diff --git a/.eslintrc.js b/.eslintrc.js
index 7c4ca337b0223..bb978d629caca 100644
--- a/.eslintrc.js
+++ b/.eslintrc.js
@@ -571,7 +571,7 @@ module.exports = {
},
{
// typescript only for front and back end
- files: ['x-pack/legacy/plugins/siem/**/*.{ts,tsx}'],
+ files: ['x-pack/{,legacy/}plugins/siem/**/*.{ts,tsx}'],
rules: {
// This will be turned on after bug fixes are complete
// '@typescript-eslint/explicit-member-accessibility': 'warn',
@@ -617,7 +617,7 @@ module.exports = {
// },
{
// typescript and javascript for front and back end
- files: ['x-pack/legacy/plugins/siem/**/*.{js,ts,tsx}'],
+ files: ['x-pack/{,legacy/}plugins/siem/**/*.{js,ts,tsx}'],
plugins: ['eslint-plugin-node', 'react'],
env: {
mocha: true,
diff --git a/Jenkinsfile b/Jenkinsfile
index 79d3c93006cb6..6646ee15ba1c2 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -41,7 +41,7 @@ kibanaPipeline(timeoutMinutes: 135, checkPrChanges: true) {
'xpack-ciGroup10': kibanaPipeline.xpackCiGroupProcess(10),
'xpack-accessibility': kibanaPipeline.functionalTestProcess('xpack-accessibility', './test/scripts/jenkins_xpack_accessibility.sh'),
'xpack-siemCypress': { processNumber ->
- whenChanged(['x-pack/legacy/plugins/siem/', 'x-pack/test/siem_cypress/']) {
+ whenChanged(['x-pack/plugins/siem/', 'x-pack/legacy/plugins/siem/', 'x-pack/test/siem_cypress/']) {
kibanaPipeline.functionalTestProcess('xpack-siemCypress', './test/scripts/jenkins_siem_cypress.sh')(processNumber)
}
},
diff --git a/src/cli/cluster/cluster_manager.ts b/src/cli/cluster/cluster_manager.ts
index 44b6c39556afd..a87e2aa11f2c0 100644
--- a/src/cli/cluster/cluster_manager.ts
+++ b/src/cli/cluster/cluster_manager.ts
@@ -263,7 +263,7 @@ export class ClusterManager {
...pluginInternalDirsIgnore,
fromRoot('src/legacy/server/sass/__tmp__'),
fromRoot('x-pack/legacy/plugins/reporting/.chromium'),
- fromRoot('x-pack/legacy/plugins/siem/cypress'),
+ fromRoot('x-pack/plugins/siem/cypress'),
fromRoot('x-pack/legacy/plugins/apm/e2e'),
fromRoot('x-pack/legacy/plugins/apm/scripts'),
fromRoot('x-pack/legacy/plugins/canvas/canvas_plugin_src'), // prevents server from restarting twice for Canvas plugin changes,
diff --git a/src/dev/storybook/aliases.ts b/src/dev/storybook/aliases.ts
index 8ed64f004c9be..43114b2edccfc 100644
--- a/src/dev/storybook/aliases.ts
+++ b/src/dev/storybook/aliases.ts
@@ -24,6 +24,6 @@ export const storybookAliases = {
drilldowns: 'x-pack/plugins/drilldowns/scripts/storybook.js',
embeddable: 'src/plugins/embeddable/scripts/storybook.js',
infra: 'x-pack/legacy/plugins/infra/scripts/storybook.js',
- siem: 'x-pack/legacy/plugins/siem/scripts/storybook.js',
+ siem: 'x-pack/plugins/siem/scripts/storybook.js',
ui_actions: 'x-pack/plugins/advanced_ui_actions/scripts/storybook.js',
};
diff --git a/src/dev/typescript/projects.ts b/src/dev/typescript/projects.ts
index 34756912fc247..7214741308262 100644
--- a/src/dev/typescript/projects.ts
+++ b/src/dev/typescript/projects.ts
@@ -27,7 +27,7 @@ export const PROJECTS = [
new Project(resolve(REPO_ROOT, 'test/tsconfig.json'), { name: 'kibana/test' }),
new Project(resolve(REPO_ROOT, 'x-pack/tsconfig.json')),
new Project(resolve(REPO_ROOT, 'x-pack/test/tsconfig.json'), { name: 'x-pack/test' }),
- new Project(resolve(REPO_ROOT, 'x-pack/legacy/plugins/siem/cypress/tsconfig.json'), {
+ new Project(resolve(REPO_ROOT, 'x-pack/plugins/siem/cypress/tsconfig.json'), {
name: 'siem/cypress',
}),
new Project(resolve(REPO_ROOT, 'x-pack/legacy/plugins/apm/e2e/tsconfig.json'), {
diff --git a/test/scripts/jenkins_xpack.sh b/test/scripts/jenkins_xpack.sh
index dc9796a1c94fe..671aba16db909 100755
--- a/test/scripts/jenkins_xpack.sh
+++ b/test/scripts/jenkins_xpack.sh
@@ -16,7 +16,7 @@ echo ""
echo " -> Running SIEM cyclic dependency test"
cd "$XPACK_DIR"
-checks-reporter-with-killswitch "X-Pack SIEM cyclic dependency test" node legacy/plugins/siem/scripts/check_circular_deps
+checks-reporter-with-killswitch "X-Pack SIEM cyclic dependency test" node plugins/siem/scripts/check_circular_deps
echo ""
echo ""
diff --git a/x-pack/.i18nrc.json b/x-pack/.i18nrc.json
index 50f36ddd21c97..cb124cc54e5ab 100644
--- a/x-pack/.i18nrc.json
+++ b/x-pack/.i18nrc.json
@@ -36,7 +36,7 @@
"xpack.searchProfiler": "plugins/searchprofiler",
"xpack.security": ["legacy/plugins/security", "plugins/security"],
"xpack.server": "legacy/server",
- "xpack.siem": "legacy/plugins/siem",
+ "xpack.siem": ["plugins/siem", "legacy/plugins/siem"],
"xpack.snapshotRestore": "plugins/snapshot_restore",
"xpack.spaces": ["legacy/plugins/spaces", "plugins/spaces"],
"xpack.taskManager": "legacy/plugins/task_manager",
diff --git a/x-pack/legacy/plugins/siem/.gitattributes b/x-pack/legacy/plugins/siem/.gitattributes
index f40e829b65453..a4071d39e63c0 100644
--- a/x-pack/legacy/plugins/siem/.gitattributes
+++ b/x-pack/legacy/plugins/siem/.gitattributes
@@ -1,6 +1,5 @@
# Auto-collapse generated files in GitHub
# https://help.github.com/en/articles/customizing-how-changed-files-appear-on-github
x-pack/legacy/plugins/siem/public/graphql/types.ts linguist-generated=true
-x-pack/legacy/plugins/siem/server/graphql/types.ts linguist-generated=true
x-pack/legacy/plugins/siem/public/graphql/introspection.json linguist-generated=true
diff --git a/x-pack/legacy/plugins/siem/cypress.json b/x-pack/legacy/plugins/siem/cypress.json
deleted file mode 100644
index a0333a1068146..0000000000000
--- a/x-pack/legacy/plugins/siem/cypress.json
+++ /dev/null
@@ -1,8 +0,0 @@
-{
- "baseUrl": "http://localhost:5601",
- "defaultCommandTimeout": 120000,
- "screenshotsFolder": "../../../../target/kibana-siem/cypress/screenshots",
- "trashAssetsBeforeRuns": false,
- "video": false,
- "videosFolder": "../../../../target/kibana-siem/cypress/videos"
-}
diff --git a/x-pack/legacy/plugins/siem/index.ts b/x-pack/legacy/plugins/siem/index.ts
index 3773283555b32..6e03583dda69f 100644
--- a/x-pack/legacy/plugins/siem/index.ts
+++ b/x-pack/legacy/plugins/siem/index.ts
@@ -6,11 +6,10 @@
import { i18n } from '@kbn/i18n';
import { resolve } from 'path';
-import { Server } from 'hapi';
import { Root } from 'joi';
-import { plugin } from './server';
-import { savedObjectMappings } from './server/saved_objects';
+// eslint-disable-next-line @kbn/eslint/no-restricted-paths
+import { savedObjectMappings } from '../../../plugins/siem/server/saved_objects';
import {
APP_ID,
@@ -23,15 +22,13 @@ import {
DEFAULT_INTERVAL_VALUE,
DEFAULT_FROM,
DEFAULT_TO,
- DEFAULT_SIGNALS_INDEX,
ENABLE_NEWS_FEED_SETTING,
NEWS_FEED_URL_SETTING,
NEWS_FEED_URL_SETTING_DEFAULT,
- SIGNALS_INDEX_KEY,
IP_REPUTATION_LINKS_SETTING,
IP_REPUTATION_LINKS_SETTING_DEFAULT,
-} from './common/constants';
-import { defaultIndexPattern } from './default_index_pattern';
+ DEFAULT_INDEX_PATTERN,
+} from '../../../plugins/siem/common/constants';
import { DEFAULT_APP_CATEGORIES } from '../../../../src/core/utils';
// eslint-disable-next-line @typescript-eslint/no-explicit-any
@@ -102,7 +99,7 @@ export const siem = (kibana: any) => {
name: i18n.translate('xpack.siem.uiSettings.defaultIndexLabel', {
defaultMessage: 'Elasticsearch indices',
}),
- value: defaultIndexPattern,
+ value: DEFAULT_INDEX_PATTERN,
description: i18n.translate('xpack.siem.uiSettings.defaultIndexDescription', {
defaultMessage:
'Comma-delimited list of Elasticsearch indices from which the SIEM app collects events.
',
@@ -162,31 +159,12 @@ export const siem = (kibana: any) => {
},
mappings: savedObjectMappings,
},
- init(server: Server) {
- const { coreContext, env, setup, start } = server.newPlatform;
- const initializerContext = { ...coreContext, env };
- const __legacy = {
- config: server.config,
- route: server.route.bind(server),
- };
-
- // @ts-ignore-next-line: NewPlatform shim is too loosely typed
- const pluginInstance = plugin(initializerContext);
- // @ts-ignore-next-line: NewPlatform shim is too loosely typed
- pluginInstance.setup(setup.core, setup.plugins, __legacy);
- // @ts-ignore-next-line: NewPlatform shim is too loosely typed
- pluginInstance.start(start.core, start.plugins);
- },
config(Joi: Root) {
- // See x-pack/plugins/siem/server/config.ts if you're adding another
- // value where the configuration has to be duplicated at the moment.
- // When we move over to the new platform completely this will be
- // removed and only server/config.ts should be used.
return Joi.object()
.keys({
enabled: Joi.boolean().default(true),
- [SIGNALS_INDEX_KEY]: Joi.string().default(DEFAULT_SIGNALS_INDEX),
})
+ .unknown(true)
.default();
},
});
diff --git a/x-pack/legacy/plugins/siem/package.json b/x-pack/legacy/plugins/siem/package.json
index 472a473842f02..3a93beef963a0 100644
--- a/x-pack/legacy/plugins/siem/package.json
+++ b/x-pack/legacy/plugins/siem/package.json
@@ -1,16 +1,10 @@
{
"author": "Elastic",
- "name": "siem",
+ "name": "siem-legacy-ui",
"version": "8.0.0",
"private": true,
"license": "Elastic-License",
- "scripts": {
- "extract-mitre-attacks": "node scripts/extract_tactics_techniques_mitre.js & node ../../../../scripts/eslint ./public/pages/detection_engine/mitre/mitre_tactics_techniques.ts --fix",
- "build-graphql-types": "node scripts/generate_types_from_graphql.js",
- "cypress:open": "../../../node_modules/.bin/cypress open",
- "cypress:run": "../../../node_modules/.bin/cypress run --spec ./cypress/integration/**/*.spec.ts --reporter ../../../node_modules/cypress-multi-reporters --reporter-options configFile=./reporter_config.json; status=$?; ../../../node_modules/.bin/mochawesome-merge --reportDir ../../../../target/kibana-siem/cypress/results > ../../../../target/kibana-siem/cypress/results/output.json; ../../../../node_modules/.bin/marge ../../../../target/kibana-siem/cypress/results/output.json --reportDir ../../../../target/kibana-siem/cypress/results; mkdir -p ../../../../target/junit && cp ../../../../target/kibana-siem/cypress/results/*.xml ../../../../target/junit/ && exit $status;",
- "cypress:run-as-ci": "node ../../../../scripts/functional_tests --config ../../../test/siem_cypress/config.ts"
- },
+ "scripts": {},
"devDependencies": {
"@types/lodash": "^4.14.110",
"@types/js-yaml": "^3.12.1",
diff --git a/x-pack/legacy/plugins/siem/public/app/app.tsx b/x-pack/legacy/plugins/siem/public/app/app.tsx
index 7413aeab549db..44c1c923cd6ee 100644
--- a/x-pack/legacy/plugins/siem/public/app/app.tsx
+++ b/x-pack/legacy/plugins/siem/public/app/app.tsx
@@ -20,7 +20,7 @@ import { pluck } from 'rxjs/operators';
import { KibanaContextProvider, useKibana, useUiSetting$ } from '../lib/kibana';
import { Storage } from '../../../../../../src/plugins/kibana_utils/public';
-import { DEFAULT_DARK_MODE } from '../../common/constants';
+import { DEFAULT_DARK_MODE } from '../../../../../plugins/siem/common/constants';
import { ErrorToastDispatcher } from '../components/error_toast_dispatcher';
import { compose } from '../lib/compose/kibana_compose';
import { AppFrontendLibs, AppApolloClient } from '../lib/lib';
diff --git a/x-pack/legacy/plugins/siem/public/components/alerts_viewer/index.tsx b/x-pack/legacy/plugins/siem/public/components/alerts_viewer/index.tsx
index 587002c24d526..778adc708d901 100644
--- a/x-pack/legacy/plugins/siem/public/components/alerts_viewer/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/alerts_viewer/index.tsx
@@ -6,11 +6,11 @@
import React, { useEffect, useCallback, useMemo } from 'react';
import numeral from '@elastic/numeral';
+import { DEFAULT_NUMBER_FORMAT } from '../../../../../../plugins/siem/common/constants';
import { AlertsComponentsQueryProps } from './types';
import { AlertsTable } from './alerts_table';
import * as i18n from './translations';
import { useUiSetting$ } from '../../lib/kibana';
-import { DEFAULT_NUMBER_FORMAT } from '../../../common/constants';
import { MatrixHistogramContainer } from '../matrix_histogram';
import { histogramConfigs } from './histogram_configs';
import { MatrixHisrogramConfigs } from '../matrix_histogram/types';
diff --git a/x-pack/legacy/plugins/siem/public/components/charts/common.tsx b/x-pack/legacy/plugins/siem/public/components/charts/common.tsx
index d8429cba1b4fb..c7b40c50ffde8 100644
--- a/x-pack/legacy/plugins/siem/public/components/charts/common.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/charts/common.tsx
@@ -19,8 +19,8 @@ import {
import React, { useMemo } from 'react';
import styled from 'styled-components';
+import { DEFAULT_DARK_MODE } from '../../../../../../plugins/siem/common/constants';
import { useUiSetting } from '../../lib/kibana';
-import { DEFAULT_DARK_MODE } from '../../../common/constants';
export const defaultChartHeight = '100%';
export const defaultChartWidth = '100%';
diff --git a/x-pack/legacy/plugins/siem/public/components/draggables/index.tsx b/x-pack/legacy/plugins/siem/public/components/draggables/index.tsx
index a0b825ea24441..b3811d05eea04 100644
--- a/x-pack/legacy/plugins/siem/public/components/draggables/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/draggables/index.tsx
@@ -8,7 +8,6 @@ import { EuiBadge, EuiToolTip, IconType } from '@elastic/eui';
import React from 'react';
import styled from 'styled-components';
-import { Omit } from '../../../common/utility_types';
import { DragEffects, DraggableWrapper } from '../drag_and_drop/draggable_wrapper';
import { escapeDataProviderId } from '../drag_and_drop/helpers';
import { getEmptyStringTag } from '../empty_value';
diff --git a/x-pack/legacy/plugins/siem/public/components/embeddables/embedded_map.tsx b/x-pack/legacy/plugins/siem/public/components/embeddables/embedded_map.tsx
index cbb4006bbf933..a7272593c2b27 100644
--- a/x-pack/legacy/plugins/siem/public/components/embeddables/embedded_map.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/embeddables/embedded_map.tsx
@@ -14,7 +14,7 @@ import {
EmbeddablePanel,
ErrorEmbeddable,
} from '../../../../../../../src/plugins/embeddable/public';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import { getIndexPatternTitleIdMapping } from '../../hooks/api/helpers';
import { useIndexPatterns } from '../../hooks/use_index_patterns';
import { Loader } from '../loader';
diff --git a/x-pack/legacy/plugins/siem/public/components/events_viewer/index.tsx b/x-pack/legacy/plugins/siem/public/components/events_viewer/index.tsx
index 9b31be40dd955..c6d9dbc2fcfc8 100644
--- a/x-pack/legacy/plugins/siem/public/components/events_viewer/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/events_viewer/index.tsx
@@ -8,6 +8,7 @@ import React, { useCallback, useMemo, useEffect } from 'react';
import { connect, ConnectedProps } from 'react-redux';
import deepEqual from 'fast-deep-equal';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import { inputsModel, inputsSelectors, State, timelineSelectors } from '../../store';
import { inputsActions, timelineActions } from '../../store/actions';
import {
@@ -17,12 +18,10 @@ import {
} from '../../store/timeline/model';
import { OnChangeItemsPerPage } from '../timeline/events';
import { Filter } from '../../../../../../../src/plugins/data/public';
-
import { useUiSetting } from '../../lib/kibana';
import { EventsViewer } from './events_viewer';
import { useFetchIndexPatterns } from '../../containers/detection_engine/rules/fetch_index_patterns';
import { TimelineTypeContextProps } from '../timeline/timeline_context';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
import { InspectButtonContainer } from '../inspect';
import * as i18n from './translations';
diff --git a/x-pack/legacy/plugins/siem/public/components/formatted_bytes/index.tsx b/x-pack/legacy/plugins/siem/public/components/formatted_bytes/index.tsx
index 98a1acf471629..abde602c1bdac 100644
--- a/x-pack/legacy/plugins/siem/public/components/formatted_bytes/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/formatted_bytes/index.tsx
@@ -7,7 +7,7 @@
import React from 'react';
import numeral from '@elastic/numeral';
-import { DEFAULT_BYTES_FORMAT } from '../../../common/constants';
+import { DEFAULT_BYTES_FORMAT } from '../../../../../../plugins/siem/common/constants';
import { useUiSetting$ } from '../../lib/kibana';
type Bytes = string | number;
diff --git a/x-pack/legacy/plugins/siem/public/components/links/index.tsx b/x-pack/legacy/plugins/siem/public/components/links/index.tsx
index 62a67af6e08b1..45225e31e9ac8 100644
--- a/x-pack/legacy/plugins/siem/public/components/links/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/links/index.tsx
@@ -6,9 +6,10 @@
import { EuiLink, EuiToolTip, EuiFlexGroup, EuiFlexItem } from '@elastic/eui';
import React, { useMemo } from 'react';
-
import { isNil } from 'lodash/fp';
import styled from 'styled-components';
+
+import { IP_REPUTATION_LINKS_SETTING } from '../../../../../../plugins/siem/common/constants';
import {
DefaultFieldRendererOverflow,
DEFAULT_MORE_MAX_HEIGHT,
@@ -22,7 +23,6 @@ import {
} from '../link_to';
import { FlowTarget, FlowTargetSourceDest } from '../../graphql/types';
import { useUiSetting$ } from '../../lib/kibana';
-import { IP_REPUTATION_LINKS_SETTING } from '../../../common/constants';
import { isUrlInvalid } from '../../pages/detection_engine/rules/components/step_about_rule/helpers';
import { ExternalLinkIcon } from '../external_link_icon';
import { navTabs } from '../../pages/home/home_navigations';
diff --git a/x-pack/legacy/plugins/siem/public/components/matrix_histogram/types.ts b/x-pack/legacy/plugins/siem/public/components/matrix_histogram/types.ts
index c59775ad325d0..98437845a3ab7 100644
--- a/x-pack/legacy/plugins/siem/public/components/matrix_histogram/types.ts
+++ b/x-pack/legacy/plugins/siem/public/components/matrix_histogram/types.ts
@@ -7,7 +7,7 @@
import { EuiTitleSize } from '@elastic/eui';
import { ScaleType, Position, TickFormatter } from '@elastic/charts';
import { ActionCreator } from 'redux';
-import { ESQuery } from '../../../common/typed_json';
+import { ESQuery } from '../../../../../../plugins/siem/common/typed_json';
import { SetQuery } from '../../pages/hosts/navigation/types';
import { InputsModelId } from '../../store/inputs/constants';
import { HistogramType } from '../../graphql/types';
diff --git a/x-pack/legacy/plugins/siem/public/components/ml/anomaly/use_anomalies_table_data.ts b/x-pack/legacy/plugins/siem/public/components/ml/anomaly/use_anomalies_table_data.ts
index c4ca7dc203619..cebfc172ee6ff 100644
--- a/x-pack/legacy/plugins/siem/public/components/ml/anomaly/use_anomalies_table_data.ts
+++ b/x-pack/legacy/plugins/siem/public/components/ml/anomaly/use_anomalies_table_data.ts
@@ -5,6 +5,8 @@
*/
import { useState, useEffect } from 'react';
+
+import { DEFAULT_ANOMALY_SCORE } from '../../../../../../../plugins/siem/common/constants';
import { anomaliesTableData } from '../api/anomalies_table_data';
import { InfluencerInput, Anomalies, CriteriaFields } from '../types';
import { hasMlUserPermissions } from '../permissions/has_ml_user_permissions';
@@ -14,7 +16,6 @@ import { useStateToaster, errorToToaster } from '../../toasters';
import * as i18n from './translations';
import { useTimeZone, useUiSetting$ } from '../../../lib/kibana';
-import { DEFAULT_ANOMALY_SCORE } from '../../../../common/constants';
interface Args {
influencers?: InfluencerInput[];
diff --git a/x-pack/legacy/plugins/siem/public/components/ml/score/create_description_list.tsx b/x-pack/legacy/plugins/siem/public/components/ml/score/create_description_list.tsx
index e0f3ea162ee78..24f203a3682d5 100644
--- a/x-pack/legacy/plugins/siem/public/components/ml/score/create_description_list.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/ml/score/create_description_list.tsx
@@ -7,11 +7,12 @@
import { EuiText, EuiSpacer, EuiFlexGroup, EuiFlexItem, EuiLink } from '@elastic/eui';
import React from 'react';
import styled from 'styled-components';
+
+import { DescriptionList } from '../../../../../../../plugins/siem/common/utility_types';
import { Anomaly, NarrowDateRange } from '../types';
import { getScoreString } from './score_health';
import { PreferenceFormattedDate } from '../../formatted_date';
import { createInfluencers } from './../influencers/create_influencers';
-import { DescriptionList } from '../../../../common/utility_types';
import * as i18n from './translations';
import { createExplorerLink } from '../links/create_explorer_link';
diff --git a/x-pack/legacy/plugins/siem/public/components/ml_popover/hooks/use_siem_jobs.tsx b/x-pack/legacy/plugins/siem/public/components/ml_popover/hooks/use_siem_jobs.tsx
index 9a82859066f54..bc488ee00988b 100644
--- a/x-pack/legacy/plugins/siem/public/components/ml_popover/hooks/use_siem_jobs.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/ml_popover/hooks/use_siem_jobs.tsx
@@ -6,12 +6,12 @@
import { useEffect, useState } from 'react';
+import { DEFAULT_INDEX_KEY } from '../../../../../../../plugins/siem/common/constants';
import { checkRecognizer, getJobsSummary, getModules } from '../api';
import { SiemJob } from '../types';
import { hasMlUserPermissions } from '../../ml/permissions/has_ml_user_permissions';
import { errorToToaster, useStateToaster } from '../../toasters';
import { useUiSetting$ } from '../../../lib/kibana';
-import { DEFAULT_INDEX_KEY } from '../../../../common/constants';
import * as i18n from './translations';
import { createSiemJobs } from './use_siem_jobs_helpers';
diff --git a/x-pack/legacy/plugins/siem/public/components/ml_popover/jobs_table/job_switch.tsx b/x-pack/legacy/plugins/siem/public/components/ml_popover/jobs_table/job_switch.tsx
index a0e0c70d2f204..a0343608dc67a 100644
--- a/x-pack/legacy/plugins/siem/public/components/ml_popover/jobs_table/job_switch.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/ml_popover/jobs_table/job_switch.tsx
@@ -7,12 +7,12 @@
import styled from 'styled-components';
import React, { useState, useCallback } from 'react';
import { EuiFlexGroup, EuiFlexItem, EuiLoadingSpinner, EuiSwitch } from '@elastic/eui';
-import { SiemJob } from '../types';
import {
isJobLoading,
isJobFailed,
isJobStarted,
-} from '../../../../common/detection_engine/ml_helpers';
+} from '../../../../../../../plugins/siem/common/detection_engine/ml_helpers';
+import { SiemJob } from '../types';
const StaticSwitch = styled(EuiSwitch)`
.euiSwitch__thumb,
diff --git a/x-pack/legacy/plugins/siem/public/components/navigation/breadcrumbs/index.ts b/x-pack/legacy/plugins/siem/public/components/navigation/breadcrumbs/index.ts
index 155f63145ca95..5407eba8b5b29 100644
--- a/x-pack/legacy/plugins/siem/public/components/navigation/breadcrumbs/index.ts
+++ b/x-pack/legacy/plugins/siem/public/components/navigation/breadcrumbs/index.ts
@@ -7,7 +7,7 @@
import { getOr, omit } from 'lodash/fp';
import { ChromeBreadcrumb } from '../../../../../../../../src/core/public';
-import { APP_NAME } from '../../../../common/constants';
+import { APP_NAME } from '../../../../../../../plugins/siem/common/constants';
import { StartServices } from '../../../plugin';
import { getBreadcrumbs as getHostDetailsBreadcrumbs } from '../../../pages/hosts/details/utils';
import { getBreadcrumbs as getIPDetailsBreadcrumbs } from '../../../pages/network/ip_details';
diff --git a/x-pack/legacy/plugins/siem/public/components/news_feed/helpers.test.ts b/x-pack/legacy/plugins/siem/public/components/news_feed/helpers.test.ts
index e7cd03d098da8..686ec4e86e785 100644
--- a/x-pack/legacy/plugins/siem/public/components/news_feed/helpers.test.ts
+++ b/x-pack/legacy/plugins/siem/public/components/news_feed/helpers.test.ts
@@ -4,8 +4,8 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import { NEWS_FEED_URL_SETTING_DEFAULT } from '../../../../../../plugins/siem/common/constants';
import { KibanaServices } from '../../lib/kibana';
-import { NEWS_FEED_URL_SETTING_DEFAULT } from '../../../common/constants';
import { rawNewsApiResponse } from '../../mock/news';
import { rawNewsJSON } from '../../mock/raw_news';
diff --git a/x-pack/legacy/plugins/siem/public/components/page/hosts/host_overview/index.tsx b/x-pack/legacy/plugins/siem/public/components/page/hosts/host_overview/index.tsx
index 4d0e6a737d303..a0ca5f855237c 100644
--- a/x-pack/legacy/plugins/siem/public/components/page/hosts/host_overview/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/page/hosts/host_overview/index.tsx
@@ -10,8 +10,8 @@ import lightTheme from '@elastic/eui/dist/eui_theme_light.json';
import { getOr } from 'lodash/fp';
import React from 'react';
-import { DEFAULT_DARK_MODE } from '../../../../../common/constants';
-import { DescriptionList } from '../../../../../common/utility_types';
+import { DEFAULT_DARK_MODE } from '../../../../../../../../plugins/siem/common/constants';
+import { DescriptionList } from '../../../../../../../../plugins/siem/common/utility_types';
import { useUiSetting$ } from '../../../../lib/kibana';
import { getEmptyTagValue } from '../../../empty_value';
import { DefaultFieldRenderer, hostIdRenderer } from '../../../field_renderers/field_renderers';
diff --git a/x-pack/legacy/plugins/siem/public/components/page/network/ip_overview/index.tsx b/x-pack/legacy/plugins/siem/public/components/page/network/ip_overview/index.tsx
index 56b59ca97156f..a652fef5508fc 100644
--- a/x-pack/legacy/plugins/siem/public/components/page/network/ip_overview/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/page/network/ip_overview/index.tsx
@@ -9,8 +9,8 @@ import darkTheme from '@elastic/eui/dist/eui_theme_dark.json';
import lightTheme from '@elastic/eui/dist/eui_theme_light.json';
import React from 'react';
-import { DEFAULT_DARK_MODE } from '../../../../../common/constants';
-import { DescriptionList } from '../../../../../common/utility_types';
+import { DEFAULT_DARK_MODE } from '../../../../../../../../plugins/siem/common/constants';
+import { DescriptionList } from '../../../../../../../../plugins/siem/common/utility_types';
import { useUiSetting$ } from '../../../../lib/kibana';
import { FlowTarget, IpOverviewData, Overview } from '../../../../graphql/types';
import { networkModel } from '../../../../store';
diff --git a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host/index.tsx b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host/index.tsx
index 52c142ceff480..b43efbbde51b3 100644
--- a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_host/index.tsx
@@ -10,8 +10,8 @@ import numeral from '@elastic/numeral';
import { FormattedMessage } from '@kbn/i18n/react';
import React, { useMemo } from 'react';
-import { DEFAULT_NUMBER_FORMAT } from '../../../../../common/constants';
-import { ESQuery } from '../../../../../common/typed_json';
+import { DEFAULT_NUMBER_FORMAT } from '../../../../../../../../plugins/siem/common/constants';
+import { ESQuery } from '../../../../../../../../plugins/siem/common/typed_json';
import {
ID as OverviewHostQueryId,
OverviewHostQuery,
diff --git a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network/index.tsx b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network/index.tsx
index d649a0dd9e923..af50fa88e5fe8 100644
--- a/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/page/overview/overview_network/index.tsx
@@ -10,8 +10,8 @@ import numeral from '@elastic/numeral';
import { FormattedMessage } from '@kbn/i18n/react';
import React, { useMemo } from 'react';
-import { DEFAULT_NUMBER_FORMAT } from '../../../../../common/constants';
-import { ESQuery } from '../../../../../common/typed_json';
+import { DEFAULT_NUMBER_FORMAT } from '../../../../../../../../plugins/siem/common/constants';
+import { ESQuery } from '../../../../../../../../plugins/siem/common/typed_json';
import { HeaderSection } from '../../../header_section';
import { useUiSetting$ } from '../../../../lib/kibana';
import { manageQuery } from '../../../page/manage_query';
diff --git a/x-pack/legacy/plugins/siem/public/components/page/overview/stat_value.tsx b/x-pack/legacy/plugins/siem/public/components/page/overview/stat_value.tsx
index 7615001eec9da..cada0a9aff939 100644
--- a/x-pack/legacy/plugins/siem/public/components/page/overview/stat_value.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/page/overview/stat_value.tsx
@@ -9,7 +9,7 @@ import numeral from '@elastic/numeral';
import React, { useEffect, useState } from 'react';
import styled from 'styled-components';
-import { DEFAULT_NUMBER_FORMAT } from '../../../../common/constants';
+import { DEFAULT_NUMBER_FORMAT } from '../../../../../../../plugins/siem/common/constants';
import { useUiSetting$ } from '../../../lib/kibana';
const ProgressContainer = styled.div`
diff --git a/x-pack/legacy/plugins/siem/public/components/paginated_table/index.test.tsx b/x-pack/legacy/plugins/siem/public/components/paginated_table/index.test.tsx
index 947bdee6a5cd2..2f743c3387209 100644
--- a/x-pack/legacy/plugins/siem/public/components/paginated_table/index.test.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/paginated_table/index.test.tsx
@@ -7,13 +7,13 @@
import { mount, shallow } from 'enzyme';
import React from 'react';
+import { DEFAULT_MAX_TABLE_QUERY_SIZE } from '../../../../../../plugins/siem/common/constants';
import { Direction } from '../../graphql/types';
import { BasicTableProps, PaginatedTable } from './index';
import { getHostsColumns, mockData, rowItems, sortedHosts } from './index.mock';
import { ThemeProvider } from 'styled-components';
import euiDarkVars from '@elastic/eui/dist/eui_theme_dark.json';
-import { DEFAULT_MAX_TABLE_QUERY_SIZE } from '../../../common/constants';
jest.mock('react', () => {
const r = jest.requireActual('react');
diff --git a/x-pack/legacy/plugins/siem/public/components/paginated_table/index.tsx b/x-pack/legacy/plugins/siem/public/components/paginated_table/index.tsx
index 53bc999aa9487..9ecd42cc227ce 100644
--- a/x-pack/legacy/plugins/siem/public/components/paginated_table/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/paginated_table/index.tsx
@@ -22,6 +22,7 @@ import { noop } from 'lodash/fp';
import React, { FC, memo, useState, useEffect, ComponentType } from 'react';
import styled from 'styled-components';
+import { DEFAULT_MAX_TABLE_QUERY_SIZE } from '../../../../../../plugins/siem/common/constants';
import { AuthTableColumns } from '../page/hosts/authentications_table';
import { HostsTableColumns } from '../page/hosts/hosts_table';
import { NetworkDnsColumns } from '../page/network/network_dns_table/columns';
@@ -40,7 +41,6 @@ import { UsersColumns } from '../page/network/users_table/columns';
import { HeaderSection } from '../header_section';
import { Loader } from '../loader';
import { useStateToaster } from '../toasters';
-import { DEFAULT_MAX_TABLE_QUERY_SIZE } from '../../../common/constants';
import * as i18n from './translations';
import { Panel } from '../panel';
diff --git a/x-pack/legacy/plugins/siem/public/components/query_bar/index.test.tsx b/x-pack/legacy/plugins/siem/public/components/query_bar/index.test.tsx
index 870d0b40d8cd4..49afc8d5ef68b 100644
--- a/x-pack/legacy/plugins/siem/public/components/query_bar/index.test.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/query_bar/index.test.tsx
@@ -7,9 +7,9 @@
import { mount } from 'enzyme';
import React from 'react';
+import { DEFAULT_FROM, DEFAULT_TO } from '../../../../../../plugins/siem/common/constants';
import { TestProviders, mockIndexPattern } from '../../mock';
import { createKibanaCoreStartMock } from '../../mock/kibana_core';
-import { DEFAULT_FROM, DEFAULT_TO } from '../../../common/constants';
import { FilterManager, SearchBar } from '../../../../../../../src/plugins/data/public';
import { QueryBar, QueryBarComponentProps } from '.';
import { createKibanaContextProviderMock } from '../../mock/kibana_react';
diff --git a/x-pack/legacy/plugins/siem/public/components/super_date_picker/index.test.tsx b/x-pack/legacy/plugins/siem/public/components/super_date_picker/index.test.tsx
index c5838fa283e17..d64ddb9bb40b1 100644
--- a/x-pack/legacy/plugins/siem/public/components/super_date_picker/index.test.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/super_date_picker/index.test.tsx
@@ -8,6 +8,7 @@ import { mount } from 'enzyme';
import React from 'react';
import { Provider as ReduxStoreProvider } from 'react-redux';
+import { DEFAULT_TIMEPICKER_QUICK_RANGES } from '../../../../../../plugins/siem/common/constants';
import { useUiSetting$ } from '../../lib/kibana';
import { apolloClientObservable, mockGlobalState } from '../../mock';
import { createUseUiSetting$Mock } from '../../mock/kibana_react';
@@ -15,7 +16,6 @@ import { createStore, State } from '../../store';
import { SuperDatePicker, makeMapStateToProps } from '.';
import { cloneDeep } from 'lodash/fp';
-import { DEFAULT_TIMEPICKER_QUICK_RANGES } from '../../../common/constants';
jest.mock('../../lib/kibana');
const mockUseUiSetting$ = useUiSetting$ as jest.Mock;
diff --git a/x-pack/legacy/plugins/siem/public/components/super_date_picker/index.tsx b/x-pack/legacy/plugins/siem/public/components/super_date_picker/index.tsx
index ad38a7d61bcba..cf350b3993a4b 100644
--- a/x-pack/legacy/plugins/siem/public/components/super_date_picker/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/super_date_picker/index.tsx
@@ -17,7 +17,7 @@ import React, { useState, useCallback } from 'react';
import { connect, ConnectedProps } from 'react-redux';
import { Dispatch } from 'redux';
-import { DEFAULT_TIMEPICKER_QUICK_RANGES } from '../../../common/constants';
+import { DEFAULT_TIMEPICKER_QUICK_RANGES } from '../../../../../../plugins/siem/common/constants';
import { useUiSetting$ } from '../../lib/kibana';
import { inputsModel, State } from '../../store';
import { inputsActions, timelineActions } from '../../store/actions';
diff --git a/x-pack/legacy/plugins/siem/public/components/timeline/query_bar/index.test.tsx b/x-pack/legacy/plugins/siem/public/components/timeline/query_bar/index.test.tsx
index 943133dc2063c..a49f6cc930abd 100644
--- a/x-pack/legacy/plugins/siem/public/components/timeline/query_bar/index.test.tsx
+++ b/x-pack/legacy/plugins/siem/public/components/timeline/query_bar/index.test.tsx
@@ -7,7 +7,7 @@
import { mount } from 'enzyme';
import React from 'react';
-import { DEFAULT_FROM, DEFAULT_TO } from '../../../../common/constants';
+import { DEFAULT_FROM, DEFAULT_TO } from '../../../../../../../plugins/siem/common/constants';
import { mockBrowserFields } from '../../../containers/source/mock';
import { convertKueryToElasticSearchQuery } from '../../../lib/keury';
import { mockIndexPattern, TestProviders } from '../../../mock';
diff --git a/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/index.tsx b/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/index.tsx
index 85e19248f2eb5..83c38f2a76175 100644
--- a/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/index.tsx
@@ -5,11 +5,12 @@
*/
import React, { useEffect } from 'react';
+
+import { DEFAULT_ANOMALY_SCORE } from '../../../../../../../plugins/siem/common/constants';
import { AnomaliesQueryTabBodyProps } from './types';
import { getAnomaliesFilterQuery } from './utils';
import { useSiemJobs } from '../../../components/ml_popover/hooks/use_siem_jobs';
import { useUiSetting$ } from '../../../lib/kibana';
-import { DEFAULT_ANOMALY_SCORE } from '../../../../common/constants';
import { MatrixHistogramContainer } from '../../../components/matrix_histogram';
import { histogramConfigs } from './histogram_configs';
const ID = 'anomaliesOverTimeQuery';
diff --git a/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/types.ts b/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/types.ts
index f6cae81e3c6c4..d17eadc68d04b 100644
--- a/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/types.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/types.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { ESTermQuery } from '../../../../common/typed_json';
+import { ESTermQuery } from '../../../../../../../plugins/siem/common/typed_json';
import { NarrowDateRange } from '../../../components/ml/types';
import { UpdateDateRange } from '../../../components/charts/common';
import { SetQuery } from '../../../pages/hosts/navigation/types';
diff --git a/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/utils.ts b/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/utils.ts
index 9609619916ab1..f698e302d3423 100644
--- a/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/utils.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/anomalies/anomalies_query_tab_body/utils.ts
@@ -5,8 +5,9 @@
*/
import deepmerge from 'deepmerge';
+
+import { ESTermQuery } from '../../../../../../../plugins/siem/common/typed_json';
import { createFilter } from '../../helpers';
-import { ESTermQuery } from '../../../../common/typed_json';
import { SiemJob } from '../../../components/ml_popover/types';
import { FlowTarget } from '../../../graphql/types';
diff --git a/x-pack/legacy/plugins/siem/public/containers/authentications/index.tsx b/x-pack/legacy/plugins/siem/public/containers/authentications/index.tsx
index 6d4a88c45a768..13bb40dad04bd 100644
--- a/x-pack/legacy/plugins/siem/public/containers/authentications/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/authentications/index.tsx
@@ -10,7 +10,7 @@ import { Query } from 'react-apollo';
import { connect } from 'react-redux';
import { compose } from 'redux';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import {
AuthenticationsEdges,
GetAuthenticationsQuery,
diff --git a/x-pack/legacy/plugins/siem/public/containers/detection_engine/rules/api.ts b/x-pack/legacy/plugins/siem/public/containers/detection_engine/rules/api.ts
index 5cc73e17662c6..69f4c93a82e2c 100644
--- a/x-pack/legacy/plugins/siem/public/containers/detection_engine/rules/api.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/detection_engine/rules/api.ts
@@ -4,6 +4,13 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import {
+ DETECTION_ENGINE_RULES_URL,
+ DETECTION_ENGINE_PREPACKAGED_URL,
+ DETECTION_ENGINE_RULES_STATUS_URL,
+ DETECTION_ENGINE_PREPACKAGED_RULES_STATUS_URL,
+ DETECTION_ENGINE_TAGS_URL,
+} from '../../../../../../../plugins/siem/common/constants';
import {
AddRulesProps,
DeleteRulesProps,
@@ -23,13 +30,6 @@ import {
BulkRuleResponse,
} from './types';
import { KibanaServices } from '../../../lib/kibana';
-import {
- DETECTION_ENGINE_RULES_URL,
- DETECTION_ENGINE_PREPACKAGED_URL,
- DETECTION_ENGINE_RULES_STATUS_URL,
- DETECTION_ENGINE_PREPACKAGED_RULES_STATUS_URL,
- DETECTION_ENGINE_TAGS_URL,
-} from '../../../../common/constants';
import * as i18n from '../../../pages/detection_engine/rules/translations';
/**
diff --git a/x-pack/legacy/plugins/siem/public/containers/detection_engine/rules/fetch_index_patterns.test.tsx b/x-pack/legacy/plugins/siem/public/containers/detection_engine/rules/fetch_index_patterns.test.tsx
index cad78ac565903..83b8a3581a4be 100644
--- a/x-pack/legacy/plugins/siem/public/containers/detection_engine/rules/fetch_index_patterns.test.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/detection_engine/rules/fetch_index_patterns.test.tsx
@@ -6,7 +6,7 @@
import { renderHook, act } from '@testing-library/react-hooks';
-import { defaultIndexPattern } from '../../../../default_index_pattern';
+import { DEFAULT_INDEX_PATTERN } from '../../../../../../../plugins/siem/common/constants';
import { useApolloClient } from '../../../utils/apollo_context';
import { mocksSource } from '../../source/mock';
@@ -25,7 +25,7 @@ describe('useFetchIndexPatterns', () => {
query: () => Promise.resolve(mocksSource[0].result),
}));
const { result, waitForNextUpdate } = renderHook(() =>
- useFetchIndexPatterns(defaultIndexPattern)
+ useFetchIndexPatterns(DEFAULT_INDEX_PATTERN)
);
await waitForNextUpdate();
await waitForNextUpdate();
@@ -429,7 +429,7 @@ describe('useFetchIndexPatterns', () => {
query: () => Promise.reject(new Error('Something went wrong')),
}));
const { result, waitForNextUpdate } = renderHook(() =>
- useFetchIndexPatterns(defaultIndexPattern)
+ useFetchIndexPatterns(DEFAULT_INDEX_PATTERN)
);
await waitForNextUpdate();
diff --git a/x-pack/legacy/plugins/siem/public/containers/detection_engine/rules/types.ts b/x-pack/legacy/plugins/siem/public/containers/detection_engine/rules/types.ts
index f89d21ef1aeb1..2f2de2e151664 100644
--- a/x-pack/legacy/plugins/siem/public/containers/detection_engine/rules/types.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/detection_engine/rules/types.ts
@@ -6,7 +6,7 @@
import * as t from 'io-ts';
-import { RuleTypeSchema } from '../../../../common/detection_engine/types';
+import { RuleTypeSchema } from '../../../../../../../plugins/siem/common/detection_engine/types';
/**
* Params is an "record", since it is a type of AlertActionParams which is action templates.
