diff --git a/x-pack/plugins/endpoint/common/types.ts b/x-pack/plugins/endpoint/common/types.ts new file mode 100644 index 0000000000000..1a1402671aa01 --- /dev/null +++ b/x-pack/plugins/endpoint/common/types.ts @@ -0,0 +1,46 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +export class EndpointAppConstants { + static ENDPOINT_INDEX_NAME = 'endpoint-agent*'; +} + +export interface EndpointResultList { + // the endpoint restricted by the page size + endpoints: EndpointMetadata[]; + // the total number of unique endpoints in the index + total: number; + // the page size requested + request_page_size: number; + // the index requested + request_page_index: number; +} + +export interface EndpointMetadata { + event: { + created: Date; + }; + endpoint: { + policy: { + id: string; + }; + }; + agent: { + version: string; + id: string; + }; + host: { + id: string; + hostname: string; + ip: string[]; + mac: string[]; + os: { + name: string; + full: string; + version: string; + }; + }; +} diff --git a/x-pack/plugins/endpoint/server/plugin.ts b/x-pack/plugins/endpoint/server/plugin.ts index 7ed116ba21140..b1ae2adbdbb35 100644 --- a/x-pack/plugins/endpoint/server/plugin.ts +++ b/x-pack/plugins/endpoint/server/plugin.ts @@ -8,8 +8,8 @@ import { first } from 'rxjs/operators'; import { addRoutes } from './routes'; import { PluginSetupContract as FeaturesPluginSetupContract } from '../../features/server'; import { createConfig$, EndpointConfigType } from './config'; -import { EndpointAppContext } from './types'; import { registerEndpointRoutes } from './routes/endpoints'; +import { EndpointAppContext } from './types'; export type EndpointPluginStart = void; export type EndpointPluginSetup = void; diff --git a/x-pack/plugins/endpoint/server/routes/endpoints.test.ts b/x-pack/plugins/endpoint/server/routes/endpoints.test.ts index 60433f86b6f7e..04a38972401ed 100644 --- a/x-pack/plugins/endpoint/server/routes/endpoints.test.ts +++ b/x-pack/plugins/endpoint/server/routes/endpoints.test.ts @@ -18,9 +18,9 @@ import { httpServiceMock, loggingServiceMock, } from '../../../../../src/core/server/mocks'; -import { EndpointData } from '../types'; +import { EndpointMetadata, EndpointResultList } from '../../common/types'; import { SearchResponse } from 'elasticsearch'; -import { EndpointResultList, registerEndpointRoutes } from './endpoints'; +import { registerEndpointRoutes } from './endpoints'; import { EndpointConfigSchema } from '../config'; import * as data from '../test_data/all_endpoints_data.json'; @@ -49,8 +49,8 @@ describe('test endpoint route', () => { it('test find the latest of all endpoints', async () => { const mockRequest = httpServerMock.createKibanaRequest({}); - const response: SearchResponse = (data as unknown) as SearchResponse< - EndpointData + const response: SearchResponse = (data as unknown) as SearchResponse< + EndpointMetadata >; mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => @@ -73,9 +73,9 @@ describe('test endpoint route', () => { expect(routeConfig.options).toEqual({ authRequired: true }); expect(mockResponse.ok).toBeCalled(); const endpointResultList = mockResponse.ok.mock.calls[0][0]?.body as EndpointResultList; - expect(endpointResultList.endpoints.length).toEqual(3); - expect(endpointResultList.total).toEqual(3); - expect(endpointResultList.request_index).toEqual(0); + expect(endpointResultList.endpoints.length).toEqual(2); + expect(endpointResultList.total).toEqual(2); + expect(endpointResultList.request_page_index).toEqual(0); expect(endpointResultList.request_page_size).toEqual(10); }); @@ -93,7 +93,7 @@ describe('test endpoint route', () => { }, }); mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => - Promise.resolve((data as unknown) as SearchResponse) + Promise.resolve((data as unknown) as SearchResponse) ); [routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => path.startsWith('/api/endpoint/endpoints') @@ -115,9 +115,9 @@ describe('test endpoint route', () => { expect(routeConfig.options).toEqual({ authRequired: true }); expect(mockResponse.ok).toBeCalled(); const endpointResultList = mockResponse.ok.mock.calls[0][0]?.body as