From 51ef016b47e42c5a446e085e189fbcac4e6cf0e9 Mon Sep 17 00:00:00 2001 From: vitaliidm Date: Fri, 8 Dec 2023 11:35:38 +0000 Subject: [PATCH 1/3] [Security Solution][Detection Engine] enable xMatters, Server Log connectors for Security --- .../server/connector_types/server_log/index.ts | 7 ++++++- .../server/connector_types/xmatters/index.ts | 7 +++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/x-pack/plugins/stack_connectors/server/connector_types/server_log/index.ts b/x-pack/plugins/stack_connectors/server/connector_types/server_log/index.ts index 4d404369ba11d..0275b2bdc2f3f 100644 --- a/x-pack/plugins/stack_connectors/server/connector_types/server_log/index.ts +++ b/x-pack/plugins/stack_connectors/server/connector_types/server_log/index.ts @@ -17,6 +17,7 @@ import type { import { AlertingConnectorFeatureId, UptimeConnectorFeatureId, + SecurityConnectorFeatureId, } from '@kbn/actions-plugin/common/connector_feature_config'; import { withoutControlCharacters } from '../lib/string_utils'; @@ -55,7 +56,11 @@ export function getConnectorType(): ServerLogConnectorType { name: i18n.translate('xpack.stackConnectors.serverLog.title', { defaultMessage: 'Server log', }), - supportedFeatureIds: [AlertingConnectorFeatureId, UptimeConnectorFeatureId], + supportedFeatureIds: [ + AlertingConnectorFeatureId, + UptimeConnectorFeatureId, + SecurityConnectorFeatureId, + ], validate: { config: { schema: schema.object({}, { defaultValue: {} }) }, secrets: { schema: schema.object({}, { defaultValue: {} }) }, diff --git a/x-pack/plugins/stack_connectors/server/connector_types/xmatters/index.ts b/x-pack/plugins/stack_connectors/server/connector_types/xmatters/index.ts index 7a3d701b96242..1be6e9f71c0c7 100644 --- a/x-pack/plugins/stack_connectors/server/connector_types/xmatters/index.ts +++ b/x-pack/plugins/stack_connectors/server/connector_types/xmatters/index.ts @@ -14,7 +14,10 @@ import type { ActionTypeExecutorResult as ConnectorTypeExecutorResult, ValidatorServices, } from '@kbn/actions-plugin/server/types'; -import { AlertingConnectorFeatureId } from '@kbn/actions-plugin/common/types'; +import { + AlertingConnectorFeatureId, + SecurityConnectorFeatureId, +} from '@kbn/actions-plugin/common/types'; import { postXmatters } from './post_xmatters'; export type XmattersConnectorType = ConnectorType< @@ -66,7 +69,7 @@ export function getConnectorType(): XmattersConnectorType { name: i18n.translate('xpack.stackConnectors.xmatters.title', { defaultMessage: 'xMatters', }), - supportedFeatureIds: [AlertingConnectorFeatureId], + supportedFeatureIds: [AlertingConnectorFeatureId, SecurityConnectorFeatureId], validate: { config: { schema: ConfigSchema, From b066243d21bbfb69992646365d87dab8e81d3476 Mon Sep 17 00:00:00 2001 From: Vitalii Dmyterko <92328789+vitaliidm@users.noreply.github.com> Date: Thu, 9 May 2024 12:20:53 +0100 Subject: [PATCH 2/3] add cypress tests --- .../rule_actions/rule_actions_pli_complete.cy.ts | 4 ++++ .../rule_actions/rule_actions_pli_essentials.cy.ts | 6 +++++- .../cypress/screens/common/rule_actions.ts | 4 ++++ 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_complete.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_complete.cy.ts index 6afa38bf81f6c..94c53cb6e3f13 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_complete.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_complete.cy.ts @@ -12,6 +12,8 @@ import { SLACK_ACTION_BTN, WEBHOOK_ACTION_BTN, EMAIL_ACTION_BTN, + SERVER_LOG_ACTION_BTN, + XMATTERS_ACTION_BTN, ACTION_BTN, } from '../../../../screens/common/rule_actions'; @@ -62,6 +64,8 @@ describe( cy.get(SLACK_ACTION_BTN).should('be.visible'); cy.get(EMAIL_ACTION_BTN).should('be.visible'); cy.get(WEBHOOK_ACTION_BTN).should('be.visible'); + cy.get(SERVER_LOG_ACTION_BTN).should('be.visible'); + cy.get(XMATTERS_ACTION_BTN).should('be.visible'); }); } ); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_essentials.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_essentials.cy.ts index 71212f6819a69..315cd78a1f340 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_essentials.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_essentials.cy.ts @@ -12,6 +12,8 @@ import { SLACK_ACTION_BTN, WEBHOOK_ACTION_BTN, EMAIL_ACTION_BTN, + XMATTERS_ACTION_BTN, + SERVER_LOG_ACTION_BTN, ACTION_BTN, } from '../../../../screens/common/rule_actions'; @@ -62,8 +64,10 @@ describe( cy.get(SLACK_ACTION_BTN).should('be.visible'); cy.get(EMAIL_ACTION_BTN).should('be.visible'); - // webhook is not available + // complete tiers actions are not available cy.get(WEBHOOK_ACTION_BTN).should('not.exist'); + cy.get(XMATTERS_ACTION_BTN).should('not.exist'); + cy.get(SERVER_LOG_ACTION_BTN).should('not.exist'); }); } ); diff --git a/x-pack/test/security_solution_cypress/cypress/screens/common/rule_actions.ts b/x-pack/test/security_solution_cypress/cypress/screens/common/rule_actions.ts index 0c0994af2759e..a5c35406fb1ed 100644 --- a/x-pack/test/security_solution_cypress/cypress/screens/common/rule_actions.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/common/rule_actions.ts @@ -9,6 +9,10 @@ export const EMAIL_ACTION_BTN = '[data-test-subj=".email-siem-ActionTypeSelectOp export const WEBHOOK_ACTION_BTN = '[data-test-subj=".webhook-siem-ActionTypeSelectOption"]'; +export const SERVER_LOG_ACTION_BTN = '[data-test-subj=".server-log-siem-ActionTypeSelectOption"]'; + +export const XMATTERS_ACTION_BTN = '[data-test-subj=".xmatters-siem-ActionTypeSelectOption"]'; + /** * all rule actions buttons, elements which data-test-subj attribute ends with '-siem-ActionTypeSelectOption' */ From 3ecdc99ba018b149dd408bb3c652497c6949ddbf Mon Sep 17 00:00:00 2001 From: Vitalii Dmyterko <92328789+vitaliidm@users.noreply.github.com> Date: Thu, 9 May 2024 14:37:50 +0100 Subject: [PATCH 3/3] Update rule_actions_pli_essentials.cy.ts --- .../rule_actions/rule_actions_pli_essentials.cy.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_essentials.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_essentials.cy.ts index 315cd78a1f340..8e53f3c96657a 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_essentials.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_essentials.cy.ts @@ -64,7 +64,7 @@ describe( cy.get(SLACK_ACTION_BTN).should('be.visible'); cy.get(EMAIL_ACTION_BTN).should('be.visible'); - // complete tiers actions are not available + // complete tier actions are not available cy.get(WEBHOOK_ACTION_BTN).should('not.exist'); cy.get(XMATTERS_ACTION_BTN).should('not.exist'); cy.get(SERVER_LOG_ACTION_BTN).should('not.exist');