diff --git a/x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/api.ts b/x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/api.ts
index 25263c2d32735..ece2483adde3a 100644
--- a/x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/api.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/detection_engine/signals/api.ts
@@ -4,13 +4,13 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { KibanaServices } from '../../../lib/kibana';
import {
DETECTION_ENGINE_QUERY_SIGNALS_URL,
DETECTION_ENGINE_SIGNALS_STATUS_URL,
DETECTION_ENGINE_INDEX_URL,
DETECTION_ENGINE_PRIVILEGES_URL,
-} from '../../../../common/constants';
+} from '../../../../../../../plugins/siem/common/constants';
+import { KibanaServices } from '../../../lib/kibana';
import {
BasicSignals,
Privilege,
diff --git a/x-pack/legacy/plugins/siem/public/containers/events/last_event_time/index.ts b/x-pack/legacy/plugins/siem/public/containers/events/last_event_time/index.ts
index 9cae503d30940..8628ba502f081 100644
--- a/x-pack/legacy/plugins/siem/public/containers/events/last_event_time/index.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/events/last_event_time/index.ts
@@ -7,7 +7,7 @@
import { get } from 'lodash/fp';
import React, { useEffect, useState } from 'react';
-import { DEFAULT_INDEX_KEY } from '../../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../../plugins/siem/common/constants';
import { GetLastEventTimeQuery, LastEventIndexKey, LastTimeDetails } from '../../../graphql/types';
import { inputsModel } from '../../../store';
import { QueryTemplateProps } from '../../query_template';
diff --git a/x-pack/legacy/plugins/siem/public/containers/events/last_event_time/mock.ts b/x-pack/legacy/plugins/siem/public/containers/events/last_event_time/mock.ts
index ca8786077851f..5ef8e67dedddb 100644
--- a/x-pack/legacy/plugins/siem/public/containers/events/last_event_time/mock.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/events/last_event_time/mock.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { defaultIndexPattern } from '../../../../default_index_pattern';
+import { DEFAULT_INDEX_PATTERN } from '../../../../../../../plugins/siem/common/constants';
import { GetLastEventTimeQuery, LastEventIndexKey } from '../../../graphql/types';
import { LastEventTimeGqlQuery } from './last_event_time.gql_query';
@@ -43,7 +43,7 @@ export const mockLastEventTimeQuery: MockLastEventTimeQuery[] = [
sourceId: 'default',
indexKey: LastEventIndexKey.hosts,
details: {},
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
},
},
result: {
diff --git a/x-pack/legacy/plugins/siem/public/containers/helpers.test.ts b/x-pack/legacy/plugins/siem/public/containers/helpers.test.ts
index 5d378d79acc7a..67cfe259927ab 100644
--- a/x-pack/legacy/plugins/siem/public/containers/helpers.test.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/helpers.test.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { ESQuery } from '../../common/typed_json';
+import { ESQuery } from '../../../../../plugins/siem/common/typed_json';
import { createFilter } from './helpers';
diff --git a/x-pack/legacy/plugins/siem/public/containers/helpers.ts b/x-pack/legacy/plugins/siem/public/containers/helpers.ts
index 5f66e3f4b88d4..7ff9577bfb05e 100644
--- a/x-pack/legacy/plugins/siem/public/containers/helpers.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/helpers.ts
@@ -7,7 +7,7 @@
import { FetchPolicy } from 'apollo-client';
import { isString } from 'lodash/fp';
-import { ESQuery } from '../../common/typed_json';
+import { ESQuery } from '../../../../../plugins/siem/common/typed_json';
export const createFilter = (filterQuery: ESQuery | string | undefined) =>
isString(filterQuery) ? filterQuery : JSON.stringify(filterQuery);
diff --git a/x-pack/legacy/plugins/siem/public/containers/hosts/first_last_seen/index.ts b/x-pack/legacy/plugins/siem/public/containers/hosts/first_last_seen/index.ts
index e36da5bfbe4ee..5806125f2397b 100644
--- a/x-pack/legacy/plugins/siem/public/containers/hosts/first_last_seen/index.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/hosts/first_last_seen/index.ts
@@ -8,8 +8,8 @@ import ApolloClient from 'apollo-client';
import { get } from 'lodash/fp';
import React, { useEffect, useState } from 'react';
+import { DEFAULT_INDEX_KEY } from '../../../../../../../plugins/siem/common/constants';
import { useUiSetting$ } from '../../../lib/kibana';
-import { DEFAULT_INDEX_KEY } from '../../../../common/constants';
import { GetHostFirstLastSeenQuery } from '../../../graphql/types';
import { inputsModel } from '../../../store';
import { QueryTemplateProps } from '../../query_template';
diff --git a/x-pack/legacy/plugins/siem/public/containers/hosts/first_last_seen/mock.ts b/x-pack/legacy/plugins/siem/public/containers/hosts/first_last_seen/mock.ts
index 2c9d418763e8e..7376f38ae8d0f 100644
--- a/x-pack/legacy/plugins/siem/public/containers/hosts/first_last_seen/mock.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/hosts/first_last_seen/mock.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { defaultIndexPattern } from '../../../../default_index_pattern';
+import { DEFAULT_INDEX_PATTERN } from '../../../../../../../plugins/siem/common/constants';
import { GetHostFirstLastSeenQuery } from '../../../graphql/types';
import { HostFirstLastSeenGqlQuery } from './first_last_seen.gql_query';
@@ -34,7 +34,7 @@ export const mockFirstLastSeenHostQuery: MockedProvidedQuery[] = [
variables: {
sourceId: 'default',
hostName: 'kibana-siem',
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
},
},
result: {
diff --git a/x-pack/legacy/plugins/siem/public/containers/hosts/index.tsx b/x-pack/legacy/plugins/siem/public/containers/hosts/index.tsx
index fbfad37d6099c..d0c0c81ea9c77 100644
--- a/x-pack/legacy/plugins/siem/public/containers/hosts/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/hosts/index.tsx
@@ -11,7 +11,7 @@ import { Query } from 'react-apollo';
import { connect } from 'react-redux';
import { compose } from 'redux';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import {
Direction,
GetHostsTableQuery,
diff --git a/x-pack/legacy/plugins/siem/public/containers/hosts/overview/index.tsx b/x-pack/legacy/plugins/siem/public/containers/hosts/overview/index.tsx
index 5057e872b5313..405c45348b54d 100644
--- a/x-pack/legacy/plugins/siem/public/containers/hosts/overview/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/hosts/overview/index.tsx
@@ -10,7 +10,7 @@ import { Query } from 'react-apollo';
import { connect } from 'react-redux';
import { compose } from 'redux';
-import { DEFAULT_INDEX_KEY } from '../../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../../plugins/siem/common/constants';
import { inputsModel, inputsSelectors, State } from '../../../store';
import { getDefaultFetchPolicy } from '../../helpers';
import { QueryTemplate, QueryTemplateProps } from '../../query_template';
diff --git a/x-pack/legacy/plugins/siem/public/containers/ip_overview/index.tsx b/x-pack/legacy/plugins/siem/public/containers/ip_overview/index.tsx
index ade94c430c6ef..954bfede07139 100644
--- a/x-pack/legacy/plugins/siem/public/containers/ip_overview/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/ip_overview/index.tsx
@@ -9,7 +9,7 @@ import React from 'react';
import { Query } from 'react-apollo';
import { connect, ConnectedProps } from 'react-redux';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import { GetIpOverviewQuery, IpOverviewData } from '../../graphql/types';
import { networkModel, inputsModel, inputsSelectors, State } from '../../store';
import { useUiSetting } from '../../lib/kibana';
diff --git a/x-pack/legacy/plugins/siem/public/containers/kpi_host_details/index.tsx b/x-pack/legacy/plugins/siem/public/containers/kpi_host_details/index.tsx
index de9d54b1a185c..3933aefa60483 100644
--- a/x-pack/legacy/plugins/siem/public/containers/kpi_host_details/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/kpi_host_details/index.tsx
@@ -9,7 +9,7 @@ import React from 'react';
import { Query } from 'react-apollo';
import { connect, ConnectedProps } from 'react-redux';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import { KpiHostDetailsData, GetKpiHostDetailsQuery } from '../../graphql/types';
import { inputsModel, inputsSelectors, State } from '../../store';
import { useUiSetting } from '../../lib/kibana';
diff --git a/x-pack/legacy/plugins/siem/public/containers/kpi_hosts/index.tsx b/x-pack/legacy/plugins/siem/public/containers/kpi_hosts/index.tsx
index 5be2423e8a162..7035d63193118 100644
--- a/x-pack/legacy/plugins/siem/public/containers/kpi_hosts/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/kpi_hosts/index.tsx
@@ -9,7 +9,7 @@ import React from 'react';
import { Query } from 'react-apollo';
import { connect, ConnectedProps } from 'react-redux';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import { GetKpiHostsQuery, KpiHostsData } from '../../graphql/types';
import { inputsModel, inputsSelectors, State } from '../../store';
import { useUiSetting } from '../../lib/kibana';
diff --git a/x-pack/legacy/plugins/siem/public/containers/kpi_network/index.tsx b/x-pack/legacy/plugins/siem/public/containers/kpi_network/index.tsx
index 338cdc39b178c..002a819417df6 100644
--- a/x-pack/legacy/plugins/siem/public/containers/kpi_network/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/kpi_network/index.tsx
@@ -9,7 +9,7 @@ import React from 'react';
import { Query } from 'react-apollo';
import { connect, ConnectedProps } from 'react-redux';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import { GetKpiNetworkQuery, KpiNetworkData } from '../../graphql/types';
import { inputsModel, inputsSelectors, State } from '../../store';
import { useUiSetting } from '../../lib/kibana';
diff --git a/x-pack/legacy/plugins/siem/public/containers/matrix_histogram/index.ts b/x-pack/legacy/plugins/siem/public/containers/matrix_histogram/index.ts
index 83b3a8fdbb68c..55d7e7cdc6e54 100644
--- a/x-pack/legacy/plugins/siem/public/containers/matrix_histogram/index.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/matrix_histogram/index.ts
@@ -3,11 +3,12 @@
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/
+
import { isEmpty } from 'lodash/fp';
import { useEffect, useMemo, useState, useRef } from 'react';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import { MatrixHistogramQueryProps } from '../../components/matrix_histogram/types';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
import { errorToToaster, useStateToaster } from '../../components/toasters';
import { useUiSetting$ } from '../../lib/kibana';
import { createFilter } from '../helpers';
diff --git a/x-pack/legacy/plugins/siem/public/containers/network_dns/index.tsx b/x-pack/legacy/plugins/siem/public/containers/network_dns/index.tsx
index 04c8783c30a0f..060b66fc3cbbe 100644
--- a/x-pack/legacy/plugins/siem/public/containers/network_dns/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/network_dns/index.tsx
@@ -12,7 +12,7 @@ import { compose } from 'redux';
import { DocumentNode } from 'graphql';
import { ScaleType } from '@elastic/charts';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import {
GetNetworkDnsQuery,
NetworkDnsEdges,
diff --git a/x-pack/legacy/plugins/siem/public/containers/network_http/index.tsx b/x-pack/legacy/plugins/siem/public/containers/network_http/index.tsx
index bf4e64f63d559..b13637fa88d07 100644
--- a/x-pack/legacy/plugins/siem/public/containers/network_http/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/network_http/index.tsx
@@ -10,7 +10,7 @@ import { Query } from 'react-apollo';
import { connect } from 'react-redux';
import { compose } from 'redux';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import {
GetNetworkHttpQuery,
NetworkHttpEdges,
diff --git a/x-pack/legacy/plugins/siem/public/containers/network_top_countries/index.tsx b/x-pack/legacy/plugins/siem/public/containers/network_top_countries/index.tsx
index bd1e1a002bbcd..17a14ce3a1120 100644
--- a/x-pack/legacy/plugins/siem/public/containers/network_top_countries/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/network_top_countries/index.tsx
@@ -10,7 +10,7 @@ import { Query } from 'react-apollo';
import { connect } from 'react-redux';
import { compose } from 'redux';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import {
FlowTargetSourceDest,
GetNetworkTopCountriesQuery,
diff --git a/x-pack/legacy/plugins/siem/public/containers/network_top_n_flow/index.tsx b/x-pack/legacy/plugins/siem/public/containers/network_top_n_flow/index.tsx
index f0f1f8257f29f..fdac282292a4b 100644
--- a/x-pack/legacy/plugins/siem/public/containers/network_top_n_flow/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/network_top_n_flow/index.tsx
@@ -10,7 +10,7 @@ import { Query } from 'react-apollo';
import { connect } from 'react-redux';
import { compose } from 'redux';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import {
FlowTargetSourceDest,
GetNetworkTopNFlowQuery,
diff --git a/x-pack/legacy/plugins/siem/public/containers/overview/overview_host/index.tsx b/x-pack/legacy/plugins/siem/public/containers/overview/overview_host/index.tsx
index 2dd9ccf24d802..e7b68bf557a21 100644
--- a/x-pack/legacy/plugins/siem/public/containers/overview/overview_host/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/overview/overview_host/index.tsx
@@ -9,7 +9,7 @@ import React from 'react';
import { Query } from 'react-apollo';
import { connect, ConnectedProps } from 'react-redux';
-import { DEFAULT_INDEX_KEY } from '../../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../../plugins/siem/common/constants';
import { GetOverviewHostQuery, OverviewHostData } from '../../../graphql/types';
import { useUiSetting } from '../../../lib/kibana';
import { inputsModel, inputsSelectors } from '../../../store/inputs';
diff --git a/x-pack/legacy/plugins/siem/public/containers/overview/overview_network/index.tsx b/x-pack/legacy/plugins/siem/public/containers/overview/overview_network/index.tsx
index d0acd41c224a5..c7f72ac6193f4 100644
--- a/x-pack/legacy/plugins/siem/public/containers/overview/overview_network/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/overview/overview_network/index.tsx
@@ -9,7 +9,7 @@ import React from 'react';
import { Query } from 'react-apollo';
import { connect, ConnectedProps } from 'react-redux';
-import { DEFAULT_INDEX_KEY } from '../../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../../plugins/siem/common/constants';
import { GetOverviewNetworkQuery, OverviewNetworkData } from '../../../graphql/types';
import { useUiSetting } from '../../../lib/kibana';
import { State } from '../../../store';
diff --git a/x-pack/legacy/plugins/siem/public/containers/query_template.tsx b/x-pack/legacy/plugins/siem/public/containers/query_template.tsx
index dfb452c24b86e..c33f5fd89a79b 100644
--- a/x-pack/legacy/plugins/siem/public/containers/query_template.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/query_template.tsx
@@ -8,7 +8,7 @@ import { ApolloQueryResult } from 'apollo-client';
import React from 'react';
import { FetchMoreOptions, FetchMoreQueryOptions, OperationVariables } from 'react-apollo';
-import { ESQuery } from '../../common/typed_json';
+import { ESQuery } from '../../../../../plugins/siem/common/typed_json';
export interface QueryTemplateProps {
id?: string;
diff --git a/x-pack/legacy/plugins/siem/public/containers/query_template_paginated.tsx b/x-pack/legacy/plugins/siem/public/containers/query_template_paginated.tsx
index db618f216d83e..45041a6447611 100644
--- a/x-pack/legacy/plugins/siem/public/containers/query_template_paginated.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/query_template_paginated.tsx
@@ -10,7 +10,7 @@ import React from 'react';
import { FetchMoreOptions, FetchMoreQueryOptions, OperationVariables } from 'react-apollo';
import deepEqual from 'fast-deep-equal';
-import { ESQuery } from '../../common/typed_json';
+import { ESQuery } from '../../../../../plugins/siem/common/typed_json';
import { inputsModel } from '../store/model';
import { generateTablePaginationOptions } from '../components/paginated_table/helpers';
diff --git a/x-pack/legacy/plugins/siem/public/containers/source/index.tsx b/x-pack/legacy/plugins/siem/public/containers/source/index.tsx
index e454421ca955d..3467e2b5f18d8 100644
--- a/x-pack/legacy/plugins/siem/public/containers/source/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/source/index.tsx
@@ -11,9 +11,9 @@ import React, { useEffect, useMemo, useState } from 'react';
import memoizeOne from 'memoize-one';
import { IIndexPattern } from 'src/plugins/data/public';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import { useUiSetting$ } from '../../lib/kibana';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
import { IndexField, SourceQuery } from '../../graphql/types';
import { sourceQuery } from './index.gql_query';
diff --git a/x-pack/legacy/plugins/siem/public/containers/source/mock.ts b/x-pack/legacy/plugins/siem/public/containers/source/mock.ts
index 738c1681f40af..805c69f7fcc12 100644
--- a/x-pack/legacy/plugins/siem/public/containers/source/mock.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/source/mock.ts
@@ -4,9 +4,10 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import { DEFAULT_INDEX_PATTERN } from '../../../../../../plugins/siem/common/constants';
+
import { BrowserFields } from '.';
import { sourceQuery } from './index.gql_query';
-import { defaultIndexPattern } from '../../../default_index_pattern';
export const mocksSource = [
{
@@ -14,7 +15,7 @@ export const mocksSource = [
query: sourceQuery,
variables: {
sourceId: 'default',
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
},
},
result: {
@@ -333,7 +334,7 @@ export const mocksSource = [
'event.end contains the date when the event ended or when the activity was last observed.',
example: null,
format: '',
- indexes: defaultIndexPattern,
+ indexes: DEFAULT_INDEX_PATTERN,
name: 'event.end',
searchable: true,
type: 'date',
@@ -661,7 +662,7 @@ export const mockBrowserFields: BrowserFields = {
'event.end contains the date when the event ended or when the activity was last observed.',
example: null,
format: '',
- indexes: defaultIndexPattern,
+ indexes: DEFAULT_INDEX_PATTERN,
name: 'event.end',
searchable: true,
type: 'date',
diff --git a/x-pack/legacy/plugins/siem/public/containers/timeline/all/api.ts b/x-pack/legacy/plugins/siem/public/containers/timeline/all/api.ts
index 4c8e2384de585..32ac62d594e1c 100644
--- a/x-pack/legacy/plugins/siem/public/containers/timeline/all/api.ts
+++ b/x-pack/legacy/plugins/siem/public/containers/timeline/all/api.ts
@@ -4,9 +4,12 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import {
+ TIMELINE_IMPORT_URL,
+ TIMELINE_EXPORT_URL,
+} from '../../../../../../../plugins/siem/common/constants';
import { ImportDataProps, ImportDataResponse } from '../../detection_engine/rules';
import { KibanaServices } from '../../../lib/kibana';
-import { TIMELINE_IMPORT_URL, TIMELINE_EXPORT_URL } from '../../../../common/constants';
import { ExportSelectedData } from '../../../components/generic_downloader';
export const importTimelines = async ({
diff --git a/x-pack/legacy/plugins/siem/public/containers/timeline/details/index.tsx b/x-pack/legacy/plugins/siem/public/containers/timeline/details/index.tsx
index cf1b8954307e7..0debed9c5f9aa 100644
--- a/x-pack/legacy/plugins/siem/public/containers/timeline/details/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/timeline/details/index.tsx
@@ -9,7 +9,7 @@ import memoizeOne from 'memoize-one';
import React from 'react';
import { Query } from 'react-apollo';
-import { DEFAULT_INDEX_KEY } from '../../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../../plugins/siem/common/constants';
import { DetailItem, GetTimelineDetailsQuery } from '../../../graphql/types';
import { useUiSetting } from '../../../lib/kibana';
diff --git a/x-pack/legacy/plugins/siem/public/containers/timeline/index.tsx b/x-pack/legacy/plugins/siem/public/containers/timeline/index.tsx
index f726ec9779dc8..3c089ef6926dd 100644
--- a/x-pack/legacy/plugins/siem/public/containers/timeline/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/timeline/index.tsx
@@ -11,8 +11,8 @@ import { Query } from 'react-apollo';
import { compose, Dispatch } from 'redux';
import { connect, ConnectedProps } from 'react-redux';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import { IIndexPattern } from '../../../../../../../src/plugins/data/common/index_patterns';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
import {
GetTimelineQuery,
PageInfo,
diff --git a/x-pack/legacy/plugins/siem/public/containers/tls/index.tsx b/x-pack/legacy/plugins/siem/public/containers/tls/index.tsx
index 3738355c8846e..20617b88bda94 100644
--- a/x-pack/legacy/plugins/siem/public/containers/tls/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/tls/index.tsx
@@ -10,7 +10,7 @@ import { Query } from 'react-apollo';
import { connect } from 'react-redux';
import { compose } from 'redux';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import {
PageInfoPaginated,
TlsEdges,
diff --git a/x-pack/legacy/plugins/siem/public/containers/uncommon_processes/index.tsx b/x-pack/legacy/plugins/siem/public/containers/uncommon_processes/index.tsx
index 0a2ce67d9be80..72e4e46bc6ae0 100644
--- a/x-pack/legacy/plugins/siem/public/containers/uncommon_processes/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/uncommon_processes/index.tsx
@@ -10,7 +10,7 @@ import { Query } from 'react-apollo';
import { connect, ConnectedProps } from 'react-redux';
import { compose } from 'redux';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import {
GetUncommonProcessesQuery,
PageInfoPaginated,
diff --git a/x-pack/legacy/plugins/siem/public/containers/users/index.tsx b/x-pack/legacy/plugins/siem/public/containers/users/index.tsx
index 5f71449c52460..658cb5785b54c 100644
--- a/x-pack/legacy/plugins/siem/public/containers/users/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/containers/users/index.tsx
@@ -10,7 +10,7 @@ import { Query } from 'react-apollo';
import { connect, ConnectedProps } from 'react-redux';
import { compose } from 'redux';
-import { DEFAULT_INDEX_KEY } from '../../../common/constants';
+import { DEFAULT_INDEX_KEY } from '../../../../../../plugins/siem/common/constants';
import { GetUsersQuery, FlowTarget, PageInfoPaginated, UsersEdges } from '../../graphql/types';
import { inputsModel, networkModel, networkSelectors, State, inputsSelectors } from '../../store';
import { withKibana, WithKibanaProps } from '../../lib/kibana';
diff --git a/x-pack/legacy/plugins/siem/public/lib/kibana/hooks.ts b/x-pack/legacy/plugins/siem/public/lib/kibana/hooks.ts
index 775a7d7c0acca..e1d0a445bf2fb 100644
--- a/x-pack/legacy/plugins/siem/public/lib/kibana/hooks.ts
+++ b/x-pack/legacy/plugins/siem/public/lib/kibana/hooks.ts
@@ -8,7 +8,10 @@ import moment from 'moment-timezone';
import { useCallback, useEffect, useState } from 'react';
import { i18n } from '@kbn/i18n';
-import { DEFAULT_DATE_FORMAT, DEFAULT_DATE_FORMAT_TZ } from '../../../common/constants';
+import {
+ DEFAULT_DATE_FORMAT,
+ DEFAULT_DATE_FORMAT_TZ,
+} from '../../../../../../plugins/siem/common/constants';
import { useUiSetting, useKibana } from './kibana_react';
import { errorToToaster, useStateToaster } from '../../components/toasters';
import { AuthenticatedUser } from '../../../../../../plugins/security/common/model';
diff --git a/x-pack/legacy/plugins/siem/public/lib/theme/use_eui_theme.tsx b/x-pack/legacy/plugins/siem/public/lib/theme/use_eui_theme.tsx
index 1696001203bc8..b72c34d3b59a7 100644
--- a/x-pack/legacy/plugins/siem/public/lib/theme/use_eui_theme.tsx
+++ b/x-pack/legacy/plugins/siem/public/lib/theme/use_eui_theme.tsx
@@ -7,7 +7,7 @@
import darkTheme from '@elastic/eui/dist/eui_theme_dark.json';
import lightTheme from '@elastic/eui/dist/eui_theme_light.json';
-import { DEFAULT_DARK_MODE } from '../../../common/constants';
+import { DEFAULT_DARK_MODE } from '../../../../../../plugins/siem/common/constants';
import { useUiSetting$ } from '../kibana';
export const useEuiTheme = () => {
diff --git a/x-pack/legacy/plugins/siem/public/mock/global_state.ts b/x-pack/legacy/plugins/siem/public/mock/global_state.ts
index 6678c3043a3da..266c3aadea8af 100644
--- a/x-pack/legacy/plugins/siem/public/mock/global_state.ts
+++ b/x-pack/legacy/plugins/siem/public/mock/global_state.ts
@@ -22,7 +22,7 @@ import {
DEFAULT_TO,
DEFAULT_INTERVAL_TYPE,
DEFAULT_INTERVAL_VALUE,
-} from '../../common/constants';
+} from '../../../../../plugins/siem/common/constants';
export const mockGlobalState: State = {
app: {
diff --git a/x-pack/legacy/plugins/siem/public/mock/kibana_react.ts b/x-pack/legacy/plugins/siem/public/mock/kibana_react.ts
index 968ab6543f4fc..db7a931b3fb15 100644
--- a/x-pack/legacy/plugins/siem/public/mock/kibana_react.ts
+++ b/x-pack/legacy/plugins/siem/public/mock/kibana_react.ts
@@ -23,8 +23,8 @@ import {
DEFAULT_INTERVAL_PAUSE,
DEFAULT_INTERVAL_VALUE,
DEFAULT_BYTES_FORMAT,
-} from '../../common/constants';
-import { defaultIndexPattern } from '../../default_index_pattern';
+ DEFAULT_INDEX_PATTERN,
+} from '../../../../../plugins/siem/common/constants';
import { createKibanaCoreStartMock, createKibanaPluginsStartMock } from './kibana_core';
// eslint-disable-next-line @typescript-eslint/no-explicit-any
@@ -39,7 +39,7 @@ export const mockUiSettings: Record = {
pause: DEFAULT_INTERVAL_PAUSE,
value: DEFAULT_INTERVAL_VALUE,
},
- [DEFAULT_INDEX_KEY]: defaultIndexPattern,
+ [DEFAULT_INDEX_KEY]: DEFAULT_INDEX_PATTERN,
[DEFAULT_BYTES_FORMAT]: '0,0.[0]b',
[DEFAULT_DATE_FORMAT_TZ]: 'UTC',
[DEFAULT_DATE_FORMAT]: 'MMM D, YYYY @ HH:mm:ss.SSS',
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals/signals_utility_bar/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals/signals_utility_bar/index.tsx
index 2000a699ab18d..847fcc7860085 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals/signals_utility_bar/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals/signals_utility_bar/index.tsx
@@ -7,6 +7,8 @@
import { isEmpty } from 'lodash/fp';
import React, { useCallback } from 'react';
import numeral from '@elastic/numeral';
+
+import { DEFAULT_NUMBER_FORMAT } from '../../../../../../../../../plugins/siem/common/constants';
import {
UtilityBar,
UtilityBarAction,
@@ -16,7 +18,6 @@ import {
} from '../../../../../components/utility_bar';
import * as i18n from './translations';
import { useUiSetting$ } from '../../../../../lib/kibana';
-import { DEFAULT_NUMBER_FORMAT } from '../../../../../../common/constants';
import { TimelineNonEcsData } from '../../../../../graphql/types';
import { UpdateSignalsStatus } from '../types';
import { FILTER_CLOSED, FILTER_OPEN } from '../signals_filter_group';
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/helpers.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/helpers.tsx
index 5c89a7e25b7a4..90bdd39e4a6fa 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/helpers.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/helpers.tsx
@@ -4,8 +4,8 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import { showAllOthersBucket } from '../../../../../../../../plugins/siem/common/constants';
import { HistogramData, SignalsAggregation, SignalsBucket, SignalsGroupBucket } from './types';
-import { showAllOthersBucket } from '../../../../../common/constants';
import { SignalSearchResponse } from '../../../../containers/detection_engine/signals/types';
import * as i18n from './translations';
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/index.tsx
index f2d722e5a66d7..e70ba804ec018 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/components/signals_histogram_panel/index.tsx
@@ -11,11 +11,11 @@ import styled from 'styled-components';
import { isEmpty } from 'lodash/fp';
import uuid from 'uuid';
+import { DEFAULT_NUMBER_FORMAT } from '../../../../../../../../plugins/siem/common/constants';
import { LegendItem } from '../../../../components/charts/draggable_legend_item';
import { escapeDataProviderId } from '../../../../components/drag_and_drop/helpers';
import { HeaderSection } from '../../../../components/header_section';
import { Filter, esQuery, Query } from '../../../../../../../../../src/plugins/data/public';
-import { DEFAULT_NUMBER_FORMAT } from '../../../../../common/constants';
import { useQuerySignals } from '../../../../containers/detection_engine/signals/use_query';
import { getDetectionEngineUrl } from '../../../../components/link_to';
import { defaultLegendColors } from '../../../../components/matrix_histogram/utils';
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/all/columns.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/all/columns.tsx
index 736d46909a238..0d633aa7a76ea 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/all/columns.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/all/columns.tsx
@@ -19,6 +19,7 @@ import { FormattedRelative } from '@kbn/i18n/react';
import * as H from 'history';
import React, { Dispatch } from 'react';
+import { isMlRule } from '../../../../../../../../plugins/siem/common/detection_engine/ml_helpers';
import { Rule, RuleStatus } from '../../../../containers/detection_engine/rules';
import { getEmptyTagValue } from '../../../../components/empty_value';
import { FormattedDate } from '../../../../components/formatted_date';
@@ -38,7 +39,6 @@ import {
import { Action } from './reducer';
import { LocalizedDateTooltip } from '../../../../components/localized_date_tooltip';
import * as detectionI18n from '../../translations';
-import { isMlRule } from '../../../../../common/detection_engine/ml_helpers';
export const getActions = (
dispatch: React.Dispatch,
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/helpers.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/helpers.tsx
index 79da7999b081a..5b7a85e23834d 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/helpers.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/helpers.tsx
@@ -19,9 +19,9 @@ import { isEmpty } from 'lodash/fp';
import React from 'react';
import styled from 'styled-components';
+import { RuleType } from '../../../../../../../../../plugins/siem/common/detection_engine/types';
import { esFilters } from '../../../../../../../../../../src/plugins/data/public';
-import { RuleType } from '../../../../../../common/detection_engine/types';
import { tacticsOptions, techniquesOptions } from '../../../mitre/mitre_tactics_techniques';
import * as i18n from './translations';
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.tsx
index 05e47225c8f4b..49977713a585a 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/index.tsx
@@ -9,13 +9,13 @@ import { isEmpty, chunk, get, pick, isNumber } from 'lodash/fp';
import React, { memo, useState } from 'react';
import styled from 'styled-components';
+import { RuleType } from '../../../../../../../../../plugins/siem/common/detection_engine/types';
import {
IIndexPattern,
Filter,
esFilters,
FilterManager,
} from '../../../../../../../../../../src/plugins/data/public';
-import { RuleType } from '../../../../../../common/detection_engine/types';
import { DEFAULT_TIMELINE_TITLE } from '../../../../../components/timeline/translations';
import { useKibana } from '../../../../../lib/kibana';
import { IMitreEnterpriseAttack } from '../../types';
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/ml_job_description.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/ml_job_description.tsx
index 1664ea320bc1e..5e8681a90d428 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/ml_job_description.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/description_step/ml_job_description.tsx
@@ -8,11 +8,11 @@ import React from 'react';
import styled from 'styled-components';
import { EuiBadge, EuiIcon, EuiLink, EuiToolTip } from '@elastic/eui';
+import { isJobStarted } from '../../../../../../../../../plugins/siem/common/detection_engine/ml_helpers';
import { useKibana } from '../../../../../lib/kibana';
import { SiemJob } from '../../../../../components/ml_popover/types';
import { ListItems } from './types';
import { ML_JOB_STARTED, ML_JOB_STOPPED } from './translations';
-import { isJobStarted } from '../../../../../../common/detection_engine/ml_helpers';
enum MessageLevels {
info = 'info',
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/ml_job_select/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/ml_job_select/index.tsx
index 794edf0ab5de7..82350150488d0 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/ml_job_select/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/ml_job_select/index.tsx
@@ -17,6 +17,7 @@ import {
} from '@elastic/eui';
import styled from 'styled-components';
+import { isJobStarted } from '../../../../../../../../../plugins/siem/common/detection_engine/ml_helpers';
import { FieldHook, getFieldValidityAndErrorMessage } from '../../../../../shared_imports';
import { useSiemJobs } from '../../../../../components/ml_popover/hooks/use_siem_jobs';
import { useKibana } from '../../../../../lib/kibana';
@@ -24,7 +25,6 @@ import {
ML_JOB_SELECT_PLACEHOLDER_TEXT,
ENABLE_ML_JOB_WARNING,
} from '../step_define_rule/translations';
-import { isJobStarted } from '../../../../../../common/detection_engine/ml_helpers';
const HelpTextWarningContainer = styled.div`
margin-top: 10px;
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/rule_actions_field/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/rule_actions_field/index.tsx
index a746d381c494c..b4d813c48b43f 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/rule_actions_field/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/rule_actions_field/index.tsx
@@ -7,6 +7,7 @@
import React, { useCallback, useEffect, useState } from 'react';
import deepMerge from 'deepmerge';
+import { NOTIFICATION_SUPPORTED_ACTION_TYPES_IDS } from '../../../../../../../../../plugins/siem/common/constants';
// eslint-disable-next-line @kbn/eslint/no-restricted-paths
import { loadActionTypes } from '../../../../../../../../../plugins/triggers_actions_ui/public/application/lib/action_connector_api';
import { SelectField } from '../../../../../shared_imports';
@@ -16,7 +17,6 @@ import {
} from '../../../../../../../../../plugins/triggers_actions_ui/public';
import { AlertAction } from '../../../../../../../../../plugins/alerting/common';
import { useKibana } from '../../../../../lib/kibana';
-import { NOTIFICATION_SUPPORTED_ACTION_TYPES_IDS } from '../../../../../../common/constants';
type ThrottleSelectField = typeof SelectField;
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/select_rule_type/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/select_rule_type/index.tsx
index 6f3d299da8d45..2b1e5a367a965 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/select_rule_type/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/select_rule_type/index.tsx
@@ -16,8 +16,8 @@ import {
EuiText,
} from '@elastic/eui';
-import { isMlRule } from '../../../../../../common/detection_engine/ml_helpers';
-import { RuleType } from '../../../../../../common/detection_engine/types';
+import { isMlRule } from '../../../../../../../../../plugins/siem/common/detection_engine/ml_helpers';
+import { RuleType } from '../../../../../../../../../plugins/siem/common/detection_engine/types';
import { FieldHook } from '../../../../../shared_imports';
import { useKibana } from '../../../../../lib/kibana';
import * as i18n from './translations';
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_define_rule/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_define_rule/index.tsx
index 05043e5b96a30..be9e919b806b5 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_define_rule/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_define_rule/index.tsx
@@ -9,10 +9,10 @@ import React, { FC, memo, useCallback, useState, useEffect } from 'react';
import styled from 'styled-components';
import deepEqual from 'fast-deep-equal';
+import { DEFAULT_INDEX_KEY } from '../../../../../../../../../plugins/siem/common/constants';
+import { isMlRule } from '../../../../../../../../../plugins/siem/common/detection_engine/ml_helpers';
import { IIndexPattern } from '../../../../../../../../../../src/plugins/data/public';
import { useFetchIndexPatterns } from '../../../../../containers/detection_engine/rules';
-import { DEFAULT_INDEX_KEY } from '../../../../../../common/constants';
-import { isMlRule } from '../../../../../../common/detection_engine/ml_helpers';
import { DEFAULT_TIMELINE_TITLE } from '../../../../../components/timeline/translations';
import { useMlCapabilities } from '../../../../../components/ml_popover/hooks/use_ml_capabilities';
import { useUiSetting$ } from '../../../../../lib/kibana';
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_define_rule/schema.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_define_rule/schema.tsx
index 4a132f94a9871..629c6758a1414 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_define_rule/schema.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/step_define_rule/schema.tsx
@@ -9,8 +9,8 @@ import { EuiText } from '@elastic/eui';
import { isEmpty } from 'lodash/fp';
import React from 'react';
+import { isMlRule } from '../../../../../../../../../plugins/siem/common/detection_engine/ml_helpers';
import { esKuery } from '../../../../../../../../../../src/plugins/data/public';
-import { isMlRule } from '../../../../../../common/detection_engine/ml_helpers';
import { FieldValueQueryBar } from '../query_bar';
import {
ERROR_CODE,
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/throttle_select_field/index.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/throttle_select_field/index.tsx
index 0cf15c41a0f91..3b297a623e34d 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/throttle_select_field/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/components/throttle_select_field/index.tsx
@@ -9,7 +9,7 @@ import React, { useCallback } from 'react';
import {
NOTIFICATION_THROTTLE_RULE,
NOTIFICATION_THROTTLE_NO_ACTIONS,
-} from '../../../../../../common/constants';
+} from '../../../../../../../../../plugins/siem/common/constants';
import { SelectField } from '../../../../../shared_imports';
export const THROTTLE_OPTIONS = [
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/create/helpers.ts b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/create/helpers.ts
index 7ad116c313361..a65e8178f75c4 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/create/helpers.ts
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/create/helpers.ts
@@ -8,10 +8,10 @@ import { has, isEmpty } from 'lodash/fp';
import moment from 'moment';
import deepmerge from 'deepmerge';
-import { NOTIFICATION_THROTTLE_NO_ACTIONS } from '../../../../../common/constants';
-import { transformAlertToRuleAction } from '../../../../../common/detection_engine/transform_actions';
-import { RuleType } from '../../../../../common/detection_engine/types';
-import { isMlRule } from '../../../../../common/detection_engine/ml_helpers';
+import { NOTIFICATION_THROTTLE_NO_ACTIONS } from '../../../../../../../../plugins/siem/common/constants';
+import { transformAlertToRuleAction } from '../../../../../../../../plugins/siem/common/detection_engine/transform_actions';
+import { RuleType } from '../../../../../../../../plugins/siem/common/detection_engine/types';
+import { isMlRule } from '../../../../../../../../plugins/siem/common/detection_engine/ml_helpers';
import { NewRule } from '../../../../containers/detection_engine/rules';
import {
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/helpers.tsx b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/helpers.tsx
index 58a1b0fd3133e..7bea41c2ab4d5 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/helpers.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/helpers.tsx
@@ -10,9 +10,12 @@ import moment from 'moment';
import memoizeOne from 'memoize-one';
import { useLocation } from 'react-router-dom';
-import { RuleAlertAction, RuleType } from '../../../../common/detection_engine/types';
-import { isMlRule } from '../../../../common/detection_engine/ml_helpers';
-import { transformRuleToAlertAction } from '../../../../common/detection_engine/transform_actions';
+import {
+ RuleAlertAction,
+ RuleType,
+} from '../../../../../../../plugins/siem/common/detection_engine/types';
+import { isMlRule } from '../../../../../../../plugins/siem/common/detection_engine/ml_helpers';
+import { transformRuleToAlertAction } from '../../../../../../../plugins/siem/common/detection_engine/transform_actions';
import { Filter } from '../../../../../../../../src/plugins/data/public';
import { Rule } from '../../../containers/detection_engine/rules';
import { FormData, FormHook, FormSchema } from '../../../shared_imports';
diff --git a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/types.ts b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/types.ts
index 1c366e6640b29..380ef52190349 100644
--- a/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/types.ts
+++ b/x-pack/legacy/plugins/siem/public/pages/detection_engine/rules/types.ts
@@ -4,8 +4,11 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import {
+ RuleAlertAction,
+ RuleType,
+} from '../../../../../../../plugins/siem/common/detection_engine/types';
import { AlertAction } from '../../../../../../../plugins/alerting/common';
-import { RuleAlertAction, RuleType } from '../../../../common/detection_engine/types';
import { Filter } from '../../../../../../../../src/plugins/data/common';
import { FieldValueQueryBar } from './components/query_bar';
import { FormData, FormHook } from '../../../shared_imports';
diff --git a/x-pack/legacy/plugins/siem/public/pages/hosts/navigation/types.ts b/x-pack/legacy/plugins/siem/public/pages/hosts/navigation/types.ts
index cb5fc62b96582..207b86fee02b9 100644
--- a/x-pack/legacy/plugins/siem/public/pages/hosts/navigation/types.ts
+++ b/x-pack/legacy/plugins/siem/public/pages/hosts/navigation/types.ts
@@ -4,9 +4,9 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import { ESTermQuery } from '../../../../../../../plugins/siem/common/typed_json';
import { Filter, IIndexPattern } from '../../../../../../../../src/plugins/data/public';
import { NarrowDateRange } from '../../../components/ml/types';
-import { ESTermQuery } from '../../../../common/typed_json';
import { InspectQuery, Refetch } from '../../../store/inputs/model';
import { HostsTableType, HostsType } from '../../../store/hosts/model';
diff --git a/x-pack/legacy/plugins/siem/public/pages/network/ip_details/types.ts b/x-pack/legacy/plugins/siem/public/pages/network/ip_details/types.ts
index ef989fb64eabe..efd9c644ec6b6 100644
--- a/x-pack/legacy/plugins/siem/public/pages/network/ip_details/types.ts
+++ b/x-pack/legacy/plugins/siem/public/pages/network/ip_details/types.ts
@@ -6,8 +6,8 @@
import { IIndexPattern } from 'src/plugins/data/public';
+import { ESTermQuery } from '../../../../../../../plugins/siem/common/typed_json';
import { NetworkType } from '../../../store/network/model';
-import { ESTermQuery } from '../../../../common/typed_json';
import { InspectQuery, Refetch } from '../../../store/inputs/model';
import { FlowTarget, FlowTargetSourceDest } from '../../../graphql/types';
import { GlobalTimeArgs } from '../../../containers/global_time';
diff --git a/x-pack/legacy/plugins/siem/public/pages/network/navigation/types.ts b/x-pack/legacy/plugins/siem/public/pages/network/navigation/types.ts
index 222a99992917d..90c18b6ff69f4 100644
--- a/x-pack/legacy/plugins/siem/public/pages/network/navigation/types.ts
+++ b/x-pack/legacy/plugins/siem/public/pages/network/navigation/types.ts
@@ -4,12 +4,12 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import { ESTermQuery } from '../../../../../../../plugins/siem/common/typed_json';
import { IIndexPattern } from '../../../../../../../../src/plugins/data/common/';
import { NavTab } from '../../../components/navigation/types';
import { FlowTargetSourceDest } from '../../../graphql/types';
import { networkModel } from '../../../store';
-import { ESTermQuery } from '../../../../common/typed_json';
import { GlobalTimeArgs } from '../../../containers/global_time';
import { SetAbsoluteRangeDatePicker } from '../types';
diff --git a/x-pack/legacy/plugins/siem/public/pages/overview/alerts_by_category/index.tsx b/x-pack/legacy/plugins/siem/public/pages/overview/alerts_by_category/index.tsx
index 744102fbac4b3..8e09572cb2796 100644
--- a/x-pack/legacy/plugins/siem/public/pages/overview/alerts_by_category/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/overview/alerts_by_category/index.tsx
@@ -7,9 +7,9 @@
import { EuiButton } from '@elastic/eui';
import numeral from '@elastic/numeral';
import React, { useEffect, useMemo } from 'react';
-
import { Position } from '@elastic/charts';
-import { DEFAULT_NUMBER_FORMAT } from '../../../../common/constants';
+
+import { DEFAULT_NUMBER_FORMAT } from '../../../../../../../plugins/siem/common/constants';
import { SHOWING, UNIT } from '../../../components/alerts_viewer/translations';
import { getDetectionEngineAlertUrl } from '../../../components/link_to/redirect_to_detection_engine';
import { MatrixHistogramContainer } from '../../../components/matrix_histogram';
diff --git a/x-pack/legacy/plugins/siem/public/pages/overview/events_by_dataset/index.tsx b/x-pack/legacy/plugins/siem/public/pages/overview/events_by_dataset/index.tsx
index 485fec31db240..14cc29adb505a 100644
--- a/x-pack/legacy/plugins/siem/public/pages/overview/events_by_dataset/index.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/overview/events_by_dataset/index.tsx
@@ -10,7 +10,7 @@ import numeral from '@elastic/numeral';
import React, { useEffect, useMemo } from 'react';
import uuid from 'uuid';
-import { DEFAULT_NUMBER_FORMAT } from '../../../../common/constants';
+import { DEFAULT_NUMBER_FORMAT } from '../../../../../../../plugins/siem/common/constants';
import { SHOWING, UNIT } from '../../../components/events_viewer/translations';
import { getTabsOnHostsUrl } from '../../../components/link_to/redirect_to_hosts';
import { MatrixHistogramContainer } from '../../../components/matrix_histogram';
diff --git a/x-pack/legacy/plugins/siem/public/pages/overview/sidebar/sidebar.tsx b/x-pack/legacy/plugins/siem/public/pages/overview/sidebar/sidebar.tsx
index 52e36b472a0ec..4d4d96803cd65 100644
--- a/x-pack/legacy/plugins/siem/public/pages/overview/sidebar/sidebar.tsx
+++ b/x-pack/legacy/plugins/siem/public/pages/overview/sidebar/sidebar.tsx
@@ -8,9 +8,12 @@ import { EuiFlexGroup, EuiFlexItem, EuiSpacer } from '@elastic/eui';
import React, { useMemo } from 'react';
import styled from 'styled-components';
+import {
+ ENABLE_NEWS_FEED_SETTING,
+ NEWS_FEED_URL_SETTING,
+} from '../../../../../../../plugins/siem/common/constants';
import { Filters as RecentCasesFilters } from '../../../components/recent_cases/filters';
import { Filters as RecentTimelinesFilters } from '../../../components/recent_timelines/filters';
-import { ENABLE_NEWS_FEED_SETTING, NEWS_FEED_URL_SETTING } from '../../../../common/constants';
import { StatefulRecentCases } from '../../../components/recent_cases';
import { StatefulRecentTimelines } from '../../../components/recent_timelines';
import { StatefulNewsFeed } from '../../../components/news_feed';
diff --git a/x-pack/legacy/plugins/siem/public/register_feature.ts b/x-pack/legacy/plugins/siem/public/register_feature.ts
index ca7a22408b6ff..b5e8f78ebc560 100644
--- a/x-pack/legacy/plugins/siem/public/register_feature.ts
+++ b/x-pack/legacy/plugins/siem/public/register_feature.ts
@@ -6,7 +6,7 @@
import { npSetup } from 'ui/new_platform';
import { FeatureCatalogueCategory } from '../../../../../src/plugins/home/public';
-import { APP_ID } from '../common/constants';
+import { APP_ID } from '../../../../plugins/siem/common/constants';
// TODO(rylnd): move this into Plugin.setup once we're on NP
npSetup.plugins.home.featureCatalogue.register({
diff --git a/x-pack/legacy/plugins/siem/public/store/inputs/model.ts b/x-pack/legacy/plugins/siem/public/store/inputs/model.ts
index 04facf3b98c3b..e851caf523eb4 100644
--- a/x-pack/legacy/plugins/siem/public/store/inputs/model.ts
+++ b/x-pack/legacy/plugins/siem/public/store/inputs/model.ts
@@ -5,7 +5,6 @@
*/
import { Dispatch } from 'redux';
-import { Omit } from '../../../common/utility_types';
import { InputsModelId } from './constants';
import { CONSTANTS } from '../../components/url_state/constants';
import { Query, Filter, SavedQuery } from '../../../../../../../src/plugins/data/public';
diff --git a/x-pack/legacy/plugins/siem/public/utils/default_date_settings.test.ts b/x-pack/legacy/plugins/siem/public/utils/default_date_settings.test.ts
index 9dc179ba7a6e2..bb66067512d1f 100644
--- a/x-pack/legacy/plugins/siem/public/utils/default_date_settings.test.ts
+++ b/x-pack/legacy/plugins/siem/public/utils/default_date_settings.test.ts
@@ -21,7 +21,7 @@ import {
DEFAULT_INTERVAL_PAUSE,
DEFAULT_INTERVAL_VALUE,
DEFAULT_INTERVAL_TYPE,
-} from '../../common/constants';
+} from '../../../../../plugins/siem/common/constants';
import { KibanaServices } from '../lib/kibana';
import { Policy } from '../store/inputs/model';
@@ -30,7 +30,7 @@ import { Policy } from '../store/inputs/model';
// we have to repeat ourselves once
const DEFAULT_FROM_DATE = '1983-05-31T13:03:54.234Z';
const DEFAULT_TO_DATE = '1990-05-31T13:03:54.234Z';
-jest.mock('../../common/constants', () => ({
+jest.mock('../../../../../plugins/siem/common/constants', () => ({
DEFAULT_FROM: '1983-05-31T13:03:54.234Z',
DEFAULT_TO: '1990-05-31T13:03:54.234Z',
DEFAULT_INTERVAL_PAUSE: true,
diff --git a/x-pack/legacy/plugins/siem/public/utils/default_date_settings.ts b/x-pack/legacy/plugins/siem/public/utils/default_date_settings.ts
index c4869a4851ae5..89f7d34d85131 100644
--- a/x-pack/legacy/plugins/siem/public/utils/default_date_settings.ts
+++ b/x-pack/legacy/plugins/siem/public/utils/default_date_settings.ts
@@ -15,7 +15,7 @@ import {
DEFAULT_TO,
DEFAULT_INTERVAL_TYPE,
DEFAULT_INTERVAL_VALUE,
-} from '../../common/constants';
+} from '../../../../../plugins/siem/common/constants';
import { KibanaServices } from '../lib/kibana';
import { Policy } from '../store/inputs/model';
diff --git a/x-pack/legacy/plugins/siem/reporter_config.json b/x-pack/legacy/plugins/siem/reporter_config.json
deleted file mode 100644
index dda68d501f975..0000000000000
--- a/x-pack/legacy/plugins/siem/reporter_config.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
- "reporterEnabled": "mochawesome, mocha-junit-reporter",
- "reporterOptions": {
- "html": false,
- "json": true,
- "mochaFile": "../../../../target/kibana-siem/cypress/results/TEST-siem-cypress-[hash].xml",
- "overwrite": false,
- "reportDir": "../../../../target/kibana-siem/cypress/results"
- }
-}
diff --git a/x-pack/legacy/plugins/siem/server/index.ts b/x-pack/legacy/plugins/siem/server/index.ts
deleted file mode 100644
index 8513f871cb6c1..0000000000000
--- a/x-pack/legacy/plugins/siem/server/index.ts
+++ /dev/null
@@ -1,12 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License;
- * you may not use this file except in compliance with the Elastic License.
