Skip to content

Commit

Permalink
Added in 'Responses' field in alert telemetry & updated test (#111892) (
Browse files Browse the repository at this point in the history
#111948)

# Conflicts:
#	x-pack/plugins/security_solution/server/lib/telemetry/filters.ts

Co-authored-by: Kibana Machine <[email protected]>
  • Loading branch information
jeska and kibanamachine authored Sep 13, 2021
1 parent f12d5f9 commit 8daf284
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,7 @@ describe('TelemetryEventsSender', () => {
executable: null, // null fields are never allowlisted
working_directory: '/some/usr/dir',
},
Responses: '{ "result": 0 }', // >= 7.15
Target: {
process: {
name: 'bar.exe',
Expand All @@ -89,6 +90,9 @@ describe('TelemetryEventsSender', () => {
},
},
},
threat: {
ignored_object: true, // this field is not allowlisted
},
},
];

Expand Down Expand Up @@ -136,6 +140,7 @@ describe('TelemetryEventsSender', () => {
name: 'foo.exe',
working_directory: '/some/usr/dir',
},
Responses: '{ "result": 0 }',
Target: {
process: {
name: 'bar.exe',
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -630,6 +630,7 @@ const allowlistEventFields: AllowlistFields = {
events: allowlistBaseEventFields,
// behavioral protection re-nests some field sets under Events.* (>=7.15)
Events: allowlistBaseEventFields,
Responses: true,
rule: {
id: true,
name: true,
Expand Down

0 comments on commit 8daf284

Please sign in to comment.