EndpointResultList; - expect(endpointResultList.endpoints.length).toEqual(3); - expect(endpointResultList.total).toEqual(3); - expect(endpointResultList.request_index).toEqual(10); + expect(endpointResultList.endpoints.length).toEqual(2); + expect(endpointResultList.total).toEqual(2); + expect(endpointResultList.request_page_index).toEqual(10); expect(endpointResultList.request_page_size).toEqual(10); }); }); diff --git a/x-pack/plugins/endpoint/server/routes/endpoints.ts b/x-pack/plugins/endpoint/server/routes/endpoints.ts index 9d2babc61f11f..4fc3e653f9426 100644 --- a/x-pack/plugins/endpoint/server/routes/endpoints.ts +++ b/x-pack/plugins/endpoint/server/routes/endpoints.ts @@ -7,22 +7,13 @@ import { IRouter } from 'kibana/server'; import { SearchResponse } from 'elasticsearch'; import { schema } from '@kbn/config-schema'; -import { EndpointAppContext, EndpointData } from '../types'; + import { kibanaRequestToEndpointListQuery } from '../services/endpoint/endpoint_query_builders'; +import { EndpointMetadata, EndpointResultList } from '../../common/types'; +import { EndpointAppContext } from '../types'; interface HitSource { - _source: EndpointData; -} - -export interface EndpointResultList { - // the endpoint restricted by the page size - endpoints: EndpointData[]; - // the total number of unique endpoints in the index - total: number; - // the page size requested - request_page_size: number; - // the index requested - request_index: number; + _source: EndpointMetadata; } export function registerEndpointRoutes(router: IRouter, endpointAppContext: EndpointAppContext) { @@ -53,7 +44,7 @@ export function registerEndpointRoutes(router: IRouter, endpointAppContext: Endp const response = (await context.core.elasticsearch.dataClient.callAsCurrentUser( 'search', queryParams - )) as SearchResponse; + )) as SearchResponse; return res.ok({ body: mapToEndpointResultList(queryParams, response) }); } catch (err) { return res.internalError({ body: err }); @@ -64,13 +55,13 @@ export function registerEndpointRoutes(router: IRouter, endpointAppContext: Endp function mapToEndpointResultList( queryParams: Record, - searchResponse: SearchResponse + searchResponse: SearchResponse ): EndpointResultList { const totalNumberOfEndpoints = searchResponse?.aggregations?.total?.value || 0; if (searchResponse.hits.hits.length > 0) { return { request_page_size: queryParams.size, - request_index: queryParams.from, + request_page_index: queryParams.from, endpoints: searchResponse.hits.hits .map(response => response.inner_hits.most_recent.hits.hits) .flatMap(data => data as HitSource) @@ -80,7 +71,7 @@ function mapToEndpointResultList( } else { return { request_page_size: queryParams.size, - request_index: queryParams.from, + request_page_index: queryParams.from, total: totalNumberOfEndpoints, endpoints: [], }; diff --git a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.test.ts b/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.test.ts index 2a8cecec16526..3c931a251d697 100644 --- a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.test.ts +++ b/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.test.ts @@ -23,23 +23,23 @@ describe('test query builder', () => { match_all: {}, }, collapse: { - field: 'machine_id', + field: 'host.id.keyword', inner_hits: { name: 'most_recent', size: 1, - sort: [{ created_at: 'desc' }], + sort: [{ 'event.created': 'desc' }], }, }, aggs: { total: { cardinality: { - field: 'machine_id', + field: 'host.id.keyword', }, }, }, sort: [ { - created_at: { + 'event.created': { order: 'desc', }, }, diff --git a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.ts b/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.ts index 7430ba9721608..102c268cf9ec4 100644 --- a/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.ts +++ b/x-pack/plugins/endpoint/server/services/endpoint/endpoint_query_builders.ts @@ -4,7 +4,8 @@ * you may not use this file except in compliance with the Elastic License. */ import { KibanaRequest } from 'kibana/server'; -import { EndpointAppConstants, EndpointAppContext } from '../../types'; +import { EndpointAppConstants } from '../../../common/types'; +import { EndpointAppContext } from '../../types'; export