- */
-
-import { PluginInitializerContext } from '../../../../../src/core/server';
-import { Plugin } from './plugin';
-
-export const plugin = (context: PluginInitializerContext) => {
- return new Plugin(context);
-};
diff --git a/x-pack/legacy/plugins/siem/server/plugin.ts b/x-pack/legacy/plugins/siem/server/plugin.ts
deleted file mode 100644
index 13b58fa1d57eb..0000000000000
--- a/x-pack/legacy/plugins/siem/server/plugin.ts
+++ /dev/null
@@ -1,200 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License;
- * you may not use this file except in compliance with the Elastic License.
- */
-
-import { i18n } from '@kbn/i18n';
-
-import {
- PluginStartContract as AlertingStart,
- PluginSetupContract as AlertingSetup,
-} from '../../../../plugins/alerting/server';
-import {
- CoreSetup,
- CoreStart,
- PluginInitializerContext,
- Logger,
-} from '../../../../../src/core/server';
-import { SecurityPluginSetup as SecuritySetup } from '../../../../plugins/security/server';
-import { PluginSetupContract as FeaturesSetup } from '../../../../plugins/features/server';
-import { MlPluginSetup as MlSetup } from '../../../../plugins/ml/server';
-import { EncryptedSavedObjectsPluginSetup as EncryptedSavedObjectsSetup } from '../../../../plugins/encrypted_saved_objects/server';
-import { SpacesPluginSetup as SpacesSetup } from '../../../../plugins/spaces/server';
-import { PluginStartContract as ActionsStart } from '../../../../plugins/actions/server';
-import { LicensingPluginSetup } from '../../../../plugins/licensing/server';
-import { LegacyServices } from './types';
-import { initServer } from './init_server';
-import { compose } from './lib/compose/kibana';
-import { initRoutes } from './routes';
-import { isAlertExecutor } from './lib/detection_engine/signals/types';
-import { signalRulesAlertType } from './lib/detection_engine/signals/signal_rule_alert_type';
-import { rulesNotificationAlertType } from './lib/detection_engine/notifications/rules_notification_alert_type';
-import { isNotificationAlertExecutor } from './lib/detection_engine/notifications/types';
-import {
- noteSavedObjectType,
- pinnedEventSavedObjectType,
- timelineSavedObjectType,
- ruleStatusSavedObjectType,
- ruleActionsSavedObjectType,
-} from './saved_objects';
-import { SiemClientFactory } from './client';
-import { hasListsFeature, listsEnvFeatureFlagName } from './lib/detection_engine/feature_flags';
-
-export { CoreSetup, CoreStart };
-
-export interface SetupPlugins {
- alerting: AlertingSetup;
- encryptedSavedObjects: EncryptedSavedObjectsSetup;
- features: FeaturesSetup;
- licensing: LicensingPluginSetup;
- security?: SecuritySetup;
- spaces?: SpacesSetup;
- ml?: MlSetup;
-}
-
-export interface StartPlugins {
- actions: ActionsStart;
- alerting: AlertingStart;
-}
-
-export class Plugin {
- readonly name = 'siem';
- private readonly logger: Logger;
- private context: PluginInitializerContext;
- private siemClientFactory: SiemClientFactory;
-
- constructor(context: PluginInitializerContext) {
- this.context = context;
- this.logger = context.logger.get('plugins', this.name);
- this.siemClientFactory = new SiemClientFactory();
-
- this.logger.debug('Shim plugin initialized');
- }
-
- public setup(core: CoreSetup, plugins: SetupPlugins, __legacy: LegacyServices) {
- this.logger.debug('Shim plugin setup');
- if (hasListsFeature()) {
- // TODO: Remove this once we have the lists feature supported
- this.logger.error(
- `You have activated the lists feature flag which is NOT currently supported for SIEM! You should turn this feature flag off immediately by un-setting the environment variable: ${listsEnvFeatureFlagName} and restarting Kibana`
- );
- }
-
- const router = core.http.createRouter();
- core.http.registerRouteHandlerContext(this.name, (context, request, response) => ({
- getSiemClient: () => this.siemClientFactory.create(request),
- }));
-
- this.siemClientFactory.setup({
- getSpaceId: plugins.spaces?.spacesService?.getSpaceId,
- config: __legacy.config,
- });
-
- initRoutes(
- router,
- __legacy.config,
- plugins.encryptedSavedObjects?.usingEphemeralEncryptionKey ?? false,
- plugins.security
- );
-
- plugins.features.registerFeature({
- id: this.name,
- name: i18n.translate('xpack.siem.featureRegistry.linkSiemTitle', {
- defaultMessage: 'SIEM',
- }),
- order: 1100,
- icon: 'securityAnalyticsApp',
- navLinkId: 'siem',
- app: ['siem', 'kibana'],
- catalogue: ['siem'],
- privileges: {
- all: {
- app: ['siem', 'kibana'],
- catalogue: ['siem'],
- api: ['siem', 'actions-read', 'actions-all', 'alerting-read', 'alerting-all'],
- savedObject: {
- all: [
- 'alert',
- 'action',
- 'action_task_params',
- noteSavedObjectType,
- pinnedEventSavedObjectType,
- timelineSavedObjectType,
- ruleStatusSavedObjectType,
- ruleActionsSavedObjectType,
- 'cases',
- 'cases-comments',
- 'cases-configure',
- 'cases-user-actions',
- ],
- read: ['config'],
- },
- ui: [
- 'show',
- 'crud',
- 'alerting:show',
- 'actions:show',
- 'alerting:save',
- 'actions:save',
- 'alerting:delete',
- 'actions:delete',
- ],
- },
- read: {
- app: ['siem', 'kibana'],
- catalogue: ['siem'],
- api: ['siem', 'actions-read', 'actions-all', 'alerting-read', 'alerting-all'],
- savedObject: {
- all: ['alert', 'action', 'action_task_params'],
- read: [
- 'config',
- noteSavedObjectType,
- pinnedEventSavedObjectType,
- timelineSavedObjectType,
- ruleStatusSavedObjectType,
- ruleActionsSavedObjectType,
- 'cases',
- 'cases-comments',
- 'cases-configure',
- 'cases-user-actions',
- ],
- },
- ui: [
- 'show',
- 'alerting:show',
- 'actions:show',
- 'alerting:save',
- 'actions:save',
- 'alerting:delete',
- 'actions:delete',
- ],
- },
- },
- });
-
- if (plugins.alerting != null) {
- const signalRuleType = signalRulesAlertType({
- logger: this.logger,
- version: this.context.env.packageInfo.version,
- ml: plugins.ml,
- });
- const ruleNotificationType = rulesNotificationAlertType({
- logger: this.logger,
- });
-
- if (isAlertExecutor(signalRuleType)) {
- plugins.alerting.registerType(signalRuleType);
- }
-
- if (isNotificationAlertExecutor(ruleNotificationType)) {
- plugins.alerting.registerType(ruleNotificationType);
- }
- }
-
- const libs = compose(core, plugins, this.context.env.mode.prod);
- initServer(libs);
- }
-
- public start(core: CoreStart, plugins: StartPlugins) {}
-}
diff --git a/x-pack/legacy/plugins/siem/tsconfig.json b/x-pack/legacy/plugins/siem/tsconfig.json
deleted file mode 100644
index b027bb4567b97..0000000000000
--- a/x-pack/legacy/plugins/siem/tsconfig.json
+++ /dev/null
@@ -1,3 +0,0 @@
-{
- "extends": "../../../tsconfig.json"
-}
\ No newline at end of file
diff --git a/x-pack/plugins/siem/.gitattributes b/x-pack/plugins/siem/.gitattributes
new file mode 100644
index 0000000000000..96ab5dadbda10
--- /dev/null
+++ b/x-pack/plugins/siem/.gitattributes
@@ -0,0 +1,4 @@
+# Auto-collapse generated files in GitHub
+# https://help.github.com/en/articles/customizing-how-changed-files-appear-on-github
+x-pack/plugins/siem/server/graphql/types.ts linguist-generated=true
+
diff --git a/x-pack/legacy/plugins/siem/common/constants.ts b/x-pack/plugins/siem/common/constants.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/common/constants.ts
rename to x-pack/plugins/siem/common/constants.ts
index e0acc7ecfe036..edde5c6b8fa0d 100644
--- a/x-pack/legacy/plugins/siem/common/constants.ts
+++ b/x-pack/plugins/siem/common/constants.ts
@@ -29,6 +29,16 @@ export const DEFAULT_INTERVAL_TYPE = 'manual';
export const DEFAULT_INTERVAL_VALUE = 300000; // ms
export const DEFAULT_TIMEPICKER_QUICK_RANGES = 'timepicker:quickRanges';
+/** The comma-delimited list of Elasticsearch indices from which the SIEM app collects events */
+export const DEFAULT_INDEX_PATTERN = [
+ 'apm-*-transaction*',
+ 'auditbeat-*',
+ 'endgame-*',
+ 'filebeat-*',
+ 'packetbeat-*',
+ 'winlogbeat-*',
+];
+
/** This Kibana Advanced Setting enables the `Security news` feed widget */
export const ENABLE_NEWS_FEED_SETTING = 'siem:enableNewsFeed';
diff --git a/x-pack/legacy/plugins/siem/default_index_pattern.ts b/x-pack/plugins/siem/common/default_index_pattern.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/default_index_pattern.ts
rename to x-pack/plugins/siem/common/default_index_pattern.ts
diff --git a/x-pack/legacy/plugins/siem/common/detection_engine/ml_helpers.test.ts b/x-pack/plugins/siem/common/detection_engine/ml_helpers.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/common/detection_engine/ml_helpers.test.ts
rename to x-pack/plugins/siem/common/detection_engine/ml_helpers.test.ts
diff --git a/x-pack/legacy/plugins/siem/common/detection_engine/ml_helpers.ts b/x-pack/plugins/siem/common/detection_engine/ml_helpers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/common/detection_engine/ml_helpers.ts
rename to x-pack/plugins/siem/common/detection_engine/ml_helpers.ts
diff --git a/x-pack/legacy/plugins/siem/common/detection_engine/transform_actions.test.ts b/x-pack/plugins/siem/common/detection_engine/transform_actions.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/common/detection_engine/transform_actions.test.ts
rename to x-pack/plugins/siem/common/detection_engine/transform_actions.test.ts
diff --git a/x-pack/legacy/plugins/siem/common/detection_engine/transform_actions.ts b/x-pack/plugins/siem/common/detection_engine/transform_actions.ts
similarity index 90%
rename from x-pack/legacy/plugins/siem/common/detection_engine/transform_actions.ts
rename to x-pack/plugins/siem/common/detection_engine/transform_actions.ts
index aeb4d53933022..4ce3823575833 100644
--- a/x-pack/legacy/plugins/siem/common/detection_engine/transform_actions.ts
+++ b/x-pack/plugins/siem/common/detection_engine/transform_actions.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertAction } from '../../../../../plugins/alerting/common';
+import { AlertAction } from '../../../alerting/common';
import { RuleAlertAction } from './types';
export const transformRuleToAlertAction = ({
diff --git a/x-pack/legacy/plugins/siem/common/detection_engine/types.ts b/x-pack/plugins/siem/common/detection_engine/types.ts
similarity index 88%
rename from x-pack/legacy/plugins/siem/common/detection_engine/types.ts
rename to x-pack/plugins/siem/common/detection_engine/types.ts
index 39012d0b4b683..5a91cfd4809c6 100644
--- a/x-pack/legacy/plugins/siem/common/detection_engine/types.ts
+++ b/x-pack/plugins/siem/common/detection_engine/types.ts
@@ -5,7 +5,7 @@
*/
import * as t from 'io-ts';
-import { AlertAction } from '../../../../../plugins/alerting/common';
+import { AlertAction } from '../../../alerting/common';
export type RuleAlertAction = Omit & {
action_type_id: string;
diff --git a/x-pack/legacy/plugins/siem/common/graphql/root/index.ts b/x-pack/plugins/siem/common/graphql/root/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/common/graphql/root/index.ts
rename to x-pack/plugins/siem/common/graphql/root/index.ts
diff --git a/x-pack/legacy/plugins/siem/common/graphql/root/schema.gql.ts b/x-pack/plugins/siem/common/graphql/root/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/common/graphql/root/schema.gql.ts
rename to x-pack/plugins/siem/common/graphql/root/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/common/graphql/shared/index.ts b/x-pack/plugins/siem/common/graphql/shared/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/common/graphql/shared/index.ts
rename to x-pack/plugins/siem/common/graphql/shared/index.ts
diff --git a/x-pack/legacy/plugins/siem/common/graphql/shared/schema.gql.ts b/x-pack/plugins/siem/common/graphql/shared/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/common/graphql/shared/schema.gql.ts
rename to x-pack/plugins/siem/common/graphql/shared/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/common/typed_json.ts b/x-pack/plugins/siem/common/typed_json.ts
similarity index 91%
rename from x-pack/legacy/plugins/siem/common/typed_json.ts
rename to x-pack/plugins/siem/common/typed_json.ts
index dcd26d176d746..62e7319e091cb 100644
--- a/x-pack/legacy/plugins/siem/common/typed_json.ts
+++ b/x-pack/plugins/siem/common/typed_json.ts
@@ -3,7 +3,7 @@
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/
-import { JsonObject } from '../../../../../src/plugins/kibana_utils/public';
+import { JsonObject } from '../../../../src/plugins/kibana_utils/public';
export type ESQuery = ESRangeQuery | ESQueryStringQuery | ESMatchQuery | ESTermQuery | JsonObject;
diff --git a/x-pack/legacy/plugins/siem/common/utility_types.ts b/x-pack/plugins/siem/common/utility_types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/common/utility_types.ts
rename to x-pack/plugins/siem/common/utility_types.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/.eslintrc.json b/x-pack/plugins/siem/cypress/.eslintrc.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/.eslintrc.json
rename to x-pack/plugins/siem/cypress/.eslintrc.json
diff --git a/x-pack/legacy/plugins/siem/cypress/.gitignore b/x-pack/plugins/siem/cypress/.gitignore
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/.gitignore
rename to x-pack/plugins/siem/cypress/.gitignore
diff --git a/x-pack/legacy/plugins/siem/cypress/README.md b/x-pack/plugins/siem/cypress/README.md
similarity index 93%
rename from x-pack/legacy/plugins/siem/cypress/README.md
rename to x-pack/plugins/siem/cypress/README.md
index 89bafce9c9dc8..d84c66fec1c3a 100644
--- a/x-pack/legacy/plugins/siem/cypress/README.md
+++ b/x-pack/plugins/siem/cypress/README.md
@@ -124,7 +124,7 @@ yarn kbn bootstrap
2. Launch Cypress command line test runner:
```sh
-cd x-pack/legacy/plugins/siem
+cd x-pack/plugins/siem
yarn cypress:run-as-ci
```
@@ -193,15 +193,15 @@ We are using es_archiver in order to manage the data that our Cypress tests need
1. Setup if possible a clean instance of kibana and elasticsearch (if not, possible please try to clean the data that you are going to generate).
2. With the kibana and elasticsearch instance up and running, create the data that you need for your test.
-3. When you are sure that you have all the data you need run the following command from: `x-pack/legacy/plugins/siem`
+3. When you are sure that you have all the data you need run the following command from: `x-pack/plugins/siem`
```sh
-node ../../../../scripts/es_archiver save --dir ../../../test/siem_cypress/es_archives --config ../../../../test/functional/config.js --es-url http://:@:
+node ../../../scripts/es_archiver save --dir ../../test/siem_cypress/es_archives --config ../../../test/functional/config.js --es-url http://:@:
```
Example:
```sh
-node ../../../../scripts/es_archiver save custom_rules ".kibana",".siem-signal*" --dir ../../../test/siem_cypress/es_archives --config ../../../../test/functional/config.js --es-url http://elastic:changeme@localhost:9220
+node ../../../scripts/es_archiver save custom_rules ".kibana",".siem-signal*" --dir ../../test/siem_cypress/es_archives --config ../../../test/functional/config.js --es-url http://elastic:changeme@localhost:9220
```
Note that the command is going to create the folder if does not exist in the directory with the imported data.
@@ -236,7 +236,7 @@ yarn start --no-base-path
`baseUrl`, as configured in `plugins/siem/cypress.json`:
```sh
-cd x-pack/legacy/plugins/siem
+cd x-pack/plugins/siem
yarn cypress:open
```
@@ -245,7 +245,7 @@ yarn cypress:open
test runner, as shown in the following example:
```sh
-cd x-pack/legacy/plugins/siem
+cd x-pack/plugins/siem
CYPRESS_baseUrl=http://localhost:5601 yarn cypress:open
```
@@ -253,7 +253,7 @@ CYPRESS_baseUrl=http://localhost:5601 yarn cypress:open
running tests interactively:
```sh
-cd x-pack/legacy/plugins/siem
+cd x-pack/plugins/siem
CYPRESS_baseUrl=http://localhost:5601 CYPRESS_ELASTICSEARCH_USERNAME=elastic CYPRESS_ELASTICSEARCH_PASSWORD= yarn cypress:open
```
@@ -285,7 +285,7 @@ yarn start --no-base-path
`baseUrl`, as configured in `plugins/siem/cypress.json`:
```sh
-cd x-pack/legacy/plugins/siem
+cd x-pack/plugins/siem
yarn cypress:run
```
@@ -294,7 +294,7 @@ yarn cypress:run
the following example:
```sh
-cd x-pack/legacy/plugins/siem
+cd x-pack/plugins/siem
CYPRESS_baseUrl=http://localhost:5601 yarn cypress:run
```
@@ -302,7 +302,7 @@ CYPRESS_baseUrl=http://localhost:5601 yarn cypress:run
running via the command line:
```sh
-cd x-pack/legacy/plugins/siem
+cd x-pack/plugins/siem
CYPRESS_baseUrl=http://localhost:5601 CYPRESS_ELASTICSEARCH_USERNAME=elastic CYPRESS_ELASTICSEARCH_PASSWORD= yarn cypress:run
```
diff --git a/x-pack/plugins/siem/cypress/cypress.json b/x-pack/plugins/siem/cypress/cypress.json
new file mode 100644
index 0000000000000..7a4efba8c2d64
--- /dev/null
+++ b/x-pack/plugins/siem/cypress/cypress.json
@@ -0,0 +1,8 @@
+{
+ "baseUrl": "http://localhost:5601",
+ "defaultCommandTimeout": 120000,
+ "screenshotsFolder": "../../../target/kibana-siem/cypress/screenshots",
+ "trashAssetsBeforeRuns": false,
+ "video": false,
+ "videosFolder": "../../../target/kibana-siem/cypress/videos"
+}
diff --git a/x-pack/legacy/plugins/siem/cypress/fixtures/overview.json b/x-pack/plugins/siem/cypress/fixtures/overview.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/fixtures/overview.json
rename to x-pack/plugins/siem/cypress/fixtures/overview.json
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/detections.spec.ts b/x-pack/plugins/siem/cypress/integration/detections.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/detections.spec.ts
rename to x-pack/plugins/siem/cypress/integration/detections.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/detections_timeline.spec.ts b/x-pack/plugins/siem/cypress/integration/detections_timeline.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/detections_timeline.spec.ts
rename to x-pack/plugins/siem/cypress/integration/detections_timeline.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/events_viewer.spec.ts b/x-pack/plugins/siem/cypress/integration/events_viewer.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/events_viewer.spec.ts
rename to x-pack/plugins/siem/cypress/integration/events_viewer.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/fields_browser.spec.ts b/x-pack/plugins/siem/cypress/integration/fields_browser.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/fields_browser.spec.ts
rename to x-pack/plugins/siem/cypress/integration/fields_browser.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/inspect.spec.ts b/x-pack/plugins/siem/cypress/integration/inspect.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/inspect.spec.ts
rename to x-pack/plugins/siem/cypress/integration/inspect.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/ml_conditional_links.spec.ts b/x-pack/plugins/siem/cypress/integration/ml_conditional_links.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/ml_conditional_links.spec.ts
rename to x-pack/plugins/siem/cypress/integration/ml_conditional_links.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/navigation.spec.ts b/x-pack/plugins/siem/cypress/integration/navigation.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/navigation.spec.ts
rename to x-pack/plugins/siem/cypress/integration/navigation.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/overview.spec.ts b/x-pack/plugins/siem/cypress/integration/overview.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/overview.spec.ts
rename to x-pack/plugins/siem/cypress/integration/overview.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/pagination.spec.ts b/x-pack/plugins/siem/cypress/integration/pagination.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/pagination.spec.ts
rename to x-pack/plugins/siem/cypress/integration/pagination.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/signal_detection_rules.spec.ts b/x-pack/plugins/siem/cypress/integration/signal_detection_rules.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/signal_detection_rules.spec.ts
rename to x-pack/plugins/siem/cypress/integration/signal_detection_rules.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/signal_detection_rules_custom.spec.ts b/x-pack/plugins/siem/cypress/integration/signal_detection_rules_custom.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/signal_detection_rules_custom.spec.ts
rename to x-pack/plugins/siem/cypress/integration/signal_detection_rules_custom.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/signal_detection_rules_ml.spec.ts b/x-pack/plugins/siem/cypress/integration/signal_detection_rules_ml.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/signal_detection_rules_ml.spec.ts
rename to x-pack/plugins/siem/cypress/integration/signal_detection_rules_ml.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/signal_detection_rules_prebuilt.spec.ts b/x-pack/plugins/siem/cypress/integration/signal_detection_rules_prebuilt.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/signal_detection_rules_prebuilt.spec.ts
rename to x-pack/plugins/siem/cypress/integration/signal_detection_rules_prebuilt.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/timeline_data_providers.spec.ts b/x-pack/plugins/siem/cypress/integration/timeline_data_providers.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/timeline_data_providers.spec.ts
rename to x-pack/plugins/siem/cypress/integration/timeline_data_providers.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/timeline_flyout_button.spec.ts b/x-pack/plugins/siem/cypress/integration/timeline_flyout_button.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/timeline_flyout_button.spec.ts
rename to x-pack/plugins/siem/cypress/integration/timeline_flyout_button.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/timeline_search_or_filter.spec.ts b/x-pack/plugins/siem/cypress/integration/timeline_search_or_filter.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/timeline_search_or_filter.spec.ts
rename to x-pack/plugins/siem/cypress/integration/timeline_search_or_filter.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/timeline_toggle_column.spec.ts b/x-pack/plugins/siem/cypress/integration/timeline_toggle_column.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/timeline_toggle_column.spec.ts
rename to x-pack/plugins/siem/cypress/integration/timeline_toggle_column.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/url_state.spec.ts b/x-pack/plugins/siem/cypress/integration/url_state.spec.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/integration/url_state.spec.ts
rename to x-pack/plugins/siem/cypress/integration/url_state.spec.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/objects/rule.ts b/x-pack/plugins/siem/cypress/objects/rule.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/objects/rule.ts
rename to x-pack/plugins/siem/cypress/objects/rule.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/objects/timeline.ts b/x-pack/plugins/siem/cypress/objects/timeline.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/objects/timeline.ts
rename to x-pack/plugins/siem/cypress/objects/timeline.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/plugins/index.js b/x-pack/plugins/siem/cypress/plugins/index.js
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/plugins/index.js
rename to x-pack/plugins/siem/cypress/plugins/index.js
diff --git a/x-pack/plugins/siem/cypress/reporter_config.json b/x-pack/plugins/siem/cypress/reporter_config.json
new file mode 100644
index 0000000000000..e7e08eeae1dab
--- /dev/null
+++ b/x-pack/plugins/siem/cypress/reporter_config.json
@@ -0,0 +1,10 @@
+{
+ "reporterEnabled": "mochawesome, mocha-junit-reporter",
+ "reporterOptions": {
+ "html": false,
+ "json": true,
+ "mochaFile": "../../../target/kibana-siem/cypress/results/TEST-siem-cypress-[hash].xml",
+ "overwrite": false,
+ "reportDir": "../../../target/kibana-siem/cypress/results"
+ }
+}
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/create_new_rule.ts b/x-pack/plugins/siem/cypress/screens/create_new_rule.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/create_new_rule.ts
rename to x-pack/plugins/siem/cypress/screens/create_new_rule.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/date_picker.ts b/x-pack/plugins/siem/cypress/screens/date_picker.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/date_picker.ts
rename to x-pack/plugins/siem/cypress/screens/date_picker.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/detections.ts b/x-pack/plugins/siem/cypress/screens/detections.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/detections.ts
rename to x-pack/plugins/siem/cypress/screens/detections.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/fields_browser.ts b/x-pack/plugins/siem/cypress/screens/fields_browser.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/fields_browser.ts
rename to x-pack/plugins/siem/cypress/screens/fields_browser.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/hosts/all_hosts.ts b/x-pack/plugins/siem/cypress/screens/hosts/all_hosts.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/hosts/all_hosts.ts
rename to x-pack/plugins/siem/cypress/screens/hosts/all_hosts.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/hosts/authentications.ts b/x-pack/plugins/siem/cypress/screens/hosts/authentications.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/hosts/authentications.ts
rename to x-pack/plugins/siem/cypress/screens/hosts/authentications.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/hosts/events.ts b/x-pack/plugins/siem/cypress/screens/hosts/events.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/hosts/events.ts
rename to x-pack/plugins/siem/cypress/screens/hosts/events.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/hosts/main.ts b/x-pack/plugins/siem/cypress/screens/hosts/main.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/hosts/main.ts
rename to x-pack/plugins/siem/cypress/screens/hosts/main.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/hosts/uncommon_processes.ts b/x-pack/plugins/siem/cypress/screens/hosts/uncommon_processes.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/hosts/uncommon_processes.ts
rename to x-pack/plugins/siem/cypress/screens/hosts/uncommon_processes.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/inspect.ts b/x-pack/plugins/siem/cypress/screens/inspect.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/inspect.ts
rename to x-pack/plugins/siem/cypress/screens/inspect.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/network/flows.ts b/x-pack/plugins/siem/cypress/screens/network/flows.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/network/flows.ts
rename to x-pack/plugins/siem/cypress/screens/network/flows.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/overview.ts b/x-pack/plugins/siem/cypress/screens/overview.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/overview.ts
rename to x-pack/plugins/siem/cypress/screens/overview.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/pagination.ts b/x-pack/plugins/siem/cypress/screens/pagination.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/pagination.ts
rename to x-pack/plugins/siem/cypress/screens/pagination.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/rule_details.ts b/x-pack/plugins/siem/cypress/screens/rule_details.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/rule_details.ts
rename to x-pack/plugins/siem/cypress/screens/rule_details.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/siem_header.ts b/x-pack/plugins/siem/cypress/screens/siem_header.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/siem_header.ts
rename to x-pack/plugins/siem/cypress/screens/siem_header.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/siem_main.ts b/x-pack/plugins/siem/cypress/screens/siem_main.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/siem_main.ts
rename to x-pack/plugins/siem/cypress/screens/siem_main.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/signal_detection_rules.ts b/x-pack/plugins/siem/cypress/screens/signal_detection_rules.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/signal_detection_rules.ts
rename to x-pack/plugins/siem/cypress/screens/signal_detection_rules.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/timeline.ts b/x-pack/plugins/siem/cypress/screens/timeline.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/screens/timeline.ts
rename to x-pack/plugins/siem/cypress/screens/timeline.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/support/commands.js b/x-pack/plugins/siem/cypress/support/commands.js
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/support/commands.js
rename to x-pack/plugins/siem/cypress/support/commands.js
diff --git a/x-pack/legacy/plugins/siem/cypress/support/index.d.ts b/x-pack/plugins/siem/cypress/support/index.d.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/support/index.d.ts
rename to x-pack/plugins/siem/cypress/support/index.d.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/support/index.js b/x-pack/plugins/siem/cypress/support/index.js
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/support/index.js
rename to x-pack/plugins/siem/cypress/support/index.js
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/common.ts b/x-pack/plugins/siem/cypress/tasks/common.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/common.ts
rename to x-pack/plugins/siem/cypress/tasks/common.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/create_new_rule.ts b/x-pack/plugins/siem/cypress/tasks/create_new_rule.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/create_new_rule.ts
rename to x-pack/plugins/siem/cypress/tasks/create_new_rule.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/date_picker.ts b/x-pack/plugins/siem/cypress/tasks/date_picker.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/date_picker.ts
rename to x-pack/plugins/siem/cypress/tasks/date_picker.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/detections.ts b/x-pack/plugins/siem/cypress/tasks/detections.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/detections.ts
rename to x-pack/plugins/siem/cypress/tasks/detections.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/es_archiver.ts b/x-pack/plugins/siem/cypress/tasks/es_archiver.ts
similarity index 53%
rename from x-pack/legacy/plugins/siem/cypress/tasks/es_archiver.ts
rename to x-pack/plugins/siem/cypress/tasks/es_archiver.ts
index 6417a7d872251..8a4ab8c819457 100644
--- a/x-pack/legacy/plugins/siem/cypress/tasks/es_archiver.ts
+++ b/x-pack/plugins/siem/cypress/tasks/es_archiver.ts
@@ -6,7 +6,7 @@
export const esArchiverLoadEmptyKibana = () => {
cy.exec(
- `node ../../../../scripts/es_archiver empty_kibana load empty--dir ../../../test/siem_cypress/es_archives --config ../../../../test/functional/config.js --es-url ${Cypress.env(
+ `node ../../../scripts/es_archiver empty_kibana load empty--dir ../../test/siem_cypress/es_archives --config ../../../test/functional/config.js --es-url ${Cypress.env(
'ELASTICSEARCH_URL'
)} --kibana-url ${Cypress.config().baseUrl}`
);
@@ -14,7 +14,7 @@ export const esArchiverLoadEmptyKibana = () => {
export const esArchiverLoad = (folder: string) => {
cy.exec(
- `node ../../../../scripts/es_archiver load ${folder} --dir ../../../test/siem_cypress/es_archives --config ../../../../test/functional/config.js --es-url ${Cypress.env(
+ `node ../../../scripts/es_archiver load ${folder} --dir ../../test/siem_cypress/es_archives --config ../../../test/functional/config.js --es-url ${Cypress.env(
'ELASTICSEARCH_URL'
)} --kibana-url ${Cypress.config().baseUrl}`
);
@@ -22,7 +22,7 @@ export const esArchiverLoad = (folder: string) => {
export const esArchiverUnload = (folder: string) => {
cy.exec(
- `node ../../../../scripts/es_archiver unload ${folder} --dir ../../../test/siem_cypress/es_archives --config ../../../../test/functional/config.js --es-url ${Cypress.env(
+ `node ../../../scripts/es_archiver unload ${folder} --dir ../../test/siem_cypress/es_archives --config ../../../test/functional/config.js --es-url ${Cypress.env(
'ELASTICSEARCH_URL'
)} --kibana-url ${Cypress.config().baseUrl}`
);
@@ -30,7 +30,7 @@ export const esArchiverUnload = (folder: string) => {
export const esArchiverUnloadEmptyKibana = () => {
cy.exec(
- `node ../../../../scripts/es_archiver unload empty_kibana empty--dir ../../../test/siem_cypress/es_archives --config ../../../../test/functional/config.js --es-url ${Cypress.env(
+ `node ../../../scripts/es_archiver unload empty_kibana empty--dir ../../test/siem_cypress/es_archives --config ../../../test/functional/config.js --es-url ${Cypress.env(
'ELASTICSEARCH_URL'
)} --kibana-url ${Cypress.config().baseUrl}`
);
@@ -38,7 +38,7 @@ export const esArchiverUnloadEmptyKibana = () => {
export const esArchiverResetKibana = () => {
cy.exec(
- `node ../../../../scripts/es_archiver empty-kibana-index --config ../../../../test/functional/config.js --es-url ${Cypress.env(
+ `node ../../../scripts/es_archiver empty-kibana-index --config ../../../test/functional/config.js --es-url ${Cypress.env(
'ELASTICSEARCH_URL'
)} --kibana-url ${Cypress.config().baseUrl}`
);
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/fields_browser.ts b/x-pack/plugins/siem/cypress/tasks/fields_browser.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/fields_browser.ts
rename to x-pack/plugins/siem/cypress/tasks/fields_browser.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/hosts/all_hosts.ts b/x-pack/plugins/siem/cypress/tasks/hosts/all_hosts.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/hosts/all_hosts.ts
rename to x-pack/plugins/siem/cypress/tasks/hosts/all_hosts.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/hosts/authentications.ts b/x-pack/plugins/siem/cypress/tasks/hosts/authentications.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/hosts/authentications.ts
rename to x-pack/plugins/siem/cypress/tasks/hosts/authentications.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/hosts/events.ts b/x-pack/plugins/siem/cypress/tasks/hosts/events.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/hosts/events.ts
rename to x-pack/plugins/siem/cypress/tasks/hosts/events.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/hosts/main.ts b/x-pack/plugins/siem/cypress/tasks/hosts/main.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/hosts/main.ts
rename to x-pack/plugins/siem/cypress/tasks/hosts/main.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/hosts/uncommon_processes.ts b/x-pack/plugins/siem/cypress/tasks/hosts/uncommon_processes.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/hosts/uncommon_processes.ts
rename to x-pack/plugins/siem/cypress/tasks/hosts/uncommon_processes.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/inspect.ts b/x-pack/plugins/siem/cypress/tasks/inspect.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/inspect.ts
rename to x-pack/plugins/siem/cypress/tasks/inspect.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/login.ts b/x-pack/plugins/siem/cypress/tasks/login.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/cypress/tasks/login.ts
rename to x-pack/plugins/siem/cypress/tasks/login.ts
index c7788b080d06e..1bbf41d05db00 100644
--- a/x-pack/legacy/plugins/siem/cypress/tasks/login.ts
+++ b/x-pack/plugins/siem/cypress/tasks/login.ts
@@ -10,7 +10,7 @@ import * as yaml from 'js-yaml';
* Credentials in the `kibana.dev.yml` config file will be used to authenticate
* with Kibana when credentials are not provided via environment variables
*/
-const KIBANA_DEV_YML_PATH = '../../../../config/kibana.dev.yml';
+const KIBANA_DEV_YML_PATH = '../../../config/kibana.dev.yml';
/**
* The configuration path in `kibana.dev.yml` to the username to be used when
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/network/flows.ts b/x-pack/plugins/siem/cypress/tasks/network/flows.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/network/flows.ts
rename to x-pack/plugins/siem/cypress/tasks/network/flows.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/overview.ts b/x-pack/plugins/siem/cypress/tasks/overview.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/overview.ts
rename to x-pack/plugins/siem/cypress/tasks/overview.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/pagination.ts b/x-pack/plugins/siem/cypress/tasks/pagination.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/pagination.ts
rename to x-pack/plugins/siem/cypress/tasks/pagination.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/siem_header.ts b/x-pack/plugins/siem/cypress/tasks/siem_header.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/siem_header.ts
rename to x-pack/plugins/siem/cypress/tasks/siem_header.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/siem_main.ts b/x-pack/plugins/siem/cypress/tasks/siem_main.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/siem_main.ts
rename to x-pack/plugins/siem/cypress/tasks/siem_main.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/signal_detection_rules.ts b/x-pack/plugins/siem/cypress/tasks/signal_detection_rules.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/signal_detection_rules.ts
rename to x-pack/plugins/siem/cypress/tasks/signal_detection_rules.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/timeline.ts b/x-pack/plugins/siem/cypress/tasks/timeline.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tasks/timeline.ts
rename to x-pack/plugins/siem/cypress/tasks/timeline.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/tsconfig.json b/x-pack/plugins/siem/cypress/tsconfig.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/tsconfig.json
rename to x-pack/plugins/siem/cypress/tsconfig.json
diff --git a/x-pack/legacy/plugins/siem/cypress/urls/ml_conditional_links.ts b/x-pack/plugins/siem/cypress/urls/ml_conditional_links.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/urls/ml_conditional_links.ts
rename to x-pack/plugins/siem/cypress/urls/ml_conditional_links.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/urls/navigation.ts b/x-pack/plugins/siem/cypress/urls/navigation.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/urls/navigation.ts
rename to x-pack/plugins/siem/cypress/urls/navigation.ts
diff --git a/x-pack/legacy/plugins/siem/cypress/urls/state.ts b/x-pack/plugins/siem/cypress/urls/state.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/cypress/urls/state.ts
rename to x-pack/plugins/siem/cypress/urls/state.ts
diff --git a/x-pack/plugins/siem/kibana.json b/x-pack/plugins/siem/kibana.json
index 2bc33b87a1b43..1eb1a7dbde876 100644
--- a/x-pack/plugins/siem/kibana.json
+++ b/x-pack/plugins/siem/kibana.json
@@ -3,6 +3,8 @@
"version": "8.0.0",
"kibanaVersion": "kibana",
"configPath": ["xpack", "siem"],
+ "requiredPlugins": ["actions", "alerting", "features", "licensing"],
+ "optionalPlugins": ["encryptedSavedObjects", "ml", "security", "spaces"],
"server": true,
"ui": false
}
diff --git a/x-pack/plugins/siem/package.json b/x-pack/plugins/siem/package.json
new file mode 100644
index 0000000000000..1fcef46243628
--- /dev/null
+++ b/x-pack/plugins/siem/package.json
@@ -0,0 +1,20 @@
+{
+ "author": "Elastic",
+ "name": "siem",
+ "version": "8.0.0",
+ "private": true,
+ "license": "Elastic-License",
+ "scripts": {
+ "extract-mitre-attacks": "node scripts/extract_tactics_techniques_mitre.js & node ../../../scripts/eslint ../../legacy/plugins/siem/public/pages/detection_engine/mitre/mitre_tactics_techniques.ts --fix",
+ "build-graphql-types": "node scripts/generate_types_from_graphql.js",
+ "cypress:open": "cypress open --config-file ./cypress/cypress.json",
+ "cypress:run": "cypress run --spec ./cypress/integration/**/*.spec.ts --config-file ./cypress/cypress.json --reporter ../../node_modules/cypress-multi-reporters --reporter-options configFile=./cypress/reporter_config.json; status=$?; ../../node_modules/.bin/mochawesome-merge --reportDir ../../../target/kibana-siem/cypress/results > ../../../target/kibana-siem/cypress/results/output.json; ../../../node_modules/.bin/marge ../../../target/kibana-siem/cypress/results/output.json --reportDir ../../../target/kibana-siem/cypress/results; mkdir -p ../../../target/junit && cp ../../../target/kibana-siem/cypress/results/*.xml ../../../target/junit/ && exit $status;",
+ "cypress:run-as-ci": "node ../../../scripts/functional_tests --config ../../test/siem_cypress/config.ts"
+ },
+ "devDependencies": {
+ "@types/lodash": "^4.14.110"
+ },
+ "dependencies": {
+ "lodash": "^4.17.15"
+ }
+}
diff --git a/x-pack/legacy/plugins/siem/scripts/check_circular_deps.js b/x-pack/plugins/siem/scripts/check_circular_deps.js
similarity index 68%
rename from x-pack/legacy/plugins/siem/scripts/check_circular_deps.js
rename to x-pack/plugins/siem/scripts/check_circular_deps.js
index 046cc010621d7..4ba7020d13465 100644
--- a/x-pack/legacy/plugins/siem/scripts/check_circular_deps.js
+++ b/x-pack/plugins/siem/scripts/check_circular_deps.js
@@ -4,5 +4,5 @@
* you may not use this file except in compliance with the Elastic License.
