Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failing test: X-Pack Detection Engine API Integration Tests.x-pack/test/detection_engine_api_integration/security_and_spaces/group1/create_ml·ts - detection engine api security and spaces enabled - Group 1 Generating signals from ml anomalies "before all" hook for "should create 1 alert from ML rule when record meets anomaly_threshold" #142993

Closed
kibanamachine opened this issue Oct 10, 2022 · 4 comments · Fixed by #145503
Closed

Failing test: X-Pack Detection Engine API Integration Tests.x-pack/test/detection_engine_api_integration/security_and_spaces/group1/create_ml·ts - detection engine api security and spaces enabled - Group 1 Generating signals from ml anomalies "before all" hook for "should create 1 alert from ML rule when record meets anomaly_threshold" #142993

kibanamachine opened this issue Oct 10, 2022 · 4 comments · Fixed by #145503
Assignees
@marshallmain
Labels
failed-test A test failure on a tracked branch, potentially flaky-test Team:Detection Alerts Security Detection Alerts Area Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.

Comments

@kibanamachine
Copy link
Contributor

kibanamachine commented Oct 10, 2022
edited
Loading

A test failed on a tracked branch

AggregateError: 
    Error: Bulk doc failure [operation=index]:
      doc: {"actual":[1],"bucket_span":900,"by_field_name":"process.name","by_field_value":"store","detector_index":0,"function":"rare","function_description":"rare","host.name":["mothra"],"influencers":[{"influencer_field_name":"user.name","influencer_field_values":["root"]},{"influencer_field_name":"process.name","influencer_field_values":["store"]},{"influencer_field_name":"host.name","influencer_field_values":["mothra"]}],"initial_record_score":33.36147565024334,"is_interim":false,"job_id":"v3_linux_anomalous_network_activity","multi_bucket_impact":0,"probability":0.007820139656036713,"process.name":["store"],"record_score":33.36147565024334,"result_type":"record","timestamp":1605567488000,"typical":[0.007820139656036711],"user.name":["root"]}
      error: {"type":"mapper_parsing_exception","reason":"failed to parse field [host] of type [keyword] in document with id 'v3_linux_anomalous_network_activity_record_1586274300000_900_0_-96106189301704594950079884115725560577_5'. Preview of field's value: '{name=[mothra]}'","caused_by":{"type":"illegal_state_exception","reason":"Can't get text on a START_OBJECT at 1:156"}}
        at Array.map (<anonymous>)
        at indexDocs (node_modules/@kbn/es-archiver/target_node/src/lib/docs/index_doc_records_stream.js:65:13)
        at runMicrotasks (<anonymous>)
        at processTicksAndRejections (node:internal/process/task_queues:96:5)
        at Writable.write [as _write] (node_modules/@kbn/es-archiver/target_node/src/lib/docs/index_doc_records_stream.js:79:9)
    at indexDocs (node_modules/@kbn/es-archiver/target_node/src/lib/docs/index_doc_records_stream.js:65:13)
    at runMicrotasks (<anonymous>)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    at Writable.write [as _write] (node_modules/@kbn/es-archiver/target_node/src/lib/docs/index_doc_records_stream.js:79:9)

First failure: CI Build - main
@kibanamachine kibanamachine added the failed-test A test failure on a tracked branch, potentially flaky-test label Oct 10, 2022
@botelastic botelastic bot added the needs-team Issues missing a team label label Oct 10, 2022
@kibanamachine kibanamachine added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Oct 10, 2022
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@botelastic botelastic bot removed the needs-team Issues missing a team label label Oct 10, 2022
@kibanamachine
Copy link
Contributor Author

New failure: CI Build - main

mistic added a commit that referenced this issue Oct 11, 2022
@mistic
skip flaky suite (#142993)
3952150
@mistic
Copy link
Member

mistic commented Oct 11, 2022

Skipped.

main: 3952150

@MadameSheema MadameSheema added Team:Detections and Resp Security Detection Response Team Team:Detection Rule Management Security Detection Rule Management Team labels Oct 11, 2022
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@banderror banderror added Team:Detection Alerts Security Detection Alerts Area Team and removed Team:Detection Rule Management Security Detection Rule Management Team labels Oct 11, 2022
@banderror banderror assigned marshallmain and unassigned banderror Oct 11, 2022
@marshallmain marshallmain mentioned this issue Nov 17, 2022
Merged
marshallmain added a commit that referenced this issue Nov 17, 2022
@marshallmain
[Security Solution][Alerts] Unskip ML rule test suite (#145503)
2f68c14 
## Summary

Fixes #142993

The failure is in ES archiver, not the test, and there's seemingly
nothing wrong with the ES archive.

Passed 100x here:
https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/1564
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marshallmain marshallmain

Labels
failed-test A test failure on a tracked branch, potentially flaky-test Team:Detection Alerts Security Detection Alerts Area Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Security Solution][Alerts] Unskip ML rule test suite marshallmain/kibana
6 participants
@mistic @banderror @elasticmachine @MadameSheema @kibanamachine @marshallmain