const kibanaRequestToEndpointListQuery = async ( request: KibanaRequest, @@ -17,23 +18,23 @@ export const kibanaRequestToEndpointListQuery = async ( match_all: {}, }, collapse: { - field: 'machine_id', + field: 'host.id.keyword', inner_hits: { name: 'most_recent', size: 1, - sort: [{ created_at: 'desc' }], + sort: [{ 'event.created': 'desc' }], }, }, aggs: { total: { cardinality: { - field: 'machine_id', + field: 'host.id.keyword', }, }, }, sort: [ { - created_at: { + 'event.created': { order: 'desc', }, }, diff --git a/x-pack/plugins/endpoint/server/test_data/all_endpoints_data.json b/x-pack/plugins/endpoint/server/test_data/all_endpoints_data.json index d505b2c929828..f1ad5190c55ff 100644 --- a/x-pack/plugins/endpoint/server/test_data/all_endpoints_data.json +++ b/x-pack/plugins/endpoint/server/test_data/all_endpoints_data.json @@ -1,228 +1,100 @@ { - "took": 3, - "timed_out": false, - "_shards": { - "total": 1, - "successful": 1, - "skipped": 0, - "failed": 0 + "took" : 343, + "timed_out" : false, + "_shards" : { + "total" : 1, + "successful" : 1, + "skipped" : 0, + "failed" : 0 }, - "hits": { - "total": { - "value": 9, - "relation": "eq" + "hits" : { + "total" : { + "value" : 4, + "relation" : "eq" }, - "max_score": null, - "hits": [ + "max_score" : null, + "hits" : [ { - "_index": "endpoint-agent", - "_id": "UV_6SG8B9c_DH2QsbOZd", - "_score": null, - "_source": { - "machine_id": "606267a9-2e51-42b4-956e-6cc7812e3447", - "created_at": "2019-12-27T20:09:28.377Z", - "host": { - "name": "natalee-2", - "hostname": "natalee-2.example.com", - "ip": "10.5.220.127", - "mac_address": "17-5f-c9-f8-ca-d6", - "os": { - "name": "windows 6.3", - "full": "Windows Server 2012R2" - } + "_index" : "endpoint-agent", + "_id" : "WqVo1G8BYQH1gtPUgYkC", + "_score" : null, + "_source" : { + "@timestamp" : 1579816615336, + "event" : { + "created" : "2020-01-23T21:56:55.336Z" }, - "endpoint": { - "domain": "example.com", - "is_base_image": false, - "active_directory_distinguished_name": "CN=natalee-2,DC=example,DC=com", - "active_directory_hostname": "natalee-2.example.com", - "upgrade": { - "status": null, - "updated_at": null - }, - "isolation": { - "status": false, - "request_status": null, - "updated_at": null - }, - "policy": { - "name": "With Eventing", - "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" - }, - "sensor": { - "persistence": true, - "status": {} - } - } - }, - "fields": { - "machine_id": [ - "606267a9-2e51-42b4-956e-6cc7812e3447" - ] - }, - "sort": [ - 1577477368377 - ], - "inner_hits": { - "most_recent": { - "hits": { - "total": { - "value": 3, - "relation": "eq" - }, - "max_score": null, - "hits": [ - { - "_index": "endpoint-agent", - "_id": "UV_6SG8B9c_DH2QsbOZd", - "_score": null, - "_source": { - "machine_id": "606267a9-2e51-42b4-956e-6cc7812e3447", - "created_at": "2019-12-27T20:09:28.377Z", - "host": { - "name": "natalee-2", - "hostname": "natalee-2.example.com", - "ip": "10.5.220.127", - "mac_address": "17-5f-c9-f8-ca-d6", - "os": { - "name": "windows 6.3", - "full": "Windows Server 2012R2" - } - }, - "endpoint": { - "domain": "example.com", - "is_base_image": false, - "active_directory_distinguished_name": "CN=natalee-2,DC=example,DC=com", - "active_directory_hostname": "natalee-2.example.com", - "upgrade": { - "status": null, - "updated_at": null - }, - "isolation": { - "status": false, - "request_status": null, - "updated_at": null - }, - "policy": { - "name": "With Eventing", - "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" - }, - "sensor": { - "persistence": true, - "status": {} - } - } - }, - "sort": [ - 1577477368377 - ] - } - ] - } - } - } - }, - { - "_index": "endpoint-agent", - "_id": "Ul_6SG8B9c_DH2QsbOZd", - "_score": null, - "_source": { - "machine_id": "8ec625e1-a80c-4c9f-bdfd-496060aa6310", - "created_at": "2019-12-27T20:09:28.377Z", - "host": { - "name": "luttrell-2", - "hostname": "luttrell-2.example.com", - "ip": "10.246.84.193", - "mac_address": "dc-d-88-14-c3-c6", - "os": { - "name": "windows 6.3", - "full": "Windows Server 