*/
-require('../../../../../src/setup_node_env');
-require('../dev_tools/circular_deps/run_check_circular_deps_cli');
+require('../../../../src/setup_node_env');
+require('./check_circular_deps/run_check_circular_deps_cli');
diff --git a/x-pack/legacy/plugins/siem/dev_tools/circular_deps/run_check_circular_deps_cli.js b/x-pack/plugins/siem/scripts/check_circular_deps/run_check_circular_deps_cli.js
similarity index 88%
rename from x-pack/legacy/plugins/siem/dev_tools/circular_deps/run_check_circular_deps_cli.js
rename to x-pack/plugins/siem/scripts/check_circular_deps/run_check_circular_deps_cli.js
index f3a97f5b9c9b6..0b5e5d6cf13b5 100644
--- a/x-pack/legacy/plugins/siem/dev_tools/circular_deps/run_check_circular_deps_cli.js
+++ b/x-pack/plugins/siem/scripts/check_circular_deps/run_check_circular_deps_cli.js
@@ -11,10 +11,13 @@ import madge from 'madge';
/* eslint-disable-next-line import/no-extraneous-dependencies */
import { run, createFailError } from '@kbn/dev-utils';
+const legacyPluginPath = '../../../../legacy/plugins/siem';
+const pluginPath = '../..';
+
run(
async ({ log }) => {
const result = await madge(
- [resolve(__dirname, '../../public'), resolve(__dirname, '../../common')],
+ [resolve(__dirname, legacyPluginPath, 'public'), resolve(__dirname, pluginPath, 'common')],
{
fileExtensions: ['ts', 'js', 'tsx'],
excludeRegExp: [
diff --git a/x-pack/legacy/plugins/siem/scripts/combined_schema.ts b/x-pack/plugins/siem/scripts/combined_schema.ts
similarity index 91%
rename from x-pack/legacy/plugins/siem/scripts/combined_schema.ts
rename to x-pack/plugins/siem/scripts/combined_schema.ts
index 625eb3a4a4755..48215548650fe 100644
--- a/x-pack/legacy/plugins/siem/scripts/combined_schema.ts
+++ b/x-pack/plugins/siem/scripts/combined_schema.ts
@@ -6,6 +6,7 @@
import { buildSchemaFromTypeDefinitions } from 'graphql-tools';
+// eslint-disable-next-line @kbn/eslint/no-restricted-paths
import { schemas as serverSchemas } from '../server/graphql';
export const schemas = [...serverSchemas];
diff --git a/x-pack/legacy/plugins/siem/scripts/convert_saved_search_to_rules.js b/x-pack/plugins/siem/scripts/convert_saved_search_to_rules.js
similarity index 99%
rename from x-pack/legacy/plugins/siem/scripts/convert_saved_search_to_rules.js
rename to x-pack/plugins/siem/scripts/convert_saved_search_to_rules.js
index 233d4dd7de721..65da56dd09bca 100644
--- a/x-pack/legacy/plugins/siem/scripts/convert_saved_search_to_rules.js
+++ b/x-pack/plugins/siem/scripts/convert_saved_search_to_rules.js
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-require('../../../../../src/setup_node_env');
+require('../../../../src/setup_node_env');
const fs = require('fs');
const path = require('path');
diff --git a/x-pack/legacy/plugins/siem/scripts/extract_tactics_techniques_mitre.js b/x-pack/plugins/siem/scripts/extract_tactics_techniques_mitre.js
similarity index 95%
rename from x-pack/legacy/plugins/siem/scripts/extract_tactics_techniques_mitre.js
rename to x-pack/plugins/siem/scripts/extract_tactics_techniques_mitre.js
index 6cb2a40049631..478463b1a8064 100644
--- a/x-pack/legacy/plugins/siem/scripts/extract_tactics_techniques_mitre.js
+++ b/x-pack/plugins/siem/scripts/extract_tactics_techniques_mitre.js
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-require('../../../../../src/setup_node_env');
+require('../../../../src/setup_node_env');
const fs = require('fs');
// eslint-disable-next-line import/no-extraneous-dependencies
@@ -12,7 +12,13 @@ const fetch = require('node-fetch');
const { camelCase } = require('lodash');
const { resolve } = require('path');
-const OUTPUT_DIRECTORY = resolve('public', 'pages', 'detection_engine', 'mitre');
+const OUTPUT_DIRECTORY = resolve(
+ '../../legacy/plugins/siem',
+ 'public',
+ 'pages',
+ 'detection_engine',
+ 'mitre'
+);
const MITRE_ENTREPRISE_ATTACK_URL =
'https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json';
diff --git a/x-pack/legacy/plugins/siem/scripts/generate_types_from_graphql.js b/x-pack/plugins/siem/scripts/generate_types_from_graphql.js
similarity index 91%
rename from x-pack/legacy/plugins/siem/scripts/generate_types_from_graphql.js
rename to x-pack/plugins/siem/scripts/generate_types_from_graphql.js
index 36674fec73e09..bded8832aba5a 100644
--- a/x-pack/legacy/plugins/siem/scripts/generate_types_from_graphql.js
+++ b/x-pack/plugins/siem/scripts/generate_types_from_graphql.js
@@ -4,18 +4,25 @@
* you may not use this file except in compliance with the Elastic License.
*/
-require('../../../../../src/setup_node_env');
+require('../../../../src/setup_node_env');
const { join, resolve } = require('path');
// eslint-disable-next-line import/no-extraneous-dependencies, import/no-unresolved
const { generate } = require('graphql-code-generator');
+const legacyPluginPath = '../../legacy/plugins/siem';
+
const GRAPHQL_GLOBS = [
- join('public', 'containers', '**', '*.gql_query.ts{,x}'),
+ join(legacyPluginPath, 'public', 'containers', '**', '*.gql_query.ts{,x}'),
join('common', 'graphql', '**', '*.gql_query.ts{,x}'),
];
-const OUTPUT_INTROSPECTION_PATH = resolve('public', 'graphql', 'introspection.json');
-const OUTPUT_CLIENT_TYPES_PATH = resolve('public', 'graphql', 'types.ts');
+const OUTPUT_INTROSPECTION_PATH = resolve(
+ legacyPluginPath,
+ 'public',
+ 'graphql',
+ 'introspection.json'
+);
+const OUTPUT_CLIENT_TYPES_PATH = resolve(legacyPluginPath, 'public', 'graphql', 'types.ts');
const OUTPUT_SERVER_TYPES_PATH = resolve('server', 'graphql', 'types.ts');
const SCHEMA_PATH = resolve(__dirname, 'combined_schema.ts');
diff --git a/x-pack/legacy/plugins/siem/scripts/loop_cypress_tests.js b/x-pack/plugins/siem/scripts/loop_cypress_tests.js
similarity index 100%
rename from x-pack/legacy/plugins/siem/scripts/loop_cypress_tests.js
rename to x-pack/plugins/siem/scripts/loop_cypress_tests.js
diff --git a/x-pack/legacy/plugins/siem/scripts/optimize_tsconfig.js b/x-pack/plugins/siem/scripts/optimize_tsconfig.js
similarity index 100%
rename from x-pack/legacy/plugins/siem/scripts/optimize_tsconfig.js
rename to x-pack/plugins/siem/scripts/optimize_tsconfig.js
diff --git a/x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/README.md b/x-pack/plugins/siem/scripts/optimize_tsconfig/README.md
similarity index 86%
rename from x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/README.md
rename to x-pack/plugins/siem/scripts/optimize_tsconfig/README.md
index d3615d2870ef9..2b402367c1db3 100644
--- a/x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/README.md
+++ b/x-pack/plugins/siem/scripts/optimize_tsconfig/README.md
@@ -8,9 +8,9 @@ Kibana and X-Pack are very large TypeScript projects, and it comes at a cost. Ed
To run the optimization:
-`$ node x-pack/legacy/plugins/siem/scripts/optimize_tsconfig`
+`$ node x-pack/plugins/siem/scripts/optimize_tsconfig`
To undo the optimization:
-`$ node x-pack/legacy/plugins/siem/scripts/unoptimize_tsconfig`
+`$ node x-pack/plugins/siem/scripts/unoptimize_tsconfig`
diff --git a/x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/optimize.js b/x-pack/plugins/siem/scripts/optimize_tsconfig/optimize.js
similarity index 100%
rename from x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/optimize.js
rename to x-pack/plugins/siem/scripts/optimize_tsconfig/optimize.js
diff --git a/x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/paths.js b/x-pack/plugins/siem/scripts/optimize_tsconfig/paths.js
similarity index 90%
rename from x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/paths.js
rename to x-pack/plugins/siem/scripts/optimize_tsconfig/paths.js
index ca26203e17d2e..c75e16f74b932 100644
--- a/x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/paths.js
+++ b/x-pack/plugins/siem/scripts/optimize_tsconfig/paths.js
@@ -5,7 +5,7 @@
*/
const path = require('path');
-const xpackRoot = path.resolve(__dirname, '../../../../..');
+const xpackRoot = path.resolve(__dirname, '../../../..');
const kibanaRoot = path.resolve(xpackRoot, '..');
const tsconfigTpl = path.resolve(__dirname, './tsconfig.json');
diff --git a/x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/tsconfig.json b/x-pack/plugins/siem/scripts/optimize_tsconfig/tsconfig.json
similarity index 88%
rename from x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/tsconfig.json
rename to x-pack/plugins/siem/scripts/optimize_tsconfig/tsconfig.json
index c4705c8b8c16a..42d26c4c27ed6 100644
--- a/x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/tsconfig.json
+++ b/x-pack/plugins/siem/scripts/optimize_tsconfig/tsconfig.json
@@ -10,7 +10,7 @@
"exclude": [
"test/**/*",
"**/__fixtures__/**/*",
- "legacy/plugins/siem/cypress/**/*",
+ "plugins/siem/cypress/**/*",
"**/typespec_tests.ts"
]
}
diff --git a/x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/unoptimize.js b/x-pack/plugins/siem/scripts/optimize_tsconfig/unoptimize.js
similarity index 100%
rename from x-pack/legacy/plugins/siem/scripts/optimize_tsconfig/unoptimize.js
rename to x-pack/plugins/siem/scripts/optimize_tsconfig/unoptimize.js
diff --git a/x-pack/legacy/plugins/siem/scripts/storybook.js b/x-pack/plugins/siem/scripts/storybook.js
similarity index 100%
rename from x-pack/legacy/plugins/siem/scripts/storybook.js
rename to x-pack/plugins/siem/scripts/storybook.js
diff --git a/x-pack/legacy/plugins/siem/scripts/unoptimize_tsconfig.js b/x-pack/plugins/siem/scripts/unoptimize_tsconfig.js
similarity index 100%
rename from x-pack/legacy/plugins/siem/scripts/unoptimize_tsconfig.js
rename to x-pack/plugins/siem/scripts/unoptimize_tsconfig.js
diff --git a/x-pack/legacy/plugins/siem/server/client/client.test.ts b/x-pack/plugins/siem/server/client/client.test.ts
similarity index 79%
rename from x-pack/legacy/plugins/siem/server/client/client.test.ts
rename to x-pack/plugins/siem/server/client/client.test.ts
index bfe7b97f43003..94ff2149b8c64 100644
--- a/x-pack/legacy/plugins/siem/server/client/client.test.ts
+++ b/x-pack/plugins/siem/server/client/client.test.ts
@@ -4,17 +4,17 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { SiemClient } from './client';
+import { SIGNALS_INDEX_KEY } from '../../common/constants';
import { createMockConfig } from '../lib/detection_engine/routes/__mocks__';
+import { SiemClient } from './client';
describe('SiemClient', () => {
describe('#signalsIndex', () => {
it('returns the index scoped to the specified spaceId', () => {
- let mockConfig = createMockConfig();
- mockConfig = () => ({
- get: jest.fn(() => 'mockSignalsIndex'),
- has: jest.fn(),
- });
+ const mockConfig = {
+ ...createMockConfig(),
+ [SIGNALS_INDEX_KEY]: 'mockSignalsIndex',
+ };
const spaceId = 'fooSpace';
const client = new SiemClient(spaceId, mockConfig);
diff --git a/x-pack/legacy/plugins/siem/server/client/client.ts b/x-pack/plugins/siem/server/client/client.ts
similarity index 56%
rename from x-pack/legacy/plugins/siem/server/client/client.ts
rename to x-pack/plugins/siem/server/client/client.ts
index 245b81d0be97a..6cb0d4cfade77 100644
--- a/x-pack/legacy/plugins/siem/server/client/client.ts
+++ b/x-pack/plugins/siem/server/client/client.ts
@@ -4,17 +4,13 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { Legacy } from 'kibana';
-
-import { APP_ID, SIGNALS_INDEX_KEY } from '../../common/constants';
+import { ConfigType } from '..';
export class SiemClient {
public readonly signalsIndex: string;
- constructor(private spaceId: string, private config: Legacy.Server['config']) {
- const configuredSignalsIndex = this.config().get(
- `xpack.${APP_ID}.${SIGNALS_INDEX_KEY}`
- );
+ constructor(private spaceId: string, private config: ConfigType) {
+ const configuredSignalsIndex = this.config.signalsIndex;
this.signalsIndex = `${configuredSignalsIndex}-${this.spaceId}`;
}
diff --git a/x-pack/legacy/plugins/siem/server/client/factory.test.ts b/x-pack/plugins/siem/server/client/factory.test.ts
similarity index 82%
rename from x-pack/legacy/plugins/siem/server/client/factory.test.ts
rename to x-pack/plugins/siem/server/client/factory.test.ts
index c166b6b838be2..f0cddc5f09747 100644
--- a/x-pack/legacy/plugins/siem/server/client/factory.test.ts
+++ b/x-pack/plugins/siem/server/client/factory.test.ts
@@ -4,7 +4,8 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { httpServerMock } from '../../../../../../src/core/server/mocks';
+import { httpServerMock } from '../../../../../src/core/server/mocks';
+import { createMockConfig } from '../lib/detection_engine/routes/__mocks__';
import { SiemClientFactory } from './factory';
import { SiemClient } from './client';
@@ -16,7 +17,7 @@ describe('SiemClientFactory', () => {
it('constructs a client with the current spaceId', () => {
const factory = new SiemClientFactory();
const mockRequest = httpServerMock.createKibanaRequest();
- factory.setup({ getSpaceId: () => 'mockSpace', config: jest.fn() });
+ factory.setup({ getSpaceId: () => 'mockSpace', config: createMockConfig() });
factory.create(mockRequest);
expect(mockClient).toHaveBeenCalledWith('mockSpace', expect.anything());
@@ -25,7 +26,7 @@ describe('SiemClientFactory', () => {
it('constructs a client with the default spaceId if spaces are disabled', () => {
const factory = new SiemClientFactory();
const mockRequest = httpServerMock.createKibanaRequest();
- factory.setup({ getSpaceId: undefined, config: jest.fn() });
+ factory.setup({ getSpaceId: undefined, config: createMockConfig() });
factory.create(mockRequest);
expect(mockClient).toHaveBeenCalledWith('default', expect.anything());
diff --git a/x-pack/legacy/plugins/siem/server/client/factory.ts b/x-pack/plugins/siem/server/client/factory.ts
similarity index 87%
rename from x-pack/legacy/plugins/siem/server/client/factory.ts
rename to x-pack/plugins/siem/server/client/factory.ts
index d31920bdf2c77..d3d6b84e5b090 100644
--- a/x-pack/legacy/plugins/siem/server/client/factory.ts
+++ b/x-pack/plugins/siem/server/client/factory.ts
@@ -4,14 +4,13 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { Legacy } from 'kibana';
-
-import { KibanaRequest } from '../../../../../../src/core/server';
+import { KibanaRequest } from '../../../../../src/core/server';
import { SiemClient } from './client';
+import { ConfigType } from '..';
interface SetupDependencies {
getSpaceId?: (request: KibanaRequest) => string | undefined;
- config: Legacy.Server['config'];
+ config: ConfigType;
}
export class SiemClientFactory {
diff --git a/x-pack/legacy/plugins/siem/server/client/index.ts b/x-pack/plugins/siem/server/client/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/client/index.ts
rename to x-pack/plugins/siem/server/client/index.ts
diff --git a/x-pack/plugins/siem/server/config.ts b/x-pack/plugins/siem/server/config.ts
index 224043c0c6fe5..4b0e8d34ef1a0 100644
--- a/x-pack/plugins/siem/server/config.ts
+++ b/x-pack/plugins/siem/server/config.ts
@@ -7,13 +7,14 @@
import { Observable } from 'rxjs';
import { schema, TypeOf } from '@kbn/config-schema';
import { PluginInitializerContext } from '../../../../src/core/server';
-import {
- SIGNALS_INDEX_KEY,
- DEFAULT_SIGNALS_INDEX,
-} from '../../../legacy/plugins/siem/common/constants';
+import { SIGNALS_INDEX_KEY, DEFAULT_SIGNALS_INDEX } from '../common/constants';
export const configSchema = schema.object({
enabled: schema.boolean({ defaultValue: true }),
+ maxRuleImportExportSize: schema.number({ defaultValue: 10000 }),
+ maxRuleImportPayloadBytes: schema.number({ defaultValue: 10485760 }),
+ maxTimelineImportExportSize: schema.number({ defaultValue: 10000 }),
+ maxTimelineImportPayloadBytes: schema.number({ defaultValue: 10485760 }),
[SIGNALS_INDEX_KEY]: schema.string({ defaultValue: DEFAULT_SIGNALS_INDEX }),
});
diff --git a/x-pack/legacy/plugins/siem/server/graphql/authentications/index.ts b/x-pack/plugins/siem/server/graphql/authentications/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/authentications/index.ts
rename to x-pack/plugins/siem/server/graphql/authentications/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/authentications/resolvers.ts b/x-pack/plugins/siem/server/graphql/authentications/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/authentications/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/authentications/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/authentications/schema.gql.ts b/x-pack/plugins/siem/server/graphql/authentications/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/authentications/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/authentications/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/ecs/index.ts b/x-pack/plugins/siem/server/graphql/ecs/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/ecs/index.ts
rename to x-pack/plugins/siem/server/graphql/ecs/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/ecs/resolvers.ts b/x-pack/plugins/siem/server/graphql/ecs/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/ecs/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/ecs/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/ecs/schema.gql.ts b/x-pack/plugins/siem/server/graphql/ecs/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/ecs/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/ecs/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/events/index.ts b/x-pack/plugins/siem/server/graphql/events/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/events/index.ts
rename to x-pack/plugins/siem/server/graphql/events/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/events/resolvers.ts b/x-pack/plugins/siem/server/graphql/events/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/events/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/events/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/events/schema.gql.ts b/x-pack/plugins/siem/server/graphql/events/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/events/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/events/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/hosts/index.ts b/x-pack/plugins/siem/server/graphql/hosts/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/hosts/index.ts
rename to x-pack/plugins/siem/server/graphql/hosts/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/hosts/resolvers.ts b/x-pack/plugins/siem/server/graphql/hosts/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/hosts/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/hosts/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/hosts/schema.gql.ts b/x-pack/plugins/siem/server/graphql/hosts/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/hosts/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/hosts/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/index.ts b/x-pack/plugins/siem/server/graphql/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/index.ts
rename to x-pack/plugins/siem/server/graphql/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/ip_details/index.ts b/x-pack/plugins/siem/server/graphql/ip_details/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/ip_details/index.ts
rename to x-pack/plugins/siem/server/graphql/ip_details/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/ip_details/resolvers.ts b/x-pack/plugins/siem/server/graphql/ip_details/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/ip_details/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/ip_details/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/ip_details/schema.gql.ts b/x-pack/plugins/siem/server/graphql/ip_details/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/ip_details/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/ip_details/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/kpi_hosts/index.ts b/x-pack/plugins/siem/server/graphql/kpi_hosts/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/kpi_hosts/index.ts
rename to x-pack/plugins/siem/server/graphql/kpi_hosts/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/kpi_hosts/resolvers.ts b/x-pack/plugins/siem/server/graphql/kpi_hosts/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/kpi_hosts/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/kpi_hosts/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/kpi_hosts/schema.gql.ts b/x-pack/plugins/siem/server/graphql/kpi_hosts/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/kpi_hosts/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/kpi_hosts/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/kpi_network/index.ts b/x-pack/plugins/siem/server/graphql/kpi_network/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/kpi_network/index.ts
rename to x-pack/plugins/siem/server/graphql/kpi_network/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/kpi_network/resolvers.ts b/x-pack/plugins/siem/server/graphql/kpi_network/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/kpi_network/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/kpi_network/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/kpi_network/schema.gql.ts b/x-pack/plugins/siem/server/graphql/kpi_network/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/kpi_network/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/kpi_network/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/matrix_histogram/index.ts b/x-pack/plugins/siem/server/graphql/matrix_histogram/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/matrix_histogram/index.ts
rename to x-pack/plugins/siem/server/graphql/matrix_histogram/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/matrix_histogram/resolvers.ts b/x-pack/plugins/siem/server/graphql/matrix_histogram/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/matrix_histogram/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/matrix_histogram/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/matrix_histogram/schema.gql.ts b/x-pack/plugins/siem/server/graphql/matrix_histogram/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/matrix_histogram/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/matrix_histogram/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/network/index.ts b/x-pack/plugins/siem/server/graphql/network/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/network/index.ts
rename to x-pack/plugins/siem/server/graphql/network/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/network/resolvers.ts b/x-pack/plugins/siem/server/graphql/network/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/network/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/network/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/network/schema.gql.ts b/x-pack/plugins/siem/server/graphql/network/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/network/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/network/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/note/index.ts b/x-pack/plugins/siem/server/graphql/note/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/note/index.ts
rename to x-pack/plugins/siem/server/graphql/note/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/note/resolvers.ts b/x-pack/plugins/siem/server/graphql/note/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/note/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/note/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/note/schema.gql.ts b/x-pack/plugins/siem/server/graphql/note/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/note/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/note/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/overview/index.ts b/x-pack/plugins/siem/server/graphql/overview/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/overview/index.ts
rename to x-pack/plugins/siem/server/graphql/overview/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/overview/resolvers.ts b/x-pack/plugins/siem/server/graphql/overview/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/overview/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/overview/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/overview/schema.gql.ts b/x-pack/plugins/siem/server/graphql/overview/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/overview/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/overview/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/pinned_event/index.ts b/x-pack/plugins/siem/server/graphql/pinned_event/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/pinned_event/index.ts
rename to x-pack/plugins/siem/server/graphql/pinned_event/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/pinned_event/resolvers.ts b/x-pack/plugins/siem/server/graphql/pinned_event/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/pinned_event/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/pinned_event/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/pinned_event/schema.gql.ts b/x-pack/plugins/siem/server/graphql/pinned_event/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/pinned_event/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/pinned_event/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_date/index.ts b/x-pack/plugins/siem/server/graphql/scalar_date/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_date/index.ts
rename to x-pack/plugins/siem/server/graphql/scalar_date/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_date/resolvers.test.ts b/x-pack/plugins/siem/server/graphql/scalar_date/resolvers.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_date/resolvers.test.ts
rename to x-pack/plugins/siem/server/graphql/scalar_date/resolvers.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_date/resolvers.ts b/x-pack/plugins/siem/server/graphql/scalar_date/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_date/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/scalar_date/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_date/schema.gql.ts b/x-pack/plugins/siem/server/graphql/scalar_date/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_date/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/scalar_date/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_any/index.ts b/x-pack/plugins/siem/server/graphql/scalar_to_any/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_any/index.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_any/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_any/resolvers.ts b/x-pack/plugins/siem/server/graphql/scalar_to_any/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_any/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_any/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_any/schema.gql.ts b/x-pack/plugins/siem/server/graphql/scalar_to_any/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_any/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_any/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_boolean_array/index.ts b/x-pack/plugins/siem/server/graphql/scalar_to_boolean_array/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_boolean_array/index.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_boolean_array/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_boolean_array/resolvers.test.ts b/x-pack/plugins/siem/server/graphql/scalar_to_boolean_array/resolvers.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_boolean_array/resolvers.test.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_boolean_array/resolvers.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_boolean_array/resolvers.ts b/x-pack/plugins/siem/server/graphql/scalar_to_boolean_array/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_boolean_array/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_boolean_array/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_boolean_array/schema.gql.ts b/x-pack/plugins/siem/server/graphql/scalar_to_boolean_array/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_boolean_array/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_boolean_array/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_date_array/index.ts b/x-pack/plugins/siem/server/graphql/scalar_to_date_array/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_date_array/index.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_date_array/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_date_array/resolvers.test.ts b/x-pack/plugins/siem/server/graphql/scalar_to_date_array/resolvers.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_date_array/resolvers.test.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_date_array/resolvers.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_date_array/resolvers.ts b/x-pack/plugins/siem/server/graphql/scalar_to_date_array/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_date_array/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_date_array/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_date_array/schema.gql.ts b/x-pack/plugins/siem/server/graphql/scalar_to_date_array/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_date_array/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_date_array/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_number_array/index.ts b/x-pack/plugins/siem/server/graphql/scalar_to_number_array/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_number_array/index.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_number_array/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_number_array/resolvers.test.ts b/x-pack/plugins/siem/server/graphql/scalar_to_number_array/resolvers.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_number_array/resolvers.test.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_number_array/resolvers.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_number_array/resolvers.ts b/x-pack/plugins/siem/server/graphql/scalar_to_number_array/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_number_array/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_number_array/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/scalar_to_number_array/schema.gql.ts b/x-pack/plugins/siem/server/graphql/scalar_to_number_array/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/scalar_to_number_array/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/scalar_to_number_array/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/source_status/index.ts b/x-pack/plugins/siem/server/graphql/source_status/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/source_status/index.ts
rename to x-pack/plugins/siem/server/graphql/source_status/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/source_status/resolvers.ts b/x-pack/plugins/siem/server/graphql/source_status/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/source_status/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/source_status/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/source_status/schema.gql.ts b/x-pack/plugins/siem/server/graphql/source_status/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/source_status/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/source_status/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/sources/index.ts b/x-pack/plugins/siem/server/graphql/sources/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/sources/index.ts
rename to x-pack/plugins/siem/server/graphql/sources/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/sources/resolvers.ts b/x-pack/plugins/siem/server/graphql/sources/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/sources/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/sources/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/sources/schema.gql.ts b/x-pack/plugins/siem/server/graphql/sources/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/sources/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/sources/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/timeline/index.ts b/x-pack/plugins/siem/server/graphql/timeline/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/timeline/index.ts
rename to x-pack/plugins/siem/server/graphql/timeline/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/timeline/resolvers.ts b/x-pack/plugins/siem/server/graphql/timeline/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/timeline/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/timeline/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/timeline/schema.gql.ts b/x-pack/plugins/siem/server/graphql/timeline/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/timeline/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/timeline/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/tls/index.ts b/x-pack/plugins/siem/server/graphql/tls/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/tls/index.ts
rename to x-pack/plugins/siem/server/graphql/tls/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/tls/resolvers.ts b/x-pack/plugins/siem/server/graphql/tls/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/tls/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/tls/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/tls/schema.gql.ts b/x-pack/plugins/siem/server/graphql/tls/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/tls/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/tls/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/types.ts b/x-pack/plugins/siem/server/graphql/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/types.ts
rename to x-pack/plugins/siem/server/graphql/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/uncommon_processes/index.ts b/x-pack/plugins/siem/server/graphql/uncommon_processes/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/uncommon_processes/index.ts
rename to x-pack/plugins/siem/server/graphql/uncommon_processes/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/uncommon_processes/resolvers.ts b/x-pack/plugins/siem/server/graphql/uncommon_processes/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/uncommon_processes/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/uncommon_processes/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/uncommon_processes/schema.gql.ts b/x-pack/plugins/siem/server/graphql/uncommon_processes/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/uncommon_processes/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/uncommon_processes/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/who_am_i/index.ts b/x-pack/plugins/siem/server/graphql/who_am_i/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/who_am_i/index.ts
rename to x-pack/plugins/siem/server/graphql/who_am_i/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/who_am_i/resolvers.ts b/x-pack/plugins/siem/server/graphql/who_am_i/resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/who_am_i/resolvers.ts
rename to x-pack/plugins/siem/server/graphql/who_am_i/resolvers.ts
diff --git a/x-pack/legacy/plugins/siem/server/graphql/who_am_i/schema.gql.ts b/x-pack/plugins/siem/server/graphql/who_am_i/schema.gql.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/graphql/who_am_i/schema.gql.ts
rename to x-pack/plugins/siem/server/graphql/who_am_i/schema.gql.ts
diff --git a/x-pack/legacy/plugins/siem/server/init_server.ts b/x-pack/plugins/siem/server/init_server.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/init_server.ts
rename to x-pack/plugins/siem/server/init_server.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/authentications/elasticsearch_adapter.test.ts b/x-pack/plugins/siem/server/lib/authentications/elasticsearch_adapter.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/authentications/elasticsearch_adapter.test.ts
rename to x-pack/plugins/siem/server/lib/authentications/elasticsearch_adapter.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/authentications/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/authentications/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/authentications/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/authentications/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/authentications/index.ts b/x-pack/plugins/siem/server/lib/authentications/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/authentications/index.ts
rename to x-pack/plugins/siem/server/lib/authentications/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/authentications/query.dsl.ts b/x-pack/plugins/siem/server/lib/authentications/query.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/authentications/query.dsl.ts
rename to x-pack/plugins/siem/server/lib/authentications/query.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/authentications/types.ts b/x-pack/plugins/siem/server/lib/authentications/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/authentications/types.ts
rename to x-pack/plugins/siem/server/lib/authentications/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/compose/kibana.ts b/x-pack/plugins/siem/server/lib/compose/kibana.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/compose/kibana.ts
rename to x-pack/plugins/siem/server/lib/compose/kibana.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/configuration/adapter_types.ts b/x-pack/plugins/siem/server/lib/configuration/adapter_types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/configuration/adapter_types.ts
rename to x-pack/plugins/siem/server/lib/configuration/adapter_types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/configuration/index.ts b/x-pack/plugins/siem/server/lib/configuration/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/configuration/index.ts
rename to x-pack/plugins/siem/server/lib/configuration/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/configuration/inmemory_configuration_adapter.ts b/x-pack/plugins/siem/server/lib/configuration/inmemory_configuration_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/configuration/inmemory_configuration_adapter.ts
rename to x-pack/plugins/siem/server/lib/configuration/inmemory_configuration_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/README.md b/x-pack/plugins/siem/server/lib/detection_engine/README.md
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/README.md
rename to x-pack/plugins/siem/server/lib/detection_engine/README.md
index 1e8e3d5e3dd75..610e82fd5f6ee 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/README.md
+++ b/x-pack/plugins/siem/server/lib/detection_engine/README.md
@@ -46,7 +46,7 @@ server log [22:05:22.277] [info][status][plugin:alerting@8.0.0] Status changed f
server log [22:05:22.270] [info][status][plugin:actions@8.0.0] Status changed from uninitialized to green - Ready
```
-Go to the scripts folder `cd kibana/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts` and run:
+Go to the scripts folder `cd kibana/x-pack/plugins/siem/server/lib/detection_engine/scripts` and run:
```sh
./hard_reset.sh
@@ -159,7 +159,7 @@ https://github.com/elastic/kibana/tree/master/x-pack/plugins/actions
To update the status of a signal or group of signals, the following scripts provide an example of how to
go about doing so.
