidr_mask'; + +export { PersistedState } from 'ui/persisted_state'; +export { IndexedArray } from 'ui/indexed_array'; +export { getDocLink } from 'ui/documentation_links'; +export { documentationLinks } from 'ui/documentation_links/documentation_links'; +export { move } from 'ui/utils/collection'; +export * from 'ui/vis/lib'; +export * from 'ui/vis/config'; diff --git a/src/legacy/ui/public/vis/editors/default/utils.test.tsx b/src/legacy/core_plugins/vis_default_editor/public/utils.test.tsx similarity index 98% rename from src/legacy/ui/public/vis/editors/default/utils.test.tsx rename to src/legacy/core_plugins/vis_default_editor/public/utils.test.tsx index b72c7e5fbb4b2..b050979b7b338 100644 --- a/src/legacy/ui/public/vis/editors/default/utils.test.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/utils.test.tsx @@ -18,7 +18,9 @@ */ import { groupAndSortBy } from './utils'; -import { AggGroupNames } from './agg_groups'; +import { AggGroupNames } from './legacy_imports'; + +jest.mock('ui/new_platform'); const aggs = [ { diff --git a/src/legacy/ui/public/vis/editors/default/utils.tsx b/src/legacy/core_plugins/vis_default_editor/public/utils.tsx similarity index 100% rename from src/legacy/ui/public/vis/editors/default/utils.tsx rename to src/legacy/core_plugins/vis_default_editor/public/utils.tsx diff --git a/src/legacy/ui/public/vis/editors/default/vis_options_props.tsx b/src/legacy/core_plugins/vis_default_editor/public/vis_options_props.tsx similarity index 89% rename from src/legacy/ui/public/vis/editors/default/vis_options_props.tsx rename to src/legacy/core_plugins/vis_default_editor/public/vis_options_props.tsx index 5b4badc103645..f51e359d99573 100644 --- a/src/legacy/ui/public/vis/editors/default/vis_options_props.tsx +++ b/src/legacy/core_plugins/vis_default_editor/public/vis_options_props.tsx @@ -17,9 +17,8 @@ * under the License. */ -import { PersistedState } from 'ui/persisted_state'; -import { AggConfigs } from 'ui/agg_types/agg_configs'; -import { Vis } from './../..'; +import { AggConfigs, PersistedState } from './legacy_imports'; +import { Vis } from '../../visualizations/public'; export interface VisOptionsProps { aggs: AggConfigs; diff --git a/src/legacy/ui/public/vis/editors/default/vis_type_agg_filter.ts b/src/legacy/core_plugins/vis_default_editor/public/vis_type_agg_filter.ts similarity index 84% rename from src/legacy/ui/public/vis/editors/default/vis_type_agg_filter.ts rename to src/legacy/core_plugins/vis_default_editor/public/vis_type_agg_filter.ts index c64907fff58a1..c1832d5512817 100644 --- a/src/legacy/ui/public/vis/editors/default/vis_type_agg_filter.ts +++ b/src/legacy/core_plugins/vis_default_editor/public/vis_type_agg_filter.ts @@ -16,10 +16,8 @@ * specific language governing permissions and limitations * under the License. */ -import { AggType } from '../../../agg_types'; -import { aggTypeFilters, propFilter } from '../../../agg_types/filter'; -import { IndexPattern } from '../../../../../../plugins/data/public'; -import { AggConfig } from '../../../vis'; +import { IndexPattern } from 'src/plugins/data/public'; +import { AggType, AggConfig, aggTypeFilters, propFilter } from './legacy_imports'; const filterByName = propFilter('name'); diff --git a/src/legacy/core_plugins/vis_type_markdown/public/markdown_options.tsx b/src/legacy/core_plugins/vis_type_markdown/public/markdown_options.tsx index c70b6561c3101..8a4297d3b8149 100644 --- a/src/legacy/core_plugins/vis_type_markdown/public/markdown_options.tsx +++ b/src/legacy/core_plugins/vis_type_markdown/public/markdown_options.tsx @@ -30,7 +30,7 @@ import { } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; -import { VisOptionsProps } from 'ui/vis/editors/default'; +import { VisOptionsProps } from 'src/legacy/core_plugins/vis_default_editor/public'; import { MarkdownVisParams } from './types'; function MarkdownOptions({ stateParams, setValue }: VisOptionsProps) { diff --git a/src/legacy/core_plugins/vis_type_markdown/public/markdown_vis.ts b/src/legacy/core_plugins/vis_type_markdown/public/markdown_vis.ts index 524bbeed1b552..b84d9638eb973 100644 --- a/src/legacy/core_plugins/vis_type_markdown/public/markdown_vis.ts +++ b/src/legacy/core_plugins/vis_type_markdown/public/markdown_vis.ts @@ -19,11 +19,10 @@ import { i18n } from '@kbn/i18n'; -import { DefaultEditorSize } from '../../visualizations/public'; - import { MarkdownVisWrapper } from './markdown_vis_controller'; import { MarkdownOptions } from './markdown_options'; import { SettingsOptions } from './settings_options'; +import { DefaultEditorSize } from '../../vis_default_editor/public'; export const markdownVisDefinition = { name: 'markdown', diff --git a/src/legacy/core_plugins/vis_type_markdown/public/settings_options.tsx b/src/legacy/core_plugins/vis_type_markdown/public/settings_options.tsx index 18852b549b1ed..ac1d4bcc82cec 100644 --- a/src/legacy/core_plugins/vis_type_markdown/public/settings_options.tsx +++ b/src/legacy/core_plugins/vis_type_markdown/public/settings_options.tsx @@ -21,7 +21,7 @@ import React from 'react'; import { EuiPanel } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import { VisOptionsProps } from 'ui/vis/editors/default'; +import { VisOptionsProps } from 'src/legacy/core_plugins/vis_default_editor/public'; import { RangeOption, SwitchOption } from '../../vis_type_vislib/public'; import { MarkdownVisParams } from './types'; diff --git a/src/legacy/core_plugins/vis_type_metric/public/components/metric_vis_component.test.tsx b/src/legacy/core_plugins/vis_type_metric/public/components/metric_vis_component.test.tsx index ada9e8c248a02..32c99f68a066e 100644 --- a/src/legacy/core_plugins/vis_type_metric/public/components/metric_vis_component.test.tsx +++ b/src/legacy/core_plugins/vis_type_metric/public/components/metric_vis_component.test.tsx @@ -20,7 +20,7 @@ import React from 'react'; import { shallow } from 'enzyme'; -import { Vis } from '../legacy_imports'; +import { Vis } from 'src/legacy/core_plugins/visualizations/public'; import { MetricVisComponent, MetricVisComponentProps } from './metric_vis_component'; jest.mock('ui/new_platform'); diff --git a/src/legacy/core_plugins/vis_type_metric/public/components/metric_vis_component.tsx b/src/legacy/core_plugins/vis_type_metric/public/components/metric_vis_component.tsx index df563306ef832..9cad09a2e435d 100644 --- a/src/legacy/core_plugins/vis_type_metric/public/components/metric_vis_component.tsx +++ b/src/legacy/core_plugins/vis_type_metric/public/components/metric_vis_component.tsx @@ -22,14 +22,14 @@ import React, { Component } from 'react'; import { isColorDark } from '@elastic/eui'; -import { getFormat, Vis } from '../legacy_imports'; +import { getFormat } from '../legacy_imports'; import { MetricVisValue } from './metric_vis_value'; import { fieldFormats } from '../../../../../plugins/data/public'; import { Context } from '../metric_vis_fn'; import { KibanaDatatable } from '../../../../../plugins/expressions/public'; import { getHeatmapColors } from '../../../../../plugins/charts/public'; import { VisParams, MetricVisMetric } from '../types'; -import { SchemaConfig } from '../../../visualizations/public'; +import { SchemaConfig, Vis } from '../../../visualizations/public'; export interface MetricVisComponentProps { visParams: VisParams; diff --git a/src/legacy/core_plugins/vis_type_metric/public/components/metric_vis_options.tsx b/src/legacy/core_plugins/vis_type_metric/public/components/metric_vis_options.tsx index e144c055d8023..661f16d6497ba 100644 --- a/src/legacy/core_plugins/vis_type_metric/public/components/metric_vis_options.tsx +++ b/src/legacy/core_plugins/vis_type_metric/public/components/metric_vis_options.tsx @@ -29,7 +29,7 @@ import { import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { VisOptionsProps } from '../legacy_imports'; +import { VisOptionsProps } from 'src/legacy/core_plugins/vis_default_editor/public'; import { ColorModes, ColorRanges, diff --git a/src/legacy/core_plugins/vis_type_metric/public/legacy_imports.ts b/src/legacy/core_plugins/vis_type_metric/public/legacy_imports.ts index 6f02407919baa..b769030a04fb1 100644 --- a/src/legacy/core_plugins/vis_type_metric/public/legacy_imports.ts +++ b/src/legacy/core_plugins/vis_type_metric/public/legacy_imports.ts @@ -17,9 +17,5 @@ * under the License. */ -export { Vis, VisParams } from 'ui/vis'; export { getFormat } from 'ui/visualize/loader/pipeline_helpers/utilities'; -export { VisOptionsProps } from 'ui/vis/editors/default'; -// @ts-ignore -export { Schemas } from 'ui/vis/editors/default/schemas'; -export { AggGroupNames } from 'ui/vis/editors/default'; +export { AggGroupNames, Schemas } from 'ui/agg_types'; diff --git a/src/legacy/core_plugins/vis_type_table/public/components/table_vis_options.tsx b/src/legacy/core_plugins/vis_type_table/public/components/table_vis_options.tsx index 529439a800682..72838d2d97421 100644 --- a/src/legacy/core_plugins/vis_type_table/public/components/table_vis_options.tsx +++ b/src/legacy/core_plugins/vis_type_table/public/components/table_vis_options.tsx @@ -23,7 +23,8 @@ import { EuiIconTip, EuiPanel } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { tabifyGetColumns, VisOptionsProps } from '../legacy_imports'; +import { VisOptionsProps } from 'src/legacy/core_plugins/vis_default_editor/public'; +import { tabifyGetColumns } from '../legacy_imports'; import { NumberInputOption, SwitchOption, SelectOption } from '../../../vis_type_vislib/public'; import { TableVisParams } from '../types'; import { totalAggregations, isAggConfigNumeric } from './utils'; diff --git a/src/legacy/core_plugins/vis_type_table/public/legacy_imports.ts b/src/legacy/core_plugins/vis_type_table/public/legacy_imports.ts index b3eb017c22308..8a454957b7ab9 100644 --- a/src/legacy/core_plugins/vis_type_table/public/legacy_imports.ts +++ b/src/legacy/core_plugins/vis_type_table/public/legacy_imports.ts @@ -19,10 +19,8 @@ export { npSetup, npStart } from 'ui/new_platform'; export { getFormat } from 'ui/visualize/loader/pipeline_helpers/utilities'; -export { AggConfig } from 'ui/vis'; -export { AggGroupNames, VisOptionsProps } from 'ui/vis/editors/default'; -// @ts-ignore -export { Schemas } from 'ui/vis/editors/default/schemas'; +export { AggConfig, AggGroupNames, Schemas } from 'ui/agg_types'; + // @ts-ignore export { PrivateProvider } from 'ui/private/private'; // @ts-ignore diff --git a/src/legacy/core_plugins/vis_type_tagcloud/public/components/__tests__/tag_cloud_visualization.js b/src/legacy/core_plugins/vis_type_tagcloud/public/components/__tests__/tag_cloud_visualization.js index 75cad3bc167bf..5f7d1ad90ecf8 100644 --- a/src/legacy/core_plugins/vis_type_tagcloud/public/components/__tests__/tag_cloud_visualization.js +++ b/src/legacy/core_plugins/vis_type_tagcloud/public/components/__tests__/tag_cloud_visualization.js @@ -20,7 +20,7 @@ import expect from '@kbn/expect'; import ngMock from 'ng_mock'; import LogstashIndexPatternStubProvider from 'fixtures/stubbed_logstash_index_pattern'; -import { Vis } from 'ui/vis'; +import { Vis } from '../../../../visualizations/public/np_ready/public/vis'; import { ImageComparator } from 'test_utils/image_comparator'; import { createTagCloudVisualization } from '../tag_cloud_visualization'; import basicdrawPng from './basicdraw.png'; diff --git a/src/legacy/core_plugins/vis_type_tagcloud/public/components/tag_cloud_options.tsx b/src/legacy/core_plugins/vis_type_tagcloud/public/components/tag_cloud_options.tsx index 76117c8b6b398..eed5ffe8c3584 100644 --- a/src/legacy/core_plugins/vis_type_tagcloud/public/components/tag_cloud_options.tsx +++ b/src/legacy/core_plugins/vis_type_tagcloud/public/components/tag_cloud_options.tsx @@ -22,7 +22,7 @@ import { EuiPanel } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { ValidatedDualRange } from 'ui/validated_range'; -import { VisOptionsProps } from 'ui/vis/editors/default'; +import { VisOptionsProps } from '../../../vis_default_editor/public'; import { SelectOption, SwitchOption } from '../../../vis_type_vislib/public'; import { TagCloudVisParams } from '../types'; diff --git a/src/legacy/ui/public/visualize/loader/utils/index.ts b/src/legacy/core_plugins/vis_type_tagcloud/public/legacy_imports.ts similarity index 92% rename from src/legacy/ui/public/visualize/loader/utils/index.ts rename to src/legacy/core_plugins/vis_type_tagcloud/public/legacy_imports.ts index df07c72686dea..ecc56ea0c34be 100644 --- a/src/legacy/ui/public/visualize/loader/utils/index.ts +++ b/src/legacy/core_plugins/vis_type_tagcloud/public/legacy_imports.ts @@ -17,4 +17,4 @@ * under the License. */ -export { queryGeohashBounds } from './query_geohash_bounds'; +export { Schemas } from 'ui/agg_types'; diff --git a/src/legacy/core_plugins/vis_type_tagcloud/public/tag_cloud_type.ts b/src/legacy/core_plugins/vis_type_tagcloud/public/tag_cloud_type.ts index 626c53b73b241..34d15287169c0 100644 --- a/src/legacy/core_plugins/vis_type_tagcloud/public/tag_cloud_type.ts +++ b/src/legacy/core_plugins/vis_type_tagcloud/public/tag_cloud_type.ts @@ -18,8 +18,8 @@ */ import { i18n } from '@kbn/i18n'; -// @ts-ignore -import { Schemas } from 'ui/vis/editors/default/schemas'; + +import { Schemas } from './legacy_imports'; import { Status } from '../../visualizations/public'; import { TagCloudOptions } from './components/tag_cloud_options'; diff --git a/src/legacy/core_plugins/vis_type_timelion/public/components/timelion_interval.tsx b/src/legacy/core_plugins/vis_type_timelion/public/components/timelion_interval.tsx index 4bfa5d424ed85..02783434bfdc2 100644 --- a/src/legacy/core_plugins/vis_type_timelion/public/components/timelion_interval.tsx +++ b/src/legacy/core_plugins/vis_type_timelion/public/components/timelion_interval.tsx @@ -22,7 +22,7 @@ import { EuiFormRow, EuiComboBox, EuiComboBoxOptionProps } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { isValidEsInterval } from '../../../../core_plugins/data/common'; -import { useValidation } from '../legacy_imports'; +import { useValidation } from '../../../vis_default_editor/public'; const intervalOptions = [ { diff --git a/src/legacy/core_plugins/vis_type_timelion/public/components/timelion_vis.tsx b/src/legacy/core_plugins/vis_type_timelion/public/components/timelion_vis.tsx index ae55e11380b78..9e11fd5d3f45c 100644 --- a/src/legacy/core_plugins/vis_type_timelion/public/components/timelion_vis.tsx +++ b/src/legacy/core_plugins/vis_type_timelion/public/components/timelion_vis.tsx @@ -20,7 +20,7 @@ import React from 'react'; import { IUiSettingsClient } from 'kibana/public'; -import { Vis } from '../legacy_imports'; +import { Vis } from 'src/legacy/core_plugins/visualizations/public'; import { ChartComponent } from './chart'; import { VisParams } from '../timelion_vis_fn'; import { TimelionSuccessResponse } from '../helpers/timelion_request_handler'; diff --git a/src/legacy/core_plugins/vis_type_timelion/public/helpers/timelion_request_handler.ts b/src/legacy/core_plugins/vis_type_timelion/public/helpers/timelion_request_handler.ts index de066b474d987..6ce2538567e5b 100644 --- a/src/legacy/core_plugins/vis_type_timelion/public/helpers/timelion_request_handler.ts +++ b/src/legacy/core_plugins/vis_type_timelion/public/helpers/timelion_request_handler.ts @@ -17,10 +17,11 @@ * under the License. */ -import { KIBANA_CONTEXT_NAME } from 'src/plugins/expressions/public'; import { i18n } from '@kbn/i18n'; +import { KIBANA_CONTEXT_NAME } from 'src/plugins/expressions/public'; +import { VisParams } from 'src/legacy/core_plugins/visualizations/public'; import { TimeRange, esFilters, esQuery, Query } from '../../../../../plugins/data/public'; -import { timezoneProvider, VisParams } from '../legacy_imports'; +import { timezoneProvider } from '../legacy_imports'; import { TimelionVisDependencies } from '../plugin'; interface Stats { diff --git a/src/legacy/core_plugins/vis_type_timelion/public/legacy_imports.ts b/src/legacy/core_plugins/vis_type_timelion/public/legacy_imports.ts index 8d1156862d27e..a00240ee06828 100644 --- a/src/legacy/core_plugins/vis_type_timelion/public/legacy_imports.ts +++ b/src/legacy/core_plugins/vis_type_timelion/public/legacy_imports.ts @@ -20,10 +20,5 @@ export { npSetup, npStart } from 'ui/new_platform'; export { PluginsStart } from 'ui/new_platform/new_platform'; -// @ts-ignore -export { DefaultEditorSize } from 'ui/vis/editor_size'; // @ts-ignore export { timezoneProvider } from 'ui/vis/lib/timezone'; -export { VisParams, Vis } from 'ui/vis'; -export { VisOptionsProps } from 'ui/vis/editors/default'; -export { useValidation } from 'ui/vis/editors/default/controls/agg_utils'; diff --git a/src/legacy/core_plugins/vis_type_timelion/public/timelion_options.tsx b/src/legacy/core_plugins/vis_type_timelion/public/timelion_options.tsx index be6829a76ac58..b7c40e15c11fd 100644 --- a/src/legacy/core_plugins/vis_type_timelion/public/timelion_options.tsx +++ b/src/legacy/core_plugins/vis_type_timelion/public/timelion_options.tsx @@ -20,9 +20,9 @@ import React, { useCallback } from 'react'; import { EuiPanel } from '@elastic/eui'; -import { VisOptionsProps } from './legacy_imports'; import { VisParams } from './timelion_vis_fn'; import { TimelionInterval, TimelionExpressionInput } from './components'; +import { VisOptionsProps } from '../../vis_default_editor/public'; function TimelionOptions({ stateParams, setValue, setValidity }: VisOptionsProps) { const setInterval = useCallback((value: VisParams['interval']) => setValue('interval', value), [ diff --git a/src/legacy/core_plugins/vis_type_timelion/public/timelion_vis_type.tsx b/src/legacy/core_plugins/vis_type_timelion/public/timelion_vis_type.tsx index 51540eea0223c..6679553004097 100644 --- a/src/legacy/core_plugins/vis_type_timelion/public/timelion_vis_type.tsx +++ b/src/legacy/core_plugins/vis_type_timelion/public/timelion_vis_type.tsx @@ -21,17 +21,15 @@ import React from 'react'; import { i18n } from '@kbn/i18n'; import { KibanaContextProvider } from '../../../../plugins/kibana_react/public'; -import { DefaultEditorSize, VisOptionsProps } from './legacy_imports'; +import { DefaultEditorSize } from '../../vis_default_editor/public'; import { getTimelionRequestHandler } from './helpers/timelion_request_handler'; import { TimelionVisComponent, TimelionVisComponentProp } from './components'; import { TimelionOptions } from './timelion_options'; -import { VisParams } from './timelion_vis_fn'; import { TimelionVisDependencies } from './plugin'; export const TIMELION_VIS_NAME = 'timelion'; export function getTimelionVisDefinition(dependencies: TimelionVisDependencies) { - const { http, uiSettings } = dependencies; const timelionRequestHandler = getTimelionRequestHandler(dependencies); // return the visType object, which kibana will use to display and configure new @@ -55,11 +53,7 @@ export function getTimelionVisDefinition(dependencies: TimelionVisDependencies) ), }, editorConfig: { - optionsTemplate: (props: VisOptionsProps) => ( - - - - ), + optionsTemplate: TimelionOptions, defaultSize: DefaultEditorSize.MEDIUM, }, requestHandler: timelionRequestHandler, diff --git a/src/legacy/core_plugins/vis_type_vega/public/__tests__/vega_visualization.js b/src/legacy/core_plugins/vis_type_vega/public/__tests__/vega_visualization.js index 60f1bed35b518..6c9eb86a9d2c0 100644 --- a/src/legacy/core_plugins/vis_type_vega/public/__tests__/vega_visualization.js +++ b/src/legacy/core_plugins/vis_type_vega/public/__tests__/vega_visualization.js @@ -23,7 +23,7 @@ import ngMock from 'ng_mock'; import $ from 'jquery'; import { createVegaVisualization } from '../vega_visualization'; import LogstashIndexPatternStubProvider from 'fixtures/stubbed_logstash_index_pattern'; -import { Vis } from 'ui/vis'; +import { Vis } from '../../../visualizations/public/np_ready/public/vis'; import { ImageComparator } from 'test_utils/image_comparator'; import vegaliteGraph from '!!raw-loader!./vegalite_graph.hjson'; diff --git a/src/legacy/core_plugins/vis_type_vega/public/components/vega_vis_editor.tsx b/src/legacy/core_plugins/vis_type_vega/public/components/vega_vis_editor.tsx index 6d14acf6ec7aa..18d48aea5d39a 100644 --- a/src/legacy/core_plugins/vis_type_vega/public/components/vega_vis_editor.tsx +++ b/src/legacy/core_plugins/vis_type_vega/public/components/vega_vis_editor.tsx @@ -25,10 +25,10 @@ import hjson from 'hjson'; import { i18n } from '@kbn/i18n'; import { toastNotifications } from 'ui/notify'; -import { VisOptionsProps } from 'ui/vis/editors/default'; import { VisParams } from '../vega_fn'; import { VegaHelpMenu } from './vega_help_menu'; import { VegaActionsMenu } from './vega_actions_menu'; +import { VisOptionsProps } from '../../../vis_default_editor/public'; const aceOptions = { maxLines: Infinity, diff --git a/src/legacy/core_plugins/vis_type_vega/public/vega_type.ts b/src/legacy/core_plugins/vis_type_vega/public/vega_type.ts index 81c98c6ddb96b..a7ca0dd3bb349 100644 --- a/src/legacy/core_plugins/vis_type_vega/public/vega_type.ts +++ b/src/legacy/core_plugins/vis_type_vega/public/vega_type.ts @@ -20,8 +20,8 @@ import { i18n } from '@kbn/i18n'; // @ts-ignore import { defaultFeedbackMessage } from 'ui/vis/default_feedback_message'; -import { Status, DefaultEditorSize } from '../../visualizations/public'; - +import { Status } from '../../visualizations/public'; +import { DefaultEditorSize } from '../../vis_default_editor/public'; import { VegaVisualizationDependencies } from './plugin'; import { VegaVisEditor } from './components'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/common/basic_options.