2012R2" + "endpoint" : { + "policy" : { + "id" : "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" } }, - "endpoint": { - "domain": "example.com", - "is_base_image": false, - "active_directory_distinguished_name": "CN=luttrell-2,DC=example,DC=com", - "active_directory_hostname": "luttrell-2.example.com", - "upgrade": { - "status": null, - "updated_at": null - }, - "isolation": { - "status": false, - "request_status": null, - "updated_at": null - }, - "policy": { - "name": "Default", - "id": "00000000-0000-0000-0000-000000000000" - }, - "sensor": { - "persistence": true, - "status": {} + "agent" : { + "version" : "6.8.3", + "id" : "56a75650-3c8a-4e4f-ac17-6dd729c650e2" + }, + "host" : { + "id" : "7141a48b-e19f-4ae3-89a0-6e7179a84265", + "hostname" : "larimer-0.example.com", + "ip" : "10.21.48.136", + "mac" : "77-be-30-f0-e8-d6", + "architecture" : "x86_64", + "os" : { + "name" : "windows 6.2", + "full" : "Windows Server 2012", + "version" : "6.2" } } }, - "fields": { - "machine_id": [ - "8ec625e1-a80c-4c9f-bdfd-496060aa6310" + "fields" : { + "host.id.keyword" : [ + "7141a48b-e19f-4ae3-89a0-6e7179a84265" ] }, - "sort": [ - 1577477368377 + "sort" : [ + 1579816615336 ], - "inner_hits": { - "most_recent": { - "hits": { - "total": { - "value": 3, - "relation": "eq" + "inner_hits" : { + "most_recent" : { + "hits" : { + "total" : { + "value" : 2, + "relation" : "eq" }, - "max_score": null, - "hits": [ + "max_score" : null, + "hits" : [ { - "_index": "endpoint-agent", - "_id": "Ul_6SG8B9c_DH2QsbOZd", - "_score": null, - "_source": { - "machine_id": "8ec625e1-a80c-4c9f-bdfd-496060aa6310", - "created_at": "2019-12-27T20:09:28.377Z", - "host": { - "name": "luttrell-2", - "hostname": "luttrell-2.example.com", - "ip": "10.246.84.193", - "mac_address": "dc-d-88-14-c3-c6", - "os": { - "name": "windows 6.3", - "full": "Windows Server 2012R2" + "_index" : "endpoint-agent", + "_id" : "WqVo1G8BYQH1gtPUgYkC", + "_score" : null, + "_source" : { + "@timestamp" : 1579816615336, + "event" : { + "created" : "2020-01-23T21:56:55.336Z" + }, + "endpoint" : { + "policy" : { + "id" : "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" } }, - "endpoint": { - "domain": "example.com", - "is_base_image": false, - "active_directory_distinguished_name": "CN=luttrell-2,DC=example,DC=com", - "active_directory_hostname": "luttrell-2.example.com", - "upgrade": { - "status": null, - "updated_at": null - }, - "isolation": { - "status": false, - "request_status": null, - "updated_at": null - }, - "policy": { - "name": "Default", - "id": "00000000-0000-0000-0000-000000000000" - }, - "sensor": { - "persistence": true, - "status": {} + "agent" : { + "version" : "6.8.3", + "id" : "56a75650-3c8a-4e4f-ac17-6dd729c650e2" + }, + "host" : { + "id" : "7141a48b-e19f-4ae3-89a0-6e7179a84265", + "hostname" : "larimer-0.example.com", + "ip" : "10.21.48.136", + "mac" : "77-be-30-f0-e8-d6", + "architecture" : "x86_64", + "os" : { + "name" : "windows 6.2", + "full" : "Windows Server 2012", + "version" : "6.2" } } }, - "sort": [ - 1577477368377 + "sort" : [ + 1579816615336 ] } ] @@ -231,106 +103,86 @@ } }, { - "_index": "endpoint-agent", - "_id": "U1_6SG8B9c_DH2QsbOZd", - "_score": null, - "_source": { - "machine_id": "853a308c-6e6d-4b92-a32b-2f623b6c8cf4", - "created_at": "2019-12-27T20:09:28.377Z", - "host": { - "name": "akeylah-7", - "hostname": "akeylah-7.example.com", - "ip": "10.252.242.44", - "mac_address": "27-b9-51-21-31-a", - "os": { - "name": "windows 6.3", - "full": "Windows Server 2012R2" + "_index" : "endpoint-agent", + "_id" : "W6Vo1G8BYQH1gtPUgYkC", + "_score" : null, + "_source" : { + "@timestamp" : 1579816615336, + "event" : { + "created" : "2020-01-23T21:56:55.336Z" + }, + "endpoint" : { + "policy" : { + "id" : "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" } }, - "endpoint": { - "domain": "example.com", - "is_base_image": false, - "active_directory_distinguished_name": "CN=akeylah-7,DC=example,DC=com", - "active_directory_hostname": "akeylah-7.example.com", - "upgrade": { - "status": null, - "updated_at": null - }, - "isolation": { - "status": false, - "request_status": null, - "updated_at": null - }, - "policy": { - "name": "With