-`cd x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts`
+`cd x-pack/plugins/siem/server/lib/detection_engine/scripts`
`./signals/put_signal_doc.sh` will post a sample signal doc into the signals index to play with
`./signals/set_status_with_id.sh closed` will update the status of the sample signal to closed
`./signals/set_status_with_id.sh open` will update the status of the sample signal to open
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/errors/bad_request_error.ts b/x-pack/plugins/siem/server/lib/detection_engine/errors/bad_request_error.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/errors/bad_request_error.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/errors/bad_request_error.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/feature_flags.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/feature_flags.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/feature_flags.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/feature_flags.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/feature_flags.ts b/x-pack/plugins/siem/server/lib/detection_engine/feature_flags.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/feature_flags.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/feature_flags.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/index/create_bootstrap_index.ts b/x-pack/plugins/siem/server/lib/detection_engine/index/create_bootstrap_index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/index/create_bootstrap_index.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/index/create_bootstrap_index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/index/delete_all_index.ts b/x-pack/plugins/siem/server/lib/detection_engine/index/delete_all_index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/index/delete_all_index.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/index/delete_all_index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/index/delete_policy.ts b/x-pack/plugins/siem/server/lib/detection_engine/index/delete_policy.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/index/delete_policy.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/index/delete_policy.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/index/delete_template.ts b/x-pack/plugins/siem/server/lib/detection_engine/index/delete_template.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/index/delete_template.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/index/delete_template.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/index/get_index_exists.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/index/get_index_exists.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/index/get_index_exists.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/index/get_index_exists.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/index/get_index_exists.ts b/x-pack/plugins/siem/server/lib/detection_engine/index/get_index_exists.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/index/get_index_exists.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/index/get_index_exists.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/index/get_policy_exists.ts b/x-pack/plugins/siem/server/lib/detection_engine/index/get_policy_exists.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/index/get_policy_exists.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/index/get_policy_exists.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/index/get_template_exists.ts b/x-pack/plugins/siem/server/lib/detection_engine/index/get_template_exists.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/index/get_template_exists.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/index/get_template_exists.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/index/read_index.ts b/x-pack/plugins/siem/server/lib/detection_engine/index/read_index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/index/read_index.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/index/read_index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/index/set_policy.ts b/x-pack/plugins/siem/server/lib/detection_engine/index/set_policy.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/index/set_policy.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/index/set_policy.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/index/set_template.ts b/x-pack/plugins/siem/server/lib/detection_engine/index/set_template.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/index/set_template.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/index/set_template.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/add_tags.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/add_tags.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/add_tags.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/add_tags.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/add_tags.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/add_tags.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/add_tags.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/add_tags.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/build_signals_query.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/build_signals_query.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/build_signals_query.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/build_signals_query.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/build_signals_query.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/build_signals_query.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/build_signals_query.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/build_signals_query.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/create_notifications.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/create_notifications.test.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/create_notifications.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/create_notifications.test.ts
index 3878f5dae8889..e0414f842ceb3 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/create_notifications.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/notifications/create_notifications.test.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
import { createNotifications } from './create_notifications';
describe('createNotifications', () => {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/create_notifications.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/create_notifications.ts
similarity index 93%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/create_notifications.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/create_notifications.ts
index ccd7576255d83..35a737177ad49 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/create_notifications.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/notifications/create_notifications.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { Alert } from '../../../../../../../plugins/alerting/common';
+import { Alert } from '../../../../../alerting/common';
import { APP_ID, NOTIFICATIONS_ID } from '../../../../common/constants';
import { CreateNotificationParams } from './types';
import { addTags } from './add_tags';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/delete_notifications.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/delete_notifications.test.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/delete_notifications.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/delete_notifications.test.ts
index 7e5c0eaf6286e..089822f486aeb 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/delete_notifications.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/notifications/delete_notifications.test.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
import { deleteNotifications } from './delete_notifications';
import { readNotifications } from './read_notifications';
jest.mock('./read_notifications');
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/delete_notifications.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/delete_notifications.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/delete_notifications.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/delete_notifications.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/find_notifications.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/find_notifications.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/find_notifications.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/find_notifications.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/find_notifications.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/find_notifications.ts
similarity index 92%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/find_notifications.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/find_notifications.ts
index fcdeda608fe4e..b47ea348bd4d6 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/find_notifications.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/notifications/find_notifications.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { FindResult } from '../../../../../../../plugins/alerting/server';
+import { FindResult } from '../../../../../alerting/server';
import { NOTIFICATIONS_ID } from '../../../../common/constants';
import { FindNotificationParams } from './types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/get_signals_count.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/get_signals_count.ts
similarity index 92%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/get_signals_count.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/get_signals_count.ts
index 7ff6a4e5164bd..69f37da1e225b 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/get_signals_count.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/notifications/get_signals_count.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
+import { AlertServices } from '../../../../../alerting/server';
import { buildSignalsSearchQuery } from './build_signals_query';
interface GetSignalsCount {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/read_notifications.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/read_notifications.test.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/read_notifications.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/read_notifications.test.ts
index 834ad2460959c..961aac15c484d 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/read_notifications.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/notifications/read_notifications.test.ts
@@ -5,7 +5,7 @@
*/
import { readNotifications } from './read_notifications';
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
import {
getNotificationResult,
getFindNotificationsResultWithSingleHit,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/read_notifications.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/read_notifications.ts
similarity index 94%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/read_notifications.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/read_notifications.ts
index 87bdd6f3f40e1..c585c474556a1 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/read_notifications.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/notifications/read_notifications.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { SanitizedAlert } from '../../../../../../../plugins/alerting/common';
+import { SanitizedAlert } from '../../../../../alerting/common';
import { ReadNotificationParams, isAlertType } from './types';
import { findNotifications } from './find_notifications';
import { INTERNAL_RULE_ALERT_ID_KEY } from '../../../../common/constants';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/rules_notification_alert_type.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/rules_notification_alert_type.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/rules_notification_alert_type.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/rules_notification_alert_type.test.ts
index f537b22bac1eb..6244a4cc64e68 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/rules_notification_alert_type.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/notifications/rules_notification_alert_type.test.ts
@@ -8,7 +8,7 @@ import { loggerMock } from 'src/core/server/logging/logger.mock';
import { getResult } from '../routes/__mocks__/request_responses';
import { rulesNotificationAlertType } from './rules_notification_alert_type';
import { buildSignalsSearchQuery } from './build_signals_query';
-import { alertsMock, AlertServicesMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsMock, AlertServicesMock } from '../../../../../../plugins/alerting/server/mocks';
import { NotificationExecutorOptions } from './types';
jest.mock('./build_signals_query');
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/rules_notification_alert_type.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/rules_notification_alert_type.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/rules_notification_alert_type.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/rules_notification_alert_type.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/schedule_notification_actions.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/schedule_notification_actions.ts
similarity index 92%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/schedule_notification_actions.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/schedule_notification_actions.ts
index 9f145af79ca90..a0bd5e092c6ea 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/schedule_notification_actions.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/notifications/schedule_notification_actions.ts
@@ -5,7 +5,7 @@
*/
import { mapKeys, snakeCase } from 'lodash/fp';
-import { AlertInstance } from '../../../../../../../plugins/alerting/server';
+import { AlertInstance } from '../../../../../alerting/server';
import { RuleTypeParams } from '../types';
export type NotificationRuleTypeParams = RuleTypeParams & {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/types.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/types.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/types.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/types.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/types.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/types.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/types.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/types.ts
index 32a8737adc7c9..d740b79cb3b94 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/types.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/notifications/types.ts
@@ -10,8 +10,8 @@ import {
AlertType,
State,
AlertExecutorOptions,
-} from '../../../../../../../plugins/alerting/server';
-import { Alert } from '../../../../../../../plugins/alerting/common';
+} from '../../../../../alerting/server';
+import { Alert } from '../../../../../alerting/common';
import { NOTIFICATIONS_ID } from '../../../../common/constants';
import { RuleAlertAction } from '../../../../common/detection_engine/types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/update_notifications.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/update_notifications.test.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/update_notifications.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/update_notifications.test.ts
index e1f7526438c31..b9dc42b96696d 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/update_notifications.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/notifications/update_notifications.test.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
import { updateNotifications } from './update_notifications';
import { readNotifications } from './read_notifications';
import { createNotifications } from './create_notifications';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/update_notifications.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/update_notifications.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/update_notifications.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/update_notifications.ts
index ac0de406aceb2..5889b0e4dcfb8 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/update_notifications.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/notifications/update_notifications.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { PartialAlert } from '../../../../../../../plugins/alerting/server';
+import { PartialAlert } from '../../../../../alerting/server';
import { readNotifications } from './read_notifications';
import { UpdateNotificationParams } from './types';
import { addTags } from './add_tags';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/utils.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/utils.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/utils.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/utils.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/utils.ts b/x-pack/plugins/siem/server/lib/detection_engine/notifications/utils.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/notifications/utils.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/notifications/utils.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/privileges/read_privileges.ts b/x-pack/plugins/siem/server/lib/detection_engine/privileges/read_privileges.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/privileges/read_privileges.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/privileges/read_privileges.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts
similarity index 59%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts
index 1ccd43c06aacc..a28eb6ba3ccaa 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/index.ts
@@ -4,6 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import { DEFAULT_SIGNALS_INDEX, SIGNALS_INDEX_KEY } from '../../../../../common/constants';
import { requestContextMock } from './request_context';
import { serverMock } from './server';
import { requestMock } from './request';
@@ -11,7 +12,11 @@ import { responseMock } from './response_factory';
export { requestMock, requestContextMock, responseMock, serverMock };
-export const createMockConfig = () => () => ({
- get: jest.fn(),
- has: jest.fn(),
+export const createMockConfig = () => ({
+ enabled: true,
+ [SIGNALS_INDEX_KEY]: DEFAULT_SIGNALS_INDEX,
+ maxRuleImportExportSize: 10000,
+ maxRuleImportPayloadBytes: 10485760,
+ maxTimelineImportExportSize: 10000,
+ maxTimelineImportPayloadBytes: 10485760,
});
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/request.ts
similarity index 79%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/request.ts
index 8856a3463aab3..5f9246db7dfd5 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/request.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { httpServerMock } from '../../../../../../../../../src/core/server/mocks';
+import { httpServerMock } from '../../../../../../../../src/core/server/mocks';
export const requestMock = {
create: httpServerMock.createKibanaRequest,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_context.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_context.ts
similarity index 79%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_context.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_context.ts
index 2e5c29bc0221a..10efdb518f7b7 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_context.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_context.ts
@@ -4,15 +4,15 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { RequestHandlerContext } from '../../../../../../../../../src/core/server';
+import { RequestHandlerContext } from '../../../../../../../../src/core/server';
import {
coreMock,
elasticsearchServiceMock,
savedObjectsClientMock,
-} from '../../../../../../../../../src/core/server/mocks';
-import { alertsClientMock } from '../../../../../../../../plugins/alerting/server/mocks';
-import { actionsClientMock } from '../../../../../../../../plugins/actions/server/mocks';
-import { licensingMock } from '../../../../../../../../plugins/licensing/server/mocks';
+} from '../../../../../../../../src/core/server/mocks';
+import { alertsClientMock } from '../../../../../../alerting/server/mocks';
+import { actionsClientMock } from '../../../../../../actions/server/mocks';
+import { licensingMock } from '../../../../../../licensing/server/mocks';
const createMockClients = () => ({
actionsClient: actionsClientMock.create(),
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_responses.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_responses.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_responses.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_responses.ts
index 94097df48949f..469f91c8211cc 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_responses.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/request_responses.ts
@@ -5,7 +5,7 @@
*/
import { SavedObjectsFindResponse } from 'kibana/server';
-import { ActionResult } from '../../../../../../../../plugins/actions/server';
+import { ActionResult } from '../../../../../../actions/server';
import {
SignalsStatusRestParams,
SignalsQueryRestParams,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/response_factory.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/response_factory.ts
similarity index 79%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/response_factory.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/response_factory.ts
index 3e0eda9961403..e6c03d382d9db 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/response_factory.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/response_factory.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { httpServerMock } from '../../../../../../../../../src/core/server/mocks';
+import { httpServerMock } from '../../../../../../../../src/core/server/mocks';
export const responseMock = {
create: httpServerMock.createResponseFactory,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/server.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/server.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/server.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/server.ts
index 824d1f2bec334..c08e626adb323 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/server.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/server.ts
@@ -9,8 +9,8 @@ import {
RouteConfig,
KibanaRequest,
RequestHandlerContext,
-} from '../../../../../../../../../src/core/server';
-import { httpServiceMock } from '../../../../../../../../../src/core/server/mocks';
+} from '../../../../../../../../src/core/server';
+import { httpServiceMock } from '../../../../../../../../src/core/server/mocks';
import { requestContextMock } from './request_context';
import { responseMock as responseFactoryMock } from './response_factory';
import { requestMock } from '.';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/test_adapters.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/test_adapters.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/test_adapters.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/test_adapters.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/utils.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/utils.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/__mocks__/utils.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/__mocks__/utils.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/create_index_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/index/create_index_route.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/create_index_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/index/create_index_route.ts
index 3195483013c19..cb48e35228858 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/create_index_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/index/create_index_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_INDEX_URL } from '../../../../../common/constants';
import { transformError, buildSiemResponse } from '../utils';
import { getIndexExists } from '../../index/get_index_exists';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/delete_index_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/index/delete_index_route.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/delete_index_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/index/delete_index_route.ts
index c667e7ae9c463..5eff38b778492 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/delete_index_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/index/delete_index_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_INDEX_URL } from '../../../../../common/constants';
import { transformError, buildSiemResponse } from '../utils';
import { getIndexExists } from '../../index/get_index_exists';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/ecs_mapping.json b/x-pack/plugins/siem/server/lib/detection_engine/routes/index/ecs_mapping.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/ecs_mapping.json
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/index/ecs_mapping.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/get_signals_template.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/index/get_signals_template.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/get_signals_template.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/index/get_signals_template.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/get_signals_template.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/index/get_signals_template.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/get_signals_template.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/index/get_signals_template.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/read_index_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/index/read_index_route.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/read_index_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/index/read_index_route.ts
index 047176f155611..8ff8d7461ecd1 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/read_index_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/index/read_index_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_INDEX_URL } from '../../../../../common/constants';
import { transformError, buildSiemResponse } from '../utils';
import { getIndexExists } from '../../index/get_index_exists';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/signals_mapping.json b/x-pack/plugins/siem/server/lib/detection_engine/routes/index/signals_mapping.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/signals_mapping.json
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/index/signals_mapping.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/signals_policy.json b/x-pack/plugins/siem/server/lib/detection_engine/routes/index/signals_policy.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/index/signals_policy.json
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/index/signals_policy.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/privileges/read_privileges_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/privileges/read_privileges_route.test.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/privileges/read_privileges_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/privileges/read_privileges_route.test.ts
index 3209f5ce9f519..ce44f71ef7217 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/privileges/read_privileges_route.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/privileges/read_privileges_route.test.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { securityMock } from '../../../../../../../../plugins/security/server/mocks';
+import { securityMock } from '../../../../../../security/server/mocks';
import { readPrivilegesRoute } from './read_privileges_route';
import { serverMock, requestContextMock } from '../__mocks__';
import { getPrivilegeRequest, getMockPrivilegesResult } from '../__mocks__/request_responses';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/privileges/read_privileges_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/privileges/read_privileges_route.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/privileges/read_privileges_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/privileges/read_privileges_route.ts
index d86880de65386..7dbbe837e656d 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/privileges/read_privileges_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/privileges/read_privileges_route.ts
@@ -6,7 +6,7 @@
import { merge } from 'lodash/fp';
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_PRIVILEGES_URL } from '../../../../../common/constants';
import { SetupPlugins } from '../../../../plugin';
import { buildSiemResponse, transformError } from '../utils';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts
index 3eba04debb21f..bfc8c9c54b2c0 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/add_prepackaged_rules_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_PREPACKAGED_URL } from '../../../../../common/constants';
import { getIndexExists } from '../../index/get_index_exists';
import { transformError, buildSiemResponse } from '../utils';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts
index 5377e9039785e..a40952c078a37 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts
@@ -6,7 +6,7 @@
import uuid from 'uuid';
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
import { createRules } from '../../rules/create_rules';
import { RuleAlertParamsRest } from '../../types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.ts
index 9a329b78b8f12..19c5d479deb72 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/create_rules_route.ts
@@ -6,7 +6,7 @@
import uuid from 'uuid';
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
import { createRules } from '../../rules/create_rules';
import { IRuleSavedAttributesSavedObjectAttributes } from '../../rules/types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_bulk_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_bulk_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_bulk_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_bulk_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_bulk_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_bulk_route.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_bulk_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_bulk_route.ts
index 0c5ad2e060924..38748e287ab45 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_bulk_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_bulk_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter, RouteConfig, RequestHandler } from '../../../../../../../../../src/core/server';
+import { IRouter, RouteConfig, RequestHandler } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
import { queryRulesBulkSchema } from '../schemas/query_rules_bulk_schema';
import { rulesBulkSchema } from '../schemas/response/rules_bulk_schema';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_route.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_route.ts
index 71724e3ba9b58..098d556741fed 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/delete_rules_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
import { deleteRules } from '../../rules/delete_rules';
import { queryRulesSchema } from '../schemas/query_rules_schema';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/export_rules_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/export_rules_route.ts
similarity index 90%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/export_rules_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/export_rules_route.ts
index 50eafe163c265..8433b74adf310 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/export_rules_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/export_rules_route.ts
@@ -4,9 +4,9 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
-import { LegacyServices } from '../../../../types';
+import { ConfigType } from '../../../..';
import { ExportRulesRequestParams } from '../../rules/types';
import { getNonPackagedRulesCount } from '../../rules/get_existing_prepackaged_rules';
import { exportRulesSchema, exportRulesQuerySchema } from '../schemas/export_rules_schema';
@@ -14,7 +14,7 @@ import { getExportByObjectIds } from '../../rules/get_export_by_object_ids';
import { getExportAll } from '../../rules/get_export_all';
import { transformError, buildRouteValidation, buildSiemResponse } from '../utils';
-export const exportRulesRoute = (router: IRouter, config: LegacyServices['config']) => {
+export const exportRulesRoute = (router: IRouter, config: ConfigType) => {
router.post(
{
path: `${DETECTION_ENGINE_RULES_URL}/_export`,
@@ -35,7 +35,7 @@ export const exportRulesRoute = (router: IRouter, config: LegacyServices['config
}
try {
- const exportSizeLimit = config().get('savedObjects.maxImportExportSize');
+ const exportSizeLimit = config.maxRuleImportExportSize;
if (request.body?.objects != null && request.body.objects.length > exportSizeLimit) {
return siemResponse.error({
statusCode: 400,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_route.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_route.ts
index 85555c1a57084..9661fac81497c 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
import { findRules } from '../../rules/find_rules';
import {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_status_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_status_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_status_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_status_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_status_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_status_route.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_status_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_status_route.ts
index 8eed146537718..6b54a25a1b1c4 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_status_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/find_rules_status_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
import { findRulesStatusesSchema } from '../schemas/find_rules_statuses_schema';
import {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.ts
index 7f0bf4bf81179..67a54f3ba492a 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/get_prepackaged_rules_status_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_PREPACKAGED_URL } from '../../../../../common/constants';
import { transformError, buildSiemResponse } from '../utils';
import { getPrepackagedRules } from '../../rules/get_prepackaged_rules';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.test.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.test.ts
index 61f5e6faf1bdb..8c052cfdf4024 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.test.ts
@@ -23,7 +23,6 @@ import {
} from '../__mocks__/request_responses';
import { createMockConfig, requestContextMock, serverMock, requestMock } from '../__mocks__';
import { importRulesRoute } from './import_rules_route';
-import { DEFAULT_SIGNALS_INDEX } from '../../../../../common/constants';
import * as createRulesStreamFromNdJson from '../../rules/create_rules_stream_from_ndjson';
import { setFeatureFlagsForTestsOnly, unSetFeatureFlagsForTestsOnly } from '../../feature_flags';
@@ -36,7 +35,7 @@ describe('import_rules_route', () => {
unSetFeatureFlagsForTestsOnly();
});
- let config = createMockConfig();
+ let config: ReturnType;
let server: ReturnType;
let request: ReturnType;
let { clients, context } = requestContextMock.createTools();
@@ -51,30 +50,10 @@ describe('import_rules_route', () => {
server = serverMock.create();
({ clients, context } = requestContextMock.createTools());
+ config = createMockConfig();
const hapiStream = buildHapiStream(ruleIdsToNdJsonString(['rule-1']));
request = getImportRulesRequest(hapiStream);
- config = () => ({
- get: jest.fn(value => {
- switch (value) {
- case 'savedObjects.maxImportPayloadBytes': {
- return 10000;
- }
- case 'savedObjects.maxImportExportSize': {
- return 10000;
- }
- case 'xpack.siem.signalsIndex': {
- return DEFAULT_SIGNALS_INDEX;
- }
- default: {
- const dummyMock = jest.fn();
- return dummyMock();
- }
- }
- }),
- has: jest.fn(),
- });
-
clients.clusterClient.callAsCurrentUser.mockResolvedValue(getNonEmptyIndex()); // index exists
clients.alertsClient.find.mockResolvedValue(getEmptyFindResult()); // no extant rules
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.ts
index 57ccc7a7806ac..58da27916c198 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/import_rules_route.ts
@@ -7,10 +7,10 @@
import { chunk } from 'lodash/fp';
import { extname } from 'path';
-import { IRouter } from '../../../../../../../../../src/core/server';
-import { createPromiseFromStreams } from '../../../../../../../../../src/legacy/utils/streams';
+import { IRouter } from '../../../../../../../../src/core/server';
+import { createPromiseFromStreams } from '../../../../../../../../src/legacy/utils/streams';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
-import { LegacyServices } from '../../../../types';
+import { ConfigType } from '../../../..';
import { createRules } from '../../rules/create_rules';
import { ImportRulesRequestParams } from '../../rules/types';
import { readRules } from '../../rules/read_rules';
@@ -38,7 +38,7 @@ type PromiseFromStreams = ImportRuleAlertRest | Error;
const CHUNK_PARSED_OBJECT_SIZE = 10;
-export const importRulesRoute = (router: IRouter, config: LegacyServices['config']) => {
+export const importRulesRoute = (router: IRouter, config: ConfigType) => {
router.post(
{
path: `${DETECTION_ENGINE_RULES_URL}/_import`,
@@ -49,7 +49,7 @@ export const importRulesRoute = (router: IRouter, config: LegacyServices['config
options: {
tags: ['access:siem'],
body: {
- maxBytes: config().get('savedObjects.maxImportPayloadBytes'),
+ maxBytes: config.maxRuleImportPayloadBytes,
output: 'stream',
},
},
@@ -77,7 +77,7 @@ export const importRulesRoute = (router: IRouter, config: LegacyServices['config
});
}
- const objectLimit = config().get('savedObjects.maxImportExportSize');
+ const objectLimit = config.maxRuleImportExportSize;
const readStream = createRulesStreamFromNdJson(objectLimit);
const parsedObjects = await createPromiseFromStreams([
request.body.file,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_bulk_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_bulk_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_bulk_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_bulk_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_bulk_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_bulk_route.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_bulk_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_bulk_route.ts
index 8c0fceb7a5f29..e4236f4632dcd 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_bulk_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_bulk_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
import {
IRuleSavedAttributesSavedObjectAttributes,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_route.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_route.ts
index 9c5000d70e5fe..23469144e11f8 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/patch_rules_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
import { patchRules } from '../../rules/patch_rules';
import {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/read_rules_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/read_rules_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/read_rules_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/read_rules_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/read_rules_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/read_rules_route.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/read_rules_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/read_rules_route.ts
index 77747448e94fd..4d23e0217f2e8 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/read_rules_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/read_rules_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
import { getIdError } from './utils';
import { transformValidate } from './validate';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_bulk_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_bulk_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_bulk_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_bulk_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_bulk_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_bulk_route.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_bulk_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_bulk_route.ts
index 36e15780f5cb3..8f319063b2a9a 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_bulk_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_bulk_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
import {
IRuleSavedAttributesSavedObjectAttributes,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_route.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_route.ts
index 0444c757a9b31..7d69af4bcbd9b 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/update_rules_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants';
import {
UpdateRuleAlertParamsRest,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/utils.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/utils.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/utils.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/utils.test.ts
index 8b1b0cab3b2f2..ec9e84d4fa6bb 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/utils.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/utils.test.ts
@@ -22,12 +22,12 @@ import { INTERNAL_IDENTIFIER } from '../../../../../common/constants';
import { ImportRuleAlertRest, RuleAlertParamsRest, RuleTypeParams } from '../../types';
import { BulkError, ImportSuccessError } from '../utils';
import { getSimpleRule, getOutputRuleAlertForRest } from '../__mocks__/utils';
-import { createPromiseFromStreams } from '../../../../../../../../../src/legacy/utils/streams';
-import { PartialAlert } from '../../../../../../../../plugins/alerting/server';
-import { SanitizedAlert } from '../../../../../../../../plugins/alerting/server/types';
+import { createPromiseFromStreams } from '../../../../../../../../src/legacy/utils/streams';
+import { PartialAlert } from '../../../../../../alerting/server';
+import { SanitizedAlert } from '../../../../../../alerting/server/types';
+import { createRulesStreamFromNdJson } from '../../rules/create_rules_stream_from_ndjson';
import { RuleAlertType } from '../../rules/types';
import { setFeatureFlagsForTestsOnly, unSetFeatureFlagsForTestsOnly } from '../../feature_flags';
-import { createRulesStreamFromNdJson } from '../../rules/create_rules_stream_from_ndjson';
type PromiseFromStreams = ImportRuleAlertRest | Error;
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/utils.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/utils.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/utils.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/utils.ts
index 790603fa8cfc1..49d40354e68af 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/utils.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/utils.ts
@@ -8,7 +8,7 @@ import { pickBy, countBy } from 'lodash/fp';
import { SavedObject, SavedObjectsFindResponse } from 'kibana/server';
import uuid from 'uuid';
-import { PartialAlert, FindResult } from '../../../../../../../../plugins/alerting/server';
+import { PartialAlert, FindResult } from '../../../../../../alerting/server';
import { INTERNAL_IDENTIFIER } from '../../../../../common/constants';
import {
RuleAlertType,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/validate.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/validate.test.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/validate.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/validate.test.ts
index 7537401e5a366..3de801a5b6b17 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/validate.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/validate.test.ts
@@ -13,7 +13,7 @@ import {
transformValidateBulkError,
} from './validate';
import { getResult } from '../__mocks__/request_responses';
-import { FindResult } from '../../../../../../../../plugins/alerting/server';
+import { FindResult } from '../../../../../../alerting/server';
import { RulesSchema } from '../schemas/response/rules_schema';
import { BulkError } from '../utils';
import { setFeatureFlagsForTestsOnly, unSetFeatureFlagsForTestsOnly } from '../../feature_flags';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/validate.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/validate.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/validate.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/rules/validate.ts
index 1f3d1ec856684..c207d075331b6 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/rules/validate.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/rules/validate.ts
@@ -9,7 +9,7 @@ import { fold } from 'fp-ts/lib/Either';
import { pipe } from 'fp-ts/lib/pipeable';
import * as t from 'io-ts';
-import { PartialAlert, FindResult } from '../../../../../../../../plugins/alerting/server';
+import { PartialAlert, FindResult } from '../../../../../../alerting/server';
import { formatErrors } from '../schemas/response/utils';
import {
isAlertType,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/add_prepackaged_rules_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/add_prepackaged_rules_schema.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/add_prepackaged_rules_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/add_prepackaged_rules_schema.test.ts
index 8c741c937bf15..346da53736ad6 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/add_prepackaged_rules_schema.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/add_prepackaged_rules_schema.test.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertAction } from '../../../../../../../../plugins/alerting/common';
+import { AlertAction } from '../../../../../../alerting/common';
import { RuleAlertAction } from '../../../../../common/detection_engine/types';
import { ThreatParams, PrepackagedRules } from '../../types';
import { addPrepackagedRulesSchema } from './add_prepackaged_rules_schema';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/add_prepackaged_rules_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/add_prepackaged_rules_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/add_prepackaged_rules_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/add_prepackaged_rules_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_bulk_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_bulk_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_bulk_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_bulk_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_bulk_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_bulk_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_bulk_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_bulk_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_schema.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_schema.test.ts
index 82d355d37e7bb..0d7b562b97b2c 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_schema.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_schema.test.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertAction } from '../../../../../../../../plugins/alerting/common';
+import { AlertAction } from '../../../../../../alerting/common';
import { createRulesSchema } from './create_rules_schema';
import { PatchRuleAlertParamsRest } from '../../rules/types';
import { RuleAlertAction } from '../../../../../common/detection_engine/types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/create_rules_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/export_rules_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/export_rules_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/export_rules_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/export_rules_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/export_rules_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/export_rules_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/export_rules_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/export_rules_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/find_rules_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/find_rules_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/find_rules_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/find_rules_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/find_rules_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/find_rules_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/find_rules_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/find_rules_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/find_rules_statuses_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/find_rules_statuses_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/find_rules_statuses_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/find_rules_statuses_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/import_rules_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/import_rules_schema.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/import_rules_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/import_rules_schema.test.ts
index 40f7b19ea12b3..b8d601b743895 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/import_rules_schema.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/import_rules_schema.test.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertAction } from '../../../../../../../../plugins/alerting/common';
+import { AlertAction } from '../../../../../../alerting/common';
import {
importRulesSchema,
importRulesQuerySchema,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/import_rules_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/import_rules_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/import_rules_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/import_rules_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_bulk_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_bulk_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_bulk_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_bulk_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_bulk_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_bulk_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_bulk_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_bulk_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_schema.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_schema.test.ts
index 9e23e4e3bad55..02655e3972d81 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_schema.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_schema.test.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertAction } from '../../../../../../../../plugins/alerting/common';
+import { AlertAction } from '../../../../../../alerting/common';
import { patchRulesSchema } from './patch_rules_schema';
import { PatchRuleAlertParamsRest } from '../../rules/types';
import { RuleAlertAction } from '../../../../../common/detection_engine/types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/patch_rules_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_bulk_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_bulk_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_bulk_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_bulk_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_bulk_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_bulk_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_bulk_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_bulk_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/query_rules_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/query_signals_index_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/query_signals_index_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/query_signals_index_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/query_signals_index_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/query_signals_index_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/query_signals_index_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/query_signals_index_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/query_signals_index_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/__mocks__/utils.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/__mocks__/utils.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/__mocks__/utils.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/__mocks__/utils.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/check_type_dependents.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/check_type_dependents.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/check_type_dependents.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/check_type_dependents.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/check_type_dependents.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/check_type_dependents.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/check_type_dependents.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/check_type_dependents.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/error_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/error_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/error_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/error_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/error_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/error_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/error_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/error_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/exact_check.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/exact_check.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/exact_check.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/exact_check.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/exact_check.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/exact_check.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/exact_check.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/exact_check.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/find_rules_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/find_rules_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/find_rules_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/find_rules_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/find_rules_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/find_rules_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/find_rules_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/find_rules_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/import_rules_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/import_rules_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/import_rules_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/import_rules_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/import_rules_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/import_rules_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/import_rules_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/import_rules_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_status_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_status_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_status_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_status_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_status_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_status_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_status_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/prepackaged_rules_status_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_bulk_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_bulk_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_bulk_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_bulk_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_bulk_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_bulk_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_bulk_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_bulk_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/rules_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/schemas.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/schemas.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/schemas.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/schemas.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/type_timeline_only_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/type_timeline_only_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/type_timeline_only_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/type_timeline_only_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/type_timeline_only_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/type_timeline_only_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/type_timeline_only_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/type_timeline_only_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/utils.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/utils.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/utils.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/utils.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/utils.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/utils.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/response/utils.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/response/utils.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/schemas.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/schemas.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/schemas.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/schemas.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/set_signal_status_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/set_signal_status_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/set_signal_status_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/set_signal_status_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/set_signal_status_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/set_signal_status_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/set_signal_status_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/set_signal_status_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/iso_date_string.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/iso_date_string.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/iso_date_string.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/iso_date_string.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/iso_date_string.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/iso_date_string.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/iso_date_string.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/iso_date_string.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/lists_default_array.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/lists_default_array.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/lists_default_array.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/lists_default_array.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/lists_default_array.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/lists_default_array.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/lists_default_array.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/lists_default_array.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/positive_integer.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/positive_integer.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/positive_integer.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/positive_integer.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/positive_integer_greater_than_zero.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/positive_integer_greater_than_zero.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/positive_integer_greater_than_zero.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/positive_integer_greater_than_zero.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/positive_integer_greater_than_zero.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/positive_integer_greater_than_zero.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/positive_integer_greater_than_zero.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/positive_integer_greater_than_zero.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/postive_integer.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/postive_integer.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/postive_integer.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/postive_integer.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/references_default_array.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/references_default_array.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/references_default_array.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/references_default_array.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/references_default_array.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/references_default_array.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/references_default_array.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/references_default_array.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/risk_score.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/risk_score.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/risk_score.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/risk_score.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/risk_score.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/risk_score.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/risk_score.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/risk_score.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/uuid.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/uuid.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/uuid.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/uuid.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/uuid.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/uuid.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/types/uuid.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/types/uuid.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_bulk_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_bulk_schema.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_bulk_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_bulk_schema.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_bulk_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_bulk_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_bulk_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_bulk_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_schema.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_schema.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_schema.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_schema.test.ts
index be2f06590e81d..78fa7d6cc71ad 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_schema.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_schema.test.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertAction } from '../../../../../../../../plugins/alerting/common';
+import { AlertAction } from '../../../../../../alerting/common';
import { updateRulesSchema } from './update_rules_schema';
import { PatchRuleAlertParamsRest } from '../../rules/types';
import { RuleAlertAction } from '../../../../../common/detection_engine/types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/schemas/update_rules_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/signals/open_close_signals.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/signals/open_close_signals.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/signals/open_close_signals.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/signals/open_close_signals.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/signals/open_close_signals_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/signals/open_close_signals_route.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/signals/open_close_signals_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/signals/open_close_signals_route.ts
index 2daf63c468593..c71761fcc39db 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/signals/open_close_signals_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/signals/open_close_signals_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_SIGNALS_STATUS_URL } from '../../../../../common/constants';
import { SignalsStatusRestParams } from '../../signals/types';
import { setSignalsStatusSchema } from '../schemas/set_signal_status_schema';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/signals/query_signals_route.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/signals/query_signals_route.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/signals/query_signals_route.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/signals/query_signals_route.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/signals/query_signals_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/signals/query_signals_route.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/signals/query_signals_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/signals/query_signals_route.ts
index f05f494619b9c..fd02b3371ed38 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/signals/query_signals_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/signals/query_signals_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_QUERY_SIGNALS_URL } from '../../../../../common/constants';
import { SignalsQueryRestParams } from '../../signals/types';
import { querySignalsSchema } from '../schemas/query_signals_index_schema';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/tags/read_tags_route.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/tags/read_tags_route.ts
similarity index 94%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/tags/read_tags_route.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/tags/read_tags_route.ts
index adabc62a9456f..2b885385521dd 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/tags/read_tags_route.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/tags/read_tags_route.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../../../../src/core/server';
+import { IRouter } from '../../../../../../../../src/core/server';
import { DETECTION_ENGINE_TAGS_URL } from '../../../../../common/constants';
import { transformError, buildSiemResponse } from '../utils';
import { readTags } from '../../tags/read_tags';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/utils.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/utils.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/utils.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/utils.test.ts
index 9efe4e491968b..8af5df6056913 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/utils.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/utils.test.ts
@@ -23,7 +23,7 @@ import {
} from './utils';
import { responseMock } from './__mocks__';
import { setFeatureFlagsForTestsOnly, unSetFeatureFlagsForTestsOnly } from '../feature_flags';
-import { licensingMock } from '../../../../../../../plugins/licensing/server/mocks';
+import { licensingMock } from '../../../../../licensing/server/mocks';
describe('utils', () => {
beforeAll(() => {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/utils.ts b/x-pack/plugins/siem/server/lib/detection_engine/routes/utils.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/utils.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/routes/utils.ts
index e4015ad8bafa4..52493a9be9b8f 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/routes/utils.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/routes/utils.ts
@@ -13,8 +13,8 @@ import {
RouteValidationFunction,
KibanaResponseFactory,
CustomHttpResponseOptions,
-} from '../../../../../../../../src/core/server';
-import { ILicense } from '../../../../../../../plugins/licensing/server';
+} from '../../../../../../../src/core/server';
+import { ILicense } from '../../../../../licensing/server';
import { MINIMUM_ML_LICENSE } from '../../../../common/constants';
import { RuleType } from '../../../../common/detection_engine/types';
import { isMlRule } from '../../../../common/detection_engine/ml_helpers';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/create_rule_actions_saved_object.ts b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/create_rule_actions_saved_object.ts
similarity index 94%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/create_rule_actions_saved_object.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rule_actions/create_rule_actions_saved_object.ts
index 991690d901d8a..26c3b29ff2c51 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/create_rule_actions_saved_object.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/create_rule_actions_saved_object.ts
@@ -5,7 +5,7 @@
*/
import { RuleAlertAction } from '../../../../common/detection_engine/types';
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
+import { AlertServices } from '../../../../../alerting/server';
import { ruleActionsSavedObjectType } from './saved_object_mappings';
import { IRuleActionsAttributesSavedObjectAttributes } from './types';
import { getThrottleOptions, getRuleActionsFromSavedObject } from './utils';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/delete_rule_actions_saved_object.ts b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/delete_rule_actions_saved_object.ts
similarity index 92%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/delete_rule_actions_saved_object.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rule_actions/delete_rule_actions_saved_object.ts
index 91489334940bd..251f9155f9331 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/delete_rule_actions_saved_object.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/delete_rule_actions_saved_object.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
+import { AlertServices } from '../../../../../alerting/server';
import { ruleActionsSavedObjectType } from './saved_object_mappings';
import { getRuleActionsSavedObject } from './get_rule_actions_saved_object';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/get_rule_actions_saved_object.ts b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/get_rule_actions_saved_object.ts
similarity index 94%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/get_rule_actions_saved_object.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rule_actions/get_rule_actions_saved_object.ts
index dad35f6cb1f96..83cd59f0a1cde 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/get_rule_actions_saved_object.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/get_rule_actions_saved_object.ts
@@ -5,7 +5,7 @@
*/
import { RuleAlertAction } from '../../../../common/detection_engine/types';
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
+import { AlertServices } from '../../../../../alerting/server';
import { ruleActionsSavedObjectType } from './saved_object_mappings';
import { IRuleActionsAttributesSavedObjectAttributes } from './types';