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/common/basic_options.tsx index 229945621fe76..1138f66d21cfa 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/common/basic_options.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/common/basic_options.tsx @@ -20,7 +20,7 @@ import React from 'react'; import { i18n } from '@kbn/i18n'; -import { VisOptionsProps } from '../../legacy_imports'; +import { VisOptionsProps } from '../../../../vis_default_editor/public'; import { SwitchOption } from './switch'; import { SelectOption } from './select'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/common/color_ranges.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/common/color_ranges.tsx index 1373a6d45b6a5..2c9b1b543e8c2 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/common/color_ranges.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/common/color_ranges.tsx @@ -22,7 +22,7 @@ import { last } from 'lodash'; import { i18n } from '@kbn/i18n'; -import { RangeValues, RangesParamEditor } from '../../legacy_imports'; +import { RangeValues, RangesParamEditor } from '../../../../vis_default_editor/public'; export type SetColorRangeValue = (paramName: string, value: RangeValues[]) => void; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/common/color_schema.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/common/color_schema.tsx index 48553da90b649..06ce0a2b4af64 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/common/color_schema.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/common/color_schema.tsx @@ -22,7 +22,7 @@ import { i18n } from '@kbn/i18n'; import { EuiLink, EuiText } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n/react'; -import { VisOptionsProps } from '../../legacy_imports'; +import { VisOptionsProps } from '../../../../vis_default_editor/public'; import { SelectOption } from './select'; import { SwitchOption } from './switch'; import { ColorSchemaVislibParams } from '../../types'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/common/validation_wrapper.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/common/validation_wrapper.tsx index b38c65d086823..9e1d5ea5ae38f 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/common/validation_wrapper.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/common/validation_wrapper.tsx @@ -19,7 +19,7 @@ import React, { useEffect, useState, useCallback } from 'react'; -import { VisOptionsProps } from '../../legacy_imports'; +import { VisOptionsProps } from '../../../../vis_default_editor/public'; export interface ValidationVisOptionsProps extends VisOptionsProps { setMultipleValidity(paramName: string, isValid: boolean): void; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/gauge/index.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/gauge/index.tsx index 2ba4319a82a95..706035a7b814e 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/gauge/index.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/gauge/index.tsx @@ -20,7 +20,7 @@ import React, { useCallback } from 'react'; import { EuiSpacer } from '@elastic/eui'; -import { VisOptionsProps } from '../../../legacy_imports'; +import { VisOptionsProps } from '../../../../../vis_default_editor/public'; import { GaugeVisParams } from '../../../gauge'; import { RangesPanel } from './ranges_panel'; import { StylePanel } from './style_panel'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/gauge/style_panel.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/gauge/style_panel.tsx index 7a63b17850dd6..9ed270257c559 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/gauge/style_panel.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/gauge/style_panel.tsx @@ -22,9 +22,9 @@ import { EuiPanel, EuiSpacer, EuiTitle } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { AggGroupNames } from '../../../legacy_imports'; import { SelectOption } from '../../common'; import { GaugeOptionsInternalProps } from '.'; +import { AggGroupNames } from '../../../legacy_imports'; function StylePanel({ aggs, setGaugeValue, stateParams, vis }: GaugeOptionsInternalProps) { const diasableAlignment = diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/heatmap/index.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/heatmap/index.tsx index 5c4d7c7d297ba..452b9ed9bdbb1 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/heatmap/index.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/heatmap/index.tsx @@ -23,7 +23,7 @@ import { EuiPanel, EuiSpacer, EuiTitle } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { VisOptionsProps } from '../../../legacy_imports'; +import { VisOptionsProps } from '../../../../../vis_default_editor/public'; import { BasicOptions, ColorRanges, diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/heatmap/labels_panel.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/heatmap/labels_panel.tsx index 61758198dd61b..c74f0ef765c8d 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/heatmap/labels_panel.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/heatmap/labels_panel.tsx @@ -23,7 +23,7 @@ import { EuiColorPicker, EuiFormRow, EuiPanel, EuiSpacer, EuiTitle } from '@elas import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { VisOptionsProps } from '../../../legacy_imports'; +import { VisOptionsProps } from '../../../../../vis_default_editor/public'; import { ValueAxis } from '../../../types'; import { HeatmapVisParams } from '../../../heatmap'; import { SwitchOption } from '../../common'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/category_axis_panel.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/category_axis_panel.tsx index b4bd168ece95a..a19a300960abd 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/category_axis_panel.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/category_axis_panel.tsx @@ -23,7 +23,7 @@ import { EuiPanel, EuiTitle, EuiSpacer } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { VisOptionsProps } from '../../../legacy_imports'; +import { VisOptionsProps } from '../../../../../vis_default_editor/public'; import { BasicVislibParams, Axis } from '../../../types'; import { SelectOption, SwitchOption } from '../../common'; import { LabelOptions } from './label_options'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/chart_options.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/chart_options.tsx index 13a8a974deea3..399028a1128a9 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/chart_options.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/chart_options.tsx @@ -22,7 +22,7 @@ import React, { useMemo, useCallback } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiFlexGroup, EuiFlexItem, EuiSpacer } from '@elastic/eui'; -import { VisOptionsProps } from '../../../legacy_imports'; +import { VisOptionsProps } from '../../../../../vis_default_editor/public'; import { BasicVislibParams, SeriesParam, ValueAxis } from '../../../types'; import { ChartTypes } from '../../../utils/collections'; import { SelectOption } from '../../common'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/label_options.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/label_options.tsx index 5bc113c589d2b..2dc5889090dca 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/label_options.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/label_options.tsx @@ -23,7 +23,7 @@ import { EuiTitle, EuiFlexGroup, EuiFlexItem, EuiSpacer } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { VisOptionsProps } from '../../../legacy_imports'; +import { VisOptionsProps } from '../../../../../vis_default_editor/public'; import { BasicVislibParams, Axis } from '../../../types'; import { SelectOption, SwitchOption, TruncateLabelsOption } from '../../common'; import { getRotateOptions } from '../../../utils/collections'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/line_options.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/line_options.tsx index 4de2c31a04c9d..a53d21b121f7d 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/line_options.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/line_options.tsx @@ -22,7 +22,7 @@ import React, { useCallback } from 'react'; import { i18n } from '@kbn/i18n'; import { EuiFlexGroup, EuiFlexItem, EuiSpacer } from '@elastic/eui'; -import { Vis } from '../../../legacy_imports'; +import { Vis } from 'src/legacy/core_plugins/visualizations/public'; import { SeriesParam } from '../../../types'; import { NumberInputOption, SelectOption, SwitchOption } from '../../common'; import { SetChart } from './chart_options'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/series_panel.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/series_panel.tsx index a976a7966b012..db28256816f8d 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/series_panel.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/metrics_axes/series_panel.tsx @@ -23,7 +23,7 @@ import { EuiPanel, EuiTitle, EuiSpacer, EuiAccordion } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { VisOptionsProps } from '../../../legacy_imports'; +import { VisOptionsProps } from '../../../../../vis_default_editor/public'; import { BasicVislibParams } from '../../../types'; import { ChartOptions } from './chart_options'; import { SetParamByIndex, ChangeValueAxis } from './'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/pie.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/pie.tsx index 89606ec6f45d5..2182edafb3ebf 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/pie.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/pie.tsx @@ -22,7 +22,7 @@ import { EuiPanel, EuiTitle, EuiSpacer } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { VisOptionsProps } from '../../legacy_imports'; +import { VisOptionsProps } from '../../../../vis_default_editor/public'; import { BasicOptions, TruncateLabelsOption, SwitchOption } from '../common'; import { PieVisParams } from '../../pie'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/components/options/point_series/grid_panel.tsx b/src/legacy/core_plugins/vis_type_vislib/public/components/options/point_series/grid_panel.tsx index 0c604a03fb4db..82cb2688543c3 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/components/options/point_series/grid_panel.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/components/options/point_series/grid_panel.tsx @@ -22,7 +22,7 @@ import { EuiPanel, EuiTitle, EuiSpacer } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n/react'; -import { VisOptionsProps } from '../../../legacy_imports'; +import { VisOptionsProps } from '../../../../../vis_default_editor/public'; import { SelectOption, SwitchOption } from '../../common'; import { BasicVislibParams, ValueAxis } from '../../../types'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/gauge.ts b/src/legacy/core_plugins/vis_type_vislib/public/gauge.ts index e502bcc632199..c78925d5316b0 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/gauge.ts +++ b/src/legacy/core_plugins/vis_type_vislib/public/gauge.ts @@ -19,7 +19,8 @@ import { i18n } from '@kbn/i18n'; -import { Schemas, AggGroupNames, RangeValues } from './legacy_imports'; +import { RangeValues } from '../../vis_default_editor/public'; +import { Schemas, AggGroupNames } from './legacy_imports'; import { GaugeOptions } from './components/options'; import { getGaugeCollections, Alignments, ColorModes, GaugeTypes } from './utils/collections'; import { createVislibVisController } from './vis_controller'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/heatmap.ts b/src/legacy/core_plugins/vis_type_vislib/public/heatmap.ts index cbb255d58d7bf..e2da7a3515deb 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/heatmap.ts +++ b/src/legacy/core_plugins/vis_type_vislib/public/heatmap.ts @@ -19,7 +19,8 @@ import { i18n } from '@kbn/i18n'; -import { Schemas, AggGroupNames, RangeValues } from './legacy_imports'; +import { RangeValues } from '../../vis_default_editor/public'; +import { Schemas, AggGroupNames } from './legacy_imports'; import { AxisTypes, getHeatmapCollections, Positions, ScaleTypes } from './utils/collections'; import { HeatmapOptions } from './components/options'; import { createVislibVisController } from './vis_controller'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/legacy_imports.ts b/src/legacy/core_plugins/vis_type_vislib/public/legacy_imports.ts index 5e72dbff7ef61..df7278f2b761f 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/legacy_imports.ts +++ b/src/legacy/core_plugins/vis_type_vislib/public/legacy_imports.ts @@ -17,11 +17,7 @@ * under the License. */ -export { AggGroupNames, VisOptionsProps } from 'ui/vis/editors/default'; -export { Schemas } from 'ui/vis/editors/default/schemas'; -export { RangeValues, RangesParamEditor } from 'ui/vis/editors/default/controls/ranges'; -export { AggConfig, Vis, VisParams } from 'ui/vis'; -export { AggType } from 'ui/agg_types'; +export { AggType, AggConfig, AggGroupNames, Schemas } from 'ui/agg_types'; // @ts-ignore export { SimpleEmitter } from 'ui/utils/simple_emitter'; // @ts-ignore diff --git a/src/legacy/core_plugins/vis_type_vislib/public/utils/common_config.tsx b/src/legacy/core_plugins/vis_type_vislib/public/utils/common_config.tsx index e2f6ba0d8b562..6da40686a8b50 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/utils/common_config.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/utils/common_config.tsx @@ -20,7 +20,7 @@ import React from 'react'; import { i18n } from '@kbn/i18n'; -import { VisOptionsProps } from '../legacy_imports'; +import { VisOptionsProps } from '../../../vis_default_editor/public'; import { PointSeriesOptions, MetricsAxisOptions } from '../components/options'; import { ValidationWrapper } from '../components/common'; import { BasicVislibParams } from '../types'; diff --git a/src/legacy/core_plugins/vis_type_vislib/public/vis_controller.tsx b/src/legacy/core_plugins/vis_type_vislib/public/vis_controller.tsx index aa23dfe2e5614..580e47195aada 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/vis_controller.tsx +++ b/src/legacy/core_plugins/vis_type_vislib/public/vis_controller.tsx @@ -20,13 +20,13 @@ import $ from 'jquery'; import React, { RefObject } from 'react'; -import { Vis, VisParams } from './legacy_imports'; // @ts-ignore import { Vis as Vislib } from './vislib/vis'; import { Positions } from './utils/collections'; import { VisTypeVislibDependencies } from './plugin'; import { mountReactNode } from '../../../../core/public/utils'; import { VisLegend, CUSTOM_LEGEND_VIS_TYPES } from './vislib/components/legend'; +import { VisParams, Vis } from '../../visualizations/public'; const legendClassName = { top: 'visLib--legend-top', diff --git a/src/legacy/core_plugins/vis_type_vislib/public/vislib/__tests__/visualizations/pie_chart.js b/src/legacy/core_plugins/vis_type_vislib/public/vislib/__tests__/visualizations/pie_chart.js index 54415d65d4514..e4da572259b69 100644 --- a/src/legacy/core_plugins/vis_type_vislib/public/vislib/__tests__/visualizations/pie_chart.js +++ b/src/legacy/core_plugins/vis_type_vislib/public/vislib/__tests__/visualizations/pie_chart.js @@ -25,8 +25,9 @@ import expect from '@kbn/expect'; import fixtures from 'fixtures/fake_hierarchical_data'; import FixturesStubbedLogstashIndexPatternProvider from 'fixtures/stubbed_logstash_index_pattern'; +import { Vis } from '../../../../../visualizations/public'; import { getVis, getMockUiState } from '../lib/fixtures/_vis_fixture'; -import { Vis, tabifyAggResponse } from '../../../legacy_imports'; +import { tabifyAggResponse } from '../../../legacy_imports'; import { vislibSlicesResponseHandler } from '../../response_handler'; const rowAgg = [ diff --git a/src/legacy/core_plugins/visualizations/index.ts b/src/legacy/core_plugins/visualizations/index.ts index a2779cfe4346d..3c22f22f63682 100644 --- a/src/legacy/core_plugins/visualizations/index.ts +++ b/src/legacy/core_plugins/visualizations/index.ts @@ -24,7 +24,7 @@ export const visualizations: LegacyPluginInitializer = kibana => new kibana.Plugin({ id: 'visualizations', publicDir: resolve(__dirname, 'public'), - require: [], + require: ['vis_default_editor'], uiExports: { styleSheetPaths: resolve(__dirname, 'public/index.scss'), }, diff --git a/src/legacy/ui/public/visualize/loader/utils/query_geohash_bounds.ts b/src/legacy/core_plugins/visualizations/public/embeddable/query_geohash_bounds.ts similarity index 91% rename from src/legacy/ui/public/visualize/loader/utils/query_geohash_bounds.ts rename to src/legacy/core_plugins/visualizations/public/embeddable/query_geohash_bounds.ts index 0ae8771dd9469..46ade8ce465c0 100644 --- a/src/legacy/ui/public/visualize/loader/utils/query_geohash_bounds.ts +++ b/src/legacy/core_plugins/visualizations/public/embeddable/query_geohash_bounds.ts @@ -21,15 +21,10 @@ import { i18n } from '@kbn/i18n'; import { get } from 'lodash'; import { toastNotifications } from 'ui/notify'; -import { AggConfig } from 'ui/vis'; +import { AggConfig } from 'ui/agg_types'; import { timefilter } from 'ui/timefilter'; -import { Vis } from '../../../vis'; -import { - esFilters, - Query, - SearchSource, - ISearchSource, -} from '../../../../../../plugins/data/public'; +import { Vis } from '../np_ready/public'; +import { esFilters, Query, SearchSource, ISearchSource } from '../../../../../plugins/data/public'; interface QueryGeohashBoundsParams { filters?: esFilters.Filter[]; @@ -97,7 +92,7 @@ export async function queryGeohashBounds(vis: Vis, params: QueryGeohashBoundsPar return get(esResp, 'aggregations.1.bounds'); } catch (error) { toastNotifications.addDanger({ - title: i18n.translate('common.ui.visualize.queryGeohashBounds.unableToGetBoundErrorTitle', { + title: i18n.translate('visualizations.queryGeohashBounds.unableToGetBoundErrorTitle', { defaultMessage: 'Unable to get bounds', }), text: `${error.message}`, diff --git a/src/legacy/core_plugins/visualizations/public/embeddable/visualize_embeddable.ts b/src/legacy/core_plugins/visualizations/public/embeddable/visualize_embeddable.ts index 557035b91367e..2af468ff77de6 100644 --- a/src/legacy/core_plugins/visualizations/public/embeddable/visualize_embeddable.ts +++ b/src/legacy/core_plugins/visualizations/public/embeddable/visualize_embeddable.ts @@ -23,8 +23,6 @@ import { Subscription } from 'rxjs'; import * as Rx from 'rxjs'; import { buildPipeline } from 'ui/visualize/loader/pipeline_helpers'; import { SavedObject } from 'ui/saved_objects/types'; -import { Vis } from 'ui/vis'; -import { queryGeohashBounds } from 'ui/visualize/loader/utils'; import { getTableAggs } from 'ui/visualize/loader/pipeline_helpers/utilities'; import { AppState } from 'ui/state_management/app_state'; import { npStart } from 'ui/new_platform'; @@ -48,6 +46,8 @@ import { } from '../../../../../plugins/embeddable/public'; import { dispatchRenderComplete } from '../../../../../plugins/kibana_utils/public'; import { SavedSearch } from '../../../kibana/public/discover/np_ready/types'; +import { Vis } from '../np_ready/public'; +import { queryGeohashBounds } from './query_geohash_bounds'; const getKeys = (o: T): Array => Object.keys(o) as Array; diff --git a/src/legacy/core_plugins/visualizations/public/index.ts b/src/legacy/core_plugins/visualizations/public/index.ts index f38c03c50c307..4557cf9ab22f1 100644 --- a/src/legacy/core_plugins/visualizations/public/index.ts +++ b/src/legacy/core_plugins/visualizations/public/index.ts @@ -25,8 +25,6 @@ */ // @ts-ignore Used only by tsvb, vega, input control vis export { defaultFeedbackMessage } from 'ui/vis/default_feedback_message'; -// @ts-ignore -export { DefaultEditorSize } from 'ui/vis/editor_size'; /** * Static np-ready code, re-exported here so consumers can import from diff --git a/src/legacy/core_plugins/visualizations/public/legacy_imports.ts b/src/legacy/core_plugins/visualizations/public/legacy_imports.ts index fd40c831ce0ef..3088c4e67a3b7 100644 --- a/src/legacy/core_plugins/visualizations/public/legacy_imports.ts +++ b/src/legacy/core_plugins/visualizations/public/legacy_imports.ts @@ -26,7 +26,6 @@ export { } from '../../../ui/public/agg_types/buckets/date_histogram'; export { createFormat } from '../../../ui/public/visualize/loader/pipeline_helpers/utilities'; export { I18nContext } from '../../../ui/public/i18n'; -export { DefaultEditorController } from '../../../ui/public/vis/editors/default/default_editor_controller'; import chrome from '../../../ui/public/chrome'; export { chrome as legacyChrome }; import '../../../ui/public/directives/bind'; diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/public/mocks.ts b/src/legacy/core_plugins/visualizations/public/np_ready/public/mocks.ts index 4c1783408708a..fc85970b906ae 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/public/mocks.ts +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/mocks.ts @@ -19,7 +19,6 @@ jest.mock('ui/vis/vis_filters'); jest.mock('ui/vis/default_feedback_message'); -jest.mock('ui/vis/index.js'); jest.mock('ui/vis/vis_factory'); jest.mock('ui/registry/vis_types'); jest.mock('./types/vis_type_alias_registry'); diff --git a/src/legacy/core_plugins/visualizations/public/np_ready/public/types/base_vis_type.js b/src/legacy/core_plugins/visualizations/public/np_ready/public/types/base_vis_type.js index f849cbfb290ca..f62b3a0b393ac 100644 --- a/src/legacy/core_plugins/visualizations/public/np_ready/public/types/base_vis_type.js +++ b/src/legacy/core_plugins/visualizations/public/np_ready/public/types/base_vis_type.js @@ -20,7 +20,7 @@ import _ from 'lodash'; import { createFiltersFromEvent, onBrushEvent } from '../filters'; -import { DefaultEditorController } from '../../../legacy_imports'; +import { DefaultEditorController } from '../../../../../vis_default_editor/public'; export class BaseVisType { constructor(opts = {}) { diff --git a/src/legacy/core_plugins/visualizations/public/saved_visualizations/_saved_vis.ts b/src/legacy/core_plugins/visualizations/public/saved_visualizations/_saved_vis.ts index b501c8b68484f..ca2305a9cc91c 100644 --- a/src/legacy/core_plugins/visualizations/public/saved_visualizations/_saved_vis.ts +++ b/src/legacy/core_plugins/visualizations/public/saved_visualizations/_saved_vis.ts @@ -24,11 +24,10 @@ * * NOTE: It's a type of SavedObject, but specific to visualizations. */ -// @ts-ignore -import { Vis } from 'ui/vis'; import { SavedObject, SavedObjectKibanaServices } from 'ui/saved_objects/types'; import { createSavedObjectClass } from 'ui/saved_objects/saved_object'; -import { updateOldState } from '../index'; +// @ts-ignore +import { updateOldState, Vis } from '../index'; import { extractReferences, injectReferences } from './saved_visualization_references'; import { IIndexPattern } from '../../../../../plugins/data/public'; import { VisSavedObject } from '../embeddable/visualize_embeddable'; diff --git a/src/legacy/ui/public/agg_response/tabify/__tests__/_get_columns.js b/src/legacy/ui/public/agg_response/tabify/__tests__/_get_columns.js index e2cb920539f20..56536a2e5b536 100644 --- a/src/legacy/ui/public/agg_response/tabify/__tests__/_get_columns.js +++ b/src/legacy/ui/public/agg_response/tabify/__tests__/_get_columns.js @@ -20,7 +20,7 @@ import expect from '@kbn/expect'; import ngMock from 'ng_mock'; import { tabifyGetColumns } from '../_get_columns'; -import { Vis } from '../../../vis'; +import { Vis } from '../../../../../core_plugins/visualizations/public'; import FixturesStubbedLogstashIndexPatternProvider from 'fixtures/stubbed_logstash_index_pattern'; describe('get columns', function() { let indexPattern; diff --git a/src/legacy/ui/public/agg_response/tabify/__tests__/_integration.js b/src/legacy/ui/public/agg_response/tabify/__tests__/_integration.js index c5162fef01641..c7c328000772b 100644 --- a/src/legacy/ui/public/agg_response/tabify/__tests__/_integration.js +++ b/src/legacy/ui/public/agg_response/tabify/__tests__/_integration.js @@ -22,7 +22,7 @@ import fixtures from 'fixtures/fake_hierarchical_data'; import expect from '@kbn/expect'; import ngMock from 'ng_mock'; import { tabifyAggResponse } from '../tabify'; -import { Vis } from '../../../vis'; +import { Vis } from '../../../../../core_plugins/visualizations/public'; import FixturesStubbedLogstashIndexPatternProvider from 'fixtures/stubbed_logstash_index_pattern'; describe('tabifyAggResponse Integration', function() { diff --git a/src/legacy/ui/public/agg_response/tabify/__tests__/_response_writer.js b/src/legacy/ui/public/agg_response/tabify/__tests__/_response_writer.js index 260dcdcf6edc0..ced495ef23c36 100644 --- a/src/legacy/ui/public/agg_response/tabify/__tests__/_response_writer.js +++ b/src/legacy/ui/public/agg_response/tabify/__tests__/_response_writer.js @@ -20,7 +20,7 @@ import expect from '@kbn/expect'; import ngMock from 'ng_mock'; import { TabbedAggResponseWriter } from '../_response_writer'; -import { Vis } from '../../../vis'; +import { Vis } from '../../../../../core_plugins/visualizations/public'; import FixturesStubbedLogstashIndexPatternProvider from 'fixtures/stubbed_logstash_index_pattern'; describe('TabbedAggResponseWriter class', function() { diff --git a/src/legacy/ui/public/agg_response/tabify/_get_columns.ts b/src/legacy/ui/public/agg_response/tabify/_get_columns.ts index 80facc978d4d1..a3127c039049b 100644 --- a/src/legacy/ui/public/agg_response/tabify/_get_columns.ts +++ b/src/legacy/ui/public/agg_response/tabify/_get_columns.ts @@ -18,7 +18,7 @@ */ import { groupBy } from 'lodash'; -import { AggConfig } from '../../vis/'; +import { AggConfig } from '../../agg_types'; export interface AggColumn { aggConfig: AggConfig; diff --git a/src/legacy/ui/public/agg_types/__tests__/buckets/_terms_other_bucket_helper.js b/src/legacy/ui/public/agg_types/__tests__/buckets/_terms_other_bucket_helper.js index 3f66299902721..acf932c1fb451 100644 --- a/src/legacy/ui/public/agg_types/__tests__/buckets/_terms_other_bucket_helper.js +++ b/src/legacy/ui/public/agg_types/__tests__/buckets/_terms_other_bucket_helper.js @@ -24,7 +24,7 @@ import { mergeOtherBucketAggResponse, updateMissingBucket, } from '../../buckets/_terms_other_bucket_helper'; -import { Vis } from '../../../vis'; +import { Vis } from '../../../../../core_plugins/visualizations/public'; import FixturesStubbedLogstashIndexPatternProvider from 'fixtures/stubbed_logstash_index_pattern'; const visConfigSingleTerm = { diff --git a/src/legacy/ui/public/agg_types/agg_config.ts b/src/legacy/ui/public/agg_types/agg_config.ts index efe286c41e17c..3f88c540be164 100644 --- a/src/legacy/ui/public/agg_types/agg_config.ts +++ b/src/legacy/ui/public/agg_types/agg_config.ts @@ -28,10 +28,10 @@ import _ from 'lodash'; import { i18n } from '@kbn/i18n'; import { npStart } from 'ui/new_platform'; import { AggType } from './agg_type'; -import { AggGroupNames } from '../vis/editors/default/agg_groups'; +import { AggGroupNames } from './agg_groups'; import { writeParams } from './agg_params'; import { AggConfigs } from './agg_configs'; -import { Schema } from '../vis/editors/default/schemas'; +import { Schema } from './schemas'; import { ISearchSource, FetchOptions, diff --git a/src/legacy/ui/public/agg_types/agg_configs.ts b/src/legacy/ui/public/agg_types/agg_configs.ts index 0320cbd43fca7..47e2222abe1e8 100644 --- a/src/legacy/ui/public/agg_types/agg_configs.ts +++ b/src/legacy/ui/public/agg_types/agg_configs.ts @@ -27,11 +27,15 @@ */ import _ from 'lodash'; -import { TimeRange } from 'src/plugins/data/public'; -import { Schema } from '../vis/editors/default/schemas'; import { AggConfig, AggConfigOptions } from './agg_config'; -import { AggGroupNames } from '../vis/editors/default/agg_groups'; -import { IndexPattern, ISearchSource, FetchOptions } from '../../../../plugins/data/public'; +import { Schema } from './schemas'; +import { AggGroupNames } from './agg_groups'; +import { + IndexPattern, + ISearchSource, + FetchOptions, + TimeRange, +} from '../../../../plugins/data/public'; type Schemas = Record; diff --git a/src/legacy/ui/public/vis/editors/default/agg_groups.ts b/src/legacy/ui/public/agg_types/agg_groups.ts similarity index 86% rename from src/legacy/ui/public/vis/editors/default/agg_groups.ts rename to src/legacy/ui/public/agg_types/agg_groups.ts index e84306144fa63..d08e875bf213e 100644 --- a/src/legacy/ui/public/vis/editors/default/agg_groups.ts +++ b/src/legacy/ui/public/agg_types/agg_groups.ts @@ -28,10 +28,10 @@ export const AggGroupNames = Object.freeze({ export type AggGroupNames = $Values; export const aggGroupNamesMap = () => ({ - [AggGroupNames.Metrics]: i18n.translate('common.ui.vis.editors.aggGroups.metricsText', { + [AggGroupNames.Metrics]: i18n.translate('common.ui.aggTypes.aggGroups.metricsText', { defaultMessage: 'Metrics', }), - [AggGroupNames.Buckets]: i18n.translate('common.ui.vis.editors.aggGroups.bucketsText', { + [AggGroupNames.Buckets]: i18n.translate('common.ui.aggTypes.aggGroups.bucketsText', { defaultMessage: 'Buckets', }), }); diff --git a/src/legacy/ui/public/agg_types/agg_type.ts b/src/legacy/ui/public/agg_types/agg_type.ts index a590a253d8a6c..7ec688277b9c4 100644 --- a/src/legacy/ui/public/agg_types/agg_type.ts +++ b/src/legacy/ui/public/agg_types/agg_type.ts @@ -22,7 +22,7 @@ import { i18n } from '@kbn/i18n'; import { npStart } from 'ui/new_platform'; import { initParams } from './agg_params'; -import { AggConfig } from '../vis'; +import { AggConfig } from './agg_config'; import { AggConfigs } from './agg_configs'; import { Adapters } from '../../../../plugins/inspector/public'; import { BaseParamType } from './param_types/base'; @@ -79,6 +79,7 @@ export class AggType< name: string; type: string; + subtype?: string; /** * the name of the elasticsearch aggregation that this aggType represents. Usually just this.name * diff --git a/src/legacy/ui/public/agg_types/buckets/_bucket_agg_type.ts b/src/legacy/ui/public/agg_types/buckets/_bucket_agg_type.ts index ed332ea420bcc..9b7c97a8f11b6 100644 --- a/src/legacy/ui/public/agg_types/buckets/_bucket_agg_type.ts +++ b/src/legacy/ui/public/agg_types/buckets/_bucket_agg_type.ts @@ -17,7 +17,7 @@ * under the License. */ -import { AggConfig } from '../../vis'; +import { AggConfig } from '../agg_config'; import { KBN_FIELD_TYPES } from '../../../../../plugins/data/public'; import { AggType, AggTypeConfig } from '../agg_type'; import { AggParamType } from '../param_types/agg'; diff --git a/src/legacy/ui/public/agg_types/buckets/_terms_other_bucket_helper.js b/src/legacy/ui/public/agg_types/buckets/_terms_other_bucket_helper.js index d0d712704964b..c8580183756f4 100644 --- a/src/legacy/ui/public/agg_types/buckets/_terms_other_bucket_helper.js +++ b/src/legacy/ui/public/agg_types/buckets/_terms_other_bucket_helper.js @@ -18,8 +18,8 @@ */ import _ from 'lodash'; -import { AggGroupNames } from '../../vis/editors/default/agg_groups'; import { esFilters, esQuery } from '../../../../../plugins/data/public'; +import { AggGroupNames } from '../agg_groups'; /** * walks the aggregation DSL and returns DSL starting at aggregation with id of startFromAggId diff --git a/src/legacy/ui/public/agg_types/buckets/bucket_agg_types.ts b/src/legacy/ui/public/agg_types/buckets/bucket_agg_types.ts index ccd8e28a4ed68..a1321722cf294 100644 --- a/src/legacy/ui/public/agg_types/buckets/bucket_agg_types.ts +++ b/src/legacy/ui/public/agg_types/buckets/bucket_agg_types.ts @@ -19,6 +19,7 @@ export enum BUCKET_TYPES { FILTER = 'filter', + FILTERS = 'filters', HISTOGRAM = 'histogram', IP_RANGE = 'ip_range', DATE_RANGE = 'date_range', diff --git a/src/legacy/ui/public/agg_types/buckets/date_histogram.ts b/src/legacy/ui/public/agg_types/buckets/date_histogram.ts index 45122a24c8184..33672b54b1f2e 100644 --- a/src/legacy/ui/public/agg_types/buckets/date_histogram.ts +++ b/src/legacy/ui/public/agg_types/buckets/date_histogram.ts @@ -26,10 +26,7 @@ import { BucketAggType, IBucketAggConfig } from './_bucket_agg_type'; import { BUCKET_TYPES } from './bucket_agg_types'; import { createFilterDateHistogram } from './create_filter/date_histogram'; import { intervalOptions } from './_interval_options'; -import { TimeIntervalParamEditor } from '../../vis/editors/default/controls/time_interval'; import { timefilter } from '../../timefilter'; -import { DropPartialsParamEditor } from '../../vis/editors/default/controls/drop_partials'; -import { ScaleMetricsParamEditor } from '../../vis/editors/default/controls/scale_metrics'; import { dateHistogramInterval } from '../../../../core_plugins/data/public'; import { writeParams } from '../agg_params'; import { isMetricAggType } from '../metrics/metric_agg_type'; @@ -144,11 +141,9 @@ export const dateHistogramBucketAgg = new BucketAggType { const field = agg.params.field; return field && field.name && field.name === agg.getIndexPattern().timeFieldName; diff --git a/src/legacy/ui/public/agg_types/buckets/date_range.ts b/src/legacy/ui/public/agg_types/buckets/date_range.ts index 4144765b15068..ee04e0657f317 100644 --- a/src/legacy/ui/public/agg_types/buckets/date_range.ts +++ b/src/legacy/ui/public/agg_types/buckets/date_range.ts @@ -23,7 +23,6 @@ import { npStart } from 'ui/new_platform'; import { BUCKET_TYPES } from './bucket_agg_types'; import { BucketAggType, IBucketAggConfig } from './_bucket_agg_type'; import { createFilterDateRange } from './create_filter/date_range'; -import { DateRangesParamEditor } from '../../vis/editors/default/controls/date_ranges'; import { KBN_FIELD_TYPES, fieldFormats } from '../../../../../plugins/data/public'; @@ -75,7 +74,6 @@ export const dateRangeBucketAgg = new BucketAggType({ to: 'now', }, ], - editorComponent: DateRangesParamEditor, }, { name: 'time_zone', diff --git a/src/legacy/ui/public/agg_types/buckets/filters.ts b/src/legacy/ui/public/agg_types/buckets/filters.ts index 6e7f4e27b9e90..d9b78b3063e23 100644 --- a/src/legacy/ui/public/agg_types/buckets/filters.ts +++ b/src/legacy/ui/public/agg_types/buckets/filters.ts @@ -23,11 +23,11 @@ import angular from 'angular'; import { i18n } from '@kbn/i18n'; import chrome from 'ui/chrome'; -import { FiltersParamEditor, FilterValue } from '../../vis/editors/default/controls/filters'; import { createFilterFilters } from './create_filter/filters'; import { BucketAggType } from './_bucket_agg_type'; import { Storage } from '../../../../../plugins/kibana_utils/public'; -import { getQueryLog, esQuery } from '../../../../../plugins/data/public'; +import { getQueryLog, esQuery, Query } from '../../../../../plugins/data/public'; +import { BUCKET_TYPES } from './bucket_agg_types'; const config = chrome.getUiSettingsClient(); const storage = new Storage(window.localStorage); @@ -38,22 +38,32 @@ const filtersTitle = i18n.translate('common.ui.aggTypes.buckets.filtersTitle', { 'The name of an aggregation, that allows to specify multiple individual filters to group data by.', }); +interface FilterValue { + input: Query; + label: string; + id: string; +} + export const filtersBucketAgg = new BucketAggType({ - name: 'filters', + name: BUCKET_TYPES.FILTERS, title: filtersTitle, createFilter: createFilterFilters, customLabels: false, params: [ { name: 'filters', - editorComponent: FiltersParamEditor, default: [{ input: { query: '', language: config.get('search:queryLanguage') }, label: '' }], write(aggConfig, output) { const inFilters: FilterValue[] = aggConfig.params.filters; if (!_.size(inFilters)) return; inFilters.forEach(filter => { - const persistedLog = getQueryLog(config, storage, 'filtersAgg', filter.input.language); + const persistedLog = getQueryLog( + config, + storage, + 'vis_default_editor', + filter.input.language + ); persistedLog.add(filter.input.query); }); diff --git a/src/legacy/ui/public/agg_types/buckets/geo_hash.ts b/src/legacy/ui/public/agg_types/buckets/geo_hash.ts index 8e39a464b9adf..b2519df6fb175 100644 --- a/src/legacy/ui/public/agg_types/buckets/geo_hash.ts +++ b/src/legacy/ui/public/agg_types/buckets/geo_hash.ts @@ -21,15 +21,11 @@ import { i18n } from '@kbn/i18n'; import { geohashColumns } from 'ui/vis/map/decode_geo_hash'; import chrome from '../../chrome'; import { BucketAggType, IBucketAggConfig } from './_bucket_agg_type'; -import { AutoPrecisionParamEditor } from '../../vis/editors/default/controls/auto_precision'; -import { UseGeocentroidParamEditor } from '../../vis/editors/default/controls/use_geocentroid'; -import { IsFilteredByCollarParamEditor } from '../../vis/editors/default/controls/is_filtered_by_collar'; -import { PrecisionParamEditor } from '../../vis/editors/default/controls/precision'; -import { AggGroupNames } from '../../vis/editors/default/agg_groups'; import { KBN_FIELD_TYPES } from '../../../../../plugins/data/public'; import { geoContains, scaleBounds, GeoBoundingBox } from './lib/geo_utils'; import { BUCKET_TYPES } from './bucket_agg_types'; +import { AggGroupNames } from '../agg_groups'; const config = chrome.getUiSettingsClient(); @@ -95,13 +91,11 @@ export const geoHashBucketAgg = new BucketAggType({ }, { name: 'autoPrecision', - editorComponent: AutoPrecisionParamEditor, default: true, write: () => {}, }, { name: 'precision', - editorComponent: PrecisionParamEditor, default: defaultPrecision, deserialize: getPrecision, write(aggConfig, output) { @@ -114,13 +108,11 @@ export const geoHashBucketAgg = new BucketAggType({ }, { name: 'useGeocentroid', - editorComponent: UseGeocentroidParamEditor, default: true, write: () => {}, }, { name: 'isFilteredByCollar', - editorComponent: IsFilteredByCollarParamEditor, default: true, write: () => {}, }, diff --git a/src/legacy/ui/public/agg_types/buckets/histogram.ts b/src/legacy/ui/public/agg_types/buckets/histogram.ts index 623cffe4915ad..44327c7c19e6d 100644 --- a/src/legacy/ui/public/agg_types/buckets/histogram.ts +++ b/src/legacy/ui/public/agg_types/buckets/histogram.ts @@ -24,10 +24,6 @@ import { toastNotifications } from 'ui/notify'; import { npStart } from 'ui/new_platform'; import { BucketAggType, IBucketAggConfig } from './_bucket_agg_type'; import { createFilterHistogram } from './create_filter/histogram'; -import { NumberIntervalParamEditor } from '../../vis/editors/default/controls/number_interval'; -import { MinDocCountParamEditor } from '../../vis/editors/default/controls/min_doc_count'; -import { HasExtendedBoundsParamEditor } from '../../vis/editors/default/controls/has_extended_bounds'; -import { ExtendedBoundsParamEditor } from '../../vis/editors/default/controls/extended_bounds'; import { KBN_FIELD_TYPES } from '../../../../../plugins/data/public'; import { BUCKET_TYPES } from './bucket_agg_types'; @@ -88,7 +84,6 @@ export const histogramBucketAgg = new BucketAggType({ }, { name: 'interval', - editorComponent: NumberIntervalParamEditor, modifyAggConfigOnSearchRequestStart( aggConfig: IBucketHistogramAggConfig, searchSource: any, @@ -174,7 +169,6 @@ export const histogramBucketAgg = new BucketAggType({ { name: 'min_doc_count', default: false, - editorComponent: MinDocCountParamEditor, write(aggConfig, output) { if (aggConfig.params.min_doc_count) { output.params.min_doc_count = 0; @@ -186,7 +180,6 @@ export const histogramBucketAgg = new BucketAggType({ { name: 'has_extended_bounds', default: false, - editorComponent: HasExtendedBoundsParamEditor, write: () => {}, }, { @@ -195,7 +188,6 @@ export const histogramBucketAgg = new BucketAggType({ min: '', max: '', }, - editorComponent: ExtendedBoundsParamEditor, write(aggConfig, output) { const { min, max } = aggConfig.params.extended_bounds; diff --git