Eventing", - "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" - }, - "sensor": { - "persistence": true, - "status": {} + "agent" : { + "version" : "6.4.3", + "id" : "c2d84d8f-d355-40de-8b54-5d318d4d1312" + }, + "host" : { + "id" : "f35ec6c1-6562-45b1-818f-2f14c0854adf", + "hostname" : "hildebrandt-6.example.com", + "ip" : "10.53.92.84", + "mac" : "af-f1-8f-51-25-2a", + "architecture" : "x86_64", + "os" : { + "name" : "windows 10.0", + "full" : "Windows 10", + "version" : "10.0" } } }, - "fields": { - "machine_id": [ - "853a308c-6e6d-4b92-a32b-2f623b6c8cf4" + "fields" : { + "host.id.keyword" : [ + "f35ec6c1-6562-45b1-818f-2f14c0854adf" ] }, - "sort": [ - 1577477368377 + "sort" : [ + 1579816615336 ], - "inner_hits": { - "most_recent": { - "hits": { - "total": { - "value": 3, - "relation": "eq" + "inner_hits" : { + "most_recent" : { + "hits" : { + "total" : { + "value" : 2, + "relation" : "eq" }, - "max_score": null, - "hits": [ + "max_score" : null, + "hits" : [ { - "_index": "endpoint-agent", - "_id": "U1_6SG8B9c_DH2QsbOZd", - "_score": null, - "_source": { - "machine_id": "853a308c-6e6d-4b92-a32b-2f623b6c8cf4", - "created_at": "2019-12-27T20:09:28.377Z", - "host": { - "name": "akeylah-7", - "hostname": "akeylah-7.example.com", - "ip": "10.252.242.44", - "mac_address": "27-b9-51-21-31-a", - "os": { - "name": "windows 6.3", - "full": "Windows Server 2012R2" + "_index" : "endpoint-agent", + "_id" : "W6Vo1G8BYQH1gtPUgYkC", + "_score" : null, + "_source" : { + "@timestamp" : 1579816615336, + "event" : { + "created" : "2020-01-23T21:56:55.336Z" + }, + "endpoint" : { + "policy" : { + "id" : "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" } }, - "endpoint": { - "domain": "example.com", - "is_base_image": false, - "active_directory_distinguished_name": "CN=akeylah-7,DC=example,DC=com", - "active_directory_hostname": "akeylah-7.example.com", - "upgrade": { - "status": null, - "updated_at": null - }, - "isolation": { - "status": false, - "request_status": null, - "updated_at": null - }, - "policy": { - "name": "With Eventing", - "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" - }, - "sensor": { - "persistence": true, - "status": {} + "agent" : { + "version" : "6.4.3", + "id" : "c2d84d8f-d355-40de-8b54-5d318d4d1312" + }, + "host" : { + "id" : "f35ec6c1-6562-45b1-818f-2f14c0854adf", + "hostname" : "hildebrandt-6.example.com", + "ip" : "10.53.92.84", + "mac" : "af-f1-8f-51-25-2a", + "architecture" : "x86_64", + "os" : { + "name" : "windows 10.0", + "full" : "Windows 10", + "version" : "10.0" } } }, - "sort": [ - 1577477368377 + "sort" : [ + 1579816615336 ] } ] @@ -340,9 +192,9 @@ } ] }, - "aggregations": { - "total": { - "value": 3 + "aggregations" : { + "total" : { + "value" : 2 } } } diff --git a/x-pack/plugins/endpoint/server/types.ts b/x-pack/plugins/endpoint/server/types.ts index c6d0e3dea70cf..f06cc10f16709 100644 --- a/x-pack/plugins/endpoint/server/types.ts +++ b/x-pack/plugins/endpoint/server/types.ts @@ -10,45 +10,3 @@ export interface EndpointAppContext { logFactory: LoggerFactory; config(): Promise; } - -export class EndpointAppConstants { - static ENDPOINT_INDEX_NAME = 'endpoint-agent*'; -} - -export interface EndpointData { - machine_id: string; - created_at: Date; - host: { - name: string; - hostname: string; - ip: string; - mac_address: string; - os: { - name: string; - full: string; - }; - }; - endpoint: { - domain: string; - is_base_image: boolean; - active_directory_distinguished_name: string; - active_directory_hostname: string; - upgrade: { - status?: string; - updated_at?: Date; - }; - isolation: { - status: boolean; - request_status?: string | boolean; - updated_at?: Date; - }; - policy: { - name: string; - id: string; - }; - sensor: { - persistence: boolean; - status: object; - }; - }; -} diff --git a/x-pack/test/api_integration/apis/endpoint/endpoints.ts b/x-pack/test/api_integration/apis/endpoint/endpoints.ts index 32864489d3786..1c520fe92e38e 100644 --- a/x-pack/test/api_integration/apis/endpoint/endpoints.ts +++ b/x-pack/test/api_integration/apis/endpoint/endpoints.ts @@ -12,7 +12,7 @@ export default function({ getService }: FtrProviderContext) { describe('test endpoints api', () => { describe('POST /api/endpoint/endpoints when index is empty', () => { it('endpoints api should return