From 607885ad443efaa104ccf56a0f34186eb8901921 Mon Sep 17 00:00:00 2001 From: Kevin Logan <56395104+kevinlog@users.noreply.github.com> Date: Thu, 2 Jul 2020 16:18:52 -0400 Subject: [PATCH] [SECURITY SOLUTION] Remove unneeded options from default policy, remove Notify user option from UI (#70546) --- .../common/endpoint/models/policy_config.ts | 44 +------------------ .../common/endpoint/types.ts | 21 --------- .../view/policy_forms/protections/malware.tsx | 7 --- .../apps/endpoint/policy_details.ts | 38 ++-------------- 4 files changed, 5 insertions(+), 105 deletions(-) diff --git a/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts b/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts index 199b8a91e4307..37b7308856196 100644 --- a/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts +++ b/x-pack/plugins/security_solution/common/endpoint/models/policy_config.ts @@ -25,22 +25,8 @@ export const factory = (): PolicyConfig => { mode: ProtectionModes.prevent, }, logging: { - stdout: 'debug', file: 'info', }, - advanced: { - elasticsearch: { - indices: { - control: 'control-index', - event: 'event-index', - logging: 'logging-index', - }, - kernel: { - connect: true, - process: true, - }, - }, - }, }, mac: { events: { @@ -49,25 +35,11 @@ export const factory = (): PolicyConfig => { network: true, }, malware: { - mode: ProtectionModes.detect, + mode: ProtectionModes.prevent, }, logging: { - stdout: 'debug', file: 'info', }, - advanced: { - elasticsearch: { - indices: { - control: 'control-index', - event: 'event-index', - logging: 'logging-index', - }, - kernel: { - connect: true, - process: true, - }, - }, - }, }, linux: { events: { @@ -76,22 +48,8 @@ export const factory = (): PolicyConfig => { network: true, }, logging: { - stdout: 'debug', file: 'info', }, - advanced: { - elasticsearch: { - indices: { - control: 'control-index', - event: 'event-index', - logging: 'logging-index', - }, - kernel: { - connect: true, - process: true, - }, - }, - }, }, }; }; diff --git a/x-pack/plugins/security_solution/common/endpoint/types.ts b/x-pack/plugins/security_solution/common/endpoint/types.ts index 1162dc754b62b..16923829c1605 100644 --- a/x-pack/plugins/security_solution/common/endpoint/types.ts +++ b/x-pack/plugins/security_solution/common/endpoint/types.ts @@ -612,10 +612,8 @@ export interface PolicyConfig { }; malware: MalwareFields; logging: { - stdout: string; file: string; }; - advanced: PolicyConfigAdvancedOptions; }; mac: { events: { @@ -625,10 +623,8 @@ export interface PolicyConfig { }; malware: MalwareFields; logging: { - stdout: string; file: string; }; - advanced: PolicyConfigAdvancedOptions; }; linux: { events: { @@ -637,10 +633,8 @@ export interface PolicyConfig { network: boolean; }; logging: { - stdout: string; file: string; }; - advanced: PolicyConfigAdvancedOptions; }; } @@ -662,20 +656,6 @@ export interface UIPolicyConfig { linux: Pick; } -interface PolicyConfigAdvancedOptions { - elasticsearch: { - indices: { - control: string; - event: string; - logging: string; - }; - kernel: { - connect: boolean; - process: boolean; - }; - }; -} - /** Policy: Malware protection fields */ export interface MalwareFields { mode: ProtectionModes; @@ -685,7 +665,6 @@ export interface MalwareFields { export enum ProtectionModes { detect = 'detect', prevent = 'prevent', - preventNotify = 'preventNotify', off = 'off', } diff --git a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/malware.tsx b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/malware.tsx index 77d4d4364acdd..23ac6cc5b813d 100644 --- a/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/malware.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/policy/view/policy_forms/protections/malware.tsx @@ -95,13 +95,6 @@ export const MalwareProtections = React.memo(() => { }), protection: 'malware', }, - { - id: ProtectionModes.preventNotify, - label: i18n.translate('xpack.securitySolution.endpoint.policy.details.preventAndNotify', { - defaultMessage: 'Prevent and notify user', - }), - protection: 'malware', - }, ]; }, []); diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts b/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts index 45ea82c59bf97..bacba619e5648 100644 --- a/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts +++ b/x-pack/test/security_solution_endpoint/apps/endpoint/policy_details.ts @@ -118,45 +118,15 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }, policy: { linux: { - advanced: { - elasticsearch: { - indices: { - control: 'control-index', - event: 'event-index', - logging: 'logging-index', - }, - kernel: { connect: true, process: true }, - }, - }, events: { file: false, network: true, process: true }, - logging: { file: 'info', stdout: 'debug' }, + logging: { file: 'info' }, }, mac: { - advanced: { - elasticsearch: { - indices: { - control: 'control-index', - event: 'event-index', - logging: 'logging-index', - }, - kernel: { connect: true, process: true }, - }, - }, events: { file: false, network: true, process: true }, - logging: { file: 'info', stdout: 'debug' }, - malware: { mode: 'detect' }, + logging: { file: 'info' }, + malware: { mode: 'prevent' }, }, windows: { - advanced: { - elasticsearch: { - indices: { - control: 'control-index', - event: 'event-index', - logging: 'logging-index', - }, - kernel: { connect: true, process: true }, - }, - }, events: { dll_and_driver_load: true, dns: true, @@ -166,7 +136,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { registry: true, security: true, }, - logging: { file: 'info', stdout: 'debug' }, + logging: { file: 'info' }, malware: { mode: 'prevent' }, }, },