a/src/legacy/ui/public/agg_types/buckets/ip_range.ts b/src/legacy/ui/public/agg_types/buckets/ip_range.ts index e730970b9ea05..41141dabf507c 100644 --- a/src/legacy/ui/public/agg_types/buckets/ip_range.ts +++ b/src/legacy/ui/public/agg_types/buckets/ip_range.ts @@ -21,8 +21,6 @@ import { noop, map, omit, isNull } from 'lodash'; import { i18n } from '@kbn/i18n'; import { npStart } from 'ui/new_platform'; import { BucketAggType } from './_bucket_agg_type'; -import { IpRangeTypeParamEditor } from '../../vis/editors/default/controls/ip_range_type'; -import { IpRangesParamEditor } from '../../vis/editors/default/controls/ip_ranges'; import { BUCKET_TYPES } from './bucket_agg_types'; // @ts-ignore @@ -74,7 +72,6 @@ export const ipRangeBucketAgg = new BucketAggType({ }, { name: 'ipRangeType', - editorComponent: IpRangeTypeParamEditor, default: 'fromTo', write: noop, }, @@ -87,7 +84,6 @@ export const ipRangeBucketAgg = new BucketAggType({ ], mask: [{ mask: '0.0.0.0/1' }, { mask: '128.0.0.0/2' }], }, - editorComponent: IpRangesParamEditor, write(aggConfig, output) { const ipRangeType = aggConfig.params.ipRangeType; let ranges = aggConfig.params.ranges[ipRangeType]; diff --git a/src/legacy/ui/public/agg_types/buckets/range.ts b/src/legacy/ui/public/agg_types/buckets/range.ts index 7f93127d948ce..f24473e0c68aa 100644 --- a/src/legacy/ui/public/agg_types/buckets/range.ts +++ b/src/legacy/ui/public/agg_types/buckets/range.ts @@ -21,9 +21,6 @@ import { i18n } from '@kbn/i18n'; import { BucketAggType } from './_bucket_agg_type'; import { fieldFormats, KBN_FIELD_TYPES } from '../../../../../plugins/data/public'; import { RangeKey } from './range_key'; -import { RangesEditor } from './range_editor'; - -// @ts-ignore import { createFilterRange } from './create_filter/range'; import { BUCKET_TYPES } from './bucket_agg_types'; @@ -100,7 +97,6 @@ export const rangeBucketAgg = new BucketAggType({ { from: 0, to: 1000 }, { from: 1000, to: 2000 }, ], - editorComponent: RangesEditor, write(aggConfig, output) { output.params.ranges = aggConfig.params.ranges; output.params.keyed = true; diff --git a/src/legacy/ui/public/agg_types/buckets/significant_terms.ts b/src/legacy/ui/public/agg_types/buckets/significant_terms.ts index 128fd9e83e6fd..38ca0768d3bc1 100644 --- a/src/legacy/ui/public/agg_types/buckets/significant_terms.ts +++ b/src/legacy/ui/public/agg_types/buckets/significant_terms.ts @@ -18,7 +18,6 @@ */ import { i18n } from '@kbn/i18n'; -import { SizeParamEditor } from '../../vis/editors/default/controls/size'; import { BucketAggType } from './_bucket_agg_type'; import { createFilterTerms } from './create_filter/terms'; import { isStringType, migrateIncludeExcludeFormat } from './migrate_include_exclude_format'; @@ -51,7 +50,6 @@ export const significantTermsBucketAgg = new BucketAggType({ }, { name: 'size', - editorComponent: SizeParamEditor, default: '', }, { diff --git a/src/legacy/ui/public/agg_types/buckets/terms.ts b/src/legacy/ui/public/agg_types/buckets/terms.ts index 3a7a529700239..4ced1417402b5 100644 --- a/src/legacy/ui/public/agg_types/buckets/terms.ts +++ b/src/legacy/ui/public/agg_types/buckets/terms.ts @@ -27,37 +27,44 @@ import { BucketAggType } from './_bucket_agg_type'; import { BUCKET_TYPES } from './bucket_agg_types'; import { IBucketAggConfig } from './_bucket_agg_type'; import { createFilterTerms } from './create_filter/terms'; -import { wrapWithInlineComp } from './inline_comp_wrapper'; import { isStringType, migrateIncludeExcludeFormat } from './migrate_include_exclude_format'; -import { OrderAggParamEditor } from '../../vis/editors/default/controls/order_agg'; -import { OrderParamEditor } from '../../vis/editors/default/controls/order'; -import { OrderByParamEditor, aggFilter } from '../../vis/editors/default/controls/order_by'; -import { SizeParamEditor } from '../../vis/editors/default/controls/size'; -import { MissingBucketParamEditor } from '../../vis/editors/default/controls/missing_bucket'; -import { OtherBucketParamEditor } from '../../vis/editors/default/controls/other_bucket'; import { AggConfigs } from '../agg_configs'; import { Adapters } from '../../../../../plugins/inspector/public'; import { ISearchSource, fieldFormats, KBN_FIELD_TYPES } from '../../../../../plugins/data/public'; -// @ts-ignore -import { Schemas } from '../../vis/editors/default/schemas'; - import { buildOtherBucketAgg, mergeOtherBucketAggResponse, updateMissingBucket, // @ts-ignore } from './_terms_other_bucket_helper'; +import { Schemas } from '../schemas'; +import { AggGroupNames } from '../agg_groups'; + +export const termsAggFilter = [ + '!top_hits', + '!percentiles', + '!median', + '!std_dev', + '!derivative', + '!moving_avg', + '!serial_diff', + '!cumulative_sum', + '!avg_bucket', + '!max_bucket', + '!min_bucket', + '!sum_bucket', +]; const [orderAggSchema] = new Schemas([ { - group: 'none', + group: AggGroupNames.None, name: 'orderAgg', // This string is never visible to the user so it doesn't need to be translated title: 'Order Agg', hideCustomLabel: true, - aggFilter, + aggFilter: termsAggFilter, }, ]).all; @@ -145,14 +152,12 @@ export const termsBucketAgg = new BucketAggType({ }, { name: 'orderBy', - editorComponent: OrderByParamEditor, write: noop, // prevent default write, it's handled by orderAgg }, { name: 'orderAgg', type: 'agg', default: null, - editorComponent: OrderAggParamEditor, makeAgg(termsAgg, state) { state = state || {}; state.schema = orderAggSchema; @@ -205,7 +210,6 @@ export const termsBucketAgg = new BucketAggType({ name: 'order', type: 'optioned', default: 'desc', - editorComponent: wrapWithInlineComp(OrderParamEditor), options: [ { text: i18n.translate('common.ui.aggTypes.buckets.terms.orderDescendingTitle', { @@ -224,13 +228,11 @@ export const termsBucketAgg = new BucketAggType({ }, { name: 'size', - editorComponent: wrapWithInlineComp(SizeParamEditor), default: 5, }, { name: 'otherBucket', default: false, - editorComponent: OtherBucketParamEditor, write: noop, }, { @@ -248,7 +250,6 @@ export const termsBucketAgg = new BucketAggType({ { name: 'missingBucket', default: false, - editorComponent: MissingBucketParamEditor, write: noop, }, { diff --git a/src/legacy/ui/public/agg_types/filter/agg_type_filters.test.ts b/src/legacy/ui/public/agg_types/filter/agg_type_filters.test.ts index 517cee23e6be1..0344f304877f2 100644 --- a/src/legacy/ui/public/agg_types/filter/agg_type_filters.test.ts +++ b/src/legacy/ui/public/agg_types/filter/agg_type_filters.test.ts @@ -19,8 +19,7 @@ import { IndexPattern } from '../../../../../plugins/data/public'; import { AggTypeFilters } from './agg_type_filters'; -import { AggType } from '..'; -import { AggConfig } from '../../vis'; +import { AggConfig, AggType } from '..'; describe('AggTypeFilters', () => { let registry: AggTypeFilters; diff --git a/src/legacy/ui/public/agg_types/filter/agg_type_filters.ts b/src/legacy/ui/public/agg_types/filter/agg_type_filters.ts index 2388d458d4abb..2cc4a6e962214 100644 --- a/src/legacy/ui/public/agg_types/filter/agg_type_filters.ts +++ b/src/legacy/ui/public/agg_types/filter/agg_type_filters.ts @@ -16,9 +16,8 @@ * specific language governing permissions and limitations * under the License. */ -import { IndexPattern } from '../../../../../plugins/data/public'; -import { AggConfig } from '../../vis'; -import { AggType } from '..'; +import { IndexPattern } from 'src/plugins/data/public'; +import { AggType, AggConfig } from '..'; type AggTypeFilter = ( aggType: AggType, diff --git a/src/legacy/ui/public/agg_types/index.ts b/src/legacy/ui/public/agg_types/index.ts index e52640743a25b..ca7c2f82023c9 100644 --- a/src/legacy/ui/public/agg_types/index.ts +++ b/src/legacy/ui/public/agg_types/index.ts @@ -39,7 +39,7 @@ import { histogramBucketAgg } from './buckets/histogram'; import { rangeBucketAgg } from './buckets/range'; import { dateRangeBucketAgg } from './buckets/date_range'; import { ipRangeBucketAgg } from './buckets/ip_range'; -import { termsBucketAgg } from './buckets/terms'; +import { termsBucketAgg, termsAggFilter } from './buckets/terms'; import { filterBucketAgg } from './buckets/filter'; import { filtersBucketAgg } from './buckets/filters'; import { significantTermsBucketAgg } from './buckets/significant_terms'; @@ -94,6 +94,10 @@ export const aggTypes = { export { AggParam } from './agg_params'; export { AggConfig } from './agg_config'; export { AggConfigs } from './agg_configs'; +export { AggGroupNames, aggGroupNamesMap } from './agg_groups'; export { FieldParamType } from './param_types'; +export { BUCKET_TYPES } from './buckets/bucket_agg_types'; +export { METRIC_TYPES } from './metrics/metric_agg_types'; +export { ISchemas, Schema, Schemas } from './schemas'; -export { setBounds }; +export { setBounds, termsAggFilter }; diff --git a/src/legacy/ui/public/agg_types/metrics/lib/parent_pipeline_agg_helper.ts b/src/legacy/ui/public/agg_types/metrics/lib/parent_pipeline_agg_helper.ts index d177a62649d13..4d558e50304e6 100644 --- a/src/legacy/ui/public/agg_types/metrics/lib/parent_pipeline_agg_helper.ts +++ b/src/legacy/ui/public/agg_types/metrics/lib/parent_pipeline_agg_helper.ts @@ -19,14 +19,12 @@ import { i18n } from '@kbn/i18n'; import { noop } from 'lodash'; -import { MetricAggParamEditor } from '../../../vis/editors/default/controls/metric_agg'; -import { SubAggParamEditor } from '../../../vis/editors/default/controls/sub_agg'; + import { forwardModifyAggConfigOnSearchRequestStart } from './nested_agg_helpers'; import { IMetricAggConfig, MetricAggParam } from '../metric_agg_type'; import { parentPipelineAggWriter } from './parent_pipeline_agg_writer'; -// @ts-ignore -import { Schemas } from '../../../vis/editors/default/schemas'; +import { Schemas } from '../../schemas'; const metricAggFilter = [ '!top_hits', @@ -42,13 +40,6 @@ const metricAggTitle = i18n.translate('common.ui.aggTypes.metrics.metricAggTitle defaultMessage: 'Metric agg', }); -const subtypeLabel = i18n.translate( - 'common.ui.aggTypes.metrics.parentPipelineAggregationsSubtypeTitle', - { - defaultMessage: 'Parent Pipeline Aggregations', - } -); - const [metricAggSchema] = new Schemas([ { group: 'none', @@ -59,20 +50,24 @@ const [metricAggSchema] = new Schemas([ }, ]).all; -export const parentPipelineAggHelper = { - subtype: subtypeLabel, +const parentPipelineType = i18n.translate( + 'common.ui.aggTypes.metrics.parentPipelineAggregationsSubtypeTitle', + { + defaultMessage: 'Parent Pipeline Aggregations', + } +); +const parentPipelineAggHelper = { + subtype: parentPipelineType, params() { return [ { name: 'metricAgg', - editorComponent: MetricAggParamEditor, default: 'custom', write: parentPipelineAggWriter, }, { name: 'customMetric', - editorComponent: SubAggParamEditor, type: 'agg', makeAgg(termsAgg, state: any) { state = state || { type: 'count' }; @@ -108,3 +103,5 @@ export const parentPipelineAggHelper = { return subAgg.type.getFormat(subAgg); }, }; + +export { parentPipelineAggHelper, parentPipelineType }; diff --git a/src/legacy/ui/public/agg_types/metrics/lib/sibling_pipeline_agg_helper.ts b/src/legacy/ui/public/agg_types/metrics/lib/sibling_pipeline_agg_helper.ts index e75ebf366a27e..9dd737bd6708e 100644 --- a/src/legacy/ui/public/agg_types/metrics/lib/sibling_pipeline_agg_helper.ts +++ b/src/legacy/ui/public/agg_types/metrics/lib/sibling_pipeline_agg_helper.ts @@ -19,13 +19,10 @@ import { i18n } from '@kbn/i18n'; import { siblingPipelineAggWriter } from './sibling_pipeline_agg_writer'; -import { SubMetricParamEditor } from '../../../vis/editors/default/controls/sub_metric'; import { forwardModifyAggConfigOnSearchRequestStart } from './nested_agg_helpers'; import { IMetricAggConfig, MetricAggParam } from '../metric_agg_type'; - -// @ts-ignore -import { Schemas } from '../../../vis/editors/default/schemas'; +import { Schemas } from '../../schemas'; const metricAggFilter: string[] = [ '!top_hits', @@ -68,10 +65,15 @@ const [bucketAggSchema] = new Schemas([ }, ]).all; -const siblingPipelineAggHelper = { - subtype: i18n.translate('common.ui.aggTypes.metrics.siblingPipelineAggregationsSubtypeTitle', { +const siblingPipelineType = i18n.translate( + 'common.ui.aggTypes.metrics.siblingPipelineAggregationsSubtypeTitle', + { defaultMessage: 'Sibling pipeline aggregations', - }), + } +); + +const siblingPipelineAggHelper = { + subtype: siblingPipelineType, params() { return [ { @@ -86,7 +88,6 @@ const siblingPipelineAggHelper = { return orderAgg; }, - editorComponent: SubMetricParamEditor, modifyAggConfigOnSearchRequestStart: forwardModifyAggConfigOnSearchRequestStart( 'customBucket' ), @@ -104,7 +105,6 @@ const siblingPipelineAggHelper = { return orderAgg; }, - editorComponent: SubMetricParamEditor, modifyAggConfigOnSearchRequestStart: forwardModifyAggConfigOnSearchRequestStart( 'customMetric' ), @@ -120,4 +120,4 @@ const siblingPipelineAggHelper = { }, }; -export { siblingPipelineAggHelper }; +export { siblingPipelineAggHelper, siblingPipelineType }; diff --git a/src/legacy/ui/public/agg_types/metrics/parent_pipeline.test.ts b/src/legacy/ui/public/agg_types/metrics/parent_pipeline.test.ts index 0adf41a0420a0..11fc39c20bdc4 100644 --- a/src/legacy/ui/public/agg_types/metrics/parent_pipeline.test.ts +++ b/src/legacy/ui/public/agg_types/metrics/parent_pipeline.test.ts @@ -25,7 +25,7 @@ import { serialDiffMetricAgg } from './serial_diff'; import { AggConfigs } from '../agg_configs'; import { IMetricAggConfig, MetricAggType } from './metric_agg_type'; -jest.mock('../../vis/editors/default/schemas', () => { +jest.mock('../schemas', () => { class MockedSchemas { all = [{}]; } @@ -34,18 +34,6 @@ jest.mock('../../vis/editors/default/schemas', () => { }; }); -jest.mock('../../vis/editors/default/controls/sub_metric', () => { - return { - SubMetricParamEditor() {}, - }; -}); - -jest.mock('../../vis/editors/default/controls/sub_agg', () => { - return { - SubAggParamEditor() {}, - }; -}); - jest.mock('ui/new_platform'); describe('parent pipeline aggs', function() { diff --git a/src/legacy/ui/public/agg_types/metrics/percentile_ranks.ts b/src/legacy/ui/public/agg_types/metrics/percentile_ranks.ts index 436f9cd66764d..cbd46e3f5b28d 100644 --- a/src/legacy/ui/public/agg_types/metrics/percentile_ranks.ts +++ b/src/legacy/ui/public/agg_types/metrics/percentile_ranks.ts @@ -19,7 +19,6 @@ import { i18n } from '@kbn/i18n'; import { npStart } from 'ui/new_platform'; -import { PercentileRanksEditor } from '../../vis/editors/default/controls/percentile_ranks'; import { MetricAggType } from './metric_agg_type'; import { getResponseAggConfigClass, IResponseAggConfig } from './lib/get_response_agg_config_class'; @@ -68,7 +67,6 @@ export const percentileRanksMetricAgg = new MetricAggType({ }, { name: 'percents', - editorComponent: PercentilesEditor, default: [1, 5, 25, 50, 75, 95, 99], }, { diff --git a/src/legacy/ui/public/agg_types/metrics/sibling_pipeline.test.ts b/src/legacy/ui/public/agg_types/metrics/sibling_pipeline.test.ts index 60165790da545..d643cf0d2a478 100644 --- a/src/legacy/ui/public/agg_types/metrics/sibling_pipeline.test.ts +++ b/src/legacy/ui/public/agg_types/metrics/sibling_pipeline.test.ts @@ -26,7 +26,7 @@ import { bucketMaxMetricAgg } from './bucket_max'; import { AggConfigs } from '../agg_configs'; import { IMetricAggConfig, MetricAggType } from './metric_agg_type'; -jest.mock('../../vis/editors/default/schemas', () => { +jest.mock('../schemas', () => { class MockedSchemas { all = [{}]; } @@ -35,12 +35,6 @@ jest.mock('../../vis/editors/default/schemas', () => { }; }); -jest.mock('../../vis/editors/default/controls/sub_metric', () => { - return { - SubMetricParamEditor() {}, - }; -}); - jest.mock('ui/new_platform'); describe('sibling pipeline aggs', () => { diff --git a/src/legacy/ui/public/agg_types/metrics/top_hit.ts b/src/legacy/ui/public/agg_types/metrics/top_hit.ts index 4b07c997f11e0..43fe33bdebeb9 100644 --- a/src/legacy/ui/public/agg_types/metrics/top_hit.ts +++ b/src/legacy/ui/public/agg_types/metrics/top_hit.ts @@ -20,11 +20,6 @@ import _ from 'lodash'; import { i18n } from '@kbn/i18n'; import { IMetricAggConfig, MetricAggType } from './metric_agg_type'; -import { TopSortFieldParamEditor } from '../../vis/editors/default/controls/top_sort_field'; -import { OrderParamEditor } from '../../vis/editors/default/controls/order'; -import { TopFieldParamEditor } from '../../vis/editors/default/controls/top_field'; -import { TopSizeParamEditor } from '../../vis/editors/default/controls/top_size'; -import { TopAggregateParamEditor } from '../../vis/editors/default/controls/top_aggregate'; import { aggTypeFieldFilters } from '../param_types/filter'; import { METRIC_TYPES } from './metric_agg_types'; import { KBN_FIELD_TYPES } from '../../../../../plugins/data/public'; @@ -79,7 +74,6 @@ export const topHitMetricAgg = new MetricAggType({ { name: 'field', type: 'field', - editorComponent: TopFieldParamEditor, onlyAggregatable: false, filterFieldTypes: '*', write(agg, output) { @@ -110,7 +104,6 @@ export const topHitMetricAgg = new MetricAggType({ { name: 'aggregate', type: 'optioned', - editorComponent: wrapWithInlineComp(TopAggregateParamEditor), options: [ { text: i18n.translate('common.ui.aggTypes.metrics.topHit.minLabel', { @@ -159,13 +152,11 @@ export const topHitMetricAgg = new MetricAggType({ }, { name: 'size', - editorComponent: wrapWithInlineComp(TopSizeParamEditor), default: 1, }, { name: 'sortField', type: 'field', - editorComponent: TopSortFieldParamEditor, filterFieldTypes: [ KBN_FIELD_TYPES.NUMBER, KBN_FIELD_TYPES.DATE, @@ -181,7 +172,6 @@ export const topHitMetricAgg = new MetricAggType({ name: 'sortOrder', type: 'optioned', default: 'desc', - editorComponent: OrderParamEditor, options: [ { text: i18n.translate('common.ui.aggTypes.metrics.topHit.descendingLabel', { diff --git a/src/legacy/ui/public/agg_types/param_types/agg.ts b/src/legacy/ui/public/agg_types/param_types/agg.ts index 0a83805c8c44c..2e7c11004b472 100644 --- a/src/legacy/ui/public/agg_types/param_types/agg.ts +++ b/src/legacy/ui/public/agg_types/param_types/agg.ts @@ -48,9 +48,7 @@ export class AggParamType extends Base return this.makeAgg(agg, state); }; } - if (!config.editorComponent) { - this.editorComponent = require('../../vis/editors/default/controls/sub_agg'); - } + this.makeAgg = config.makeAgg; this.valueType = AggConfig; } diff --git a/src/legacy/ui/public/agg_types/param_types/base.ts b/src/legacy/ui/public/agg_types/param_types/base.ts index 35748c02dd903..15ec44e2ca5ae 100644 --- a/src/legacy/ui/public/agg_types/param_types/base.ts +++ b/src/legacy/ui/public/agg_types/param_types/base.ts @@ -18,7 +18,7 @@ */ import { AggConfigs } from '../agg_configs'; -import { AggConfig } from '../../vis'; +import { AggConfig } from '../agg_config'; import { FetchOptions, ISearchSource } from '../../../../../plugins/data/public'; export class BaseParamType { @@ -27,7 +27,6 @@ export class BaseParamType { displayName: string; required: boolean; advanced: boolean; - editorComponent: any = null; default: any; write: ( aggConfig: TAggConfig, @@ -67,7 +66,6 @@ export class BaseParamType { this.onChange = config.onChange; this.shouldShow = config.shouldShow; this.default = config.default; - this.editorComponent = config.editorComponent; const defaultWrite = (aggConfig: TAggConfig, output: Record) => { if (aggConfig.params[this.name]) { diff --git a/src/legacy/ui/public/agg_types/param_types/field.ts b/src/legacy/ui/public/agg_types/param_types/field.ts index 090ea14bb64a9..4ce5bb29f8ff6 100644 --- a/src/legacy/ui/public/agg_types/param_types/field.ts +++ b/src/legacy/ui/public/agg_types/param_types/field.ts @@ -19,9 +19,8 @@ // @ts-ignore import { i18n } from '@kbn/i18n'; -import { AggConfig } from '../../vis'; +import { AggConfig } from '../agg_config'; import { SavedObjectNotFound } from '../../../../../plugins/kibana_utils/public'; -import { FieldParamEditor } from '../../vis/editors/default/controls/field'; import { BaseParamType } from './base'; import { toastNotifications } from '../../notify'; import { propFilter } from '../filter'; @@ -31,7 +30,6 @@ import { isNestedField } from '../../../../../plugins/data/public'; const filterByType = propFilter('type'); export class FieldParamType extends BaseParamType { - editorComponent = FieldParamEditor; required = true; scriptable = true; filterFieldTypes: string; diff --git a/src/legacy/ui/public/agg_types/param_types/filter/field_filters.test.ts b/src/legacy/ui/public/agg_types/param_types/filter/field_filters.test.ts index 978b7edaa83ff..384c142408012 100644 --- a/src/legacy/ui/public/agg_types/param_types/filter/field_filters.test.ts +++ b/src/legacy/ui/public/agg_types/param_types/filter/field_filters.test.ts @@ -19,7 +19,7 @@ import { IndexedArray } from 'ui/indexed_array'; import { AggTypeFieldFilters } from './field_filters'; -import { AggConfig } from 'ui/vis'; +import { AggConfig } from '../../agg_config'; import { Field } from '../../../../../../plugins/data/public'; describe('AggTypeFieldFilters', () => { diff --git a/src/legacy/ui/public/agg_types/param_types/filter/field_filters.ts b/src/legacy/ui/public/agg_types/param_types/filter/field_filters.ts index e5cb5226435ff..7d44bedafa7e1 100644 --- a/src/legacy/ui/public/agg_types/param_types/filter/field_filters.ts +++ b/src/legacy/ui/public/agg_types/param_types/filter/field_filters.ts @@ -16,8 +16,8 @@ * specific language governing permissions and limitations * under the License. */ -import { AggConfig } from '../../../vis'; -import { Field } from '../../../../../../plugins/data/public'; +import { Field } from 'src/plugins/data/public'; +import { AggConfig } from '../../agg_config'; type AggTypeFieldFilter = (field: Field, aggConfig: AggConfig) => boolean; diff --git a/src/legacy/ui/public/agg_types/param_types/json.ts b/src/legacy/ui/public/agg_types/param_types/json.ts index e2878aac3af27..771919b0bb56b 100644 --- a/src/legacy/ui/public/agg_types/param_types/json.ts +++ b/src/legacy/ui/public/agg_types/param_types/json.ts @@ -18,13 +18,11 @@ */ import _ from 'lodash'; -import { AggConfig } from 'ui/vis'; -import { RawJsonParamEditor } from '../../vis/editors/default/controls/raw_json'; + +import { AggConfig } from '../agg_config'; import { BaseParamType } from './base'; export class JsonParamType extends BaseParamType { - editorComponent = RawJsonParamEditor; - constructor(config: Record) { super(config); diff --git a/src/legacy/ui/public/agg_types/param_types/optioned.ts b/src/legacy/ui/public/agg_types/param_types/optioned.ts index 6ac892e232bfb..5ffda3740af49 100644 --- a/src/legacy/ui/public/agg_types/param_types/optioned.ts +++ b/src/legacy/ui/public/agg_types/param_types/optioned.ts @@ -17,7 +17,7 @@ * under the License. */ -import { AggConfig } from '../../vis'; +import { AggConfig } from '../agg_config'; import { BaseParamType } from './base'; export interface OptionedValueProp { diff --git a/src/legacy/ui/public/agg_types/param_types/string.ts b/src/legacy/ui/public/agg_types/param_types/string.ts index f87bbb46ec0ee..58ba99f8a6d63 100644 --- a/src/legacy/ui/public/agg_types/param_types/string.ts +++ b/src/legacy/ui/public/agg_types/param_types/string.ts @@ -17,13 +17,10 @@ * under the License. */ -import { AggConfig } from 'ui/vis'; -import { StringParamEditor } from '../../vis/editors/default/controls/string'; +import { AggConfig } from '../agg_config'; import { BaseParamType } from './base'; export class StringParamType extends BaseParamType { - editorComponent = StringParamEditor; - constructor(config: Record) { super(config); diff --git a/src/legacy/ui/public/vis/editors/default/schemas.ts b/src/legacy/ui/public/agg_types/schemas.ts similarity index 83% rename from src/legacy/ui/public/vis/editors/default/schemas.ts rename to src/legacy/ui/public/agg_types/schemas.ts index 3cacd1cfbe68f..05723cac1869d 100644 --- a/src/legacy/ui/public/vis/editors/default/schemas.ts +++ b/src/legacy/ui/public/agg_types/schemas.ts @@ -21,12 +21,9 @@ import _ from 'lodash'; import { Optional } from '@kbn/utility-types'; -import { AggParam } from '../../../agg_types'; -import { IndexedArray } from '../../../indexed_array'; -import { RowsOrColumnsControl } from './controls/rows_or_columns'; -import { RadiusRatioOptionControl } from './controls/radius_ratio_option'; +import { IndexedArray } from 'ui/indexed_array'; import { AggGroupNames } from './agg_groups'; -import { AggControlProps } from './controls/agg_control_props'; +import { AggParam } from './agg_params'; export interface ISchemas { [AggGroupNames.Buckets]: Schema[]; @@ -46,7 +43,6 @@ export interface Schema { hideCustomLabel?: boolean; mustBeFirst?: boolean; aggSettings?: any; - editorComponent?: React.ComponentType; } class Schemas { @@ -72,9 +68,6 @@ class Schemas { default: true, }, ] as AggParam[]; - schema.editorComponent = RowsOrColumnsControl; - } else if (schema.name === 'radius') { - schema.editorComponent = RadiusRatioOptionControl; } _.defaults(schema, { diff --git a/src/legacy/ui/public/vis/__tests__/_agg_config.js b/src/legacy/ui/public/vis/__tests__/_agg_config.js index 28f8169dc811d..2ccbaf6c1645e 100644 --- a/src/legacy/ui/public/vis/__tests__/_agg_config.js +++ b/src/legacy/ui/public/vis/__tests__/_agg_config.js @@ -20,7 +20,7 @@ import sinon from 'sinon'; import expect from '@kbn/expect'; import ngMock from 'ng_mock'; -import { Vis } from '..'; +import { Vis } from '../../../../core_plugins/visualizations/public'; import { AggType } from '../../agg_types/agg_type'; import { AggConfig } from '../../agg_types/agg_config'; import FixturesStubbedLogstashIndexPatternProvider from 'fixtures/stubbed_logstash_index_pattern'; diff --git a/src/legacy/ui/public/vis/__tests__/_agg_configs.js b/src/legacy/ui/public/vis/__tests__/_agg_configs.js index 39693956ca55d..62ad9a40ad058 100644 --- a/src/legacy/ui/public/vis/__tests__/_agg_configs.js +++ b/src/legacy/ui/public/vis/__tests__/_agg_configs.js @@ -21,12 +21,9 @@ import _ from 'lodash'; import sinon from 'sinon'; import expect from '@kbn/expect'; import ngMock from 'ng_mock'; -import { AggConfig } from '../../agg_types/agg_config'; -import { Vis } from '..'; -import { AggConfigs } from '../../agg_types/agg_configs'; +import { AggConfig, AggConfigs, AggGroupNames, Schemas } from '../../agg_types'; +import { Vis } from '../../../../core_plugins/visualizations/public'; import FixturesStubbedLogstashIndexPatternProvider from 'fixtures/stubbed_logstash_index_pattern'; -import { Schemas } from '../editors/default/schemas'; -import { AggGroupNames } from '../editors/default/agg_groups'; describe('AggConfigs', function() { let indexPattern; diff --git a/src/legacy/ui/public/vis/_index.scss b/src/legacy/ui/public/vis/_index.scss index 36d586abdb147..28cf4289bb048 100644 --- a/src/legacy/ui/public/vis/_index.scss +++ b/src/legacy/ui/public/vis/_index.scss @@ -1,2 +1 @@ -@import './editors/index'; @import './map/index'; diff --git a/src/legacy/ui/public/vis/editors/config/editor_config_providers.test.ts b/src/legacy/ui/public/vis/config/editor_config_providers.test.ts similarity index 99% rename from src/legacy/ui/public/vis/editors/config/editor_config_providers.test.ts rename to src/legacy/ui/public/vis/config/editor_config_providers.test.ts index 0a5d0ea748b5e..9d93930c09ebc 100644 --- a/src/legacy/ui/public/vis/editors/config/editor_config_providers.test.ts +++ b/src/legacy/ui/public/vis/config/editor_config_providers.test.ts @@ -17,9 +17,9 @@ * under the License. */ +import { AggConfig } from 'ui/agg_types'; import { EditorConfigProviderRegistry } from './editor_config_providers'; import { EditorParamConfig, FixedParam, NumericIntervalParam, TimeIntervalParam } from './types'; -import { AggConfig } from '../..'; jest.mock('ui/new_platform'); diff --git a/src/legacy/ui/public/vis/editors/config/editor_config_providers.ts b/src/legacy/ui/public/vis/config/editor_config_providers.ts similarity index 92% rename from src/legacy/ui/public/vis/editors/config/editor_config_providers.ts rename to src/legacy/ui/public/vis/config/editor_config_providers.ts index 80dc2bcd68f08..1e82a3ca2762e 100644 --- a/src/legacy/ui/public/vis/editors/config/editor_config_providers.ts +++ b/src/legacy/ui/public/vis/config/editor_config_providers.ts @@ -17,13 +17,17 @@ * under the License. */ -import { TimeIntervalParam } from 'ui/vis/editors/config/types'; -import { AggConfig } from '../..'; -import { IndexPattern } from '../../../../../../plugins/data/public'; -import { leastCommonMultiple } from '../../lib/least_common_multiple'; -import { parseEsInterval } from '../../../../../core_plugins/data/public'; -import { leastCommonInterval } from '../../lib/least_common_interval'; -import { EditorConfig, EditorParamConfig, FixedParam, NumericIntervalParam } from './types'; +import { IndexPattern } from 'src/plugins/data/public'; +import { AggConfig } from 'ui/agg_types'; +import { parseEsInterval } from '../../../../core_plugins/data/public'; +import { + TimeIntervalParam, + EditorConfig, + EditorParamConfig, + FixedParam, + NumericIntervalParam, +} from './types'; +import { leastCommonInterval, leastCommonMultiple } from '../lib'; type EditorConfigProvider = (indexPattern: IndexPattern, aggConfig: AggConfig) => EditorConfig; diff --git a/src/legacy/ui/public/vis/index.js b/src/legacy/ui/public/vis/config/index.ts similarity index 89% rename from src/legacy/ui/public/vis/index.js rename to src/legacy/ui/public/vis/config/index.ts index aaee86c378984..5e87ac17b98fb 100644 --- a/src/legacy/ui/public/vis/index.js +++ b/src/legacy/ui/public/vis/config/index.ts @@ -17,4 +17,5 @@ * under the License. */ -export { Vis } from '../../../core_plugins/visualizations/public/np_ready/public/vis'; +export { editorConfigProviders } from './editor_config_providers'; +export * from './types'; diff --git a/src/legacy/ui/public/vis/editors/config/types.ts b/src/legacy/ui/public/vis/config/types.ts similarity index 100% rename from src/legacy/ui/public/vis/editors/config/types.ts rename to src/legacy/ui/public/vis/config/types.ts diff --git a/src/legacy/ui/public/vis/editors/_index.scss b/src/legacy/ui/public/vis/editors/_index.scss deleted file mode 100644 index 1c4169bcf3712..0000000000000 --- a/src/legacy/ui/public/vis/editors/_index.scss +++ /dev/null @@ -1 +0,0 @@ -@import './default/index'; diff --git a/src/legacy/ui/public/vis/index.d.ts b/src/legacy/ui/public/vis/lib/index.ts similarity index 84% rename from src/legacy/ui/public/vis/index.d.ts rename to src/legacy/ui/public/vis/lib/index.ts index 85798549691a5..ce44ad71e4bd8 100644 --- a/src/legacy/ui/public/vis/index.d.ts +++ b/src/legacy/ui/public/vis/lib/index.ts @@ -17,5 +17,5 @@ * under the License. */ -export { AggConfig } from '../agg_types/agg_config'; -export { Vis, VisParams, VisState, VisType } from '../../../core_plugins/visualizations/public'; +export { leastCommonInterval } from './least_common_interval'; +export { leastCommonMultiple } from './least_common_multiple'; diff --git a/src/legacy/ui/public/vis/vis_types/angular_vis_type.js b/src/legacy/ui/public/vis/vis_types/angular_vis_type.js deleted file mode 100644 index c34294d45548c..0000000000000 --- a/src/legacy/ui/public/vis/vis_types/angular_vis_type.js +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import $ from 'jquery'; -import { isEqual } from 'lodash'; -import chrome from 'ui/chrome'; - -export class AngularVisController { - constructor(domeElement, vis) { - this.el = $(domeElement); - this.vis = vis; - } - - render(esResponse, visParams, status) { - return new Promise(async (resolve, reject) => { - if (!this.$rootScope) { - const $injector = await chrome.dangerouslyGetActiveInjector(); - this.$rootScope = $injector.get('$rootScope'); - this.$compile = $injector.get('$compile'); - } - const updateScope = () => { - this.$scope.vis = this.vis; - this.$scope.visState = this.vis.getState(); - this.$scope.esResponse = esResponse; - - if (!isEqual(this.$scope.visParams, visParams)) { - this.vis.emit('updateEditorStateParams', visParams); - } - - this.$scope.visParams = visParams; - this.$scope.renderComplete = resolve; - this.$scope.renderFailed = reject; - this.$scope.resize = Date.now(); - this.$scope.updateStatus = status; - this.$scope.$apply(); - }; - - if (!this.$scope) { - this.$scope = this.$rootScope.$new(); - this.$scope.uiState = this.vis.getUiState(); - updateScope(); - this.el.html(this.$compile(this.vis.type.visConfig.template)(this.$scope)); - this.$scope.$apply(); - } else { - updateScope(); - } - }); - } - - destroy() { - if (this.$scope) { - this.$scope.$destroy(); - this.$scope = null; - } - } -} diff --git a/src/legacy/ui/public/visualize/loader/pipeline_helpers/utilities.ts b/src/legacy/ui/public/visualize/loader/pipeline_helpers/utilities.ts index bde865f504fdb..e763eb1b90791 100644 --- a/src/legacy/ui/public/visualize/loader/pipeline_helpers/utilities.ts +++ b/src/legacy/ui/public/visualize/loader/pipeline_helpers/utilities.ts @@ -19,10 +19,11 @@ import { i18n } from '@kbn/i18n'; import { identity } from 'lodash'; -import { AggConfig, Vis } from 'ui/vis'; +import { AggConfig } from 'ui/agg_types'; import { npStart } from 'ui/new_platform'; import { SerializedFieldFormat } from 'src/plugins/expressions/public'; import { fieldFormats } from '../../../../../../plugins/data/public'; +import { Vis } from '../../../../../core_plugins/visualizations/public'; import { tabifyGetColumns } from '../../../agg_response/tabify/_get_columns'; import { DateRangeKey, convertDateRangeToString } from '../../../agg_types/buckets/date_range'; diff --git a/src/legacy/utils/index.d.ts b/src/legacy/utils/index.d.ts index 7ac9feab09cbe..a57caad1d34bf 100644 --- a/src/legacy/utils/index.d.ts +++ b/src/legacy/utils/index.d.ts @@ -17,8 +17,4 @@ * under the License. */ -export function parseCommaSeparatedList(input: string | string[]): string[]; - -export function formatListAsProse(list: string[], options?: { inclusive?: boolean }): string; - export function unset(object: object, rawPath: string): void; diff --git a/src/legacy/utils/index.js b/src/legacy/utils/index.js index cb890f1094b04..2e6381b31ecee 100644 --- a/src/legacy/utils/index.js +++ b/src/legacy/utils/index.js @@ -37,5 +37,3 @@ export { createMapStream, createReplaceStream, } from './streams'; - -export { parseCommaSeparatedList, formatListAsProse } from './strings'; diff --git a/src/legacy/utils/strings/__tests__/prose.js b/src/legacy/utils/strings/__tests__/prose.js deleted file mode 100644 index d99f5f196fb67..0000000000000 --- a/src/legacy/utils/strings/__tests__/prose.js +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import expect from '@kbn/expect'; - -import { formatListAsProse } from '../prose'; - -describe('utils formatListAsProse()', () => { - it('throw TypeError for non array arguments', () => { - const assertTypeError = error => { - expect(error).to.be.a(TypeError); - }; - - expect(() => formatListAsProse(0)).to.throwError(assertTypeError); - expect(() => formatListAsProse(1)).to.throwError(assertTypeError); - expect(() => formatListAsProse({})).to.throwError(assertTypeError); - expect(() => formatListAsProse(() => {})).to.throwError(assertTypeError); - expect(() => formatListAsProse((a, b) => b)).to.throwError(assertTypeError); - expect(() => formatListAsProse(/foo/)).to.throwError(assertTypeError); - expect(() => formatListAsProse(null)).to.throwError(assertTypeError); - expect(() => formatListAsProse(undefined)).to.throwError(assertTypeError); - expect(() => formatListAsProse(false)).to.throwError(assertTypeError); - expect(() => formatListAsProse(true)).to.throwError(assertTypeError); - }); - - describe('defaults', () => { - it('joins items together with "and" and commas', () => { - expect(formatListAsProse([1, 2])).to.eql('1 and 2'); - expect(formatListAsProse([1, 2, 3])).to.eql('1, 2, and 3'); - expect(formatListAsProse([4, 3, 2, 1])).to.eql('4, 3, 2, and 1'); - }); - }); - - describe('inclusive=true', () => { - it('joins items together with "and" and commas', () => { - expect(formatListAsProse([1, 2], { inclusive: true })).to.eql('1 and 2'); - expect(formatListAsProse([1, 2, 3], { inclusive: true })).to.eql('1, 2, and 3'); - expect(formatListAsProse([4, 3, 2, 1], { inclusive: true })).to.eql('4, 3, 2, and 1'); - }); - }); - - describe('inclusive=false', () => { - it('joins items together with "or" and commas', () => { - expect(formatListAsProse([1, 2], { inclusive: false })).to.eql('1 or 2'); - expect(formatListAsProse([1, 2, 3], { inclusive: false })).to.eql('1, 2, or 3'); - expect(formatListAsProse([4, 3, 2, 1], { inclusive: false })).to.eql('4, 3, 2, or 1'); - }); - }); -}); diff --git a/x-pack/legacy/plugins/maps/public/layers/joins/inner_join.test.js b/x-pack/legacy/plugins/maps/public/layers/joins/inner_join.test.js index 452f669a113cd..05b177b361449 100644 --- a/x-pack/legacy/plugins/maps/public/layers/joins/inner_join.test.js +++ b/x-pack/legacy/plugins/maps/public/layers/joins/inner_join.test.js @@ -6,14 +6,13 @@ import { InnerJoin } from './inner_join'; -jest.mock('ui/new_platform'); -jest.mock('ui/vis/editors/default/schemas', () => { +jest.mock('../../kibana_services', () => {}); +jest.mock('ui/agg_types', () => { class MockSchemas {} return { Schemas: MockSchemas, }; }); -jest.mock('ui/agg_types', () => {}); jest.mock('ui/timefilter', () => {}); jest.mock('../vector_layer', () => {}); diff --git a/x-pack/legacy/plugins/maps/public/layers/sources/es_geo_grid_source/es_geo_grid_source.js b/x-pack/legacy/plugins/maps/public/layers/sources/es_geo_grid_source/es_geo_grid_source.js index 6adb5dd568e23..cb8b43a6c312b 100644 --- a/x-pack/legacy/plugins/maps/public/layers/sources/es_geo_grid_source/es_geo_grid_source.js +++ b/x-pack/legacy/plugins/maps/public/layers/sources/es_geo_grid_source/es_geo_grid_source.js @@ -10,8 +10,7 @@ import uuid from 'uuid/v4'; import { VECTOR_SHAPE_TYPES } from '../vector_feature_types'; import { HeatmapLayer } from '../../heatmap_layer'; import { VectorLayer } from '../../vector_layer'; -import { Schemas } from 'ui/vis/editors/default/schemas'; -import { AggConfigs } from 'ui/agg_types'; +import { AggConfigs, Schemas } from 'ui/agg_types'; import { tabifyAggResponse } from 'ui/agg_response/tabify'; import { convertToGeoJson } from './convert_to_geojson'; import { VectorStyle } from '../../styles/vector/vector_style'; diff --git a/x-pack/legacy/plugins/maps/public/layers/sources/es_pew_pew_source/es_pew_pew_source.js b/x-pack/legacy/plugins/maps/public/layers/sources/es_pew_pew_source/es_pew_pew_source.js index e6faf4146435d..5d571967d53e8 100644 --- a/x-pack/legacy/plugins/maps/public/layers/sources/es_pew_pew_source/es_pew_pew_source.js +++ b/x-pack/legacy/plugins/maps/public/layers/sources/es_pew_pew_source/es_pew_pew_source.js @@ -20,8 +20,7 @@ import { i18n } from '@kbn/i18n'; import { SOURCE_DATA_ID_ORIGIN, ES_PEW_PEW, COUNT_PROP_NAME } from '../../../../common/constants'; import { getDataSourceLabel } from '../../../../common/i18n_getters'; import { convertToLines } from './convert_to_lines'; -import { Schemas } from 'ui/vis/editors/default/schemas'; -import { AggConfigs } from 'ui/agg_types'; +import { AggConfigs, Schemas } from 'ui/agg_types'; import { AbstractESAggSource } from '../es_agg_source'; import { DynamicStyleProperty } from '../../styles/vector/properties/dynamic_style_property'; import { COLOR_GRADIENTS } from '../../styles/color_utils'; diff --git a/x-pack/legacy/plugins/maps/public/layers/sources/es_term_source.js b/x-pack/legacy/plugins/maps/public/layers/sources/es_term_source.js index 443668984b0b4..7d7a2e159d128 100644 --- a/x-pack/legacy/plugins/maps/public/layers/sources/es_term_source.js +++ b/x-pack/legacy/plugins/maps/public/layers/sources/es_term_source.js @@ -6,8 +6,7 @@ import _ from 'lodash'; -import { Schemas } from 'ui/vis/editors/default/schemas'; -import { AggConfigs } from 'ui/agg_types'; +import { AggConfigs, Schemas } from 'ui/agg_types'; import { i18n } from '@kbn/i18n'; import { COUNT_PROP_LABEL, diff --git a/x-pack/legacy/plugins/maps/public/layers/sources/es_term_source.test.js b/x-pack/legacy/plugins/maps/public/layers/sources/es_term_source.test.js index e63a322eafe01..ffaaf2d705b5c 100644 --- a/x-pack/legacy/plugins/maps/public/layers/sources/es_term_source.test.js +++ b/x-pack/legacy/plugins/maps/public/layers/sources/es_term_source.test.js @@ -8,10 +8,9 @@ import { ESTermSource, extractPropertiesMap } from './es_term_source'; jest.mock('ui/new_platform'); jest.mock('../vector_layer', () => {}); -jest.mock('ui/vis/editors/default/schemas', () => ({ +jest.mock('ui/agg_types', () => ({ Schemas: function() {}, })); -jest.mock('ui/agg_types', () => {}); jest.mock('ui/timefilter', () => {}); const