import { getRuleActionsFromSavedObject } from './utils';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/saved_object_mappings.ts b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/saved_object_mappings.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/saved_object_mappings.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rule_actions/saved_object_mappings.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/types.ts b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/types.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rule_actions/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/update_or_create_rule_actions_saved_object.ts b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/update_or_create_rule_actions_saved_object.ts
similarity index 94%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/update_or_create_rule_actions_saved_object.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rule_actions/update_or_create_rule_actions_saved_object.ts
index d79c61f6200e3..3364827d397d2 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/update_or_create_rule_actions_saved_object.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/update_or_create_rule_actions_saved_object.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
+import { AlertServices } from '../../../../../alerting/server';
import { RuleAlertAction } from '../../../../common/detection_engine/types';
import { getRuleActionsSavedObject } from './get_rule_actions_saved_object';
import { createRuleActionsSavedObject } from './create_rule_actions_saved_object';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/update_rule_actions_saved_object.ts b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/update_rule_actions_saved_object.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/update_rule_actions_saved_object.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rule_actions/update_rule_actions_saved_object.ts
index 2a2c84838ed93..c8a3b1bbc38ad 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/update_rule_actions_saved_object.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/update_rule_actions_saved_object.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
+import { AlertServices } from '../../../../../alerting/server';
import { ruleActionsSavedObjectType } from './saved_object_mappings';
import { RulesActionsSavedObject } from './get_rule_actions_saved_object';
import { RuleAlertAction } from '../../../../common/detection_engine/types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/utils.ts b/x-pack/plugins/siem/server/lib/detection_engine/rule_actions/utils.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rule_actions/utils.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rule_actions/utils.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/add_tags.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/add_tags.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/add_tags.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/add_tags.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/add_tags.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/add_tags.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/add_tags.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/add_tags.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/create_rules.test.ts
similarity index 88%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/create_rules.test.ts
index a60f1d4177978..6710bf02aeb2b 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/create_rules.test.ts
@@ -4,8 +4,8 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
-import { actionsClientMock } from '../../../../../../../plugins/actions/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
+import { actionsClientMock } from '../../../../../actions/server/mocks';
import { getMlResult } from '../routes/__mocks__/request_responses';
import { createRules } from './create_rules';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/create_rules.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/create_rules.ts
index 91effb4741b8b..76cfffdfe9f40 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/create_rules.ts
@@ -5,7 +5,7 @@
*/
import { transformRuleToAlertAction } from '../../../../common/detection_engine/transform_actions';
-import { Alert } from '../../../../../../../plugins/alerting/common';
+import { Alert } from '../../../../../alerting/common';
import { APP_ID, SIGNALS_ID } from '../../../../common/constants';
import { CreateRuleParams } from './types';
import { addTags } from './add_tags';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules_stream_from_ndjson.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/create_rules_stream_from_ndjson.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules_stream_from_ndjson.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/create_rules_stream_from_ndjson.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules_stream_from_ndjson.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/create_rules_stream_from_ndjson.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules_stream_from_ndjson.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/create_rules_stream_from_ndjson.ts
index 27008d17d2192..034813b8d100d 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/create_rules_stream_from_ndjson.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/create_rules_stream_from_ndjson.ts
@@ -9,7 +9,7 @@ import {
createSplitStream,
createMapStream,
createConcatStream,
-} from '../../../../../../../../src/legacy/utils/streams';
+} from '../../../../../../../src/legacy/utils/streams';
import { importRulesSchema } from '../routes/schemas/import_rules_schema';
import { BadRequestError } from '../errors/bad_request_error';
import {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/delete_rules.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/delete_rules.test.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/delete_rules.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/delete_rules.test.ts
index 38fc1dc5d1930..68d01356a333a 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/delete_rules.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/delete_rules.test.ts
@@ -4,8 +4,8 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { actionsClientMock } from '../../../../../../../plugins/actions/server/mocks';
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { actionsClientMock } from '../../../../../actions/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
import { deleteRules } from './delete_rules';
import { readRules } from './read_rules';
jest.mock('./read_rules');
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/delete_rules.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/delete_rules.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/delete_rules.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/delete_rules.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/find_rules.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/find_rules.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/find_rules.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/find_rules.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/find_rules.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/find_rules.ts
similarity index 92%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/find_rules.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/find_rules.ts
index f333a7c340705..ac600b0b5b218 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/find_rules.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/find_rules.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { FindResult } from '../../../../../../../plugins/alerting/server';
+import { FindResult } from '../../../../../alerting/server';
import { SIGNALS_ID } from '../../../../common/constants';
import { FindRuleParams } from './types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_existing_prepackaged_rules.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_existing_prepackaged_rules.test.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_existing_prepackaged_rules.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_existing_prepackaged_rules.test.ts
index 9774d10a37d6f..d79b428a2f76d 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_existing_prepackaged_rules.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_existing_prepackaged_rules.test.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
import {
getResult,
getFindResultWithSingleHit,
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_existing_prepackaged_rules.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_existing_prepackaged_rules.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_existing_prepackaged_rules.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_existing_prepackaged_rules.ts
index b5e826ed42723..512164fc3d2e1 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_existing_prepackaged_rules.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_existing_prepackaged_rules.ts
@@ -5,7 +5,7 @@
*/
import { INTERNAL_IMMUTABLE_KEY } from '../../../../common/constants';
-import { AlertsClient } from '../../../../../../../plugins/alerting/server';
+import { AlertsClient } from '../../../../../alerting/server';
import { RuleAlertType, isAlertTypes } from './types';
import { findRules } from './find_rules';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_all.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_all.test.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_all.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_all.test.ts
index dd004e3685b1d..df902854962b1 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_all.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_all.test.ts
@@ -9,7 +9,7 @@ import {
getFindResultWithSingleHit,
FindHit,
} from '../routes/__mocks__/request_responses';
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
import { getExportAll } from './get_export_all';
import { unSetFeatureFlagsForTestsOnly, setFeatureFlagsForTestsOnly } from '../feature_flags';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_all.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_all.ts
similarity index 92%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_all.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_all.ts
index 40c07f28ea848..06e70f0bad184 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_all.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_all.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertsClient } from '../../../../../../../plugins/alerting/server';
+import { AlertsClient } from '../../../../../alerting/server';
import { getNonPackagedRules } from './get_existing_prepackaged_rules';
import { getExportDetailsNdjson } from './get_export_details_ndjson';
import { transformAlertsToRules } from '../routes/rules/utils';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts
index 715cb23e8444a..ce6819462aa27 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_by_object_ids.test.ts
@@ -11,7 +11,7 @@ import {
FindHit,
} from '../routes/__mocks__/request_responses';
import * as readRules from './read_rules';
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
import { setFeatureFlagsForTestsOnly, unSetFeatureFlagsForTestsOnly } from '../feature_flags';
describe('get_export_by_object_ids', () => {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_by_object_ids.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_by_object_ids.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_by_object_ids.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_by_object_ids.ts
index 048f09e95b062..02039b9de3c7a 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_by_object_ids.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_by_object_ids.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertsClient } from '../../../../../../../plugins/alerting/server';
+import { AlertsClient } from '../../../../../alerting/server';
import { getExportDetailsNdjson } from './get_export_details_ndjson';
import { isAlertType } from '../rules/types';
import { readRules } from './read_rules';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_details_ndjson.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_details_ndjson.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_details_ndjson.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_details_ndjson.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_details_ndjson.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_details_ndjson.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_export_details_ndjson.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_export_details_ndjson.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_prepackaged_rules.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_prepackaged_rules.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_prepackaged_rules.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_prepackaged_rules.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_prepackaged_rules.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_prepackaged_rules.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_prepackaged_rules.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_prepackaged_rules.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_rules_to_install.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_rules_to_install.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_rules_to_install.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_rules_to_install.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_rules_to_install.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_rules_to_install.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_rules_to_install.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_rules_to_install.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_rules_to_update.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_rules_to_update.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_rules_to_update.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_rules_to_update.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_rules_to_update.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/get_rules_to_update.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/get_rules_to_update.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/get_rules_to_update.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/install_prepacked_rules.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/install_prepacked_rules.ts
similarity index 89%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/install_prepacked_rules.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/install_prepacked_rules.ts
index 6d4bacb9cc243..46d5b5fdf452e 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/install_prepacked_rules.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/install_prepacked_rules.ts
@@ -4,9 +4,9 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { Alert } from '../../../../../../../plugins/alerting/common';
-import { ActionsClient } from '../../../../../../../plugins/actions/server';
-import { AlertsClient } from '../../../../../../../plugins/alerting/server';
+import { Alert } from '../../../../../alerting/common';
+import { ActionsClient } from '../../../../../actions/server';
+import { AlertsClient } from '../../../../../alerting/server';
import { createRules } from './create_rules';
import { PrepackagedRules } from '../types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/patch_rules.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/patch_rules.test.ts
similarity index 91%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/patch_rules.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/patch_rules.test.ts
index 3108fc5f3b718..f93b0aceb5e6e 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/patch_rules.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/patch_rules.test.ts
@@ -4,9 +4,9 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { savedObjectsClientMock } from '../../../../../../../../src/core/server/mocks';
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
-import { actionsClientMock } from '../../../../../../../plugins/actions/server/mocks';
+import { savedObjectsClientMock } from '../../../../../../../src/core/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
+import { actionsClientMock } from '../../../../../actions/server/mocks';
import { getResult, getMlResult } from '../routes/__mocks__/request_responses';
import { patchRules } from './patch_rules';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/patch_rules.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/patch_rules.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/patch_rules.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/patch_rules.ts
index 5c4889ec5fd68..347b370c89e07 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/patch_rules.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/patch_rules.ts
@@ -5,7 +5,7 @@
*/
import { defaults } from 'lodash/fp';
-import { PartialAlert } from '../../../../../../../plugins/alerting/server';
+import { PartialAlert } from '../../../../../alerting/server';
import { readRules } from './read_rules';
import { PatchRuleParams, IRuleSavedAttributesSavedObjectAttributes } from './types';
import { addTags } from './add_tags';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/403_response_to_a_post.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/403_response_to_a_post.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/403_response_to_a_post.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/403_response_to_a_post.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/405_response_method_not_allowed.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/405_response_method_not_allowed.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/405_response_method_not_allowed.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/405_response_method_not_allowed.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_adversary_behavior_detected.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_adversary_behavior_detected.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_adversary_behavior_detected.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_adversary_behavior_detected.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_dumping_detected.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_dumping_detected.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_dumping_detected.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_dumping_detected.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_dumping_prevented.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_dumping_prevented.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_dumping_prevented.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_dumping_prevented.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_manipulation_detected.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_manipulation_detected.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_manipulation_detected.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_manipulation_detected.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_manipulation_prevented.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_manipulation_prevented.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_manipulation_prevented.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_cred_manipulation_prevented.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_exploit_detected.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_exploit_detected.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_exploit_detected.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_exploit_detected.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_exploit_prevented.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_exploit_prevented.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_exploit_prevented.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_exploit_prevented.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_malware_detected.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_malware_detected.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_malware_detected.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_malware_detected.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_malware_prevented.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_malware_prevented.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_malware_prevented.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_malware_prevented.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_permission_theft_detected.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_permission_theft_detected.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_permission_theft_detected.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_permission_theft_detected.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_permission_theft_prevented.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_permission_theft_prevented.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_permission_theft_prevented.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_permission_theft_prevented.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_process_injection_detected.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_process_injection_detected.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_process_injection_detected.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_process_injection_detected.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_process_injection_prevented.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_process_injection_prevented.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_process_injection_prevented.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_process_injection_prevented.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_ransomware_detected.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_ransomware_detected.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_ransomware_detected.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_ransomware_detected.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_ransomware_prevented.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_ransomware_prevented.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_ransomware_prevented.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/elastic_endpoint_security_ransomware_prevented.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_adding_the_hidden_file_attribute_with_via_attribexe.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_adding_the_hidden_file_attribute_with_via_attribexe.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_adding_the_hidden_file_attribute_with_via_attribexe.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_adding_the_hidden_file_attribute_with_via_attribexe.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_adobe_hijack_persistence.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_adobe_hijack_persistence.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_adobe_hijack_persistence.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_adobe_hijack_persistence.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_clearing_windows_event_logs.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_clearing_windows_event_logs.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_clearing_windows_event_logs.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_clearing_windows_event_logs.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_delete_volume_usn_journal_with_fsutil.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_delete_volume_usn_journal_with_fsutil.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_delete_volume_usn_journal_with_fsutil.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_delete_volume_usn_journal_with_fsutil.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_deleting_backup_catalogs_with_wbadmin.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_deleting_backup_catalogs_with_wbadmin.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_deleting_backup_catalogs_with_wbadmin.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_deleting_backup_catalogs_with_wbadmin.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_direct_outbound_smb_connection.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_direct_outbound_smb_connection.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_direct_outbound_smb_connection.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_direct_outbound_smb_connection.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_disable_windows_firewall_rules_with_netsh.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_disable_windows_firewall_rules_with_netsh.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_disable_windows_firewall_rules_with_netsh.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_disable_windows_firewall_rules_with_netsh.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_encoding_or_decoding_files_via_certutil.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_encoding_or_decoding_files_via_certutil.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_encoding_or_decoding_files_via_certutil.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_encoding_or_decoding_files_via_certutil.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_local_scheduled_task_commands.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_local_scheduled_task_commands.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_local_scheduled_task_commands.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_local_scheduled_task_commands.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_local_service_commands.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_local_service_commands.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_local_service_commands.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_local_service_commands.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_msbuild_making_network_connections.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_msbuild_making_network_connections.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_msbuild_making_network_connections.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_msbuild_making_network_connections.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_mshta_making_network_connections.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_mshta_making_network_connections.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_mshta_making_network_connections.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_mshta_making_network_connections.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_psexec_lateral_movement_command.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_psexec_lateral_movement_command.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_psexec_lateral_movement_command.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_psexec_lateral_movement_command.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_suspicious_ms_office_child_process.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_suspicious_ms_office_child_process.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_suspicious_ms_office_child_process.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_suspicious_ms_office_child_process.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_suspicious_ms_outlook_child_process.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_suspicious_ms_outlook_child_process.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_suspicious_ms_outlook_child_process.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_suspicious_ms_outlook_child_process.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_system_shells_via_services.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_system_shells_via_services.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_system_shells_via_services.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_system_shells_via_services.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_unusual_network_connection_via_rundll32.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_unusual_network_connection_via_rundll32.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_unusual_network_connection_via_rundll32.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_unusual_network_connection_via_rundll32.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_unusual_parentchild_relationship.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_unusual_parentchild_relationship.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_unusual_parentchild_relationship.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_unusual_parentchild_relationship.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_unusual_process_network_connection.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_unusual_process_network_connection.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_unusual_process_network_connection.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_unusual_process_network_connection.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_user_account_creation.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_user_account_creation.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_user_account_creation.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_user_account_creation.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_volume_shadow_copy_deletion_via_vssadmin.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_volume_shadow_copy_deletion_via_vssadmin.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_volume_shadow_copy_deletion_via_vssadmin.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_volume_shadow_copy_deletion_via_vssadmin.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_volume_shadow_copy_deletion_via_wmic.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_volume_shadow_copy_deletion_via_wmic.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_volume_shadow_copy_deletion_via_wmic.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_volume_shadow_copy_deletion_via_wmic.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_windows_script_executing_powershell.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_windows_script_executing_powershell.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_windows_script_executing_powershell.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_windows_script_executing_powershell.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/index.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/index.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_port_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_port_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_port_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_port_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_service.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_service.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_service.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_service.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_url_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_url_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_url_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_network_url_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_process_all_hosts.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_process_all_hosts.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_process_all_hosts.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_process_all_hosts.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_user_name.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_user_name.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_user_name.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_anomalous_user_name.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_hping_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_hping_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_hping_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_hping_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_iodine_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_iodine_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_iodine_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_iodine_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_kernel_module_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_kernel_module_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_kernel_module_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_kernel_module_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_mknod_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_mknod_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_mknod_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_mknod_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_netcat_network_connection.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_netcat_network_connection.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_netcat_network_connection.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_netcat_network_connection.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_nmap_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_nmap_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_nmap_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_nmap_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_nping_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_nping_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_nping_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_nping_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_process_started_in_temp_directory.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_process_started_in_temp_directory.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_process_started_in_temp_directory.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_process_started_in_temp_directory.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_shell_activity_by_web_server.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_shell_activity_by_web_server.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_shell_activity_by_web_server.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_shell_activity_by_web_server.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_socat_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_socat_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_socat_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_socat_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_strace_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_strace_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_strace_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_strace_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_tcpdump_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_tcpdump_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_tcpdump_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_tcpdump_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_whoami_commmand.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_whoami_commmand.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_whoami_commmand.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/linux_whoami_commmand.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_dns_directly_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_dns_directly_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_dns_directly_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_dns_directly_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_ftp_file_transfer_protocol_activity_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_ftp_file_transfer_protocol_activity_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_ftp_file_transfer_protocol_activity_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_ftp_file_transfer_protocol_activity_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_irc_internet_relay_chat_protocol_activity_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_irc_internet_relay_chat_protocol_activity_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_irc_internet_relay_chat_protocol_activity_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_irc_internet_relay_chat_protocol_activity_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_nat_traversal_port_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_nat_traversal_port_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_nat_traversal_port_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_nat_traversal_port_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_port_26_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_port_26_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_port_26_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_port_26_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_port_8000_activity_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_port_8000_activity_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_port_8000_activity_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_port_8000_activity_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_pptp_point_to_point_tunneling_protocol_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_pptp_point_to_point_tunneling_protocol_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_pptp_point_to_point_tunneling_protocol_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_pptp_point_to_point_tunneling_protocol_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_proxy_port_activity_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_proxy_port_activity_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_proxy_port_activity_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_proxy_port_activity_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rdp_remote_desktop_protocol_from_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rdp_remote_desktop_protocol_from_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rdp_remote_desktop_protocol_from_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rdp_remote_desktop_protocol_from_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rdp_remote_desktop_protocol_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rdp_remote_desktop_protocol_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rdp_remote_desktop_protocol_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rdp_remote_desktop_protocol_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rpc_remote_procedure_call_from_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rpc_remote_procedure_call_from_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rpc_remote_procedure_call_from_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rpc_remote_procedure_call_from_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rpc_remote_procedure_call_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rpc_remote_procedure_call_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rpc_remote_procedure_call_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_rpc_remote_procedure_call_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_smb_windows_file_sharing_activity_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_smb_windows_file_sharing_activity_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_smb_windows_file_sharing_activity_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_smb_windows_file_sharing_activity_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_smtp_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_smtp_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_smtp_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_smtp_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_sql_server_port_activity_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_sql_server_port_activity_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_sql_server_port_activity_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_sql_server_port_activity_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_ssh_secure_shell_from_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_ssh_secure_shell_from_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_ssh_secure_shell_from_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_ssh_secure_shell_from_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_ssh_secure_shell_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_ssh_secure_shell_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_ssh_secure_shell_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_ssh_secure_shell_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_telnet_port_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_telnet_port_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_telnet_port_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_telnet_port_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_tor_activity_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_tor_activity_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_tor_activity_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_tor_activity_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_vnc_virtual_network_computing_from_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_vnc_virtual_network_computing_from_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_vnc_virtual_network_computing_from_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_vnc_virtual_network_computing_from_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_vnc_virtual_network_computing_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_vnc_virtual_network_computing_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_vnc_virtual_network_computing_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/network_vnc_virtual_network_computing_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/notice.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/notice.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/notice.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/notice.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/null_user_agent.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/null_user_agent.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/null_user_agent.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/null_user_agent.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_dns_tunneling.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_dns_tunneling.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_dns_tunneling.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_dns_tunneling.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_dns_question.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_dns_question.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_dns_question.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_dns_question.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_server_domain.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_server_domain.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_server_domain.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_server_domain.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_urls.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_urls.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_urls.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_urls.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_user_agent.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_user_agent.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_user_agent.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/packetbeat_rare_user_agent.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/rare_process_by_host_linux.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/rare_process_by_host_linux.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/rare_process_by_host_linux.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/rare_process_by_host_linux.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/rare_process_by_host_windows.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/rare_process_by_host_windows.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/rare_process_by_host_windows.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/rare_process_by_host_windows.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/sqlmap_user_agent.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/sqlmap_user_agent.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/sqlmap_user_agent.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/sqlmap_user_agent.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/suspicious_login_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/suspicious_login_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/suspicious_login_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/suspicious_login_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_network_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_network_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_network_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_network_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_path_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_path_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_path_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_path_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_process_all_hosts.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_process_all_hosts.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_process_all_hosts.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_process_all_hosts.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_process_creation.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_process_creation.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_process_creation.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_process_creation.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_script.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_script.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_script.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_script.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_service.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_service.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_service.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_service.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_user_name.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_user_name.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_user_name.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_anomalous_user_name.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_certutil_network_connection.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_certutil_network_connection.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_certutil_network_connection.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_certutil_network_connection.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_command_prompt_connecting_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_command_prompt_connecting_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_command_prompt_connecting_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_command_prompt_connecting_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_command_shell_started_by_powershell.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_command_shell_started_by_powershell.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_command_shell_started_by_powershell.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_command_shell_started_by_powershell.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_command_shell_started_by_svchost.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_command_shell_started_by_svchost.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_command_shell_started_by_svchost.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_command_shell_started_by_svchost.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_credential_dumping_msbuild.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_credential_dumping_msbuild.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_credential_dumping_msbuild.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_credential_dumping_msbuild.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_cve_2020_0601.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_cve_2020_0601.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_cve_2020_0601.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_cve_2020_0601.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_defense_evasion_via_filter_manager.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_defense_evasion_via_filter_manager.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_defense_evasion_via_filter_manager.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_defense_evasion_via_filter_manager.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_by_office_app.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_by_office_app.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_by_office_app.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_by_office_app.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_by_script.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_by_script.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_by_script.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_by_script.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_by_system_process.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_by_system_process.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_by_system_process.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_by_system_process.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_renamed.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_renamed.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_renamed.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_renamed.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_unusal_process.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_unusal_process.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_unusal_process.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_msbuild_started_unusal_process.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_compiled_html_file.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_compiled_html_file.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_compiled_html_file.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_compiled_html_file.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_net_com_assemblies.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_net_com_assemblies.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_net_com_assemblies.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_net_com_assemblies.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_regsvr32.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_regsvr32.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_regsvr32.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_regsvr32.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_trusted_developer_utilities.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_trusted_developer_utilities.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_trusted_developer_utilities.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_execution_via_trusted_developer_utilities.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_html_help_executable_program_connecting_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_html_help_executable_program_connecting_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_html_help_executable_program_connecting_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_html_help_executable_program_connecting_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_injection_msbuild.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_injection_msbuild.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_injection_msbuild.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_injection_msbuild.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_misc_lolbin_connecting_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_misc_lolbin_connecting_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_misc_lolbin_connecting_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_misc_lolbin_connecting_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_modification_of_boot_config.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_modification_of_boot_config.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_modification_of_boot_config.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_modification_of_boot_config.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_msxsl_network.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_msxsl_network.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_msxsl_network.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_msxsl_network.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_net_command_system_account.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_net_command_system_account.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_net_command_system_account.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_net_command_system_account.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_persistence_via_application_shimming.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_persistence_via_application_shimming.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_persistence_via_application_shimming.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_persistence_via_application_shimming.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_priv_escalation_via_accessibility_features.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_priv_escalation_via_accessibility_features.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_priv_escalation_via_accessibility_features.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_priv_escalation_via_accessibility_features.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_process_discovery_via_tasklist_command.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_process_discovery_via_tasklist_command.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_process_discovery_via_tasklist_command.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_process_discovery_via_tasklist_command.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_rare_user_runas_event.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_rare_user_runas_event.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_rare_user_runas_event.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_rare_user_runas_event.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_rare_user_type10_remote_login.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_rare_user_type10_remote_login.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_rare_user_type10_remote_login.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_rare_user_type10_remote_login.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_register_server_program_connecting_to_the_internet.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_register_server_program_connecting_to_the_internet.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_register_server_program_connecting_to_the_internet.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_register_server_program_connecting_to_the_internet.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_signed_binary_proxy_execution.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_signed_binary_proxy_execution.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_signed_binary_proxy_execution.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_signed_binary_proxy_execution.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_suspicious_pdf_reader.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_suspicious_pdf_reader.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_suspicious_pdf_reader.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_suspicious_pdf_reader.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_suspicious_process_started_by_a_script.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_suspicious_process_started_by_a_script.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_suspicious_process_started_by_a_script.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_suspicious_process_started_by_a_script.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_uac_bypass_event_viewer.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_uac_bypass_event_viewer.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_uac_bypass_event_viewer.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_uac_bypass_event_viewer.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_whoami_command_activity.json b/x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_whoami_command_activity.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_whoami_command_activity.json
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/windows_whoami_command_activity.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/read_rules.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/read_rules.test.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/read_rules.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/read_rules.test.ts
index 38a883329318b..600848948be0c 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/read_rules.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/read_rules.test.ts
@@ -5,7 +5,7 @@
*/
import { readRules } from './read_rules';
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
import { getResult, getFindResultWithSingleHit } from '../routes/__mocks__/request_responses';
export class TestError extends Error {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/read_rules.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/read_rules.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/read_rules.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/read_rules.ts
index 94e4e6357a4a0..9e0d5b3d05b3f 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/read_rules.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/read_rules.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { SanitizedAlert } from '../../../../../../../plugins/alerting/common';
+import { SanitizedAlert } from '../../../../../alerting/common';
import { INTERNAL_RULE_ID_KEY } from '../../../../common/constants';
import { findRules } from './find_rules';
import { ReadRuleParams, isAlertType } from './types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/saved_object_mappings.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/saved_object_mappings.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/saved_object_mappings.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/saved_object_mappings.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/types.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/types.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/types.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/types.ts
index b1bed5d716155..6fde199e0ba7d 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/types.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/types.ts
@@ -13,10 +13,10 @@ import {
SavedObjectsFindResponse,
SavedObjectsClientContract,
} from 'kibana/server';
-import { AlertsClient, PartialAlert } from '../../../../../../../plugins/alerting/server';
-import { Alert } from '../../../../../../../plugins/alerting/common';
+import { AlertsClient, PartialAlert } from '../../../../../alerting/server';
+import { Alert } from '../../../../../alerting/common';
import { SIGNALS_ID } from '../../../../common/constants';
-import { ActionsClient } from '../../../../../../../plugins/actions/server';
+import { ActionsClient } from '../../../../../actions/server';
import { RuleAlertParams, RuleTypeParams, RuleAlertParamsRest } from '../types';
export type PatchRuleAlertParamsRest = Partial & {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_prepacked_rules.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/update_prepacked_rules.test.ts
similarity index 86%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_prepacked_rules.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/update_prepacked_rules.test.ts
index 7a3f233475117..a9bbf75883d1f 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_prepacked_rules.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/update_prepacked_rules.test.ts
@@ -4,9 +4,9 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { savedObjectsClientMock } from '../../../../../../../../src/core/server/mocks';
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
-import { actionsClientMock } from '../../../../../../../plugins/actions/server/mocks';
+import { savedObjectsClientMock } from '../../../../../../../src/core/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
+import { actionsClientMock } from '../../../../../actions/server/mocks';
import { mockPrepackagedRule } from '../routes/__mocks__/request_responses';
import { updatePrepackagedRules } from './update_prepacked_rules';
import { patchRules } from './patch_rules';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_prepacked_rules.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/update_prepacked_rules.ts
similarity index 92%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_prepacked_rules.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/update_prepacked_rules.ts
index 7eb0d8d1399be..b72b232c27f03 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_prepacked_rules.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/update_prepacked_rules.ts
@@ -5,8 +5,8 @@
*/
import { SavedObjectsClientContract } from 'kibana/server';
-import { ActionsClient } from '../../../../../../../plugins/actions/server';
-import { AlertsClient } from '../../../../../../../plugins/alerting/server';
+import { ActionsClient } from '../../../../../actions/server';
+import { AlertsClient } from '../../../../../alerting/server';
import { patchRules } from './patch_rules';
import { PrepackagedRules } from '../types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/update_rules.test.ts
similarity index 91%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/update_rules.test.ts
index 72f4cbcbe68e8..2565d269db478 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/update_rules.test.ts
@@ -4,9 +4,9 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { savedObjectsClientMock } from '../../../../../../../../src/core/server/mocks';
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
-import { actionsClientMock } from '../../../../../../../plugins/actions/server/mocks';
+import { savedObjectsClientMock } from '../../../../../../../src/core/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
+import { actionsClientMock } from '../../../../../actions/server/mocks';
import { getResult, getMlResult } from '../routes/__mocks__/request_responses';
import { updateRules } from './update_rules';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/update_rules.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/update_rules.ts
index 99326768ed33b..183b81f3a3c77 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/update_rules.ts
@@ -5,7 +5,7 @@
*/
import { transformRuleToAlertAction } from '../../../../common/detection_engine/transform_actions';
-import { PartialAlert } from '../../../../../../../plugins/alerting/server';
+import { PartialAlert } from '../../../../../alerting/server';
import { readRules } from './read_rules';
import { IRuleSavedAttributesSavedObjectAttributes, UpdateRuleParams } from './types';
import { addTags } from './add_tags';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules_notifications.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/update_rules_notifications.ts
similarity index 93%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules_notifications.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/update_rules_notifications.ts
index 994a54048b71a..ddcd34b18cae9 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/update_rules_notifications.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/rules/update_rules_notifications.ts
@@ -5,7 +5,7 @@
*/
import { RuleAlertAction } from '../../../../common/detection_engine/types';
-import { AlertsClient, AlertServices } from '../../../../../../../plugins/alerting/server';
+import { AlertsClient, AlertServices } from '../../../../../alerting/server';
import { updateOrCreateRuleActionsSavedObject } from '../rule_actions/update_or_create_rule_actions_saved_object';
import { updateNotifications } from '../notifications/update_notifications';