empty result when index is empty', async () => { - await esArchiver.unload('endpoint/endpoints'); + await esArchiver.unload('endpoint/endpoints/api_feature'); const { body } = await supertest .post('/api/endpoint/endpoints') .set('kbn-xsrf', 'xxx') @@ -21,13 +21,13 @@ export default function({ getService }: FtrProviderContext) { expect(body.total).to.eql(0); expect(body.endpoints.length).to.eql(0); expect(body.request_page_size).to.eql(10); - expect(body.request_index).to.eql(0); + expect(body.request_page_index).to.eql(0); }); }); describe('POST /api/endpoint/endpoints when index is not empty', () => { - before(() => esArchiver.load('endpoint/endpoints')); - after(() => esArchiver.unload('endpoint/endpoints')); + before(() => esArchiver.load('endpoint/endpoints/api_feature')); + after(() => esArchiver.unload('endpoint/endpoints/api_feature')); it('endpoints api should return one entry for each endpoint with default paging', async () => { const { body } = await supertest .post('/api/endpoint/endpoints') @@ -37,7 +37,7 @@ export default function({ getService }: FtrProviderContext) { expect(body.total).to.eql(3); expect(body.endpoints.length).to.eql(3); expect(body.request_page_size).to.eql(10); - expect(body.request_index).to.eql(0); + expect(body.request_page_index).to.eql(0); }); it('endpoints api should return page based on params passed.', async () => { @@ -58,7 +58,7 @@ export default function({ getService }: FtrProviderContext) { expect(body.total).to.eql(3); expect(body.endpoints.length).to.eql(1); expect(body.request_page_size).to.eql(1); - expect(body.request_index).to.eql(1); + expect(body.request_page_index).to.eql(1); }); /* test that when paging properties produces no result, the total should reflect the actual number of endpoints @@ -82,7 +82,7 @@ export default function({ getService }: FtrProviderContext) { expect(body.total).to.eql(3); expect(body.endpoints.length).to.eql(0); expect(body.request_page_size).to.eql(10); - expect(body.request_index).to.eql(30); + expect(body.request_page_index).to.eql(30); }); it('endpoints api should return 400 when pagingProperties is below boundaries.', async () => { diff --git a/x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/data.json b/x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/data.json new file mode 100644 index 0000000000000..b481d56df4d52 --- /dev/null +++ b/x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/data.json @@ -0,0 +1,364 @@ +{ + "type": "doc", + "value": { + "id": "3KVN2G8BYQH1gtPUuYk7", + "index": "endpoint-agent", + "source": { + "@timestamp": 1579881969541, + "agent": { + "id": "963b081e-60d1-482c-befd-a5815fa8290f", + "version": "6.6.1" + }, + "endpoint": { + "policy": { + "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" + } + }, + "event": { + "created": "2020-01-24T16:06:09.541Z" + }, + "host": { + "architecture": "x86", + "hostname": "cadmann-4.example.com", + "id": "1fb3e58f-6ab0-4406-9d2a-91911207a712", + "ip": [ + "10.192.213.130", + "10.70.28.129" + ], + "mac": [ + "a9-71-6a-cc-93-85", + "f7-31-84-d3-21-68", + "2-95-12-39-ca-71" + ], + "os": { + "full": "Windows 10", + "name": "windows 10.0", + "version": "10.0" + } + } + } + } +} + +{ + "type": "doc", + "value": { + "id": "3aVN2G8BYQH1gtPUuYk7", + "index": "endpoint-agent", + "source": { + "@timestamp": 1579881969541, + "agent": { + "id": "b3412d6f-b022-4448-8fee-21cc936ea86b", + "version": "6.0.0" + }, + "endpoint": { + "policy": { + "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" + } + }, + "event": { + "created": "2020-01-24T16:06:09.541Z" + }, + "host": { + "architecture": "x86_64", + "hostname": "thurlow-9.example.com", + "id": "2f735e3d-be14-483b-9822-bad06e9045ca", + "ip": [ + "10.46.229.234" + ], + "mac": [ + "30-8c-45-55-69-b8", + "e5-36-7e-8f-a3-84", + "39-a1-37-20-18-74" + ], + "os": { + "full": "Windows Server 2016", + "name": "windows 10.0", + "version": "10.0" + } + } + } + } +} + +{ + "type": "doc", + "value": { + "id": "3qVN2G8BYQH1gtPUuYk7", + "index": "endpoint-agent", + "source": { + "@timestamp": 