indexPatternTitle = 'myIndex'; diff --git a/x-pack/legacy/plugins/rollup/public/visualize/editor_config.js b/x-pack/legacy/plugins/rollup/public/visualize/editor_config.js index 897caa07fd873..8f5072e8a9866 100644 --- a/x-pack/legacy/plugins/rollup/public/visualize/editor_config.js +++ b/x-pack/legacy/plugins/rollup/public/visualize/editor_config.js @@ -5,7 +5,7 @@ */ import { i18n } from '@kbn/i18n'; -import { editorConfigProviders } from 'ui/vis/editors/config/editor_config_providers'; +import { editorConfigProviders } from 'ui/vis/config'; export function initEditorConfig() { // Limit agg params based on rollup capabilities diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 68a8768b550c1..817aa03db31bd 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -77,10 +77,8 @@ }, "messages": { "common.ui.aggResponse.allDocsTitle": "すべてのドキュメント", - "common.ui.aggTypes.aggNotValidLabel": "- 無効な集約 -", - "common.ui.aggTypes.aggregateWith.noAggsErrorTooltip": "選択されたフィールドには互換性のある集約がありません。", - "common.ui.aggTypes.aggregateWithLabel": "アグリゲーション:", - "common.ui.aggTypes.aggregateWithTooltip": "複数ヒットまたは複数値のフィールドを 1 つのメトリックにまとめる方法を選択します。", + "common.ui.aggTypes.aggGroups.bucketsText": "バケット", + "common.ui.aggTypes.aggGroups.metricsText": "メトリック", "common.ui.aggTypes.buckets.dateHistogramLabel": "{intervalDescription}ごとの {fieldName}", "common.ui.aggTypes.buckets.dateHistogramTitle": "日付ヒストグラム", "common.ui.aggTypes.buckets.dateRangeTitle": "日付範囲", @@ -116,49 +114,11 @@ "common.ui.aggTypes.buckets.terms.otherBucketLabel": "その他", "common.ui.aggTypes.buckets.terms.otherBucketTitle": "他のバケット", "common.ui.aggTypes.buckets.termsTitle": "用語", - "common.ui.aggTypes.changePrecisionLabel": "マップズームの精度を変更", - "common.ui.aggTypes.customMetricLabel": "カスタムメトリック", - "common.ui.aggTypes.dateRanges.acceptedDateFormatsLinkText": "対応データフォーマット", - "common.ui.aggTypes.dateRanges.addRangeButtonLabel": "範囲を追加", - "common.ui.aggTypes.dateRanges.errorMessage": "各範囲は1つ以上の有効な日付にしてください。", - "common.ui.aggTypes.dateRanges.fromColumnLabel": "From", - "common.ui.aggTypes.dateRanges.removeRangeButtonAriaLabel": "{from}から{to}の範囲を削除", - "common.ui.aggTypes.dateRanges.toColumnLabel": "To", - "common.ui.aggTypes.dropPartialBucketsLabel": "不完全なバケットをドロップ", - "common.ui.aggTypes.dropPartialBucketsTooltip": "時間範囲外にわたるバケットを削除してヒストグラムが不完全なバケットで開始・終了しないようにします。", - "common.ui.aggTypes.extendedBounds.errorMessage": "最低値は最大値以下でなければなりません。", - "common.ui.aggTypes.extendedBounds.maxLabel": "最高", - "common.ui.aggTypes.extendedBounds.minLabel": "最低", - "common.ui.aggTypes.extendedBoundsLabel": "拡張された境界", - "common.ui.aggTypes.extendedBoundsTooltip": "最低値と最高値は結果を絞るのではなく、結果セットのバウンドを拡張します", - "common.ui.aggTypes.field.fieldLabel": "フィールド", - "common.ui.aggTypes.field.noCompatibleFieldsDescription": "インデックスパターン` {indexPatternTitle} に次の互換性のあるフィールドタイプが 1 つも含まれていません: {fieldTypes}", - "common.ui.aggTypes.field.selectFieldPlaceholder": "フィールドを選択", - "common.ui.aggTypes.filters.addFilterButtonLabel": "フィルターを追加します", - "common.ui.aggTypes.filters.definiteFilterLabel": "{index} ラベルでフィルタリング", - "common.ui.aggTypes.filters.filterLabel": "{index} でフィルタリング", - "common.ui.aggTypes.filters.labelPlaceholder": "ラベル", - "common.ui.aggTypes.filters.removeFilterButtonAriaLabel": "このフィルターを削除", - "common.ui.aggTypes.filters.toggleFilterButtonAriaLabel": "フィルターラベルを切り替える", "common.ui.aggTypes.histogram.missingMaxMinValuesWarning": "自動スケールヒストグラムバケットから最高値と最低値を取得できません。これによりビジュアライゼーションのパフォーマンスが低下する可能性があります。", - "common.ui.aggTypes.ipRanges.addRangeButtonLabel": "範囲を追加", - "common.ui.aggTypes.ipRanges.cidrMaskAriaLabel": "CIDR マスク: {mask}", - "common.ui.aggTypes.ipRanges.cidrMasksButtonLabel": "CIDR マスク", - "common.ui.aggTypes.ipRanges.fromToButtonLabel": "開始/終了", - "common.ui.aggTypes.ipRanges.ipRangeFromAriaLabel": "IP 範囲の開始値: {value}", - "common.ui.aggTypes.ipRanges.ipRangeToAriaLabel": "IP 範囲の終了値: {value}", - "common.ui.aggTypes.ipRanges.removeCidrMaskButtonAriaLabel": "{mask} の CIDR マスクの値を削除", - "common.ui.aggTypes.ipRanges.removeEmptyCidrMaskButtonAriaLabel": "CIDR マスクのデフォルトの値を削除", - "common.ui.aggTypes.ipRanges.removeRangeAriaLabel": "{from} から {to} の範囲を削除", - "common.ui.aggTypes.ipRangesAriaLabel": "IP 範囲", - "common.ui.aggTypes.jsonInputLabel": "JSON インプット", - "common.ui.aggTypes.jsonInputTooltip": "ここに追加された JSON フォーマットのプロパティは、すべてこのセクションの Elasticsearch アグリゲーション定義に融合されます。用語集約における「shard_size」がその例です。", - "common.ui.aggTypes.metricLabel": "メトリック", "common.ui.aggTypes.metrics.averageBucketTitle": "平均バケット", "common.ui.aggTypes.metrics.averageLabel": "平均 {field}", "common.ui.aggTypes.metrics.averageTitle": "平均", "common.ui.aggTypes.metrics.bucketAggTitle": "バケット集約", - "common.ui.aggTypes.metrics.bucketTitle": "バケット", "common.ui.aggTypes.metrics.countLabel": "カウント", "common.ui.aggTypes.metrics.countTitle": "カウント", "common.ui.aggTypes.metrics.cumulativeSumLabel": "累積合計", @@ -176,7 +136,6 @@ "common.ui.aggTypes.metrics.medianTitle": "中央", "common.ui.aggTypes.metrics.metricAggregationsSubtypeTitle": "メトリック集約", "common.ui.aggTypes.metrics.metricAggTitle": "メトリック集約", - "common.ui.aggTypes.metrics.metricTitle": "メトリック", "common.ui.aggTypes.metrics.minBucketTitle": "最低バケット", "common.ui.aggTypes.metrics.minLabel": "最低 {field}", "common.ui.aggTypes.metrics.minTitle": "最低", @@ -216,55 +175,11 @@ "common.ui.aggTypes.metrics.topHitTitle": "トップヒット", "common.ui.aggTypes.metrics.uniqueCountLabel": "{field} のユニークカウント", "common.ui.aggTypes.metrics.uniqueCountTitle": "ユニークカウント", - "common.ui.aggTypes.metrics.wrongLastBucketTypeErrorMessage": "「{type}」メトリック集約を使用する場合、最後のバケット集約は「Date Histogram」または「Histogram」でなければなりません。", - "common.ui.aggTypes.numberInterval.minimumIntervalLabel": "最低間隔", - "common.ui.aggTypes.numberInterval.minimumIntervalTooltip": "入力された値により高度な設定の {histogramMaxBars} で指定されたよりも多くのバケットが作成される場合、間隔は自動的にスケーリングされます。", - "common.ui.aggTypes.numberInterval.selectIntervalPlaceholder": "間隔を入力", - "common.ui.aggTypes.numberList.addUnitButtonLabel": "{unitName} を追加", - "common.ui.aggTypes.numberList.enterValuePlaceholder": "値を入力", - "common.ui.aggTypes.numberList.invalidAscOrderErrorMessage": "値は昇順でなければなりません。", - "common.ui.aggTypes.numberList.invalidRangeErrorMessage": "値は {min} から {max} の範囲でなければなりません。", - "common.ui.aggTypes.numberList.removeUnitButtonAriaLabel": "{value} のランク値を削除", - "common.ui.aggTypes.onlyRequestDataAroundMapExtentLabel": "マップ範囲のデータのみリクエストしてください", - "common.ui.aggTypes.onlyRequestDataAroundMapExtentTooltip": "geo_bounding_box フィルター集約を適用して、襟付きのマップビューボックスにサブジェクトエリアを絞ります", - "common.ui.aggTypes.orderAgg.alphabeticalLabel": "アルファベット順", - "common.ui.aggTypes.orderAgg.orderByLabel": "並び順", - "common.ui.aggTypes.orderLabel": "順序", - "common.ui.aggTypes.otherBucket.groupValuesLabel": "他の値を別のバケットにまとめる", - "common.ui.aggTypes.otherBucket.groupValuesTooltip": "トップ N 以外の値はこのバケットにまとめられます。欠測値があるドキュメントを含めるには、「欠測値を表示」を有効にしてください。", "common.ui.aggTypes.otherBucket.labelForMissingValuesLabel": "欠測値のラベル", "common.ui.aggTypes.otherBucket.labelForOtherBucketLabel": "他のバケットのラベル", - "common.ui.aggTypes.otherBucket.showMissingValuesLabel": "欠測値を表示", - "common.ui.aggTypes.otherBucket.showMissingValuesTooltip": "「文字列」タイプのフィールドにのみ使用できます。有効にすると、欠測値があるドキュメントが検索に含まれます。バケットがトップ N の場合、チャートに表示されます。トップ N ではなく、「他の値を別のバケットにまとえる」が有効な場合、Elasticsearch は欠測値を「他」のバケットに追加します。", "common.ui.aggTypes.paramTypes.field.invalidSavedFieldParameterErrorMessage": "保存された {fieldParameter} パラメーターが無効になりました。新しいフィールドを選択してください。", "common.ui.aggTypes.paramTypes.field.requiredFieldParameterErrorMessage": "{fieldParameter} は必須パラメーターです", - "common.ui.aggTypes.percentileRanks.percentUnitNameText": "パーセント", - "common.ui.aggTypes.percentileRanks.valuesLabel": "値", - "common.ui.aggTypes.percentileRanks.valueUnitNameText": "値", - "common.ui.aggTypes.percentiles.percentsLabel": "パーセント", - "common.ui.aggTypes.placeMarkersOffGridLabel": "グリッド外にマーカーを配置 (ジオセントロイドを使用)", - "common.ui.aggTypes.precisionLabel": "精度", - "common.ui.aggTypes.ranges.addRangeButtonLabel": "範囲を追加", - "common.ui.aggTypes.ranges.fromLabel": "開始値:", - "common.ui.aggTypes.ranges.greaterThanOrEqualPrepend": "≥", - "common.ui.aggTypes.ranges.lessThanPrepend": "<", - "common.ui.aggTypes.ranges.removeRangeButtonAriaLabel": "{from} から {to} の範囲を削除", - "common.ui.aggTypes.ranges.toLabel": "To", - "common.ui.aggTypes.scaleMetricsLabel": "メトリック値のスケーリング (廃止)", - "common.ui.aggTypes.scaleMetricsTooltip": "これを有効にすると、手動最低間隔を選択し、広い間隔が使用された場合、カウントと合計メトリックが手動で選択された間隔にスケーリングされます。", - "common.ui.aggTypes.showEmptyBucketsLabel": "空のバケットを表示", - "common.ui.aggTypes.showEmptyBucketsTooltip": "結果のあるバケットだけでなくすべてのバケットを表示します", - "common.ui.aggTypes.sizeLabel": "サイズ", - "common.ui.aggTypes.sizeTooltip": "トップ K のヒットをリクエスト。複数ヒットは「集約基準」でまとめられます。", - "common.ui.aggTypes.sortOnLabel": "並べ替えオン", "common.ui.aggTypes.string.customLabel": "カスタムラベル", - "common.ui.aggTypes.timeInterval.createsTooLargeBucketsTooltip": "この間隔は、選択された時間範囲に表示するには大きすぎるバケットが作成されるため、にスケーリングされています。", - "common.ui.aggTypes.timeInterval.createsTooManyBucketsTooltip": "この間隔は選択された時間範囲に表示しきれない数のバケットが作成されるため、にスケーリングされています。", - "common.ui.aggTypes.timeInterval.invalidFormatErrorMessage": "無効な間隔フォーマット。", - "common.ui.aggTypes.timeInterval.minimumIntervalLabel": "最低間隔", - "common.ui.aggTypes.timeInterval.scaledHelpText": "現在 {bucketDescription} にスケーリングされています", - "common.ui.aggTypes.timeInterval.selectIntervalPlaceholder": "間隔を選択", - "common.ui.aggTypes.timeInterval.selectOptionHelpText": "オプションを選択するかカスタム値を作成します。例30s、20m、24h、2d、1w、1M", "common.ui.chrome.bigUrlWarningNotificationMessage": "{advancedSettingsLink}で{storeInSessionStorageParam}オプションを有効にするか、オンスクリーンビジュアルを簡素化してください。", "common.ui.chrome.bigUrlWarningNotificationMessage.advancedSettingsLinkText": "高度な設定", "common.ui.chrome.bigUrlWarningNotificationTitle": "URLが大きく、Kibanaの動作が停止する可能性があります", @@ -472,36 +387,7 @@ "common.ui.url.replacementFailedErrorMessage": "置換に失敗、未解決の表現式: {expr}", "common.ui.url.savedObjectIsMissingNotificationMessage": "保存されたオブジェクトがありません", "common.ui.vis.aggConfig.percentageOfLabel": "{label} のパーセンテージ", - "common.ui.vis.defaultEditor.aggSelect.aggregationLabel": "集約", - "common.ui.vis.defaultEditor.aggSelect.helpLinkLabel": "{aggTitle} のヘルプ", - "common.ui.vis.defaultEditor.aggSelect.noCompatibleAggsDescription": "インデックスパターン{indexPatternTitle}には集約可能なフィールドが含まれていません。", - "common.ui.vis.defaultEditor.aggSelect.selectAggPlaceholder": "集約を選択してください", - "common.ui.vis.defaultEditor.aggSelect.subAggregationLabel": "サブ集約", - "common.ui.vis.defaultEditor.controls.columnsLabel": "フィールド", - "common.ui.vis.defaultEditor.controls.dotSizeRatioHelpText": "最小の点から最大の点までの半径の比率を変更します。", - "common.ui.vis.defaultEditor.controls.dotSizeRatioLabel": "点サイズ率", - "common.ui.vis.defaultEditor.controls.rowsLabel": "行", - "common.ui.vis.defaultEditor.controls.splitByLegend": "行または列でチャートを分割します。", "common.ui.vis.defaultFeedbackMessage": "フィードバックがありますか?{link} で問題を報告してください。", - "common.ui.vis.editors.advancedToggle.advancedLinkLabel": "高度な設定", - "common.ui.vis.editors.agg.disableAggButtonTooltip": "集約を無効にする", - "common.ui.vis.editors.agg.enableAggButtonTooltip": "集約を有効にする", - "common.ui.vis.editors.agg.errorsAriaLabel": "集約にエラーがあります", - "common.ui.vis.editors.agg.modifyPriorityButtonTooltip": "ドラッグして優先順位を変更します", - "common.ui.vis.editors.agg.removeDimensionButtonTooltip": "ディメンションを削除", - "common.ui.vis.editors.agg.toggleEditorButtonAriaLabel": "{schema} エディターを切り替える", - "common.ui.vis.editors.aggAdd.addButtonLabel": "追加", - "common.ui.vis.editors.aggAdd.addGroupButtonLabel": "{groupNameLabel} を追加", - "common.ui.vis.editors.aggAdd.addSubGroupButtonLabel": "サブ {groupNameLabel} を追加", - "common.ui.vis.editors.aggAdd.bucketLabel": "バケット", - "common.ui.vis.editors.aggAdd.metricLabel": "メトリック", - "common.ui.vis.editors.aggGroups.bucketsText": "バケット", - "common.ui.vis.editors.aggGroups.metricsText": "メトリック", - "common.ui.vis.editors.aggParams.errors.aggWrongRunOrderErrorMessage": "「{schema}」集約は他のバケットの前に実行する必要があります!", - "common.ui.vis.editors.sidebar.autoApplyChangesAriaLabel": "変更されるごとにビジュアライゼーションを自動的に更新します", - "common.ui.vis.editors.sidebar.errorButtonTooltip": "ハイライトされたフィールドのエラーを解決する必要があります。", - "common.ui.vis.editors.sidebar.tabs.dataLabel": "データ", - "common.ui.vis.editors.sidebar.tabs.optionsLabel": "オプション", "common.ui.vis.kibanaMap.leaflet.fitDataBoundsAriaLabel": "データバウンドを合わせる", "common.ui.vis.kibanaMap.zoomWarning": "ズームレベルが最大に達しました。完全にズームインするには、Elasticsearch と Kibana の {defaultDistribution} にアップグレードしてください。{ems} でより多くのズームレベルが利用できます。または、独自のマップサーバーを構成できます。詳細は { wms } または { configSettings} をご覧ください。", "charts.colormaps.bluesText": "青", @@ -510,7 +396,6 @@ "charts.colormaps.greysText": "グレー", "charts.colormaps.redsText": "赤", "charts.colormaps.yellowToRedText": "黄色から赤", - "common.ui.visualize.queryGeohashBounds.unableToGetBoundErrorTitle": "バウンドを取得できませんでした", "console.autocomplete.addMethodMetaText": "メソド", "console.consoleDisplayName": "コンソール", "console.consoleMenu.copyAsCurlMessage": "リクエストが URL としてコピーされました", @@ -3014,6 +2899,121 @@ "timelion.vis.intervalLabel": "間隔", "uiActions.actionPanel.title": "オプション", "uiActions.errors.incompatibleAction": "操作に互換性がありません", + "visualizations.queryGeohashBounds.unableToGetBoundErrorTitle": "バウンドを取得できませんでした", + "visDefaultEditor.aggSelect.aggregationLabel": "集約", + "visDefaultEditor.aggSelect.helpLinkLabel": "{aggTitle} のヘルプ", + "visDefaultEditor.aggSelect.noCompatibleAggsDescription": "インデックスパターン{indexPatternTitle}には集約可能なフィールドが含まれていません。", + "visDefaultEditor.aggSelect.selectAggPlaceholder": "集約を選択してください", + "visDefaultEditor.aggSelect.subAggregationLabel": "サブ集約", + "visDefaultEditor.controls.aggNotValidLabel": "- 無効な集約 -", + "visDefaultEditor.controls.columnsLabel": "フィールド", + "visDefaultEditor.controls.dotSizeRatioHelpText": "最小の点から最大の点までの半径の比率を変更します。", + "visDefaultEditor.controls.dotSizeRatioLabel": "点サイズ率", + "visDefaultEditor.controls.rowsLabel": "行", + "visDefaultEditor.controls.splitByLegend": "行または列でチャートを分割します。", + "visDefaultEditor.controls.aggregateWith.noAggsErrorTooltip": "選択されたフィールドには互換性のある集約がありません。", + "visDefaultEditor.controls.aggregateWithLabel": "アグリゲーション:", + "visDefaultEditor.controls.aggregateWithTooltip": "複数ヒットまたは複数値のフィールドを 1 つのメトリックにまとめる方法を選択します。", + "visDefaultEditor.controls.changePrecisionLabel": "マップズームの精度を変更", + "visDefaultEditor.controls.customMetricLabel": "カスタムメトリック", + "visDefaultEditor.controls.dateRanges.acceptedDateFormatsLinkText": "対応データフォーマット", + "visDefaultEditor.controls.dateRanges.addRangeButtonLabel": "範囲を追加", + "visDefaultEditor.controls.dateRanges.errorMessage": "各範囲は1つ以上の有効な日付にしてください。", + "visDefaultEditor.controls.dateRanges.fromColumnLabel": "From", + "visDefaultEditor.controls.dateRanges.removeRangeButtonAriaLabel": "{from}から{to}の範囲を削除", + "visDefaultEditor.controls.dateRanges.toColumnLabel": "To", + "visDefaultEditor.controls.dropPartialBucketsLabel": "不完全なバケットをドロップ", + "visDefaultEditor.controls.dropPartialBucketsTooltip": "時間範囲外にわたるバケットを削除してヒストグラムが不完全なバケットで開始・終了しないようにします。", + "visDefaultEditor.controls.extendedBounds.errorMessage": "最低値は最大値以下でなければなりません。", + "visDefaultEditor.controls.extendedBounds.maxLabel": "最高", + "visDefaultEditor.controls.extendedBounds.minLabel": "最低", + "visDefaultEditor.controls.extendedBoundsLabel": "拡張された境界", + "visDefaultEditor.controls.extendedBoundsTooltip": "最低値と最高値は結果を絞るのではなく、結果セットのバウンドを拡張します", + "visDefaultEditor.controls.field.fieldLabel": "フィールド", + "visDefaultEditor.controls.field.noCompatibleFieldsDescription": "インデックスパターン` {indexPatternTitle} に次の互換性のあるフィールドタイプが 1 つも含まれていません: {fieldTypes}", + "visDefaultEditor.controls.field.selectFieldPlaceholder": "フィールドを選択", + "visDefaultEditor.controls.filters.addFilterButtonLabel": "フィルターを追加します", + "visDefaultEditor.controls.filters.definiteFilterLabel": "{index} ラベルでフィルタリング", + "visDefaultEditor.controls.filters.filterLabel": "{index} でフィルタリング", + "visDefaultEditor.controls.filters.labelPlaceholder": "ラベル", + "visDefaultEditor.controls.filters.removeFilterButtonAriaLabel": "このフィルターを削除", + "visDefaultEditor.controls.filters.toggleFilterButtonAriaLabel": "フィルターラベルを切り替える", + "visDefaultEditor.controls.ipRanges.addRangeButtonLabel": "範囲を追加", + "visDefaultEditor.controls.ipRanges.cidrMaskAriaLabel": "CIDR マスク: {mask}", + "visDefaultEditor.controls.ipRanges.cidrMasksButtonLabel": "CIDR マスク", + "visDefaultEditor.controls.ipRanges.fromToButtonLabel": "開始/終了", + "visDefaultEditor.controls.ipRanges.ipRangeFromAriaLabel": "IP 範囲の開始値: {value}", + "visDefaultEditor.controls.ipRanges.ipRangeToAriaLabel": "IP 範囲の終了値: {value}", + "visDefaultEditor.controls.ipRanges.removeCidrMaskButtonAriaLabel": "{mask} の CIDR マスクの値を削除", + "visDefaultEditor.controls.ipRanges.removeEmptyCidrMaskButtonAriaLabel": "CIDR マスクのデフォルトの値を削除", + "visDefaultEditor.controls.ipRanges.removeRangeAriaLabel": "{from} から {to} の範囲を削除", + "visDefaultEditor.controls.ipRangesAriaLabel": "IP 範囲", + "visDefaultEditor.controls.jsonInputLabel": "JSON インプット", + "visDefaultEditor.controls.jsonInputTooltip": "ここに追加された JSON フォーマットのプロパティは、すべてこのセクションの Elasticsearch アグリゲーション定義に融合されます。用語集約における「shard_size」がその例です。", + "visDefaultEditor.controls.metricLabel": "メトリック", + "visDefaultEditor.controls.metrics.bucketTitle": "バケット", + "visDefaultEditor.controls.metrics.metricTitle": "メトリック", + "visDefaultEditor.controls.numberInterval.minimumIntervalLabel": "最低間隔", + "visDefaultEditor.controls.numberInterval.minimumIntervalTooltip": "入力された値により高度な設定の {histogramMaxBars} で指定されたよりも多くのバケットが作成される場合、間隔は自動的にスケーリングされます。", + "visDefaultEditor.controls.numberInterval.selectIntervalPlaceholder": "間隔を入力", + "visDefaultEditor.controls.numberList.addUnitButtonLabel": "{unitName} を追加", + "visDefaultEditor.controls.numberList.enterValuePlaceholder": "値を入力", + "visDefaultEditor.controls.numberList.invalidAscOrderErrorMessage": "値は昇順でなければなりません。", + "visDefaultEditor.controls.numberList.invalidRangeErrorMessage": "値は {min} から {max} の範囲でなければなりません。", + "visDefaultEditor.controls.numberList.removeUnitButtonAriaLabel": "{value} のランク値を削除", + "visDefaultEditor.controls.onlyRequestDataAroundMapExtentLabel": "マップ範囲のデータのみリクエストしてください", + "visDefaultEditor.controls.onlyRequestDataAroundMapExtentTooltip": "geo_bounding_box フィルター集約を適用して、襟付きのマップビューボックスにサブジェクトエリアを絞ります", + "visDefaultEditor.controls.orderAgg.alphabeticalLabel": "アルファベット順", + "visDefaultEditor.controls.orderAgg.orderByLabel": "並び順", + "visDefaultEditor.controls.orderLabel": "順序", + "visDefaultEditor.controls.otherBucket.groupValuesLabel": "他の値を別のバケットにまとめる", + "visDefaultEditor.controls.otherBucket.groupValuesTooltip": "トップ N 以外の値はこのバケットにまとめられます。欠測値があるドキュメントを含めるには、「欠測値を表示」を有効にしてください。", + "visDefaultEditor.controls.otherBucket.showMissingValuesLabel": "欠測値を表示", + "visDefaultEditor.controls.otherBucket.showMissingValuesTooltip": "「文字列」タイプのフィールドにのみ使用できます。有効にすると、欠測値があるドキュメントが検索に含まれます。バケットがトップ N の場合、チャートに表示されます。トップ N ではなく、「他の値を別のバケットにまとえる」が有効な場合、Elasticsearch は欠測値を「他」のバケットに追加します。", + "visDefaultEditor.controls.percentileRanks.percentUnitNameText": "パーセント", + "visDefaultEditor.controls.percentileRanks.valuesLabel": "値", + "visDefaultEditor.controls.percentileRanks.valueUnitNameText": "値", + "visDefaultEditor.controls.percentiles.percentsLabel": "パーセント", + "visDefaultEditor.controls.placeMarkersOffGridLabel": "グリッド外にマーカーを配置 (ジオセントロイドを使用)", + "visDefaultEditor.controls.precisionLabel": "精度", + "visDefaultEditor.controls.ranges.addRangeButtonLabel": "範囲を追加", + "visDefaultEditor.controls.ranges.fromLabel": "開始値:", + "visDefaultEditor.controls.ranges.greaterThanOrEqualPrepend": "≥", + "visDefaultEditor.controls.ranges.lessThanPrepend": "<", + "visDefaultEditor.controls.ranges.removeRangeButtonAriaLabel": "{from} から {to} の範囲を削除", + "visDefaultEditor.controls.ranges.toLabel": "To", + "visDefaultEditor.controls.scaleMetricsLabel": "メトリック値のスケーリング (廃止)", + "visDefaultEditor.controls.scaleMetricsTooltip": "これを有効にすると、手動最低間隔を選択し、広い間隔が使用された場合、カウントと合計メトリックが手動で選択された間隔にスケーリングされます。", + "visDefaultEditor.controls.showEmptyBucketsLabel": "空のバケットを表示", + "visDefaultEditor.controls.showEmptyBucketsTooltip": "結果のあるバケットだけでなくすべてのバケットを表示します", + "visDefaultEditor.controls.sizeLabel": "サイズ", + "visDefaultEditor.controls.sizeTooltip": "トップ K のヒットをリクエスト。