import { RuleActions } from '../rule_actions/types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/utils.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/utils.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/utils.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/utils.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/utils.ts b/x-pack/plugins/siem/server/lib/detection_engine/rules/utils.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/rules/utils.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/rules/utils.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/add_prepackaged_rules.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/add_prepackaged_rules.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/add_prepackaged_rules.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/add_prepackaged_rules.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/check_env_variables.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/check_env_variables.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/check_env_variables.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/check_env_variables.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/convert_saved_search_to_rules.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/convert_saved_search_to_rules.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/convert_saved_search_to_rules.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/convert_saved_search_to_rules.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_all_actions.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_all_actions.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_all_actions.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_all_actions.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_all_alert_tasks.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_all_alert_tasks.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_all_alert_tasks.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_all_alert_tasks.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_all_alerts.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_all_alerts.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_all_alerts.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_all_alerts.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_all_api_keys.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_all_api_keys.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_all_api_keys.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_all_api_keys.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_all_statuses.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_all_statuses.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_all_statuses.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_all_statuses.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_bulk.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_bulk.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_bulk.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_bulk.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_rule_by_id.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_rule_by_id.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_rule_by_id.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_rule_by_id.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_rule_by_rule_id.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_rule_by_rule_id.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_rule_by_rule_id.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_rule_by_rule_id.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_signal_index.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_signal_index.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/delete_signal_index.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/delete_signal_index.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/export_rules.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/export_rules.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/export_rules.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/export_rules.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/export_rules_by_rule_id.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/export_rules_by_rule_id.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/export_rules_by_rule_id.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/export_rules_by_rule_id.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/export_rules_by_rule_id_to_file.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/export_rules_by_rule_id_to_file.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/export_rules_by_rule_id_to_file.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/export_rules_by_rule_id_to_file.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/export_rules_to_file.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/export_rules_to_file.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/export_rules_to_file.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/export_rules_to_file.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/find_rule_by_filter.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/find_rule_by_filter.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/find_rule_by_filter.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/find_rule_by_filter.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/find_rules.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/find_rules.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/find_rules.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/find_rules.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/find_rules_sort.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/find_rules_sort.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/find_rules_sort.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/find_rules_sort.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/find_rules_statuses_by_ids.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/find_rules_statuses_by_ids.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/find_rules_statuses_by_ids.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/find_rules_statuses_by_ids.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/find_saved_object.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/find_saved_object.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/find_saved_object.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/find_saved_object.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_action_instances.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/get_action_instances.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_action_instances.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/get_action_instances.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_action_types.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/get_action_types.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_action_types.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/get_action_types.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_alert_instances.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/get_alert_instances.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_alert_instances.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/get_alert_instances.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_alert_tasks.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/get_alert_tasks.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_alert_tasks.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/get_alert_tasks.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_alert_types.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/get_alert_types.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_alert_types.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/get_alert_types.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_prepackaged_rules_status.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/get_prepackaged_rules_status.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_prepackaged_rules_status.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/get_prepackaged_rules_status.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_privileges.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/get_privileges.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_privileges.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/get_privileges.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_rule_by_id.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/get_rule_by_id.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_rule_by_id.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/get_rule_by_id.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_rule_by_rule_id.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/get_rule_by_rule_id.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_rule_by_rule_id.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/get_rule_by_rule_id.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_saved_objects.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/get_saved_objects.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_saved_objects.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/get_saved_objects.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_signal_index.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/get_signal_index.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_signal_index.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/get_signal_index.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_tags.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/get_tags.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/get_tags.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/get_tags.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/hard_reset.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/hard_reset.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/hard_reset.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/hard_reset.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/import_rules.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/import_rules.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/import_rules.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/import_rules.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/import_rules_no_overwrite.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/import_rules_no_overwrite.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/import_rules_no_overwrite.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/import_rules_no_overwrite.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/patch_rule.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/patch_rule.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/patch_rule.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/patch_rule.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/patch_rule_bulk.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/patch_rule_bulk.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/patch_rule_bulk.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/patch_rule_bulk.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/post_rule.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/post_rule.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/post_rule.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/post_rule.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/post_rule_bulk.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/post_rule_bulk.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/post_rule_bulk.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/post_rule_bulk.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/post_signal_index.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/post_signal_index.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/post_signal_index.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/post_signal_index.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/post_x_rules.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/post_x_rules.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/post_x_rules.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/post_x_rules.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/regen_prepackge_rules_index.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/regen_prepackge_rules_index.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/regen_prepackge_rules_index.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/regen_prepackge_rules_index.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/delete_by_rule_id.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/delete_by_rule_id.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/delete_by_rule_id.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/delete_by_rule_id.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/multiple_ruleid_queries.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/multiple_ruleid_queries.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/multiple_ruleid_queries.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/multiple_ruleid_queries.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/multiple_simplest_queries.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/multiple_simplest_queries.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/multiple_simplest_queries.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/multiple_simplest_queries.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/patch_names.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/patch_names.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/patch_names.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/bulk/patch_names.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/export/ruleid_queries.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/export/ruleid_queries.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/export/ruleid_queries.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/export/ruleid_queries.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/import/multiple_ruleid_queries.ndjson b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/import/multiple_ruleid_queries.ndjson
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/import/multiple_ruleid_queries.ndjson
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/import/multiple_ruleid_queries.ndjson
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/README.md b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/README.md
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/README.md
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/README.md
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/disable_rule.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/disable_rule.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/disable_rule.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/disable_rule.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/enabled_rule.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/enabled_rule.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/enabled_rule.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/enabled_rule.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/simplest_update_risk_score_by_id.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/simplest_update_risk_score_by_id.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/simplest_update_risk_score_by_id.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/simplest_update_risk_score_by_id.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/simplest_update_risk_score_by_rule_id.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/simplest_update_risk_score_by_rule_id.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/simplest_update_risk_score_by_rule_id.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/simplest_update_risk_score_by_rule_id.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/simplest_updated_name.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/simplest_updated_name.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/simplest_updated_name.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/simplest_updated_name.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_interval.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_interval.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_interval.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_interval.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_list.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_list.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_list.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_list.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_machine_learning.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_machine_learning.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_machine_learning.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_machine_learning.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_note.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_note.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_note.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_note.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_query_everything.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_query_everything.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_query_everything.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_query_everything.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_tags.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_tags.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_tags.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_tags.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_timelineid.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_timelineid.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_timelineid.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_timelineid.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_version.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_version.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_version.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/patches/update_version.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/README.md b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/README.md
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/README.md
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/README.md
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_and.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_and.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_and.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_and.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_excluded.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_excluded.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_excluded.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_excluded.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_exists.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_exists.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_exists.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_exists.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_list.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_list.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_list.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_list.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match_all.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match_all.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match_all.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_match_all.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_or.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_or.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_or.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/lists/query_with_or.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_disabled.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_disabled.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_disabled.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_disabled.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_lucene.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_lucene.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_lucene.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_lucene.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_mitre_attack.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_mitre_attack.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_mitre_attack.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_mitre_attack.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_timelineid.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_timelineid.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_timelineid.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_timelineid.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_everything.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_everything.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_everything.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_everything.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_filter.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_filter.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_filter.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_filter.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_machine_learning.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_machine_learning.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_machine_learning.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_machine_learning.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_meta_data.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_meta_data.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_meta_data.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_meta_data.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_note.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_note.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_note.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_note.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_rule_id.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_rule_id.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_rule_id.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_rule_id.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_tags.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_tags.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_tags.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/query_with_tags.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/simplest_filters.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/simplest_filters.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/simplest_filters.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/simplest_filters.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/simplest_query.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/simplest_query.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/queries/simplest_query.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/queries/simplest_query.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/README.md b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/README.md
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/README.md
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/README.md
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_by_rule_id.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_by_rule_id.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_by_rule_id.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_by_rule_id.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_everything.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_everything.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_everything.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_everything.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_filters.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_filters.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_filters.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_filters.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_query.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_query.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_query.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_query.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_query_filter.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_query_filter.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_query_filter.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/saved_query_with_query_filter.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/simplest_saved_query.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/simplest_saved_query.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/simplest_saved_query.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/saved_queries/simplest_saved_query.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/README.md b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/README.md
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/README.md
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/README.md
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/imports/multiple_ruleid_queries_corrupted.ndjson b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/imports/multiple_ruleid_queries_corrupted.ndjson
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/imports/multiple_ruleid_queries_corrupted.ndjson
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/imports/multiple_ruleid_queries_corrupted.ndjson
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/filter_with_empty_query.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/filter_with_empty_query.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/filter_with_empty_query.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/filter_with_empty_query.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/filter_without_query.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/filter_without_query.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/filter_without_query.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/filter_without_query.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/query_filter_ui_meatadata_lucene.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/query_filter_ui_meatadata_lucene.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/query_filter_ui_meatadata_lucene.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/query_filter_ui_meatadata_lucene.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/query_filter_ui_metadata.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/query_filter_ui_metadata.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/query_filter_ui_metadata.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/query_filter_ui_metadata.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/query_with_errors.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/query_with_errors.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/query_with_errors.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/query_with_errors.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/saved_query_ui_meta_empty_query.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/saved_query_ui_meta_empty_query.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/saved_query_ui_meta_empty_query.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/queries/saved_query_ui_meta_empty_query.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/README.md b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/README.md
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/README.md
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/README.md
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/query_single_id.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/query_single_id.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/query_single_id.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/query_single_id.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/signal_on_signal_depth_1.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/signal_on_signal_depth_1.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/signal_on_signal_depth_1.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/signal_on_signal_depth_1.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/signal_on_signal_depth_2.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/signal_on_signal_depth_2.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/signal_on_signal_depth_2.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/depth_test/signal_on_signal_depth_2.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/halting_test/README.md b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/halting_test/README.md
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/halting_test/README.md
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/halting_test/README.md
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/halting_test/query_single_id.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/halting_test/query_single_id.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/halting_test/query_single_id.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/halting_test/query_single_id.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/halting_test/signal_on_signal.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/halting_test/signal_on_signal.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/halting_test/signal_on_signal.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/test_cases/signals_on_signals/halting_test/signal_on_signal.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/README.md b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/README.md
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/README.md
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/README.md
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/disable_rule.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/disable_rule.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/disable_rule.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/disable_rule.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/enabled_rule.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/enabled_rule.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/enabled_rule.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/enabled_rule.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/simplest_update_risk_score_by_id.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/simplest_update_risk_score_by_id.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/simplest_update_risk_score_by_id.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/simplest_update_risk_score_by_id.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/simplest_update_risk_score_by_rule_id.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/simplest_update_risk_score_by_rule_id.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/simplest_update_risk_score_by_rule_id.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/simplest_update_risk_score_by_rule_id.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/simplest_updated_name.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/simplest_updated_name.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/simplest_updated_name.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/simplest_updated_name.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_interval.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_interval.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_interval.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_interval.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_list.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_list.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_list.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_list.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_machine_learning.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_machine_learning.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_machine_learning.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_machine_learning.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_note.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_note.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_note.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_note.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_query_everything.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_query_everything.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_query_everything.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_query_everything.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_tags.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_tags.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_tags.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_tags.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_timelineid.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_timelineid.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_timelineid.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_timelineid.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_version.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_version.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_version.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/rules/updates/update_version.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signal_index_exists.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/signal_index_exists.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signal_index_exists.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/signal_index_exists.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signals/aggs_signals.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/signals/aggs_signals.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signals/aggs_signals.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/signals/aggs_signals.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signals/put_signal_doc.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/signals/put_signal_doc.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signals/put_signal_doc.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/signals/put_signal_doc.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signals/query_signals.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/signals/query_signals.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signals/query_signals.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/signals/query_signals.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signals/sample_signal.json b/x-pack/plugins/siem/server/lib/detection_engine/scripts/signals/sample_signal.json
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signals/sample_signal.json
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/signals/sample_signal.json
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signals/set_status_with_id.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/signals/set_status_with_id.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signals/set_status_with_id.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/signals/set_status_with_id.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signals/set_status_with_query.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/signals/set_status_with_query.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/signals/set_status_with_query.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/signals/set_status_with_query.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/update_rule.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/update_rule.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/update_rule.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/update_rule.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/update_rule_bulk.sh b/x-pack/plugins/siem/server/lib/detection_engine/scripts/update_rule_bulk.sh
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/scripts/update_rule_bulk.sh
rename to x-pack/plugins/siem/server/lib/detection_engine/scripts/update_rule_bulk.sh
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/__mocks__/es_results.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/__mocks__/es_results.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/__mocks__/es_results.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/__mocks__/es_results.ts
index 3bdcc3f92f44c..d361e424f01e3 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/__mocks__/es_results.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/__mocks__/es_results.ts
@@ -9,8 +9,8 @@ import {
Logger,
SavedObject,
SavedObjectsFindResponse,
-} from '../../../../../../../../../src/core/server';
-import { loggingServiceMock } from '../../../../../../../../../src/core/server/mocks';
+} from '../../../../../../../../src/core/server';
+import { loggingServiceMock } from '../../../../../../../../src/core/server/mocks';
import { RuleTypeParams, OutputRuleAlertRest } from '../../types';
import { IRuleStatusAttributes } from '../../rules/types';
import { ruleStatusSavedObjectType } from '../../../../saved_objects';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/__mocks__/rule_status_saved_objects_client.mock.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/__mocks__/rule_status_saved_objects_client.mock.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/__mocks__/rule_status_saved_objects_client.mock.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/__mocks__/rule_status_saved_objects_client.mock.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/build_bulk_body.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_event_type_signal.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_event_type_signal.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_event_type_signal.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/build_event_type_signal.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_event_type_signal.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_event_type_signal.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_event_type_signal.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/build_event_type_signal.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_events_query.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_events_query.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_events_query.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/build_events_query.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_events_query.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_events_query.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_events_query.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/build_events_query.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_exceptions_query.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_exceptions_query.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_exceptions_query.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/build_exceptions_query.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_exceptions_query.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_exceptions_query.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_exceptions_query.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/build_exceptions_query.ts
index 21d1524796649..22a57db87afb0 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_exceptions_query.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_exceptions_query.ts
@@ -3,7 +3,7 @@
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/
-import { Query } from '../../../../../../../../src/plugins/data/server';
+import { Query } from '../../../../../../../src/plugins/data/server';
import { List, ListOperator, ListValues } from '../routes/schemas/types/lists_default_array';
import { RuleAlertParams, Language } from '../types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_rule.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_rule.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_rule.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/build_rule.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_rule.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_rule.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_rule.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/build_rule.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_signal.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_signal.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_signal.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/build_signal.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_signal.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/build_signal.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/build_signal.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/build_signal.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/bulk_create_ml_signals.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/bulk_create_ml_signals.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/bulk_create_ml_signals.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/bulk_create_ml_signals.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/bulk_create_ml_signals.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/bulk_create_ml_signals.ts
similarity index 94%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/bulk_create_ml_signals.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/bulk_create_ml_signals.ts
index ba8938f116fc6..d298f1cc7cbc6 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/bulk_create_ml_signals.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/bulk_create_ml_signals.ts
@@ -7,8 +7,8 @@
import { flow, set, omit } from 'lodash/fp';
import { SearchResponse } from 'elasticsearch';
-import { Logger } from '../../../../../../../../src/core/server';
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
+import { Logger } from '../../../../../../../src/core/server';
+import { AlertServices } from '../../../../../alerting/server';
import { RuleAlertAction } from '../../../../common/detection_engine/types';
import { RuleTypeParams, RefreshTypes } from '../types';
import { singleBulkCreate, SingleBulkCreateResponse } from './single_bulk_create';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/find_ml_signals.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/find_ml_signals.ts
similarity index 91%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/find_ml_signals.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/find_ml_signals.ts
index b7f752e6ba5e0..8ac5a6cde39cc 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/find_ml_signals.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/find_ml_signals.ts
@@ -6,7 +6,7 @@
import dateMath from '@elastic/datemath';
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
+import { AlertServices } from '../../../../../alerting/server';
import { getAnomalies } from '../../machine_learning';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_filter.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/get_filter.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_filter.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/get_filter.test.ts
index c34a0010574af..35ec1950cedaa 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_filter.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/get_filter.test.ts
@@ -6,7 +6,7 @@
import { getQueryFilter, getFilter } from './get_filter';
import { PartialFilter } from '../types';
-import { alertsMock, AlertServicesMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsMock, AlertServicesMock } from '../../../../../alerting/server/mocks';
describe('get_filter', () => {
let servicesMock: AlertServicesMock;
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_filter.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/get_filter.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_filter.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/get_filter.ts
index e900f78609e1e..c685ce4567afa 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_filter.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/get_filter.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
+import { AlertServices } from '../../../../../alerting/server';
import { assertUnreachable } from '../../../utils/build_query';
import {
Filter,
@@ -12,7 +12,7 @@ import {
esQuery,
esFilters,
IIndexPattern,
-} from '../../../../../../../../src/plugins/data/server';
+} from '../../../../../../../src/plugins/data/server';
import { PartialFilter, RuleAlertParams, Language } from '../types';
import { BadRequestError } from '../errors/bad_request_error';
import { buildQueryExceptions } from './build_exceptions_query';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_input_output_index.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/get_input_output_index.test.ts
similarity index 89%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_input_output_index.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/get_input_output_index.test.ts
index ccd882228d4de..6fc99ada16ece 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_input_output_index.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/get_input_output_index.test.ts
@@ -4,10 +4,9 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { DEFAULT_INDEX_KEY } from '../../../../common/constants';
+import { alertsMock, AlertServicesMock } from '../../../../../alerting/server/mocks';
+import { DEFAULT_INDEX_KEY, DEFAULT_INDEX_PATTERN } from '../../../../common/constants';
import { getInputIndex } from './get_input_output_index';
-import { defaultIndexPattern } from '../../../../default_index_pattern';
-import { alertsMock, AlertServicesMock } from '../../../../../../../plugins/alerting/server/mocks';
describe('get_input_output_index', () => {
let servicesMock: AlertServicesMock;
@@ -78,7 +77,7 @@ describe('get_input_output_index', () => {
},
}));
const inputIndex = await getInputIndex(servicesMock, '8.0.0', null);
- expect(inputIndex).toEqual(defaultIndexPattern);
+ expect(inputIndex).toEqual(DEFAULT_INDEX_PATTERN);
});
test('Returns a saved object inputIndex default from constants if inputIndex passed in is undefined and the key is also null', async () => {
@@ -91,17 +90,17 @@ describe('get_input_output_index', () => {
},
}));
const inputIndex = await getInputIndex(servicesMock, '8.0.0', undefined);
- expect(inputIndex).toEqual(defaultIndexPattern);
+ expect(inputIndex).toEqual(DEFAULT_INDEX_PATTERN);
});
test('Returns a saved object inputIndex default from constants if both passed in inputIndex and configuration attributes are missing and the index is undefined', async () => {
const inputIndex = await getInputIndex(servicesMock, '8.0.0', undefined);
- expect(inputIndex).toEqual(defaultIndexPattern);
+ expect(inputIndex).toEqual(DEFAULT_INDEX_PATTERN);
});
test('Returns a saved object inputIndex default from constants if both passed in inputIndex and configuration attributes are missing and the index is null', async () => {
const inputIndex = await getInputIndex(servicesMock, '8.0.0', null);
- expect(inputIndex).toEqual(defaultIndexPattern);
+ expect(inputIndex).toEqual(DEFAULT_INDEX_PATTERN);
});
});
});
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_input_output_index.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/get_input_output_index.ts
similarity index 75%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_input_output_index.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/get_input_output_index.ts
index c93990e25b52b..85e3eeac476e4 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_input_output_index.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/get_input_output_index.ts
@@ -4,9 +4,8 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
-import { defaultIndexPattern } from '../../../../default_index_pattern';
-import { DEFAULT_INDEX_KEY } from '../../../../common/constants';
+import { DEFAULT_INDEX_KEY, DEFAULT_INDEX_PATTERN } from '../../../../common/constants';
+import { AlertServices } from '../../../../../alerting/server';
export const getInputIndex = async (
services: AlertServices,
@@ -22,7 +21,7 @@ export const getInputIndex = async (
if (configuration.attributes != null && configuration.attributes[DEFAULT_INDEX_KEY] != null) {
return configuration.attributes[DEFAULT_INDEX_KEY];
} else {
- return defaultIndexPattern;
+ return DEFAULT_INDEX_PATTERN;
}
}
};
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_or_create_rule_statuses.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/get_or_create_rule_statuses.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_or_create_rule_statuses.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/get_or_create_rule_statuses.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_rule_status_saved_objects.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/get_rule_status_saved_objects.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/get_rule_status_saved_objects.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/get_rule_status_saved_objects.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/rule_messages.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/rule_messages.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/rule_messages.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/rule_messages.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/rule_messages.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/rule_messages.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/rule_messages.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/rule_messages.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/rule_status_saved_objects_client.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/rule_status_saved_objects_client.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/rule_status_saved_objects_client.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/rule_status_saved_objects_client.ts
index 11cbf67304409..5f76889f238a1 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/rule_status_saved_objects_client.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/rule_status_saved_objects_client.ts
@@ -10,7 +10,7 @@ import {
SavedObjectsUpdateResponse,
SavedObjectsFindOptions,
SavedObjectsFindResponse,
-} from '../../../../../../../../src/core/server';
+} from '../../../../../../../src/core/server';
import { ruleStatusSavedObjectType } from '../rules/saved_object_mappings';
import { IRuleStatusAttributes } from '../rules/types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/rule_status_service.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/rule_status_service.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/rule_status_service.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/rule_status_service.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/rule_status_service.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/rule_status_service.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/rule_status_service.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/rule_status_service.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.test.ts
index 9e2f36fe2653a..cec011ae8c445 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.test.ts
@@ -16,7 +16,7 @@ import {
} from './__mocks__/es_results';
import { searchAfterAndBulkCreate } from './search_after_bulk_create';
import { DEFAULT_SIGNALS_INDEX } from '../../../../common/constants';
-import { alertsMock, AlertServicesMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsMock, AlertServicesMock } from '../../../../../alerting/server/mocks';
import uuid from 'uuid';
describe('searchAfterAndBulkCreate', () => {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.ts
index 3a964cb91fbdb..e287e33295c89 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/search_after_bulk_create.ts
@@ -4,10 +4,10 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
+import { AlertServices } from '../../../../../alerting/server';
import { RuleAlertAction } from '../../../../common/detection_engine/types';
import { RuleTypeParams, RefreshTypes } from '../types';
-import { Logger } from '../../../../../../../../src/core/server';
+import { Logger } from '../../../../../../../src/core/server';
import { singleSearchAfter } from './single_search_after';
import { singleBulkCreate } from './single_bulk_create';
import { SignalSearchResponse } from './types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/siem_rule_action_groups.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/siem_rule_action_groups.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/siem_rule_action_groups.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/siem_rule_action_groups.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/signal_params_schema.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/signal_params_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/signal_params_schema.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/signal_params_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts
index 31b407da111ea..7eecc5cb9bad0 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.test.ts
@@ -8,7 +8,7 @@ import moment from 'moment';
import { loggerMock } from 'src/core/server/logging/logger.mock';
import { getResult, getMlResult } from '../routes/__mocks__/request_responses';
import { signalRulesAlertType } from './signal_rule_alert_type';
-import { alertsMock, AlertServicesMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsMock, AlertServicesMock } from '../../../../../alerting/server/mocks';
import { ruleStatusServiceFactory } from './rule_status_service';
import { getGapBetweenRuns } from './utils';
import { RuleExecutorOptions } from './types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/signal_rule_alert_type.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.test.ts
index 3401d7417ec62..51cc0f449b17a 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.test.ts
@@ -18,7 +18,7 @@ import {
} from './__mocks__/es_results';
import { DEFAULT_SIGNALS_INDEX } from '../../../../common/constants';
import { singleBulkCreate, filterDuplicateRules } from './single_bulk_create';
-import { alertsMock, AlertServicesMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsMock, AlertServicesMock } from '../../../../../alerting/server/mocks';
describe('singleBulkCreate', () => {
const mockService: AlertServicesMock = alertsMock.createAlertServices();
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.ts
index 4373a35cac0c5..c098a4b68450d 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/single_bulk_create.ts
@@ -6,13 +6,13 @@
import { countBy, isEmpty } from 'lodash';
import { performance } from 'perf_hooks';
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
+import { AlertServices } from '../../../../../alerting/server';
import { SignalSearchResponse, BulkResponse } from './types';
import { RuleAlertAction } from '../../../../common/detection_engine/types';
import { RuleTypeParams, RefreshTypes } from '../types';
import { generateId, makeFloatString, errorAggregator } from './utils';
import { buildBulkBody } from './build_bulk_body';
-import { Logger } from '../../../../../../../../src/core/server';
+import { Logger } from '../../../../../../../src/core/server';
interface SingleBulkCreateParams {
someResult: SignalSearchResponse;
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_search_after.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/single_search_after.test.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_search_after.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/single_search_after.test.ts
index dbeab70595e4f..580080966457e 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_search_after.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/single_search_after.test.ts
@@ -10,7 +10,7 @@ import {
sampleDocSearchResultsWithSortId,
} from './__mocks__/es_results';
import { singleSearchAfter } from './single_search_after';
-import { alertsMock, AlertServicesMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsMock, AlertServicesMock } from '../../../../../alerting/server/mocks';
describe('singleSearchAfter', () => {
const mockService: AlertServicesMock = alertsMock.createAlertServices();
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_search_after.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/single_search_after.ts
similarity index 91%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_search_after.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/single_search_after.ts
index 6fc8fe4bd24d9..8071c18713c19 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/single_search_after.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/single_search_after.ts
@@ -5,8 +5,8 @@
*/
import { performance } from 'perf_hooks';
-import { AlertServices } from '../../../../../../../plugins/alerting/server';
-import { Logger } from '../../../../../../../../src/core/server';
+import { AlertServices } from '../../../../../alerting/server';
+import { Logger } from '../../../../../../../src/core/server';
import { SignalSearchResponse } from './types';
import { buildEventsSearchQuery } from './build_events_query';
import { makeFloatString } from './utils';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/types.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/types.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/types.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/types.ts
index a7556d992d20a..b493bab8b4610 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/types.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/types.ts
@@ -4,14 +4,10 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import { AlertType, State, AlertExecutorOptions } from '../../../../../alerting/server';
import { RuleAlertAction } from '../../../../common/detection_engine/types';
import { RuleAlertParams, OutputRuleAlertRest } from '../types';
import { SearchResponse } from '../../types';
-import {
- AlertType,
- State,
- AlertExecutorOptions,
-} from '../../../../../../../plugins/alerting/server';
export interface SignalsParams {
signalIds: string[] | undefined | null;
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/utils.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/utils.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/utils.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/utils.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/utils.ts b/x-pack/plugins/siem/server/lib/detection_engine/signals/utils.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/utils.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/signals/utils.ts
index 7bbd9d020efa7..f06c765073d78 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/signals/utils.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/signals/utils.ts
@@ -7,7 +7,7 @@ import { createHash } from 'crypto';
import moment from 'moment';
import dateMath from '@elastic/datemath';
-import { parseDuration } from '../../../../../../../plugins/alerting/server';
+import { parseDuration } from '../../../../../alerting/server';
import { BulkResponse, BulkResponseErrorAggregation } from './types';
export const generateId = (
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/tags/read_tags.test.ts b/x-pack/plugins/siem/server/lib/detection_engine/tags/read_tags.test.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/tags/read_tags.test.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/tags/read_tags.test.ts
index 80c107c991bb7..d29d885f9797a 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/tags/read_tags.test.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/tags/read_tags.test.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { alertsClientMock } from '../../../../../../../plugins/alerting/server/mocks';
+import { alertsClientMock } from '../../../../../alerting/server/mocks';
import { getResult, getFindResultWithMultiHits } from '../routes/__mocks__/request_responses';
import { INTERNAL_RULE_ID_KEY, INTERNAL_IDENTIFIER } from '../../../../common/constants';
import { readRawTags, readTags, convertTagsToSet, convertToTags, isTags } from './read_tags';
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/tags/read_tags.ts b/x-pack/plugins/siem/server/lib/detection_engine/tags/read_tags.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/tags/read_tags.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/tags/read_tags.ts
index d343bca8c97bb..addd373712850 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/tags/read_tags.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/tags/read_tags.ts
@@ -6,7 +6,7 @@
import { has } from 'lodash/fp';
import { INTERNAL_IDENTIFIER } from '../../../../common/constants';
-import { AlertsClient } from '../../../../../../../plugins/alerting/server';
+import { AlertsClient } from '../../../../../alerting/server';
import { findRules } from '../rules/find_rules';
export interface TagType {
diff --git a/x-pack/legacy/plugins/siem/server/lib/detection_engine/types.ts b/x-pack/plugins/siem/server/lib/detection_engine/types.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/detection_engine/types.ts
rename to x-pack/plugins/siem/server/lib/detection_engine/types.ts
index d87c226bf957a..357a2ab39e3fb 100644
--- a/x-pack/legacy/plugins/siem/server/lib/detection_engine/types.ts
+++ b/x-pack/plugins/siem/server/lib/detection_engine/types.ts
@@ -4,8 +4,8 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { CallAPIOptions } from '../../../../../../../src/core/server';
-import { Filter } from '../../../../../../../src/plugins/data/server';
+import { CallAPIOptions } from '../../../../../../src/core/server';
+import { Filter } from '../../../../../../src/plugins/data/server';
import { IRuleStatusAttributes } from './rules/types';
import { ListsDefaultArraySchema } from './routes/schemas/types/lists_default_array';
import { RuleAlertAction, RuleType } from '../../../common/detection_engine/types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/ecs_fields/extend_map.test.ts b/x-pack/plugins/siem/server/lib/ecs_fields/extend_map.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/ecs_fields/extend_map.test.ts
rename to x-pack/plugins/siem/server/lib/ecs_fields/extend_map.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/ecs_fields/extend_map.ts b/x-pack/plugins/siem/server/lib/ecs_fields/extend_map.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/ecs_fields/extend_map.ts
rename to x-pack/plugins/siem/server/lib/ecs_fields/extend_map.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/ecs_fields/index.ts b/x-pack/plugins/siem/server/lib/ecs_fields/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/ecs_fields/index.ts
rename to x-pack/plugins/siem/server/lib/ecs_fields/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/events/elasticsearch_adapter.test.ts b/x-pack/plugins/siem/server/lib/events/elasticsearch_adapter.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/events/elasticsearch_adapter.test.ts
rename to x-pack/plugins/siem/server/lib/events/elasticsearch_adapter.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/events/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/events/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/events/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/events/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/events/index.ts b/x-pack/plugins/siem/server/lib/events/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/events/index.ts
rename to x-pack/plugins/siem/server/lib/events/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/events/mock.ts b/x-pack/plugins/siem/server/lib/events/mock.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/events/mock.ts
rename to x-pack/plugins/siem/server/lib/events/mock.ts
index 3eb841cbad411..f5fb2f481ca77 100644
--- a/x-pack/legacy/plugins/siem/server/lib/events/mock.ts
+++ b/x-pack/plugins/siem/server/lib/events/mock.ts
@@ -5,7 +5,7 @@
*/
import { cloneDeep } from 'lodash/fp';
-import { defaultIndexPattern } from '../../../default_index_pattern';
+import { DEFAULT_INDEX_PATTERN } from '../../../common/constants';
import { RequestDetailsOptions } from './types';
export const mockResponseSearchTimelineDetails = {
@@ -185,7 +185,7 @@ export const mockResponseSearchTimelineDetails = {
export const mockOptions: RequestDetailsOptions = {
indexName: 'auditbeat-8.0.0-2019.03.29-000003',
eventId: 'TUfUymkBCQofM5eXGBYL',
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
};
export const mockRequest = {
diff --git a/x-pack/legacy/plugins/siem/server/lib/events/query.dsl.ts b/x-pack/plugins/siem/server/lib/events/query.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/events/query.dsl.ts
rename to x-pack/plugins/siem/server/lib/events/query.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/events/query.last_event_time.dsl.ts b/x-pack/plugins/siem/server/lib/events/query.last_event_time.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/events/query.last_event_time.dsl.ts
rename to x-pack/plugins/siem/server/lib/events/query.last_event_time.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/events/types.ts b/x-pack/plugins/siem/server/lib/events/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/events/types.ts
rename to x-pack/plugins/siem/server/lib/events/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/framework/index.ts b/x-pack/plugins/siem/server/lib/framework/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/framework/index.ts
rename to x-pack/plugins/siem/server/lib/framework/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/framework/kibana_framework_adapter.ts b/x-pack/plugins/siem/server/lib/framework/kibana_framework_adapter.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/framework/kibana_framework_adapter.ts
rename to x-pack/plugins/siem/server/lib/framework/kibana_framework_adapter.ts
index 6b41426e047ca..762416149c0fb 100644
--- a/x-pack/legacy/plugins/siem/server/lib/framework/kibana_framework_adapter.ts
+++ b/x-pack/plugins/siem/server/lib/framework/kibana_framework_adapter.ts
@@ -13,9 +13,9 @@ import {
KibanaResponseFactory,
RequestHandlerContext,
KibanaRequest,
-} from '../../../../../../../src/core/server';
-import { IndexPatternsFetcher } from '../../../../../../../src/plugins/data/server';
-import { AuthenticatedUser } from '../../../../../../plugins/security/common/model';
+} from '../../../../../../src/core/server';
+import { IndexPatternsFetcher } from '../../../../../../src/plugins/data/server';
+import { AuthenticatedUser } from '../../../../security/common/model';
import { CoreSetup, SetupPlugins } from '../../plugin';
import {
diff --git a/x-pack/legacy/plugins/siem/server/lib/framework/types.ts b/x-pack/plugins/siem/server/lib/framework/types.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/framework/types.ts
rename to x-pack/plugins/siem/server/lib/framework/types.ts
index 7d049d1dcd195..abe572df87063 100644
--- a/x-pack/legacy/plugins/siem/server/lib/framework/types.ts
+++ b/x-pack/plugins/siem/server/lib/framework/types.ts
@@ -7,8 +7,8 @@
import { IndicesGetMappingParams } from 'elasticsearch';
import { GraphQLSchema } from 'graphql';
-import { RequestHandlerContext, KibanaRequest } from '../../../../../../../src/core/server';
-import { AuthenticatedUser } from '../../../../../../plugins/security/common/model';
+import { RequestHandlerContext, KibanaRequest } from '../../../../../../src/core/server';
+import { AuthenticatedUser } from '../../../../security/common/model';
import { ESQuery } from '../../../common/typed_json';
import {
PaginationInput,
diff --git a/x-pack/legacy/plugins/siem/server/lib/hosts/elasticsearch_adapter.test.ts b/x-pack/plugins/siem/server/lib/hosts/elasticsearch_adapter.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/hosts/elasticsearch_adapter.test.ts
rename to x-pack/plugins/siem/server/lib/hosts/elasticsearch_adapter.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/hosts/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/hosts/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/hosts/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/hosts/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/hosts/helpers.test.ts b/x-pack/plugins/siem/server/lib/hosts/helpers.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/hosts/helpers.test.ts
rename to x-pack/plugins/siem/server/lib/hosts/helpers.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/hosts/helpers.ts b/x-pack/plugins/siem/server/lib/hosts/helpers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/hosts/helpers.ts
rename to x-pack/plugins/siem/server/lib/hosts/helpers.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/hosts/index.ts b/x-pack/plugins/siem/server/lib/hosts/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/hosts/index.ts
rename to x-pack/plugins/siem/server/lib/hosts/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/hosts/mock.ts b/x-pack/plugins/siem/server/lib/hosts/mock.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/hosts/mock.ts
rename to x-pack/plugins/siem/server/lib/hosts/mock.ts
index 6b72c4a5a2843..30082990b55f9 100644
--- a/x-pack/legacy/plugins/siem/server/lib/hosts/mock.ts
+++ b/x-pack/plugins/siem/server/lib/hosts/mock.ts
@@ -4,9 +4,8 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import { DEFAULT_INDEX_PATTERN } from '../../../common/constants';
import { Direction, HostsFields } from '../../graphql/types';
-import { defaultIndexPattern } from '../../../default_index_pattern';
-
import {
HostOverviewRequestOptions,
HostLastFirstSeenRequestOptions,
@@ -14,7 +13,7 @@ import {
} from '.';
export const mockGetHostsOptions: HostsRequestOptions = {
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
sourceConfiguration: {
fields: {
container: 'docker.container.name',
@@ -297,7 +296,7 @@ export const mockGetHostOverviewOptions: HostOverviewRequestOptions = {
},
},
timerange: { interval: '12h', to: 1554824274610, from: 1554737874610 },
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
fields: [
'_id',
'host.architecture',
@@ -501,7 +500,7 @@ export const mockGetHostOverviewResult = {
};
export const mockGetHostLastFirstSeenOptions: HostLastFirstSeenRequestOptions = {
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
sourceConfiguration: {
fields: {
container: 'docker.container.name',
diff --git a/x-pack/legacy/plugins/siem/server/lib/hosts/query.detail_host.dsl.ts b/x-pack/plugins/siem/server/lib/hosts/query.detail_host.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/hosts/query.detail_host.dsl.ts
rename to x-pack/plugins/siem/server/lib/hosts/query.detail_host.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/hosts/query.hosts.dsl.ts b/x-pack/plugins/siem/server/lib/hosts/query.hosts.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/hosts/query.hosts.dsl.ts
rename to x-pack/plugins/siem/server/lib/hosts/query.hosts.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/hosts/query.last_first_seen_host.dsl.ts b/x-pack/plugins/siem/server/lib/hosts/query.last_first_seen_host.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/hosts/query.last_first_seen_host.dsl.ts
rename to x-pack/plugins/siem/server/lib/hosts/query.last_first_seen_host.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/hosts/types.ts b/x-pack/plugins/siem/server/lib/hosts/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/hosts/types.ts
rename to x-pack/plugins/siem/server/lib/hosts/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/index_fields/elasticsearch_adapter.test.ts b/x-pack/plugins/siem/server/lib/index_fields/elasticsearch_adapter.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/index_fields/elasticsearch_adapter.test.ts
rename to x-pack/plugins/siem/server/lib/index_fields/elasticsearch_adapter.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/index_fields/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/index_fields/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/index_fields/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/index_fields/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/index_fields/index.ts b/x-pack/plugins/siem/server/lib/index_fields/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/index_fields/index.ts
rename to x-pack/plugins/siem/server/lib/index_fields/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/index_fields/mock.ts b/x-pack/plugins/siem/server/lib/index_fields/mock.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/index_fields/mock.ts
rename to x-pack/plugins/siem/server/lib/index_fields/mock.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/index_fields/types.ts b/x-pack/plugins/siem/server/lib/index_fields/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/index_fields/types.ts
rename to x-pack/plugins/siem/server/lib/index_fields/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/ip_details/elasticsearch_adapter.test.ts b/x-pack/plugins/siem/server/lib/ip_details/elasticsearch_adapter.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/ip_details/elasticsearch_adapter.test.ts
rename to x-pack/plugins/siem/server/lib/ip_details/elasticsearch_adapter.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/ip_details/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/ip_details/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/ip_details/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/ip_details/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/ip_details/index.ts b/x-pack/plugins/siem/server/lib/ip_details/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/ip_details/index.ts
rename to x-pack/plugins/siem/server/lib/ip_details/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/ip_details/mock.ts b/x-pack/plugins/siem/server/lib/ip_details/mock.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/ip_details/mock.ts
rename to x-pack/plugins/siem/server/lib/ip_details/mock.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/ip_details/query_overview.dsl.ts b/x-pack/plugins/siem/server/lib/ip_details/query_overview.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/ip_details/query_overview.dsl.ts
rename to x-pack/plugins/siem/server/lib/ip_details/query_overview.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/ip_details/query_users.dsl.ts b/x-pack/plugins/siem/server/lib/ip_details/query_users.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/ip_details/query_users.dsl.ts
rename to x-pack/plugins/siem/server/lib/ip_details/query_users.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/ip_details/types.ts b/x-pack/plugins/siem/server/lib/ip_details/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/ip_details/types.ts
rename to x-pack/plugins/siem/server/lib/ip_details/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/elasticsearch_adapter.test.ts b/x-pack/plugins/siem/server/lib/kpi_hosts/elasticsearch_adapter.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_hosts/elasticsearch_adapter.test.ts
rename to x-pack/plugins/siem/server/lib/kpi_hosts/elasticsearch_adapter.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/kpi_hosts/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_hosts/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/kpi_hosts/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/helpers.test.ts b/x-pack/plugins/siem/server/lib/kpi_hosts/helpers.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_hosts/helpers.test.ts
rename to x-pack/plugins/siem/server/lib/kpi_hosts/helpers.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/helpers.ts b/x-pack/plugins/siem/server/lib/kpi_hosts/helpers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_hosts/helpers.ts
rename to x-pack/plugins/siem/server/lib/kpi_hosts/helpers.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/index.ts b/x-pack/plugins/siem/server/lib/kpi_hosts/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_hosts/index.ts
rename to x-pack/plugins/siem/server/lib/kpi_hosts/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/mock.ts b/x-pack/plugins/siem/server/lib/kpi_hosts/mock.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_hosts/mock.ts
rename to x-pack/plugins/siem/server/lib/kpi_hosts/mock.ts
index ed9fbf0ba0646..a5affea2842a6 100644
--- a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/mock.ts
+++ b/x-pack/plugins/siem/server/lib/kpi_hosts/mock.ts
@@ -4,14 +4,14 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { defaultIndexPattern } from '../../../default_index_pattern';
+import { DEFAULT_INDEX_PATTERN } from '../../../common/constants';
import { RequestBasicOptions } from '../framework/types';
const FROM = new Date('2019-05-03T13:24:00.660Z').valueOf();
const TO = new Date('2019-05-04T13:24:00.660Z').valueOf();
export const mockKpiHostsOptions: RequestBasicOptions = {
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
sourceConfiguration: {
fields: {
container: 'docker.container.name',
@@ -27,7 +27,7 @@ export const mockKpiHostsOptions: RequestBasicOptions = {
};
export const mockKpiHostDetailsOptions: RequestBasicOptions = {
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
sourceConfiguration: {
fields: {
container: 'docker.container.name',
@@ -290,7 +290,7 @@ export const mockKpiHostsResponse = {
export const mockKpiHostsResponseNodata = { responses: [null, null, null] };
const mockMsearchHeader = {
- index: defaultIndexPattern,
+ index: DEFAULT_INDEX_PATTERN,
allowNoIndices: true,
ignoreUnavailable: true,
};
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/query_authentication.dsl.test.ts b/x-pack/plugins/siem/server/lib/kpi_hosts/query_authentication.dsl.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_hosts/query_authentication.dsl.test.ts
rename to x-pack/plugins/siem/server/lib/kpi_hosts/query_authentication.dsl.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/query_authentication.dsl.ts b/x-pack/plugins/siem/server/lib/kpi_hosts/query_authentication.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_hosts/query_authentication.dsl.ts
rename to x-pack/plugins/siem/server/lib/kpi_hosts/query_authentication.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/query_hosts.dsl.ts b/x-pack/plugins/siem/server/lib/kpi_hosts/query_hosts.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_hosts/query_hosts.dsl.ts