1579881969541, + "agent": { + "id": "3838df35-a095-4af4-8fce-0b6d78793f2e", + "version": "6.8.0" + }, + "endpoint": { + "policy": { + "id": "00000000-0000-0000-0000-000000000000" + } + }, + "event": { + "created": "2020-01-24T16:06:09.541Z" + }, + "host": { + "hostname": "rezzani-7.example.com", + "id": "fc0ff548-feba-41b6-8367-65e8790d0eaf", + "ip": [ + "10.101.149.26", + "10.12.85.216" + ], + "mac": [ + "e2-6d-f9-0-46-2e" + ], + "os": { + "full": "Windows 10", + "name": "windows 10.0", + "version": "10.0" + } + } + } + } +} + +{ + "type": "doc", + "value": { + "id": "36VN2G8BYQH1gtPUuYk7", + "index": "endpoint-agent", + "source": { + "@timestamp": 1579878369541, + "agent": { + "id": "963b081e-60d1-482c-befd-a5815fa8290f", + "version": "6.6.1" + }, + "endpoint": { + "policy": { + "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" + } + }, + "event": { + "created": "2020-01-24T15:06:09.541Z" + }, + "host": { + "architecture": "x86", + "hostname": "cadmann-4.example.com", + "id": "1fb3e58f-6ab0-4406-9d2a-91911207a712", + "ip": [ + "10.192.213.130", + "10.70.28.129" + ], + "mac": [ + "a9-71-6a-cc-93-85", + "f7-31-84-d3-21-68", + "2-95-12-39-ca-71" + ], + "os": { + "full": "Windows Server 2016", + "name": "windows 10.0", + "version": "10.0" + } + } + } + } +} + +{ + "type": "doc", + "value": { + "id": "4KVN2G8BYQH1gtPUuYk7", + "index": "endpoint-agent", + "source": { + "@timestamp": 1579878369541, + "agent": { + "id": "b3412d6f-b022-4448-8fee-21cc936ea86b", + "version": "6.0.0" + }, + "endpoint": { + "policy": { + "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" + } + }, + "event": { + "created": "2020-01-24T15:06:09.541Z" + }, + "host": { + "hostname": "thurlow-9.example.com", + "id": "2f735e3d-be14-483b-9822-bad06e9045ca", + "ip": [ + "10.46.229.234" + ], + "mac": [ + "30-8c-45-55-69-b8", + "e5-36-7e-8f-a3-84", + "39-a1-37-20-18-74" + ], + "os": { + "full": "Windows Server 2012", + "name": "windows 6.2", + "version": "6.2" + } + } + } + } +} + +{ + "type": "doc", + "value": { + "id": "4aVN2G8BYQH1gtPUuYk7", + "index": "endpoint-agent", + "source": { + "@timestamp": 1579878369541, + "agent": { + "id": "3838df35-a095-4af4-8fce-0b6d78793f2e", + "version": "6.8.0" + }, + "endpoint": { + "policy": { + "id": "00000000-0000-0000-0000-000000000000" + } + }, + "event": { + "created": "2020-01-24T15:06:09.541Z" + }, + "host": { + "architecture": "x86", + "hostname": "rezzani-7.example.com", + "id": "fc0ff548-feba-41b6-8367-65e8790d0eaf", + "ip": [ + "10.101.149.26", + "10.12.85.216" + ], + "mac": [ + "e2-6d-f9-0-46-2e" + ], + "os": { + "full": "Windows Server 2012", + "name": "windows 6.2", + "version": "6.2" + } + } + } + } +} + +{ + "type": "doc", + "value": { + "id": "4qVN2G8BYQH1gtPUuYk7", + "index": "endpoint-agent", + "source": { + "@timestamp": 1579874769541, + "agent": { + "id": "963b081e-60d1-482c-befd-a5815fa8290f", + "version": "6.6.1" + }, + "endpoint": { + "policy": { + "id": "00000000-0000-0000-0000-000000000000" + } + }, + "event": { + "created": "2020-01-24T14:06:09.541Z" + }, + "host": { + "hostname": "cadmann-4.example.com", + "id": "1fb3e58f-6ab0-4406-9d2a-91911207a712", + "ip": [ + "10.192.213.130", + "10.70.28.129" + ], + "mac": [ + "a9-71-6a-cc-93-85", + "f7-31-84-d3-21-68", + "2-95-12-39-ca-71" + ], + "os": { + "full": "Windows Server 2012R2", + "name": "windows 6.3", + "version": "6.3" + } + } + } + } +} + +{ + "type": "doc", + "value": { + "id": "46VN2G8BYQH1gtPUuYk7", + "index": "endpoint-agent", + "source": { + "@timestamp": 1579874769541, + "agent": { + "id": "b3412d6f-b022-4448-8fee-21cc936ea86b", + "version": "6.0.0" + }, + "endpoint": { + "policy": { + "id": "C2A9093E-E289-4C0A-AA44-8C32A414FA7A" + } + }, + "event": { + "created": "2020-01-24T14:06:09.541Z" + }, + "host": { + "hostname": "thurlow-9.example.com", + "id": "2f735e3d-be14-483b-9822-bad06e9045ca", + "ip": [ + "10.46.229.234" + ], + "mac": [ + "30-8c-45-55-69-b8", + "e5-36-7e-8f-a3-84", + "39-a1-37-20-18-74" + ], + "os": { + "full": "Windows Server 2012R2", + "name": "windows 6.3", + "version": "6.3" + } + } + } + } +} + +{ + "type": "doc", + "value": { + "id": "5KVN2G8BYQH1gtPUuYk7", + "index": "endpoint-agent", + "source": { + "@timestamp": 