複数ヒットは「集約基準」でまとめられます。", + "visDefaultEditor.controls.sortOnLabel": "並べ替えオン", + "visDefaultEditor.controls.timeInterval.createsTooLargeBucketsTooltip": "この間隔は、選択された時間範囲に表示するには大きすぎるバケットが作成されるため、にスケーリングされています。", + "visDefaultEditor.controls.timeInterval.createsTooManyBucketsTooltip": "この間隔は選択された時間範囲に表示しきれない数のバケットが作成されるため、にスケーリングされています。", + "visDefaultEditor.controls.timeInterval.invalidFormatErrorMessage": "無効な間隔フォーマット。", + "visDefaultEditor.controls.timeInterval.minimumIntervalLabel": "最低間隔", + "visDefaultEditor.controls.timeInterval.scaledHelpText": "現在 {bucketDescription} にスケーリングされています", + "visDefaultEditor.controls.timeInterval.selectIntervalPlaceholder": "間隔を選択", + "visDefaultEditor.controls.timeInterval.selectOptionHelpText": "オプションを選択するかカスタム値を作成します。例30s、20m、24h、2d、1w、1M", + "visDefaultEditor.advancedToggle.advancedLinkLabel": "高度な設定", + "visDefaultEditor.agg.disableAggButtonTooltip": "集約を無効にする", + "visDefaultEditor.agg.enableAggButtonTooltip": "集約を有効にする", + "visDefaultEditor.agg.errorsAriaLabel": "集約にエラーがあります", + "visDefaultEditor.agg.modifyPriorityButtonTooltip": "ドラッグして優先順位を変更します", + "visDefaultEditor.agg.removeDimensionButtonTooltip": "ディメンションを削除", + "visDefaultEditor.agg.toggleEditorButtonAriaLabel": "{schema} エディターを切り替える", + "visDefaultEditor.aggAdd.addButtonLabel": "追加", + "visDefaultEditor.aggAdd.addGroupButtonLabel": "{groupNameLabel} を追加", + "visDefaultEditor.aggAdd.addSubGroupButtonLabel": "サブ {groupNameLabel} を追加", + "visDefaultEditor.aggAdd.bucketLabel": "バケット", + "visDefaultEditor.aggAdd.metricLabel": "メトリック", + "visDefaultEditor.aggParams.errors.aggWrongRunOrderErrorMessage": "「{schema}」集約は他のバケットの前に実行する必要があります!", + "visDefaultEditor.sidebar.autoApplyChangesAriaLabel": "変更されるごとにビジュアライゼーションを自動的に更新します", + "visDefaultEditor.sidebar.errorButtonTooltip": "ハイライトされたフィールドのエラーを解決する必要があります。", + "visDefaultEditor.sidebar.tabs.dataLabel": "データ", + "visDefaultEditor.sidebar.tabs.optionsLabel": "オプション", + "visDefaultEditor.metrics.wrongLastBucketTypeErrorMessage": "「{type}」メトリック集約を使用する場合、最後のバケット集約は「Date Histogram」または「Histogram」でなければなりません。", "visTypeMarkdown.function.font.help": "フォント設定です。", "visTypeMarkdown.function.help": "マークダウンビジュアライゼーション", "visTypeMarkdown.function.markdown.help": "レンダリングするマークダウン", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index e98ca26410e2c..d8012bbb526c9 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -77,10 +77,8 @@ }, "messages": { "common.ui.aggResponse.allDocsTitle": "所有文档", - "common.ui.aggTypes.aggNotValidLabel": "- 聚合无效 -", - "common.ui.aggTypes.aggregateWith.noAggsErrorTooltip": "选择的字段没有兼容的聚合。", - "common.ui.aggTypes.aggregateWithLabel": "聚合对象", - "common.ui.aggTypes.aggregateWithTooltip": "选择将多个命中或多值字段组合成单个指标的策略。", + "common.ui.aggTypes.aggGroups.bucketsText": "存储桶", + "common.ui.aggTypes.aggGroups.metricsText": "指标", "common.ui.aggTypes.buckets.dateHistogramLabel": "{fieldName}/{intervalDescription}", "common.ui.aggTypes.buckets.dateHistogramTitle": "Date Histogram", "common.ui.aggTypes.buckets.dateRangeTitle": "日期范围", @@ -116,49 +114,11 @@ "common.ui.aggTypes.buckets.terms.otherBucketLabel": "其他", "common.ui.aggTypes.buckets.terms.otherBucketTitle": "其他存储桶", "common.ui.aggTypes.buckets.termsTitle": "词", - "common.ui.aggTypes.changePrecisionLabel": "更改地图缩放的精确度", - "common.ui.aggTypes.customMetricLabel": "定制指标", - "common.ui.aggTypes.dateRanges.acceptedDateFormatsLinkText": "已接受日期格式", - "common.ui.aggTypes.dateRanges.addRangeButtonLabel": "添加范围", - "common.ui.aggTypes.dateRanges.errorMessage": "每个范围应至少有一个有效日期。", - "common.ui.aggTypes.dateRanges.fromColumnLabel": "从", - "common.ui.aggTypes.dateRanges.removeRangeButtonAriaLabel": "移除范围 {from} 至 {to}", - "common.ui.aggTypes.dateRanges.toColumnLabel": "到", - "common.ui.aggTypes.dropPartialBucketsLabel": "丢弃部分存储桶", - "common.ui.aggTypes.dropPartialBucketsTooltip": "移除超出时间范围的存储桶,以便直方图不以不完整的存储桶开始和结束。", - "common.ui.aggTypes.extendedBounds.errorMessage": "最小值应小于或等于最大值。", - "common.ui.aggTypes.extendedBounds.maxLabel": "最大值", - "common.ui.aggTypes.extendedBounds.minLabel": "最小值", - "common.ui.aggTypes.extendedBoundsLabel": "延伸边界", - "common.ui.aggTypes.extendedBoundsTooltip": "“最小值”和“最大值”不会筛选结果,而会扩展结果集的边界", - "common.ui.aggTypes.field.fieldLabel": "字段", - "common.ui.aggTypes.field.noCompatibleFieldsDescription": "索引模式“{indexPatternTitle}”不包含任何以下兼容字段类型:{fieldTypes}", - "common.ui.aggTypes.field.selectFieldPlaceholder": "选择字段", - "common.ui.aggTypes.filters.addFilterButtonLabel": "添加筛选", - "common.ui.aggTypes.filters.definiteFilterLabel": "筛选 {index} 标签", - "common.ui.aggTypes.filters.filterLabel": "筛选 {index}", - "common.ui.aggTypes.filters.labelPlaceholder": "标签", - "common.ui.aggTypes.filters.removeFilterButtonAriaLabel": "移除此筛选", - "common.ui.aggTypes.filters.toggleFilterButtonAriaLabel": "切换筛选标签", "common.ui.aggTypes.histogram.missingMaxMinValuesWarning": "无法检索最大值和最小值以自动缩放直方图存储桶。这可能会导致可视化性能低下。", - "common.ui.aggTypes.ipRanges.addRangeButtonLabel": "添加范围", - "common.ui.aggTypes.ipRanges.cidrMaskAriaLabel": "CIDR 掩码:{mask}", - "common.ui.aggTypes.ipRanges.cidrMasksButtonLabel": "CIDR 掩码", - "common.ui.aggTypes.ipRanges.fromToButtonLabel": "起始/结束", - "common.ui.aggTypes.ipRanges.ipRangeFromAriaLabel": "IP 范围起始:{value}", - "common.ui.aggTypes.ipRanges.ipRangeToAriaLabel": "IP 范围结束:{value}", - "common.ui.aggTypes.ipRanges.removeCidrMaskButtonAriaLabel": "移除 {mask} 的 CIDR 掩码值", - "common.ui.aggTypes.ipRanges.removeEmptyCidrMaskButtonAriaLabel": "移除 CIDR 掩码默认值", - "common.ui.aggTypes.ipRanges.removeRangeAriaLabel": "移除范围 {from} 至 {to}", - "common.ui.aggTypes.ipRangesAriaLabel": "IP 范围", - "common.ui.aggTypes.jsonInputLabel": "JSON 输入", - "common.ui.aggTypes.jsonInputTooltip": "此处以 JSON 格式添加的任何属性将与此部分的 elasticsearch 聚合定义合并。例如,词聚合上的“shard_size”。", - "common.ui.aggTypes.metricLabel": "指标", "common.ui.aggTypes.metrics.averageBucketTitle": "平均存储桶", "common.ui.aggTypes.metrics.averageLabel": "{field}平均值", "common.ui.aggTypes.metrics.averageTitle": "平均值", "common.ui.aggTypes.metrics.bucketAggTitle": "存储桶聚合", - "common.ui.aggTypes.metrics.bucketTitle": "存储桶", "common.ui.aggTypes.metrics.countLabel": "计数", "common.ui.aggTypes.metrics.countTitle": "计数", "common.ui.aggTypes.metrics.cumulativeSumLabel": "累计和", @@ -176,7 +136,6 @@ "common.ui.aggTypes.metrics.medianTitle": "中值", "common.ui.aggTypes.metrics.metricAggregationsSubtypeTitle": "指标聚合", "common.ui.aggTypes.metrics.metricAggTitle": "指标聚合", - "common.ui.aggTypes.metrics.metricTitle": "指标", "common.ui.aggTypes.metrics.minBucketTitle": "最小存储桶", "common.ui.aggTypes.metrics.minLabel": "{field}最小值", "common.ui.aggTypes.metrics.minTitle": "最小值", @@ -216,55 +175,11 @@ "common.ui.aggTypes.metrics.topHitTitle": "最高命中结果", "common.ui.aggTypes.metrics.uniqueCountLabel": "“{field}” 的唯一计数", "common.ui.aggTypes.metrics.uniqueCountTitle": "唯一计数", - "common.ui.aggTypes.metrics.wrongLastBucketTypeErrorMessage": "使用“{type}”指标聚合时,上一存储桶聚合必须是“Date Histogram”或“Histogram”。", - "common.ui.aggTypes.numberInterval.minimumIntervalLabel": "最小时间间隔", - "common.ui.aggTypes.numberInterval.minimumIntervalTooltip": "提供的值创建的存储桶数目大于“高级设置”的 {histogramMaxBars} 指定的数目时,将自动缩放时间间隔", - "common.ui.aggTypes.numberInterval.selectIntervalPlaceholder": "输入时间间隔", - "common.ui.aggTypes.numberList.addUnitButtonLabel": "添加{unitName}", - "common.ui.aggTypes.numberList.enterValuePlaceholder": "输入值", - "common.ui.aggTypes.numberList.invalidAscOrderErrorMessage": "这些值应为升序。", - "common.ui.aggTypes.numberList.invalidRangeErrorMessage": "值应在 {min} 至 {max} 范围内。", - "common.ui.aggTypes.numberList.removeUnitButtonAriaLabel": "移除 {value} 的排名值", - "common.ui.aggTypes.onlyRequestDataAroundMapExtentLabel": "仅请求地图范围的数据", - "common.ui.aggTypes.onlyRequestDataAroundMapExtentTooltip": "应用 geo_bounding_box 筛选聚合以使用领口将主题区域缩小到地图视图框", - "common.ui.aggTypes.orderAgg.alphabeticalLabel": "按字母顺序", - "common.ui.aggTypes.orderAgg.orderByLabel": "排序依据", - "common.ui.aggTypes.orderLabel": "顺序", - "common.ui.aggTypes.otherBucket.groupValuesLabel": "在单独的存储桶中对其他值分组", - "common.ui.aggTypes.otherBucket.groupValuesTooltip": "不在排名前 N 中的值将在此存储桶中进行分组。要包括缺失值的文档,请启用“显示缺失值”。", "common.ui.aggTypes.otherBucket.labelForMissingValuesLabel": "缺失值的标签", "common.ui.aggTypes.otherBucket.labelForOtherBucketLabel": "其他存储桶的标签", - "common.ui.aggTypes.otherBucket.showMissingValuesLabel": "显示缺失值", - "common.ui.aggTypes.otherBucket.showMissingValuesTooltip": "仅对“字符串”类型的字段有效。启用后,在搜索中包括缺失值的文档。如果此存储桶在排名前 N 中,其将会显示在图表中。如果不在排名前 N 中,并且启用了“在单独的存储桶中对其他值分组”,Elasticsearch 会将缺失值添加到“其他”存储桶。", "common.ui.aggTypes.paramTypes.field.invalidSavedFieldParameterErrorMessage": "已保存的 {fieldParameter} 参数现在无效。请选择新字段。", "common.ui.aggTypes.paramTypes.field.requiredFieldParameterErrorMessage": "{fieldParameter} 是必需字段", - "common.ui.aggTypes.percentileRanks.percentUnitNameText": "百分比", - "common.ui.aggTypes.percentileRanks.valuesLabel": "值", - "common.ui.aggTypes.percentileRanks.valueUnitNameText": "值", - "common.ui.aggTypes.percentiles.percentsLabel": "百分数", - "common.ui.aggTypes.placeMarkersOffGridLabel": "将标记置于网格外(使用 geocentroid)", - "common.ui.aggTypes.precisionLabel": "精确度", - "common.ui.aggTypes.ranges.addRangeButtonLabel": "添加范围", - "common.ui.aggTypes.ranges.fromLabel": "从", - "common.ui.aggTypes.ranges.greaterThanOrEqualPrepend": "≥", - "common.ui.aggTypes.ranges.lessThanPrepend": "<", - "common.ui.aggTypes.ranges.removeRangeButtonAriaLabel": "移除范围 {from} 至 {to}", - "common.ui.aggTypes.ranges.toLabel": "到", - "common.ui.aggTypes.scaleMetricsLabel": "缩放指标值(已弃用)", - "common.ui.aggTypes.scaleMetricsTooltip": "如果选择手动最小时间间隔并将使用较大的时间间隔,则启用此设置将使计数和求和指标缩放到手动选择的时间间隔。", - "common.ui.aggTypes.showEmptyBucketsLabel": "显示空存储桶", - "common.ui.aggTypes.showEmptyBucketsTooltip": "显示所有存储桶,不仅仅有结果的存储桶", - "common.ui.aggTypes.sizeLabel": "大小", - "common.ui.aggTypes.sizeTooltip": "请求排名前 K 的命中。多个命中将通过“聚合对象”组合。", - "common.ui.aggTypes.sortOnLabel": "排序依据", "common.ui.aggTypes.string.customLabel": "定制标签", - "common.ui.aggTypes.timeInterval.createsTooLargeBucketsTooltip": "此时间间隔将创建过大而无法在选定时间范围内显示的存储桶,因此其已缩放至", - "common.ui.aggTypes.timeInterval.createsTooManyBucketsTooltip": "此时间间隔将创建过多的存储桶,而无法在选定时间范围内全部显示,因此其已缩放至", - "common.ui.aggTypes.timeInterval.invalidFormatErrorMessage": "时间间隔格式无效。", - "common.ui.aggTypes.timeInterval.minimumIntervalLabel": "最小时间间隔", - "common.ui.aggTypes.timeInterval.scaledHelpText": "当前缩放至 {bucketDescription}", - "common.ui.aggTypes.timeInterval.selectIntervalPlaceholder": "选择时间间隔", - "common.ui.aggTypes.timeInterval.selectOptionHelpText": "选择选项或创建定制值示例:30s、20m、24h、2d、1w、1M", "common.ui.chrome.bigUrlWarningNotificationMessage": "在{advancedSettingsLink}中启用“{storeInSessionStorageParam}”选项或简化屏幕视觉效果。", "common.ui.chrome.bigUrlWarningNotificationMessage.advancedSettingsLinkText": "高级设置", "common.ui.chrome.bigUrlWarningNotificationTitle": "URL 过长,Kibana 可能无法工作", @@ -472,36 +387,7 @@ "common.ui.url.replacementFailedErrorMessage": "替换失败,未解析的表达式:{expr}", "common.ui.url.savedObjectIsMissingNotificationMessage": "已保存对象缺失", "common.ui.vis.aggConfig.percentageOfLabel": "{label} 的百分比", - "common.ui.vis.defaultEditor.aggSelect.aggregationLabel": "聚合", - "common.ui.vis.defaultEditor.aggSelect.helpLinkLabel": "{aggTitle} 帮助", - "common.ui.vis.defaultEditor.aggSelect.noCompatibleAggsDescription": "索引模式“{indexPatternTitle}”不包含任何聚合。", - "common.ui.vis.defaultEditor.aggSelect.selectAggPlaceholder": "选择聚合", - "common.ui.vis.defaultEditor.aggSelect.subAggregationLabel": "子聚合", - "common.ui.vis.defaultEditor.controls.columnsLabel": "瀛楁", - "common.ui.vis.defaultEditor.controls.dotSizeRatioHelpText": "更改最小点与最大点的半径比率。", - "common.ui.vis.defaultEditor.controls.dotSizeRatioLabel": "点大小比率", - "common.ui.vis.defaultEditor.controls.rowsLabel": "行", - "common.ui.vis.defaultEditor.controls.splitByLegend": "按行或列拆分图表。", "common.ui.vis.defaultFeedbackMessage": "想反馈?请在“{link}中创建问题。", - "common.ui.vis.editors.advancedToggle.advancedLinkLabel": "高级", - "common.ui.vis.editors.agg.disableAggButtonTooltip": "禁用聚合", - "common.ui.vis.editors.agg.enableAggButtonTooltip": "启用聚合", - "common.ui.vis.editors.agg.errorsAriaLabel": "聚合有错误", - "common.ui.vis.editors.agg.modifyPriorityButtonTooltip": "通过拖动来修改优先级", - "common.ui.vis.editors.agg.removeDimensionButtonTooltip": "移除维度", - "common.ui.vis.editors.agg.toggleEditorButtonAriaLabel": "切换 {schema} 编辑器", - "common.ui.vis.editors.aggAdd.addButtonLabel": "娣诲姞", - "common.ui.vis.editors.aggAdd.addGroupButtonLabel": "添加{groupNameLabel}", - "common.ui.vis.editors.aggAdd.addSubGroupButtonLabel": "添加子{groupNameLabel}", - "common.ui.vis.editors.aggAdd.bucketLabel": "存储桶", - "common.ui.vis.editors.aggAdd.metricLabel": "指标", - "common.ui.vis.editors.aggGroups.bucketsText": "存储桶", - "common.ui.vis.editors.aggGroups.metricsText": "指标", - "common.ui.vis.editors.aggParams.errors.aggWrongRunOrderErrorMessage": "“{schema}” 聚合必须在所有其他存储桶之前运行!", - "common.ui.vis.editors.sidebar.autoApplyChangesAriaLabel": "每次更改时自动更新可视化", - "common.ui.vis.editors.sidebar.errorButtonTooltip": "需要解决突出显示的字段中的错误。", - "common.ui.vis.editors.sidebar.tabs.dataLabel": "数据", - "common.ui.vis.editors.sidebar.tabs.optionsLabel": "选项", "common.ui.vis.kibanaMap.leaflet.fitDataBoundsAriaLabel": "适应数据边界", "common.ui.vis.kibanaMap.zoomWarning": "已达到缩放级别最大数目。要一直放大,请升级到 Elasticsearch 和 Kibana 的 {defaultDistribution}。您可以通过 {ems} 免费使用其他缩放级别。或者,您可以配置自己的地图服务器。请前往 { wms } 或 { configSettings} 以获取详细信息。", "charts.colormaps.bluesText": "蓝色", @@ -510,7 +396,6 @@ "charts.colormaps.greysText": "灰色", "charts.colormaps.redsText": "红色", "charts.colormaps.yellowToRedText": "黄到红", - "common.ui.visualize.queryGeohashBounds.unableToGetBoundErrorTitle": "无法获取边界", "console.autocomplete.addMethodMetaText": "方法", "console.consoleDisplayName": "控制台", "console.consoleMenu.copyAsCurlMessage": "请求已复制为 cURL", @@ -3014,6 +2899,121 @@ "timelion.vis.intervalLabel": "时间间隔", "uiActions.actionPanel.title": "选项", "uiActions.errors.incompatibleAction": "操作不兼容", + "visualizations.queryGeohashBounds.unableToGetBoundErrorTitle": "无法获取边界", + "visDefaultEditor.aggSelect.aggregationLabel": "聚合", + "visDefaultEditor.aggSelect.helpLinkLabel": "{aggTitle} 帮助", + "visDefaultEditor.aggSelect.noCompatibleAggsDescription": "索引模式“{indexPatternTitle}”不包含任何聚合。", + "visDefaultEditor.aggSelect.selectAggPlaceholder": "选择聚合", + "visDefaultEditor.aggSelect.subAggregationLabel": "子聚合", + "visDefaultEditor.controls.aggNotValidLabel": "- 聚合无效 -", + "visDefaultEditor.controls.columnsLabel": "瀛楁", + "visDefaultEditor.controls.dotSizeRatioHelpText": "更改最小点与最大点的半径比率。", + "visDefaultEditor.controls.dotSizeRatioLabel": "点大小比率", + "visDefaultEditor.controls.rowsLabel": "行", + "visDefaultEditor.controls.splitByLegend": "按行或列拆分图表。", + "visDefaultEditor.controls.aggregateWith.noAggsErrorTooltip": "选择的字段没有兼容的聚合。", + "visDefaultEditor.controls.aggregateWithLabel": "聚合对象", + "visDefaultEditor.controls.aggregateWithTooltip": "选择将多个命中或多值字段组合成单个指标的策略。", + "visDefaultEditor.controls.changePrecisionLabel": "更改地图缩放的精确度", + "visDefaultEditor.controls.customMetricLabel": "定制指标", + "visDefaultEditor.controls.dateRanges.acceptedDateFormatsLinkText": "已接受日期格式", + "visDefaultEditor.controls.dateRanges.addRangeButtonLabel": "添加范围", + "visDefaultEditor.controls.dateRanges.errorMessage": "每个范围应至少有一个有效日期。", + "visDefaultEditor.controls.dateRanges.fromColumnLabel": "从", + "visDefaultEditor.controls.dateRanges.removeRangeButtonAriaLabel": "移除范围 {from} 至 {to}", + "visDefaultEditor.controls.dateRanges.toColumnLabel": "到", + "visDefaultEditor.controls.dropPartialBucketsLabel": "丢弃部分存储桶", + "visDefaultEditor.controls.dropPartialBucketsTooltip": "移除超出时间范围的存储桶,以便直方图不以不完整的存储桶开始和结束。", + "visDefaultEditor.controls.extendedBounds.errorMessage": "最小值应小于或等于最大值。", + "visDefaultEditor.controls.extendedBounds.maxLabel": "最大值", + "visDefaultEditor.controls.extendedBounds.minLabel": "最小值", + "visDefaultEditor.controls.extendedBoundsLabel": "延伸边界", + "visDefaultEditor.controls.extendedBoundsTooltip": "“最小值”和“最大值”不会筛选结果,而会扩展结果集的边界", + "visDefaultEditor.controls.field.fieldLabel": "字段", + "visDefaultEditor.controls.field.noCompatibleFieldsDescription": "索引模式“{indexPatternTitle}”不包含任何以下兼容字段类型:{fieldTypes}", + "visDefaultEditor.controls.field.selectFieldPlaceholder": "选择字段", + "visDefaultEditor.controls.filters.addFilterButtonLabel": "添加筛选", + "visDefaultEditor.controls.filters.definiteFilterLabel": "筛选 {index} 标签", + "visDefaultEditor.controls.filters.filterLabel": "筛选 {index}", + "visDefaultEditor.controls.filters.labelPlaceholder": "标签", + "visDefaultEditor.controls.filters.removeFilterButtonAriaLabel": "移除此筛选", + "visDefaultEditor.controls.filters.toggleFilterButtonAriaLabel": "切换筛选标签", + "visDefaultEditor.controls.ipRanges.addRangeButtonLabel": "添加范围", + "visDefaultEditor.controls.ipRanges.cidrMaskAriaLabel": "CIDR 掩码:{mask}", + "visDefaultEditor.controls.ipRanges.cidrMasksButtonLabel": "CIDR 掩码", + "visDefaultEditor.controls.ipRanges.fromToButtonLabel": "起始/结束", + "visDefaultEditor.controls.ipRanges.ipRangeFromAriaLabel": "IP 范围起始:{value}", + "visDefaultEditor.controls.ipRanges.ipRangeToAriaLabel": "IP 范围结束:{value}", + "visDefaultEditor.controls.ipRanges.removeCidrMaskButtonAriaLabel": "移除 {mask} 的 CIDR 掩码值", + "visDefaultEditor.controls.ipRanges.removeEmptyCidrMaskButtonAriaLabel": "移除 CIDR 掩码默认值", + "visDefaultEditor.controls.ipRanges.removeRangeAriaLabel": "移除范围 {from} 至 {to}", + "visDefaultEditor.controls.ipRangesAriaLabel": "IP 范围", + "visDefaultEditor.controls.jsonInputLabel": "JSON 输入", + "visDefaultEditor.controls.jsonInputTooltip": "此处以 JSON 格式添加的任何属性将与此部分的 elasticsearch 聚合定义合并。例如,词聚合上的“shard_size”。", + "visDefaultEditor.controls.metricLabel": "指标", + "visDefaultEditor.controls.metrics.bucketTitle": "存储桶", + "visDefaultEditor.controls.metrics.metricTitle": "指标", + "visDefaultEditor.controls.numberInterval.minimumIntervalLabel": "最小时间间隔", + "visDefaultEditor.controls.numberInterval.minimumIntervalTooltip": "提供的值创建的存储桶数目大于“高级设置”的 {histogramMaxBars} 指定的数目时,将自动缩放时间间隔", + "visDefaultEditor.controls.numberInterval.selectIntervalPlaceholder": "输入时间间隔", + "visDefaultEditor.controls.numberList.addUnitButtonLabel": "添加{unitName}", + "visDefaultEditor.controls.numberList.enterValuePlaceholder": "输入值", + "visDefaultEditor.controls.numberList.invalidAscOrderErrorMessage": "这些值应为升序。", + "visDefaultEditor.controls.numberList.invalidRangeErrorMessage": "值应在 {min} 至 {max} 范围内。", + "visDefaultEditor.controls.numberList.removeUnitButtonAriaLabel": "移除 {value} 的排名值", + "visDefaultEditor.controls.onlyRequestDataAroundMapExtentLabel": "仅请求地图范围的数据", + "visDefaultEditor.controls.onlyRequestDataAroundMapExtentTooltip": "应用 geo_bounding_box 筛选聚合以使用领口将主题区域缩小到地图视图框", + "visDefaultEditor.controls.orderAgg.alphabeticalLabel": "按字母顺序", + "visDefaultEditor.controls.orderAgg.orderByLabel": "排序依据", + "visDefaultEditor.controls.orderLabel": "顺序", + "visDefaultEditor.controls.otherBucket.groupValuesLabel": "在单独的存储桶中对其他值分组", + "visDefaultEditor.controls.otherBucket.groupValuesTooltip": "不在排名前 N 中的值将在此存储桶中进行分组。要包括缺失值的文档,请启用“显示缺失值”。", + "visDefaultEditor.controls.otherBucket.showMissingValuesLabel": "显示缺失值", + "visDefaultEditor.controls.otherBucket.showMissingValuesTooltip": "仅对“字符串”类型的字段有效。启用后,在搜索中包括缺失值的文档。如果此存储桶在排名前 N 中,其将会显示在图表中。如果不在排名前 N 中,并且启用了“在单独的存储桶中对其他值分组”,Elasticsearch 会将缺失值添加到“其他”存储桶。", + "visDefaultEditor.controls.percentileRanks.percentUnitNameText": "百分比", + "visDefaultEditor.controls.percentileRanks.valuesLabel": "值", + "visDefaultEditor.controls.percentileRanks.valueUnitNameText": "值", + "visDefaultEditor.controls.percentiles.percentsLabel": "百分数", + "visDefaultEditor.controls.placeMarkersOffGridLabel": "将标记置于网格外(使用 geocentroid)", + "visDefaultEditor.controls.precisionLabel": "精确度", + "visDefaultEditor.controls.ranges.addRangeButtonLabel": "添加范围", + "visDefaultEditor.controls.ranges.fromLabel": "从", + "visDefaultEditor.controls.ranges.greaterThanOrEqualPrepend": "≥", + "visDefaultEditor.controls.ranges.lessThanPrepend": "<", + "visDefaultEditor.controls.ranges.removeRangeButtonAriaLabel": "移除范围 {from} 至 {to}", + "visDefaultEditor.controls.ranges.toLabel": "到", + "visDefaultEditor.controls.scaleMetricsLabel": "缩放指标值(已弃用)", + "visDefaultEditor.controls.scaleMetricsTooltip": "如果选择手动最小时间间隔并将使用较大的时间间隔,则启用此设置将使计数和求和指标缩放到手动选择的时间间隔。", + "visDefaultEditor.controls.showEmptyBucketsLabel": "显示空存储桶", + "visDefaultEditor.controls.showEmptyBucketsTooltip": "显示所有存储桶,不仅仅有结果的存储桶", + "visDefaultEditor.controls.sizeLabel": "大小", + "visDefaultEditor.controls.sizeTooltip": "请求排名前 K 的命中。