rename to x-pack/plugins/siem/server/lib/kpi_hosts/query_hosts.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/query_unique_ips.dsl.test.ts b/x-pack/plugins/siem/server/lib/kpi_hosts/query_unique_ips.dsl.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_hosts/query_unique_ips.dsl.test.ts
rename to x-pack/plugins/siem/server/lib/kpi_hosts/query_unique_ips.dsl.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/query_unique_ips.dsl.ts b/x-pack/plugins/siem/server/lib/kpi_hosts/query_unique_ips.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_hosts/query_unique_ips.dsl.ts
rename to x-pack/plugins/siem/server/lib/kpi_hosts/query_unique_ips.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_hosts/types.ts b/x-pack/plugins/siem/server/lib/kpi_hosts/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_hosts/types.ts
rename to x-pack/plugins/siem/server/lib/kpi_hosts/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_network/elastic_adapter.test.ts b/x-pack/plugins/siem/server/lib/kpi_network/elastic_adapter.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_network/elastic_adapter.test.ts
rename to x-pack/plugins/siem/server/lib/kpi_network/elastic_adapter.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_network/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/kpi_network/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_network/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/kpi_network/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_network/helpers.ts b/x-pack/plugins/siem/server/lib/kpi_network/helpers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_network/helpers.ts
rename to x-pack/plugins/siem/server/lib/kpi_network/helpers.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_network/index.ts b/x-pack/plugins/siem/server/lib/kpi_network/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_network/index.ts
rename to x-pack/plugins/siem/server/lib/kpi_network/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_network/mock.ts b/x-pack/plugins/siem/server/lib/kpi_network/mock.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_network/mock.ts
rename to x-pack/plugins/siem/server/lib/kpi_network/mock.ts
index 7d86769de09f1..cc0849ccdf1d2 100644
--- a/x-pack/legacy/plugins/siem/server/lib/kpi_network/mock.ts
+++ b/x-pack/plugins/siem/server/lib/kpi_network/mock.ts
@@ -4,11 +4,11 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { defaultIndexPattern } from '../../../default_index_pattern';
+import { DEFAULT_INDEX_PATTERN } from '../../../common/constants';
import { RequestBasicOptions } from '../framework/types';
export const mockOptions: RequestBasicOptions = {
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
sourceConfiguration: {
fields: {
container: 'docker.container.name',
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_network/query_dns.dsl.ts b/x-pack/plugins/siem/server/lib/kpi_network/query_dns.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_network/query_dns.dsl.ts
rename to x-pack/plugins/siem/server/lib/kpi_network/query_dns.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_network/query_network_events.ts b/x-pack/plugins/siem/server/lib/kpi_network/query_network_events.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_network/query_network_events.ts
rename to x-pack/plugins/siem/server/lib/kpi_network/query_network_events.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_network/query_tls_handshakes.dsl.ts b/x-pack/plugins/siem/server/lib/kpi_network/query_tls_handshakes.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_network/query_tls_handshakes.dsl.ts
rename to x-pack/plugins/siem/server/lib/kpi_network/query_tls_handshakes.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_network/query_unique_flow.ts b/x-pack/plugins/siem/server/lib/kpi_network/query_unique_flow.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_network/query_unique_flow.ts
rename to x-pack/plugins/siem/server/lib/kpi_network/query_unique_flow.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_network/query_unique_private_ips.dsl.ts b/x-pack/plugins/siem/server/lib/kpi_network/query_unique_private_ips.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_network/query_unique_private_ips.dsl.ts
rename to x-pack/plugins/siem/server/lib/kpi_network/query_unique_private_ips.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/kpi_network/types.ts b/x-pack/plugins/siem/server/lib/kpi_network/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/kpi_network/types.ts
rename to x-pack/plugins/siem/server/lib/kpi_network/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/machine_learning/index.ts b/x-pack/plugins/siem/server/lib/machine_learning/index.ts
similarity index 92%
rename from x-pack/legacy/plugins/siem/server/lib/machine_learning/index.ts
rename to x-pack/plugins/siem/server/lib/machine_learning/index.ts
index aa83df15f68d4..35789b5e202e2 100644
--- a/x-pack/legacy/plugins/siem/server/lib/machine_learning/index.ts
+++ b/x-pack/plugins/siem/server/lib/machine_learning/index.ts
@@ -6,8 +6,8 @@
import { SearchResponse } from 'elasticsearch';
-import { AlertServices } from '../../../../../../plugins/alerting/server';
-import { AnomalyRecordDoc as Anomaly } from '../../../../../../plugins/ml/common/types/anomalies';
+import { AlertServices } from '../../../../alerting/server';
+import { AnomalyRecordDoc as Anomaly } from '../../../../ml/common/types/anomalies';
export { Anomaly };
export type AnomalyResults = SearchResponse;
diff --git a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/matrix_histogram/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/matrix_histogram/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/matrix_histogram/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/elasticseatch_adapter.test.ts b/x-pack/plugins/siem/server/lib/matrix_histogram/elasticseatch_adapter.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/matrix_histogram/elasticseatch_adapter.test.ts
rename to x-pack/plugins/siem/server/lib/matrix_histogram/elasticseatch_adapter.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/index.ts b/x-pack/plugins/siem/server/lib/matrix_histogram/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/matrix_histogram/index.ts
rename to x-pack/plugins/siem/server/lib/matrix_histogram/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/mock.ts b/x-pack/plugins/siem/server/lib/matrix_histogram/mock.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/matrix_histogram/mock.ts
rename to x-pack/plugins/siem/server/lib/matrix_histogram/mock.ts
index 3e51e926bea87..1d1ebfff936d2 100644
--- a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/mock.ts
+++ b/x-pack/plugins/siem/server/lib/matrix_histogram/mock.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { defaultIndexPattern } from '../../../default_index_pattern';
+import { DEFAULT_INDEX_PATTERN } from '../../../common/constants';
import { HistogramType } from '../../graphql/types';
export const mockAlertsHistogramDataResponse = {
@@ -111,7 +111,7 @@ export const mockOptions = {
to: 9999,
from: 1234,
},
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
filterQuery: '',
stackByField: 'event.module',
histogramType: HistogramType.alerts,
diff --git a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/query.anomalies_over_time.dsl.ts b/x-pack/plugins/siem/server/lib/matrix_histogram/query.anomalies_over_time.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/matrix_histogram/query.anomalies_over_time.dsl.ts
rename to x-pack/plugins/siem/server/lib/matrix_histogram/query.anomalies_over_time.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/query.authentications_over_time.dsl.ts b/x-pack/plugins/siem/server/lib/matrix_histogram/query.authentications_over_time.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/matrix_histogram/query.authentications_over_time.dsl.ts
rename to x-pack/plugins/siem/server/lib/matrix_histogram/query.authentications_over_time.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/query.events_over_time.dsl.ts b/x-pack/plugins/siem/server/lib/matrix_histogram/query.events_over_time.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/matrix_histogram/query.events_over_time.dsl.ts
rename to x-pack/plugins/siem/server/lib/matrix_histogram/query.events_over_time.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/query_alerts.dsl.ts b/x-pack/plugins/siem/server/lib/matrix_histogram/query_alerts.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/matrix_histogram/query_alerts.dsl.ts
rename to x-pack/plugins/siem/server/lib/matrix_histogram/query_alerts.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/query_dns_histogram.dsl.ts b/x-pack/plugins/siem/server/lib/matrix_histogram/query_dns_histogram.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/matrix_histogram/query_dns_histogram.dsl.ts
rename to x-pack/plugins/siem/server/lib/matrix_histogram/query_dns_histogram.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/translations.ts b/x-pack/plugins/siem/server/lib/matrix_histogram/translations.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/matrix_histogram/translations.ts
rename to x-pack/plugins/siem/server/lib/matrix_histogram/translations.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/types.ts b/x-pack/plugins/siem/server/lib/matrix_histogram/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/matrix_histogram/types.ts
rename to x-pack/plugins/siem/server/lib/matrix_histogram/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/matrix_histogram/utils.ts b/x-pack/plugins/siem/server/lib/matrix_histogram/utils.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/matrix_histogram/utils.ts
rename to x-pack/plugins/siem/server/lib/matrix_histogram/utils.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/network/__snapshots__/elastic_adapter.test.ts.snap b/x-pack/plugins/siem/server/lib/network/__snapshots__/elastic_adapter.test.ts.snap
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/network/__snapshots__/elastic_adapter.test.ts.snap
rename to x-pack/plugins/siem/server/lib/network/__snapshots__/elastic_adapter.test.ts.snap
diff --git a/x-pack/legacy/plugins/siem/server/lib/network/elastic_adapter.test.ts b/x-pack/plugins/siem/server/lib/network/elastic_adapter.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/network/elastic_adapter.test.ts
rename to x-pack/plugins/siem/server/lib/network/elastic_adapter.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/network/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/network/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/network/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/network/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/network/index.ts b/x-pack/plugins/siem/server/lib/network/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/network/index.ts
rename to x-pack/plugins/siem/server/lib/network/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/network/mock.ts b/x-pack/plugins/siem/server/lib/network/mock.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/network/mock.ts
rename to x-pack/plugins/siem/server/lib/network/mock.ts
index 7ea692f27ef04..38e82a4f19dca 100644
--- a/x-pack/legacy/plugins/siem/server/lib/network/mock.ts
+++ b/x-pack/plugins/siem/server/lib/network/mock.ts
@@ -4,13 +4,13 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { defaultIndexPattern } from '../../../default_index_pattern';
+import { DEFAULT_INDEX_PATTERN } from '../../../common/constants';
import { Direction, FlowTargetSourceDest, NetworkTopTablesFields } from '../../graphql/types';
import { NetworkTopNFlowRequestOptions } from '.';
export const mockOptions: NetworkTopNFlowRequestOptions = {
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
sourceConfiguration: {
fields: {
container: 'docker.container.name',
diff --git a/x-pack/legacy/plugins/siem/server/lib/network/query_dns.dsl.ts b/x-pack/plugins/siem/server/lib/network/query_dns.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/network/query_dns.dsl.ts
rename to x-pack/plugins/siem/server/lib/network/query_dns.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/network/query_http.dsl.ts b/x-pack/plugins/siem/server/lib/network/query_http.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/network/query_http.dsl.ts
rename to x-pack/plugins/siem/server/lib/network/query_http.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/network/query_top_countries.dsl.ts b/x-pack/plugins/siem/server/lib/network/query_top_countries.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/network/query_top_countries.dsl.ts
rename to x-pack/plugins/siem/server/lib/network/query_top_countries.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/network/query_top_n_flow.dsl.ts b/x-pack/plugins/siem/server/lib/network/query_top_n_flow.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/network/query_top_n_flow.dsl.ts
rename to x-pack/plugins/siem/server/lib/network/query_top_n_flow.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/network/types.ts b/x-pack/plugins/siem/server/lib/network/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/network/types.ts
rename to x-pack/plugins/siem/server/lib/network/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/note/saved_object.ts b/x-pack/plugins/siem/server/lib/note/saved_object.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/note/saved_object.ts
rename to x-pack/plugins/siem/server/lib/note/saved_object.ts
index 23162f38bffba..2b94fd4516786 100644
--- a/x-pack/legacy/plugins/siem/server/lib/note/saved_object.ts
+++ b/x-pack/plugins/siem/server/lib/note/saved_object.ts
@@ -12,8 +12,8 @@ import { pipe } from 'fp-ts/lib/pipeable';
import { map, fold } from 'fp-ts/lib/Either';
import { identity } from 'fp-ts/lib/function';
-import { SavedObjectsFindOptions } from '../../../../../../../src/core/server';
-import { AuthenticatedUser } from '../../../../../../plugins/security/common/model';
+import { SavedObjectsFindOptions } from '../../../../../../src/core/server';
+import { AuthenticatedUser } from '../../../../security/common/model';
import { UNAUTHENTICATED_USER } from '../../../common/constants';
import {
PageInfoNote,
diff --git a/x-pack/legacy/plugins/siem/server/lib/note/saved_object_mappings.ts b/x-pack/plugins/siem/server/lib/note/saved_object_mappings.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/note/saved_object_mappings.ts
rename to x-pack/plugins/siem/server/lib/note/saved_object_mappings.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/note/types.ts b/x-pack/plugins/siem/server/lib/note/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/note/types.ts
rename to x-pack/plugins/siem/server/lib/note/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/overview/elastic_adapter.test.ts b/x-pack/plugins/siem/server/lib/overview/elastic_adapter.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/overview/elastic_adapter.test.ts
rename to x-pack/plugins/siem/server/lib/overview/elastic_adapter.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/overview/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/overview/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/overview/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/overview/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/overview/index.ts b/x-pack/plugins/siem/server/lib/overview/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/overview/index.ts
rename to x-pack/plugins/siem/server/lib/overview/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/overview/mock.ts b/x-pack/plugins/siem/server/lib/overview/mock.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/overview/mock.ts
rename to x-pack/plugins/siem/server/lib/overview/mock.ts
index 410b4d90b1e78..51d8a258569a8 100644
--- a/x-pack/legacy/plugins/siem/server/lib/overview/mock.ts
+++ b/x-pack/plugins/siem/server/lib/overview/mock.ts
@@ -4,11 +4,11 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { defaultIndexPattern } from '../../../default_index_pattern';
+import { DEFAULT_INDEX_PATTERN } from '../../../common/constants';
import { RequestBasicOptions } from '../framework/types';
export const mockOptionsNetwork: RequestBasicOptions = {
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
sourceConfiguration: {
fields: {
container: 'docker.container.name',
@@ -79,7 +79,7 @@ export const mockResultNetwork = {
};
export const mockOptionsHost: RequestBasicOptions = {
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
sourceConfiguration: {
fields: {
container: 'docker.container.name',
diff --git a/x-pack/legacy/plugins/siem/server/lib/overview/query.dsl.ts b/x-pack/plugins/siem/server/lib/overview/query.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/overview/query.dsl.ts
rename to x-pack/plugins/siem/server/lib/overview/query.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/overview/types.ts b/x-pack/plugins/siem/server/lib/overview/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/overview/types.ts
rename to x-pack/plugins/siem/server/lib/overview/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/pinned_event/saved_object.ts b/x-pack/plugins/siem/server/lib/pinned_event/saved_object.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/pinned_event/saved_object.ts
rename to x-pack/plugins/siem/server/lib/pinned_event/saved_object.ts
index a95c1da197f57..7fc23d86d8218 100644
--- a/x-pack/legacy/plugins/siem/server/lib/pinned_event/saved_object.ts
+++ b/x-pack/plugins/siem/server/lib/pinned_event/saved_object.ts
@@ -10,8 +10,8 @@ import { pipe } from 'fp-ts/lib/pipeable';
import { map, fold } from 'fp-ts/lib/Either';
import { identity } from 'fp-ts/lib/function';
-import { SavedObjectsFindOptions } from '../../../../../../../src/core/server';
-import { AuthenticatedUser } from '../../../../../../plugins/security/common/model';
+import { SavedObjectsFindOptions } from '../../../../../../src/core/server';
+import { AuthenticatedUser } from '../../../../security/common/model';
import { UNAUTHENTICATED_USER } from '../../../common/constants';
import { FrameworkRequest } from '../framework';
import {
diff --git a/x-pack/legacy/plugins/siem/server/lib/pinned_event/saved_object_mappings.ts b/x-pack/plugins/siem/server/lib/pinned_event/saved_object_mappings.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/pinned_event/saved_object_mappings.ts
rename to x-pack/plugins/siem/server/lib/pinned_event/saved_object_mappings.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/pinned_event/types.ts b/x-pack/plugins/siem/server/lib/pinned_event/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/pinned_event/types.ts
rename to x-pack/plugins/siem/server/lib/pinned_event/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/source_status/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/source_status/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/source_status/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/source_status/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/source_status/index.ts b/x-pack/plugins/siem/server/lib/source_status/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/source_status/index.ts
rename to x-pack/plugins/siem/server/lib/source_status/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/source_status/query.dsl.ts b/x-pack/plugins/siem/server/lib/source_status/query.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/source_status/query.dsl.ts
rename to x-pack/plugins/siem/server/lib/source_status/query.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/source_status/types.ts b/x-pack/plugins/siem/server/lib/source_status/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/source_status/types.ts
rename to x-pack/plugins/siem/server/lib/source_status/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/sources/configuration.test.ts b/x-pack/plugins/siem/server/lib/sources/configuration.test.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/lib/sources/configuration.test.ts
rename to x-pack/plugins/siem/server/lib/sources/configuration.test.ts
index b1b149d17a9f5..00fca7b77de49 100644
--- a/x-pack/legacy/plugins/siem/server/lib/sources/configuration.test.ts
+++ b/x-pack/plugins/siem/server/lib/sources/configuration.test.ts
@@ -4,9 +4,8 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import { DEFAULT_INDEX_PATTERN } from '../../../common/constants';
import { InmemoryConfigurationAdapter } from '../configuration/inmemory_configuration_adapter';
-import { defaultIndexPattern } from '../../../default_index_pattern';
-
import { ConfigurationSourcesAdapter } from './configuration';
import { PartialSourceConfiguration } from './types';
@@ -76,7 +75,7 @@ describe('the ConfigurationSourcesAdapter', () => {
new InmemoryConfigurationAdapter({
sources: {
sourceOne: {
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
fields: {
container: 'DIFFERENT_CONTAINER_FIELD',
},
diff --git a/x-pack/legacy/plugins/siem/server/lib/sources/configuration.ts b/x-pack/plugins/siem/server/lib/sources/configuration.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/sources/configuration.ts
rename to x-pack/plugins/siem/server/lib/sources/configuration.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/sources/index.ts b/x-pack/plugins/siem/server/lib/sources/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/sources/index.ts
rename to x-pack/plugins/siem/server/lib/sources/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/sources/types.ts b/x-pack/plugins/siem/server/lib/sources/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/sources/types.ts
rename to x-pack/plugins/siem/server/lib/sources/types.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/convert_saved_object_to_savedtimeline.ts b/x-pack/plugins/siem/server/lib/timeline/convert_saved_object_to_savedtimeline.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/convert_saved_object_to_savedtimeline.ts
rename to x-pack/plugins/siem/server/lib/timeline/convert_saved_object_to_savedtimeline.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/create_timelines_stream_from_ndjson.ts b/x-pack/plugins/siem/server/lib/timeline/create_timelines_stream_from_ndjson.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/create_timelines_stream_from_ndjson.ts
rename to x-pack/plugins/siem/server/lib/timeline/create_timelines_stream_from_ndjson.ts
index 16654b2863ee5..abe8de9bf5b94 100644
--- a/x-pack/legacy/plugins/siem/server/lib/timeline/create_timelines_stream_from_ndjson.ts
+++ b/x-pack/plugins/siem/server/lib/timeline/create_timelines_stream_from_ndjson.ts
@@ -13,7 +13,7 @@ import {
createConcatStream,
createSplitStream,
createMapStream,
-} from '../../../../../../../src/legacy/utils';
+} from '../../../../../../src/legacy/utils';
import {
parseNdjsonStrings,
filterExportedCounts,
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/pick_saved_timeline.ts b/x-pack/plugins/siem/server/lib/timeline/pick_saved_timeline.ts
similarity index 92%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/pick_saved_timeline.ts
rename to x-pack/plugins/siem/server/lib/timeline/pick_saved_timeline.ts
index 5b60086ae81b6..19adb7ac1045a 100644
--- a/x-pack/legacy/plugins/siem/server/lib/timeline/pick_saved_timeline.ts
+++ b/x-pack/plugins/siem/server/lib/timeline/pick_saved_timeline.ts
@@ -4,7 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AuthenticatedUser } from '../../../../../../plugins/security/common/model';
+import { AuthenticatedUser } from '../../../../security/common/model';
import { UNAUTHENTICATED_USER } from '../../../common/constants';
import { SavedTimeline } from './types';
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/__mocks__/import_timelines.ts b/x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/import_timelines.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/routes/__mocks__/import_timelines.ts
rename to x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/import_timelines.ts
index 74d3744e29299..686f2b491cf88 100644
--- a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/__mocks__/import_timelines.ts
+++ b/x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/import_timelines.ts
@@ -163,13 +163,6 @@ export const mockParsedTimelineObject = omit(
mockUniqueParsedObjects[0]
);
-export const mockConfig = {
- get: () => {
- return 100000000;
- },
- has: jest.fn(),
-};
-
export const mockGetCurrentUser = {
user: {
username: 'mockUser',
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/__mocks__/request_responses.ts b/x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/request_responses.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/routes/__mocks__/request_responses.ts
rename to x-pack/plugins/siem/server/lib/timeline/routes/__mocks__/request_responses.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/export_timelines_route.test.ts b/x-pack/plugins/siem/server/lib/timeline/routes/export_timelines_route.test.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/routes/export_timelines_route.test.ts
rename to x-pack/plugins/siem/server/lib/timeline/routes/export_timelines_route.test.ts
index 4eadede40f5d9..47ca25e16bd50 100644
--- a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/export_timelines_route.test.ts
+++ b/x-pack/plugins/siem/server/lib/timeline/routes/export_timelines_route.test.ts
@@ -16,6 +16,7 @@ import {
serverMock,
requestContextMock,
requestMock,
+ createMockConfig,
} from '../../detection_engine/routes/__mocks__';
import { TIMELINE_EXPORT_URL } from '../../../../common/constants';
import { convertSavedObjectToSavedNote } from '../../note/saved_object';
@@ -41,14 +42,6 @@ jest.mock('../../pinned_event/saved_object', () => {
describe('export timelines', () => {
let server: ReturnType;
let { clients, context } = requestContextMock.createTools();
- const config = jest.fn().mockImplementation(() => {
- return {
- get: () => {
- return 100;
- },
- has: jest.fn(),
- };
- });
beforeEach(() => {
server = serverMock.create();
@@ -61,7 +54,7 @@ describe('export timelines', () => {
((convertSavedObjectToSavedPinnedEvent as unknown) as jest.Mock).mockReturnValue(
mockPinnedEvents()
);
- exportTimelinesRoute(server.router, config);
+ exportTimelinesRoute(server.router, createMockConfig());
});
describe('status codes', () => {
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/export_timelines_route.ts b/x-pack/plugins/siem/server/lib/timeline/routes/export_timelines_route.ts
similarity index 87%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/routes/export_timelines_route.ts
rename to x-pack/plugins/siem/server/lib/timeline/routes/export_timelines_route.ts
index fa849c1c325a9..c59f6eb6ce3da 100644
--- a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/export_timelines_route.ts
+++ b/x-pack/plugins/siem/server/lib/timeline/routes/export_timelines_route.ts
@@ -5,11 +5,11 @@
*/
import { set as _set } from 'lodash/fp';
-import { IRouter } from '../../../../../../../../src/core/server';
-import { LegacyServices } from '../../../types';
-import { transformError, buildSiemResponse } from '../../detection_engine/routes/utils';
import { TIMELINE_EXPORT_URL } from '../../../../common/constants';
+import { IRouter } from '../../../../../../../src/core/server';
+import { ConfigType } from '../../..';
+import { transformError, buildSiemResponse } from '../../detection_engine/routes/utils';
import { getExportTimelineByObjectIds } from './utils/export_timelines';
import {
@@ -18,7 +18,7 @@ import {
} from './schemas/export_timelines_schema';
import { buildRouteValidation } from '../../../utils/build_validation/route_validation';
-export const exportTimelinesRoute = (router: IRouter, config: LegacyServices['config']) => {
+export const exportTimelinesRoute = (router: IRouter, config: ConfigType) => {
router.post(
{
path: TIMELINE_EXPORT_URL,
@@ -34,7 +34,7 @@ export const exportTimelinesRoute = (router: IRouter, config: LegacyServices['co
try {
const siemResponse = buildSiemResponse(response);
const savedObjectsClient = context.core.savedObjects.client;
- const exportSizeLimit = config().get('savedObjects.maxImportExportSize');
+ const exportSizeLimit = config.maxTimelineImportExportSize;
if (request.body?.ids != null && request.body.ids.length > exportSizeLimit) {
return siemResponse.error({
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/import_timelines_route.test.ts b/x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.test.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/routes/import_timelines_route.test.ts
rename to x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.test.ts
index 352f8f0a355fc..3931bf0e5bea5 100644
--- a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/import_timelines_route.test.ts
+++ b/x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.test.ts
@@ -6,15 +6,15 @@
import { getImportTimelinesRequest } from './__mocks__/request_responses';
import {
+ createMockConfig,
serverMock,
requestContextMock,
requestMock,
} from '../../detection_engine/routes/__mocks__';
import { TIMELINE_EXPORT_URL } from '../../../../common/constants';
-import { SecurityPluginSetup } from '../../../../../../../plugins/security/server';
+import { SecurityPluginSetup } from '../../../../../security/server';
import {
- mockConfig,
mockUniqueParsedObjects,
mockParsedObjects,
mockDuplicateIdErrors,
@@ -24,7 +24,7 @@ import {
} from './__mocks__/import_timelines';
describe('import timelines', () => {
- let config: jest.Mock;
+ let config: ReturnType;
let server: ReturnType;
let request: ReturnType;
let securitySetup: SecurityPluginSetup;
@@ -43,9 +43,7 @@ describe('import timelines', () => {
server = serverMock.create();
context = requestContextMock.createTools().context;
- config = jest.fn().mockImplementation(() => {
- return mockConfig;
- });
+ config = createMockConfig();
securitySetup = ({
authc: {
@@ -65,7 +63,7 @@ describe('import timelines', () => {
};
});
- jest.doMock('../../../../../../../../src/legacy/utils', () => {
+ jest.doMock('../../../../../../../src/legacy/utils', () => {
return {
createPromiseFromStreams: jest.fn().mockReturnValue(mockParsedObjects),
};
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/import_timelines_route.ts b/x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/routes/import_timelines_route.ts
rename to x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.ts
index ad7ee28d8ad51..258ef9faf671b 100644
--- a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/import_timelines_route.ts
+++ b/x-pack/plugins/siem/server/lib/timeline/routes/import_timelines_route.ts
@@ -7,6 +7,7 @@
import { extname } from 'path';
import { chunk, omit, set } from 'lodash/fp';
+import { TIMELINE_IMPORT_URL } from '../../../../common/constants';
import {
buildSiemResponse,
createBulkErrorObject,
@@ -15,7 +16,7 @@ import {
} from '../../detection_engine/routes/utils';
import { createTimelinesStreamFromNdJson } from '../create_timelines_stream_from_ndjson';
-import { createPromiseFromStreams } from '../../../../../../../../src/legacy/utils';
+import { createPromiseFromStreams } from '../../../../../../../src/legacy/utils';
import {
createTimelines,
@@ -27,12 +28,11 @@ import {
PromiseFromStreams,
} from './utils/import_timelines';
-import { IRouter } from '../../../../../../../../src/core/server';
-import { TIMELINE_IMPORT_URL } from '../../../../common/constants';
+import { IRouter } from '../../../../../../../src/core/server';
import { SetupPlugins } from '../../../plugin';
import { ImportTimelinesPayloadSchemaRt } from './schemas/import_timelines_schema';
import { importRulesSchema } from '../../detection_engine/routes/schemas/response/import_rules_schema';
-import { LegacyServices } from '../../../types';
+import { ConfigType } from '../../..';
import { Timeline } from '../saved_object';
import { validate } from '../../detection_engine/routes/rules/validate';
@@ -44,7 +44,7 @@ const timelineLib = new Timeline();
export const importTimelinesRoute = (
router: IRouter,
- config: LegacyServices['config'],
+ config: ConfigType,
security: SetupPlugins['security']
) => {
router.post(
@@ -56,7 +56,7 @@ export const importTimelinesRoute = (
options: {
tags: ['access:siem'],
body: {
- maxBytes: config().get('savedObjects.maxImportPayloadBytes'),
+ maxBytes: config.maxTimelineImportPayloadBytes,
output: 'stream',
},
},
@@ -81,7 +81,7 @@ export const importTimelinesRoute = (
});
}
- const objectLimit = config().get('savedObjects.maxImportExportSize');
+ const objectLimit = config.maxTimelineImportExportSize;
const readStream = createTimelinesStreamFromNdJson(objectLimit);
const parsedObjects = await createPromiseFromStreams([
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/schemas/export_timelines_schema.ts b/x-pack/plugins/siem/server/lib/timeline/routes/schemas/export_timelines_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/routes/schemas/export_timelines_schema.ts
rename to x-pack/plugins/siem/server/lib/timeline/routes/schemas/export_timelines_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/schemas/import_timelines_schema.ts b/x-pack/plugins/siem/server/lib/timeline/routes/schemas/import_timelines_schema.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/routes/schemas/import_timelines_schema.ts
rename to x-pack/plugins/siem/server/lib/timeline/routes/schemas/import_timelines_schema.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/schemas/schemas.ts b/x-pack/plugins/siem/server/lib/timeline/routes/schemas/schemas.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/routes/schemas/schemas.ts
rename to x-pack/plugins/siem/server/lib/timeline/routes/schemas/schemas.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/utils/export_timelines.ts b/x-pack/plugins/siem/server/lib/timeline/routes/utils/export_timelines.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/routes/utils/export_timelines.ts
rename to x-pack/plugins/siem/server/lib/timeline/routes/utils/export_timelines.ts
index 52ee2a891c9bb..edd4abe0d76b5 100644
--- a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/utils/export_timelines.ts
+++ b/x-pack/plugins/siem/server/lib/timeline/routes/utils/export_timelines.ts
@@ -21,7 +21,7 @@ import {
SavedObjectsClient,
SavedObjectsFindOptions,
SavedObjectsFindResponse,
-} from '../../../../../../../../../src/core/server';
+} from '../../../../../../../../src/core/server';
import {
ExportedTimelines,
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/routes/utils/import_timelines.ts b/x-pack/plugins/siem/server/lib/timeline/routes/utils/import_timelines.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/routes/utils/import_timelines.ts
rename to x-pack/plugins/siem/server/lib/timeline/routes/utils/import_timelines.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/saved_object.test.ts b/x-pack/plugins/siem/server/lib/timeline/saved_object.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/saved_object.test.ts
rename to x-pack/plugins/siem/server/lib/timeline/saved_object.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/saved_object.ts b/x-pack/plugins/siem/server/lib/timeline/saved_object.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/saved_object.ts
rename to x-pack/plugins/siem/server/lib/timeline/saved_object.ts
index bc6975331ad9b..e8cd27947589f 100644
--- a/x-pack/legacy/plugins/siem/server/lib/timeline/saved_object.ts
+++ b/x-pack/plugins/siem/server/lib/timeline/saved_object.ts
@@ -6,7 +6,7 @@
import { getOr } from 'lodash/fp';
-import { SavedObjectsFindOptions } from '../../../../../../../src/core/server';
+import { SavedObjectsFindOptions } from '../../../../../../src/core/server';
import { UNAUTHENTICATED_USER } from '../../../common/constants';
import {
ResponseTimeline,
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/saved_object_mappings.ts b/x-pack/plugins/siem/server/lib/timeline/saved_object_mappings.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/saved_object_mappings.ts
rename to x-pack/plugins/siem/server/lib/timeline/saved_object_mappings.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/timeline/types.ts b/x-pack/plugins/siem/server/lib/timeline/types.ts
similarity index 99%
rename from x-pack/legacy/plugins/siem/server/lib/timeline/types.ts
rename to x-pack/plugins/siem/server/lib/timeline/types.ts
index 523221192eca4..0bce3300591c2 100644
--- a/x-pack/legacy/plugins/siem/server/lib/timeline/types.ts
+++ b/x-pack/plugins/siem/server/lib/timeline/types.ts
@@ -14,7 +14,7 @@ import {
PinnedEventToReturnSavedObjectRuntimeType,
PinnedEventSavedObject,
} from '../pinned_event/types';
-import { SavedObjectsClient } from '../../../../../../../src/core/server';
+import { SavedObjectsClient } from '../../../../../../src/core/server';
/*
* ColumnHeader Types
diff --git a/x-pack/legacy/plugins/siem/server/lib/tls/elasticsearch_adapter.test.ts b/x-pack/plugins/siem/server/lib/tls/elasticsearch_adapter.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/tls/elasticsearch_adapter.test.ts
rename to x-pack/plugins/siem/server/lib/tls/elasticsearch_adapter.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/tls/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/tls/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/tls/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/tls/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/tls/index.ts b/x-pack/plugins/siem/server/lib/tls/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/tls/index.ts
rename to x-pack/plugins/siem/server/lib/tls/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/tls/mock.ts b/x-pack/plugins/siem/server/lib/tls/mock.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/tls/mock.ts
rename to x-pack/plugins/siem/server/lib/tls/mock.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/tls/query_tls.dsl.ts b/x-pack/plugins/siem/server/lib/tls/query_tls.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/tls/query_tls.dsl.ts
rename to x-pack/plugins/siem/server/lib/tls/query_tls.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/tls/types.ts b/x-pack/plugins/siem/server/lib/tls/types.ts
similarity index 94%
rename from x-pack/legacy/plugins/siem/server/lib/tls/types.ts
rename to x-pack/plugins/siem/server/lib/tls/types.ts
index 1fbb31ba3e0f3..f18ddc04e14a0 100644
--- a/x-pack/legacy/plugins/siem/server/lib/tls/types.ts
+++ b/x-pack/plugins/siem/server/lib/tls/types.ts
@@ -5,7 +5,7 @@
*/
import { FrameworkRequest, RequestBasicOptions } from '../framework';
-import { TlsData } from '../../../public/graphql/types';
+import { TlsData } from '../../graphql/types';
export interface TlsAdapter {
getTls(request: FrameworkRequest, options: RequestBasicOptions): Promise;
diff --git a/x-pack/legacy/plugins/siem/server/lib/types.ts b/x-pack/plugins/siem/server/lib/types.ts
similarity index 94%
rename from x-pack/legacy/plugins/siem/server/lib/types.ts
rename to x-pack/plugins/siem/server/lib/types.ts
index 323ced734d24b..a74fe8f778ba9 100644
--- a/x-pack/legacy/plugins/siem/server/lib/types.ts
+++ b/x-pack/plugins/siem/server/lib/types.ts
@@ -4,9 +4,9 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { AuthenticatedUser } from '../../../../../plugins/security/public';
-import { RequestHandlerContext } from '../../../../../../src/core/server';
-export { ConfigType as Configuration } from '../../../../../plugins/siem/server';
+import { AuthenticatedUser } from '../../../security/public';
+import { RequestHandlerContext } from '../../../../../src/core/server';
+export { ConfigType as Configuration } from '../';
import { Authentications } from './authentications';
import { Events } from './events';
diff --git a/x-pack/legacy/plugins/siem/server/lib/uncommon_processes/elasticsearch_adapter.test.ts b/x-pack/plugins/siem/server/lib/uncommon_processes/elasticsearch_adapter.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/uncommon_processes/elasticsearch_adapter.test.ts
rename to x-pack/plugins/siem/server/lib/uncommon_processes/elasticsearch_adapter.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/uncommon_processes/elasticsearch_adapter.ts b/x-pack/plugins/siem/server/lib/uncommon_processes/elasticsearch_adapter.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/uncommon_processes/elasticsearch_adapter.ts
rename to x-pack/plugins/siem/server/lib/uncommon_processes/elasticsearch_adapter.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/uncommon_processes/index.ts b/x-pack/plugins/siem/server/lib/uncommon_processes/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/uncommon_processes/index.ts
rename to x-pack/plugins/siem/server/lib/uncommon_processes/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/uncommon_processes/query.dsl.ts b/x-pack/plugins/siem/server/lib/uncommon_processes/query.dsl.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/uncommon_processes/query.dsl.ts
rename to x-pack/plugins/siem/server/lib/uncommon_processes/query.dsl.ts
diff --git a/x-pack/legacy/plugins/siem/server/lib/uncommon_processes/types.ts b/x-pack/plugins/siem/server/lib/uncommon_processes/types.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/lib/uncommon_processes/types.ts
rename to x-pack/plugins/siem/server/lib/uncommon_processes/types.ts
diff --git a/x-pack/plugins/siem/server/plugin.ts b/x-pack/plugins/siem/server/plugin.ts
index ccc6aef1452b2..b9ec1c2e92438 100644
--- a/x-pack/plugins/siem/server/plugin.ts
+++ b/x-pack/plugins/siem/server/plugin.ts
@@ -5,33 +5,203 @@
*/
import { Observable } from 'rxjs';
+import { first } from 'rxjs/operators';
+import { i18n } from '@kbn/i18n';
-import { CoreSetup, PluginInitializerContext, Logger } from '../../../../src/core/server';
+import {
+ CoreSetup,
+ CoreStart,
+ PluginInitializerContext,
+ Logger,
+} from '../../../../src/core/server';
+import {
+ PluginStartContract as AlertingStart,
+ PluginSetupContract as AlertingSetup,
+} from '../../alerting/server';
+import { SecurityPluginSetup as SecuritySetup } from '../../security/server';
+import { PluginSetupContract as FeaturesSetup } from '../../features/server';
+import { MlPluginSetup as MlSetup } from '../../ml/server';
+import { EncryptedSavedObjectsPluginSetup as EncryptedSavedObjectsSetup } from '../../encrypted_saved_objects/server';
+import { SpacesPluginSetup as SpacesSetup } from '../../spaces/server';
+import { PluginStartContract as ActionsStart } from '../../actions/server';
+import { LicensingPluginSetup } from '../../licensing/server';
+import { initServer } from './init_server';
+import { compose } from './lib/compose/kibana';
+import { initRoutes } from './routes';
+import { isAlertExecutor } from './lib/detection_engine/signals/types';
+import { signalRulesAlertType } from './lib/detection_engine/signals/signal_rule_alert_type';
+import { rulesNotificationAlertType } from './lib/detection_engine/notifications/rules_notification_alert_type';
+import { isNotificationAlertExecutor } from './lib/detection_engine/notifications/types';
+import { hasListsFeature, listsEnvFeatureFlagName } from './lib/detection_engine/feature_flags';
+import {
+ noteSavedObjectType,
+ pinnedEventSavedObjectType,
+ timelineSavedObjectType,
+ ruleStatusSavedObjectType,
+ ruleActionsSavedObjectType,
+} from './saved_objects';
+import { SiemClientFactory } from './client';
import { createConfig$, ConfigType } from './config';
+export { CoreSetup, CoreStart };
+
+export interface SetupPlugins {
+ alerting: AlertingSetup;
+ encryptedSavedObjects?: EncryptedSavedObjectsSetup;
+ features: FeaturesSetup;
+ licensing: LicensingPluginSetup;
+ security?: SecuritySetup;
+ spaces?: SpacesSetup;
+ ml?: MlSetup;
+}
+
+export interface StartPlugins {
+ actions: ActionsStart;
+ alerting: AlertingStart;
+}
+
export class Plugin {
readonly name = 'siem';
private readonly logger: Logger;
- // @ts-ignore-next-line TODO(rylnd): use it or lose it
private readonly config$: Observable;
+ private context: PluginInitializerContext;
+ private siemClientFactory: SiemClientFactory;
constructor(context: PluginInitializerContext) {
- const { logger } = context;
- this.logger = logger.get();
- this.logger.debug('plugin initialized');
-
+ this.context = context;
+ this.logger = context.logger.get('plugins', this.name);
this.config$ = createConfig$(context);
+ this.siemClientFactory = new SiemClientFactory();
+
+ this.logger.debug('plugin initialized');
}
- public setup(core: CoreSetup, plugins: {}) {
+ public async setup(core: CoreSetup, plugins: SetupPlugins) {
this.logger.debug('plugin setup');
- }
- public start() {
- this.logger.debug('plugin started');
- }
+ if (hasListsFeature()) {
+ // TODO: Remove this once we have the lists feature supported
+ this.logger.error(
+ `You have activated the lists feature flag which is NOT currently supported for SIEM! You should turn this feature flag off immediately by un-setting the environment variable: ${listsEnvFeatureFlagName} and restarting Kibana`
+ );
+ }
+
+ const router = core.http.createRouter();
+ core.http.registerRouteHandlerContext(this.name, (context, request, response) => ({
+ getSiemClient: () => this.siemClientFactory.create(request),
+ }));
+
+ const config = await this.config$.pipe(first()).toPromise();
+
+ this.siemClientFactory.setup({
+ getSpaceId: plugins.spaces?.spacesService?.getSpaceId,
+ config,
+ });
+
+ initRoutes(
+ router,
+ config,
+ plugins.encryptedSavedObjects?.usingEphemeralEncryptionKey ?? false,
+ plugins.security
+ );
- public stop() {
- this.logger.debug('plugin stopped');
+ plugins.features.registerFeature({
+ id: this.name,
+ name: i18n.translate('xpack.siem.featureRegistry.linkSiemTitle', {
+ defaultMessage: 'SIEM',
+ }),
+ order: 1100,
+ icon: 'securityAnalyticsApp',
+ navLinkId: 'siem',
+ app: ['siem', 'kibana'],
+ catalogue: ['siem'],
+ privileges: {
+ all: {
+ app: ['siem', 'kibana'],
+ catalogue: ['siem'],
+ api: ['siem', 'actions-read', 'actions-all', 'alerting-read', 'alerting-all'],
+ savedObject: {
+ all: [
+ 'alert',
+ 'action',
+ 'action_task_params',
+ noteSavedObjectType,
+ pinnedEventSavedObjectType,
+ timelineSavedObjectType,
+ ruleStatusSavedObjectType,
+ ruleActionsSavedObjectType,
+ 'cases',
+ 'cases-comments',
+ 'cases-configure',
+ 'cases-user-actions',
+ ],
+ read: ['config'],
+ },
+ ui: [
+ 'show',
+ 'crud',
+ 'alerting:show',
+ 'actions:show',
+ 'alerting:save',
+ 'actions:save',
+ 'alerting:delete',
+ 'actions:delete',
+ ],
+ },
+ read: {
+ app: ['siem', 'kibana'],
+ catalogue: ['siem'],
+ api: ['siem', 'actions-read', 'actions-all', 'alerting-read', 'alerting-all'],
+ savedObject: {
+ all: ['alert', 'action', 'action_task_params'],
+ read: [
+ 'config',
+ noteSavedObjectType,
+ pinnedEventSavedObjectType,
+ timelineSavedObjectType,
+ ruleStatusSavedObjectType,
+ ruleActionsSavedObjectType,
+ 'cases',
+ 'cases-comments',
+ 'cases-configure',
+ 'cases-user-actions',
+ ],
+ },
+ ui: [
+ 'show',
+ 'alerting:show',
+ 'actions:show',
+ 'alerting:save',
+ 'actions:save',
+ 'alerting:delete',
+ 'actions:delete',
+ ],
+ },
+ },
+ });
+
+ if (plugins.alerting != null) {
+ const signalRuleType = signalRulesAlertType({
+ logger: this.logger,
+ version: this.context.env.packageInfo.version,
+ ml: plugins.ml,
+ });
+ const ruleNotificationType = rulesNotificationAlertType({
+ logger: this.logger,
+ });
+
+ if (isAlertExecutor(signalRuleType)) {
+ plugins.alerting.registerType(signalRuleType);
+ }
+
+ if (isNotificationAlertExecutor(ruleNotificationType)) {
+ plugins.alerting.registerType(ruleNotificationType);
+ }
+ }
+
+ const libs = compose(core, plugins, this.context.env.mode.prod);
+ initServer(libs);
}
+
+ public start(core: CoreStart, plugins: StartPlugins) {}
}
diff --git a/x-pack/legacy/plugins/siem/server/routes/index.ts b/x-pack/plugins/siem/server/routes/index.ts
similarity index 96%
rename from x-pack/legacy/plugins/siem/server/routes/index.ts
rename to x-pack/plugins/siem/server/routes/index.ts
index 8c9f92890c26a..64b232a2686b8 100644
--- a/x-pack/legacy/plugins/siem/server/routes/index.ts
+++ b/x-pack/plugins/siem/server/routes/index.ts
@@ -4,8 +4,7 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { IRouter } from '../../../../../../src/core/server';
-import { LegacyServices } from '../types';
+import { IRouter } from '../../../../../src/core/server';
import { createRulesRoute } from '../lib/detection_engine/routes/rules/create_rules_route';
import { createIndexRoute } from '../lib/detection_engine/routes/index/create_index_route';
@@ -32,10 +31,11 @@ import { getPrepackagedRulesStatusRoute } from '../lib/detection_engine/routes/r
import { importTimelinesRoute } from '../lib/timeline/routes/import_timelines_route';
import { exportTimelinesRoute } from '../lib/timeline/routes/export_timelines_route';
import { SetupPlugins } from '../plugin';
+import { ConfigType } from '..';
export const initRoutes = (
router: IRouter,
- config: LegacyServices['config'],
+ config: ConfigType,
usingEphemeralEncryptionKey: boolean,
security: SetupPlugins['security']
) => {
diff --git a/x-pack/legacy/plugins/siem/server/saved_objects.ts b/x-pack/plugins/siem/server/saved_objects.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/saved_objects.ts
rename to x-pack/plugins/siem/server/saved_objects.ts
diff --git a/x-pack/legacy/plugins/siem/server/types.ts b/x-pack/plugins/siem/server/types.ts
similarity index 82%
rename from x-pack/legacy/plugins/siem/server/types.ts
rename to x-pack/plugins/siem/server/types.ts
index a52322f5f830c..3a5c6cf94c652 100644
--- a/x-pack/legacy/plugins/siem/server/types.ts
+++ b/x-pack/plugins/siem/server/types.ts
@@ -4,13 +4,8 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { Legacy } from 'kibana';
import { SiemClient } from './client';
-export interface LegacyServices {
- config: Legacy.Server['config'];
-}
-
export { SiemClient };
export interface SiemRequestContext {
diff --git a/x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/auditbeat.ts b/x-pack/plugins/siem/server/utils/beat_schema/8.0.0/auditbeat.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/auditbeat.ts
rename to x-pack/plugins/siem/server/utils/beat_schema/8.0.0/auditbeat.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/ecs.ts b/x-pack/plugins/siem/server/utils/beat_schema/8.0.0/ecs.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/ecs.ts
rename to x-pack/plugins/siem/server/utils/beat_schema/8.0.0/ecs.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/filebeat.ts b/x-pack/plugins/siem/server/utils/beat_schema/8.0.0/filebeat.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/filebeat.ts
rename to x-pack/plugins/siem/server/utils/beat_schema/8.0.0/filebeat.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/index.ts b/x-pack/plugins/siem/server/utils/beat_schema/8.0.0/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/index.ts
rename to x-pack/plugins/siem/server/utils/beat_schema/8.0.0/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/packetbeat.ts b/x-pack/plugins/siem/server/utils/beat_schema/8.0.0/packetbeat.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/packetbeat.ts
rename to x-pack/plugins/siem/server/utils/beat_schema/8.0.0/packetbeat.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/winlogbeat.ts b/x-pack/plugins/siem/server/utils/beat_schema/8.0.0/winlogbeat.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/beat_schema/8.0.0/winlogbeat.ts
rename to x-pack/plugins/siem/server/utils/beat_schema/8.0.0/winlogbeat.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/beat_schema/index.test.ts b/x-pack/plugins/siem/server/utils/beat_schema/index.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/beat_schema/index.test.ts
rename to x-pack/plugins/siem/server/utils/beat_schema/index.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/beat_schema/index.ts b/x-pack/plugins/siem/server/utils/beat_schema/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/beat_schema/index.ts
rename to x-pack/plugins/siem/server/utils/beat_schema/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/beat_schema/type.ts b/x-pack/plugins/siem/server/utils/beat_schema/type.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/beat_schema/type.ts
rename to x-pack/plugins/siem/server/utils/beat_schema/type.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_query/calculate_timeseries_interval.ts b/x-pack/plugins/siem/server/utils/build_query/calculate_timeseries_interval.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/build_query/calculate_timeseries_interval.ts
rename to x-pack/plugins/siem/server/utils/build_query/calculate_timeseries_interval.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_query/create_options.test.ts b/x-pack/plugins/siem/server/utils/build_query/create_options.test.ts
similarity index 93%
rename from x-pack/legacy/plugins/siem/server/utils/build_query/create_options.test.ts
rename to x-pack/plugins/siem/server/utils/build_query/create_options.test.ts
index 8262b5b670d30..5ca67ad6ae51f 100644
--- a/x-pack/legacy/plugins/siem/server/utils/build_query/create_options.test.ts
+++ b/x-pack/plugins/siem/server/utils/build_query/create_options.test.ts
@@ -6,7 +6,7 @@
import { omit } from 'lodash/fp';
-import { defaultIndexPattern } from '../../../default_index_pattern';
+import { DEFAULT_INDEX_PATTERN } from '../../../common/constants';
import { Direction } from '../../graphql/types';
import { RequestOptions } from '../../lib/framework';
@@ -30,7 +30,7 @@ describe('createOptions', () => {
},
};
args = {
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
pagination: {
limit: 5,
},
@@ -57,7 +57,7 @@ describe('createOptions', () => {
test('should create options given all input including sort field', () => {
const options = createOptions(source, args, info);
const expected: RequestOptions = {
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
sourceConfiguration: {
fields: {
host: 'host-1',
@@ -87,7 +87,7 @@ describe('createOptions', () => {
const argsWithoutSort: Args = omit('sortField', args);
const options = createOptions(source, argsWithoutSort, info);
const expected: RequestOptions = {
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
sourceConfiguration: {
fields: {
host: 'host-1',
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_query/create_options.ts b/x-pack/plugins/siem/server/utils/build_query/create_options.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/build_query/create_options.ts
rename to x-pack/plugins/siem/server/utils/build_query/create_options.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_query/field.mock.ts b/x-pack/plugins/siem/server/utils/build_query/field.mock.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/build_query/field.mock.ts
rename to x-pack/plugins/siem/server/utils/build_query/field.mock.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_query/fields.test.ts b/x-pack/plugins/siem/server/utils/build_query/fields.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/build_query/fields.test.ts
rename to x-pack/plugins/siem/server/utils/build_query/fields.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_query/fields.ts b/x-pack/plugins/siem/server/utils/build_query/fields.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/build_query/fields.ts
rename to x-pack/plugins/siem/server/utils/build_query/fields.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_query/filters.ts b/x-pack/plugins/siem/server/utils/build_query/filters.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/build_query/filters.ts
rename to x-pack/plugins/siem/server/utils/build_query/filters.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_query/index.ts b/x-pack/plugins/siem/server/utils/build_query/index.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/build_query/index.ts
rename to x-pack/plugins/siem/server/utils/build_query/index.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_query/merge_fields_with_hits.test.ts b/x-pack/plugins/siem/server/utils/build_query/merge_fields_with_hits.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/build_query/merge_fields_with_hits.test.ts
rename to x-pack/plugins/siem/server/utils/build_query/merge_fields_with_hits.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_query/merge_fields_with_hits.ts b/x-pack/plugins/siem/server/utils/build_query/merge_fields_with_hits.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/build_query/merge_fields_with_hits.ts
rename to x-pack/plugins/siem/server/utils/build_query/merge_fields_with_hits.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_query/reduce_fields.test.ts b/x-pack/plugins/siem/server/utils/build_query/reduce_fields.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/build_query/reduce_fields.test.ts
rename to x-pack/plugins/siem/server/utils/build_query/reduce_fields.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_query/reduce_fields.ts b/x-pack/plugins/siem/server/utils/build_query/reduce_fields.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/build_query/reduce_fields.ts
rename to x-pack/plugins/siem/server/utils/build_query/reduce_fields.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_validation/route_validation.test.ts b/x-pack/plugins/siem/server/utils/build_validation/route_validation.test.ts
similarity index 97%
rename from x-pack/legacy/plugins/siem/server/utils/build_validation/route_validation.test.ts
rename to x-pack/plugins/siem/server/utils/build_validation/route_validation.test.ts
index 888cd5dfe5390..d17a8457ff81b 100644
--- a/x-pack/legacy/plugins/siem/server/utils/build_validation/route_validation.test.ts
+++ b/x-pack/plugins/siem/server/utils/build_validation/route_validation.test.ts
@@ -6,7 +6,7 @@
import { buildRouteValidation } from './route_validation';
import * as rt from 'io-ts';
-import { RouteValidationResultFactory } from '../../../../../../../src/core/server/http';
+import { RouteValidationResultFactory } from '../../../../../../src/core/server/http';
describe('buildRouteValidation', () => {
const schema = rt.type({
diff --git a/x-pack/legacy/plugins/siem/server/utils/build_validation/route_validation.ts b/x-pack/plugins/siem/server/utils/build_validation/route_validation.ts
similarity index 95%
rename from x-pack/legacy/plugins/siem/server/utils/build_validation/route_validation.ts
rename to x-pack/plugins/siem/server/utils/build_validation/route_validation.ts
index 1281c23cbc89a..bfcd0998fe690 100644
--- a/x-pack/legacy/plugins/siem/server/utils/build_validation/route_validation.ts
+++ b/x-pack/plugins/siem/server/utils/build_validation/route_validation.ts
@@ -12,7 +12,7 @@ import {
RouteValidationFunction,
RouteValidationResultFactory,
RouteValidationError,
-} from '../../../../../../../src/core/server';
+} from '../../../../../../src/core/server';
type RequestValidationResult =
| {
diff --git a/x-pack/legacy/plugins/siem/server/utils/read_stream/create_stream_from_ndjson.test.ts b/x-pack/plugins/siem/server/utils/read_stream/create_stream_from_ndjson.test.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/read_stream/create_stream_from_ndjson.test.ts
rename to x-pack/plugins/siem/server/utils/read_stream/create_stream_from_ndjson.test.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/read_stream/create_stream_from_ndjson.ts b/x-pack/plugins/siem/server/utils/read_stream/create_stream_from_ndjson.ts
similarity index 98%
rename from x-pack/legacy/plugins/siem/server/utils/read_stream/create_stream_from_ndjson.ts
rename to x-pack/plugins/siem/server/utils/read_stream/create_stream_from_ndjson.ts
index 0b7966926b5dd..2d630d0b92c68 100644
--- a/x-pack/legacy/plugins/siem/server/utils/read_stream/create_stream_from_ndjson.ts
+++ b/x-pack/plugins/siem/server/utils/read_stream/create_stream_from_ndjson.ts
@@ -6,7 +6,7 @@
import { Transform } from 'stream';
import { has, isString } from 'lodash/fp';
import { ImportRuleAlertRest } from '../../lib/detection_engine/types';
-import { createMapStream, createFilterStream } from '../../../../../../../src/legacy/utils/streams';
+import { createMapStream, createFilterStream } from '../../../../../../src/legacy/utils/streams';
import { importRulesSchema } from '../../lib/detection_engine/routes/schemas/import_rules_schema';
import { BadRequestError } from '../../lib/detection_engine/errors/bad_request_error';
diff --git a/x-pack/legacy/plugins/siem/server/utils/serialized_query.ts b/x-pack/plugins/siem/server/utils/serialized_query.ts
similarity index 92%
rename from x-pack/legacy/plugins/siem/server/utils/serialized_query.ts
rename to x-pack/plugins/siem/server/utils/serialized_query.ts
index 1ba6eb8b9f9a6..09b227d8c5a32 100644
--- a/x-pack/legacy/plugins/siem/server/utils/serialized_query.ts
+++ b/x-pack/plugins/siem/server/utils/serialized_query.ts
@@ -7,7 +7,7 @@
import { UserInputError } from 'apollo-server-errors';
import { isEmpty, isPlainObject, isString } from 'lodash/fp';
-import { JsonObject } from '../../../../../../src/plugins/kibana_utils/public';
+import { JsonObject } from '../../../../../src/plugins/kibana_utils/public';
export const parseFilterQuery = (filterQuery: string): JsonObject => {
try {
diff --git a/x-pack/legacy/plugins/siem/server/utils/typed_elasticsearch_mappings.ts b/x-pack/plugins/siem/server/utils/typed_elasticsearch_mappings.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/typed_elasticsearch_mappings.ts
rename to x-pack/plugins/siem/server/utils/typed_elasticsearch_mappings.ts
diff --git a/x-pack/legacy/plugins/siem/server/utils/typed_resolvers.ts b/x-pack/plugins/siem/server/utils/typed_resolvers.ts
similarity index 100%
rename from x-pack/legacy/plugins/siem/server/utils/typed_resolvers.ts
rename to x-pack/plugins/siem/server/utils/typed_resolvers.ts
diff --git a/x-pack/plugins/siem/yarn.lock b/x-pack/plugins/siem/yarn.lock
new file mode 120000
index 0000000000000..6e09764ec763b
--- /dev/null
+++ b/x-pack/plugins/siem/yarn.lock
@@ -0,0 +1 @@
+../../../yarn.lock
\ No newline at end of file
diff --git a/x-pack/test/api_integration/apis/siem/overview_host.ts b/x-pack/test/api_integration/apis/siem/overview_host.ts
index d32eeaec884fa..7e5cbd7673af7 100644
--- a/x-pack/test/api_integration/apis/siem/overview_host.ts
+++ b/x-pack/test/api_integration/apis/siem/overview_host.ts
@@ -5,10 +5,11 @@
*/
import expect from '@kbn/expect';
+
+import { DEFAULT_INDEX_PATTERN } from '../../../../plugins/siem/common/constants';
import { overviewHostQuery } from '../../../../legacy/plugins/siem/public/containers/overview/overview_host/index.gql_query';
import { GetOverviewHostQuery } from '../../../../legacy/plugins/siem/public/graphql/types';
import { FtrProviderContext } from '../../ftr_provider_context';
-import { defaultIndexPattern } from '../../../../legacy/plugins/siem/default_index_pattern';
export default function({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
@@ -51,7 +52,7 @@ export default function({ getService }: FtrProviderContext) {
to: TO,
from: FROM,
},
- defaultIndex: defaultIndexPattern,
+ defaultIndex: DEFAULT_INDEX_PATTERN,
inspect: false,
},
})
diff --git a/x-pack/test/detection_engine_api_integration/common/config.ts b/x-pack/test/detection_engine_api_integration/common/config.ts
index 89ebd902834b9..e89352118990a 100644
--- a/x-pack/test/detection_engine_api_integration/common/config.ts
+++ b/x-pack/test/detection_engine_api_integration/common/config.ts
@@ -8,7 +8,7 @@ import path from 'path';
import { CA_CERT_PATH } from '@kbn/dev-utils';
import { FtrConfigProviderContext } from '@kbn/test/types/ftr';
import { services } from './services';
-import { listsEnvFeatureFlagName } from '../../../legacy/plugins/siem/server/lib/detection_engine/feature_flags';
+import { listsEnvFeatureFlagName } from '../../../plugins/siem/server/lib/detection_engine/feature_flags';
interface CreateTestConfigOptions {
license: string;
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/add_prepackaged_rules.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/add_prepackaged_rules.ts
index 6ee65d5d28aa4..e787a3594dfe6 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/add_prepackaged_rules.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/add_prepackaged_rules.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_PREPACKAGED_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_PREPACKAGED_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import { createSignalsIndex, deleteAllAlerts, deleteSignalsIndex } from './utils';
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/create_rules.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/create_rules.ts
index 91088acb7a51c..46645a9b5a944 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/create_rules.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/create_rules.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/create_rules_bulk.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/create_rules_bulk.ts
index 8e951a31b525c..117300be417d5 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/create_rules_bulk.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/create_rules_bulk.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/delete_rules.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/delete_rules.ts
index a886a5fb07a6c..fb701681419d8 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/delete_rules.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/delete_rules.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/delete_rules_bulk.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/delete_rules_bulk.ts
index 9e9071b82884f..ac58ba4c77e4e 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/delete_rules_bulk.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/delete_rules_bulk.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/export_rules.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/export_rules.ts
index a8f841db94bbc..51bdb9e45dc0c 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/export_rules.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/export_rules.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
binaryToString,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/find_rules.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/find_rules.ts
index abbc8f77e0077..feb4ecd125f7e 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/find_rules.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/find_rules.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/find_statuses.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/find_statuses.ts
index 45805f03f8c0c..07f3a34d6ff44 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/find_statuses.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/find_statuses.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/get_prepackaged_rules_status.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/get_prepackaged_rules_status.ts
index 49cf150126fda..e2dce77c1d70a 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/get_prepackaged_rules_status.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/get_prepackaged_rules_status.ts
@@ -9,7 +9,7 @@ import expect from '@kbn/expect';
import {
DETECTION_ENGINE_PREPACKAGED_URL,
DETECTION_ENGINE_RULES_URL,
-} from '../../../../legacy/plugins/siem/common/constants';
+} from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import { createSignalsIndex, deleteAllAlerts, deleteSignalsIndex, getSimpleRule } from './utils';
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/import_rules.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/import_rules.ts
index ae4589e32ec11..4def508fabbc3 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/import_rules.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/import_rules.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/open_close_signals.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/open_close_signals.ts
index e9e3e4299d108..3c8c20646885a 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/open_close_signals.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/open_close_signals.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_SIGNALS_STATUS_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_SIGNALS_STATUS_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/patch_rules.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/patch_rules.ts
index 53a3d15690efc..c3ecf79e58955 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/patch_rules.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/patch_rules.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/patch_rules_bulk.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/patch_rules_bulk.ts
index c13e8909dacf9..8515d1cf404ea 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/patch_rules_bulk.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/patch_rules_bulk.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/query_signals.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/query_signals.ts
index 6fa62412ed467..7c8bd8981db10 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/query_signals.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/query_signals.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_QUERY_SIGNALS_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_QUERY_SIGNALS_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import { getSignalStatus, createSignalsIndex, deleteSignalsIndex } from './utils';
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/read_rules.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/read_rules.ts
index 2ea62b0756f73..4d7449dae2dbd 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/read_rules.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/read_rules.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/update_rules.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/update_rules.ts
index 92c78be72bf01..4b81b7d4304b2 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/update_rules.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/update_rules.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/update_rules_bulk.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/update_rules_bulk.ts
index 220a4af4c5c5e..760e17ae1752e 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/update_rules_bulk.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/update_rules_bulk.ts
@@ -6,7 +6,7 @@
import expect from '@kbn/expect';
-import { DETECTION_ENGINE_RULES_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { DETECTION_ENGINE_RULES_URL } from '../../../../plugins/siem/common/constants';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/utils.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/utils.ts
index 0a5b2def3eb18..cebe24dc5ccc2 100644
--- a/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/utils.ts
+++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/tests/utils.ts
@@ -4,8 +4,8 @@
* you may not use this file except in compliance with the Elastic License.
*/
-import { OutputRuleAlertRest } from '../../../../legacy/plugins/siem/server/lib/detection_engine/types';
-import { DETECTION_ENGINE_INDEX_URL } from '../../../../legacy/plugins/siem/common/constants';
+import { OutputRuleAlertRest } from '../../../../plugins/siem/server/lib/detection_engine/types';
+import { DETECTION_ENGINE_INDEX_URL } from '../../../../plugins/siem/common/constants';
/**
* This will remove server generated properties such as date times, etc...
diff --git a/x-pack/test/siem_cypress/runner.ts b/x-pack/test/siem_cypress/runner.ts
index 2462f75d4d0a4..b84e2953cc142 100644
--- a/x-pack/test/siem_cypress/runner.ts
+++ b/x-pack/test/siem_cypress/runner.ts
@@ -23,7 +23,7 @@ export async function SiemCypressTestRunner({ getService }: FtrProviderContext)
await procs.run('cypress', {
cmd: 'yarn',
args: ['cypress:run'],
- cwd: resolve(__dirname, '../../legacy/plugins/siem'),
+ cwd: resolve(__dirname, '../../plugins/siem'),
env: {
FORCE_COLOR: '1',
CYPRESS_baseUrl: Url.format(config.get('servers.kibana')),
diff --git a/x-pack/tsconfig.json b/x-pack/tsconfig.json
index a6c94ff74620e..e2da4853a0f4b 100644
--- a/x-pack/tsconfig.json
+++ b/x-pack/tsconfig.json
@@ -11,7 +11,7 @@
],
"exclude": [
"test/**/*",
- "legacy/plugins/siem/cypress/**/*",
+ "plugins/siem/cypress/**/*",
"legacy/plugins/apm/e2e/cypress/**/*",
"**/typespec_tests.ts"
],