1579874769541, + "agent": { + "id": "3838df35-a095-4af4-8fce-0b6d78793f2e", + "version": "6.8.0" + }, + "endpoint": { + "policy": { + "id": "00000000-0000-0000-0000-000000000000" + } + }, + "event": { + "created": "2020-01-24T14:06:09.541Z" + }, + "host": { + "architecture": "x86", + "hostname": "rezzani-7.example.com", + "id": "fc0ff548-feba-41b6-8367-65e8790d0eaf", + "ip": [ + "10.101.149.26", + "10.12.85.216" + ], + "mac": [ + "e2-6d-f9-0-46-2e" + ], + "os": { + "full": "Windows Server 2012", + "name": "windows 6.2", + "version": "6.2" + } + } + } + } +} \ No newline at end of file diff --git a/x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/mappings.json b/x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/mappings.json new file mode 100644 index 0000000000000..11766c12b8fff --- /dev/null +++ b/x-pack/test/functional/es_archives/endpoint/endpoints/api_feature/mappings.json @@ -0,0 +1,147 @@ +{ + "type": "index", + "value": { + "aliases": { + }, + "index": "endpoint-agent", + "mappings": { + "properties": { + "@timestamp": { + "type": "long" + }, + "agent": { + "properties": { + "id": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + }, + "version": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + } + } + }, + "endpoint": { + "properties": { + "policy": { + "properties": { + "id": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + } + } + } + } + }, + "event": { + "properties": { + "created": { + "type": "date" + } + } + }, + "host": { + "properties": { + "architecture": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + }, + "hostname": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + }, + "id": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + }, + "ip": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + }, + "mac": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + }, + "os": { + "properties": { + "full": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + }, + "name": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + }, + "version": { + "fields": { + "keyword": { + "ignore_above": 256, + "type": "keyword" + } + }, + "type": "text" + } + } + } + } + } + } + }, + "settings": { + "index": { + "number_of_replicas": "1", + "number_of_shards": "1" + } + } + } +} \ No newline at end of file diff --git a/x-pack/test/functional/es_archives/endpoint/endpoints/data.json.gz b/x-pack/test/functional/es_archives/endpoint/endpoints/data.json.gz deleted file mode 100644 index fda46096e1ab2..0000000000000 Binary files a/x-pack/test/functional/es_archives/endpoint/endpoints/data.json.gz and /dev/null differ diff --git a/x-pack/test/functional/es_archives/endpoint/endpoints/mappings.json b/x-pack/test/functional/es_archives/endpoint/endpoints/mappings.json deleted file mode 100644 index 9544d05d70600..0000000000000 --- a/x-pack/test/functional/es_archives/endpoint/endpoints/mappings.json +++ /dev/null @@ -1,104 +0,0 @@ -{ - "type": "index", - "value": { - "aliases": { - }, - "index": "endpoint-agent", - "mappings": { - "properties": { - "created_at": { - "type": "date" - }, - "endpoint": { - "properties": { - "active_directory_distinguished_name": { - "type": "text" - }, - "active_directory_hostname": { - "type": "text" - }, - "domain": { - "type": "text" - }, - "is_base_image": { - "type": "boolean" - }, - "isolation": { - "properties": { - "status": { - "type": "boolean" - } - } - }, - "policy": { - "properties": { - "id": { - "ignore_above": 256, - "type": "keyword" - }, - "name": { - "fields": { - "keyword": { - "ignore_above": 256, - "type": "keyword" - } - }, - "type": "text" - } - } - }, - "sensor": { - "properties": { - "persistence": { - "type": "boolean" - }, - "status": { - "type": "object" - } - } - }, - "upgrade": { - "type": "object" - } - } - }, - "host": { - "properties": { - "hostname": { - "type": "text" - }, - "ip": { - "ignore_above": 256, - "type": "keyword" - }, - "mac_address": { - "type": "text" - }, - "name": { - "type": "text" - }, - "os": { - "properties": { - "full": { - "type": "text" - }, - "name": { - "type": "text" - } - } - } - } - }, - "machine_id": { - "type": "keyword" - } - } - }, - "settings": { - "index": { - "number_of_replicas": "0", - "number_of_shards": "1" - } - } - } -} \ No newline at end of file