多个命中将通过“聚合对象”组合。", + "visDefaultEditor.controls.sortOnLabel": "排序依据", + "visDefaultEditor.advancedToggle.advancedLinkLabel": "高级", + "visDefaultEditor.agg.disableAggButtonTooltip": "禁用聚合", + "visDefaultEditor.agg.enableAggButtonTooltip": "启用聚合", + "visDefaultEditor.agg.errorsAriaLabel": "聚合有错误", + "visDefaultEditor.agg.modifyPriorityButtonTooltip": "通过拖动来修改优先级", + "visDefaultEditor.agg.removeDimensionButtonTooltip": "移除维度", + "visDefaultEditor.agg.toggleEditorButtonAriaLabel": "切换 {schema} 编辑器", + "visDefaultEditor.aggAdd.addButtonLabel": "娣诲姞", + "visDefaultEditor.aggAdd.addGroupButtonLabel": "添加{groupNameLabel}", + "visDefaultEditor.aggAdd.addSubGroupButtonLabel": "添加子{groupNameLabel}", + "visDefaultEditor.aggAdd.bucketLabel": "存储桶", + "visDefaultEditor.aggAdd.metricLabel": "指标", + "visDefaultEditor.aggParams.errors.aggWrongRunOrderErrorMessage": "“{schema}” 聚合必须在所有其他存储桶之前运行!", + "visDefaultEditor.sidebar.autoApplyChangesAriaLabel": "每次更改时自动更新可视化", + "visDefaultEditor.sidebar.errorButtonTooltip": "需要解决突出显示的字段中的错误。", + "visDefaultEditor.sidebar.tabs.dataLabel": "数据", + "visDefaultEditor.sidebar.tabs.optionsLabel": "选项", + "visDefaultEditor.metrics.wrongLastBucketTypeErrorMessage": "使用“{type}”指标聚合时,上一存储桶聚合必须是“Date Histogram”或“Histogram”。", + "visDefaultEditor.controls.timeInterval.createsTooLargeBucketsTooltip": "此时间间隔将创建过大而无法在选定时间范围内显示的存储桶,因此其已缩放至", + "visDefaultEditor.controls.timeInterval.createsTooManyBucketsTooltip": "此时间间隔将创建过多的存储桶,而无法在选定时间范围内全部显示,因此其已缩放至", + "visDefaultEditor.controls.timeInterval.invalidFormatErrorMessage": "时间间隔格式无效。", + "visDefaultEditor.controls.timeInterval.minimumIntervalLabel": "最小时间间隔", + "visDefaultEditor.controls.timeInterval.scaledHelpText": "当前缩放至 {bucketDescription}", + "visDefaultEditor.controls.timeInterval.selectIntervalPlaceholder": "选择时间间隔", + "visDefaultEditor.controls.timeInterval.selectOptionHelpText": "选择选项或创建定制值示例:30s、20m、24h、2d、1w、1M", "visTypeMarkdown.function.font.help": "字体设置。", "visTypeMarkdown.function.help": "Markdown 可视化", "visTypeMarkdown.function.markdown.help": "要渲染的 Markdown", From 16b4ff4a59e05f4f5cebeaa287fa7d0451bc134d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20St=C3=BCrmer?= Date: Wed, 29 Jan 2020 16:27:12 +0100 Subject: [PATCH 40/40] =?UTF-8?q?[Logs=20UI]=20Allow=20Logs/ML=20integrati?= =?UTF-8?q?on=20result=20access=20with=20machine=E2=80=A6=20(#55884)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This makes the "Log rate" and "Categories" tab visible on clusters with a suitable license for users which don't have the the `machine_learning_admin` role. --- .../logging/log_analysis_setup/index.ts | 2 + .../missing_results_privileges_prompt.tsx | 41 ++++++ .../missing_setup_privileges_prompt.tsx | 41 ++++++ .../user_management_link.tsx | 18 +++ .../log_analysis_capabilities.tsx | 13 +- .../plugins/infra/public/pages/logs/index.tsx | 130 +----------------- .../log_entry_categories/page_content.tsx | 24 +++- .../logs/log_entry_rate/page_content.tsx | 24 +++- .../plugins/infra/public/pages/logs/page.tsx | 19 +++ .../infra/public/pages/logs/page_content.tsx | 122 ++++++++++++++++ .../public/pages/logs/page_providers.tsx | 20 +++ 11 files changed, 311 insertions(+), 143 deletions(-) create mode 100644 x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/missing_results_privileges_prompt.tsx create mode 100644 x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/missing_setup_privileges_prompt.tsx create mode 100644 x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/user_management_link.tsx create mode 100644 x-pack/legacy/plugins/infra/public/pages/logs/page.tsx create mode 100644 x-pack/legacy/plugins/infra/public/pages/logs/page_content.tsx create mode 100644 x-pack/legacy/plugins/infra/public/pages/logs/page_providers.tsx diff --git a/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/index.ts b/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/index.ts index c7a49a90a7886..7f2982f221a3c 100644 --- a/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/index.ts +++ b/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/index.ts @@ -9,5 +9,7 @@ export * from './setup_page'; export * from './initial_configuration_step'; export * from './process_step'; +export * from './missing_results_privileges_prompt'; +export * from './missing_setup_privileges_prompt'; export * from './ml_unavailable_prompt'; export * from './setup_status_unknown_prompt'; diff --git a/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/missing_results_privileges_prompt.tsx b/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/missing_results_privileges_prompt.tsx new file mode 100644 index 0000000000000..0c3393b0e15e3 --- /dev/null +++ b/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/missing_results_privileges_prompt.tsx @@ -0,0 +1,41 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { EuiEmptyPrompt, EuiCode } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n/react'; +import React from 'react'; + +import euiStyled from '../../../../../../common/eui_styled_components'; +import { UserManagementLink } from './user_management_link'; + +export const MissingResultsPrivilegesPrompt: React.FunctionComponent = () => ( + + +

+ } + body={ +

+ machine_learning_user, + }} + /> +

+ } + actions={} + /> +); + +const EmptyPrompt = euiStyled(EuiEmptyPrompt)` + align-self: center; +`; diff --git a/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/missing_setup_privileges_prompt.tsx b/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/missing_setup_privileges_prompt.tsx new file mode 100644 index 0000000000000..1549ab9120777 --- /dev/null +++ b/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/missing_setup_privileges_prompt.tsx @@ -0,0 +1,41 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { EuiEmptyPrompt, EuiCode } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n/react'; +import React from 'react'; + +import euiStyled from '../../../../../../common/eui_styled_components'; +import { UserManagementLink } from './user_management_link'; + +export const MissingSetupPrivilegesPrompt: React.FunctionComponent = () => ( + + + + } + body={ +

+ machine_learning_admin, + }} + /> +

+ } + actions={} + /> +); + +const EmptyPrompt = euiStyled(EuiEmptyPrompt)` + align-self: center; +`; diff --git a/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/user_management_link.tsx b/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/user_management_link.tsx new file mode 100644 index 0000000000000..9a2bbd3dabffc --- /dev/null +++ b/x-pack/legacy/plugins/infra/public/components/logging/log_analysis_setup/user_management_link.tsx @@ -0,0 +1,18 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { EuiButton, EuiButtonProps } from '@elastic/eui'; +import { FormattedMessage } from '@kbn/i18n/react'; +import React from 'react'; + +export const UserManagementLink: React.FunctionComponent = props => ( + + + +); diff --git a/x-pack/legacy/plugins/infra/public/containers/logs/log_analysis/log_analysis_capabilities.tsx b/x-pack/legacy/plugins/infra/public/containers/logs/log_analysis/log_analysis_capabilities.tsx index bd8be6df8ea69..3c10ba805fad5 100644 --- a/x-pack/legacy/plugins/infra/public/containers/logs/log_analysis/log_analysis_capabilities.tsx +++ b/x-pack/legacy/plugins/infra/public/containers/logs/log_analysis/log_analysis_capabilities.tsx @@ -48,13 +48,22 @@ export const useLogAnalysisCapabilities = () => { fetchMlCapabilitiesRequest.state, ]); + const hasLogAnalysisSetupCapabilities = mlCapabilities.capabilities.canCreateJob; + const hasLogAnalysisReadCapabilities = mlCapabilities.capabilities.canGetJobs; + const hasLogAnalysisCapabilites = + mlCapabilities.isPlatinumOrTrialLicense && mlCapabilities.mlFeatureEnabledInSpace; + return { - hasLogAnalysisCapabilites: mlCapabilities.capabilities.canCreateJob, + hasLogAnalysisCapabilites, + hasLogAnalysisReadCapabilities, + hasLogAnalysisSetupCapabilities, isLoading, }; }; -export const LogAnalysisCapabilities = createContainer(useLogAnalysisCapabilities); +export const [LogAnalysisCapabilitiesProvider, useLogAnalysisCapabilitiesContext] = createContainer( + useLogAnalysisCapabilities +); const initialMlCapabilities = { capabilities: { diff --git a/x-pack/legacy/plugins/infra/public/pages/logs/index.tsx b/x-pack/legacy/plugins/infra/public/pages/logs/index.tsx index 505878f0239dc..224217e860e94 100644 --- a/x-pack/legacy/plugins/infra/public/pages/logs/index.tsx +++ b/x-pack/legacy/plugins/infra/public/pages/logs/index.tsx @@ -4,132 +4,4 @@ * you may not use this file except in compliance with the Elastic License. */ -import { i18n } from '@kbn/i18n'; -import React from 'react'; -import { Route, RouteComponentProps, Switch } from 'react-router-dom'; - -import { DocumentTitle } from '../../components/document_title'; -import { HelpCenterContent } from '../../components/help_center_content'; -import { Header } from '../../components/header'; -import { RoutedTabs } from '../../components/navigation/routed_tabs'; -import { ColumnarPage } from '../../components/page'; -import { SourceLoadingPage } from '../../components/source_loading_page'; -import { SourceErrorPage } from '../../components/source_error_page'; -import { Source, useSource } from '../../containers/source'; -import { StreamPage } from './stream'; -import { LogsSettingsPage } from './settings'; -import { AppNavigation } from '../../components/navigation/app_navigation'; -import { - useLogAnalysisCapabilities, - LogAnalysisCapabilities, -} from '../../containers/logs/log_analysis'; -import { useSourceId } from '../../containers/source_id'; -import { RedirectWithQueryParams } from '../../utils/redirect_with_query_params'; -import { useKibana } from '../../../../../../..//src/plugins/kibana_react/public'; -import { LogEntryCategoriesPage } from './log_entry_categories'; -import { LogEntryRatePage } from './log_entry_rate'; - -export const LogsPage = ({ match }: RouteComponentProps) => { - const uiCapabilities = useKibana().services.application?.capabilities; - const [sourceId] = useSourceId(); - const source = useSource({ sourceId }); - const logAnalysisCapabilities = useLogAnalysisCapabilities(); - - const streamTab = { - title: streamTabTitle, - path: `${match.path}/stream`, - }; - - const logRateTab = { - title: logRateTabTitle, - path: `${match.path}/log-rate`, - }; - - const logCategoriesTab = { - title: logCategoriesTabTitle, - path: `${match.path}/log-categories`, - }; - - const settingsTab = { - title: settingsTabTitle, - path: `${match.path}/settings`, - }; - - return ( - - - - - - - -
- {source.isLoadingSource || - (!source.isLoadingSource && - !source.hasFailedLoadingSource && - source.source === undefined) ? ( - - ) : source.hasFailedLoadingSource ? ( - - ) : ( - <> - - - - - - - - - - - - - )} - - - - ); -}; - -const pageTitle = i18n.translate('xpack.infra.header.logsTitle', { - defaultMessage: 'Logs', -}); - -const streamTabTitle = i18n.translate('xpack.infra.logs.index.streamTabTitle', { - defaultMessage: 'Stream', -}); - -const logRateTabTitle = i18n.translate('xpack.infra.logs.index.logRateBetaBadgeTitle', { - defaultMessage: 'Log Rate', -}); - -const logCategoriesTabTitle = i18n.translate('xpack.infra.logs.index.logCategoriesBetaBadgeTitle', { - defaultMessage: 'Categories', -}); - -const settingsTabTitle = i18n.translate('xpack.infra.logs.index.settingsTabTitle', { - defaultMessage: 'Settings', -}); - -const feedbackLinkUrl = 'https://discuss.elastic.co/c/logs'; +export * from './page'; diff --git a/x-pack/legacy/plugins/infra/public/pages/logs/log_entry_categories/page_content.tsx b/x-pack/legacy/plugins/infra/public/pages/logs/log_entry_categories/page_content.tsx index cc59d73055796..b6975ffc54691 100644 --- a/x-pack/legacy/plugins/infra/public/pages/logs/log_entry_categories/page_content.tsx +++ b/x-pack/legacy/plugins/infra/public/pages/logs/log_entry_categories/page_content.tsx @@ -5,21 +5,27 @@ */ import { i18n } from '@kbn/i18n'; -import React, { useContext, useEffect } from 'react'; +import React, { useEffect } from 'react'; import { isSetupStatusWithResults } from '../../../../common/log_analysis'; import { LoadingPage } from '../../../components/loading_page'; import { LogAnalysisSetupStatusUnknownPrompt, + MissingResultsPrivilegesPrompt, + MissingSetupPrivilegesPrompt, MlUnavailablePrompt, } from '../../../components/logging/log_analysis_setup'; -import { LogAnalysisCapabilities } from '../../../containers/logs/log_analysis'; +import { useLogAnalysisCapabilitiesContext } from '../../../containers/logs/log_analysis'; import { LogEntryCategoriesResultsContent } from './page_results_content'; import { LogEntryCategoriesSetupContent } from './page_setup_content'; import { useLogEntryCategoriesModuleContext } from './use_log_entry_categories_module'; export const LogEntryCategoriesPageContent = () => { - const { hasLogAnalysisCapabilites } = useContext(LogAnalysisCapabilities.Context); + const { + hasLogAnalysisCapabilites, + hasLogAnalysisReadCapabilities, + hasLogAnalysisSetupCapabilities, + } = useLogAnalysisCapabilitiesContext(); const { fetchJobStatus, @@ -28,12 +34,16 @@ export const LogEntryCategoriesPageContent = () => { } = useLogEntryCategoriesModuleContext(); useEffect(() => { - fetchModuleDefinition(); - fetchJobStatus(); - }, [fetchJobStatus, fetchModuleDefinition]); + if (hasLogAnalysisReadCapabilities) { + fetchModuleDefinition(); + fetchJobStatus(); + } + }, [fetchJobStatus, fetchModuleDefinition, hasLogAnalysisReadCapabilities]); if (!hasLogAnalysisCapabilites) { return ; + } else if (!hasLogAnalysisReadCapabilities) { + return ; } else if (setupStatus === 'initializing') { return ( { return ; } else if (isSetupStatusWithResults(setupStatus)) { return ; + } else if (!hasLogAnalysisSetupCapabilities) { + return ; } else { return ; } diff --git a/x-pack/legacy/plugins/infra/public/pages/logs/log_entry_rate/page_content.tsx b/x-pack/legacy/plugins/infra/public/pages/logs/log_entry_rate/page_content.tsx index a80464ed42cb2..8d2b4e1fd0ff4 100644 --- a/x-pack/legacy/plugins/infra/public/pages/logs/log_entry_rate/page_content.tsx +++ b/x-pack/legacy/plugins/infra/public/pages/logs/log_entry_rate/page_content.tsx @@ -5,31 +5,41 @@ */ import { i18n } from '@kbn/i18n'; -import React, { useContext, useEffect } from 'react'; +import React, { useEffect } from 'react'; import { isSetupStatusWithResults } from '../../../../common/log_analysis'; import { LoadingPage } from '../../../components/loading_page'; import { LogAnalysisSetupStatusUnknownPrompt, + MissingResultsPrivilegesPrompt, + MissingSetupPrivilegesPrompt, MlUnavailablePrompt, } from '../../../components/logging/log_analysis_setup'; -import { LogAnalysisCapabilities } from '../../../containers/logs/log_analysis'; +import { useLogAnalysisCapabilitiesContext } from '../../../containers/logs/log_analysis'; import { LogEntryRateResultsContent } from './page_results_content'; import { LogEntryRateSetupContent } from './page_setup_content'; import { useLogEntryRateModuleContext } from './use_log_entry_rate_module'; export const LogEntryRatePageContent = () => { - const { hasLogAnalysisCapabilites } = useContext(LogAnalysisCapabilities.Context); + const { + hasLogAnalysisCapabilites, + hasLogAnalysisReadCapabilities, + hasLogAnalysisSetupCapabilities, + } = useLogAnalysisCapabilitiesContext(); const { fetchJobStatus, fetchModuleDefinition, setupStatus } = useLogEntryRateModuleContext(); useEffect(() => { - fetchModuleDefinition(); - fetchJobStatus(); - }, [fetchJobStatus, fetchModuleDefinition]); + if (hasLogAnalysisReadCapabilities) { + fetchModuleDefinition(); + fetchJobStatus(); + } + }, [fetchJobStatus, fetchModuleDefinition, hasLogAnalysisReadCapabilities]); if (!hasLogAnalysisCapabilites) { return ; + } else if (!hasLogAnalysisReadCapabilities) { + return ; } else if (setupStatus === 'initializing') { return ( { return ; } else if (isSetupStatusWithResults(setupStatus)) { return ; + } else if (!hasLogAnalysisSetupCapabilities) { + return ; } else { return ; } diff --git a/x-pack/legacy/plugins/infra/public/pages/logs/page.tsx b/x-pack/legacy/plugins/infra/public/pages/logs/page.tsx new file mode 100644 index 0000000000000..72826b156d7b4 --- /dev/null +++ b/x-pack/legacy/plugins/infra/public/pages/logs/page.tsx @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import { RouteComponentProps } from 'react-router-dom'; + +import { LogsPageContent } from './page_content'; +import { LogsPageProviders } from './page_providers'; + +export const LogsPage: React.FunctionComponent = ({ match }) => { + return ( + + + + ); +}; diff --git a/x-pack/legacy/plugins/infra/public/pages/logs/page_content.tsx b/x-pack/legacy/plugins/infra/public/pages/logs/page_content.tsx new file mode 100644 index 0000000000000..41ef9987d1ad0 --- /dev/null +++ b/x-pack/legacy/plugins/infra/public/pages/logs/page_content.tsx @@ -0,0 +1,122 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { i18n } from '@kbn/i18n'; +import React from 'react'; +import { Route, Switch } from 'react-router-dom'; + +import { useKibana } from '../../../../../../../src/plugins/kibana_react/public'; +import { DocumentTitle } from '../../components/document_title'; +import { Header } from '../../components/header'; +import { HelpCenterContent } from '../../components/help_center_content'; +import { AppNavigation } from '../../components/navigation/app_navigation'; +import { RoutedTabs } from '../../components/navigation/routed_tabs'; +import { ColumnarPage } from '../../components/page'; +import { SourceErrorPage } from '../../components/source_error_page'; +import { SourceLoadingPage } from '../../components/source_loading_page'; +import { useLogAnalysisCapabilitiesContext } from '../../containers/logs/log_analysis'; +import { useSourceContext } from '../../containers/source'; +import { RedirectWithQueryParams } from '../../utils/redirect_with_query_params'; +import { LogEntryCategoriesPage } from './log_entry_categories'; +import { LogEntryRatePage } from './log_entry_rate'; +import { LogsSettingsPage } from './settings'; +import { StreamPage } from './stream'; + +export const LogsPageContent: React.FunctionComponent<{ + logsPagePath: string; +}> = ({ logsPagePath }) => { + const uiCapabilities = useKibana().services.application?.capabilities; + const source = useSourceContext(); + const logAnalysisCapabilities = useLogAnalysisCapabilitiesContext(); + + const streamTab = { + title: streamTabTitle, + path: `${logsPagePath}/stream`, + }; + + const logRateTab = { + title: logRateTabTitle, + path: `${logsPagePath}/log-rate`, + }; + + const logCategoriesTab = { + title: logCategoriesTabTitle, + path: `${logsPagePath}/log-categories`, + }; + + const settingsTab = { + title: settingsTabTitle, + path: `${logsPagePath}/settings`, + }; + + return ( + + + + + +
+ {source.isLoadingSource || + (!source.isLoadingSource && !source.hasFailedLoadingSource && source.source === undefined) ? ( + + ) : source.hasFailedLoadingSource ? ( + + ) : ( + <> + + + + + + + + + + + + + )} + + ); +}; + +const pageTitle = i18n.translate('xpack.infra.header.logsTitle', { + defaultMessage: 'Logs', +}); + +const streamTabTitle = i18n.translate('xpack.infra.logs.index.streamTabTitle', { + defaultMessage: 'Stream', +}); + +const logRateTabTitle = i18n.translate('xpack.infra.logs.index.logRateBetaBadgeTitle', { + defaultMessage: 'Log Rate', +}); + +const logCategoriesTabTitle = i18n.translate('xpack.infra.logs.index.logCategoriesBetaBadgeTitle', { + defaultMessage: 'Categories', +}); + +const settingsTabTitle = i18n.translate('xpack.infra.logs.index.settingsTabTitle', { + defaultMessage: 'Settings', +}); + +const feedbackLinkUrl = 'https://discuss.elastic.co/c/logs'; diff --git a/x-pack/legacy/plugins/infra/public/pages/logs/page_providers.tsx b/x-pack/legacy/plugins/infra/public/pages/logs/page_providers.tsx new file mode 100644 index 0000000000000..24c1598787a20 --- /dev/null +++ b/x-pack/legacy/plugins/infra/public/pages/logs/page_providers.tsx @@ -0,0 +1,20 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React from 'react'; +import { LogAnalysisCapabilitiesProvider } from '../../containers/logs/log_analysis'; +import { SourceProvider } from '../../containers/source'; +import { useSourceId } from '../../containers/source_id'; + +export const LogsPageProviders: React.FunctionComponent = ({ children }) => { + const [sourceId] = useSourceId(); + + return ( + + {children} + + ); +};